Hangout for experimental confirmation and demonstration of software, computing, and networking. The exercises don't always work out. The professor is a bumbler and the laboratory assistant is a skanky dufus.

- Archives - 2004-06-13 2004-06-20 2004-06-27 2004-08-29 2004-09-05 2004-09-12 2004-09-19 2004-10-10 2004-10-24 2004-11-07 2004-11-28 2004-12-05 2004-12-12 2004-12-26 2005-01-30 2005-02-06 2005-03-06 2005-03-13 2005-03-20 2005-04-03 2005-04-10 2005-04-17 2005-04-24 2005-05-01 2005-05-08 2005-05-15 2005-05-29 2005-06-05 2005-06-12 2005-06-19 2005-06-26 2005-07-10 2005-07-17 2005-07-31 2005-08-28 2005-10-09 2005-10-16 2005-10-23 2005-11-13 2005-11-27 2005-12-04 2005-12-18 2006-01-08 2006-02-05 2006-02-12 2006-02-19 2006-03-05 2006-03-12 2006-03-26 2006-04-23 2006-04-30 2006-07-16 2006-07-30 2006-08-06 2006-09-03 2006-10-08 2006-10-22 2006-10-29 2006-11-26 2006-12-10 2007-01-28 2007-02-04 2007-02-11 2007-03-11 2007-03-25 2007-04-08 2007-06-03 2007-06-10 2007-06-17 2007-07-01 2007-07-08 2007-08-19 2007-09-30 2007-10-07 2007-10-21 2007-11-04 2007-11-11 2007-11-18 2007-11-25 2008-01-27 2008-02-03 2008-02-10 2008-02-17 2008-02-24 2008-03-09 2008-04-06 2008-05-18 2008-05-25 2008-06-01 2008-06-08 2008-07-13 2008-08-10 2008-08-24 2008-08-31 2008-09-07 2008-10-05 2008-12-28 2009-05-10 2010-04-25


Blog Feed

Recent Items
 
Republishing before Silence
 
Command Line Utilities: What Would Purr Do?
 
Retiring InfoNuovo.com
 
Confirmable Experience: What a Wideness Gains
 
Confirmable Experience: Consider the Real World
 
Cybersmith: IE 8.0 Mitigation #1: Site-wide Compat...
 
DMware: OK, What's CMIS Exactly?
 
Document Interoperability: The Web Lesson
 
Cybersmith: The IE 8.0 Disruption
 
Cybersmith: The Confirmability of Confirmable Expe...

  

visits to Orcmid's Lair pages

The nfoCentrale Blog Conclave
 
Millennia Antica: The Kiln Sitter's Diary
 
nfoWorks: Pursuing Harmony
 
Numbering Peano
 
Orcmid's Lair
 
Orcmid's Live Hideout
 
Prof. von Clueless in the Blunder Dome
 
Spanner Wingnut's Muddleware Lab (experimental)

nfoCentrale Associated Sites
 
DMA: The Document Management Alliance
 
DMware: Document Management Interoperability Exchange
 
Millennia Antica Pottery
 
The Miser Project
 
nfoCentrale: the Anchor Site
 
nfoWare: Information Processing Technology
 
nfoWorks: Tools for Document Interoperability
 
NuovoDoc: Design for Document System Interoperability
 
ODMA Interoperability Exchange
 
Orcmid's Lair
 
TROST: Open-System Trustworthiness

 

Secure Overlays on Insecure Internets: It Could Happen?

ACM News Service: Lessons in Cybersafety.  In this blurb, it is pointed out that the design of the Internet assumes reasonable behavior on the part of its nodes and circuits.  So malicious traffic is intermingled with, and appears the same as, friendly traffic.  From this observation, one may argue that security breaches are inevitable because there need be no technical different between harmful and friendly traffic at the Internet level. The proposal covered in the Robert Parkins 2005-04-05 ITWorldCanada article involves coming up with a new network where the participants are determined to be mutually reliable.  Internet II is viewed as one case, as is the prospect for overlay networks on the current Internet. There is extensive coverage of the erosion of privacy that is occurring by application of the Internet, as well as the general bad neighborhood aspect.  What do you do when the muggers are the neighborhood police? I am, nevertheless, focused here on the prospect of secure overlays that work for connected communities, a problem that Peer-to-Peer (P2P) and Grid technology must also deal with. Michael Smith, CTO of Secured Services Inc., offers up an "identity lifecycle management system" and I assume these stages are designed to fit with an authentication system: creation, use, maintenance, deletion and audit of identity.  That sounds like something to learn more about, along with other flurries of activity around digital identity.

¶ posted by orcmid at 4/09/2005 04:26:00 PM

from:

 

All Your BIOS Are Still Mine

ACM News Service: Call of the Wild for BIOS.  I always relish an opportunity to be mildly prophetic.  The Free Software Foundation is calling for an open-source BIOS that cracks the thicket of proprietary, non-disclosed, and trade-secret agreements around the PC BIOS and the different components that can be configured to operate with it (and vice versa). John G. Spooner's 2005-04-05 CNet News.com article covers the points of the debate and the current tightly-held, secretive efforts to prevent reverse engineering and counter electronics piracy as well as unwanted competition.  Although the secrecy-through-obscurity principle is also used as an argument that the current state protects users, that makes no sense.  As far as I can tell, hackers are fully aware of BIOS vulnerabilities. Stay tuned.  This arcane conflict is not likely to turn in open-source's favor.

---

I am presently in possession of a BIOS, in my Averatec C3500, of unknown lineage and scary behavior.  Actually, this is also the first time I obtained Windows XP Pro as an OEM installation and I'm not thrilled about that either, especially since this OEM doesn't provide clean-install Windows disks and some of the defaults somebody chose for me are really scary.  The scary part of this BIOS is that computer glitches will drive it back to the default setup, the most scarily-insecure frailty I've seen.  It looks easy to induce too, though I don't go looking for trouble.  The reversion to default drops every safeguard I put in place: setup access password, boot password, boot from hard drive first, perform full POST, and drop the OEM wallpaper so I can see the progression of the startup sequence (and have the option to launch recovery console once I learn how to install it on XP SP2.  To name a few precautions.  Heh. I can't figure out how to kill the LAN card though, since it insists on enabling boot-on-LAN and staying active when I shut down the machine what I thought was completely.  But no, the lights on my hub stay solid on for the that is connected to li'l Blocco.  So I make sure the powered-down machine has the lid closed and the LAN connector unplugged.  But, you know, I just don't trust the machine to stay protected, and I haven't even listed my software safeguards.  If the BIOS is vulnerable, practically all other bets are off and the obscurity of the BIOS implementation is not a source of reassurance [;<).

¶ posted by orcmid at 4/07/2005 10:24:00 PM

from:

 

CyLab's Angle on Sustainable Computing and Trustworthiness

ACM News Service: Carnegie Mellon Unit Looks to Advance IT Security, Reliability.  I am moderately interested in sustainable computing, a companion notion to IBM's autonomic computing initiative.  This blurb mentions that there is an aspect of trustworthiness as well, and this is my marker for digging deeper. The Patrick Thibodeau 2005-03-28 Computerworld article offers a short interview with Pradeep Khosla, co-directory of CyLab.  It looks like other materials need to be dug up for any more depth, however.

¶ posted by orcmid at 4/05/2005 11:49:00 PM

from:    "Eliot Ness"

 

C# Moves Head in Statistical Leapfrog

ACM News Service: Computerworld Development Survey Gives Nod to C#.  This blurb has a wild collection of statistics.  The big news is that C# usage is moving ahead of Java, although it seems that there is wide usage of a cluster with C# and Java at the front, Visual Basic in the middle, and C++ along with JavaScript/ECMAScript at the trailing edge. Every one of these languages is used by at least 50% of the respondents. The 2005-03-28 ComputerWorld article also makes it clear that Java is sitll used the most heavily although a number of people use both languages and .NET is the favored platform in half of the respondent's organizations. The full article provides the individual questions, response tabulations, and methodology information.

¶ posted by orcmid at 4/05/2005 11:37:00 PM

from: