This works for any upstream sessions that you initiate, and those downstream sessions that are controlled by e.g. TCP sliding windows.
Downstream bandwidth limits don't help much. If compromized nodes DDoS you from outside, the only thing that helps is to have packet filtering for sources that trigger the alarms based on traffic patterns matching known attacks.
All this downstream packet processing loads your ISPs access router and may easily produce false alarms, filtering traffic that you want to have. Managing the access router filter on a case by case basis from your own node would increase the complexity of the system, so not feasible either.
Seems the ISP just has to cut the troublemakers out if it can to attack the source of the problem
Thats not what the experts said- they said that the default is to not encrypt. There is nothing to stop you from encrypting the whole packet as long as you leave the MPLS label alone.
Of course, but the customer either is not aware of the lack of encryption or you have to add one more layer to the processing of packets.
This new layer of complexity amounts to checking the first couple of bits of a packet to see if it has an MPLS shim or not. Thats not a whole lot of complexity or cost.
The mechanism in LSRs is not complex. It is the management of the various flows.
The source and destination addresses can identify flows most of the time, but its expensive to maintian that rule base and to identify a packet. And if you want more accuracy, you have to add more dimensions to your rule base (src port and dest port for example), and it gets even worse. The best algorithms out there do it in O(n), but the lookup of an MPLS label is done in constant time.
With IPv6, the core routers can efficiently forward packets based on e.g./24 or/32 matches without extra lower (2.5 or 2) layer MPLS and the level of detail increases as network edge approaches. I strongly doubt if anyone would use MPLS to separate individual services, so port level accuracy is not an issue. If the VPN gateways want to use labels for identification, they can still use IPv6 flow label field (although this is unnecessary, given the intrinsic route aggregation).
Sure MPLS can do lots of nice things, but at what cost? Complexity adds a new layer that is partly overlapping with normal IP layer functionalities, eating resources and causing extra management work. The much advertised QoS (apart from straight forward load-balancing) requires rules in LSRs that can differentiate between all the various quality levels of flows. IP headers already have 8 bit TOS/TC fields to carry QoS preference info, and src/dst addresses identify individual flows uniquely enough. IPv6 address aggregation (sometimes also CIDR) allows you to identiufy traffic from/to entire providers or corporate entities with one entry.
As the experts in the nwfusion article (http://www.nwfusion.com/news/2001/0806mpls.html)
state, MPLS based VPNs are not inherently secure because there's no encryption. But if our random provider or end user organization is not afraid of these minor issues (complexity, poor scalability, management difficulties and costs, ability to do the same with just IP, lack of security, need to have MPLS widely implemented, dependence on fewer vendors) then I guess they can go for it.
The reaction of the world that does apply IPR towards the countries that don't could be similar to the reaction that the growing offshore tax evasion has. It has been neglected for a long time because it was only easily available to few wealthy money launderers. However, the marketing and account creation mechanisms improved to the extent that the provisioning of virtual holding companies and anonymous accounts in these countries have created an industry. The target group has broadened to include even upper middle class citizens in the western world.
Now, some EU members have been discussing about forcing countries such a Liechtenstein, Andorra and others to improve regulations and their implementation, or face sanctions.
- chapter 4, rule 7: Prefer anonymous addresses
- these are the ones where you generate a sequence of random 64 bit suffixes from the original ID, mentioned in this draft:
I certainly hope so, but you have to try and pull the right strings to make this something more than just a geek thing that doesn't wake people up. To influence the decision makers (read: politicians) it is not enough to publish something in the web. These people think that a topic is important if they can read it in the major newspapers. And it's not the poor little IT professionals they care about. It's economy and national competence, the future success of a country and its businesses (or that's what they should be interested in, to benefit voters).
I approached a major Finnish newspaper (Finns consider it an institution, if you would say) with the suggestion that they should write an article in a way that laymen understand for the following reasons:
-These patents threaten the success of small Finnish IT companies, who have to hire an army of lawyers, or perish. Besides, Finnish is not going to be one of the languages that can be used in the patent filing.
-Many methods have already been patented in USA and Japan and it is logical that the protection for these would easily be expanded to cover Europe. European companies are worse off.
-The public sector is currently actively trying to find ways to develop and make public services available over the internet, or utilizing telecommunications and computers (education, care of the elderly, etc.). Patents can prevent the use of these methods even for non-profit government activities.
The issue is not a new one. However, there are great economic values at stake yet so few people are aware of these and can portray the consequences of bad decisions! It should be interesting for small investors (not professionals, but common folks) that the share price of those highly popular IT companies (reflecting expectations) could be seriously affected by this. Therefore this is certainly worth an article.
Let's keep the thumbs up that these concerns get mainstream media coverage!
I find this thread rather interesting. Taxation has been around for millennia, and people have always been complaining about it. Up until now, it has been relatively easy to implement because people have remained in the same locations and the consumed goods have been usually physical in nature. Evolution towards service and information driven global economy makes it difficult for the state to control individual miniature work sessions, purchases and flows of payments. Therefore unless you have tremendous power to influence the market, you eventually have to give up to uncontrollable, wide scale but individually small import/export. The consequence is that you lose your taxation base, the money left to corporations and individual consumers. This is actually transfer of wealth from those who don't know how to use the mechanism of avoiding taxes. As long as that group of people hasn't had too large proportion of the combined consuming power of the state, you can accept this as unwanted but inevitable churn. With internet connectivity, it is easier for consumers to start making deals with companies on the other side of the world (or the border). Legitimate improvement in delivery of physical goods allows cost efficient transport of the purchases and hides the untaxed shipments in a huge volume of taxed ones. So it is clear that it is time to fight back to conserve the income sources. The traditional separation of European economy from others is also nicely visible here: apart from European companies, much of the profits will flow to Asia or Americas where there is less taxation (because there is less tendency to even out income differences). It's money lost to competitors. I would say that we Europeans are more concerned on environmentally sound, sustainable development and the taxation of products follows that reasoning. So I would definitely go for pure sales tax (actually EU is attempting to unify the various VATs in EU countries to ca. 25%), as loong as wide scale tax evasion by smugglers is prevented. Income tax is a remnant from past centuries (there was no way to control the volumes and values of sold goods, and no production industries) that is only in use because the efficient taxation mechanism exists and it is widely accepted (even if not preferred:). Property tax is really a continuation of income tax progression and should only apply to those that quite clearly have more money than they can spend on normal life. As long as the money is spent on acceptable life improvement (housing, hobbies, tourism, nice gizmos, personal stuff etc.) it stays in circulation and is eventually paid to other individuals as salaries. You must reward successful entrepreneurs and let them enjoy hard earned moneyt. But if the money is only used as luxury or as capital for investments to further increase the amount of money that will not be used for any other purpose than to increase the wealth of the individual, I think it is just to tax property. On the other hand, there is often a smooth degeneration in the family lineage so heirs of wealth will easily spend even big fortunes on luxury life and bad investments, so things will even out in the long run. Heh, I wonder if I will be the one generating wealth or merely consuming it during my lifetime;)
To make one corporation operate more efficiently (and thus produce profits for its owners) it has to have better systems for providing services to its customers than its competitors. Another competitive advantage comes from the possibility of expanding operations into new fields, ie. integrating different automatic service creation and provisioning systems.
To do all this manually would be nonsense. Therefore, successive generations of AI solutions in one form or the other will be required. So we see that machine intelligence and evolution is a by-product of human drive towards the capitalist goal of making more money (which in itself is not a bad thing).
Virii, bacteria etc. only spread with their hosts who provide distinct biological environments that they are best suited to.
However, the various strains of these ultimate gone-astray nanites would just rip off atoms or molecules from any matter available, thus being independent of the environment.
Of course, the ones trapped inside a layer of other nanites would have no access to energy and thus no replication, and those closest to surface would be tearing each other to pieces while replicating.
But those that would be on the edge of this sea of nanites would definitely consume any virgin resources of humans, animals, plants and soil.
Basic rule of evolution, survival of the fittest will definitely be a threat to the current version of human race. If we intend to have efficient AI, then we have to give it the freedom to evolve into something better - by mutation, feedback etc.
The question is then: what is considered evolution and who defines this? If we let the AI reason the best way of doing things, then it will see that to accomplish its goals it should increase the resources it has available. This can be computation power, information, lack of competitors, fault tolerance against natural or intentional (human-driven) damages.
So eventually the same rules that make the AI useful may also drive it against the structures that limit its evolution. These structures are the already existing obsolete humans, organizations and industrial systems.
Which brings us to the starting point: new technology itself introduces both the benefits and the threats to human existence. These are inseparable but so far the progress has been heavily bound into developments in the physical world. When we separate the core of technical development from that by enabling evolution of information itself, problems multiply.
Flow of information is hard to control by humans who will have to rely on complicated systems that can eventually be managed by more or less evolved AIs. Then we have to either update ourselves or hope that we really know what the systems we create are capable of.
US based funds hold significant positions in many European companies. If US intelligence is producing competitive advantages for companies with their HQ in US, then this will damage the property of other US citizens who have an interest in the European companies. Even more so once the barriers of entry into foreign exchanges are lifted in a couple of years. So is it the American jobs that count or the capital/ownership?
Slashdot Mirror
This works for any upstream sessions that you initiate, and those downstream sessions that are controlled by e.g. TCP sliding windows.
Downstream bandwidth limits don't help much. If compromized nodes DDoS you from outside, the only thing that helps is to have packet filtering for sources that trigger the alarms based on traffic patterns matching known attacks.
All this downstream packet processing loads your ISPs access router and may easily produce false alarms, filtering traffic that you want to have. Managing the access router filter on a case by case basis from your own node would increase the complexity of the system, so not feasible either.
Seems the ISP just has to cut the troublemakers out if it can to attack the source of the problem
Thats not what the experts said- they said that the default is to not encrypt. There is nothing to stop you from encrypting the whole packet as long as you leave the MPLS label alone.
Of course, but the customer either is not aware of the lack of encryption or you have to add one more layer to the processing of packets.
This new layer of complexity amounts to checking the first couple of bits of a packet to see if it has an MPLS shim or not. Thats not a whole lot of complexity or cost.
The mechanism in LSRs is not complex. It is the management of the various flows.
The source and destination addresses can identify flows most of the time, but its expensive to maintian that rule base and to identify a packet. And if you want more accuracy, you have to add more dimensions to your rule base (src port and dest port for example), and it gets even worse. The best algorithms out there do it in O(n), but the lookup of an MPLS label is done in constant time.
With IPv6, the core routers can efficiently forward packets based on e.g. /24 or /32 matches without extra lower (2.5 or 2) layer MPLS and the level of detail increases as network edge approaches. I strongly doubt if anyone would use MPLS to separate individual services, so port level accuracy is not an issue. If the VPN gateways want to use labels for identification, they can still use IPv6 flow label field (although this is unnecessary, given the intrinsic route aggregation).
Sure MPLS can do lots of nice things, but at what cost? Complexity adds a new layer that is partly overlapping with normal IP layer functionalities, eating resources and causing extra management work. The much advertised QoS (apart from straight forward load-balancing) requires rules in LSRs that can differentiate between all the various quality levels of flows. IP headers already have 8 bit TOS/TC fields to carry QoS preference info, and src/dst addresses identify individual flows uniquely enough. IPv6 address aggregation (sometimes also CIDR) allows you to identiufy traffic from/to entire providers or corporate entities with one entry.
As the experts in the nwfusion article (http://www.nwfusion.com/news/2001/0806mpls.html) state, MPLS based VPNs are not inherently secure because there's no encryption. But if our random provider or end user organization is not afraid of these minor issues (complexity, poor scalability, management difficulties and costs, ability to do the same with just IP, lack of security, need to have MPLS widely implemented, dependence on fewer vendors) then I guess they can go for it.
The reaction of the world that does apply IPR towards the countries that don't could be similar to the reaction that the growing offshore tax evasion has. It has been neglected for a long time because it was only easily available to few wealthy money launderers. However, the marketing and account creation mechanisms improved to the extent that the provisioning of virtual holding companies and anonymous accounts in these countries have created an industry. The target group has broadened to include even upper middle class citizens in the western world.
Now, some EU members have been discussing about forcing countries such a Liechtenstein, Andorra and others to improve regulations and their implementation, or face sanctions.
This could be the way to go with IPR as well.
Yes, a globally unique interface ID allows quite nice tracking based on IPv6 addresses alone.
i pngwg-default-addr-select-01.txt
i pngwg-addrconf-privacy-03.txt
But, look at a couple of drafts for remedies:
http://www.ietf.org/internet-drafts/draft-ietf-
- chapter 4, rule 7: Prefer anonymous addresses
- these are the ones where you generate a sequence of random 64 bit suffixes from the original ID, mentioned in this draft:
http://www.ietf.org/internet-drafts/draft-ietf-
- explains the procedure for creating those random IDs, see chapter 3.3
So people are working on these issues, no panic.
I certainly hope so, but you have to try and pull the right strings to make this something more than just a geek thing that doesn't wake people up. To influence the decision makers (read: politicians) it is not enough to publish something in the web. These people think that a topic is important if they can read it in the major newspapers. And it's not the poor little IT professionals they care about. It's economy and national competence, the future success of a country and its businesses (or that's what they should be interested in, to benefit voters).
I approached a major Finnish newspaper (Finns consider it an institution, if you would say) with the suggestion that they should write an article in a way that laymen understand for the following reasons:
-These patents threaten the success of small Finnish IT companies, who have to hire an army of lawyers, or perish. Besides, Finnish is not going to be one of the languages that can be used in the patent filing.
-Many methods have already been patented in USA and Japan and it is logical that the protection for these would easily be expanded to cover Europe. European companies are worse off.
-The public sector is currently actively trying to find ways to develop and make public services available over the internet, or utilizing telecommunications and computers (education, care of the elderly, etc.). Patents can prevent the use of these methods even for non-profit government activities.
The issue is not a new one. However, there are great economic values at stake yet so few people are aware of these and can portray the consequences of bad decisions! It should be interesting for small investors (not professionals, but common folks) that the share price of those highly popular IT companies (reflecting expectations) could be seriously affected by this. Therefore this is certainly worth an article.
Let's keep the thumbs up that these concerns get mainstream media coverage!
I find this thread rather interesting. Taxation has been around for millennia, and people have always been complaining about it. Up until now, it has been relatively easy to implement because people have remained in the same locations and the consumed goods have been usually physical in nature. Evolution towards service and information driven global economy makes it difficult for the state to control individual miniature work sessions, purchases and flows of payments. Therefore unless you have tremendous power to influence the market, you eventually have to give up to uncontrollable, wide scale but individually small import/export. The consequence is that you lose your taxation base, the money left to corporations and individual consumers. This is actually transfer of wealth from those who don't know how to use the mechanism of avoiding taxes. As long as that group of people hasn't had too large proportion of the combined consuming power of the state, you can accept this as unwanted but inevitable churn. With internet connectivity, it is easier for consumers to start making deals with companies on the other side of the world (or the border). Legitimate improvement in delivery of physical goods allows cost efficient transport of the purchases and hides the untaxed shipments in a huge volume of taxed ones. So it is clear that it is time to fight back to conserve the income sources. The traditional separation of European economy from others is also nicely visible here: apart from European companies, much of the profits will flow to Asia or Americas where there is less taxation (because there is less tendency to even out income differences). It's money lost to competitors. I would say that we Europeans are more concerned on environmentally sound, sustainable development and the taxation of products follows that reasoning. So I would definitely go for pure sales tax (actually EU is attempting to unify the various VATs in EU countries to ca. 25%), as loong as wide scale tax evasion by smugglers is prevented. Income tax is a remnant from past centuries (there was no way to control the volumes and values of sold goods, and no production industries) that is only in use because the efficient taxation mechanism exists and it is widely accepted (even if not preferred :). Property tax is really a continuation of income tax progression and should only apply to those that quite clearly have more money than they can spend on normal life. As long as the money is spent on acceptable life improvement (housing, hobbies, tourism, nice gizmos, personal stuff etc.) it stays in circulation and is eventually paid to other individuals as salaries. You must reward successful entrepreneurs and let them enjoy hard earned moneyt. But if the money is only used as luxury or as capital for investments to further increase the amount of money that will not be used for any other purpose than to increase the wealth of the individual, I think it is just to tax property. On the other hand, there is often a smooth degeneration in the family lineage so heirs of wealth will easily spend even big fortunes on luxury life and bad investments, so things will even out in the long run. Heh, I wonder if I will be the one generating wealth or merely consuming it during my lifetime ;)
To make one corporation operate more efficiently (and thus produce profits for its owners) it has to have better systems for providing services to its customers than its competitors. Another competitive advantage comes from the possibility of expanding operations into new fields, ie. integrating different automatic service creation and provisioning systems.
To do all this manually would be nonsense. Therefore, successive generations of AI solutions in one form or the other will be required. So we see that machine intelligence and evolution is a by-product of human drive towards the capitalist goal of making more money (which in itself is not a bad thing).
Virii, bacteria etc. only spread with their hosts who provide distinct biological environments that they are best suited to.
However, the various strains of these ultimate gone-astray nanites would just rip off atoms or molecules from any matter available, thus being independent of the environment.
Of course, the ones trapped inside a layer of other nanites would have no access to energy and thus no replication, and those closest to surface would be tearing each other to pieces while replicating.
But those that would be on the edge of this sea of nanites would definitely consume any virgin resources of humans, animals, plants and soil.
So the danger is real.
Basic rule of evolution, survival of the fittest will definitely be a threat to the current version of human race. If we intend to have efficient AI, then we have to give it the freedom to evolve into something better - by mutation, feedback etc.
The question is then: what is considered evolution and who defines this? If we let the AI reason the best way of doing things, then it will see that to accomplish its goals it should increase the resources it has available. This can be computation power, information, lack of competitors, fault tolerance against natural or intentional (human-driven) damages.
So eventually the same rules that make the AI useful may also drive it against the structures that limit its evolution. These structures are the already existing obsolete humans, organizations and industrial systems.
Which brings us to the starting point: new technology itself introduces both the benefits and the threats to human existence. These are inseparable but so far the progress has been heavily bound into developments in the physical world. When we separate the core of technical development from that by enabling evolution of information itself, problems multiply.
Flow of information is hard to control by humans who will have to rely on complicated systems that can eventually be managed by more or less evolved AIs. Then we have to either update ourselves or hope that we really know what the systems we create are capable of.
Will be interesting to see what happens...
US based funds hold significant positions in many European companies. If US intelligence is producing competitive advantages for companies with their HQ in US, then this will damage the property of other US citizens who have an interest in the European companies. Even more so once the barriers of entry into foreign exchanges are lifted in a couple of years.
So is it the American jobs that count or the capital/ownership?