Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Future Mac OS X Features?
- Thread starter MacRumors
- Start date
- Sort by reaction score
thatwendigo said:
And I'm sure you never downloaded someone elses intellectual property for free, right?
For security, I would add that each file compiled on a machine would embed the s/n of the processor or other such code such that the file can be linked directly to the originating machine. This would enable virus writers to be tracked. It would be quite easy for Apple to compile lists of machines and owners via product registration and software update etc.
I would be happier with this and have a virus free system than worry about some theoretical threat to privacy.
I would be happier with this and have a virus free system than worry about some theoretical threat to privacy.
nosleep said:
Out of curiosity, because I'm not sure I know exactly what justification you have, I'd just like to know how this is at all relevant. Even postulating that I had, hypothetically, downloaded someone's intellectual property unjustly, there are precedents and procedures in place for establishing guilt. In America it's innocent until proven guilty, no matter what the Bush administration would like for us to believe.
JW Pepper said:
Because what we need is more snooping into who owns what, who does what, what they download, what they manucature, and where they do it from...
There is no "theoretical" to that scenario. It is invasion of privacy at the deepest level that does not involve your physical body.
JW Pepper said:
Ultimately, anything of this sort can be used against you. The best security isn't storing more information about the authors and contents of data, but is storing less.
thatwendigo said:
Don't download music (I know you've only done so hypothetically) and then turn around and preach, "The fourth amendment and the second are there to allow me to protect myself, and that includes my property, physical or intellectual." It's hypocritical.
thatwendigo said:
So if I go out and steal a car and a court fails to convict me, my conscience should be clear?
thatwendigo said:
I quote again,
"FileVault uses the latest government-approved encryption standard, the Advanced Encryption Standard with 128-bit keys (AES-128)."
The author of PGP points out that (official knowledge) the AES, even though it is very secure is designed in such a way that the NSA can access it any time if they had access to the file itself. This Encryption standard was designed to keep the public away from the encryptions that the NSA really would have to put some effort into decoding... so, the government ALREADY is making a joke of your "so called security".
deeq said:
You're so wrong on this. AES/DES were developed to enable secure communications between people in the government. They were never originally intended to be used by the public. When I worked for the Navy we had AES equipped phones that we had to use for any secure conversations. Parts of the government are paranoid of other parts of the government and I seriously doubt that the DoD would give the NSA keys to all their conversations. Not only that, but if the algorithm really could be easily cracked by the NSA then its weak enough to be cracked by other governments - not an acceptable situation for our national security.
nosleep said:
Even assuming I do download, I fail to see the connection that you're trying to establish here. The right of an individual to protect their own property with self defending measures such as encryption, the ownership of firearms, and perhaps even force, do not at all touch on intellectual property law.
Even if one accepts the convenient legal fiction that corporations are individuals that have rights, that only entitles them to do similar to what I have - encrypt and secure their own data, with reasonable assurance that the federal government won't be trying to build backdoors or take their keys.
Your conscience is your own business. The law shouldn't touch you without a warrant, should not imprison you without a trial, and should pull you before an impartial jury of your peers should it be determined that you stand accused. If you are acquited of charges, then as far as the government is concerned, you are innocent of criminal wrongdoing. That is what our legal system is supposed to be.
tex210 said:
Magic Lantern, I believe the new name is.
Regardless... If people used thinks like encrypted VPN and secure operating systems, while practicing good information hygeine (rotating passwords regularly, supporting strong encryption standards, and keeping their passwords secure), then we'd not really need to worry about this. Using a sufficient bitrate key, one can circumvent even decent packet sniffers and traffic analyzers like AirSnort through the sheer difficulty of breaking the cypher.
However, I'm not sure that you're right on the last part. The internet has made this a tricky proposition, and while I don't doubt that whatever codebreakers are now in US hands, they're also classifying some encryption as weapons-grade information.
A .sig line that is illegal to allow people outside the country to view.
The shirt that was made to satirize this decision.
SilentPanda said:Piles makes things more fun...
I don't know about America but in the UK Piles= Hemaroids..... and I can tell you that they do not make things more fun! Apple would need to change the name before a European release....
spankalee said:
This is only what I read in the document from PGP's author. Check out his website, http://www.pgp.com
deeq said:
Mind pointing me to the page where he says that? I can't find any reference to the NSA on his site, and the only reference to AES is a page stating that PGP supports AES.
That the NSA put a backdoor into DES has been a rumor since the '70s. This started because the NSB (now NIST), asked the NSA to review Lucifer, IBM's encryption method that became DES. NSA came back with two changes. First they reduced the key size to 64 bits (effectively 56) from 128, and second they changed the table of values that Lucifer used. The first request is probably so that they could do a brute force break is they need to. At the time 128 bits would have been nearly unbreakable, but 64 bits could be broken with a bit of time and money. The second change is what made people think that there was a backdoor because the NSA didn't offer a reason for it. However in the almost 30 years since DES was released no one has found a backdoor, and many, many crypto-analysts have been looking for one.
DES can be broken by brute force in a matter of hours now, AES takes considerably longer. I do think that if anyone can break AES, it's the NSA. We hear about the Top 500 super computers, but you can bet that the NSA actually holds the top spot, if not the top few. I still think that AES needs a brute force attack right now, but if the NSA can find the key in a few hours or days they're probably happy. The expense of breaking AES is so great though that they're not reading everyones data in the clear, but if they really need to, they can break any encryption. This is fine by me because most government agencies won't be able to, and if I ever had anything that was so sensitive that I was worried about the NSA going after it I'd do what they did when they knew DES was weak and use a triple AES, or triple PGP.
advocate said:
At my company it is the IT guy who knows nothing. He sends out emails to tell that Outlook is not working (relatedly he often tells tell people to email him the problem when they say they cannot log onto the network). He spent twenty minutes trying to set up my computer to print to a network printer and was unsuccessful. After he left, I did it myself. He actually has the firewalls set on several computers so that you cannot even access our companies Intranet site properly.
Idiots are everywhere, even working in the IT field.
thatwendigo said:
I just went to the pages you linked to, but it according to that page, the .sig encryption file is no longer illegal to export.
It just takes the government a long time to catch up to technology, what it is, and how it works.
spankalee said:If Apple does metadata right, and the finder really becomes something befitting it's name, something like iTunes for my files, (iFinder ?
Smart Folders would be the obvious big feature. Set up a folder with a preset search based on metadata and always have the files you want in it. iTunes and iPhoto almost become irrelevant after that. (almost, the document specific features of those apps would still be valuable) They are great at organizing, but the finder would do just as well.
I just hope they come up with some way to use the metadata that already embedded in certain file types. If I can search my MP3s by ID3 tags, or my graphic files by size, or my eBooks by author, without having to re-enter that data into the meta data system then I think I will have reached home computing nirvana.
They'll have to have a plug-in system to do that though. Then you can go and download all the third-party metadata plugins for PSDs, MPEGs, emails, whatever.
The other big issue is where do they store the metadata and what happens when you transfer the file to another computer. Sending files with resource forks is always a pain in the ass.
Apple will call it "Finder EXTREME"
There seems to be some kind of a "flap" concerning the implications of Apple "working with the government on security". I think it is pointless to worry. Rembember OS X is based on an open-source core, Darwin, and that its sourcecode is free for everyone to download and read (or at least for those who have the technical expertise and inclination to do so). So any tinkering with cryptographic key escrows mechanisms, covert back doors etc. would be very rapidly identified. And if you are suficiently paranoid to think that Apple might load kernels onto your machines that aren't strictly speaking derived from the Open Source code in the Darwin project - i.e. if you fear the code has been deliberately trojanised after the event - you can always go ahead and compile your own kernel from source. Help from techie friends is strongly advised.
I'd also like to point out that one of the largest purchasers of NeXT equipment and software was the federal government of the United States. Jobs, being the erstwhile CEO of that company, and OSX being the natural successor to the NeXTStep OS and OpenStep environment, will be eager to re-acquire that very profitable market. Inevitably that requires some verification and testing procedures. I don't see any cause for serious alarm. Vigilance, maybe; but not alarm. At the very least, not yet.
I'm pretty sure Jobs will show off some impressive new features and harp on about how this-and-that Changes Everything. Personally, I have two simple hopes for OSX 10.4.
Firstly, I hope they finally manage to put together a decent Finder. Unlike most, I really like the Brushed Metal theme and as an oldtime NeXT user I appreciate pretty much every controversial aspect of the GUI. But I sure wish they could make the Finder multithreaded so its mount operations etc. weren't so slow and it preserved its responsiveness. Right now, as of 10.3.3, I find the Finder slow and unresponsive, and prone to crashing. We've all experienced it: glacial mounting of SMB shares and FTP directories, crashes when you move around a bunch of Previewed graphics files, the Trash getting itself jammed, etc. Isn't it about time they fixed this pathetic state of affairs?! They should have a feature freeze until they manage to make the whole Finder experience more bearable. Fix it, then improve it. Don't improve it and neglect to fix it.
Secondly, I hope they recompile everything with IBM's new optimised-for-PowerPC XCC compiler rather than GCC 3.3. GCC may well be the standard for portability and even offer decent performance under x86, but when it comes to PowerPC code it really is inefficient and wasteful. Compiling with XCC can sometimes boost performance by more than 20%. A fifth faster: I'm sure that'd make for a lot of very happy users. I'd certainly be one of them.
As for the metadata filesystem: good job. I hope they implement this. It's one of those features that will open up a whole range of hitherto unimagined possibilities. For both consumers and professional users, it could prove to be an excellent upgrade. Forget about iPhoto- and iTunes-like metadata systemwide. Think of user-definable extensible filesystem permissions: philosophically akin to Folder Actions, but at the filesystem level, and systemwide! Geeky? Maybe. Useful? Definitely.
Actually, it is likely that the reason has already been found. In the early 1990s civilian (non-NSA) cryptanalysts developed a "new" and very powerful technique called "differential cryptanalysis", that basically allows you to guess the key of DES-like ciphers by encrypting different (known) cleartexts and observing the ciphertext that comes out. By comparing the different inputs and outputs, a reasonable guess can be made as to the key. But guess what: DES was found to be very resistant to this attack. Why? It was discovered that the exact nature of the S-boxes (the "substitution boxes" or "tables of values", as you refer to them) were formulated in such a way as to thwart the technique. What does this tell us? Firstly, that the NSA had already developed differential cryptanalysis (or an analogue thereof) in the mid 1970s, a full two decades ahead of its rediscovery by civilians. Secondly, and this is the clincher, it tells us that the NSA didn't weaken DES: it strengthened it immesurably. Talk about irony. (Bruce Schneier discusses differential cryptanalysis in his definitive tome Applied Cryptography, Second Edition.)
I'd like to add that breaking the 56-bit encryption of DES by brute-force is only just within civilan capabilities now. I think it is reasonable to assume that at the time (mid-1970s) it is unlikely that the NSA possessed the computing power to break DES by brute force, or by any other means. Furthermore, "strong" 128-bit encryption such as that offered by AES is totally unbreakable by brute-forcing with a conventional (non-quantum) computer. I remember reading that iterating through each and every one of the keys in a 128-bit keyspace, even if each keybit were represented with a single electron, would require more energy than the mass-energy equivalent of the sun. I can't remember where I read it, but it was a sufficiently reputable source for it to remain stuck in my mind.
I'd also like to point out that one of the largest purchasers of NeXT equipment and software was the federal government of the United States. Jobs, being the erstwhile CEO of that company, and OSX being the natural successor to the NeXTStep OS and OpenStep environment, will be eager to re-acquire that very profitable market. Inevitably that requires some verification and testing procedures. I don't see any cause for serious alarm. Vigilance, maybe; but not alarm. At the very least, not yet.
I'm pretty sure Jobs will show off some impressive new features and harp on about how this-and-that Changes Everything. Personally, I have two simple hopes for OSX 10.4.
Firstly, I hope they finally manage to put together a decent Finder. Unlike most, I really like the Brushed Metal theme and as an oldtime NeXT user I appreciate pretty much every controversial aspect of the GUI. But I sure wish they could make the Finder multithreaded so its mount operations etc. weren't so slow and it preserved its responsiveness. Right now, as of 10.3.3, I find the Finder slow and unresponsive, and prone to crashing. We've all experienced it: glacial mounting of SMB shares and FTP directories, crashes when you move around a bunch of Previewed graphics files, the Trash getting itself jammed, etc. Isn't it about time they fixed this pathetic state of affairs?! They should have a feature freeze until they manage to make the whole Finder experience more bearable. Fix it, then improve it. Don't improve it and neglect to fix it.
Secondly, I hope they recompile everything with IBM's new optimised-for-PowerPC XCC compiler rather than GCC 3.3. GCC may well be the standard for portability and even offer decent performance under x86, but when it comes to PowerPC code it really is inefficient and wasteful. Compiling with XCC can sometimes boost performance by more than 20%. A fifth faster: I'm sure that'd make for a lot of very happy users. I'd certainly be one of them.
As for the metadata filesystem: good job. I hope they implement this. It's one of those features that will open up a whole range of hitherto unimagined possibilities. For both consumers and professional users, it could prove to be an excellent upgrade. Forget about iPhoto- and iTunes-like metadata systemwide. Think of user-definable extensible filesystem permissions: philosophically akin to Folder Actions, but at the filesystem level, and systemwide! Geeky? Maybe. Useful? Definitely.
spankalee said:
Actually, it is likely that the reason has already been found. In the early 1990s civilian (non-NSA) cryptanalysts developed a "new" and very powerful technique called "differential cryptanalysis", that basically allows you to guess the key of DES-like ciphers by encrypting different (known) cleartexts and observing the ciphertext that comes out. By comparing the different inputs and outputs, a reasonable guess can be made as to the key. But guess what: DES was found to be very resistant to this attack. Why? It was discovered that the exact nature of the S-boxes (the "substitution boxes" or "tables of values", as you refer to them) were formulated in such a way as to thwart the technique. What does this tell us? Firstly, that the NSA had already developed differential cryptanalysis (or an analogue thereof) in the mid 1970s, a full two decades ahead of its rediscovery by civilians. Secondly, and this is the clincher, it tells us that the NSA didn't weaken DES: it strengthened it immesurably. Talk about irony. (Bruce Schneier discusses differential cryptanalysis in his definitive tome Applied Cryptography, Second Edition.)
I'd like to add that breaking the 56-bit encryption of DES by brute-force is only just within civilan capabilities now. I think it is reasonable to assume that at the time (mid-1970s) it is unlikely that the NSA possessed the computing power to break DES by brute force, or by any other means. Furthermore, "strong" 128-bit encryption such as that offered by AES is totally unbreakable by brute-forcing with a conventional (non-quantum) computer. I remember reading that iterating through each and every one of the keys in a 128-bit keyspace, even if each keybit were represented with a single electron, would require more energy than the mass-energy equivalent of the sun. I can't remember where I read it, but it was a sufficiently reputable source for it to remain stuck in my mind.
If apple is working on a backdoor, I'm pissed, but I doubt they are...
I think that everyone who suggested that the Government just wants to use macs is the reason for apple working with the Government, however, I don't think that this is actually a good thing.
Government + Macs = Viruses for mac + Hackers after macs
just my opinion....
I think that everyone who suggested that the Government just wants to use macs is the reason for apple working with the Government, however, I don't think that this is actually a good thing.
Government + Macs = Viruses for mac + Hackers after macs
just my opinion....