Copper can carry Gbps 10s of meters. Fibre can carry multi Gbps 100s of kilometres. You use copper inside the house and fibre to the house.
Telcos use ethernet to get to your house. They use DOCIS, xDSL or even POTS. All of these have a modem of one description or a another that converts what they use to externally to something else (usually ethernet) for use within the house. Fibre still goes to a box that converts it in a similar manner to what a Cable modem (DOCIS), xDSL modem or a voice modem (POTS) does.
You don't fill it out on the plane anymore. You fill it out in advance electronically. It been like this for several years now. The resulting approval lasts 3 years (from memory) having had to do this several times. It used to be free but now it costs.
I'm not sure about Canada but to get a Visa Wavier from Australia for the US you get asked about you mental health when filling it out. If you had attempted to commit suicide and you are still on medication for the condition, then I can't see how you can tick the no box and not be lying. I presume you would them be informed about the extra procedures you would need to complete to enter the US.
What I am trying to work out here is how she got to the border without this being flagged earlier.
Firstly IP level fragmentations problems are self inflicted. IP fragments get though fine if you haven't put up a firewall to block them. Even with fast open one needs vastly more compute power to support DNS over TCP to the equivalent level of DNS over UDP.
What does vastly more compute power mean and does it matter? Lets assume it costs 100% more CPU time and 100% more RAM per DNS query to use TCP.. who cares? The long tail of DNS servers sit idle and every server that becomes a TCP only server is a server that cannot be used for amplification.
While most do sit around idle there are still many that are busy all the time like TLD and ISP servers. Switching to TCP only will seriously increase their costs and mean additional machines to maintain the normal query loads supported over UDP. Lots of extra packets. Lots of extra state. Lots of extra sockets to manage.
cookies needs more work though as a general idea it is the way to go.
Yet for countless years it sits and **NOTHING** gets done. The only leadership I've seen in addressing this issue is futile attempt at discriminating thinking human adversaries from legitimate users (e.g. DNS RRL)
RRL discriminates caching resolver vs some classes of malware. It is only a stop gap measure.
Firstly IP level fragmentations problems are self inflicted. IP fragments get though fine if you haven't put up a firewall to block them. Even with fast open one needs vastly more compute power to support DNS over TCP to the equivalent level of DNS over UDP.
cookies needs more work though as a general idea it is the way to go.
Ingress filtering is possible to deploy and it doesn't have to be a perfect filter or require universal deployment to be helpful. Just reducing the number of machines that can send spoofed traffic or reducing the range of addresses that can be spoofed is useful. Often perfect gets is the way of good enough to be helpful.
No, they check that you have turned up and that you put the ballot paper in the ballot box. You state your name and address without providing formal identification.
And the road side test is a preliminary test. The evidentiary test is performed on different, calibrated equipment after a period of time that is sufficient to address the issues of mouth alcohol being present at the preliminary test. You can also ask for a blood sample to be taken if you are worried that the evidentiary equipment is faulty / mis-calibrated. This is done by medical personnel.
Your licence to drive a car on the road is conditional on you being sober / no impaired. This is something you agree to when you get/renew a licence. You make a choice to get/renew your licence. You make a choice to drive drunk/impaired. There is no one forcing you to get behind the wheel.
Now if you are unlicensed then you haven't agreed but you are still committing a offence.
McDonalds' free WiFi basically doesn't work in Australia. Just about every time I've tried it times out talking to the authorisation server and if you succeed in getting authorisation there is no bandwidth to speak of.
It's not bumping quota. You are inattentive when texting at a red light. You are not in a position to see the change to green and will not have situational awareness when the person behind you hits the horn because you are texting. So yes texting is dangerous even when stopped at a red light. This is nothing compared to those that relax pressure on the brake pedal and creep into the car in front / behind because they are distracted.
And most of the boxes you have are perfectly safe to run without a external firewall. Just keep the software up to date. The firewall really only needs to stop spoofed traffic (in and out).
No. Most devices do not need any external firewall in front of them to protect them. Linux boxes don't. Windows boxes post XP SP2 don't. Mac's don't. i* devices don't. Even networked printers don't as they have filtering capability built into them.
Modern devices are designed to be directly connected to a hostile internet. The need to have a external firewall has basically gone the way of the dodo. Just the myth that you need a firewall remains.
And if ISP's would get off their collective butts and deploy IPv6 you could get rid of all the problems caused by using NAT. You still have firewalls to deal with but establishing bi-directional communication between two out bound only firewalls is trivial for UDP and should be trivial for TCP with simultaneous open.
Get rid of the firewalls and it is trivial. For the most part you don't need a firewall. Most devices are quite capable of being directly connected to the net safely.
As a retailer you get charged VAT by your wholesaler and you charge VAT to your customer. The difference goes to / returned from the government.
So something that ends up being tax exempt as a retailer you recover whatever VAT you were charged on the product. Schools are often tax exempt but you buy from the wholesaler as if you are selling to the public.
If you sell at a loss you recover the VAT you lost.
The fix to which is to encrypt all communications from the home / office to the rest of the world.
The first thing ISP's could do is stop supporting insecure communication channels to/from their customers. There is no reason to not use STARTTLS with submission. There is no reason to continue to support POP/IMAP without SSL/TLS.
Next they should use DANE to publish their CERTs to ensure that active MitM attacks are not possible.
I call on all ISP's to disable unencrypted mail submission / retrieval with their customers.
Most service providers have just about completed migrating their whole systems to IPv6. They are at the end of multi-year plans now.
As for home users the cost is basically to upgrade the router+modem to support IPv6. Most of the rest of the gear already supports IPv6. The PCs support it (anything installed in the last decade). Networked printers support it. Mobile phones and tablets support it. The few things that don't are not a big issue as they will continue to use IPv4. When you next need to replace them find a product that does both IPv4 and IPv6. If you can turn on IPv6 at home you will probably find that over half of the traffic will switch over to IPv6. I know over half of the external traffic at my home is IPv6 traffic (myself, wife and teenaged daughter). For most homes I suspect it would be similar.
For businesses turning on IPv6 will allow them to work out what parts of their custom software needs to be upgraded to support IPv6. The hosts already support IPv6 and unless you put a AAAA record in the DNS you won't draw traffic to the servers. This gives you the time to test which is best done when you have working external IPv6 connectivity. If you bring up IPv6 as a internal only service you then run the risk of finding out which pieces of software behave badly when one of the addresses of a multi-homed server is unavailable.
Of course you have control. You don't have to accept unencrypted communication. Just reject with a temporary fail and a message that says 'The use of STARTTLS is required for this recipient". If enough sites did this plain SMTP would disappear in almost no time flat.
Slashdot Mirror
Correction: "Telcos don't use ethernet to get to your house."
Copper can carry Gbps 10s of meters. Fibre can carry multi Gbps 100s of kilometres. You use copper inside the house and fibre to the house.
Telcos use ethernet to get to your house. They use DOCIS, xDSL or even POTS. All of these have a modem of one description or a another that converts what they use to externally to something else (usually ethernet) for use within the house. Fibre still goes to a box that converts it in a similar manner to what a Cable modem (DOCIS), xDSL modem or a voice modem (POTS) does.
You don't fill it out on the plane anymore. You fill it out in advance electronically. It been like this for several years now. The resulting approval lasts 3 years (from memory) having had to do this several times. It used to be free but now it costs.
I'm not sure about Canada but to get a Visa Wavier from Australia for the US you get asked about you mental health when filling it out. If you had attempted to commit suicide and you are still on medication for the condition, then I can't see how you can tick the no box and not be lying. I presume you would them be informed about the extra procedures you would need to complete to enter the US.
What I am trying to work out here is how she got to the border without this being flagged earlier.
Firstly IP level fragmentations problems are self inflicted. IP fragments get though fine if you haven't put up a firewall to block them.
Even with fast open one needs vastly more compute power to support DNS over TCP to the equivalent level of DNS over UDP.
What does vastly more compute power mean and does it matter? Lets assume it costs 100% more CPU time and 100% more RAM per DNS query to use TCP.. who cares? The long tail of DNS servers sit idle and every server that becomes a TCP only server is a server that cannot be used for amplification.
While most do sit around idle there are still many that are busy all the time like TLD and ISP servers. Switching to TCP only will seriously increase their costs and mean additional machines to maintain the normal query loads supported over UDP. Lots of extra packets. Lots of extra state. Lots of extra sockets to manage.
cookies needs more work though as a general idea it is the way to go.
Yet for countless years it sits and **NOTHING** gets done. The only leadership I've seen in addressing this issue is futile attempt at discriminating thinking human adversaries from legitimate users (e.g. DNS RRL)
RRL discriminates caching resolver vs some classes of malware. It is only a stop gap measure.
Firstly IP level fragmentations problems are self inflicted. IP fragments get though fine if you haven't put up a firewall to block them.
Even with fast open one needs vastly more compute power to support DNS over TCP to the equivalent level of DNS over UDP.
cookies needs more work though as a general idea it is the way to go.
Ingress filtering is possible to deploy and it doesn't have to be a perfect filter or require universal deployment to be helpful. Just reducing the number of machines that can send spoofed traffic or reducing the range of addresses that can be spoofed is useful. Often perfect gets is the way of good enough to be helpful.
No, they check that you have turned up and that you put the ballot paper in the ballot box. You state your name and address without providing formal identification.
Does growing drugs present a direct and immediate threat to others?
Driving impaired does even if you are not obviously weaving all over the road.
And the road side test is a preliminary test. The evidentiary test is performed on different, calibrated equipment after a period of time that is sufficient to address the issues of mouth alcohol being present at the preliminary test. You can also ask for a blood sample to be taken if you are worried that the evidentiary equipment is faulty / mis-calibrated. This is done by medical personnel.
You really need to lookup what harass means.
Random breath tests, when properly implemented, don't fall within the definition of harassment.
Your licence to drive a car on the road is conditional on you being sober / no impaired. This is something you agree to when you get/renew a licence. You make a choice to get/renew your licence. You make a choice to drive drunk/impaired. There is no one forcing you to get behind the wheel.
Now if you are unlicensed then you haven't agreed but you are still committing a offence.
McDonalds' free WiFi basically doesn't work in Australia. Just about every time I've tried it times out talking to the authorisation server and if you succeed in getting authorisation there is no bandwidth to speak of.
Not once you put the car in park, turn off the engine and engage the hand brake. Up until that stage yes you are driving.
It's not bumping quota. You are inattentive when texting at a red light. You are not in a position to see the change to green and will not have situational awareness when the person behind you hits the horn because you are texting. So yes texting is dangerous even when stopped at a red light. This is nothing compared to those that relax pressure on the brake pedal and creep into the car in front / behind because they are distracted.
And most of the boxes you have are perfectly safe to run without a external firewall. Just keep the software up to date. The firewall really only needs to stop spoofed traffic (in and out).
No. Most devices do not need any external firewall in front of them to protect them. Linux boxes don't. Windows boxes post XP SP2 don't. Mac's don't. i* devices don't. Even networked printers don't as they have filtering capability built into them.
Modern devices are designed to be directly connected to a hostile internet. The need to have a external firewall has basically gone the way of the dodo. Just the myth that you need a firewall remains.
And if ISP's would get off their collective butts and deploy IPv6 you could get rid of all the problems caused by using NAT. You still have firewalls to deal with but establishing bi-directional communication between two out bound only firewalls is trivial for UDP and should be trivial for TCP with simultaneous open.
Get rid of the firewalls and it is trivial. For the most part you don't need a firewall. Most devices are quite capable of being directly connected to the net safely.
As a retailer you get charged VAT by your wholesaler and you charge VAT to your customer. The difference goes to / returned from the government.
So something that ends up being tax exempt as a retailer you recover whatever VAT you were charged on the product. Schools are often tax exempt but you buy from the wholesaler as if you are selling to the public.
If you sell at a loss you recover the VAT you lost.
The fix to which is to encrypt all communications from the home / office to the rest of the world.
The first thing ISP's could do is stop supporting insecure communication channels to/from their customers. There is no reason to not use STARTTLS with submission. There is no reason to continue to support POP/IMAP without SSL/TLS.
Next they should use DANE to publish their CERTs to ensure that active MitM attacks are not possible.
I call on all ISP's to disable unencrypted mail submission / retrieval with their customers.
Most service providers have just about completed migrating their whole systems to IPv6. They are at the end of multi-year plans now.
As for home users the cost is basically to upgrade the router+modem to support IPv6. Most of the rest of the gear already supports IPv6. The PCs support it (anything installed in the last decade). Networked printers support it. Mobile phones and tablets support it. The few things that don't are not a big issue as they will continue to use IPv4. When you next need to replace them find a product that does both IPv4 and IPv6. If you can turn on IPv6 at home you will probably find that over half of the traffic will switch over to IPv6. I know over half of the external traffic at my home is IPv6 traffic (myself, wife and teenaged daughter). For most homes I suspect it would be similar.
For businesses turning on IPv6 will allow them to work out what parts of their custom software needs to be upgraded to support IPv6. The hosts already support IPv6 and unless you put a AAAA record in the DNS you won't draw traffic to the servers. This gives you the time to test which is best done when you have working external IPv6 connectivity. If you bring up IPv6 as a internal only service you then run the risk of finding out which pieces of software behave badly when one of the addresses of a multi-homed server is unavailable.
It's illegal to carry a knife without a valid excuse. There is no "Period". It is not a absolute prohibition.
"For protection", however, is not a valid excuse.
Finger printing identifies a individual. DNA identifies a family members as well as individuals.
Of course you have control. You don't have to accept unencrypted communication. Just reject with a temporary fail and a message that says 'The use of STARTTLS is required for this recipient". If enough sites did this plain SMTP would disappear in almost no time flat.
Even with DANE most people use a third party (gmail, hotmail, yahoo or their ISP) to store their email on as ISP's block direct to customer emails.
No company can, in good faith, claim that they are not distributing confidential details to a third party if they send them in the clear via email.
All it verifies is that a card with a mag strip programmed with your data has been presented. That card could be library card, hotel door key ....