Tuesday, January 29, 2008

A Chat with Ben and Pete - Episode 14

Musharraf is everwhere.
In this episode we talk about:Subscribe in:

5 comments:

  1. Anonymous3:58 PM

    I thought DTrace used the ptrace() call, and the process sets the "don't trace me please" flag by calling ptrace()?

    Domain Tasting just shouldn't exist. It must be an enormous pain to registrars. ICANN really dropped the ball on the grace period, I know the history but life would have been much better for everyone if there was no grace period at all.

    Why doesn't it surprise me that Netsol has gone truly evil. They've been on that path for years. I've moved all my domains from them as they expired. My first of many bad experiences with them was their website downgrade just after ICANN was formed. The site was soon impossible to navigate for doing simple maintenance and eventually even renewal was a seven-click affair, at least two of which were explicitly saying no to some up-selling guff they wanted you to agree do (defaulted to ticked, etc).

    Speaking of evil registrars, MelbourneIT has started spamming me more than usual of late, looks like they might be on the same path. Unfortunately I'm locked into some .NU domains with the DDNS service I run, and nunames just keeps pumping the price. The .NU marketing droids also believe in pushing expensive options during renewal, I'm already giving them *60 euro* for 24 months! The least they can do it refrain from shoving "InstantWeb" into my face every time I renew.

    Jabber is cool, but I don't see it as the enabler for "cloud computing". You'd imagine something UDP based that doesn't use XML would be easier to scale. I figured the real issues with cloud computing were provisioning and resource management, not service discovery?

    Microsoft is still making an obscene amount of money, so I wouldn't count them out yet. I think times are getting tougher for them though.

    ReplyDelete
  2. Thanks Alan.

    I think the history of domain name registration economics will be a fascinating study in the operation of the free market. Melbourne IT, I'm sure believed they were efficient until the market was opened up to competition. My goodness they were overcharging!

    The point about looking at XMPP for notifications is really about noticing that there is already a robust standard out there that can be used rather than polling or inventing something new.

    The great thing about all these protocols that do http requests is that they will generally pass right through everyone's firewalls - which are set up for web browsing. It's tough to get UDP through.

    I used to use a lot of Microsoft products, today I'm using none at all. I respect the products they built, particularly the office suite, but their anti-standards policy makes them my last choice these days.

    ReplyDelete
  3. Another great chat, thanks guys.

    A bit confused about Pete's comments around PT_DENY_ATTACH; exactly what is the security risk here? You seemed to be saying that malware could use it to access other processes, but wouldn't they need root access? And if they had root access, well, a security violation has already happened surely?

    As for eSATA on Mac, I'm happy to report that it's already here thanks to two unused SATA ports on the motherboard of the new 2008 Mac Pros (which, I'm even happier to report, I now have on order...)

    ReplyDelete
  4. Thanks Alastair,

    What I was meaning to say was that the ability to access process structures that presumably belong to the kernel would seem to me to be a security problem. If you can flip the PT_DENY_ATTACH bit then surely you can alter other variables as well.

    But yes, I take your point, you're already root so you're already there.

    pete

    ReplyDelete
  5. Still haven't gone Leopard, so just wondering: is ktrace affected by this flag as well? (man ktrace)

    (BTW, some time back I wrote a parser for ktrace output files. Pardon the self-linkage.)

    ReplyDelete