Forgot your password?
typodupeerror
Sci-Fi Software The Internet Linux

A Conversation with Cory Doctorow and Hal Stern 41

Posted by Zonk
from the less-magic-kingdom-more-cathedral-and-bazaar dept.
ChelleChelle writes "In a rare meeting, popular sci-fi writer and co-editor of the blog Boing Boing Cory Doctorow and Sun VP Hal Stern consider the open source approach. The resulting interview deals with the pros and cons of going open source, as well as the issues of security and privacy. From the article: 'It seems to me that one of the big problems with the filters you've just identified is who gets to set policy in the machine. As a science fiction writer, I am offended by sci-fi movies where it turns out that the rocket ship has a self-destruct button, it has been pressed by accident, and now the whole thing is going to explode. ... By the same token, I often wonder whether trusted computing architectures that allow remote parties to enforce policy on your hardware are a good idea. Although we can imagine beneficent examples of this, this is what spyware is, by definition, right? Spyware is remote parties setting policies on your computer against your wishes. Is it ever a good idea?'"
This discussion has been archived. No new comments can be posted.

A Conversation with Cory Doctorow and Hal Stern

Comments Filter:
  • I demand to know what Kilgore Trout says about all this.
  • What I really wan to know is where can I get that shirt that Cory's wearing?
  • Cory Doctorow (Score:5, Insightful)

    by solferino (100959) <hazchem.gmail@com> on Saturday May 19, 2007 @08:08AM (#19189985) Homepage
    Cory Doctorow. Biggest self promoter, ever.
  • by Zombie Ryushu (803103) on Saturday May 19, 2007 @08:27AM (#19190073)
    TCPA and DRM (Especially Palladium) are not means of improving computer security. They are there to subvert the ownership of users of technology in favor of powerful companies. DRM isn't going to safe guard medical records. And TCPA isn't going to stop a space ship from Self Destructing.

    What will help computer security are good security practices.

    At my house, everyone logs in to a Linux powered Domain, LDAP coated in SSL for Authorization, Kerberos for Authentication. Traffic (especially Wifi) encapsulated with IPSec. SE Linux policies in place. Directory service authorized Radius Server with MySQL server Accounting, and cataloged MAC Addresses in OpenLDAP. These are good security policies. Everyone should have some variation of this.

    If I were on a space ship, I damned well better be able to secure my systems against unauthorized access. But DRM and TCPA do not make this happen.
    • by maxume (22995) on Saturday May 19, 2007 @08:56AM (#19190195)
      I suppose you run your air conditioner 8 months of the year, as opening a window would be security madness.

      Good security practice starts with a question: "What am I protecting?". If it isn't particularly valuable, you don't spend a lot of money(or time) securing it.
      • Re: (Score:2, Interesting)

        by beyondkaoru (1008447)
        his security setup is pretty transparent; it doesn't compare well to the air conditioner. what he suggests doesn't seem like it'd be that hard to set up, and once it's set up you act pretty much as you would normally. a non-paranoid person would wonder why the setup is there, but could use it roughly as easily as you would any other setup.
        • by maxume (22995)
          Sure. On the other hand, the fact that my XP Pro laptop doesn't ask for a password is also perfectly rational and took approximately zero setup time, and has zero ongoing impact on system use.

          (the air conditioner thing is the idea that there is some cost to having the security; running an air conditioner in May costs more than opening a window, but in most places, it doesn't result in more comfort)
    • You forgot to mention the servers are wired with motion detectors, CO2 detectors and mercury tilt switches connected to one thousand pounds of C-4. was Re:Don't lend Trusted computing legitimacy
    • Re: (Score:2, Funny)

      At my house, everyone logs in to a Linux powered Domain, LDAP coated in SSL for Authorization, Kerberos for Authentication. Traffic (especially Wifi) encapsulated with IPSec. SE Linux policies in place. Directory service authorized Radius Server with MySQL server Accounting, and cataloged MAC Addresses in OpenLDAP. These are good security policies. Everyone should have some variation of this.

      Seriously, has your family tried to kill you, or maybe send you to a therapist?

      If they haven't, you should thank them for being so patient. Most people I know are far too annoyed to bother with password-protecting their windows account, let alone participate in such tinfoil-hat activities as encrypting their wireless signals.

      • Such insane personal security does make sense if the whole internet hates you, or if you have issues with the government. I don't know the GP's situation, though.
        • Such insane personal security does make sense if the whole internet hates you, or if you have issues with the government. I don't know the GP's situation, though.

          True, there's also the added fun of feeling like a secret agent. So I can see where s/he's coming from ;)

          If the whole internet or some government really did have it in for me, though, I probably wouldn't be posting my security practices on slashdot, as cool as they do sound.

      • I don't trust my family with computers. All they really see is the X Login prompt. (All the computers run Linux.) We are currently running Mandriva Linux 2007.1 to do all this. The good thing the Kerberos feature does is create an autologin feature for eGroupware from FireFox. I have a specially patched eGroupware that when our FireFox Groupware bookmark is clicked, FireFox sends the Kerberos Session ticket to eGroupware allowing the login stage to be skipped. (A Computer must have one of my Host Public key
      • by davecb (6526) *

        I've lived on systems more stringent thn the parent poster dscribes, and didn't even notice. Multics with Access Isolation Mechanism, and (Real, Military) Trusted Solaris.

        Almost all of that could be provided by a dedicated machine running the NSA's Linux and sold as a firewall, with negligable setup involved for ordinary users.

        The family wouldn't even notice.

        --dave

      • by JasonTik (872158)
        His family just sees a logon screen, and knows their relatively simple passwords. The rest is all behind the scenes, and they couldn't care less about it.
        • I'm still getting replies to this? Ok, let's relax. I know. I know. I was just making a joke about the arguably excessive measure of security for a home network.

          Oh, and the logon screen wouldn't be the source of frustration. They're not employees; they're family, and they might wonder/worry/be annoyed with their brother/sister spending so much time locking down the home computer network and not interacting with loved ones. Or maybe they are bothered by what they perceive as an unhealthy level of par

  • But you can always take advantage of GPLV3 to remove my DRM synapses
  • Everyone knows Cory Doctorow wears a red cape and goggles.
  • http://xkcd.com/c239.html [xkcd.com]

    On the bright side, Cory is using an analogy that might spark some brain cells in the semi-joe sixpack crowd.
  • What they said is not what Trusted Computing does. It does not enforce policy on your machine.

    Rather, it provides a way for people to prove what policies they are enforcing on their own machines. And thereby that will allow someone to say, I won't give you this data unless you are running a certain policy (that will protect my data). Today, that wouldn't really work because they couldn't tell what policies you were running. But with Trusted Computing, it will be possible. You will be able to prove your poli
    • by Alsee (515537)
      The first problem with your position and your argument is that you are ignoring/revoking people's ownership of their own computers.

      it provides a way for people to prove what policies they are enforcing on their own machines

      Sure. But the problem is that you have the odd notion that that would actually be secure against the owner choosing to alter or override his own security settings... the "policy"... on his own computer.

      A typical "policy" would be that the computer will not do X, Y , or Z, and that the com
      • Unfortunately Slashdot is not a good forum for ongoing discussions. This thread has slipped off the front page and few if any readers will find it. But let me address your points in order:

        1. Owners want to violate their own policies.

        Then you're not really following your stated policy, are you? Either you can make binding commitments or you can't. Do you really think that no one should be able to make binding commitments, or feel obligated to be held to them if they do make them? You realize that is the basi
        • by Alsee (515537)
          It is so frustrating seeing this technology being promoted by people that just want to drink baby's blood. That's always what it comes down to, the real reason why people are pushing Trusted Computing.

          -

    • by Mr2001 (90979)

      Rather, it provides a way for people to prove what policies they are enforcing on their own machines.

      That's a sneaky way to say "it provides a way for other people to require you to enforce a certain policy on your own machine".

      Sure, you might argue it's not really a requirement, because you can always just "opt out". But that's like saying the Mark of the Beast [wikipedia.org] is optional because you can always just "opt out" of buying and selling. I don't want to facilitate an economy where getting data is dependent on enforcing certain restrictions on your own hardware, even if it is, technically, optional (at least i

    • by robmyers (782934)
      Their description of the effects of TC is accurate. You are trying to hide the woods with the trees. "What they said is not what Trusted Computing does. It does not enforce policy on your machine." It doesn't enforce policy, it makes policy enforcable. Guns don't kill people, Chuck Norris kills people. "The whole point of Trusted Computing is to keep things completely voluntary." Nobody forces you to drink the hemlock. "Honest people have nothing to fear from Trusted Computing." Honest individuals ha
  • >Spyware is remote parties setting policies on your computer against your wishes. Is it ever a good idea?

    If you actually own all the remote machines. For example your workers do their job at home.
    M$ doesn't own my machine.

Going the speed of light is bad for your age.

Working...