That's not really accurate. For one thing, you'd have to shoot a lot to be able to reliably tell the difference between a live round and a blank. Secondly, every rifle recoils differently. It comes down to physics...every action has an equal and opposite reaction. When the propellant burns and the bullet is propelled forward, the rifle is also propelled backwards creating recoil. The amount of recoil is determined by how much resistance there is to movement, so a heavier rifle is harder to move than a lighter rifle and will therefore exhibit less recoil. That is to say that even if someone had a rifle and shot it frequently enough to be able to tell the difference between a live round and a blank, if they fired a single shot with a different rifle they would likely have no idea if it was a live round or not because the recoil profile would be totally different.
I always found this statement odd because there's theoretically no way to prove it wasn't just something "made up" to make the executioners feel better. Assuming one rifle is loaded with a blank, I would guess they don't allow the executioners to check to see if their rifle has the blank prior to shooting because then the rest of the executioners would know they didn't have a blank and it would negate the desired effect on them. So, if you can't check your rifle to see if it has a blank, who's to say any of them do? Sure the guy that put it there could attest to one rifle having a blank, but that brings us back to how the executioners themselves know he isn't lying.
Well, ADSL is a form of DSL like SDSL and HDSL, are, it's just probably the most common form. So DSL in and of itself doesn't really represent a specific standard.
If you take the dumbest DSL modem and plug it into a computer and then look at the entry in the arp table for the computer's default gateway (which is probably the DSLAM or another piece of equipment in the CO), you'll see an entry for the gateway's IP, but it'll correspond to the modem's MAC address.
There is layer 2 equipment you can buy that will truly act invisible at layer 2, but it's not what you'd get from the phone company. One reason for needing true transparency at layer 2 would be if you wanted to trunk across a WAN link (i.e. you have a switch on each side and you want to maintain VLAN awareness on both sides of the WAN). You can't do that without special proprietary protocols if each switch doesn't see the other switch's MAC address as directly connected.
As far as your comment about a network bridge, you're not quite correct there. A bridge does indeed operate at layer 2 because the primary function of a bridge is to segment networks based on layer 2 addressing. Think of a bridge as a two port switch, because that's exactly what it is. If you replaced the word "bridge" with "hub" then your statement would be dead on.
In the old days when networks were built around hubs instead of switches people used bridges to segment networks. If you had 1000 ports on a LAN and the LAN was based on hubs, that meant that every frame from every computer would go to every other computer on the LAN. You can see how this would quickly become unmanageable. Bridges would be placed between hubs and keep track of the MAC addresses they saw on each of their two ports and only forward frames if the destination was on the other port, or the destination was unknown.
...is if they did something similar to how commercial usage-based billing works (i.e. by data transfer or 95th percentile, etc). In other words, it may work out better for some folks, but heavy users will pay more. For example, I don't use a ton of data, I stream Netflix for 2-3 hours a day, check e-mail and Facebook and occassionally spend an hour playing an online game. I would guess that translates to maybe 250 GB a month.
I pay for 60 Mbps service, and assuming my real world speeds are 85% of what I'm paying for (to allow for overhead, etc), that means I could transfer about 16.5 TB of data per month if I used the service at 100% capacity all the time. Based on that, my usage translates to about 0.00151% or about a thousandth of what I'm currently paying for. That illustrates just how little I use my service in comparison to others out there that actually do make use of all the bandwidth available to them.
If they offered me a plan where I could have 100 Mbps service and pay 10 cents/GB, I'd go for it because I'd save about 50% on my monthly bill, but I'd have better performance because I'd have more available bandwidth.
Like I said, anything with a MAC address is running at layer 2 at the very minimum. Almost everything with an Ethernet port has a MAC address. A DSL modem certainly does (it could not participate in an Ethernet network otherwise). Further, DSL itself is defined at layer 2 protocol and a DSL modem is most definitely making use of the DSL standard. A standard DSL modem won't get to layer 3 but anything that does any type of routing and/or NAT will. So your standard DSL modem that's acting as nothing more than a network bridge is a layer 2 device, but I imagine you rarely see those anymore, probably everyone's pushing dsl routers nowadays.
What prevents someone from spoofing an e-mail from you to send themself money?
Let's say you meet up with some guy in a parking lot to conduct some sort of craigslist transaction. You agree to pay him using Square and you e-mail him the cash. At this point he knows you have a debit card linked to your Square account, so what prevents him from forging an e-mail from the e-mail address you used to send him cash, to him, CC'ing cash@square.com and putting 5000 in the subject line? Will Square then deduct the $5k from your bank account and send it to him?
Sure you can argue that SPF and such exist to prevent e-mail spoofing, but in reality a lot of e-mail domains don't implement SPF and even if they do a lot of recipients don't check it. E-mail seems like a horrible mechanism to control financial transactions because it is inherently insecure.
Sure anyone can run VMs on the computer in their bedroom but I think what OP was talking about is large companies using an open market to run enterprise apps. I.E. you are eBay and you require constant capacity of 10k servers and during the holiday season you require 25k servers. It would be a waste of money for you to buy the extra 15k servers if you only need them for 2 months out of the year. This would help you to find the lowest price on that capacity for only the time you actually need it.
AWS already has a marketplace where you can purchase free capacity at rates much lower than what you'd normally pay. Smart devs are making use of these "spot instances" to save money on their compute costs. Before we can have a more widespread market, a cloud standard needs to emerge. If I can get cloud resources cheaper in Rackspace today than I can get them from Amazon that largely does me no good because the processes associated with working in those two different clouds are not the same. If I could take the same toolset I use to run AWS apps and forklift those to Rackspace, THAT would be interesting in that it would really start to focus competition on price.
Calling the police dept and asking isn't good enough anymore? Pawn shops have used systems like this for many, many years to avoid buying stolen stuff. I had a laptop stolen from my garage about 10 years ago and the police found it when the guy that stole it tried to pawn it and the serial number popped up on the "this is stolen, don't buy this" list.
Put your modem/router in bridge mode if at all possible so it is not doing anything other than acting as a modem (i.e. no NAT, no IP services running on it, no nothing). Then connect a single machine directly to it and boot that machine from a LiveCD so you can be certain you aren't running any type of malware, etc. Does the problem go away? If yes then you've demonstrated that the problem is on your side. If not, fire up wireshark and look at what you see for things that shouldn't be there.
A DSL modem is actually a layer 2 device. Anything with a MAC address operates at layer 2. Layer 1 is just what it sounds like - physical stuff like cabling, etc.
If you don't like the job, find another one or go start your own business and be your own boss. Until then, suck it up and deal. You work for someone else, they make the rules.
I don't really understand the so-called "problem" that is trying to be solved. If you buy a phone from your wireless carrier at a subsidized price, the carrier starts that relationship in the red because they've absorbed the full cost of your phone while you've only paid a fraction of it. So take the iPhone for an example. The carrier buys the device at $650 or so and you pay them $200. So right off the bat, the carrier is $450 in the red.
Now let's say you sign up for service with AT&T on January 1st and buy a new iPhone from them for $199 and on January 2nd you take that device and unlock it and switch to T-mobile. AT&T will charge you an ETF to recoup the rest of their costs, and then after you pay the ETF, they'll unlock the phone for you. If you don't pay AT&T the ETF and try to stiff them out of the rest of the price of the phone, they don't unlock it for you.
Maybe I'm being naive, but where is the problem with this arrangement?
If you complete your contractual obligatons (or if you pay full price for your device), your carrier will unlock it for you and you can go use it on whatever network you want. It sounds like folks are asking for a loophole to be able to get a cheap subsidized device AND not have to pay the ETF if they decide to break their contract. This (a private contract between two entities) is not something the government should be involved with.
The only people a change like this would benefit are those folks that want to get a subsudized phone, break the contract (or use the service until it gets shut off due to non-payment) and then jump to another carrier. I know America is turning into the land of the government providing everything to you for free, but this is a bit ridiculous. If this passes, the ONLY thing that will change is carriers will stop offering subsidized phones and all phones will come unlocked by default. If that's what you want, then why do 99% of people buy subsidized phones when they already have the option to pay full price for a phone and get it unlocked on day 1?
Ok, I didn't WTFV but if you bought an HDTV 7 years ago, there's an excellent chance it's only 720p. 1080p is a significant upgrade, but I would guess 1440p will become mainstream in the next year or two so you may as well wait until that happens and you can either enjoy the price drop on 1080p sets or buy a 1440p set and be set for another 5-10 years.
Any why does it specifically call out AWS? There would be the same vulnerability with any hosting service where someone other than you has access to the hardware. Rule #1 of system security has been all bets are off if someone has physical access to the system for quite a while.
Sure, perhaps I worded it poorly but you didn't take the point I was trying to make, which is...
Anybody = any possible person
FBI, law enforcement, ISPs or any other group of people that doesn't contain every person in the world != Anybody
My point was that it's incorrect to say that it's easy for anybody to access someone else's search data because that statement is factually not true. If you dispute that then I invite you to construct a scenario in which I would be able to easily access your search data without your assistance and without you taking any action to facilitate that access.
Their ISP, RIAA/MPAA, law enforcement and the FBI do not constitute "anybody". Anybody encompasses some guy sitting in a basement on the other side of the planet. I don't believe you could create a compelling argument that it would be "easy" for him to see their search data.
None of the major manufacturers staff their own onsite repair people. Dell uses a 3rd party company, the same one Samsung and Lenovo use, at least around here. So it's the same company doing the repair work either way, the problem I had was on the dispatch side where you call Lenovo and get them to actually create the service order for someone to come out. If I could get that done, then the actual repair work was fine, it was just getting Lenovo to actually schedule it where we had trouble.
I don't exactly work for a large organization, but we do have folks working all over the world so service and support is very important to us. We had been using Dell but switched to Lenovo for a year because we could get systems from them with less lead time. We couldn't switch back fast enough. We paid extra for 3 year onsite NBD warranties (vs return to depot warranties) but when we called Lenovo to get them to send someone out for a repair, it always turned into an argument about whether we were entitled to onsite service.
Dell has always had excellent service, over the past 10 years or so I can probably count the number of times they didn't have a hardware problem fixed the next business day on one hand. It also seemed like we had a higher incidence of problems with the Lenovo systems. We bought maybe 20 of them and of that 20 probably half had to have their system boards replaced because a USB connector snapped off.
Technet was very reasonably priced at a couple hundred bucks a year and that got you access to almost everything Microsoft makes. Of course, you couldn't use it for production, but for testing, etc it was great. As a sysadmin, I don't want to pay 5-10x as much for an MSDN subscription because I just want the software, I could care less about the development stuff.
So at the end of the day, what Microsoft will see is less money from me when I turn to other sources to get the MS software I need for testing purposes. I know guys at other companies with MSDN universal subscriptions and they're happy to share their login info.
The answer here is to make an educated guess as to how long Staples retains surveillance camera footage and don't use a phone you've bought there until that retention period has elapsed. Then when the NSA tracks the call to a prepaid phone that was purchased at Staples at 4 o'clock on a Thursday three months ago and try to pull the surveillance footage, Staples will rightly tell them they no longer have it.
But in reality, might it be easier to buy your prepaid SIMs from a vending machine or a flea market / craigslist. There are many such places that do not have surveillance cameras where it is easy enough to remain anonymous.
Slashdot Mirror
That's not really accurate. For one thing, you'd have to shoot a lot to be able to reliably tell the difference between a live round and a blank. Secondly, every rifle recoils differently. It comes down to physics...every action has an equal and opposite reaction. When the propellant burns and the bullet is propelled forward, the rifle is also propelled backwards creating recoil. The amount of recoil is determined by how much resistance there is to movement, so a heavier rifle is harder to move than a lighter rifle and will therefore exhibit less recoil. That is to say that even if someone had a rifle and shot it frequently enough to be able to tell the difference between a live round and a blank, if they fired a single shot with a different rifle they would likely have no idea if it was a live round or not because the recoil profile would be totally different.
I always found this statement odd because there's theoretically no way to prove it wasn't just something "made up" to make the executioners feel better. Assuming one rifle is loaded with a blank, I would guess they don't allow the executioners to check to see if their rifle has the blank prior to shooting because then the rest of the executioners would know they didn't have a blank and it would negate the desired effect on them. So, if you can't check your rifle to see if it has a blank, who's to say any of them do? Sure the guy that put it there could attest to one rifle having a blank, but that brings us back to how the executioners themselves know he isn't lying.
Well, ADSL is a form of DSL like SDSL and HDSL, are, it's just probably the most common form. So DSL in and of itself doesn't really represent a specific standard.
If you take the dumbest DSL modem and plug it into a computer and then look at the entry in the arp table for the computer's default gateway (which is probably the DSLAM or another piece of equipment in the CO), you'll see an entry for the gateway's IP, but it'll correspond to the modem's MAC address.
There is layer 2 equipment you can buy that will truly act invisible at layer 2, but it's not what you'd get from the phone company. One reason for needing true transparency at layer 2 would be if you wanted to trunk across a WAN link (i.e. you have a switch on each side and you want to maintain VLAN awareness on both sides of the WAN). You can't do that without special proprietary protocols if each switch doesn't see the other switch's MAC address as directly connected.
As far as your comment about a network bridge, you're not quite correct there. A bridge does indeed operate at layer 2 because the primary function of a bridge is to segment networks based on layer 2 addressing. Think of a bridge as a two port switch, because that's exactly what it is. If you replaced the word "bridge" with "hub" then your statement would be dead on.
In the old days when networks were built around hubs instead of switches people used bridges to segment networks. If you had 1000 ports on a LAN and the LAN was based on hubs, that meant that every frame from every computer would go to every other computer on the LAN. You can see how this would quickly become unmanageable. Bridges would be placed between hubs and keep track of the MAC addresses they saw on each of their two ports and only forward frames if the destination was on the other port, or the destination was unknown.
...is if they did something similar to how commercial usage-based billing works (i.e. by data transfer or 95th percentile, etc). In other words, it may work out better for some folks, but heavy users will pay more. For example, I don't use a ton of data, I stream Netflix for 2-3 hours a day, check e-mail and Facebook and occassionally spend an hour playing an online game. I would guess that translates to maybe 250 GB a month.
I pay for 60 Mbps service, and assuming my real world speeds are 85% of what I'm paying for (to allow for overhead, etc), that means I could transfer about 16.5 TB of data per month if I used the service at 100% capacity all the time. Based on that, my usage translates to about 0.00151% or about a thousandth of what I'm currently paying for. That illustrates just how little I use my service in comparison to others out there that actually do make use of all the bandwidth available to them.
If they offered me a plan where I could have 100 Mbps service and pay 10 cents/GB, I'd go for it because I'd save about 50% on my monthly bill, but I'd have better performance because I'd have more available bandwidth.
Like I said, anything with a MAC address is running at layer 2 at the very minimum. Almost everything with an Ethernet port has a MAC address. A DSL modem certainly does (it could not participate in an Ethernet network otherwise). Further, DSL itself is defined at layer 2 protocol and a DSL modem is most definitely making use of the DSL standard. A standard DSL modem won't get to layer 3 but anything that does any type of routing and/or NAT will. So your standard DSL modem that's acting as nothing more than a network bridge is a layer 2 device, but I imagine you rarely see those anymore, probably everyone's pushing dsl routers nowadays.
What prevents someone from spoofing an e-mail from you to send themself money?
Let's say you meet up with some guy in a parking lot to conduct some sort of craigslist transaction. You agree to pay him using Square and you e-mail him the cash. At this point he knows you have a debit card linked to your Square account, so what prevents him from forging an e-mail from the e-mail address you used to send him cash, to him, CC'ing cash@square.com and putting 5000 in the subject line? Will Square then deduct the $5k from your bank account and send it to him?
Sure you can argue that SPF and such exist to prevent e-mail spoofing, but in reality a lot of e-mail domains don't implement SPF and even if they do a lot of recipients don't check it. E-mail seems like a horrible mechanism to control financial transactions because it is inherently insecure.
what is the cloud computing equivalent of Taco Bell "meat"?
Azure.
Sure anyone can run VMs on the computer in their bedroom but I think what OP was talking about is large companies using an open market to run enterprise apps. I.E. you are eBay and you require constant capacity of 10k servers and during the holiday season you require 25k servers. It would be a waste of money for you to buy the extra 15k servers if you only need them for 2 months out of the year. This would help you to find the lowest price on that capacity for only the time you actually need it.
AWS already has a marketplace where you can purchase free capacity at rates much lower than what you'd normally pay. Smart devs are making use of these "spot instances" to save money on their compute costs. Before we can have a more widespread market, a cloud standard needs to emerge. If I can get cloud resources cheaper in Rackspace today than I can get them from Amazon that largely does me no good because the processes associated with working in those two different clouds are not the same. If I could take the same toolset I use to run AWS apps and forklift those to Rackspace, THAT would be interesting in that it would really start to focus competition on price.
there isn't a good way to know if it's stolen
Calling the police dept and asking isn't good enough anymore? Pawn shops have used systems like this for many, many years to avoid buying stolen stuff. I had a laptop stolen from my garage about 10 years ago and the police found it when the guy that stole it tried to pawn it and the serial number popped up on the "this is stolen, don't buy this" list.
+1 to this.
Put your modem/router in bridge mode if at all possible so it is not doing anything other than acting as a modem (i.e. no NAT, no IP services running on it, no nothing). Then connect a single machine directly to it and boot that machine from a LiveCD so you can be certain you aren't running any type of malware, etc. Does the problem go away? If yes then you've demonstrated that the problem is on your side. If not, fire up wireshark and look at what you see for things that shouldn't be there.
A DSL modem is actually a layer 2 device. Anything with a MAC address operates at layer 2. Layer 1 is just what it sounds like - physical stuff like cabling, etc.
If you don't like the job, find another one or go start your own business and be your own boss. Until then, suck it up and deal. You work for someone else, they make the rules.
I don't really understand the so-called "problem" that is trying to be solved. If you buy a phone from your wireless carrier at a subsidized price, the carrier starts that relationship in the red because they've absorbed the full cost of your phone while you've only paid a fraction of it. So take the iPhone for an example. The carrier buys the device at $650 or so and you pay them $200. So right off the bat, the carrier is $450 in the red.
Now let's say you sign up for service with AT&T on January 1st and buy a new iPhone from them for $199 and on January 2nd you take that device and unlock it and switch to T-mobile. AT&T will charge you an ETF to recoup the rest of their costs, and then after you pay the ETF, they'll unlock the phone for you. If you don't pay AT&T the ETF and try to stiff them out of the rest of the price of the phone, they don't unlock it for you.
Maybe I'm being naive, but where is the problem with this arrangement?
If you complete your contractual obligatons (or if you pay full price for your device), your carrier will unlock it for you and you can go use it on whatever network you want. It sounds like folks are asking for a loophole to be able to get a cheap subsidized device AND not have to pay the ETF if they decide to break their contract. This (a private contract between two entities) is not something the government should be involved with.
The only people a change like this would benefit are those folks that want to get a subsudized phone, break the contract (or use the service until it gets shut off due to non-payment) and then jump to another carrier. I know America is turning into the land of the government providing everything to you for free, but this is a bit ridiculous. If this passes, the ONLY thing that will change is carriers will stop offering subsidized phones and all phones will come unlocked by default. If that's what you want, then why do 99% of people buy subsidized phones when they already have the option to pay full price for a phone and get it unlocked on day 1?
Ok, I didn't WTFV but if you bought an HDTV 7 years ago, there's an excellent chance it's only 720p. 1080p is a significant upgrade, but I would guess 1440p will become mainstream in the next year or two so you may as well wait until that happens and you can either enjoy the price drop on 1080p sets or buy a 1440p set and be set for another 5-10 years.
Any why does it specifically call out AWS? There would be the same vulnerability with any hosting service where someone other than you has access to the hardware. Rule #1 of system security has been all bets are off if someone has physical access to the system for quite a while.
Quantum foam makes me roam.
I think you misunderstood who you were replying to. I was making the same argument.
Sure, perhaps I worded it poorly but you didn't take the point I was trying to make, which is...
Anybody = any possible person
FBI, law enforcement, ISPs or any other group of people that doesn't contain every person in the world != Anybody
My point was that it's incorrect to say that it's easy for anybody to access someone else's search data because that statement is factually not true. If you dispute that then I invite you to construct a scenario in which I would be able to easily access your search data without your assistance and without you taking any action to facilitate that access.
Their ISP, RIAA/MPAA, law enforcement and the FBI do not constitute "anybody". Anybody encompasses some guy sitting in a basement on the other side of the planet. I don't believe you could create a compelling argument that it would be "easy" for him to see their search data.
I never dealt with Lenovo other than their support facility in the USA, so not sure this is applicable to the problem I had but it makes sense.
None of the major manufacturers staff their own onsite repair people. Dell uses a 3rd party company, the same one Samsung and Lenovo use, at least around here. So it's the same company doing the repair work either way, the problem I had was on the dispatch side where you call Lenovo and get them to actually create the service order for someone to come out. If I could get that done, then the actual repair work was fine, it was just getting Lenovo to actually schedule it where we had trouble.
I don't exactly work for a large organization, but we do have folks working all over the world so service and support is very important to us. We had been using Dell but switched to Lenovo for a year because we could get systems from them with less lead time. We couldn't switch back fast enough. We paid extra for 3 year onsite NBD warranties (vs return to depot warranties) but when we called Lenovo to get them to send someone out for a repair, it always turned into an argument about whether we were entitled to onsite service.
Dell has always had excellent service, over the past 10 years or so I can probably count the number of times they didn't have a hardware problem fixed the next business day on one hand. It also seemed like we had a higher incidence of problems with the Lenovo systems. We bought maybe 20 of them and of that 20 probably half had to have their system boards replaced because a USB connector snapped off.
Technet was very reasonably priced at a couple hundred bucks a year and that got you access to almost everything Microsoft makes. Of course, you couldn't use it for production, but for testing, etc it was great. As a sysadmin, I don't want to pay 5-10x as much for an MSDN subscription because I just want the software, I could care less about the development stuff.
So at the end of the day, what Microsoft will see is less money from me when I turn to other sources to get the MS software I need for testing purposes. I know guys at other companies with MSDN universal subscriptions and they're happy to share their login info.
The answer here is to make an educated guess as to how long Staples retains surveillance camera footage and don't use a phone you've bought there until that retention period has elapsed. Then when the NSA tracks the call to a prepaid phone that was purchased at Staples at 4 o'clock on a Thursday three months ago and try to pull the surveillance footage, Staples will rightly tell them they no longer have it.
But in reality, might it be easier to buy your prepaid SIMs from a vending machine or a flea market / craigslist. There are many such places that do not have surveillance cameras where it is easy enough to remain anonymous.