Dude, the internet does NOT allow anonymity. In order for you to RECEIVE any information (such as a web page), you need to divulge your address. This is the same principle behind which you must divulge your shipping address if you expect to receive packages. ITRACE doesn't take away any anonymity from average people who don't use IP spoofing. It makes IP spoofing harder. IP spoofing makes the internet worthless: you can't use it to visit web sites, you can't use it to send email, you can't use it to go on FTP sites, you can't use it to telnet, etc. It prevents you from receiving ANY information. It's the electronic equivalent of putting a fake return address on a letter. It prevents two-way communication.
That's why NOBODY but crackers use it, NO operating system supports it natively, and NO protocol works under it. Its only use is cracking.
Furthermore, anonymous proxies -- which are already the only way to be both anonymous and useful on the internet -- are unaffected by ITRACE. NOBODY lost any privacy here, except crackers.
It's unbelievable how many people on slashdot do not understand basic networking principles!
Dude, you can't browse the web using IP spoofing. You *ALREADY* need to divulge your IP to use any TCP service. That includes SMTP/POP3 (email), HTTP (web), NNTP (newsgroups), FTP, IRC, Telnet, Ssh, and *MOST* others. Furthermore, even most UDP protocols send data both ways, and IP spoofing can only be used for SENDING data, not RECEIVING it.
Most people don't use IP spoofing anyway. However, you can always use an anonymous proxy service, such as anonymizer.com. So what have we learned? (1) No privacy has been lost here, (2) you had no privacy in the first place, (3) you can GET privacy if you really want it, through proxying, which ITRACE cannot affect.
If you only send a few packets like a normal human being you won't be particularly traceable. On the other hand, a massive download is going to be quite traceable and therein lies and important question from the point of view of anonymity.
FALSE. Even ONE packet is going to be tracable, unless you're using IP spoofing. Furthermore, IP spoofing can ONLY be used to SEND information, not to RECEIVE it (and thus, NOT to "download"). You see, when you are downloading, the server is sending you data. In order to send you data, it needs to know where you are. Thus, you tell it your IP.
IP spoofing can ONLY SEND information. Its only use is ping flooding. It can't be used for HTTP (web sites), FTP, NNTP (newsgroups/USENET), SMTP or POP3 (email), or anything especially useful I can think of. All of the protocols listed above use TCP, which requires a two-way flow of information (TCP is based on *connections*, which require information to flow both ways -- they will NOT allow you to be anonymous, unless you have an anonymous proxy. Anonymous proxies are unaffected by ITRACE).
I'm of two minds about it. On the one hand, I am a big supporter of the principle that the only way to gaurantee freedom of speech on the net is to have technologically-enforced anonymity.
Well, the internet does NOT have that right now. There is NO way to receive information anonymously, on the internet. The only thing you can do is SEND it, and even then, the fact that you're sending it is ALREADY OBSERVABLE, it's just not being LOGGED.
Right, but that has nothing to do with ITRACE. anonymizer.com is not IP spoofing, it's just HTTP proxying. ITRACE only prevents IP spoofing from being anonymous, not HTTP proxying.
I don't see how this can work. Every time I log on to my ISP I'm assigned a different IP address and I'm willing to bet that they don't keep a log of these. The IP addresses on the other side of the proxy server are in the range 128.10.10.xxx which can't travel across the net anyway. Or am I talking out my a$*e here ?
You're right... However, not many DoS attacks are launched from modems, so it doesn't matter. This is meant to track serious connections that can do real damage in a DoS attack. A 56k ping flood may be enough to piss off some guy on IRC, but it's a drop in the pan to Amazon.com. Most of those serious connections are going to have static IPs.
Also, about NAT (IP MASQ) proxies: in such a case, it's the LAN administrator's problem to track down the internal culprit. But knowing the IP of the NAT gateway is at least enough to get the admin to stop sending out those packets, or to get the courts to force him to do so if he's a prick.
So now every single packet I send can be traced back to me. If I posted this as an AC, it would be possible for law enforcement to floow the leads back from slashdot all the way to my PC.
UHH, slashdot ALREADY KNOWS YOUR IP ADDRESS. You *CAN'T* make a TCP connection without revealing your IP address. IP spoofing does NOT work for TCP connections, because data has to be sent both ways to use TCP, and people can't send you data without knowing your IP address. You never had that kind of anonymity in the first place.
You're obviously not even spoofing your IP, or else you wouldn't have been able to post that. So what are you complaining about?
I'm sick and tired of good intentions being used to defend bad plans. People have gotten away with taking our guns (protected by the Third Amendment) and our freedom of speech to talk about drugs (protected by the First Amendment). We can't let take them our right to privacy too.
The majority of net users do not conduct DDoS attacks. Therefore, there is no need for an anti-DoS ICMP.
If you understood the technology here, you would realize that UNLESS YOU'RE USING IP SPOOFING, ITRACE WILL NOT AFFECT YOU. All that ITRACE does is make IP SPOOFING much more difficult. The majority of net users do not use IP spoofing. And the majority of net users who do use IP spoofing ARE using it to do illegal things.
The ability to know the IP of the person sending you packets is NOT a privacy violation. There are already ways to send information anonymously; what possibly use could IP spoofing have?
On the other hand there is no way to find out exact size of the topmost window on X
The program "xwininfo" can do this. I suggest you look at its source code to find out how you can do it in your own programs.
There is no way to minimize window etc...
What the hell do you mean? The gnome panel (as well as almost every task-lisk program I've ever seen) does this. I suggest you look at its source code to find out how you can do it in your own programs. (And yes, it works on non-GNOME apps). Have you ever used Unix??
If one wants to implement MID app there is no way to make sure that children windows have the same decorations as main window.
OK, you've got me on that one -- I only knwo one window manager that supports that feature (sawmill). But then, in Windows all the window decorations are the same no matter what (same as many window managers for X). So I don't really see why Windows is superior in that matter.
Cut and paste is simply broken. There are standards for it but so f*** what ? It doesn't work, plain and simple.
Where can I get Alphanumeric? Does it work on unix? I once saw a persistence-addon for Netscape, but it was Windows-only IIRC...
Last time I used Mozilla, the mouse was not optional, or at least use of the keyboard was tedious and unintuitive, if possible. Glad to hear this has changed. Unfortunately, the functionality that I really need to use often (and thus need in the toolbar or bound to keys) is the stuff that doesn't exist, listed under feature #1.
Just remembered another one: INTELLIGENT LINE-WRAPPING. If there's an image or text box or whatever in a page that's 800 pixels wide and my browser is only 500 pixels wide, WRAP THE TEXT AT 500 PIXELS, NOT 800 PIXELS. I shouldn't have to scroll back and forth for every line. It makes the page unreadable. I should only have to scroll to see the image that's too big, not for everything else on the page just because of that one stupid image... In fact, the image could scroll independently without scrolling the rest of the text at all (i.e. the image would have its own scroll bar like a text box, or at least act like it did).
Speaking of images, it would be nice to be able to unload an image after it's been loaded, say if it's an advertisement or something. Meta-H, click the image, and boom it's gone. Meta-B, click the image, and it's gone and on the blockfile. Pretty good, eh?
The source was the New York Times, which I know isn't infallible, but it's not a "pro-drug propaganda" newspaper. Oh, do you mean you don't trust WEB SITE THAT REPORTED THE INFORMATION because THE WEB SITE is pro-drug propaganda? Gimme a break. The web site is not the source, the NYT is the source.
`` Source: Jack E. Henningfield, Ph.D. for NIDA. Reported by: Philip J. Hilts, New York Times, Aug. 2, 1994 "Is Nicotine Addictive? It Depends on Whose Criteria You Use." ''
In order from what I want most to what I would just prefer.
Ability to disable ALL html/javascript/etc features, per site/wildcard/regexp, through a blocklist.
I don't want images on Slashdot, except for the one slashdot.org logo, I don't want Javascript popups to work on geocities. I don't want Java anywhere, except for two specific sites. I want all font size and color information to be ignored on all sites, except for three specific sites. Etc.
Persistence.
This is direly needed feature for an unstable web browser. If you can't have stability -- and you probably can't with any modern graphical browser -- HAVE PERSISTENCE. When Mozilla crashes -- and it will -- it should start back up exactly how it was last. Every new window or changed URL or text box should be logged whenever it is changed. When Mozilla crashes in the middle of a 450+ word slashdot post (such as this), I want to start it back up with that 450 word post exactly where it was at the crash (or perhaps 5 seconds out of date). And of course all the windows should start up with all the URLs I was at. I have 8 NS windows up right now, and I won't be able to remember all those urls if NS crashes. It'd be a hassle to open them all again even if I could remember.
Keyboard control.
I want to be able to bind keys to whichever functions I want, and I want functions available that are valuable. Numbered links would be nice, like in lynx. Mouse should be entirely optional for all functionality.
Useful, configurable, toolbar.
I want to be able to add buttons to the toolbar and bind them to whatever I can bind keys to. Like [add current URL to javascript blocklist] or [disable javascript in this window].
Custom interface to select websites (esp. searches).
I want to be able to be able to bind a key to pop up a window for a google.com search, another for raging.com search, dmoz.org search, etc, that pop up a window instead of loading the page (fast as they may be, there is no need to load them) and I want Mozilla to convert the information to a format it understands and display it in whatever format I like.
I don't want themes, I don't want a built-in irc client, I don't want an email client, I don't want a newsreader, I don't want a window manager, I don't want a high-availability database server, or whatever other crap AOL is putting in Mozilla.
Well, that's *my* list. I don't mean to bark demands or complain -- they're just my personal preferences. Anyone else agree with any of that? Anyone have any other ideas I couldn't think of?
Trademark laws at the moment do a good job of protecting trademark owners from people registering domains in their name. Think about it, why do we need to segregate trademarks from non trademarks when a trademark is only awarded if it is unique enough to be used by a company as a name, there really should not be any conflict with domain names.
Uhh, no they don't, because more than two companies can trademark the same name. There are multiple namespaces for tradmarks: movies, books, computer resellers, food resellers, etc. You can have an Apple(tm) Speaker Co and an Apple(tm) Computer Co. Which one gets apple.com? Whoever signs up first! Unacceptable.
apple.speakers.tm apple.comptuers.tm
That's how it needs to be.
Hyphens and spaces are an issue for the developers of the HTTP and DNS protocols. There is a good reason why they are/aren't accepted and changing these would break a LOT of code.
Adding the failover would break *all* the code anyway.
The hyphen is accepted as a substitute for a space, and having a hyphen in a URL is no easier to read than having spaces. The current system works. Why you believe that hyphens should not be used on the DNS side of things confuses me.
I don't think you understood me. Both hyphens and spaces should be ignored, just like case is. That way if I say "world of dawkins dot com" people don't have to worry about whether to type "world-of-dawkins.com" (which is correct) or "worldofdawkins.com" (which is not).
I don't understand why www. is such a bonehead move. www, being World Wide Web, is much more descriptive as an acronym than Web. Dropping the prefix may be fine if you run all your services on the one machine, but there will always be the problem of people prefixing addresses with www. This seems hardly worth the 4 less characters to type.
It's not about 4 characters, it's about 9 syllables (10 if you count the dot). It makes it too tedious to speak an URL. Already people drop the "www" off verbal references to sites when the www is necessary. "www.ebay.com" is twice as long, when pronounced, as "ebay.com". "ebay.auction.tm" would be fewer syllables than "www.ebay.com" and describes far more information. And dropping the prefix ONLY FOR WWW would not require you to run all your services on the same machine. Anyway, DNS should have port ranges so that one lookup of a machine tells you where to go for *all* services related to that machine. i.e. port 80 -> 192.168.1.2 ports 20-21 -> 192.168.1.3, etc.
If I understand your DNS failover at the client point, I believe it is called caching and already exists. How a client can locate a device via an IP address it doesn't have because the DNS server is down beats me.
No, you don't understand. I'm not talking about failover of DNS servers at the client, which already exists (just add another name to resolv.conf). I mean that if slashdot.org is at two IPs, 192.168.1.1 and 192.168.1.2, I should be able to type in "web.slashdot.org" and DNS should provide me the information necessary to automatically go to 192.168.1.2 if 192.168.1.1 is down and vice versa. Right now, Slashdot has an HTTP balancing switch that costs thousands of dollars that does this. If that switch breaks -- and it did once in the past -- human intervention is required to end the downtime. My system would end the need for that switch, end the need for that downtime, and end the need for human intervention.
And for the final paragraph. The port is irrelevant, the client should know to go to the pop-3 port if it is retrieving mail via pop3.
Once again you misunderstand. I don't want DNS to describe the ports, I want it to have ONE entry that tells you where to go to get a service.
i.e. instead of two nslookups where www.slashdot.org returns one IP of 192.168.1.2 that is an HTTP switch with 3 servers with failover behind it, and nslookup of mail.slashdot.org returns 192.168.1.1, I nslookup slashdot.org and it tells me all the information I need:
ports 80,8080,443 -> 192.168.1.{3,4,5} (for web services with failover) ports 109,110,143,220,993,995,1109 -> 192.168.1.1 (for mail services (without failover))
(Of course, you could save bandwidth by nslookup only slashdot.org:1109 if that's the port you wanted to use. But that's just detail... the main idea is there)
If you had one news server for internal news, and another as an internet newsfeed, there would be problems.
I don't see how that would cause problems. What I'm talking about is having each domain, instead of resolving a name to a specific machine, resolve a *set* of *services* to a *set* of machines. If you want two separate services, though, you would just use two different domains. This is already necessary. Where's the problem? You'd have slashdot.org whose news port would resolve to one IP, and internal.slashdot.org whose news port would resolve to another IP. I don't see the problem.
No, you're wrong, you can't do that with a firewall, because a firewall is a SPOF. I want a machine in LA and one in NYC, and I want people on the east cost to try NYC and failover to LA, and vice versa. If there's an earthquake in LA, I don't want a single second of downtime. If my firewall goes out, I don't want downtime. It's an unassailable fact -- the only absolutely technologically necessary SPOF in all cases is the client. If that's not where the failover is, then you will have more SPOFs than are necessary, and that means downtime, which is unacceptable.
And round-robin doesn't work like that at all. Each IP is in fact a SPOF -- if its down, the client that gets it will just timeout. That would be fine if the timeout were, say, 2 seconds and it automatically switched to another IP, but its generally 15+ and it doesn't automatically switch. That's downtime, not failover.
alcohol isn't addictive, although there is a gene that can facilitate addiction to alcohol (read: alcoholism) - technically speaking, alcohol isn't an addictive substance
Uhh, YES, alcohol is addictive, far more than caffeine in every category. See this chart of addictive properties of drugs. It compares Nicotine, Heroin, Cocaine, Alcohol, Caffeine, and Marijuana.
Also, regarding that comment about a "gene that can facilitate addiction to alcohol", I'd love to hear exactly what this gene is, and the name of the protein to which it maps.
but then you have to know what company is producing the movie. That sucks. They need to just use the trademark namespaces:
xmen.movie.trademark
Because I shouldn't need to know the producer to find a movie with a unique name. I'm going to have to use a search engine either way, if that's the case.
then have every other possible TLD 15 letters or less be allowed *only* for non-trademarks. There would be no squatting either for trademark or non-trademark that way. The entire system would self-organize not around one common TLD that everyone has heard about, but TLDs that are English words anyone can communicate and remember, and the well-organized TM namespace for companies.
(also, they should get rid of the hyphen, but allow hyphens and spaces (and etc) to be used by clients but ignored by DNS servers -- domains should be made easy (possible?) to prounounce, remember, and read, at the same time. Ignoring some punctuation, much as it already ignores case, seems like the best way to do that).
Also, we need to lose www. What a fucking bonehead move. Use fscking web. Or better yet, have web be the default service -- forget the subnet altogether.
And DNS should have allow a failover mechanism at the client. The client is the only SPOF that is absolutely technologically necessary in all situations. That's where the redundancy should be.
Actually, if you made DNS a little smarter you could have it return a list of IPs each with port ranges and failovers etc. Then the client could go to the correct IP for the pop-3 port, without having to use mail.blah.net and news.blah.net instead of just blah.net (or blah.isp, damnit, blah.isp). And if news.blah.net it would just try news2.blah.net, etc.
Nothing can remove it *COMPLETELY*, but the GPL can remove it *FOR THE MOST PART*, whereas BSD doesn't remove it at all. And, about reading without including code directly -- certainly no lawyer would allow that. Just as dangerous as reading patents. MSFT certainly doesn't allow its employees to read GPL'd code, and I wouldn't expect any major software firm to be different.
Of course it's not better for the users to have no choice, but it's better for the users to have both. The non-existence of a high-quality solution, where one is necessary, is usually enough to motivate its creation. Removing the ability of someone to create a proprietary solution probably doesn't mean that they will instead produce a free solution -- even though this has been known to happen -- but it *does* provide benefits to those creating a free solution.
No you couldn't, because only real hardware manufacturers would be given the information necessary to decrypt -- NOT VMware, or anyone else who would put the information into software or some equally easy-to-reverse-engineer product.
Someone will, and they'll put the music on the freenet. Also, there will always be some company that is willing to ignore watermarks, build watermark-removal filters, etc. Even if it's illegal, some international company will.
You're missing the point... The software doesn't get the capability to decrypt the mp3 at all. Rather, the hardware has a/dev/encrypted_dsp. You stream the mp3 into the sound hardware still encrypted, and the sound hardware decrypts it.
So take the leads off the speakers and splice them into a wire, and plug it into a soundcard's "line in". Even given that they can control all the hardware in the world, you will always be able to do that, it's just the way that speakers work. Also, you could use a microphone (if say all the speakers contained some form of bomb or mine triggered by opening them).
Slashdot Mirror
That's why NOBODY but crackers use it, NO operating system supports it natively, and NO protocol works under it. Its only use is cracking.
Furthermore, anonymous proxies -- which are already the only way to be both anonymous and useful on the internet -- are unaffected by ITRACE. NOBODY lost any privacy here, except crackers.
It's unbelievable how many people on slashdot do not understand basic networking principles!
Most people don't use IP spoofing anyway. However, you can always use an anonymous proxy service, such as anonymizer.com. So what have we learned? (1) No privacy has been lost here, (2) you had no privacy in the first place, (3) you can GET privacy if you really want it, through proxying, which ITRACE cannot affect.
IP spoofing can ONLY SEND information. Its only use is ping flooding. It can't be used for HTTP (web sites), FTP, NNTP (newsgroups/USENET), SMTP or POP3 (email), or anything especially useful I can think of. All of the protocols listed above use TCP, which requires a two-way flow of information (TCP is based on *connections*, which require information to flow both ways -- they will NOT allow you to be anonymous, unless you have an anonymous proxy. Anonymous proxies are unaffected by ITRACE).
Well, the internet does NOT have that right now. There is NO way to receive information anonymously, on the internet. The only thing you can do is SEND it, and even then, the fact that you're sending it is ALREADY OBSERVABLE, it's just not being LOGGED.Right, but that has nothing to do with ITRACE. anonymizer.com is not IP spoofing, it's just HTTP proxying. ITRACE only prevents IP spoofing from being anonymous, not HTTP proxying.
Also, about NAT (IP MASQ) proxies: in such a case, it's the LAN administrator's problem to track down the internal culprit. But knowing the IP of the NAT gateway is at least enough to get the admin to stop sending out those packets, or to get the courts to force him to do so if he's a prick.
You're obviously not even spoofing your IP, or else you wouldn't have been able to post that. So what are you complaining about?
The ability to know the IP of the person sending you packets is NOT a privacy violation. There are already ways to send information anonymously; what possibly use could IP spoofing have?
The program "xwininfo" can do this. I suggest you look at its source code to find out how you can do it in your own programs.
There is no way to minimize window etc ...
What the hell do you mean? The gnome panel (as well as almost every task-lisk program I've ever seen) does this. I suggest you look at its source code to find out how you can do it in your own programs. (And yes, it works on non-GNOME apps). Have you ever used Unix??
If one wants to implement MID app there is no way to make sure that children windows have the same decorations as main window.
OK, you've got me on that one -- I only knwo one window manager that supports that feature (sawmill). But then, in Windows all the window decorations are the same no matter what (same as many window managers for X). So I don't really see why Windows is superior in that matter.
Cut and paste is simply broken. There are standards for it but so f*** what ? It doesn't work, plain and simple.
Hmm, so how did I quote you in this post?
Last time I used Mozilla, the mouse was not optional, or at least use of the keyboard was tedious and unintuitive, if possible. Glad to hear this has changed. Unfortunately, the functionality that I really need to use often (and thus need in the toolbar or bound to keys) is the stuff that doesn't exist, listed under feature #1.
Speaking of images, it would be nice to be able to unload an image after it's been loaded, say if it's an advertisement or something. Meta-H, click the image, and boom it's gone. Meta-B, click the image, and it's gone and on the blockfile. Pretty good, eh?
`` Source: Jack E. Henningfield, Ph.D. for NIDA. Reported by: Philip J. Hilts, New York Times, Aug. 2, 1994 "Is Nicotine Addictive? It Depends on Whose Criteria You Use." ''
- Ability to disable ALL html/javascript/etc features, per site/wildcard/regexp, through a blocklist.
- Persistence.
- Keyboard control.
- Useful, configurable, toolbar.
- Custom interface to select websites (esp. searches).
- I don't want themes, I don't want a built-in irc client, I don't want an email client, I don't want a newsreader, I don't want a window manager, I don't want a high-availability database server, or whatever other crap AOL is putting in Mozilla.
Well, that's *my* list. I don't mean to bark demands or complain -- they're just my personal preferences. Anyone else agree with any of that? Anyone have any other ideas I couldn't think of?I don't want images on Slashdot, except for the one slashdot.org logo, I don't want Javascript popups to work on geocities. I don't want Java anywhere, except for two specific sites. I want all font size and color information to be ignored on all sites, except for three specific sites. Etc.
This is direly needed feature for an unstable web browser. If you can't have stability -- and you probably can't with any modern graphical browser -- HAVE PERSISTENCE. When Mozilla crashes -- and it will -- it should start back up exactly how it was last. Every new window or changed URL or text box should be logged whenever it is changed. When Mozilla crashes in the middle of a 450+ word slashdot post (such as this), I want to start it back up with that 450 word post exactly where it was at the crash (or perhaps 5 seconds out of date). And of course all the windows should start up with all the URLs I was at. I have 8 NS windows up right now, and I won't be able to remember all those urls if NS crashes. It'd be a hassle to open them all again even if I could remember.
I want to be able to bind keys to whichever functions I want, and I want functions available that are valuable. Numbered links would be nice, like in lynx. Mouse should be entirely optional for all functionality.
I want to be able to add buttons to the toolbar and bind them to whatever I can bind keys to. Like [add current URL to javascript blocklist] or [disable javascript in this window].
I want to be able to be able to bind a key to pop up a window for a google.com search, another for raging.com search, dmoz.org search, etc, that pop up a window instead of loading the page (fast as they may be, there is no need to load them) and I want Mozilla to convert the information to a format it understands and display it in whatever format I like.
apple.speakers.tm
apple.comptuers.tm
That's how it needs to be.
Adding the failover would break *all* the code anyway. I don't think you understood me. Both hyphens and spaces should be ignored, just like case is. That way if I say "world of dawkins dot com" people don't have to worry about whether to type "world-of-dawkins.com" (which is correct) or "worldofdawkins.com" (which is not). It's not about 4 characters, it's about 9 syllables (10 if you count the dot). It makes it too tedious to speak an URL. Already people drop the "www" off verbal references to sites when the www is necessary. "www.ebay.com" is twice as long, when pronounced, as "ebay.com". "ebay.auction.tm" would be fewer syllables than "www.ebay.com" and describes far more information. And dropping the prefix ONLY FOR WWW would not require you to run all your services on the same machine. Anyway, DNS should have port ranges so that one lookup of a machine tells you where to go for *all* services related to that machine. i.e. port 80 -> 192.168.1.2 ports 20-21 -> 192.168.1.3, etc. No, you don't understand. I'm not talking about failover of DNS servers at the client, which already exists (just add another name to resolv.conf). I mean that if slashdot.org is at two IPs, 192.168.1.1 and 192.168.1.2, I should be able to type in "web.slashdot.org" and DNS should provide me the information necessary to automatically go to 192.168.1.2 if 192.168.1.1 is down and vice versa. Right now, Slashdot has an HTTP balancing switch that costs thousands of dollars that does this. If that switch breaks -- and it did once in the past -- human intervention is required to end the downtime. My system would end the need for that switch, end the need for that downtime, and end the need for human intervention. Once again you misunderstand. I don't want DNS to describe the ports, I want it to have ONE entry that tells you where to go to get a service.i.e. instead of two nslookups where www.slashdot.org returns one IP of 192.168.1.2 that is an HTTP switch with 3 servers with failover behind it, and nslookup of mail.slashdot.org returns 192.168.1.1, I nslookup slashdot.org and it tells me all the information I need:
ports 80,8080,443 -> 192.168.1.{3,4,5} (for web services with failover)
ports 109,110,143,220,993,995,1109 -> 192.168.1.1 (for mail services (without failover))
(Of course, you could save bandwidth by nslookup only slashdot.org:1109 if that's the port you wanted to use. But that's just detail... the main idea is there)
I don't see how that would cause problems. What I'm talking about is having each domain, instead of resolving a name to a specific machine, resolve a *set* of *services* to a *set* of machines. If you want two separate services, though, you would just use two different domains. This is already necessary. Where's the problem? You'd have slashdot.org whose news port would resolve to one IP, and internal.slashdot.org whose news port would resolve to another IP. I don't see the problem.And round-robin doesn't work like that at all. Each IP is in fact a SPOF -- if its down, the client that gets it will just timeout. That would be fine if the timeout were, say, 2 seconds and it automatically switched to another IP, but its generally 15+ and it doesn't automatically switch. That's downtime, not failover.
Also, regarding that comment about a "gene that can facilitate addiction to alcohol", I'd love to hear exactly what this gene is, and the name of the protein to which it maps.
xmen.movie.trademark
Because I shouldn't need to know the producer to find a movie with a unique name. I'm going to have to use a search engine either way, if that's the case.
then have every other possible TLD 15 letters or less be allowed *only* for non-trademarks. There would be no squatting either for trademark or non-trademark that way. The entire system would self-organize not around one common TLD that everyone has heard about, but TLDs that are English words anyone can communicate and remember, and the well-organized TM namespace for companies.
(also, they should get rid of the hyphen, but allow hyphens and spaces (and etc) to be used by clients but ignored by DNS servers -- domains should be made easy (possible?) to prounounce, remember, and read, at the same time. Ignoring some punctuation, much as it already ignores case, seems like the best way to do that).
Also, we need to lose www. What a fucking bonehead move. Use fscking web. Or better yet, have web be the default service -- forget the subnet altogether.
And DNS should have allow a failover mechanism at the client. The client is the only SPOF that is absolutely technologically necessary in all situations. That's where the redundancy should be.
Actually, if you made DNS a little smarter you could have it return a list of IPs each with port ranges and failovers etc. Then the client could go to the correct IP for the pop-3 port, without having to use mail.blah.net and news.blah.net instead of just blah.net (or blah.isp, damnit, blah.isp). And if news.blah.net it would just try news2.blah.net, etc.
What are you talking about? I never said the OS had to be GPL'd, I said "the GCC port" had to be.
Of course it's not better for the users to have no choice, but it's better for the users to have both. The non-existence of a high-quality solution, where one is necessary, is usually enough to motivate its creation. Removing the ability of someone to create a proprietary solution probably doesn't mean that they will instead produce a free solution -- even though this has been known to happen -- but it *does* provide benefits to those creating a free solution.
No you couldn't, because only real hardware manufacturers would be given the information necessary to decrypt -- NOT VMware, or anyone else who would put the information into software or some equally easy-to-reverse-engineer product.
Someone will, and they'll put the music on the freenet. Also, there will always be some company that is willing to ignore watermarks, build watermark-removal filters, etc. Even if it's illegal, some international company will.
Incorrect, because opening the speakers triggers a self-destruct mechanism. Heheheh.
You're missing the point... The software doesn't get the capability to decrypt the mp3 at all. Rather, the hardware has a /dev/encrypted_dsp. You stream the mp3 into the sound hardware still encrypted, and the sound hardware decrypts it.
So take the leads off the speakers and splice them into a wire, and plug it into a soundcard's "line in". Even given that they can control all the hardware in the world, you will always be able to do that, it's just the way that speakers work. Also, you could use a microphone (if say all the speakers contained some form of bomb or mine triggered by opening them).