On Sat, 17 Feb 2007 23:47:47 -0500, Wayne Driscoll wrote: >You keep claiming that IBM uses the "trust" model, however, that is >simply not true. If IBM simply trusted you, the machine wouldn't have >checks in it to ensure that the built in "spare" capacity couldn't be >enabled without the machine "phoning home" to verify that the upgrade >was legitimate. How about if you allow the vendor code to periodically >connect to a company web site and report on the STIFLE information found >on the machine, to ensure that it was being run a comparable sized >machine? Then it would follow IBM's "trust" model. What about sites that cannot allow any system-driven connections to the outside? (See the DIACAP military requirements that Defense contractors have to abide by for details.) "Phoning home" is not an option, especially for higher-security systems.
In these cases the vendor is not trusted, at least not enough for that type of contact. -- Tom Schmidt Madison, WI ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
