If I had mod points, I'd mod this up. But since I don't, I'll just post.
I think you're exactly right. How does a user connect to the AP if the AP can't see the user until it points the antenna in the right direction?
How does the AP know that a client is about to send a packet so that it can point the antenna in the right direction to receive it? Clients can send packets at any time. How do you point the antenna in the right direction first?
What happens to the collision rate on the network? Normally the clients and the AP use RTS and CTS packets to reserve airtime for large packets. But unless every client receives the CTS packet, that algorithm doesn't work. The end result could be dramatic increases in the collision rate.
I think this would be great tech if you could put it in the client, so that as you wondered around the client would maintain a directional link back to the AP. That, I think, could work quite well. Clients only talk to a single access point at a time, after all. But I don't think it's realistic to expect this to work worth a damn on the AP side. An access point really does need to be able to send packets to all clients at once. And it really does need to be able to receive from all clients at once. Unfortunatly, laptop makers might balk at the eight square feet required by the current design.
I think Palladium is a great idea, and let me tell you why.
One thing it offers is the ability to run a program which has it's own secure connection to the input devices and the screen. I think I'll write a little encryption utility which makes use of these features. By using a screen-based soft-keyboard for passphrase input I can make it impervious to every known keyboard sniffer, hardware or software. I bet I can find a few Mafia bosses who would pay a pretty penny for that! Thanks Microsoft(tm)!!!
Palladium will also let a client download software from the net which a remote server can verify is running untampered. I think I'll write an encrypted communications tool which uses this. Imagine being able to walk into any Internet cafe in the world and securely download an encrypted comm program with no worries about man in the middle attacks or keyboard sniffers! I hear the bin Laden's make good money in the construction business. I bet they'd pay good money for software like this so their "contractors" could check and submit bids online securely and anonymously from anywhere in the world. Thanks again Microsoft(tm)!!!
I bet I can find product opportunities in every market from P2P pirates to child porn collectors. Thanks Microsoft(tm)!
Step three: Profit!!!
Of course, the FBI and CIA are unlikely to let encryption tech that works that well out into the mass market. It's a safe bet that Palladium will either ship with a hidden back door or will include everyones favorite forgotten boogeyman key escrow. Thanks again Microsoft(tm)!
Sounds like two possibilities, either the final server is mis-reporting its location, or the final server IS in North Carolina. It is not unusual to have web pages served from off-site.
You forgot the most likely possibility: Visualroute is simply wrong. Servers to not report their actual location via any standarized protocol. And there is no authoritative database of IP to location information. Programs like visualroute makes guesses about where addresses are based upon related but not always accurate information such as the addresses found via ARIN and whois lookups on the address and it's associated DNS information. Sometime they're right, but not all the time. Not by a long shot.
Take a dialup pool. The actual location of the machine could literally be anywhere in the world, but the best guess visualroute is going to make is the location of the dialup server itself. Or in my case, some of the address space we have at work is easily located because the geographic location matches with both DNS and ARIN entries. But some of that same space is actually located in different parts of the state. And the addresses being used for VPN clients can literally be anywhere in the world. There is no way for visualroute to know the true location of these IP addresses.
after all drug companies do take finantial risks to make new medications.
No, drug companies take financial risks to market their drugs. They spend significantly more money on advertising and freebies for doctors than they do on research. The research is relatively cheap in comparison, and non-trivial amounts of it are paid for with tax dollars.
Millions in tax dollars are spent researching the really important things like cancer research. And there is no need to market the results of such research because people want to buy such things. High prices on important drugs are being used to subsidize advertising campaigns for Rogain(tm). Who cares if people go f***ing bald. "Innovation" which needs to be advertised and crammed down consumers throats like Rogain(tm) and Claritin(tm) does not need to be rewarded.
That's part of the problem with capitalism. Human life and suffering is worth exactly jack shit. Witness the drug companies unwillingness to allow African countries to produce generic versions of AIDS drugs without paying patent fees. Now keep in mind that those countries can't afford to buy the real thing. But the capitialist viewpoint says it's better to have people not pay for the drug and die than to have people not pay for the drug and live. The drug companies are not going to get paid either way, but somehow it's still "wrong" to try to saves lives. Totally fucking backwards. Capitalism does a good job of allocating resources in some cases, but it's an amoral monster in others.
Don't worry. Our healthcare system is eating itself anyway. It's only a matter of time before it has to be overhauled. Or revived. Underwriting companies are fleeing the medical malpractice field because even with the ungodly premiums the doctors pay, they still can't manage the risk. And of course the premiums that patients pay are skyrocketing lately as well. The amount of money being poured into the medical field in general is staggering, and I'm not sure where it's all going. Lawyers are taking a big chunk of it.
That's one problem with laywers is that they can generate their own jobs. So you get huge increases in the numbers of lawyers, like we have over the past couple of decades. And what do you know, we have industries which are collapsing under the weight of the lawsuits. Forget the Microsoft(tm) tax, let's start fighting the lawyer tax. How much of your health insurance premium is ending up in the pockets of late-night Phen-Phen ambulance chasers?
But don't be suprised if your doctor starts asking you to sign a release before treatment because he can't afford malpractice insurance. Or simply can't purchase it at any price.
We get more and more DVD/CD/MP3/kitchen sink consumer players. Break compatibility with those, and the MPAA will have only themselves to thank when the customers abandon them
That's what I find amazing. These CD's work only in plain audio CD players. But as the incremental cost of adding MP3 playback drops to almost nothing, more and more players are including that functionality. Quite a few portables play MP3s. At least a dozen car CD decks play them. All DVD players. All computers of course. I've even seen boom boxes that play them.
And these new discs, by trashing the TOC with stupid multisession tricks, are going to have problems in a growing class of players. It's like the media conglomerates want me to go pirate their music. With their endless campaign to reduce both the quality of the music as well as the compatability and usefulness of the disc itself, combined with what seems to be endless price hikes and settlements with the FCC for price fixing. Ugh. The music industry survives despite the executives running it, not because of them.
I'd tend to disagree. Microsoft does at least appear to have gained a clue about security recently, and if they refuse to allow unsigned drivers outright they are opening an ugly can of worms. It takes time to get that WHQL certification that marks a driver as signed, so consider what would happen in the scenario of an exploit being found in a WHQL driver and made public immediately.
Microsoft(tm)'s Palladium scheme will require signed drivers. There is simply no way to try to enforce that level of security while still allowing end users to insert arbitrary code into the kernel. Not with any standard definition of "driver" and "kernel".
Most likely they will "compromise". You'll be able to load unsigned drivers, but when you reboot to load the drivers Palladium will detect that the OS is no longer in a "secure" state and any software that relies on the "trust" Palladium gives will be disabled. So no running WMP. And even though Microsoft(tm) has claimed that they won't use Palladium for software licensing somebody will. It's just too juicy for software publishers to resist. So you can expect that software to break. And since guarding against virii and such is one of the trumpeted reasons for Palladium, you can expect your AV software to have a fit. Who knows what it's failure mode will be. Should it not allow anything, since it can't really trust it's own binary, or it's AV database? Or should it allow everything for the same reason? Either failure mode is quite unpleasant. Or should it continue as if nothing had changed?
Now imagine the outcry from those who do have a security clue if they are left vulnerable because Microsoft decided it was in their best interests not to allow them to install the patch because it was unsigned.
Anybody with a security clue should realize that Palladium is about creating a new level of security user which is higher than "Administrator" and which only Microsoft(tm) has access to. No more. No less. It's about taking root access away from the user and giving it to Microsoft(tm). Any security administrator who willfully gives up final control of their box to the OS vendor gets exactly what they deserve. What's remarkable is how many "administrators" are going to be dumb enough to do exactly that.
Palladium is designed to make the PC an attractive platform to media conglomerates for online content. A platform which will allow Microsoft(tm) to collect a toll on that delivery. It has nothing to do with increasing security for end users. Media companies don't trust their cusomters, nor do they trust their PCs. Microsoft(tm), by assuming control of the users computer, will be able to assure the media companies that their customers PC's can be trusted, even though the customers themselves can't be.
That's what I want to know. IR is way up in the THz range. You outta be able to modulate a least a Gbps onto it easily. Sure, it wouldn't go very far but so what. Is it just the difficulty in making emitters and detecters which are fast enough? That can't really be that hard. A gige optical SX GBIC module can be had for under $100. Hm. That makes me want to tear a couple apart and see if I can get a link running across a few feet of free space.
not to mention (i'm guessing) a hella lot more range,
You guessed wrong. The range goes down as the frequency goes up. The higher the frequency, the more the radiation behaves like light, which is really just terahertz radio. As you get higher and higher frequencies, walls and such become more and more opaque to the signals. Until eventually they won't travel thru the walls at all, just like light.
If you want long range, you need lower frequencies. If you want to send a signal across the ocean, you need KHz radio waves (short wave radio). If you want to send a signal around the state you need AM radio at ~1MHz. If you want to send your signal around a city you can use FM at ~100MHz. By the time you get up to 2.4GHz you can only send your signal across a few rooms. Yes, I know I'm simplifying the differences in transmission power. But a short wave ham can reach across the world with less power than an AM station uses to cover a state, and the AM station uses less power still than the FM station which only covers a city or so.
Now, point to point is a whole different story. If you have direct line of sight you can send extremely high frequencies across significant distances. But the curvature of the Earth prevents you from sending stuff too far. Not to mention buildings and other obstructions.
Well, I haven't seen the author on Letterman yet, but at least Amazon isn't afraid to carry it. The Gas We Pass: The Story of Farts And a childrens book at that! Somebody please think of the children!!!:-)
No, actually that won't work. You see, the RIAA is not composed of artists who make music. It's composed of companies who distribute music. So when you ask them "What do you really have to do to play their music legally?" all they hear is "Hey, I want to be a music distributor too!". To which they respond "F**k off and die, this is our turf!". Actually, they only take that tactic if you actually distribute music on your own. If you just call them, they apparently just ignore you.
A crude scenario, but that's the gist of it. The RIAA members like the way they have the music distribution business all tied up. Nice and neat. The "Internet" is just going to screw all that up which they hate. They are not going to play nice because it means them giving up control. It'll never happen. They will either succeed in destroying the Internet in the US (and turning America into an intellectual backwater in the process) or die trying.
Who modded this troll insightful? Anyway, I rip all my games so that I can play them without the CD. My only Windows(tm) box is a laptop without a built-in CD-ROM. I'm not about to start hauling around a giant dongle of a CD-ROM just to play games.
So far, I haven't had any real problems getting the software I use to rip copy "protected" games. But if the industry ever does figure out a decent "protection" scheme which I can't get past I'll just get warez copies of the games. And once I'm going thru the effort to track down warezed copies, how much incentive do you think I'll have to bother actually buying the CD? None.
Folks can bitch and moan about the ethics of piracy, but the simple fact is that if the game distributors are unwilling to sell me a product that's actually useful I'll go elsewhere. That's how capitalism works. If you refuse to provide a customer a working product, don't bitch if they take their business elsewhere.
Unfortunately, even having state-sponsored do not call lists won't help. As I've said before, laws are only as effective as their enforcement.
Actually, Colorado's new state-wide DNC list is working quite well. Since it went into effect in July, I belive I have gotten a total of 1 (one) telephone solicitation. Before, I was getting at least 3 or 4 a week. I had pretty much stopped answering the phone in the evening because the telemarketers were outcalling my friends and family by a significant margin. Keep in mind that I was scrupulous about telling every single company that called to put me on their DNC list. From what I could tell, it didn't make much of a dent. I tried to keep a list of the companies who called and when, but really only got a couple of repeat calls. There are so many companies doing telemarketing (and new ones every day) that per-company DNC lists are an exercise in futility.
Colorado's law allows individuals to file suit in small claims court against companies who call in violation of the law. The state also provides a web site were you can file a complaint on-line with the State AG. So far, I know at least one personal suit has been filed (settled out of court) and the AG's office have notified several companies that they are in violation of the law. At last count, almost half the residential phone lines in the state were on the list!
Say what you want, but at least here in Colorado the list is working quite well. Actually much better than I had hoped. Since I know that I can sue any telemarketer dumb enough to call, I actually sit around and hope that they will call. But they never do.:-)
Legal notice: the following statements represent my opinion, and is not to be taken as a statment of fact. Now, with that libel safe harbor in place:-)
Your a f***ing liar Berman! Plain and simple. That article is almost entirely bullshit. I can't believe an elected representative would stand up and put their name on bald faced lies which are easily discovered. Where to start:
If a copyright owner can find a way to only impair the piracy of her copyrighted work on a P2P network, she will have no liability. A copyright owner who does more will still be liable. For instance, if her actions have some other effect - such as knocking a corporate network offline, or wiping out files - she will remain liable under whatever previous theory was available.
This is a lie. The law provides a clear exemption for copyright owners who disrupt the distribution of other files on a p2p network. From the bills list of things which cause a copyright owner to lose the protection of the bill:
"(A) impairs the availability within a publicly accessible peer-to-peer file trading network of a computer file or data that does not contain a work, or portion thereof, in which the copyright owner has an exclusive right granted under section 106, except as may be reasonably necessary to impair the distribution, display, performance, or reproduction of such a work, or portion thereof, in violation of any of the exclusive rights of the copyright owner under section 106;" (emphasis added)
You could drive a truck thru that loophole, which Berman doesn't mention. If fact, his statment A copyright owner who does more will still be liable. is simply a lie.
Moving on in his article, we find this little gem:
The bill specifically states that the safe harbor does not allow a copyright owner to delete or alter any file or data on the computer of a file trader. Thus, a copyright owner can't send a virus to a P2P pirate. Nor can it remove any files on the pirate's computer. Nor can it even remove files that include the pirated works.
This qualification is no where in the bill. The entire list of actions which constitute a copyright holder overstepping their bounds is listed on page three. And There are only three of them. The first is (A) listed above. The second is (B)causes economic loss to any person other than affected file traders
But the third is the real killer.
(C) causes economic loss of more than $50.00 per impairment to the property of the affected file trader, other than economic loss involving computer files or data made available through a publicly accessible peer-to-peer file trading network that contain works in which the owner has an exclusive right granted under section 106; or (emphasis added)
So if they can't delete the infringing files, why are the infriging files exempted for the amount of the "economic loss"? How could those files possibly involve any economic loss if the copyright owner can't "delete or alter" the files? Jesus, I can't believe a lie that blanant.
Another non-existant protection:
The safe harbor is also lost if the anti-piracy action causes more than de minimis loss to the property of the P2P pirate. This limitation represents a recognition that even pirates should not be seriously harmed by copyright owners.
Once again, this is nowhere in the list of actions which cause a copyright owner to lose their "safe harbor". Nowhere. To claim otherwise is quite simply a lie. Once again.
Finally, the safe harbor is lost if the copyright owner fails to notify the Attorney General of the anti-piracy technologies she plans to use, or if she fails to identify herself to an inquiring file-trader. These notification provisions ensure that copyright owners who choose to employ self-help measures will operate in the light of day.
Fails to identify themselves to an inquiring file-trader? The requirements in the bill force the affected party to determine the copyright owner who took the action thru their own means and contact them. After the fact. So when I get up in the morning and a bunch of files are missing, how am I supposed to know what happened to them? Or why they're gone? Or who did it? Write a letter to every single RIAA member asking if they did it? Oh yeah, that's really the "light of day". More bullshit if you ask me.
An aggrieved party - perhaps a P2P user or an ISP - can sue the copyright owner for any remedy available under current law. For instance, the aggrieved party might be able to bring a civil action under the Computer Fraud and Abuse Act or a state denial of service statute.
Sure, but there's just one hoop to jump thru. You have to get permission from the Attorney General first! And if the AG doesn't like your claim, too bad. Game over. No process for appealing such a decision is granted. Since when am I required to obtain the AG's permission to file a civil lawsuit? The only reason for such a clause is to provide a way to reduce the number of lawsuits RIAA members would be subjected to under this bill. After all, why let the courts decide civil suits when a political appointee like the AG can do it!
Gah, I'm so mad I could spit. You're a liar Berman. Liar liar, pants on fire. Anybody who votes for this guy next fall is a moron in my opinion.
I dunno, the article is full of 'what if' and 'could be' and 'possibly'. The theory itself seems to be an alternate consequence of the Global Warming theory, which in itself hasn't been conclusively proven or disproven.
SNIP
They talk as if its fact, but the best anyone can do is an educated guess. We don't understand the earth.
OK. Make up your mind, which one is it? Are they presenting possibilities or facts?
Your whole argument seems quite confused. You admit "we don't understand the earth" (Note that Earth is a proper noun, and should be capitalized. There is only one, which is why these things are important.) But when a researcher thinks we should study some aspect of the Earth, they are "Scaring Open Pocketbooks." That claim really only applies if somebody is grossly exagerating or outright falsifying a potential problem, claims which would be very hard to levy against Woods Hole.
The article warned of possible climate changes, not an end to all life as we know it.
If your occupation relies on a relatively stable cliate, like a fisherman or farmer, than this type of change could easily end your life as you know it. Or is the "as we know it" part just hyperbole and you mean "end all life period"? Because if you mean the latter, I think your perspecive is a little off. Problems become important long before they threaten mankind with extinction.
I'm suprised no one has looked at the 2000 terrabytes/day number. I'm sorry, that seems just a bit low.
It is low. In fact, it's doesn't even pass any common sense test. As you figured out, that only equates to around 23Gbps of bandwidth. I can guarantee the Internet is pushing a lot more data than that. I help manage maybe 400-500 Mbps of end-user bandwidth (3x OC-3's and 1x OC-12), and I assure you that the college kids in a single mid-sized state do not represent 2% of the Internet.
What about the rights of these children? You know, the right not to be abused. The right not to be defiled.
Your argument is a false dichotomy. Or do you really think that Worldcom(tm) has the power to stop the sexual abuse of children? Because that's what you're saying. That if Worldcom(tm) blocks these sites, that that action will somehow restore the lost rights of these children. Which is simply not true at all. Forcing a backbone carrier to not route traffic to a certain block of IP addresses (which is the only way a backbone carrier can really effect such a policy) does nothing to prevent sexual abuse of children. Children were being abused before the Internet even existed, and they'll still be abused after Worldcom implements this decision.
Some things are worse than censorship. Prioritize.
Lot's of things are worse than censorship. Murder. Rape. Child abuse. Genocide. Kidnapping. But censorship doesn't actually prevent any of these things. If child porn is such an issue for you, why don't you try and find some way to actually prevent it, rather than sit around making weak aguments that censorship is OK as long as it's "for the children".
Granted, I think the way Microsoft(tm) is going to implement this, it'll be generally bad for users of their products. But how much do we really now about what hardware Intel is going to add to their chips? It's quite possible that Linux users will be able to leverage this technology to improve the security of our servers in ways which actually benefit the users.
From what I can tell, the overall thrust of this technology is to allow Microsoft(tm) to prevent a user from doing anything to patch or change certain behaviors of the OS. Basically, it's purpose is to prevent people with physical access from "rooting" the box. If we could leverage that tech to prevent a server at a co-lo from being trojaned, wouldn't that be a good thing? Perhaps there will be whole classes of expliots which will become impossible, or at least controllable? It's hard to say without knowing more. But I don't think we should automatically write off the technology just because some vendors plan on using it to screw their customers.
For that matter, who is liable if I "agree" to an EULA as part of my work duties? Is my employer going to indemnify me from a lawsuit? And if they are going to put themselves on the hook, shouldn't I run all EULA's past the legal department before I agree to them? I'm not allowed to sign contracts for the company. Why am I allowed to agree to EULA's?
And if my employer isn't going to indemnify me, isn't it reasonable for me to refuse to use software whose EULA I don't like? After all, why should I expose myself to liability? Even if I was always careful to try and follow the EULA, the mere act of defending myself against a suit would almost certainly bankrupt me. It is far from reasonable for an employer to require me to enter into contracts which expose me personally to liability instead of the corporation as a whole.
If you actually download it and look at it, you'll realize it's just a Perl script. Basically what it does is configure your laptop to be a real, functioning, access point. Every quarter second it reconfigures the card with a random MAC address and one of a handful of well-known SSID's such a "tsunami" and "linksys". Which means if you run this near any poor sap who happened to leave his card in it's default configuration, they'll be screwed as they continuously associate with your non-functioning access point.
Basically, I can't imagine this being effective at all against war-driving. But I can imagine it being quite effective as a DoS tool. Imagine setting it up with the SSID that Starbucks uses and walking into one of their shops with this. You could have half the customers futily trying to connect to the legitimate service but getting your non-connected and continously resetting "AP" instead. It would be easy enough for this "tool" to configure the card so that clients couldn't accidentally connect to it, by enabling WEP or MAC filtering or whatever. But it doesn't do that, or even try to. I understand it's version 0.2, but at this point I think it should be filed under "trojan horse" or "skript kiddie" given that it'll easily screw up legitimate users while doing basically nothing to protect you from any crackers around.
and they had lots of dumb windows clients trying to associate with them
Which is exactly why this is a bad idea. The software doesn't just send beacons. It requires to you install a driver which contains full AP functionality, and then starts configuring it with random MAC address and common, well known SSID's, every quarter second. Which means that anybody within range who happens to have "linksys", or "tsunami", or any of a handful of common SSID's is going to be out of luck when their laptop connects to whomever is running this Alchemy "tool". People who set up broken AP's with liberal (i.e. wide open) security are assholes. And that's exactly what this. software does.
The only reason you think this is a good idea is because you think you won't get put on a list like this. Which you probably won't, because I'm guessing that you are affluent and white.
they are really just taking note of people that are hanging in shady areas, loitering, with no real reason to be there.
This is crap. The reason these people are hanging out in "shady" areas is because they live there!. There only crime so far is being born poor. And the unfortunate people are being set up for a fall before they've even done anything. Don't you think life sucks enough for the poor in this country without the police harrasing them for no reason?
Now, it would be funny to see some CEO's
You know what, this isn't really a joking matter. The fact is that the rich and affluent are not ever going to find them selves on this list, which is exactly why it is wrong. Despite studies showing the rich white kids do drugs at the same or higher rates than then minority counterparts, you can bet that hanging around a prep school won't get you on this list.
At what point in the chain do we hand everything off to a central supplier who sells it out of the country?
That's a good question. It seems unlikely that this old junk is being diverted from landfills. I'm fairly certain that the stuff I put in my trash can gets transferred straight to a landfill with no post-processing at all. In the US, labor is too expensive to even try to remove the recylables from the garbage, much less to try and separate out toxic waste to ship to third world countries.
Clearly, whomever is selling this junk to China is somehow getting volume shipments of old computer gear for dirt cheap prices. Or even getting paid to haul it off. I know that Boulder runs a 'hard to recycle' program where for a not-so-minimal fee you can drop off old computers to have them properly disposed of. I've dumped some broken stuff off there, and had that nagging feeling that maybe I was being a sucker and paying to have my stuff dumped in a landfill. How would I tell? Think for a while about how expensive it would be to recycle computer parts in the US. The EPA and OSHA requirements would be brutal. Does anybody know of a place that is actually, for a fact, recycling computer parts in the States? If not, where is the recycling happening?
Back to the vendors selling junk to China, where could you get large volumes of outdated computer equipment? You could buy it at surplus auctions and such. But you know the Chinese aren't paying much for the junk, and you have to get it over there. Trying to buy anything, even junk, at US prices and sell it at Chinese prices and make a profit would be next to impossible. You might be able to get some stuff for free, by offering to haul it away. But what if you could get people to pay you to haul it away. And then get the Chinese to pay you again to take it away from you. You could make out like a bandit! And let me tell you, post-Enron, it's not hard to imagine somebody crooked enough to pull this off. And the best part is, the more heart-breaking stories like this the appear in the media the more you can get people to pay to "properly dispose" of their computer gear. I think maybe I'll start sticking with the "put it in the attic" disposal method for now.
the out cry on/. was that unless procedings were all public, the court was just a rubber stamp for the Justice Dept.
The court might be slapping the FBI on the wrist, but there is no reason to believe that it isn't still a rubber stamp. From the article:
A senior Justice Department official said that the FISA court has not curtailed any investigations that involved misrepresented or erroneous information, nor has any court suppressed evidence in any related criminal case.
And
Until the current dispute, the FISA court had approved all but one application sought by the government since the court's inception. Civil libertarians claim that record shows that the court is a rubber stamp for the government; proponents of stronger law enforcement say the record reveals a timid bureaucracy only willing to seek warrants on sure winners.
But given the fact that the FBI was willing to give false information to FISA in order to obtain warrants, I think we can file the "timid bureaucracy" claim under bullshit.
Slashdot Mirror
If I had mod points, I'd mod this up. But since I don't, I'll just post.
I think you're exactly right. How does a user connect to the AP if the AP can't see the user until it points the antenna in the right direction?
How does the AP know that a client is about to send a packet so that it can point the antenna in the right direction to receive it? Clients can send packets at any time. How do you point the antenna in the right direction first?
What happens to the collision rate on the network? Normally the clients and the AP use RTS and CTS packets to reserve airtime for large packets. But unless every client receives the CTS packet, that algorithm doesn't work. The end result could be dramatic increases in the collision rate.
I think this would be great tech if you could put it in the client, so that as you wondered around the client would maintain a directional link back to the AP. That, I think, could work quite well. Clients only talk to a single access point at a time, after all. But I don't think it's realistic to expect this to work worth a damn on the AP side. An access point really does need to be able to send packets to all clients at once. And it really does need to be able to receive from all clients at once. Unfortunatly, laptop makers might balk at the eight square feet required by the current design.
I know Slashdot occasionally posts duplicate articles, but I think this may be the first time a story has been duplicated in the same article!.
I think Palladium is a great idea, and let me tell you why.
One thing it offers is the ability to run a program which has it's own secure connection to the input devices and the screen. I think I'll write a little encryption utility which makes use of these features. By using a screen-based soft-keyboard for passphrase input I can make it impervious to every known keyboard sniffer, hardware or software. I bet I can find a few Mafia bosses who would pay a pretty penny for that! Thanks Microsoft(tm)!!!
Palladium will also let a client download software from the net which a remote server can verify is running untampered. I think I'll write an encrypted communications tool which uses this. Imagine being able to walk into any Internet cafe in the world and securely download an encrypted comm program with no worries about man in the middle attacks or keyboard sniffers! I hear the bin Laden's make good money in the construction business. I bet they'd pay good money for software like this so their "contractors" could check and submit bids online securely and anonymously from anywhere in the world. Thanks again Microsoft(tm)!!!
I bet I can find product opportunities in every market from P2P pirates to child porn collectors. Thanks Microsoft(tm)!
Step three: Profit!!!
Of course, the FBI and CIA are unlikely to let encryption tech that works that well out into the mass market. It's a safe bet that Palladium will either ship with a hidden back door or will include everyones favorite forgotten boogeyman key escrow. Thanks again Microsoft(tm)!
Sounds like two possibilities, either the final server is mis-reporting its location, or the final server IS in North Carolina. It is not unusual to have web pages served from off-site.
You forgot the most likely possibility: Visualroute is simply wrong. Servers to not report their actual location via any standarized protocol. And there is no authoritative database of IP to location information. Programs like visualroute makes guesses about where addresses are based upon related but not always accurate information such as the addresses found via ARIN and whois lookups on the address and it's associated DNS information. Sometime they're right, but not all the time. Not by a long shot.
Take a dialup pool. The actual location of the machine could literally be anywhere in the world, but the best guess visualroute is going to make is the location of the dialup server itself. Or in my case, some of the address space we have at work is easily located because the geographic location matches with both DNS and ARIN entries. But some of that same space is actually located in different parts of the state. And the addresses being used for VPN clients can literally be anywhere in the world. There is no way for visualroute to know the true location of these IP addresses.
after all drug companies do take finantial risks to make new medications.
No, drug companies take financial risks to market their drugs. They spend significantly more money on advertising and freebies for doctors than they do on research. The research is relatively cheap in comparison, and non-trivial amounts of it are paid for with tax dollars.
Millions in tax dollars are spent researching the really important things like cancer research. And there is no need to market the results of such research because people want to buy such things. High prices on important drugs are being used to subsidize advertising campaigns for Rogain(tm). Who cares if people go f***ing bald. "Innovation" which needs to be advertised and crammed down consumers throats like Rogain(tm) and Claritin(tm) does not need to be rewarded.
That's part of the problem with capitalism. Human life and suffering is worth exactly jack shit. Witness the drug companies unwillingness to allow African countries to produce generic versions of AIDS drugs without paying patent fees. Now keep in mind that those countries can't afford to buy the real thing. But the capitialist viewpoint says it's better to have people not pay for the drug and die than to have people not pay for the drug and live. The drug companies are not going to get paid either way, but somehow it's still "wrong" to try to saves lives. Totally fucking backwards. Capitalism does a good job of allocating resources in some cases, but it's an amoral monster in others.
Don't worry. Our healthcare system is eating itself anyway. It's only a matter of time before it has to be overhauled. Or revived. Underwriting companies are fleeing the medical malpractice field because even with the ungodly premiums the doctors pay, they still can't manage the risk. And of course the premiums that patients pay are skyrocketing lately as well. The amount of money being poured into the medical field in general is staggering, and I'm not sure where it's all going. Lawyers are taking a big chunk of it.
That's one problem with laywers is that they can generate their own jobs. So you get huge increases in the numbers of lawyers, like we have over the past couple of decades. And what do you know, we have industries which are collapsing under the weight of the lawsuits. Forget the Microsoft(tm) tax, let's start fighting the lawyer tax. How much of your health insurance premium is ending up in the pockets of late-night Phen-Phen ambulance chasers?
But don't be suprised if your doctor starts asking you to sign a release before treatment because he can't afford malpractice insurance. Or simply can't purchase it at any price.
We get more and more DVD/CD/MP3/kitchen sink consumer players. Break compatibility with those, and the MPAA will have only themselves to thank when the customers abandon them
That's what I find amazing. These CD's work only in plain audio CD players. But as the incremental cost of adding MP3 playback drops to almost nothing, more and more players are including that functionality. Quite a few portables play MP3s. At least a dozen car CD decks play them. All DVD players. All computers of course. I've even seen boom boxes that play them.
And these new discs, by trashing the TOC with stupid multisession tricks, are going to have problems in a growing class of players. It's like the media conglomerates want me to go pirate their music. With their endless campaign to reduce both the quality of the music as well as the compatability and usefulness of the disc itself, combined with what seems to be endless price hikes and settlements with the FCC for price fixing. Ugh. The music industry survives despite the executives running it, not because of them.
I'd tend to disagree. Microsoft does at least appear to have gained a clue about security recently, and if they refuse to allow unsigned drivers outright they are opening an ugly can of worms. It takes time to get that WHQL certification that marks a driver as signed, so consider what would happen in the scenario of an exploit being found in a WHQL driver and made public immediately.
Microsoft(tm)'s Palladium scheme will require signed drivers. There is simply no way to try to enforce that level of security while still allowing end users to insert arbitrary code into the kernel. Not with any standard definition of "driver" and "kernel".
Most likely they will "compromise". You'll be able to load unsigned drivers, but when you reboot to load the drivers Palladium will detect that the OS is no longer in a "secure" state and any software that relies on the "trust" Palladium gives will be disabled. So no running WMP. And even though Microsoft(tm) has claimed that they won't use Palladium for software licensing somebody will. It's just too juicy for software publishers to resist. So you can expect that software to break. And since guarding against virii and such is one of the trumpeted reasons for Palladium, you can expect your AV software to have a fit. Who knows what it's failure mode will be. Should it not allow anything, since it can't really trust it's own binary, or it's AV database? Or should it allow everything for the same reason? Either failure mode is quite unpleasant. Or should it continue as if nothing had changed?
Now imagine the outcry from those who do have a security clue if they are left vulnerable because Microsoft decided it was in their best interests not to allow them to install the patch because it was unsigned.
Anybody with a security clue should realize that Palladium is about creating a new level of security user which is higher than "Administrator" and which only Microsoft(tm) has access to. No more. No less. It's about taking root access away from the user and giving it to Microsoft(tm). Any security administrator who willfully gives up final control of their box to the OS vendor gets exactly what they deserve. What's remarkable is how many "administrators" are going to be dumb enough to do exactly that.
Palladium is designed to make the PC an attractive platform to media conglomerates for online content. A platform which will allow Microsoft(tm) to collect a toll on that delivery. It has nothing to do with increasing security for end users. Media companies don't trust their cusomters, nor do they trust their PCs. Microsoft(tm), by assuming control of the users computer, will be able to assure the media companies that their customers PC's can be trusted, even though the customers themselves can't be.
That's what I want to know. IR is way up in the THz range. You outta be able to modulate a least a Gbps onto it easily. Sure, it wouldn't go very far but so what. Is it just the difficulty in making emitters and detecters which are fast enough? That can't really be that hard. A gige optical SX GBIC module can be had for under $100. Hm. That makes me want to tear a couple apart and see if I can get a link running across a few feet of free space.
not to mention (i'm guessing) a hella lot more range,
You guessed wrong. The range goes down as the frequency goes up. The higher the frequency, the more the radiation behaves like light, which is really just terahertz radio. As you get higher and higher frequencies, walls and such become more and more opaque to the signals. Until eventually they won't travel thru the walls at all, just like light.
If you want long range, you need lower frequencies. If you want to send a signal across the ocean, you need KHz radio waves (short wave radio). If you want to send a signal around the state you need AM radio at ~1MHz. If you want to send your signal around a city you can use FM at ~100MHz. By the time you get up to 2.4GHz you can only send your signal across a few rooms. Yes, I know I'm simplifying the differences in transmission power. But a short wave ham can reach across the world with less power than an AM station uses to cover a state, and the AM station uses less power still than the FM station which only covers a city or so.
Now, point to point is a whole different story. If you have direct line of sight you can send extremely high frequencies across significant distances. But the curvature of the Earth prevents you from sending stuff too far. Not to mention buildings and other obstructions.
Well, I haven't seen the author on Letterman yet, but at least Amazon isn't afraid to carry it. The Gas We Pass: The Story of Farts And a childrens book at that! Somebody please think of the children!!! :-)
Give them lots of money.
No, actually that won't work. You see, the RIAA is not composed of artists who make music. It's composed of companies who distribute music. So when you ask them "What do you really have to do to play their music legally?" all they hear is "Hey, I want to be a music distributor too!". To which they respond "F**k off and die, this is our turf!". Actually, they only take that tactic if you actually distribute music on your own. If you just call them, they apparently just ignore you.
A crude scenario, but that's the gist of it. The RIAA members like the way they have the music distribution business all tied up. Nice and neat. The "Internet" is just going to screw all that up which they hate. They are not going to play nice because it means them giving up control. It'll never happen. They will either succeed in destroying the Internet in the US (and turning America into an intellectual backwater in the process) or die trying.
Who modded this troll insightful? Anyway, I rip all my games so that I can play them without the CD. My only Windows(tm) box is a laptop without a built-in CD-ROM. I'm not about to start hauling around a giant dongle of a CD-ROM just to play games.
So far, I haven't had any real problems getting the software I use to rip copy "protected" games. But if the industry ever does figure out a decent "protection" scheme which I can't get past I'll just get warez copies of the games. And once I'm going thru the effort to track down warezed copies, how much incentive do you think I'll have to bother actually buying the CD? None.
Folks can bitch and moan about the ethics of piracy, but the simple fact is that if the game distributors are unwilling to sell me a product that's actually useful I'll go elsewhere. That's how capitalism works. If you refuse to provide a customer a working product, don't bitch if they take their business elsewhere.
Unfortunately, even having state-sponsored do not call lists won't help. As I've said before, laws are only as effective as their enforcement.
Actually, Colorado's new state-wide DNC list is working quite well. Since it went into effect in July, I belive I have gotten a total of 1 (one) telephone solicitation. Before, I was getting at least 3 or 4 a week. I had pretty much stopped answering the phone in the evening because the telemarketers were outcalling my friends and family by a significant margin. Keep in mind that I was scrupulous about telling every single company that called to put me on their DNC list. From what I could tell, it didn't make much of a dent. I tried to keep a list of the companies who called and when, but really only got a couple of repeat calls. There are so many companies doing telemarketing (and new ones every day) that per-company DNC lists are an exercise in futility.
Colorado's law allows individuals to file suit in small claims court against companies who call in violation of the law. The state also provides a web site were you can file a complaint on-line with the State AG. So far, I know at least one personal suit has been filed (settled out of court) and the AG's office have notified several companies that they are in violation of the law. At last count, almost half the residential phone lines in the state were on the list!
Say what you want, but at least here in Colorado the list is working quite well. Actually much better than I had hoped. Since I know that I can sue any telemarketer dumb enough to call, I actually sit around and hope that they will call. But they never do.
Legal notice: the following statements represent my opinion, and is not to be taken as a statment of fact. Now, with that libel safe harbor in place :-)
Your a f***ing liar Berman! Plain and simple. That article is almost entirely bullshit. I can't believe an elected representative would stand up and put their name on bald faced lies which are easily discovered. Where to start:
If a copyright owner can find a way to only impair the piracy of her copyrighted work on a P2P network, she will have no liability. A copyright owner who does more will still be liable. For instance, if her actions have some other effect - such as knocking a corporate network offline, or wiping out files - she will remain liable under whatever previous theory was available.
This is a lie. The law provides a clear exemption for copyright owners who disrupt the distribution of other files on a p2p network. From the bills list of things which cause a copyright owner to lose the protection of the bill:
"(A) impairs the availability within a publicly accessible peer-to-peer file trading network of a computer file or data that does not contain a work, or portion thereof, in which the copyright owner has an exclusive right granted under section 106, except as may be reasonably necessary to impair the distribution, display, performance, or reproduction of such a work, or portion thereof, in violation of any of the exclusive rights of the copyright owner under section 106;" (emphasis added)
You could drive a truck thru that loophole, which Berman doesn't mention. If fact, his statment A copyright owner who does more will still be liable. is simply a lie.
Moving on in his article, we find this little gem:
The bill specifically states that the safe harbor does not allow a copyright owner to delete or alter any file or data on the computer of a file trader. Thus, a copyright owner can't send a virus to a P2P pirate. Nor can it remove any files on the pirate's computer. Nor can it even remove files that include the pirated works.
This qualification is no where in the bill. The entire list of actions which constitute a copyright holder overstepping their bounds is listed on page three. And There are only three of them. The first is (A) listed above. The second is (B)causes economic loss to any person other than affected file traders
But the third is the real killer.
(C) causes economic loss of more than $50.00 per impairment to the property of the affected file trader, other than economic loss involving computer files or data made available through a publicly accessible peer-to-peer file trading network that contain works in which the owner has an exclusive right granted under section 106; or (emphasis added)
So if they can't delete the infringing files, why are the infriging files exempted for the amount of the "economic loss"? How could those files possibly involve any economic loss if the copyright owner can't "delete or alter" the files? Jesus, I can't believe a lie that blanant.
Another non-existant protection:
The safe harbor is also lost if the anti-piracy action causes more than de minimis loss to the property of the P2P pirate. This limitation represents a recognition that even pirates should not be seriously harmed by copyright owners.
Once again, this is nowhere in the list of actions which cause a copyright owner to lose their "safe harbor". Nowhere. To claim otherwise is quite simply a lie. Once again.
Finally, the safe harbor is lost if the copyright owner fails to notify the Attorney General of the anti-piracy technologies she plans to use, or if she fails to identify herself to an inquiring file-trader. These notification provisions ensure that copyright owners who choose to employ self-help measures will operate in the light of day.
Fails to identify themselves to an inquiring file-trader? The requirements in the bill force the affected party to determine the copyright owner who took the action thru their own means and contact them. After the fact. So when I get up in the morning and a bunch of files are missing, how am I supposed to know what happened to them? Or why they're gone? Or who did it? Write a letter to every single RIAA member asking if they did it? Oh yeah, that's really the "light of day". More bullshit if you ask me.
An aggrieved party - perhaps a P2P user or an ISP - can sue the copyright owner for any remedy available under current law. For instance, the aggrieved party might be able to bring a civil action under the Computer Fraud and Abuse Act or a state denial of service statute.
Sure, but there's just one hoop to jump thru. You have to get permission from the Attorney General first! And if the AG doesn't like your claim, too bad. Game over. No process for appealing such a decision is granted. Since when am I required to obtain the AG's permission to file a civil lawsuit? The only reason for such a clause is to provide a way to reduce the number of lawsuits RIAA members would be subjected to under this bill. After all, why let the courts decide civil suits when a political appointee like the AG can do it!
Gah, I'm so mad I could spit. You're a liar Berman. Liar liar, pants on fire. Anybody who votes for this guy next fall is a moron in my opinion.
I dunno, the article is full of 'what if' and 'could be' and 'possibly'. The theory itself seems to be an alternate consequence of the Global Warming theory, which in itself hasn't been conclusively proven or disproven.
SNIP
They talk as if its fact, but the best anyone can do is an educated guess. We don't understand the earth.
OK. Make up your mind, which one is it? Are they presenting possibilities or facts?
Your whole argument seems quite confused. You admit "we don't understand the earth" (Note that Earth is a proper noun, and should be capitalized. There is only one, which is why these things are important.) But when a researcher thinks we should study some aspect of the Earth, they are "Scaring Open Pocketbooks." That claim really only applies if somebody is grossly exagerating or outright falsifying a potential problem, claims which would be very hard to levy against Woods Hole.
The article warned of possible climate changes, not an end to all life as we know it.
If your occupation relies on a relatively stable cliate, like a fisherman or farmer, than this type of change could easily end your life as you know it. Or is the "as we know it" part just hyperbole and you mean "end all life period"? Because if you mean the latter, I think your perspecive is a little off. Problems become important long before they threaten mankind with extinction.
I'm suprised no one has looked at the 2000 terrabytes/day number. I'm sorry, that seems just a bit low.
It is low. In fact, it's doesn't even pass any common sense test. As you figured out, that only equates to around 23Gbps of bandwidth. I can guarantee the Internet is pushing a lot more data than that. I help manage maybe 400-500 Mbps of end-user bandwidth (3x OC-3's and 1x OC-12), and I assure you that the college kids in a single mid-sized state do not represent 2% of the Internet.
What about the rights of these children? You know, the right not to be abused. The right not to be defiled.
Your argument is a false dichotomy. Or do you really think that Worldcom(tm) has the power to stop the sexual abuse of children? Because that's what you're saying. That if Worldcom(tm) blocks these sites, that that action will somehow restore the lost rights of these children. Which is simply not true at all. Forcing a backbone carrier to not route traffic to a certain block of IP addresses (which is the only way a backbone carrier can really effect such a policy) does nothing to prevent sexual abuse of children. Children were being abused before the Internet even existed, and they'll still be abused after Worldcom implements this decision.
Some things are worse than censorship. Prioritize.
Lot's of things are worse than censorship. Murder. Rape. Child abuse. Genocide. Kidnapping. But censorship doesn't actually prevent any of these things. If child porn is such an issue for you, why don't you try and find some way to actually prevent it, rather than sit around making weak aguments that censorship is OK as long as it's "for the children".
Granted, I think the way Microsoft(tm) is going to implement this, it'll be generally bad for users of their products. But how much do we really now about what hardware Intel is going to add to their chips? It's quite possible that Linux users will be able to leverage this technology to improve the security of our servers in ways which actually benefit the users.
From what I can tell, the overall thrust of this technology is to allow Microsoft(tm) to prevent a user from doing anything to patch or change certain behaviors of the OS. Basically, it's purpose is to prevent people with physical access from "rooting" the box. If we could leverage that tech to prevent a server at a co-lo from being trojaned, wouldn't that be a good thing? Perhaps there will be whole classes of expliots which will become impossible, or at least controllable? It's hard to say without knowing more. But I don't think we should automatically write off the technology just because some vendors plan on using it to screw their customers.
For that matter, who is liable if I "agree" to an EULA as part of my work duties? Is my employer going to indemnify me from a lawsuit? And if they are going to put themselves on the hook, shouldn't I run all EULA's past the legal department before I agree to them? I'm not allowed to sign contracts for the company. Why am I allowed to agree to EULA's?
And if my employer isn't going to indemnify me, isn't it reasonable for me to refuse to use software whose EULA I don't like? After all, why should I expose myself to liability? Even if I was always careful to try and follow the EULA, the mere act of defending myself against a suit would almost certainly bankrupt me. It is far from reasonable for an employer to require me to enter into contracts which expose me personally to liability instead of the corporation as a whole.
If you actually download it and look at it, you'll realize it's just a Perl script. Basically what it does is configure your laptop to be a real, functioning, access point. Every quarter second it reconfigures the card with a random MAC address and one of a handful of well-known SSID's such a "tsunami" and "linksys". Which means if you run this near any poor sap who happened to leave his card in it's default configuration, they'll be screwed as they continuously associate with your non-functioning access point.
Basically, I can't imagine this being effective at all against war-driving. But I can imagine it being quite effective as a DoS tool. Imagine setting it up with the SSID that Starbucks uses and walking into one of their shops with this. You could have half the customers futily trying to connect to the legitimate service but getting your non-connected and continously resetting "AP" instead. It would be easy enough for this "tool" to configure the card so that clients couldn't accidentally connect to it, by enabling WEP or MAC filtering or whatever. But it doesn't do that, or even try to. I understand it's version 0.2, but at this point I think it should be filed under "trojan horse" or "skript kiddie" given that it'll easily screw up legitimate users while doing basically nothing to protect you from any crackers around.
and they had lots of dumb windows clients trying to associate with them
Which is exactly why this is a bad idea. The software doesn't just send beacons. It requires to you install a driver which contains full AP functionality, and then starts configuring it with random MAC address and common, well known SSID's, every quarter second. Which means that anybody within range who happens to have "linksys", or "tsunami", or any of a handful of common SSID's is going to be out of luck when their laptop connects to whomever is running this Alchemy "tool". People who set up broken AP's with liberal (i.e. wide open) security are assholes. And that's exactly what this. software does.
The only reason you think this is a good idea is because you think you won't get put on a list like this. Which you probably won't, because I'm guessing that you are affluent and white.
they are really just taking note of people that are hanging in shady areas, loitering, with no real reason to be there.
This is crap. The reason these people are hanging out in "shady" areas is because they live there!. There only crime so far is being born poor. And the unfortunate people are being set up for a fall before they've even done anything. Don't you think life sucks enough for the poor in this country without the police harrasing them for no reason?
Now, it would be funny to see some CEO's
You know what, this isn't really a joking matter. The fact is that the rich and affluent are not ever going to find them selves on this list, which is exactly why it is wrong. Despite studies showing the rich white kids do drugs at the same or higher rates than then minority counterparts, you can bet that hanging around a prep school won't get you on this list.
At what point in the chain do we hand everything off to a central supplier who sells it out of the country?
That's a good question. It seems unlikely that this old junk is being diverted from landfills. I'm fairly certain that the stuff I put in my trash can gets transferred straight to a landfill with no post-processing at all. In the US, labor is too expensive to even try to remove the recylables from the garbage, much less to try and separate out toxic waste to ship to third world countries.
Clearly, whomever is selling this junk to China is somehow getting volume shipments of old computer gear for dirt cheap prices. Or even getting paid to haul it off. I know that Boulder runs a 'hard to recycle' program where for a not-so-minimal fee you can drop off old computers to have them properly disposed of. I've dumped some broken stuff off there, and had that nagging feeling that maybe I was being a sucker and paying to have my stuff dumped in a landfill. How would I tell? Think for a while about how expensive it would be to recycle computer parts in the US. The EPA and OSHA requirements would be brutal. Does anybody know of a place that is actually, for a fact, recycling computer parts in the States? If not, where is the recycling happening?
Back to the vendors selling junk to China, where could you get large volumes of outdated computer equipment? You could buy it at surplus auctions and such. But you know the Chinese aren't paying much for the junk, and you have to get it over there. Trying to buy anything, even junk, at US prices and sell it at Chinese prices and make a profit would be next to impossible. You might be able to get some stuff for free, by offering to haul it away. But what if you could get people to pay you to haul it away. And then get the Chinese to pay you again to take it away from you. You could make out like a bandit! And let me tell you, post-Enron, it's not hard to imagine somebody crooked enough to pull this off. And the best part is, the more heart-breaking stories like this the appear in the media the more you can get people to pay to "properly dispose" of their computer gear. I think maybe I'll start sticking with the "put it in the attic" disposal method for now.
the out cry on /. was that unless procedings were all public, the court was just a rubber stamp for the Justice Dept.
The court might be slapping the FBI on the wrist, but there is no reason to believe that it isn't still a rubber stamp. From the article:
A senior Justice Department official said that the FISA court has not curtailed any investigations that involved misrepresented or erroneous information, nor has any court suppressed evidence in any related criminal case.
And
Until the current dispute, the FISA court had approved all but one application sought by the government since the court's inception. Civil libertarians claim that record shows that the court is a rubber stamp for the government; proponents of stronger law enforcement say the record reveals a timid bureaucracy only willing to seek warrants on sure winners.
But given the fact that the FBI was willing to give false information to FISA in order to obtain warrants, I think we can file the "timid bureaucracy" claim under bullshit.