My fiancee is from NJ. She used to make this gas price argument until I pointed out that, sure, the gas is cheap. But with all the tolls, I think it's at best, a wash.
It'd be nice to see them have some sort of success again. Or anyone, really. It's depressing to see only one large player in the market. Bring on the innovation. Anyone. Please.
Don't worry.. In the coming years, fragmentation won't matter nearly as much. On will come the log-structured filesystems and their ilk to replace the heavily disk-tuned mainstream filesystems we use today.
And an unclean shutdown still requires an fsck after reboot.
No it doesn't. Otherwise, how could it be backgrounded? You need only do it to free uncommitted blocks (garbage collect, basically). Your system will run perfectly fine, however, with you never doing it.
That's what DNS is for. It'll probably be on::1 anyway.
With ipv6 you don't have to muck around with multiple subnets and trying to work out just what the hell the IP address of your new router is. You plug it in and the entire network sees it and uses it for routing automatically, with zero configuration required.
I'm all about IPv6, and use it at home and wherever I can. But the same could be said about DHCP. All I have to do with an IPv4 router is plug it in and it'll grab a DHCP address. So the scenario is largely the same.
A one-to-many NAT requires a stateful firewall (or at least the stateful portion of it). If that stops working, no more connectivity for those hosts. Also, if that stops working, your internal network will be accessible to other hosts on the same broadcast segment as your external IP.
Also, if your firewall goes down in the 'firewall-only' scenario, packets will stop being routed. Firewall rules are injected directly into the kernel or hardware (as the case may be), it's not like there's a process that needs to be running in order for the device to filter traffic. It's part of the packet-processing loop.
I'm with you, btw. What's worse is anycast applications. You might only need 10 anycast addresses for your application, but because anything/24 will likely be ignored by the majority of the BGP speakers out there, you're forced to use a much bigger block than you need to get it done. Getting that block for 10 IP addresses can be a hassle as well.
I think that IPv6 will truly make a lot of peoples' lives easier and fix a lot of problems that users have with their internet connectivity (particularly p2p apps) currently.
vipw is the way you're supposed to edit the passwd file - It exists in linux too.. On FreeBSD, vipw will run pwd_mkdb automatically after you exit. The good thing about pwd_mkdb, is it lets you know that you screwed up before shooting yourself in the foot.
pwd_mkdb: * uid is incorrect pwd_mkdb: at line #4 pwd_mkdb:/etc/pw.mXg864: Inappropriate file type or format
I hope someone mods you up. It's a good point and it's something I've been getting into over the past year as well (foreign exchanges, personally). But it matters little what market you choose, there is money to be made (or lost).
Also if you've never gotten into any minute-by-minute trading, you'd be surprised how much can be made with just a fraction of a cent in fluctuation. Programming is also definitely a factor
I'd like to dismiss what you're saying, but you've made me curious.
Let's take a video game for example. How would this model work? Are you suggesting that we buy the game in advance of its creation? Or that after a game is finished, a certain amount has to be paid to the developer by everyone before the game is released to anyone? How would it work?
Also, how much profit would a developer stand to make? Would the profit potential be in the ballpark that it is now for a successful game? Hell, if a game is good, I want the developer to make millions. They deserve it.
I don't see the current model as people paying for distribution. I see it as people paying for the product they're getting (code, art, etc).
There was nothing speculative about it. As Magada has noted, his comment in 2001 clearly outlined the vulnerability. 65k is 65k.. It's not a very good barrier against mischief. This has seriously been known about for a while - thanks partially to djb. I find it funny, however, that it has all of a sudden become such a huge blip on the radar. His solution wasn't a perfect one, but it takes about 2^16 times longer to crack than previous implementations and it was fully compatible with what everyone was already using.
I'd personally find it nice if we could fix the problem without the administrative overhead of something like DNSSEC. We already have registries of authoritative DNS servers to solve the problem of record authenticity. Let's focus on solving the issue of cache poisoning rather than the issue of record authenticity - which has been solved since the beginning...
djb drives people crazy (particularly the BIND folks), but he's someone to listen to - is it the case, as I understand from reading through these docs, that in 2001, djb's dnscache performed the port randomization that everyone's been scrambling to deploy over the past several weeks for other implementations, including BIND?
Or am I mis-interpreting here?
You are correct. djbdns was "not vulnerable" (in the same sense that BIND is "not vulnerable" now) to this attack.
As you mentioned, he can be abrasive, but he's definitely contributed some valuable things. See SYN cookies as another djb-contributed and widely-deployed solution to a problem.
Slashdot Mirror
My fiancee is from NJ. She used to make this gas price argument until I pointed out that, sure, the gas is cheap. But with all the tolls, I think it's at best, a wash.
It'd be nice to see them have some sort of success again. Or anyone, really. It's depressing to see only one large player in the market. Bring on the innovation. Anyone. Please.
Don't worry.. In the coming years, fragmentation won't matter nearly as much. On will come the log-structured filesystems and their ilk to replace the heavily disk-tuned mainstream filesystems we use today.
And an unclean shutdown still requires an fsck after reboot.
No it doesn't. Otherwise, how could it be backgrounded? You need only do it to free uncommitted blocks (garbage collect, basically). Your system will run perfectly fine, however, with you never doing it.
People use CDs other than CD 1 and the live cd? :-)
The people working for me are typically a few years out of school and are already doing architectural work.
And that basically sums up Accenture...
lipstick!
That's what DNS is for. It'll probably be on ::1 anyway.
With ipv6 you don't have to muck around with multiple subnets and trying to work out just what the hell the IP address of your new router is. You plug it in and the entire network sees it and uses it for routing automatically, with zero configuration required.
I'm all about IPv6, and use it at home and wherever I can. But the same could be said about DHCP. All I have to do with an IPv4 router is plug it in and it'll grab a DHCP address. So the scenario is largely the same.
Comcast already had this problem with their cable modems and set-top boxes. They moved the whole network to IPv6 to solve it.
Also, I think you meant 10/8 not /24..
These days, it's normally 1 UDP and 1 TCP port, if that.
Hopefully SCTP catches on and we can drop that number of ports even further..
A one-to-many NAT requires a stateful firewall (or at least the stateful portion of it). If that stops working, no more connectivity for those hosts. Also, if that stops working, your internal network will be accessible to other hosts on the same broadcast segment as your external IP.
Also, if your firewall goes down in the 'firewall-only' scenario, packets will stop being routed. Firewall rules are injected directly into the kernel or hardware (as the case may be), it's not like there's a process that needs to be running in order for the device to filter traffic. It's part of the packet-processing loop.
No NAT. Just a stateful firewall (which is part of what those consumer routers do already, after all..)
Who's using UPnP in a corporate environment? Most enterprise firewalls don't support it anyway.
I'm with you, btw. What's worse is anycast applications. You might only need 10 anycast addresses for your application, but because anything /24 will likely be ignored by the majority of the BGP speakers out there, you're forced to use a much bigger block than you need to get it done. Getting that block for 10 IP addresses can be a hassle as well.
I think that IPv6 will truly make a lot of peoples' lives easier and fix a lot of problems that users have with their internet connectivity (particularly p2p apps) currently.
RIPE is going to bitch-slap them if they do that for every customer..
The patent is probably a little more specific than that.
He was talking about Microsoft
Last I checked, Plan9 didn't run properly under VMware, which I think is a requirement for having any success with the geek crowd today :)
Has that been fixed?
vipw is the way you're supposed to edit the passwd file - It exists in linux too.. On FreeBSD, vipw will run pwd_mkdb automatically after you exit. The good thing about pwd_mkdb, is it lets you know that you screwed up before shooting yourself in the foot.
pwd_mkdb: * uid is incorrect /etc/pw.mXg864: Inappropriate file type or format
pwd_mkdb: at line #4
pwd_mkdb:
Are you against the crontab(1) command too? :)
I hope someone mods you up. It's a good point and it's something I've been getting into over the past year as well (foreign exchanges, personally). But it matters little what market you choose, there is money to be made (or lost).
Also if you've never gotten into any minute-by-minute trading, you'd be surprised how much can be made with just a fraction of a cent in fluctuation. Programming is also definitely a factor
Check out this video for a dive into the technology. The creator went and did a google tech talk.
http://www.youtube.com/watch?v=3xKZ4KGkQY8
Indubitably.
I'd like to dismiss what you're saying, but you've made me curious.
Let's take a video game for example. How would this model work? Are you suggesting that we buy the game in advance of its creation? Or that after a game is finished, a certain amount has to be paid to the developer by everyone before the game is released to anyone? How would it work?
Also, how much profit would a developer stand to make? Would the profit potential be in the ballpark that it is now for a successful game? Hell, if a game is good, I want the developer to make millions. They deserve it.
I don't see the current model as people paying for distribution. I see it as people paying for the product they're getting (code, art, etc).
But maybe I'm wrong. Enlighten me.
There was nothing speculative about it. As Magada has noted, his comment in 2001 clearly outlined the vulnerability. 65k is 65k.. It's not a very good barrier against mischief. This has seriously been known about for a while - thanks partially to djb. I find it funny, however, that it has all of a sudden become such a huge blip on the radar. His solution wasn't a perfect one, but it takes about 2^16 times longer to crack than previous implementations and it was fully compatible with what everyone was already using.
I'd personally find it nice if we could fix the problem without the administrative overhead of something like DNSSEC. We already have registries of authoritative DNS servers to solve the problem of record authenticity. Let's focus on solving the issue of cache poisoning rather than the issue of record authenticity - which has been solved since the beginning ...
djb drives people crazy (particularly the BIND folks), but he's someone to listen to - is it the case, as I understand from reading through these docs, that in 2001, djb's dnscache performed the port randomization that everyone's been scrambling to deploy over the past several weeks for other implementations, including BIND?
Or am I mis-interpreting here?
You are correct. djbdns was "not vulnerable" (in the same sense that BIND is "not vulnerable" now) to this attack.
As you mentioned, he can be abrasive, but he's definitely contributed some valuable things. See SYN cookies as another djb-contributed and widely-deployed solution to a problem.