Hopefully, that will never happen, as vendors will realise it will kill their business . ( I suppose some 'slow learners' will have to find out the hard way..)
There was an interesting case IIRC, last year in europe, where a internet-connected machine in a lab, was breached and valuable information extracted - as in trade secrets/patent relevent stuff, not your usual email lists... now that's WAY above the normal nuisance level of
So, there is if anything a _growing_ trend to disconnect design-lab machines from the NET, or have one Document-NET PC in the corner... Vendors that miss this trend, will get their fingers burnt.
this may be more subtle than it seems today. I have been witnessing a wintel PC doing weird things every time I "restart" it: it stays for a long time in a state preceeding the blue screen which says "saving your personal settings", and does a lot of CPU work with brief disk accesses every few seconds. Looks like a typical data compression task at work. More, the time this takes is proportional to the time the PC was up, i.e. the longer I don't reset it the longer this takes to execute (up to tens of minutes if I have not reset it a for a few days). Now when do the data go out, how etc. I really don't know, nor am I particularly worried about it since I keep on that wintel TV set (oops, PC) nothing I don't want being made public (and if someone is keen on listening to my screams while debugging something stubborn - yes, I do have a mike connected - he might just ask me to record and send them, I will :-). So I am not at all surprised by the trend you refer to, it is a healthy one, I just wonder how efficient this can be using todays PCs. Probably doable, but it takes just a small mistake and - ouch, the data are out...
Well we can only hope you will be right on this. My personal feeling is that it is unavoidable - what will people do if the single source of their parts suddenly switches to a web-authorising tool while witholding (as they do for decades) the information needed for other parties to write an alternative? I don't think they will have many options except to abandon the product (and possibly get out of busyness), complain to the Pope, or just obey...
We had those sorts of thin clients at uni for a while. I have never been using a more instable and slow system before nor after... The thought was good, but in reality when 100 students had a break at the same time and started Netscape simultaneously it sucked. Especially for us who tried to work on that system. I think I used the smartcard once or twice over a two year period of time...
--
-----------------------------------------------
Johan Bernspång, xjohbex@xfoix.se
Research engineer
Swedish Defence Research Agency - FOI
Division of Command & Control Systems
Department of Electronic Warfare Systems
www.foi.se
Please remove the x's in the email address if
replying to me personally.
-----------------------------------------------
I am getting all the details of what we send, and what control the customer has.
The only information we are sending back is the design summary about how many different types of resources are being used by the design - things like how many blkrams are used and in which modes.
The user is asked before the data is send back to Xilinx and there is an easy way for the user to opt out of it.
The last posting is actually a new feature, that isn't out yet (sorry).
So, the only information we plan on sending back is what I described below. The purpose of this is to see what people use, so that we make sure we provide the right resources for the right applications (research ). This is non-specific (we don't keep track of the 'who', just the 'what').
For this thread, the subject is (I believe) what happens presently when you click on the generated link for the error.
So, this is called Error Navigation and searches the Answer Database for an Answer Record giving you more information on your ERROR or WARNING.
Let me show you what is sent in Error Navigation.
Let's say I run XST and get a warning in the ISE transcript window. The word WARNING will be blue and underlined indicating it's a URL. If I click on it, a browser opens and I find myself on support.xilinx.com on a google results page. Here's an example of the URL for the hyper link:
formatting link
Now if you break this URL down, you can see that part of the message includes a path, which is simply just the path to the source file with the error. Here's a typical example of what we send in an error nav to xgoogle.xilinx.com:
If the customer is concerned that sensitive information was sent, it's because that sensitive information was stored in the path to the project and/or source file.
Perhaps someone can suggest a better solution? All we are trying to do here is help.
It's a tough one. For most people it doesn't matter, other than being a bit paranoid.
I, and probably others, regularly work on projects which "don't exist", so any data collection for those projects is an unacceptable leak. Path names frequently disclose projects names, and file names frequently disclose intent. Even the data you do want to collect, regarding part usage, discloses what type and size part, all of which can inadvertently disclose the existance of an FPGA project (which doesn't exist) using certain parts, which for very strict non-disclosure projects would be an unacceptable breach.
Even asking, is just asking a tech or QA or Build person to disclose information that they might not entirely aware is much more restricted that they expect .... IE the person that answers "yes" may not have the authority to do so.
Lastly, it's probably best to clearly document other aspects, like web linked help, which will also disclose projects which don't exist, and allow the IT and Project admins to firewall all Xilinx access for those projects machines and developers. The old way of includeing doc's and error messages on the CD really is the correct way to do this.
maybe I am not parnoid enough to be seriously concerned about this filename-issue, but I still do not understand why Xilinx needs to filename to provide help about an error-message.
However, I think it would be much more important to really get a useful help, mostly I get just some more or less unrelated links. (Your competition does a much better job here...).
Thomas
"Austin Lesea" schrieb im Newsbeitrag news:e57gfi$ snipped-for-privacy@xco-news.xilinx.com...
I'd suggest that there's no help provided by including the filename in the information sent back to Xilinx. The part of the tool that spits out the URL can simply strip the filename information. If there's a need to know filetype, my competitors won't care if I'm working in Verilog or VHDL so include filetype if desired.
My opinion: it's bad form to include the filenames.
Agreed... unless the issue IS the path. Some programs have trouble with real long paths, or paths with long directory names, or paths with symbolic links, or UNC (Universal Naming Convention) paths.
The only reason this came to mind is that I've had the tools blow up due to the hierarchy names being too long (actually it was several levels, each with long names). Not the same thing, but it doesn't seem impossible either.
I wondered if they thought that sending library names could help them ( ie the error just might cough up from a library file! )
but for general name issues & errors, these surely are not some unknown/lottery ! They could very easily test for valid file names, before passing them to the fussier tools, and say : "Sorry, tools do not like [spaces,paths>180char,you get the idea..]"
- then there is no need to violate the customers security protocols, and one _really_ would think that Xilinx was VERY sensistive to this ?! :(
- but it does nicely show, where true security problems come from, not the front door, but some casual side door, quite often technical-use in nature ....
What about only allow http traffic from those machines through a proxy. And then have the proxy remove anything not authorized. Ie modify the http stream. That way vendor server is happy and customer don't have to provide restricted data.
Based on what do you detect - at the proxy or wherever in your house - what you want not to let out. Plain search will be enough only for obvious transactions.
If you are working on classified projects, then you should probably be working on a classified network. I regularly work on such projects, and the network has no external connections to the public Internet. Even if the tools wanted to report back, they have no path to Xilinx/Altera servers. The downside is that the only way to get data in is on CD-R, and on only one machine control by an internal IS person.
If you aren't working on classified projects, but they are still considered sensitive, put the machine behind a firewall, and control outbound access. Or, get a node-locked license, and don't connect the machine at all.
I do this on my personal (home) network, although I'm not terribly concerned about Xilinx or Altera learning about my educational activities. I even turned on the talk-back feature in Quartus II so I could use the logic analyzer cores.
I do think companies could be a little more careful about data collection, though. I don't care if they report resource utilization and IP types, but why do they need my name or my company name?
It is definitely a brave new world, and we are trying to take advantage of what we can, without causing any harm - real, or imagined.
The folks who write our software are concerned about privacy and security.
It is quite easy for them to put themselves in your shoes.
For any of you familar with the Xilinx Values, the 'C' in the catch phrase (first letter) refers to 'customer.' The customer is the first thing we (should) think about when deciding anything. For any of you who ever visited, the "org chart" was my favorite: The top was the customer, with the Board of Directors at the bottom (upside down of a traditional org chart).
All ideas are welcome.
I am very familiar with firewalls, and with secure development (where the computers have no connection to anything outside, and no machine EVER leaves the facility, and no machine has any USB/CDR/etc. ability (other than read only).
The security offered by our 3DES and 256AES relies on a third party: Xilinx. We are trusted to properly encypt the bitstream, and properly generate the keys. Since we are a 'trusted third party' it makes no sense at all to do anything that would shed any doubt on that trust.
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.