Domain: geoskd.com
Stories and comments across the archive that link to geoskd.com.
Comments · 24
-
Re:guilty
To your 1st point: you may feel that IT's reaction was overly cautious (and perhaps it was) and that incurring a $2M hit is bad. But by slamming the doors shut for a day, they may have saved your company many times that amount, both financially, and in down-time. Worms like SoBig and friends are not simple problems to deal with. When an outbreak happens, often there's not much that can be done except to batten down and wait it out. Sure, that's going to cost money, but what other option is there? I'm sure it would have been *far* worse had the worm gotten inside your network to wreak havoc.
actually, a better solution would have been to shutdown only traffic that was nesescary to shut down. First, the default for all of our network machines is to have the firewall disable any unused ports anyway, so sobig was traveling through our systems by e-mail only. Granted it made some progress that way, but our network is already hardened against that kind of thing (despite being a largely windows shop). The only traffic that the router shutdown blocked was important business traffic. The sobig traffic was being shutdown at the local level, because none of the machines, nor dedicated firwalls allow unauthorized traffic. The total shutdown was a panic reaction, and it is that kind of reaction that gives the IT industry a black eye in the face of these kinds of problems. The speed of the reaction to a crisis is less important than the potency of the solution. You can be the fastest to respond to any incident, but if you act incorrectly, you can do far more damage than any security breach is capable of.
-=Geoskd
www.geoskd.com -
Re:guilty
I am not a cracker or hacker. But I know a guy who uses password trading websites for porn. According to him, once you get a password for one porn website, that same password will work for others. According to him, these porn members use the same password for all sites they subscribe to.
I work for a large company (200k+ employees) and we have what can only be described as anal retentive security and administration. These guys do absolutely everything exactly the way they are supposed to as far as adminstration staff is concerned, but several things have become apparant to me over the last few years.
First: Having a super strong IT department won't prevent virus outbreaks. We got hit with a SoBig variant and it damn near put us out of commission for a day. The reason wasn't because the virus caused serious harm to our infrastructure (it didn't, we were almost unaffected by it), it was because our global IT folks, in their infinite wisdom, decided to lock down all the routers everywhere to prevent the worm from spreading. The result was that we were incapable of doing any of our normal business activities for one day. Using the facility I work at as typical, and extrapolating accross the entire company, this cost us about $2,000,000. The key to remember, was that it wasn't the worm that caused the loss, it was the IT reaction to it. They did "nothing wrong". Everything was done by the book, but from my experience the textbook reactions to these things need to be re-examined.
Second: Virtually every department in my company uses back door passwords just like the ones refered to in the article. We use them to a huge extent simply because we have a massive data infrastructure that is decades old and needs to interoperate seemlessly. There isn't anyone within the company who has any real grasp on how the whole system works together. For anyone who says that security through obscurity isn't the answer, I call bullshit. Security through obscurity is the single *most effective* method out there, and when coupled with other more active measures produces a system which is stronger than any system which does not include security through obscurity. The people who wrote pieces of the systems we use, don't understand the system well enough to make effective work arounds, much less exploit the system. The result is that we leave many "generic" accounts open using a standard pattern so that anyone in any department will know how to access business critical data in any other department. This keeps the employees productive even when moved to a new department, which happens quite frequently.
Third: Passwords and account tracking at my company are not so much intended to prevent outsiders from gaining access to our data, but are geared more towards knowing who did access what data, in the event that anyone ever wanted to know. That is not how the IT department wants it to work, but with hundreds of thousands of employees and a centralized standardized IT department, there is no way they can effectively administrate all these computer system, so they settle for being able to track what happened after the fact.
last, it should be noted that our systems have proved remarkably resillient to attack, and penetration. Critical systems such as our web site (which takes in excess of 100M hits / day), and a very few others are more closely guarded than most, but generally speaking no one pays any attention to security inside the company, becuase no one has the time, and despite that we have not had any real problems that couldn't have been simply ignored.
-=Geoskd
www.geoskd.com -
Re:Nice to see
Patenting is really a boring issue unless your directly involved with its consequences but im happy the issue is starting to come up in mainstream media.
Everyone these days seems to be whining about how bad the patent system is. Why doesn't anyone propose something better? I have thought a great deal about the problem, because I would like to patent quite a few things, but can't afford the $500 per attempt, plus whatever the patent search costs.
So here's my solution to the problem.
First: Patents (and copyrights) can not be owned by corporations. In fact the original owner cant relinquish these rights at all, all they can do is expand the rights by allowing others to use their patents / copyright. This effectively kills the entertainment industry monopoly. If an artist doesn't like their current label, they take all of their works somewhere else and compete with their old label. Their contract with the old label could allow that label to use the works indefinitely, but it couldn't prevent the copyright holder from selling the rights to another party in the future.
This also puts an extreme value on the employees who hold patents. The corporations would have to keep these people happy, or they would take their patents elsewhere. This would cause a long term sustained increase in the salaries of white collar jobs. This would be enforced everywhere by the U.S. refusing to recognize any patents where the original patent holders rights were not supported in keeping with these new rules. The result would be that companies would fight to keep their patent holding and patent generating employees happy. And companies wouldn't offshore to countries where the patents wouldn't be recognized by the U.S. Everywhere that had these kinds of patent laws would have much higher salaries and so would not be as tempting for companies to offshore to. This would effectively slow offshoring, and might even cause a temporary reverse int he flow of jobs to other countries, while other countries modified their patent laws.
second: The life of a patent would be no longer than the life of the patent holder. When the patent holder dies, the patent becomes public domain . no exceptions. This settles the patent lifespan argument once and for all.
third: In order to be granted a patent, a working prototype must be presented to the patent office to be documented in full as part of the patent application. If the applicant hasn't put enough work into a product to make the prototype work, they don't deserve the patent.
fourth: If another person can demonstrate that development of a similar product was well underway, or completed at the time that the patent application was filed, then the patent is ammended to include the additional person as patent holder. The patent rights are then shared between both persons and rights are assigned equally.
Seems to me that this would fix a whole host of stupid problems with the existing patent system. I'm sure there are some details that would improve upon this framework as well, and I look forward to seeing some of them.
-=Geoskd
www.geoskd.com -
Re:What the hell
It seems fair on the surface until you think about the nasty circle that it creates. You can't deny that the industry is setup to screw people in many cases. Why the hell does a secured credit card (often used to rebuild credit) need a 24.99% APR? By definition a secured card represents absolutely no risk to the issuer. They charge those rates because nobody is stopping them.
thats right, but it is a captive market, and these people have no choice but to pay these predatory rates because they never bothetred to save for a rainy day.
And that means everybody is like that? Personally when I was having hard times I always made a point to pay my car insurance first (if I can't get to work and make money then everybody is screwed), my landlord second, my food and utilities third and everybody after that can take a number. Screwing your landlord while you drive around in a $25,000 car is deplorable. I just take exception to your statements that "most" people who are poor or who have bad credit are acting like this. Did you know that about 70% of bankruptcies are triggered by medical bills?
Actually, yes, most of the people I have seen are like that. I am a landlord, and I know many other landlords, so I know that my experience is almost universal for landlords. In my day to day activities I get to see many credit reports, and I can say with certainty that most of the renters that I deal with (and I cater to the top of the rental market, not the bottom) have delinquent unpaid debts that the issuing banks have written off. The rate is close to 90% of all applicants, and about 50% of my renters have had significant unpaid debts somewhere in the past. Sometimes its medical, but not as often as you might expect. Id have to say only about 10 - 20% of the time. When I say most, I mean most. The people who have a major breakdown and then recover dont stay on the bottom for long, thats why they don't account for much of the bottom of the market. Even then, many times these people still manage to make minimum payments while they are recovering, and thus protect their credit record from significant damage. Hell, if you're going to miss a payment because you lost your job, simply calling you creditors and telling them what is going on will sometimes stop them from even reporting delinquencies.
And I would refuse to rent from you if you had those devices. If you felt the need to deploy such devices on your apartments then that alone is going to scare me away (who the hell else are you renting to? do I really want to live next to them?). And like RIAA I also have a serious problem with any business that treats me like a criminal before I've done anything wrong.
You are not the kind of clientell that I would be looking to defend myself from. Most of my units would not need, nor benefit from such a device, but for those that would, it would be invaluable. Everyone would be offended at having to deal with this kind of company, but the ones who have no choice are the ones who do simply disappear without paying, or worse yet, squat for 4 months during the winter without paying a dime, meanwhile the landlord can't evict because they keep showing up in court with their 14 children telling the judge they have nowhere to go.
-=Geoskd
www.geoskd.com -
Re:This is a sin
I heard that in 2004, American colleges graduated but 40,000 engineers while Pacific Rim ones graduated 450,000. Not only that, when you consider that 1/3 to 1/2 of American students are actually forigners, the picture looks even bleaker!
Ok, this is the third time this month I have heard this statistic, but It's about time we cleared a little of the BullSh*t around this topic.
The US graduates just over 40,000 engineers / ~250 Million individuals. This is about 1 in every 6000 people.
The pacific Rim graduates about 450,000 engineers / 2.7 Billion individuals. This is about 1 in every 6000 people.
The long and the short is that we are about on par as education goes, we are simply outnumbered on this planet at almost 30 : 1
As for lego, Their main malfunction has been pretty much just as TFA described: Bad market analysis coupled with a changing market. Shame on them for not doing their homework and we can all move on.
-=Geoskd
www.geoskd.com -
Re:that's more like it
A hot water heater's element - on demand or tanked - is submerged at all times. Therefore, almost 100% of the heat that it produces is coupled to the water - the only loss *NOT COUPLED* to the water is the heat which travels to the ends of the element where the terminals are. Electric heating of water by immersion heaters is close to 100% efficient. (We'll ignore the heat from the water which radiates through the heater; the energy loss from the hot water will occur with both conventional and microwave heaters.)
Initially I thought the same thing, but here's, the problem: In order to heat the water, the heating element has to heat up itself and transfer large amounts of heat to water passing around it. This means that the heating element has to get extremely hot compared to the initial water temp. It also has to heat up very quickly (water on demand isn't really "on demand" when you have to wait 5 minutes). So, when you are done heating, you have a very hot element which still has much of the energy of the process in it. I'm guessing that for most water uses (sinks, dishwashers, etc) the water usage is so short that your efficiency would be a lot lower than you would othewise guess.
with a microwave heater, the element itself doesn't get hot, so it does in fact transfer all of the energy to the target without thermal conduction. I'm guessing that you can get reasonably efficient components these days, so it doesn't strike me as unreasonable that the overall efficiency of this device could be better than pure electric. Maybe even a lot better. I'm going to reserve judgement until I can see one in action.
-=Geoskd
www.geoskd.com -
Re:What's your silver bullet?
Perhaps you could share with us your incredibly accurate estimation technique? I'm sure many of us would love to know how you've solved a problem that no-one else in the business has managed to solve effectively for years.
Seriously, estimation is hard. I'm sure you know that really. The best development shops I've worked for deal with this problem by having plans that can adapt to unexpected delays, including putting back the shipping date if necessary. Perhaps we're lucky; for some projects, that simply isn't an option. But it's a lot better than pretending you can estimate a project that's going to take hundreds of man-years accurately ahead of time, and then betting your business on being able to make your predicted shipping date.
The magic bullet to project management and time estimation is simple. As someone who has worked as a manager of others, as a programmer, and in the construction business, I will sit here and tell you that projects can be estimated with tremendous accuracy. The secret is two fold: This first part is that the person doing the estimate has to be qualified and capable of doing the work him/her self. Second: The project needs to have already completed the first stages of design. While this seems like a lot just to get a project estimate, it is critical.
This is the reason that so many companies fail to estimate correctly. Either they have incompetent (read as nontechnical) people estimating the amount of time something will take, or else they are trying to estimate without having layed out the course of the overall design. People who know how to do this kind of estimation are in extreme demand, and unfortuately are extremely rare for the simple reason that most managers aren't qualified to do the work of those they manage. Those that are, have a tendency to start their own companies...
-=Geoskd
www.geoskd.com -
Ads don't target me, so why waste my time
Most ads on TV, web pages, bullboards and anywhere else they put them just annoy me. If I am looking for a product of some kind, I look online, and do research on whats available. That is why I block ads in pop up windows, and immediately close all windows which do make it through. That is why I don't watch live TV anymore, but TIVO everything and watch it later. I appreciate that those same ads subsidize much of my entertainment experience (oh but wait, I *pay* for Cable TV access, and I *pay* for Network access, and I *pay* for music, and I *pay* for movies). Maybe the prices are less than what I would pay otherwise, but I am certain that many of the products I purchase would be cheaper if the manufacturers didn't waste so much money advertising to a market full of people like me. I am just surprised that they havn't figured out the hint by now.
-=geoskd
www.geoskd.com -
Unix experience?
The person giving the references in this article did not seem to be the long time UNIX user he claims to be.
first: He put his experience with Linux into a windows context, suggesting that he is in fact an experienced windows administrator.
second: he did not understand automatic updates. A feature which is and has been available on many linux distro's for quite some time, and a feature which is quite prevalent in UNIX especially from IBM
third: Red Hat Linux (even enterprise class) does not have a very restrictive hardware requirement, and the odds are pretty good that they would have needed to do the same hardware upgrades to run whatever windows system they eventually moved to.
fourth: Anyone who is an experienced administrator knows that the core operating systems are tremendously stable, be it windows or Linux, or UNIX, and that the instabilities in any system will be introduced by drivers needed for operation of application specific hardware (for example a custom cash register based peripheral or some such). This tells me that they had just such a piece of equipment in their systems, and that the vendor of this hardware did not supply working drivers. Further, I would conjecture that said supplier probably had a long standing windows driver, and had ported the drivers to the linux platform specifically at the request of this client. The result is what you would expect: a first generation driver which fails intermittently.
-=Geoskd
www.geoskd.com -
Re:It's Not All That Bad
I've gone back and forth and back again on this...and right now I'm of the mind that if you can't learn math by sense of smell, well, na-na-na, hey-hey-hey goodbye. Nobody held my hand through Asian, Russian, German and Indian math and computer science profs and incompetent grad student assistants and a myriad of other difficulties (in getting a BA mathematics). Yeah, it's not a perfect world, but if this kid was half as smart as he thinks he is, he'd have made it despite any obstacles. I mean, he kept going on about being a "verbal" learner...and if you're out there, dude, math is not a "verbal" topic...just FYI.
I do beleive that the author has in fact discovered that standardized testing and class rank in america's high schools are a poor reflection of academic and professional potential. I can't say for certain what these in fact indicate about a person, but they sure don't correlate well with anything I have ever been able to measure, except, possibly, ego.
-=Geoskd
www.geoskd.com -
Everyone takes statistics so personally.
I don't understand what all the stir is about this topic. All the study says is that given the general population from which the sample was drawn, there is a measurable difference in IQ scoring. Maybe the test measures inteligence, maybe it doesn't, but everyone is treating this as though the researchers insulted them personally. Some women are downright nasty about how they portray these researchers, and some of the men are appologetic, while others are self righteous. Statistics say absolutely nothing about individuals, only the population as a whole. Why is it that everyone is so quick to forget that?
-=geoskd
www.geoskd.com -
Re:That's all good, but..
Third time in this article I've seen someone make this mistake. It's an epidemic. The gasoline powered car is only 25% efficient so although you pay $2.15/gallon you only use a quarter of the energy. Electric motors are very efficient so you don't need 1:1 energy equivalent with gasoline. The "electrical equivalent for a gallon of gasoline" is actually closer to $1.50, using your figures.
umm, Electric motors are not terribly efficient. At best, they typically come in at around 50 - 60% efficient, but the real trouble is the control electronics. Even top of the line switching transistors typically are only 90% efficient, then you have the batteries which are only 90% efficient, and the wires which are maybe 98% efficient (depending on the size and the total system voltage). When you add it all up, electric systems are not much more efficient that ICE's. The big difference is that more than 100 years of intense research and evelopment have gone into making effective and efficient ICEs while almost no one has looked at improving electric motors until recently.
You are right however, doing the calculations based on the energy content of the gasoline is the wrong way to do it. You want to do the calculations based on the energy *output* of each type of motor, but even that is not quite accurate, since a well designed electric system does not require a transmission
It is no accident that the worlds faster RC (read as toy ) car is an electric car. With no transmission, this toy car was able to reach a top speed of 104 MPH and had sufficient low end acceleration to handle well on the race track as well. ICE's require a transmission because at low RPM they have almost no torque, and at high RPM they explode. This means that they have only a very narrow effective operational range. To extend this, transmissions are added to vehicles that use them. An electric motor however has a similar torque at almost all speeds of operation. like the ICE, electrics will fail at high RPM, but unlike the ICE that speed is much much higher for an electric motor. ICE's typically die at around 6500 RPM (10,000 RPM for race vehicles). Electric motors range anywhere from 20,000 RPM to 100,000 RPM before failure.
-=geoskd
www.geoskd.com -
missing the point
The work this fellow has done on his car does nothing to improve the fuel efficiency of his car. He is simply drawing more of the energy to drive the car from his houshold electrical supply. That electricity still had to be produced somewhere, and has its own set of inefficiencies associated with production. A typical 100 HP engine will consume 1 gallon of gas in 1/2 hour. 1 HP is roughly 800 watts. That means that one gallon of gas is roughly 40 killowatt hours. Todays electric prices ( here where I live ) are roughly $0.07 / killowatt hour. That means that for every gallon of gas he saves by using his house power, it would cost him $2.80 here in my town. Not much of a savings since gas costs about $2.60 / gallon...
The real advantage is that as the price of gas increases, the cost of electricity does not really change much. Also, in an oil crisis, countries that do not rely on oil for electricity (france) would still be able to operate their cars without interruption. So the real advantage this guy has is that when the next oil scare happens and you have to stand in line for three hours for each gallon of gas, he will be laughing as he spends his sundays relaxing instead of standing in line.
-=geoskd
www.geoskd.com -
Re:Even compared to other new non hybrids.....
.it's not worth it. You can get a non hybrid Civic for $14k that gets 32/38 milage. The hybrid Civic runs $6k more but gets 10mpg more. How many years does it take you to break even on the gas costs?
at the rate gas prices are increasing, you should break even in about 3 months...
-=geoskd
www.geoskd.com -
How to deal with this...
This presents an interesting problem.
How do we convince Linksys to play by the rules without proving to them that using open source materials was a bad idea in the first place.
If we simply force them to release the source by court action, it could make other companies very paranoid about using open source software in general, but if we let them go without obeying the rules, what kind of message does that send...
-=geoskd
www.geoskd.com -
Re:Gaming?
No, but you can cook a salmon rather well in a dishwasher.
With or without the dish liquid?
-=Geoskd
www.geoskd.com -
Benchmarking standards
The right answer to this problem is to use the same benchmarking techniques that professional software and hardware vendors use in verification. Simply use a random but recorded factor in each test. Then you can compare two seperate sets of hardware against each other for exactly the same deterministic test, but the test itself is random. That way, you can avoid being susceptable to this kind of cheat while still maintaining a fair comparison between vendors.
-=Eric
www.geoskd.com -
US First, First?
(By the way, FIRST is what most likely inspired BattleBots)
uhh, Sorry jim, but that's not correct.
-=Eric
www.geoskd.com -
Cooling your machines.
There is an easy solution which most people tend to ignore.
Seal the case with some nice silcone compound, plug up the fan hole for the power supply, and disconnect the power supply fan (you will need to short the proper jumper in the power supply which means opening it.) Then, remove the CPU fan, and any other fans, but leave the CPU heatsink.
Now fill the case with Mineral Oil.
I am running a more sophistocated setup, with a larger machine, but the results are the same. I can run my Celeron 533 at 533 indefinitely with only the hard drive and the CDROM making any noise at all! I occasionally run my machine up to 800, without having to turn on any cooling, it will run that way for almost 8 hours before it heats up enough to be dangerous, but at 533 MHz, my CPU is running at 31 Degrees Celcius, and my MOBO is at 27 Degrees Celcius. This is at room temperature. The tamk that my machine is in is warm to the touch, but not hot.
I would offer up pictures, but my machine: www.geoskd.com will be out of commision while I move for the next few days. If you try back it will probably be up by this weekend.
-=Eric Schumann -
Re:new sorta death
The company took great pains to discuss flywheel safety. As you know, there is a pretty big danger of this massive disk spinning around at high speeds and suddenly breaking apart due to physical forces and spreading shrapnel around everywhere.
Lets put it this way, 2kWH is enough to level a tank. I'm not sure what makes these guys think they can seriously contain one if it ever gets over charged. Put Mildly, a 1000 uF cap at 250 Volts holds enough energy to blow a basketball sized whole 2 inches deep out of solid concrete. This bastard hols almost 40 times the energy, and is set up to hand all of it out as pure destruction. and 2kWH is not much energy. It would only run my apt for about 12 Hours, and thats just a computer, and some lights. It would run the average houshold for maybe 2 Hours. To be truly useful, these things would have to be on the order of 2-3 hundred kWH instead which would be enough energy to level a modest sized building. The nice thing about batteries, is that when they come apart, the system colapses into a state where the energy is trapped in the chemicals, and it is only through the *precise* configuration of a working battery that they can release the energy. Flywheels by their very nature let the energy go when they come apart. So the amount of energy you can get out of a battery under fault conditions tends to be significantly less than the total energy storage of the battery. Flywheel systems give you *all* of the energy back when they have a catastrophic fault.
-=Eric
www.geoskd.com -
Re:Random Numbers
It's not just our measurements. The Heisenberg Uncertainty Priciple (which is what you're talking about) is a statement about the universe, not our ability to measure it. More and more, it is apparent that this uncertainty is not because our instruments are too crude, but that this uncertainty is inherent in nature. You can not measure well defined velocities and positions of particles on the quantum scale because they do not have well defined positions and velocities.
Heisenberg was saying absolutely nothing about the nature of matter, he was bitching about his lab equipment. The principle can be applied in a number of fascinating ways, the firt of which is getting around the limitations of his lab equipment by using large numbers of well deined events to treat them statistically instead of directly. Almost all of physics and chemistry is treated this way, and it is a remarkably successful way to get the job done. What I'm saying is that The paper which was published about the Omega number Proves without question that there can be no randomness in the universe because that contradicts a known good axiom; In fact it violates a lot of them, therefore it cant happen. The reason that quantum physics works despite its failure to be truly correct, is because the math treats the underlying events in a statistical manner.
An example: Black holes are my favorite whipping boys. First they said that you can't get out of them because the speed of light is the limit, and you need a higher velocity than c to escape. The only problem with that one is that they used newtons definition of escape velocity to apply to the black hole, but at the speeds neccesary to escape from a black hole, you get the whole relativistic effect which drammatically reduces the escape velocity . Another way to look at it is do the equations from the standpoint of escape energy instead of escape velocity, and what you get is the fact that ultra high frequencies of light (i.e. ultra high energy) has enough energy to escape a black whole. Quantum theory doesn't allow for this, so they fudged it with quantum tunnelling which is no more than a statistics treatment which when broken down defines the ratio of particles / waves (or whatever you want to call them) which have enough energy to escape a black hole. Once again, right math, wrong explanation.
Systems of particles is really thermodynamics. In quantum mechanics, you can (and do) pay attention to a single particle.
again, that is not truly the case. What they say in quantum mechanics is that we have a given particle that has a probability of being in any given point. This is the basic statement which scream statistical treatment. Its almost scary that only a few scientists have been willing to grasp this idea, and understand its implications. Hawkings understands part of it, which is why if you read any of his papers, he is rabidly against the idea that there is anything random in the universe. He believes, but can't prove that the universe is "predestined". The proof and reason why the universe has fundamental unbreakable laws is given in the Omega Number Theory.
-=Geoskd
www.geoskd.com -
Random Numbers
In a rather elegant solution the author has unwittingly proven why the Universe exists with the rules that it does.
Put simply, he used the statement: "This statement is false" to show a fundamental paradox in mathematics. As a mathematical statement, it is gobbledygook, but as a pure physical statment about the universe, it is irrelevant because this circumstance can't happen in the real universe. The result is that we can make the following general statement: "The universe exists with a set of universal and fundamentally consistent and non contradictory (read as predictable) rules because any other circumstance (including non existence) leads to a paradox". Mathematics in general says that we have fundamental rules about how numbers can exist and interact. Violation of those rules is a paradox. Rules that contradict one another are a paradox, so any rule which contradicts a known valid rule can't apply to our universe (or any universe?) The mathematical statement "this is false" is truly irrelevant because we can't construct it into a physical object, or behavior which could contradict itself. we can only express it as a vague abstract concept which cannot be applied to the real world by its very nature. Fundamentally this also destroys quantum theory, because the very notion that there can be a simple lack of rules at any level of the physical world leads to paradoxical contradictions.
But... Quantum theory works right?
Not quite, quantum theory in its simplest form is built on the idea that no matter how good our instruments, the more accurately we read the exact circumstances of an event, or small system, the more we alter it. The real power of quantum physics is that it gives us the means of treating these systems statistically without having to look at them on an individual basis.
I'm quite sure that I'll get flamed all up an down for this by the avid physicists in the crowd, but go back and look at the math that was done for the infinite numbers, and apply it to quantum theory. The whole thing collapses, without disturbing the math! The math is correct, but the reasoning behind whats causing the math is not. The math can be proven by virtue that it is consistent with the rules of a stable universe, which proves all by itself that they must be part of such a universe, and that, that universe must exist. The ramaining "non-stable math" is interesting only in a philophical way, or in the remote possibility that there exists more than one stable, but incompatible sets of rules.
-=Geoskd
www.geoskd.com -
Inverse Traceroute
A similar Idea I have heard kicked around is the ability to automatically shutdown single source flood without the need for the Administrators getting involved at all.
The idea works like this: A system realizes its getting DoS'd (a relatively simple realization. either your getting a lot of bogus return address', or you know whos flooding you...) So if you're getting a bunch of bogus address' you need a way to shut it off as close to the source as possible. So, Network hardware all up and down the spectrum needs a new protocol: call it "ADA, Anit-Denial of Service Attack protocol). This language defines a way for a node to ask the next node in the link to automatically kill packets that are coming in with bogus return address', and which are destined to go either to or through your node. The upstream node will be able to tell just by checking which trunk the data came down, and verifying that the return address is coming from that trunk. If it gets some that are invalid (more then 1% of a particular type for example), then it would ask the router along the source trunk to do the same. Each node would take about 1 to 2 minutes of statistics gathering to be able to figure out definitively where the DoS is coming from, and then could stop passing those packets along, and ask the next router upstream to do the same. The advantage is that the system is perfectly safe since you can't ask to have someone else shut down, because the router won't accept and pass on the request unless the trunk the request came from matches the trunk down which the DoS target exists. You would be vulnerable to having your connection severed against your will only if one of the routers is compromised, but by definition if a router is compromised, your connection is vulnerable anyway.
The nice thing about this system is that if you get DoS'd, and you know you're being DoS'd, you send this request upstream, and the routers will work their way back to the source until the attackers own ISP will kill the packets before they even make it one hop onto the net in general. It can be completely automated, and there is no additional risk to your connection than already exists. The protocol would require some basic info and statistics engines in the routers, but that already exists for other purposes (like load balancing). It would still allow you to send out bogus return address' but if you start flooding someone, the system will automatically lock you out from the person you're flooding.
This won't serve to stop all DoS attacks, but it will stop the morons with the instant "DoS in a can" software from being able to attack someone because they stole their IRC nick, or something equally retarded. Additionally, calling the owner of the Router would allow you to use their logs (if they will let you) to track down the perpetrator.
-=Geoskd
www.geoskd.com -
Re:What to do differently? Not much...
"What you are describing is the complete erasure, if you will, of all hardware and digital media.
What about this? *holds up his "Programming Perl" book*"
The question of what could happen to simply wipe out all technology without wiping everything else brought me to an interesting thought: By slightly altering the physical constants of the universe, you could render most existing technology (all fields) invalid without causing any real significant change to biological systems. The results of specific engineering to that effect could concievably wipe out all electronics and force us to start over. Under those conditions, the books about silicon computers would be useless, and a great deal of our semiconductor physics would have to be revised. The net result would almost a complete start over, since under the new physics, the new semiconductor of choice would need new designs to produce todays reliable results. furthermore, most textbooks regaurding high level languages would be lost before the world would return to a state where they would have some use. Without the use of a simple milling machine its very hard to build any kind of precise machinery, especially if you want the kind of optics it takes to build semiconductors. Forget most of the books on computer hardware you know, you'd have to re-invent the assembly line without so much as a single electric or gasoline motor to aid you, since you'd have to re-invent those too. Net result is it would take you so long to rebuild the base technologies, that computer technologies would be lost before the world was ready for them again.
-=Geoskd
www.geoskd.com