What do you mean it doesn't scale cost-effectively? It does if you are willing to use the technology that you have at hand.
The only problem I foresee is having to purchase a larger VPN concentrator (you could always use open source IPSec) or having to purchase more Access points, which you'd have to do anyway once you reach the 10 or 50 user limit that most APs have.
As far as speed, today's computers and VPN concentrators are fast enough to handle the encryption overhead, as well as the routing. Complaining that the routers have to "route the packets where they're actually going", is an empty argument. This is what they were made to do, and the additional hop added by going through the concentrator creates a neglible performance impact.
You also DO NOT have to install the VPN concentrator next to the APs; use the network you build to bring the wireless VLAN into the switches on the individual floors.
Trunk your floors together (like most companies do) with fiber and put a VPN single concentrator in the server room. Use the concentrator to gateway this dirty VLAN into the corporate network. (I'm leaving out the discussion of VLAN security -- I know someone will gripe that VLANs are not a secure division of services and I leave that solution as an exercise to the reader.)
Dealing with the current state of wireless security isn't worth it.
Move all of your access points to a network that is outside the firewall. Treat the wireless network as if it is completely untrusted. Enable DHCP on the untrusted network, but do not route the network to anywhere except to the VPN concentrator.
Place a VPN Concentrator on the wireless network and give VPN clients to all of your wireless users. No VPN = NO ACCESS. Problem solved.
All of your company's encryption requirements can be handled by the VPN concentrator, which I'm sure you can get certification for.
You don't need to maintain a centralized list of known good MD5 checksums. Transmit the MD5 along with the song. The song you want is the one that most users have with the same MD5. Alternately, compute and show the number of users who have that song with that md5.
This eliminates bogus uploading of music as most people will delete or destroy bogus copies. If a single user attempts to create hundreds of accounts with garbage data, then filter this against source IP or some identifying factor.
It's funny now, but I once caught my girlfriend-at-the-time cheating on me by looking at the last logs on the CS cluster machine. It was like "Oh hell, I know uses x-and-such for dial in. And she's logging in from there, and she's been idle for two hours, and that's long enouogh to.. oh.. oh fuck..:\ "
Mr. VALENTI. I consider myself and my family believing what the plaintiffs in this lawsuit said and they said publicly, they have said it to the press, they have said it to the lawyers, they have said it to the courts. They do not intend to file any actions against homeowners now or in the future. I mean, that is obvious and they have said that publicly, Mr. Chairman, so I believe them. As far as I am concerned, I am going to continue taping because the plaintiffs have said they aren't going to do anything to me. I am not committing any crime. They know that.
Mr. KASTENMEIER. That wasn't my question.
Mr. VALENTI. Do I consider myself an infringer?
Mr. KASTENMEIER. When you engage in such practice.
Mr. VALENTI. Yes, sir, I do. I am taking somebody else's copyrighted material without their consent and I know damn well I am infringing. But as far as court action or anything else, I am safe.
Not that it's the best way to do admin level security, but even an initial popup box that says "This is your SA password. Write it down!" with a randomly generated password would be far more secure than leaving it set to null, 'sa', or 'admin'.
What's so hard about shipping products without a default password?
Sony is going quite overboard with this Album; Not only are they using copy protection, but they've also gone ahead and hired NetPD to investigate any possible location of the file on any filesharing network.
We've recieved a number of complaints from NetPD when they've seen songs from the album pass through our networks on Gnutella. It's quite extreme the lengths they are going through for such a popular artist.
You'd think they would put more effort into their smaller artists. They are the ones that will be hurt more from copying, not Dion. With millions of fans, she's not going to lose that much from copying; Sure, it's illegial to copy, but apply the same protection to ALL of your artists. Not just your big seller.
You can use standard RCA cable for the coax connnection, but it'll introduce jitter. If you must substitute RCA coax cable, use high quality (75 ohm) RCA cables normally used for video.
When you copy a CD you -are- changing the data. I know what you're about to say as a rebuttal - "CDs are Digital, therefore copying a CD means that I'm doing a digital copy, right?" Wrong.
If you rip a CD, copy the file to disk, and then burn ten copies of that digital File, then all of those CDs are identical.
Now, if you read in the CD, write it out, read in the new CD, write it out, and so on, you're changing the data, if the CD contains any small errors.
Due to interpolation (minor error), concealment (larger error), and muting (massive error), the data coming from the CD reader changes.
In regards to wireless overlap, I have two access points in my house, a 2.4 Ghz Siemens phone, a 2.4 Ghz X10 Camera, and two laptops running Orinoco Cards.
When my girlfriend and I sit on the couch (we're great big nerds), our respective laptops have their orinoco cards about 3-5 inches apart, and we have no problems communicating, and talking on the 2.4Ghz phone.
The only interference we've ever had is the 2.4Ghz phone clobbering the X10 camera. Then again, the X10 Camera and their transmitter/recievers have always been -garbage-.
I've even seen reports (with data) that make engineers ask, "how the hell is this thing even communicating?" because the signal is so bad, and the reciever so shoddy.
One of the most interesting aspects of Red Book audio CDs is that they are -not- 'perfect digital copies' in any sense, even when done by computer.
When you copy a CD, some amount of linear interpolation occurs to read the data off of the CD, changing the data slightly. So my copy and my rip is not a bit-for-bit copy, but it is extremely close to your copy of the same CD. The minor bit errors introduce subtle harmonic distortion throughout the ripped copy that you can see on an oscilliscope, and by doing bit-for-bit comparisons.
Most mastering houses want people to send in raw files or DATs for mastering, and not CD-Rs because of this very fact.
Back in 1993 when Gopher was all the rage, one of the promises of the Internet was to offer information to a diverse array of people, and to make that information available to all.
I've always been against Flash, DHTML, Frames, and other 'technologies' that serve only to push out those who are fully sighted, have powerful computers, and money from accessing information. Once sites take these routes, it's very difficult to read content without having these factors in place.
Look at _Lynx_! It's so simple to get data using it -- Imagine trying to download a software package who's link was only available somewhere deep inside of flash source?
Keep the web accessible to all, and if you must offer a flash-only site, at least do a browser check, and offer a text-only site for the unprivledged few.
[localhost:~] jna% uname -a Darwin localhost 5.3 Darwin Kernel Version 5.3: Thu Jan 24 22:06:02 PST 2002; root:xnu/xnu-201.19.obj~1/RELEASE_PPC Power Macintosh powerpc
[localhost:~] jna% dmesg | grep BSD IOKitBSDInit BSD root: disk0s5, major 14, minor 5
There's going to be many more BSD machines out there soon enough:)
No shit. Do we really need to hear any more crap from this sold out, ex-eff motherfucker?
I mean, if I hear about the Well or Echo one more god damn time, I'm going to throw my computer out the fucking window. I'm so sick of hearing about two bit 'visionaries' like JPB. God.
You seem to be forgetting about the Journal Industry. Journals like _Nature_ make incredible amounts of money by restricting the dissemination of scientific data to only those who can afford the massive fees they charge on a yearly basis.
Sure, you can get abstracts, but if you want real data, you or your university will have to purchase the Journal.
Most scientists and grad students are not allowed to release their information in any other venue once it's sent off to the journal house either, so there's no chance of pulling down the information from said scientist's home page either.
You come to the same conclusion that I do, though, that it is, in the end, all about GREED.
I used to work at the computer museum in 1991 (I built parts of 'computers and technology' and helped build the giant monitor and punchcard exhibits. It's sad to know that it's gone, because I just found out (thanks for the post) and I know that some of my software is now lost to the big museum graveyard at Moffett field.
hmm, most of this exists already in the new Sun Blade 100 desktop box, but some of what you're asking for is just dumb.
ISDN, DSL, and Cable all in the same box? It'd be quite hard to sell that. I can't see how a manufacturer would be able to push all the products at the same time in the same hardware; much of it would go to waste depending on the environemnt.
Slashdot Mirror
1. Aim Video Camera at Screen.
2. Press Record.
3. Digitize Video.
4. Put video on Internet.
Why bother with DRM? It's a waste of time and the proverbial cat is out of the bag.
What do you mean it doesn't scale cost-effectively? It does if you are willing to use the technology that you have at hand.
The only problem I foresee is having to purchase a larger VPN concentrator (you could always use open source IPSec) or having to purchase more Access points, which you'd have to do anyway once you reach the 10 or 50 user limit that most APs have.
As far as speed, today's computers and VPN concentrators are fast enough to handle the encryption overhead, as well as the routing. Complaining that the routers have to "route the packets where they're actually going", is an empty argument. This is what they were made to do, and the additional hop added by going through the concentrator creates a neglible performance impact.
You also DO NOT have to install the VPN concentrator next to the APs; use the network you build to bring the wireless VLAN into the switches on the individual floors.
Trunk your floors together (like most companies do) with fiber and put a VPN single concentrator in the server room. Use the concentrator to gateway this dirty VLAN into the corporate network. (I'm leaving out the discussion of VLAN security -- I know someone will gripe that VLANs are not a secure division of services and I leave that solution as an exercise to the reader.)
Cisco's VPN client offers a built-in host based firewall, if you configure the VPN not to run in split-tunnel mode.
Once the VPN is established, all traffic is routed through the VPN and all inbound traffic is thrown away.
This creates a minor inconvience to users who want to print to local devices on the 802.11 lan, but you just move those inside the corporate network.
Dealing with the current state of wireless security isn't worth it.
Move all of your access points to a network that is outside the firewall. Treat the wireless network as if it is completely untrusted. Enable DHCP on the untrusted network, but do not route the network to anywhere except to the VPN concentrator.
Place a VPN Concentrator on the wireless network and give VPN clients to all of your wireless users. No VPN = NO ACCESS. Problem solved.
All of your company's encryption requirements can be handled by the VPN concentrator, which I'm sure you can get certification for.
I think there's a way around that too!
You don't need to maintain a centralized list of known good MD5 checksums. Transmit the MD5 along with the song. The song you want is the one that most users have with the same MD5. Alternately, compute and show the number of users who have that song with that md5.
This eliminates bogus uploading of music as most people will delete or destroy bogus copies. If a single user attempts to create hundreds of accounts with garbage data, then filter this against source IP or some identifying factor.
Maybe he meant:
"What 35 year olds will be doing with them WHILE they're doing 15 to 20"
.. this is, of course, after they're doing time for stalking nubile freshmen girls.
It's funny now, but I once caught my girlfriend-at-the-time cheating on me by looking at the last logs on the CS cluster machine. It was like "Oh hell, I know uses x-and-such for dial in. And she's logging in from there, and she's been idle for two hours, and that's long enouogh to.. oh.. oh fuck.. :\ "
Time to call the feds on ol' Jack.
Not that it's the best way to do admin level security, but even an initial popup box that says "This is your SA password. Write it down!" with a randomly generated password would be far more secure than leaving it set to null, 'sa', or 'admin'.
What's so hard about shipping products without a default password?
Sony is going quite overboard with this Album; Not only are they using copy protection, but they've also gone ahead and hired NetPD to investigate any possible location of the file on any filesharing network.
We've recieved a number of complaints from NetPD when they've seen songs from the album pass through our networks on Gnutella. It's quite extreme the lengths they are going through for such a popular artist.
You'd think they would put more effort into their smaller artists. They are the ones that will be hurt more from copying, not Dion. With millions of fans, she's not going to lose that much from copying; Sure, it's illegial to copy, but apply the same protection to ALL of your artists. Not just your big seller.
You can use standard RCA cable for the coax connnection, but it'll introduce jitter. If you must substitute RCA coax cable, use high quality (75 ohm) RCA cables normally used for video.
There's a problem with your complaint here --
u dio2/95x7.htm
When you copy a CD you -are- changing the data. I know what you're about to say as a rebuttal - "CDs are Digital, therefore copying a CD means that I'm doing a digital copy, right?" Wrong.
If you rip a CD, copy the file to disk, and then burn ten copies of that digital File, then all of those CDs are identical.
Now, if you read in the CD, write it out, read in the new CD, write it out, and so on, you're changing the data, if the CD contains any small errors.
Due to interpolation (minor error), concealment (larger error), and muting (massive error), the data coming from the CD reader changes.
References:
Audio Compact Disc http://www.ee.washington.edu/conselec/CE/kuhn/cda
In regards to wireless overlap, I have two access points in my house, a 2.4 Ghz Siemens phone, a 2.4 Ghz X10 Camera, and two laptops running Orinoco Cards.
When my girlfriend and I sit on the couch (we're great big nerds), our respective laptops have their orinoco cards about 3-5 inches apart, and we have no problems communicating, and talking on the 2.4Ghz phone.
The only interference we've ever had is the 2.4Ghz phone clobbering the X10 camera. Then again, the X10 Camera and their transmitter/recievers have always been -garbage-.
I've even seen reports (with data) that make engineers ask, "how the hell is this thing even communicating?" because the signal is so bad, and the reciever so shoddy.
So much for any theories about interference.
One of the most interesting aspects of Red Book audio CDs is that they are -not- 'perfect digital copies' in any sense, even when done by computer.
When you copy a CD, some amount of linear interpolation occurs to read the data off of the CD, changing the data slightly. So my copy and my rip is not a bit-for-bit copy, but it is extremely close to your copy of the same CD. The minor bit errors introduce subtle harmonic distortion throughout the ripped copy that you can see on an oscilliscope, and by doing bit-for-bit comparisons.
Most mastering houses want people to send in raw files or DATs for mastering, and not CD-Rs because of this very fact.
This was from a -prior case- regarding the RIAA and the sale of used cd's.
...and do you ever wonder where all that money goes?
Back in 1993 when Gopher was all the rage, one of the promises of the Internet was to offer information to a diverse array of people, and to make that information available to all.
I've always been against Flash, DHTML, Frames, and other 'technologies' that serve only to push out those who are fully sighted, have powerful computers, and money from accessing information. Once sites take these routes, it's very difficult to read content without having these factors in place.
Look at _Lynx_! It's so simple to get data using it -- Imagine trying to download a software package who's link was only available somewhere deep inside of flash source?
Keep the web accessible to all, and if you must offer a flash-only site, at least do a browser check, and offer a text-only site for the unprivledged few.
Yeah, whatever:
:)
[localhost:~] jna% uname -a
Darwin localhost 5.3 Darwin Kernel Version 5.3: Thu Jan 24 22:06:02 PST 2002; root:xnu/xnu-201.19.obj~1/RELEASE_PPC Power Macintosh powerpc
[localhost:~] jna% dmesg | grep BSD
IOKitBSDInit
BSD root: disk0s5, major 14, minor 5
There's going to be many more BSD machines out there soon enough
No shit. Do we really need to hear any more crap from this sold out, ex-eff motherfucker?
I mean, if I hear about the Well or Echo one more god damn time, I'm going to throw my computer out the fucking window. I'm so sick of hearing about two bit 'visionaries' like JPB. God.
You're correct in saying this, but the comment refers to the GUYS who wrote Zim, of which Roman Dirge (the writer and artist of Lenore) is one!
You seem to be forgetting about the Journal Industry. Journals like _Nature_ make incredible amounts of money by restricting the dissemination of scientific data to only those who can afford the massive fees they charge on a yearly basis.
Sure, you can get abstracts, but if you want real data, you or your university will have to purchase the Journal.
Most scientists and grad students are not allowed to release their information in any other venue once it's sent off to the journal house either, so there's no chance of pulling down the information from said scientist's home page either.
You come to the same conclusion that I do, though, that it is, in the end, all about GREED.
Alternately, store the email address in some moderate form of encryption (XOR? Rot13?) in the .js file, then decode it and document.write() it out.
Multicast is dead. Noone really routes it anymore, and when they do, it's usually to selected hosts.
I used to work at the computer museum in 1991 (I built parts of 'computers and technology' and helped build the giant monitor and punchcard exhibits. It's sad to know that it's gone, because I just found out (thanks for the post) and I know that some of my software is now lost to the big museum graveyard at Moffett field.
hmm, most of this exists already in the new Sun Blade 100 desktop box, but some of what you're asking for is just dumb.
ISDN, DSL, and Cable all in the same box? It'd be quite hard to sell that. I can't see how a manufacturer would be able to push all the products at the same time in the same hardware; much of it would go to waste depending on the environemnt.
It is at this point that the article should be removed from slashdot, and newsbytes, and the child in question should just go to jail.
I can see the free-speech angle that slashdot and newsbytes is trying to push here, but it just doesn't work for me.
Knowing how to make bombs: free speech
Telling other people: free speech
Breaking into and defacing websites: crime
Slashdot picking up and running with another dumb article that will create panic, flamebait, and lots of hits: priceless