Brewster Khale's Internet Archive has an archive of Usenet from 1996-1998, but they stopped for some reason (did they think Deja was doing a better job?). And it's only about 600 GB, so the disk space should be pretty cheap.
The regulations were loosened enough for Linux to include crypto a while ago. Mozilla already has crypto for example. What's holding things back is Linus AFAIK.
The 405GP is just a chip; it's no more secure or insecure than any other PowerPC. Likewise, if you want to run WinCE or QNX, go for it. You don't have to use Linux on the chip.
IPv6 (there's only one version) has a mode where the MAC address in encoded into the IP address; this makes link-local addressing and stateless autoconfiguration easier. However, that is optional, so you don't have to give up any privacy if you don't want to.
I agree that making/64 the smallest subnet is wasteful, and maybe it is possible to have smaller ones. One of the benefits to/64 subnets is being able to use Ethernet MAC addresses in stateless autoconfiguration; it also might make routing and DNS easier. (I seem to remember that DNS for IPv6 represents an address as a 64-bit prefix and a 64-bit host ID; I guess this benefits multihomed networks.)
When IPv6 comes into use on the net, will I be able to get my own block of IPs for cheap? How much?
With 6to4, you can get a whole subnet for free, and you don't even need to wait for your ISP. ISPs will probably assign either individual addresses or whole/64 subnets to users.
How many IPs fall into the lowest level "block?"
The lowest level block is a 64-bit subnet, with 2^64 addresses.
If I buy a block from NSI or whomever, can I "symbolically link" it to say, a SW Bell DSL line?
No, that would destroy the global routing database. You can't do it today with IPv4 and you won't be able to do it with IPv6. I think ICANN is actually the ones allocating IP space these days, although I'm not sure how ARIN fits in.
I'm not an IPv6 expert, so if any of these are wrong, just correct me but flames aren't appreciated.
Maybe you haven't heard, but these days there isn't a distinction between clients and servers thanks to VoIP, IM, Napster, Freenet, etc. Every machine is a server these days, so it needs a global address.
And you don't even have to wait for your ISP to support it. Just turn on 6to4, and with one IPv4 address you can get quite a few IPv6 subnets (each of which contains 2^64 addresses).
Windows already supports 6to4, BSD probably does, and I don't know about Linux.
The page at d.net mentions this idea, but it points out that Netrek has tried this idea and it is possible to extract the key from the trusted binary and compile it into a cheating binary. It's a lot of work, but some people will do anything to cheat.
The problem with d.net is that it's impossible to tell the difference between a right answer and a wrong one most of the time. For almost every block, the client just sends back a message saying it didn't find anything. So if you send the same block to N clients and they all say they didn't find anything, how do you know whether one of the clients was cheating or not?
I think they are using redundancy along with false positives (where the server knows that the result should be "the key might be 0xdeadbeef"), but I don't know if that's good enough to prevent cheating completely.
I pretty much agree with you about ASPs. The only thing I might want an ASP for is backups (as long as all the data is encrypted before it leaves my computer).
But I disagree with your assessment of the security situation. First, ASPs can work just fine without mobile code or agents or whatever. Consider your example of a speech-recognition ASP: It will already have the code installed on it, so there's no need for it to run untrusted code.
However, it is still possible to run untrusted native code safely if you have the right OS; too bad "the right OS" in this case isn't any flavor of Unix or NT.
I don't know if HTTP-NG ever made it to the IETF; I know the W3C was working on it for a while, but I get the impression some people realized that they didn't really know why HTTP-NG was needed or exactly what it should do, so they put it on the back burner.
If HTTP-NG ever comes back, it may end up using BXXP as its mux layer.
Do all your homegrown app protocols support TLS and SASL? Do you want to spend a month just working on the authentication part of one of your new protocols? I don't.
Although if you don't need mux, security, or any kind of negotiation in your protocols, you may be right.
IPv6 was specifically designed to work alongside IPv4; some people have already started using it (it's flexible enough that you can use it even before all the specs are finalized).
RAM compression isn't going to deliver compression ratios as good as stream oriented algorithms like deflate and bzip2, because it has to be random-access and the compressor doesn't have as much context to look at.
But as you pointed out, memory tends to be pretty compressible because of the significant redundancy.
Most of the issues Fred mentioned in his paper would still exist in a multi-personality approach like the one you described.
For example, there has to be some code that manages the VFS layer, and the semantics of that layer would never be able to perfectly fit both the BSD and Carbon personalities. In particular, if you read some of the Interix papers, they mention many similar issues. (Interix is an improved version of NT's POSIX personality.)
Let's say SightSound sends me some encrypted video. For me to watch it, my computer has to decrypt it. For my computer to decrypt it, they have to send me the key. But now I have some encrypted data and the key! Cracking it is trivial.
It doesn't matter how strong your crypto is if you give someone the key.
Who's going to pay a whole room full of people to do nothing but check new domain registrations to see if they're "worthy"? And you thought domains were expensive already!
Brewster Khale's Internet Archive has an archive of Usenet from 1996-1998, but they stopped for some reason (did they think Deja was doing a better job?). And it's only about 600 GB, so the disk space should be pretty cheap.
The regulations were loosened enough for Linux to include crypto a while ago. Mozilla already has crypto for example. What's holding things back is Linus AFAIK.
Are there any environments you know about that are safer, or safe enough and faster?
Yes. EROS can run untrusted native code at full speed in a confined sandbox. Unfortunately it's still at the prototype stage IMO.
You mean something like a patent on "Diverse Goods Arbitration System and Method for Allocating Resources In a Distributed Computer System"?
http://www.agorics.com/library.html
The 405GP is just a chip; it's no more secure or insecure than any other PowerPC. Likewise, if you want to run WinCE or QNX, go for it. You don't have to use Linux on the chip.
IPv6 (there's only one version) has a mode where the MAC address in encoded into the IP address; this makes link-local addressing and stateless autoconfiguration easier. However, that is optional, so you don't have to give up any privacy if you don't want to.
I agree that making /64 the smallest subnet is wasteful, and maybe it is possible to have smaller ones. One of the benefits to /64 subnets is being able to use Ethernet MAC addresses in stateless autoconfiguration; it also might make routing and DNS easier. (I seem to remember that DNS for IPv6 represents an address as a 64-bit prefix and a 64-bit host ID; I guess this benefits multihomed networks.)
You don't have to use a MAC address; you can use any address that's not used on your subnet if you're concerned about privacy.
Or Apple could just make their own video card to ship in their G4 systems.
When IPv6 comes into use on the net, will I be able to get my own block of IPs for cheap? How much?
/64 subnets to users.
With 6to4, you can get a whole subnet for free, and you don't even need to wait for your ISP. ISPs will probably assign either individual addresses or whole
How many IPs fall into the lowest level "block?"
The lowest level block is a 64-bit subnet, with 2^64 addresses.
If I buy a block from NSI or whomever, can I "symbolically link" it to say, a SW Bell DSL line?
No, that would destroy the global routing database. You can't do it today with IPv4 and you won't be able to do it with IPv6. I think ICANN is actually the ones allocating IP space these days, although I'm not sure how ARIN fits in.
I'm not an IPv6 expert, so if any of these are wrong, just correct me but flames aren't appreciated.
Maybe you haven't heard, but these days there isn't a distinction between clients and servers thanks to VoIP, IM, Napster, Freenet, etc. Every machine is a server these days, so it needs a global address.
And you don't even have to wait for your ISP to support it. Just turn on 6to4, and with one IPv4 address you can get quite a few IPv6 subnets (each of which contains 2^64 addresses).
Windows already supports 6to4, BSD probably does, and I don't know about Linux.
The page at d.net mentions this idea, but it points out that Netrek has tried this idea and it is possible to extract the key from the trusted binary and compile it into a cheating binary. It's a lot of work, but some people will do anything to cheat.
The problem with d.net is that it's impossible to tell the difference between a right answer and a wrong one most of the time. For almost every block, the client just sends back a message saying it didn't find anything. So if you send the same block to N clients and they all say they didn't find anything, how do you know whether one of the clients was cheating or not?
I think they are using redundancy along with false positives (where the server knows that the result should be "the key might be 0xdeadbeef"), but I don't know if that's good enough to prevent cheating completely.
That page doesn't say anything new about the SDK besides that it uses GCC and it has some demos. What features does it have? What are the APIs like?
I pretty much agree with you about ASPs. The only thing I might want an ASP for is backups (as long as all the data is encrypted before it leaves my computer).
But I disagree with your assessment of the security situation. First, ASPs can work just fine without mobile code or agents or whatever. Consider your example of a speech-recognition ASP: It will already have the code installed on it, so there's no need for it to run untrusted code.
However, it is still possible to run untrusted native code safely if you have the right OS; too bad "the right OS" in this case isn't any flavor of Unix or NT.
I don't know if HTTP-NG ever made it to the IETF; I know the W3C was working on it for a while, but I get the impression some people realized that they didn't really know why HTTP-NG was needed or exactly what it should do, so they put it on the back burner.
If HTTP-NG ever comes back, it may end up using BXXP as its mux layer.
Do all your homegrown app protocols support TLS and SASL? Do you want to spend a month just working on the authentication part of one of your new protocols? I don't.
Although if you don't need mux, security, or any kind of negotiation in your protocols, you may be right.
IPv6 was specifically designed to work alongside IPv4; some people have already started using it (it's flexible enough that you can use it even before all the specs are finalized).
These days the W3C doesn't seem to be interested in standardizing protocols (even HTTP); they've shifted all that work to the IETF.
RAM compression isn't going to deliver compression ratios as good as stream oriented algorithms like deflate and bzip2, because it has to be random-access and the compressor doesn't have as much context to look at.
But as you pointed out, memory tends to be pretty compressible because of the significant redundancy.
Most of the issues Fred mentioned in his paper would still exist in a multi-personality approach like the one you described.
For example, there has to be some code that manages the VFS layer, and the semantics of that layer would never be able to perfectly fit both the BSD and Carbon personalities. In particular, if you read some of the Interix papers, they mention many similar issues. (Interix is an improved version of NT's POSIX personality.)
Why not just set up your site to send PNGs and MNGs to browsers that support them, and GIFs to other browsers?
Let's say SightSound sends me some encrypted video. For me to watch it, my computer has to decrypt it. For my computer to decrypt it, they have to send me the key. But now I have some encrypted data and the key! Cracking it is trivial.
It doesn't matter how strong your crypto is if you give someone the key.
Who's going to pay a whole room full of people to do nothing but check new domain registrations to see if they're "worthy"? And you thought domains were expensive already!