DOCSLIB.ORG

Security & Uncovering Zero-Days Leyla Bilge and Tudor Dumitras & Software Liability, a Lawyer’S Perspective Michael B

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

;login AUGUST 2013 VOL. 38, NO. 4 : Security & Uncovering Zero-Days Leyla Bilge and Tudor Dumitras & Software Liability, a Lawyer’s Perspective Michael B. Scher & Setting Up Enterprise Logging David Lang & Rethinking Passwords Abe Singer and Warren Anderson & Causal Consistency Wyatt Lloyd, Michael Kaminsky, David G. Andersen, and Michael Freedman Columns Practical Perl Tools: Working with Git David N. Blank-Edelman Python: Shrinking Dictionary Size David Beazley iVoyeur: Watch Files with inotify Dave Josephsen For Good Measure: Security Debt Dan Geer and Chris Wysopal /dev/random: Loadable Cranium Modules Robert Ferrell Conference Reports NSDI ’13: 10th USENIX Symposium on Networked Systems Design and Implementation UPCOMING EVENTS FOR A COMPLETE LIST OF USENIX AND USENIX CO-SPONSORED EVENTS, SEE WWW.USENIX.ORG/CONFERENCES USENIX Security ’13: 22nd USENIX Security FAST ’14: 12th USENIX Conference on File and Symposium Storage Technologies August 14–16, 2013, Washington, D.C., USA February 17–20, 2014, Santa Clara, CA, USA www.usenix.org/conference/usenixsecurity13 www.usenix.org/conference/fast14 Submissions due: September 26, 2013 Workshops Co-located with USENIX Security ’13 2014 USENIX Research in Linux File and Storage EVT/WOTE ’13: 2013 Electronic Voting Technology Technologies Summit Workshop/Workshop on Trustworthy Elections CO-LOCATED WITH FAST ’14 August 12–13, 2013 February 17, 2014, Santa Clara, CA, USA www.usenix.org/conference/evtwote13 USENIX Journal of Election Technology NSDI ’14: 11th USENIX Symposium on Network and Systems (JETS) Systems Design and Implementation Published in conjunction with EVT/WOTE April 2–4, 2014, Seattle, WA, USA www.usenix.org/jets www.usenix.org/conference/nsdi14 CSET ’13: 6th Workshop on Cyber Security Abstracts due: September 20, 2013 Experimentation and Test August 12, 2013 2014 USENIX Federated Conferences Week www.usenix.org/conference/cset13 June 17–20, 2014, Philadelphia, PA, USA HealthTech ’13: 2013 USENIX Workshop on Health USENIX ATC ’14: 2014 USENIX Annual Technical Information Technologies Conference Safety, Security, Privacy, and Interoperability of HotCloud ’14: 6th USENIX Workshop on Health Information Technologies Hot Topics in Cloud Computing August 12, 2013 www.usenix.org/conference/healthtech13 WiAC ’14: 2014 USENIX Women in Advanced Computing Summit LEET ’13: 6th USENIX Workshop on Large-Scale Exploits and Emergent Threats HotStorage ’14: 6th USENIX Workshop August 12, 2013 on Hot Topics in Storage and File Systems www.usenix.org/conference/leet13 UCMS ’14: 2014 USENIX Configuration FOCI ’13: 3rd USENIX Workshop on Free and Open Management Summit Communications on the Internet August 13, 2013 USENIX Security ’14: 23rd USENIX Security www.usenix.org/conference/foci13 Symposium August 20–22, 2014, San Diego, CA, USA HotSec ’13: 2013 USENIX Summit on Hot Topics in Security OSDI ’14: 11th USENIX Symposium on Operating August 13, 2013 Systems Design and Implementation www.usenix.org/conference/hotsec13 October 6–8, 2014, Broomfield, CO, USA WOOT ’13: 7th USENIX Workshop on Diversity ’14: 2014 Workshop on Diversity in Offensive Technologies Systems Research August 13, 2013 CO-LOCATED WITH OSDI ’14 www.usenix.org/conference/woot13 October 4, 2014, Broomfield, CO, USA LISA ’13: 27th Large Installation System LISA ’14: 28th Large Installation System Administration Conference Administration Conference November 3–8, 2013, Washington, D.C., USA November 9–14, 2014, Seattle, WA, USA www.usenix.org/conference/lisa13 SESA ’13: 2013 USENIX Summit for Educators in System Administration CO-LOCATED WITH LISA ’13 November 5, 2013, Washington, D.C., USA www.usenix.org/conference/sesa13 twitter.com/usenix www.usenix.org/youtube www.usenix.org/gplus Stay Connected... www.usenix.org/facebook www.usenix.org/linkedin www.usenix.org/blog AUGUST 2013 VOL. 38, NO. 4 EDITOR Rik Farrow [email protected] EDITORIAL MANAGING EDITOR Rikki Endsley 2 Musings Rik Farrow [email protected] COPY EDITOR SECURITY Steve Gilmartin 6 Investigating Zero-Day Attacks [email protected] Leyla Bilge and Tudor Dumitras PRODUCTION Arnold Gatilao 14 Rethinking Password Policies Casey Henderson Abe Singer and Warren Anderson Michele Nelson TYPESETTER 20 Bill Cheswick on Firewalls: An Interview Star Type Rik Farrow [email protected] 26 Setting the Stage for a Software Liability Discussion USENIX ASSOCIATION Michael B. Scher 2560 Ninth Street, Suite 215, Berkeley, California 94710 Phone: (510) 528-8649 SYSADMIN FAX: (510) 548-5738 30 Enterprise Logging www.usenix.org David Lang ;login: is the official magazine of the USENIX Association. ;login: (ISSN 1044-6397) is published bi-monthly by the USENIX PROGRAMMING Association, 2560 Ninth Street, Suite 215, 36 Cuckoo Filter: Better Than Bloom Berkeley, CA 94710. Bin Fan, David G. Andersen, and Michael Kaminsky $90 of each member’s annual dues is for a subscription to ;login:. Subscriptions for non- members are $90 per year. Periodicals postage SYSTEMS paid at Berkeley, CA, and additional offices. 41 A Short Primer on Causal Consistency POSTMASTER: Send address changes to Wyatt Lloyd, Michael J. Freedman, Michael Kaminsky, ;login:, USENIX Association, 2560 Ninth Street, and David G. Andersen Suite 215, Berkeley, CA 94710. 44 Arrakis: The Operating System as Control Plane ©2013 USENIX Association Simon Peter and Thomas Anderson USENIX is a registered trademark of the USENIX Association. Many of the designations used by manufacturers and sellers to COLUMNS distinguish their products are claimed as trademarks. USENIX acknowledges all 48 Practical Perl Tools David N. Blank-Edelman trademarks herein. Where those designations appear in this publication and USENIX is aware 52 Building a Better Dictionary David Beazley of a trademark claim, the designations have 58 iVoyeur Dave Josephsen been printed in caps or initial caps. 62 For Good Measure Dan Geer and Chris Wysopal 65 /dev/random Robert G. Ferrell BOOKS 67 Book Reviews Elizabeth Zwicky, Mark Lamourine, and Rik Farrow CONFERENCE REPORTS 71 10th USENIX Symposium on Networked Systems Design and Implementation (NSDI ’13) Musings RIK FARROWEDITORIAL Rik is the editor of ;login:. here are dark clouds on the horizon, and an ominous deep rumble [email protected] shaking the windows. What we have carefully ignored for so many Tyears may soon be destroying all we hold dear. Of course, I am not writing about the weather… On May 27, a US Department of Defense committee reported [1]: …that the cyber threat is serious and that the United States cannot be confident that our critical Information Technology (IT) systems will work under attack from a sophisticated and well-resourced opponent utilizing cyber capabilities in combination with all of their military and intelligence capabilities (a “full spectrum” adversary). Most news reports focused on the loss of technology to the Chinese [2], but this was not the top finding of this committee. Their point was that US defense capabilities rely on networks of systems, and these systems are not, and cannot easily be, made secure. Security Debt In this issue, Dan Geer and Chris Wysopal write about security debt. Their concept is that all software has flaws when released, and as software is patched and upgraded over time, the number of flaws tends to grow. These flaws can be thought of as a debt that needs to be repaid over time, as the software matures. Security debt refers specifically to those flaws that will be exploited maliciously. If you look at the graphs in Figure 2 on page 63, you can see that five of the most popular applica- tions have security debt that is building over time, with the sum of these debts appearing to approach exponential growth. Bilge and Dumitras, using a database of binary signatures collected from millions of Windows systems, show that beyond the visible debt of disclosed vulnerabilities, there is also the undisclosed threat of zero-days. Zero-days are vulnerabilities that are actively being exploited but have not been announced, and the average amount of time that zero- days were exploited as reported in this research is astounding. And keep in mind that the technique they used to detect binary exploits is prone to false negatives, so the numbers are likely much worse. Some of my friends in the security business, as well as the US Congress, had been talking about legal measures that might be used to improve the state of security. Mike Scher, a friend, security geek, and a lawyer, agreed to write an article accessible to non-lawyers about the current state of software liability (page 26). My take based on Scher’s cogent analysis is that we had better work on other approaches. Radical approaches. Arrakis Simon Peter and Tom Anderson write about Arrakis, an operating system designed to pro- vide application stacks with direct access to devices designed to be multiplexed among VMs. But Arrakis isn’t a hypervisor, and the application stacks are not the same as VMs. Instead, Arrakis sets up containers for application stacks as well as arranging access to devices, such as NICs that have multiple queues that can be allocated to specific applications. Peter 2 AUGUST 2013 VOL. 38 NO. 4 www.usenix.org EDITORIAL Musings expects that we will soon see block devices, first SSDs and later measuring the entropy of passwords that can be created when hard disks, that work similarly. limited by password policies. Abe and Warren (page 14) take a close look at how current password policies actually make You might wonder what Arrakis has to do with security, but security worse, and suggest ways to improve password security. Arrakis reduces the software stack between applications and Along the way, they examine the myths that have lead to the devices. Arrakis also makes use of features such as extended password polices most commonly used today. page tables so that different parts of an application can share the same address space, but also be better isolated: for example, I interviewed Bill Cheswick, focusing on his work in security.
Recommended publications
  • BUGS in the SYSTEM a Primer on the Software Vulnerability Ecosystem and Its Policy Implications

    BUGS in the SYSTEM a Primer on the Software Vulnerability Ecosystem and Its Policy Implications

    ANDI WILSON, ROSS SCHULMAN, KEVIN BANKSTON, AND TREY HERR BUGS IN THE SYSTEM A Primer on the Software Vulnerability Ecosystem and its Policy Implications JULY 2016 About the Authors About New America New America is committed to renewing American politics, Andi Wilson is a policy analyst at New America’s Open prosperity, and purpose in the Digital Age. We generate big Technology Institute, where she researches and writes ideas, bridge the gap between technology and policy, and about the relationship between technology and policy. curate broad public conversation. We combine the best of With a specific focus on cybersecurity, Andi is currently a policy research institute, technology laboratory, public working on issues including encryption, vulnerabilities forum, media platform, and a venture capital fund for equities, surveillance, and internet freedom. ideas. We are a distinctive community of thinkers, writers, researchers, technologists, and community activists who Ross Schulman is a co-director of the Cybersecurity believe deeply in the possibility of American renewal. Initiative and senior policy counsel at New America’s Open Find out more at newamerica.org/our-story. Technology Institute, where he focuses on cybersecurity, encryption, surveillance, and Internet governance. Prior to joining OTI, Ross worked for Google in Mountain About the Cybersecurity Initiative View, California. Ross has also worked at the Computer The Internet has connected us. Yet the policies and and Communications Industry Association, the Center debates that surround the security of our networks are for Democracy and Technology, and on Capitol Hill for too often disconnected, disjointed, and stuck in an Senators Wyden and Feingold. unsuccessful status quo.
  • Implementation of Centralized Logging and Log Analysis in Cloud Transition

    Implementation of Centralized Logging and Log Analysis in Cloud Transition

    Implementation of Centralized Logging and Log Analysis in Cloud Transition Antti Vainio School of Science Thesis submitted for examination for the degree of Master of Science in Technology. Espoo 3.7.2018 Supervisor Prof. Jukka Suomela Advisor MSc Cyril de Vaumas Copyright ⃝c 2018 Antti Vainio Aalto University, P.O. BOX 11000, 00076 AALTO www.aalto.fi Abstract of the master’s thesis Author Antti Vainio Title Implementation of Centralized Logging and Log Analysis in Cloud Transition Degree programme Computer, Communication and Information Sciences Major Computer Science Code of major SCI3042 Supervisor Prof. Jukka Suomela Advisor MSc Cyril de Vaumas Date 3.7.2018 Number of pages 84 Language English Abstract Centralized logging can be used to collect log data from multiple log files on multiple separate server machines and transmit the data to a single centralized location. Log analysis on top of that can automatically process large amounts of logs for various different purposes including problem detection, troubleshooting, monitoring system performance, identifying security incidents, and understanding user behavior. As the volume of log data is growing when software systems, networks, and services grow in size, the log data located on multiple separate server machines can be difficult to manage. The traditional way of manually inspecting logs hasalso become too labor-intensive and error-prone when large amounts of log data need to be analyzed. Setting up centralized logging and automatic log analysis systems can be used to solve this problem. This thesis explains the concepts of log data, centralized logging, and log analysis, and also takes a look at existing software solutions to implement such a system.
  • BUGS in the SYSTEM a Primer on the Software Vulnerability Ecosystem and Its Policy Implications

    BUGS in the SYSTEM a Primer on the Software Vulnerability Ecosystem and Its Policy Implications

    ANDI WILSON, ROSS SCHULMAN, KEVIN BANKSTON, AND TREY HERR BUGS IN THE SYSTEM A Primer on the Software Vulnerability Ecosystem and its Policy Implications JULY 2016 About the Authors About New America New America is committed to renewing American politics, Andi Wilson is a policy analyst at New America’s Open prosperity, and purpose in the Digital Age. We generate big Technology Institute, where she researches and writes ideas, bridge the gap between technology and policy, and about the relationship between technology and policy. curate broad public conversation. We combine the best of With a specific focus on cybersecurity, Andi is currently a policy research institute, technology laboratory, public working on issues including encryption, vulnerabilities forum, media platform, and a venture capital fund for equities, surveillance, and internet freedom. ideas. We are a distinctive community of thinkers, writers, researchers, technologists, and community activists who Ross Schulman is a co-director of the Cybersecurity believe deeply in the possibility of American renewal. Initiative and senior policy counsel at New America’s Open Find out more at newamerica.org/our-story. Technology Institute, where he focuses on cybersecurity, encryption, surveillance, and Internet governance. Prior to joining OTI, Ross worked for Google in Mountain About the Cybersecurity Initiative View, California. Ross has also worked at the Computer The Internet has connected us. Yet the policies and and Communications Industry Association, the Center debates that surround the security of our networks are for Democracy and Technology, and on Capitol Hill for too often disconnected, disjointed, and stuck in an Senators Wyden and Feingold. unsuccessful status quo.
  • Efficient Algorithms for Comparing, Storing, and Sharing

    Efficient Algorithms for Comparing, Storing, and Sharing

    EFFICIENT ALGORITHMS FOR COMPARING, STORING, AND SHARING LARGE COLLECTIONS OF EVOLUTIONARY TREES A Dissertation by SUZANNE JUDE MATTHEWS Submitted to the Office of Graduate Studies of Texas A&M University in partial fulfillment of the requirements for the degree of DOCTOR OF PHILOSOPHY May 2012 Major Subject: Computer Science EFFICIENT ALGORITHMS FOR COMPARING, STORING, AND SHARING LARGE COLLECTIONS OF EVOLUTIONARY TREES A Dissertation by SUZANNE JUDE MATTHEWS Submitted to the Office of Graduate Studies of Texas A&M University in partial fulfillment of the requirements for the degree of DOCTOR OF PHILOSOPHY Approved by: Chair of Committee, Tiffani L. Williams Committee Members, Nancy M. Amato Jennifer L. Welch James B. Woolley Head of Department, Hank W. Walker May 2012 Major Subject: Computer Science iii ABSTRACT Efficient Algorithms for Comparing, Storing, and Sharing Large Collections of Evolutionary Trees. (May 2012) Suzanne Jude Matthews, B.S.; M.S., Rensselaer Polytechnic Institute Chair of Advisory Committee: Dr. Tiffani L. Williams Evolutionary relationships between a group of organisms are commonly summarized in a phylogenetic (or evolutionary) tree. The goal of phylogenetic inference is to infer the best tree structure that represents the relationships between a group of organisms, given a set of observations (e.g. molecular sequences). However, popular heuristics for inferring phylogenies output tens to hundreds of thousands of equally weighted candidate trees. Biologists summarize these trees into a single structure called the consensus tree. The central assumption is that the information discarded has less value than the information retained. But, what if this assumption is not true? In this dissertation, we demonstrate the value of retaining and studying tree collections.
  • Hardware Configuration with Dynamically-Queried Formal Models

    Hardware Configuration with Dynamically-Queried Formal Models

    Master’s Thesis Nr. 180 Systems Group, Department of Computer Science, ETH Zurich Hardware Configuration With Dynamically-Queried Formal Models by Daniel Schwyn Supervised by Reto Acherman Dr. David Cock Prof. Dr. Timothy Roscoe April 2017 – October 2017 Abstract Hardware is getting increasingly complex and heterogeneous. With different compo- nents having different views of the system, the traditional assumption of unique phys- ical addresses has become an illusion. To adapt to such hardware, an operating system (OS) needs to understand the complex address translation chains and be able to handle the presence of multiple address spaces. This thesis takes a recently proposed model that formally captures these aspects and applies it to hardware configuration in the Barrelfish OS. To this end, I present Sockeye, a domain specific language that uses the model to de- scribe hardware. I then show, that code relying on knowledge about the address spaces in a system can be statically generated from these specifications. Furthermore, the model is successfully applied to device management, showing that it can also be used to configure hardware at runtime. The implementation presented here does not rely on any platform specific code and it reduced the amount of such code in Barrelfish’s device manager by over 30%. Applying the model to further hardware configuration tasks is expected to have similar effects. i Acknowledgements First of all, I want to thank my advisers Timothy Roscoe, David Cock and Reto Acher- mann for their guidance and support. Their feedback and critical questions were a valuable contribution to this thesis. I’d also like to thank the rest of the Barrelfish team and other members of the Systems Group at ETH for the interesting discussions during meetings and coffee breaks.
  • Software Assurance

    Software Assurance

    Information Assurance State-of-the-Art Report Technology Analysis Center (IATAC) SOAR (SOAR) July 31, 2007 Data and Analysis Center for Software (DACS) Joint endeavor by IATAC with DACS Software Security Assurance Distribution Statement A E X C E E C L I L V E R N E Approved for public release; C S E I N N I IO DoD Data & Analysis Center for Software NF OR MAT distribution is unlimited. Information Assurance Technology Analysis Center (IATAC) Data and Analysis Center for Software (DACS) Joint endeavor by IATAC with DACS Software Security Assurance State-of-the-Art Report (SOAR) July 31, 2007 IATAC Authors: Karen Mercedes Goertzel Theodore Winograd Holly Lynne McKinley Lyndon Oh Michael Colon DACS Authors: Thomas McGibbon Elaine Fedchak Robert Vienneau Coordinating Editor: Karen Mercedes Goertzel Copy Editors: Margo Goldman Linda Billard Carolyn Quinn Creative Directors: Christina P. McNemar K. Ahnie Jenkins Art Director, Cover, and Book Design: Don Rowe Production: Brad Whitford Illustrations: Dustin Hurt Brad Whitford About the Authors Karen Mercedes Goertzel Information Assurance Technology Analysis Center (IATAC) Karen Mercedes Goertzel is a subject matter expert in software security assurance and information assurance, particularly multilevel secure systems and cross-domain information sharing. She supports the Department of Homeland Security Software Assurance Program and the National Security Agency’s Center for Assured Software, and was lead technologist for 3 years on the Defense Information Systems Agency (DISA) Application Security Program. Ms. Goertzel is currently lead author of a report on the state-of-the-art in software security assurance, and has also led in the creation of state-of-the-art reports for the Department of Defense (DoD) on information assurance and computer network defense technologies and research.
  • The GNOME Census: Who Writes GNOME?

    The GNOME Census: Who Writes GNOME?

    The GNOME Census: Who writes GNOME? Dave Neary & Vanessa David, Neary Consulting © Neary Consulting 2010: Some rights reserved Table of Contents Introduction.........................................................................................3 What is GNOME?.............................................................................3 Project governance...........................................................................3 Why survey GNOME?.......................................................................4 Scope and methodology...................................................................5 Tools and Observations on Data Quality..........................................7 Results and analysis...........................................................................10 GNOME Project size.......................................................................10 The Long Tail..................................................................................11 Effects of commercialisation..........................................................14 Who does the work?.......................................................................15 Who maintains GNOME?................................................................17 Conclusions........................................................................................22 References.........................................................................................24 Appendix 1: Modules included in survey...........................................25 2 Introduction What
  • Higher Inductive Types (Hits) Are a New Type Former!

    Higher Inductive Types (Hits) Are a New Type Former!

    Git as a HIT Dan Licata Wesleyan University 1 1 Darcs Git as a HIT Dan Licata Wesleyan University 1 1 HITs 2 Generator for 2 equality of equality HITs Homotopy Type Theory is an extension of Agda/Coq based on connections with homotopy theory [Hofmann&Streicher,Awodey&Warren,Voevodsky,Lumsdaine,Garner&van den Berg] 2 Generator for 2 equality of equality HITs Homotopy Type Theory is an extension of Agda/Coq based on connections with homotopy theory [Hofmann&Streicher,Awodey&Warren,Voevodsky,Lumsdaine,Garner&van den Berg] Higher inductive types (HITs) are a new type former! 2 Generator for 2 equality of equality HITs Homotopy Type Theory is an extension of Agda/Coq based on connections with homotopy theory [Hofmann&Streicher,Awodey&Warren,Voevodsky,Lumsdaine,Garner&van den Berg] Higher inductive types (HITs) are a new type former! They were originally invented[Lumsdaine,Shulman,…] to model basic spaces (circle, spheres, the torus, …) and constructions in homotopy theory 2 Generator for 2 equality of equality HITs Homotopy Type Theory is an extension of Agda/Coq based on connections with homotopy theory [Hofmann&Streicher,Awodey&Warren,Voevodsky,Lumsdaine,Garner&van den Berg] Higher inductive types (HITs) are a new type former! They were originally invented[Lumsdaine,Shulman,…] to model basic spaces (circle, spheres, the torus, …) and constructions in homotopy theory But they have many other applications, including some programming ones! 2 Generator for 2 equality of equality Patches Patch a a 2c2 diff b d = < b c c --- > d 3 3 id a a b b
  • Message Passing for Programming Languages and Operating Systems

    Message Passing for Programming Languages and Operating Systems

    Master’s Thesis Nr. 141 Systems Group, Department of Computer Science, ETH Zurich Message Passing for Programming Languages and Operating Systems by Martynas Pumputis Supervised by Prof. Dr. Timothy Roscoe, Dr. Antonios Kornilios Kourtis, Dr. David Cock October 7, 2015 Abstract Message passing as a mean of communication has been gaining popu- larity within domains of concurrent programming languages and oper- ating systems. In this thesis, we discuss how message passing languages can be ap- plied in the context of operating systems which are heavily based on this form of communication. In particular, we port the Go program- ming language to the Barrelfish OS and integrate the Go communi- cation channels with the messaging infrastructure of Barrelfish. We show that the outcome of the porting and the integration allows us to implement OS services that can take advantage of the easy-to-use concurrency model of Go. Our evaluation based on LevelDB benchmarks shows comparable per- formance to the Linux port. Meanwhile, the overhead of the messag- ing integration causes the poor performance when compared to the native messaging of Barrelfish, but exposes an easier to use interface, as shown by the example code. i Acknowledgments First of all, I would like to thank Timothy Roscoe, Antonios Kornilios Kourtis and David Cock for giving the opportunity to work on the Barrelfish OS project, their supervision, inspirational thoughts and critique. Next, I would like to thank the Barrelfish team for the discussions and the help. In addition, I would like to thank Sebastian Wicki for the conversations we had during the entire period of my Master’s studies.
  • Misc Thesisdb Bythesissuperv

    Misc Thesisdb Bythesissuperv

    Honors Theses 2006 to August 2020 These records are for reference only and should not be used for an official record or count by major or thesis advisor. Contact the Honors office for official records. Honors Year of Student Student's Honors Major Thesis Title (with link to Digital Commons where available) Thesis Supervisor Thesis Supervisor's Department Graduation Accounting for Intangible Assets: Analysis of Policy Changes and Current Matthew Cesca 2010 Accounting Biggs,Stanley Accounting Reporting Breaking the Barrier- An Examination into the Current State of Professional Rebecca Curtis 2014 Accounting Biggs,Stanley Accounting Skepticism Implementation of IFRS Worldwide: Lessons Learned and Strategies for Helen Gunn 2011 Accounting Biggs,Stanley Accounting Success Jonathan Lukianuk 2012 Accounting The Impact of Disallowing the LIFO Inventory Method Biggs,Stanley Accounting Charles Price 2019 Accounting The Impact of Blockchain Technology on the Audit Process Brown,Stephen Accounting Rebecca Harms 2013 Accounting An Examination of Rollforward Differences in Tax Reserves Dunbar,Amy Accounting An Examination of Microsoft and Hewlett Packard Tax Avoidance Strategies Anne Jensen 2013 Accounting Dunbar,Amy Accounting and Related Financial Statement Disclosures Measuring Tax Aggressiveness after FIN 48: The Effect of Multinational Status, Audrey Manning 2012 Accounting Dunbar,Amy Accounting Multinational Size, and Disclosures Chelsey Nalaboff 2015 Accounting Tax Inversions: Comparing Corporate Characteristics of Inverted Firms Dunbar,Amy Accounting Jeffrey Peterson 2018 Accounting The Tax Implications of Owning a Professional Sports Franchise Dunbar,Amy Accounting Brittany Rogan 2015 Accounting A Creative Fix: The Persistent Inversion Problem Dunbar,Amy Accounting Foreign Account Tax Compliance Act: The Most Revolutionary Piece of Tax Szwakob Alexander 2015D Accounting Dunbar,Amy Accounting Legislation Since the Introduction of the Income Tax Prasant Venimadhavan 2011 Accounting A Proposal Against Book-Tax Conformity in the U.S.
  • THE FUTURE of IDEAS This Work Is Licensed Under a Creative Commons Attribution-Noncommercial License (US/V3.0)

    THE FUTURE of IDEAS This Work Is Licensed Under a Creative Commons Attribution-Noncommercial License (US/V3.0)

    less_0375505784_4p_fm_r1.qxd 9/21/01 13:49 Page i THE FUTURE OF IDEAS This work is licensed under a Creative Commons Attribution-Noncommercial License (US/v3.0). Noncommercial uses are thus permitted without any further permission from the copyright owner. Permissions beyond the scope of this license are administered by Random House. Information on how to request permission may be found at: http://www.randomhouse.com/about/ permissions.html The book maybe downloaded in electronic form (freely) at: http://the-future-of-ideas.com For more permission about Creative Commons licenses, go to: http://creativecommons.org less_0375505784_4p_fm_r1.qxd 9/21/01 13:49 Page iii the future of ideas THE FATE OF THE COMMONS IN A CONNECTED WORLD /// Lawrence Lessig f RANDOM HOUSE New York less_0375505784_4p_fm_r1.qxd 9/21/01 13:49 Page iv Copyright © 2001 Lawrence Lessig All rights reserved under International and Pan-American Copyright Conventions. Published in the United States by Random House, Inc., New York, and simultaneously in Canada by Random House of Canada Limited, Toronto. Random House and colophon are registered trademarks of Random House, Inc. library of congress cataloging-in-publication data Lessig, Lawrence. The future of ideas : the fate of the commons in a connected world / Lawrence Lessig. p. cm. Includes index. ISBN 0-375-50578-4 1. Intellectual property. 2. Copyright and electronic data processing. 3. Internet—Law and legislation. 4. Information society. I. Title. K1401 .L47 2001 346.04'8'0285—dc21 2001031968 Random House website address: www.atrandom.com Printed in the United States of America on acid-free paper 24689753 First Edition Book design by Jo Anne Metsch less_0375505784_4p_fm_r1.qxd 9/21/01 13:49 Page v To Bettina, my teacher of the most important lesson.
  • Sonic on Mellanox Spectrum™ Switches

    Sonic on Mellanox Spectrum™ Switches

    SOFTWARE PRODUCT BRIEF SONiC on Mellanox Spectrum™ Switches Delivering the promises of data center disaggregation – SONiC – Software for Open Networking in the Cloud, is a Microsoft-driven open-source network operating system (NOS), HIGHLIGHTS delivering a collection of networking software components aimed at – scenarios where simplicity and scale are the highest priority. • 100% free open source software • Easy portability Mellanox Spectrum family of switches combined with SONiC deliver a performant Open Ethernet data center cloud solution with • Uniform Linux interfaces monitoring and diagnostic capabilities. • Fully supported by the Github community • Industry’s highest performance switch THE VALUE OF SONiC systems portfolio, including the high- Built on top of the popular Switch Abstraction Interface (SAI) specification for common APIs, SONiC density half-width Mellanox SN2010 is a fully open-sourced, hardware-agnostic network operating system (NOS), perfect for preventing • Support for home-grown applications vendor lock-in and serving as the ideal NOS for next-generation data centers. SONiC is built over such as telemetry streaming, load industry-leading open source projects and technologies such as Docker for containers, Redis for balancing, unique tunneling, etc. key-value database, or Quagga BGP and LLDP routing protocols. It’s modular containerized design makes it very flexible, enabling customers to tailor SONiC to their needs. For more information on • Support for small to large-scale deployments open-source SONiC development, visit https://github.com/Azure/SONiC. MELLANOX OPEN ETHERNET SOLUTIONS AND SONiC Mellanox pioneered the Open Ethernet approach to network disaggregation. Open Ethernet offers the freedom to use any software on top of any switches hardware, thereby optimizing utilization, efficiency and overall return on investment (ROI).