Now, B is 1/100th the size of A, right, but it too, is random, right (size 100).
Not so. In a compression scheme, the compressed data is more organised than the original since it contains the information required to re-assemble the original from the compressed version. Thus the 1/100th size file is less random than the original and would not compress as well.
The same thing happens if you gzip a gzip-ed file.
This article is amazingly low on details about the cases and resorts instead to standard fearmongering and appealing to anti-corporate sentiment. Throw in a reference to Free Speech and the Internet, mix well and voila! Ratings bonanza.
All this article means is that people in general are taking the Internet more seriously and those who abuse it for personal gain are more likely to get nailed for it. Sending 35,000 messages of a potentially libellous nature is not the same as putting up a personal opinion on a website. So is making outrageous claims based on hearsay or completely lacking in evidence.
Yes, there is sometimes a fine line between simply venting a personal opinion and libel. I don't see anything in this article that says Free Speech is in danger. Getting your panties in a bunch over this when there are far more real threats out there is folly.
We now return your knees to their previously un-jerked position.
That's what this article seems to propose. Put everything on multiple desktops. This is an amazingly dumb idea for anyone who does more with their computer than play a couple of games and maybe type a letter now and then. Here's why...
Let's reverse the analogy from the world inside your computer to the world inside your study. Inside this extra room in your house you have a desk, maybe a couple. There's lots on floor too, and the desk has a large horizontal surface on it. It's damn easy to find things if you just plonk them around on the desk.. and maybe throw a few on the floor when your desk is covered.. Hmm.. what happens when we start adding some more items.
We've now exceeded the 'visual clutter' that's mentioned in the article, but I need to put all my tax receipts somewhere! Hmm, let's start putting things in piles.. Tax here, correspondence there, incoming faxes there.. damn, these piles keep falling over.. Let's put the paperwork inside some manilla folders and keep them together with staples.. and maybe a rubber band round the folder.
Damn. All these folders all over my desk and floor. I keep tripping over them while I search for the one piece of paper I need. I need a better way of stacking them. Better buy a filing cabinet! Let's put all these folders into the cabinet and organise it in some sort of way.. maybe alphabetical order. I should probably label the cabinet too, so I can tell which one it is if I buy another one. I'll call this one/dev/hda.
Cool! Now I can find things quickly because it's all nicely organised, but not staring me in the face 24 hours a day when I don't need it. Now my desktop is clear for me to use for the 2-3 things I happen to be working on right now, ready to be filed away when I've finished with them.
You need to work on your argumentative technique. You're using the classic "It hasn't happened to me, so it's not a problem" technique. How can you say for certain your box hasn't been cracked? Are you running advanced instrusion detection systems that would notice? What if you've been compromised by someone who really knows their stuff and are masking the effects? Methinks you're doing a great impression of a cartoon ostrich, my friend.
Those saying security through obscurity is bad don't deny that the release of notification about the bug may enable people to exploit it. However, forewarned is forearmed, so you can start doing something about it as soon as you know, up to and including disconnecting vulnerable servers from the 'net.
There's also the publicity aspect. Making this extremely serious bug publicly known puts pressure on the vendor to fix it. So far, they have known about it for over two years and have done nothing. That's two and a half years for anyone who might have stumbled across the bug to exploit it. They might have friends. Exploits, easter eggs and all that stuff spread quite happily before the 'net.
Saying "What I can't see can't hurt me" is naive in the extreme.
Just to clarify a little, Sun E10/15k's are not directly comparable in the way multiple servers run in the same chassis. If you were to combine all of the system boards in an E10/15k and then run virtual servers in a single copy of Solaris (I'm not aware of anything that allows you to do this) then it would be comparable.
The way most E10/15 installations are used is to split the chassis, which supplies redundant power, management bus (JTAG) and a centreplane configuration for data and address buses, among several system boards. Each combination of system boards is used to run a completely separate OS installation. Even the data and address busses are
physically separated from each other, rather than logically as in the article or an S390. It is a very rare error that will take the entire chassis down, providing superior uptimes. For the article, if there was a data or address bus error for one virtual machine, all of them would be affected, since it's the same physical hardware. This is not the case for an E10/15k.
You could, theoretically, split one chassis into lots of system boards and run lots of Solaris instances in a cluster, but that wouldn't be nearly as powerful as putting all the boards into a dirty big SMP Solaris instance. Solaris SMP is pretty darn cool, IMHO.
To all those naysayers who are complaining that it's still '10 years away' but that it might be longer, do a better job yourself.
Fusion power, as distinct from cold fusion, is a very realisable goal, but is extremely complex stuff that takes time to develop. To become a viable power source it must be stable, efficient and safe. Without being all these things it will never be a commercially viable energy source.
Sure, it isn't just now, but all forms of technology take time and effort to develop from an embryonic, hacked up thing that sortof works some of the time to a reliable technology. Think back to before CRTs were available and how computers were rooms of magnetic core and paper tape. In a mere 40 to 50 years they've gone from ludicrously expensive industrial monsters to commonplace items you have difficulty imagining life without.
Keep that in mind next time you take pot shots at people who are working damn hard to try to create something useful for all of mankind. So it might take a bit of time. It'll be worth the wait.
I can't believe people are getting so uptight about an article that boils down to proclaiming the imminent demise of the Internet for the umpteenth time this year. So a whole lot of people are visiting just a few sites. Big deal. A whole lot of people watched Survivor too.
Strangely, there are people out there who still read books, watch theatre and go to art galleries. Sure, TV may not be high art, but most people don't appear to like high art. It survives, nonetheless.
Start freaking out when you're not allowed to read books any more, ala DMCA+ebooks.
Re:Police State? Only if we put up with it
on
The Internet Backlash
·
· Score: 3, Insightful
Anyone care to form an Internet-based political advocacy group?
Dude, there are already
plenty of worthy organisations to join. The EFF springs to
mind. Rather than do exactly what you've just said
is a bad thing, form yet another group, why not support one that has been active for years and does some great stuff?
I've found both the article and the majority of comments here to be grossly misinformed. The reason is quite simple, in that none of these people know much about networking. It's a hard subject that few people grok. I don't understand a whole bunch of it because there's just so much to know.
Anyhow, what people in the real world (as distinct from pundits and soundbites) want is differentiated Classes of Service (aka QoS). Currently the internet runs pretty much on a single Class of Service: best effort. That's your Ipv4 ToS bit set to zero. As Rei mentioned, most routers ignore ToS because they're not configured to handle it.. and neither is the backbone they're connected to.
This is changing as companies begin to realise they want CoS and are willing to pay for the priviledge. They're happy to have most of their non-critical non-time-sensitive data to go over the wire on a best effort basis, since that doesn't really require much effort on anyone's part. That makes it the cheapest access you can get. If they want to send VideoConferencing data or Voice over IP, and an ISP can guarantee them the bandwidth and latency it requires, then they're happy to pay a premium for that.
That's where networks are going. You order a big fat pipe and allocate 10% to the highest class of service (guaranteed delivery, low latency), maybe 25% to low latency because you're a Quake fanatic, perhaps 10% more for guaranteed delivery and the rest best effort. Making everything the top CoS is akin to leasing your own ATM or FrameRelay backbone: too expensive if all you need is 10%.
It's happening already in various parts of the net, and it's a _good_ thing because it means corporates get the performance they want (by paying for the priviledge) and everyone else still gets the standard internet. It's all running over the same wires/fibre, just logically partitioned. The end result is that _everybody's_ bandwidth gets upgraded.
Actually, no. Read the document, in particular section 5 - Renewability. I initially thought something similar to the leaked keys which enabled DeCSS to work its magic might occur here, but they've apparently learnt their lesson and put in something to counter it.
To summarise for those who haven't read the thing: I initially thought, "Ok, cool, so we just reverse engineer the secret keys and KSV out of the hardware that we have access to and implement in software." We don't have to know what the hell's going on, just get access to the keys. Any cryptosystem is broken if you can get a hold of the secret key(s).
Aha! But they know this is possible, so they've built in a method to get the system to check for known leaked secret keysets and KSV's. It's broadcast in the media, so your copy of The Matrix will play fine, but Antitrust knows your keys are compromised and so won't play. This is basically the same as revoking your PGP/GPG key if it becomes compromised. Actually, from my quick read of this spec, they appear to have designed a variant of public key cryptography. I'll leave the cryptanalysis of the algorithm to someone actually good at it.
Key management is the real weakness here, though. Sure, if a keyset is compromised it can be tagged as such on newer media, but old media which _doesn't_ know the keyset is compromised should play fine... unless the values are stored in NVRAM or similar on the video card or in the monitor, which would be what I'd design in if I were trying to take all your rights away.
That's a management nightmare, though. Just look at the proliferation of DeCSS. Now imagine a similar program for decoding the video stream and an online database of compromised keys. Sure, the HDCP consortium can update their compromised keylists, but there's a time delay in getting those updates out to the hardware (using the video media as the vector). Cue a game of cat and mouse with the hackers putting out keysets and the HDCP struggling to keep their updates moving.
The big problem that they don't appear to realise is that they are sending the secret keys out into hostile territory! The only way a cryptosystem can remain secure is if you can maintain security of the secret key(s). If the user were choosing the keys for the hardware themselves to protect a datastream over a local video broadcast medium, then that would be fine, because the person choosing the private keys is the person who can maintain the security of those keys.
An analogy: creating a PGP key pair and placing your public key on the 'net for people to use. Now encode your private key onto a CD, which you give to someone. They leak your key, so you issue a recovation and generate a new keypair, but every time you generate a new keypair, you publish your private key (no matter how it has been obscured). As soon as someone other than you has access to your private key, it should be assumed to be compromised.
All in all, a better attempt than CSS, but still fundamentally broken.
DeCSS is also useful to evade country codes, which is also a fair use issue and also requires a same as original quality.
The Australian Competition and Consumer Commission
(the ACCC) is investigating this very point. The
article here
has some interesting quotes about the issue,
particularly by the local Warner Home Video MD
Mr Marc Gareton. Of particular interest:
"There are a lot of reasons why movies can't be released in cinemas all round the world on the same date - mainly the cost of film prints and marketing."
"If it's available on DVD, I'd be surprised if people would go to the movie."
This guy has a seriously skewed view of the world, but then, that appears to be true of all these MPAA/RIAA types. I've always been annoyed at having to wait 6+ months to get movies, games, etc. released down under when I can order them over the net when they're released in the US.
I always thought the localisations required (dubbing, subtitling, censorship requirements, etc.) would have been the major cause for delays, but no, apparently it's just the costs of marketing and printing film. At the prices we pay down here, I think they can afford to cut a few extra copies and do a simultaneous release.
I've just read a few comments about this reply
to Katz' latest ramblings. It seems a lot of
people are all too eager to start frothing at
the mouth over anything at all. Neither side of
this debate is really that surprising.
Katz is a tabloid journalist. He writes whatever
will get the best ratings^W^Wmost comments.
People respond accordingly. Now someone from the
side he's attacked defends themselves, and we
have the same reactions; some defend their
position, some attack it.
I fail to see how any of this is really that
remarkable. So p2p is the latest buzzword. So
what? So long as we have marketroids who have to
make quotas or journalists with deadlines, there'll be buzzwords. And wherever there are buzzwords there will be people to attack or defend them.
Personally, I'm going back to play with some cool bleeding edge stuff that might just be involved with a buzzword or two. I don't care, since I think it's cool in and of its own right.
I've been having a bit of a think about stuff like this lately, and I'm starting to fall on the side of similar options, provided they replace existing consumption or income based taxes.
A transaction tax would essentially be a government providing a guarantee (by providing a stable economy, police, legal and military protection) that your money will safely move from A to B. In return for this service (yes, a protection racket, more or less) the government takes a small slice of the transaction.. some micropayment type percentage.
Each small chunk would be trivial compared to the size of standard transactions, but the total amount of money being moved around would add up to a lot.. which could be arranged to easily cover what is raised currently through more traditional methods.
It would be fair, because those who have less money (and hence move it around less) will pay less in tax, just the same percentage. If you have a lot of money or move a lot around, then you will get taxed more.. but again, the same percentage per transaction.
This could easily be extended internationally, since you will be transferring money from your account in one country to an account somewhere else. Each country takes a small slice. If you insist on moving money through 15 different countries/banks/money laundering operations/whatever then you will pay for the priviledge of ensuring that whatever money is left arrives safely at the destination.
There are probably numerous issues with this concept which require clarification, but it would certainly make tax evasion more difficult (which only the mega rich can currently afford to do properly) and get the money grubbing governments off everyone's backs. Simple tax laws means they can't cheat you out of your hard earned dollars either.
Indeed, and specifically, Australia doesn't have any guarantee of free speech as currently enjoyed by those Merkins among us. Whilst onsite in Sydney, one would expect athletes to be governed by local laws, or do they enjoy diplomatic immunity?
One would expect that athletes are not treated as diplomats, and thus must honour the local laws of the country they are in. Being in Sydney, this means they are not only denied the right to free speech they may normally enjoy in the US of A, but they'll also be subject to the swathe of recent draconian legislation passed by our government.
I recommend a combination of boycott and civil disobedience. The IOC (and others) can't censor international websites entirely, and I for one am very glad to be out of Sydney for the Olympics.
Can a tech screw up an NT or Solaris machine? Absolutely. Is it as likely as screwing with a Linux box? Not even remotely.
Your Linux admin is much more likely to play with settings, recompile the kernel, and do other major things. The source availability is part of it. The culture of Linux is another.
You can't risk that. If the NT machine is screwy, redoing the installation actually isn't such a bad option. If you have reasonable documentation, you can get the box back up in an hour. Good luck keeping as good docs with a Linux box. I use both systems in my company, and it is impossible to keep a Linux doc, you make too many changes. A NT box is really straightfoward and has less tweaking.
This is a REAL issue. Whining about NT's problems doesn't fix it.
It would appear that you are holding a biased view here; The same problem as in the article. A tech making unauthorised changes to a production environment is not the fault of the software, hardware or any other inanimate object. It is a people issue. The solution is Change Control. It amazes me that people who are ostensibly professionals make this kind of fundamental error. Then again, it's why I have a job.
And why on earth is it more difficult to document one particular OS vs. another? Unless you decide to document one in esperanto and the other in ancient hebrew, I don't see the problem. Documentation needs to be done no matter what the system. If you're changing things so much that you can't keep the documentation up to date, then you're making too many changes. Change Control again. Documenting changes is part of the process.
This comment was simply more anti-Linux FUD. More disturbing is the insight it gives into the mind of the author. I shudder to think of someone like this being let loose in an HA environment, because they have no appreciation for the processes required. Actually, no... They have an appreciation, but only know enough to be dangerous. The 'culture' you refer to above is not limited to linux. I see it everywhere. They're called cowboys and companies spend a lot of money on people like me to clean up after them.
Now, I personally don't necessarily advocate Katz being barred from Slashdot (I more advocate him censoring himself;), but I'm getting more than a little tired of this opinion being stated over and over. There IS a difference between kicking Katz off and simply not reading his posts, and it IS significant.
As a lurker the main thing I notice about Jon Katz' articles is that there are very few articles written by anyone else. Jon dominates/. through volume. Getting rid of Jon will only drop the amount of signal on this site... assuming you think Jon's articles constitute signal;).
I would like to see more articles by other members of the community. People out there in the real world who are geeks, nerds, techos, painters, doctors, etc. I'd love to see articles by people who aren't journalists but who write well. Having more opinions expressed will dilute Jon's influence over the outward perception of/. and the topics he writes about. I'm misquoting this badly but: 'The solution to bad speech is not censorship, but more speech!' My apologies to the author of the original statement, but you get the idea.
From memory, I can submit my own articles here somewhere, so rather than simply drop my own opinion in the comments, I'm going to do something else about it. I'll think of something to write about and give it a go. We'll see if CmdrTaco and crew think it's worthy of posting. We'll also see if/. readers end up hating me as much as Jon.
Apart from this having little to do directly with/. in general, it does highlight another aspect of a growing trend that I seem to observe in the world: the gradual move towards a world similar to that described in Neuromancer and spinoffs (eg: Cyberpunk, Shadowrun, etc.)
Is it just me? Let's look at recent events:
Molecular biology progresses in leaps and bounds.
Computer networks are becoming more and more a part of everyone's daily life.
Corporations are becoming more and more powerful, while governments become less so.
Neural interfaces to computers are possible, if crude.
Surgery which used to be too dangerous for casual use is now being used for "art".
Various and sundry other items that appear here on a semi-regular basis.
Ok, the link from this lizardman thing to here is a stretch, but it just kinda struck me as one more link in the chain. I remember thinking it was feasible to get to Gibson's world from here a couple of years ago. The more I watch, the more it seems to be happening.
I did a little hunting into privacy laws in Australia a few years ago while I was still at university. Since IANAL I got a little bogged down in all the jargon and cross-referencing, but the Australiasian Legal Information Institute has some great online resources for looking into various laws.
The main section that I can remember (since AustLII doesn't appear to be up at the moment) is that you have the right to review any information held on you and ask for it to be corrected if wrong.
I am not overly concerned by people attempting to do targeted marketing or to have a profile of me to make my customer experience more worthwhile, provided it is for a specific company. For example, I like having account records for the phone company so that they can suggets I change to a different mobile phone charging plan to save me money. It's a lot like having the waiters/waitresses at my local Italian restaurant knowing what I usually order. I get good service, and they get repeat business. This is good for both sides.
What I don't like is for a private company to gather information from disparate sources, throw it into a database and sell the extracted information to someone else that I may or may not have had any previous dealings with. If you check the fine print on most forms, there is a little section which says "If you sign this you agree to let us give/sell this information to a certain select few groups (eg: police)", so I have, in a roundabout sort of way, given my permissions to have this information gathered. of course, not signing the form denies me the services of that company, which is akin to blackmail in my mind.
What is more concerning is that with the speed of SMP computing and some rather funky algorithms it is possible to glean a great deal of information from trend analysis and similar techniques. This is information that you have not explicitly provided, but which has been deduced from your spending habits, amount of insurance, type of car, marital status, credit rating, etc.
Now I'm sure most of the uses for this information will be benign (if annoying) things like directed advertising, because the majority of people aren't interesting enough to be subjected to the wild schemes others here have concocted. A few will be though, and reality is often stranger than fiction. I don't want to be the guinea pig for one of those schemes. I want the opportunity to opt out, which should be my right as a consumer. Others may not be bothered by this company's motives. Fine. Let them remain in the database. I want out though.
If I am not given that option, then I may need to start taking subversive (yet amusing) action. A few random thoughts (please comment if you really are a lawyer):
Place your signature under GPL, thus requiring derivative works to also be under the GPL.
Encrypt everything with GnuPG
Alter the clauses of the fine print disallowing any other entity access to the information obtained through the form before signing it.
Any other non-violent action which puts the ball back in my court instead of the bank's/government's/corporation's.
I've spent some years learning The Way To Do Software Engineering through university for some years now, I've done some reading and I've worked on quite a few projects. In essence I agree with pretty much everything that has been said so far.
I have a couple of things to clarify/add:
- Assume you will throw your first one away. I think I got that from the Camel book, but it has proven very correct in the real world. If you are doing something that has not been done before or is not substantially similar, you will get it wrong the first time. This is a Good Thing. The first try (sometimes called a prototype, or the alpha version, or whatever; pick a label) will teach you a lot about what it is you're trying to do. You will discover holes in the requirements. You will discover that what seemed easy is actually hard, and vice versa. You can then take this newly gained experience and start again. A caveat: Don't try to hack bits together to make the first try work. Scavenge the good bits and write the thing again, or you'll end up with an unmaintainable kludge that doesn't work properly and is difficult to debug. Clean code is good code.
- Don't adhere to one design methodology all the time. Just as sometimes it's good to use Perl and other times you need C or assembler or whatever, you need to choose the correct tools for the job. Informal methods may work well for you, or you may prefer a structured approach. Project size will affect your decision. I generally use an informal approach on small to medium projects with 1 or 2 system architects who design/and/ code the majority of the system. Other people perform support tasks. Larger projects require a more rigourous/formal approach but the intent is the same. Do read "The Mythical Man Month" as was referred to earlier as it explains why this sort of approach is a Good Thing.
Ultimately, experience is the best teacher. Learn how to run a project by participating in one. Note what works well and what doesn't. Constantly review what you've learned (albeit subconsciously). Everyone has their own style and their own preferences. Learn from others and develop your own. You'll know you've got it right when it works well.
Slashdot Mirror
Not so. In a compression scheme, the compressed data is more organised than the original since it contains the information required to re-assemble the original from the compressed version. Thus the 1/100th size file is less random than the original and would not compress as well.
The same thing happens if you gzip a gzip-ed file.
All this article means is that people in general are taking the Internet more seriously and those who abuse it for personal gain are more likely to get nailed for it. Sending 35,000 messages of a potentially libellous nature is not the same as putting up a personal opinion on a website. So is making outrageous claims based on hearsay or completely lacking in evidence.
Yes, there is sometimes a fine line between simply venting a personal opinion and libel. I don't see anything in this article that says Free Speech is in danger. Getting your panties in a bunch over this when there are far more real threats out there is folly.
We now return your knees to their previously un-jerked position.
Let's reverse the analogy from the world inside your computer to the world inside your study. Inside this extra room in your house you have a desk, maybe a couple. There's lots on floor too, and the desk has a large horizontal surface on it. It's damn easy to find things if you just plonk them around on the desk.. and maybe throw a few on the floor when your desk is covered.. Hmm.. what happens when we start adding some more items.
We've now exceeded the 'visual clutter' that's mentioned in the article, but I need to put all my tax receipts somewhere! Hmm, let's start putting things in piles.. Tax here, correspondence there, incoming faxes there.. damn, these piles keep falling over.. Let's put the paperwork inside some manilla folders and keep them together with staples.. and maybe a rubber band round the folder.
Damn. All these folders all over my desk and floor. I keep tripping over them while I search for the one piece of paper I need. I need a better way of stacking them. Better buy a filing cabinet! Let's put all these folders into the cabinet and organise it in some sort of way.. maybe alphabetical order. I should probably label the cabinet too, so I can tell which one it is if I buy another one. I'll call this one /dev/hda.
Cool! Now I can find things quickly because it's all nicely organised, but not staring me in the face 24 hours a day when I don't need it. Now my desktop is clear for me to use for the 2-3 things I happen to be working on right now, ready to be filed away when I've finished with them.
Those saying security through obscurity is bad don't deny that the release of notification about the bug may enable people to exploit it. However, forewarned is forearmed, so you can start doing something about it as soon as you know, up to and including disconnecting vulnerable servers from the 'net.
There's also the publicity aspect. Making this extremely serious bug publicly known puts pressure on the vendor to fix it. So far, they have known about it for over two years and have done nothing. That's two and a half years for anyone who might have stumbled across the bug to exploit it. They might have friends. Exploits, easter eggs and all that stuff spread quite happily before the 'net.
Saying "What I can't see can't hurt me" is naive in the extreme.
The way most E10/15 installations are used is to split the chassis, which supplies redundant power, management bus (JTAG) and a centreplane configuration for data and address buses, among several system boards. Each combination of system boards is used to run a completely separate OS installation. Even the data and address busses are physically separated from each other, rather than logically as in the article or an S390. It is a very rare error that will take the entire chassis down, providing superior uptimes. For the article, if there was a data or address bus error for one virtual machine, all of them would be affected, since it's the same physical hardware. This is not the case for an E10/15k.
You could, theoretically, split one chassis into lots of system boards and run lots of Solaris instances in a cluster, but that wouldn't be nearly as powerful as putting all the boards into a dirty big SMP Solaris instance. Solaris SMP is pretty darn cool, IMHO.
Fusion power, as distinct from cold fusion, is a very realisable goal, but is extremely complex stuff that takes time to develop. To become a viable power source it must be stable, efficient and safe. Without being all these things it will never be a commercially viable energy source.
Sure, it isn't just now, but all forms of technology take time and effort to develop from an embryonic, hacked up thing that sortof works some of the time to a reliable technology. Think back to before CRTs were available and how computers were rooms of magnetic core and paper tape. In a mere 40 to 50 years they've gone from ludicrously expensive industrial monsters to commonplace items you have difficulty imagining life without.
Keep that in mind next time you take pot shots at people who are working damn hard to try to create something useful for all of mankind. So it might take a bit of time. It'll be worth the wait.
Strangely, there are people out there who still read books, watch theatre and go to art galleries. Sure, TV may not be high art, but most people don't appear to like high art. It survives, nonetheless.
Start freaking out when you're not allowed to read books any more, ala DMCA+ebooks.
Dude, there are already plenty of worthy organisations to join. The EFF springs to mind. Rather than do exactly what you've just said is a bad thing, form yet another group, why not support one that has been active for years and does some great stuff?
Anyhow, what people in the real world (as distinct from pundits and soundbites) want is differentiated Classes of Service (aka QoS). Currently the internet runs pretty much on a single Class of Service: best effort. That's your Ipv4 ToS bit set to zero. As Rei mentioned, most routers ignore ToS because they're not configured to handle it.. and neither is the backbone they're connected to.
This is changing as companies begin to realise they want CoS and are willing to pay for the priviledge. They're happy to have most of their non-critical non-time-sensitive data to go over the wire on a best effort basis, since that doesn't really require much effort on anyone's part. That makes it the cheapest access you can get. If they want to send VideoConferencing data or Voice over IP, and an ISP can guarantee them the bandwidth and latency it requires, then they're happy to pay a premium for that.
That's where networks are going. You order a big fat pipe and allocate 10% to the highest class of service (guaranteed delivery, low latency), maybe 25% to low latency because you're a Quake fanatic, perhaps 10% more for guaranteed delivery and the rest best effort. Making everything the top CoS is akin to leasing your own ATM or FrameRelay backbone: too expensive if all you need is 10%.
It's happening already in various parts of the net, and it's a _good_ thing because it means corporates get the performance they want (by paying for the priviledge) and everyone else still gets the standard internet. It's all running over the same wires/fibre, just logically partitioned. The end result is that _everybody's_ bandwidth gets upgraded.
To summarise for those who haven't read the thing: I initially thought, "Ok, cool, so we just reverse engineer the secret keys and KSV out of the hardware that we have access to and implement in software." We don't have to know what the hell's going on, just get access to the keys. Any cryptosystem is broken if you can get a hold of the secret key(s).
Aha! But they know this is possible, so they've built in a method to get the system to check for known leaked secret keysets and KSV's. It's broadcast in the media, so your copy of The Matrix will play fine, but Antitrust knows your keys are compromised and so won't play. This is basically the same as revoking your PGP/GPG key if it becomes compromised. Actually, from my quick read of this spec, they appear to have designed a variant of public key cryptography. I'll leave the cryptanalysis of the algorithm to someone actually good at it.
Key management is the real weakness here, though. Sure, if a keyset is compromised it can be tagged as such on newer media, but old media which _doesn't_ know the keyset is compromised should play fine... unless the values are stored in NVRAM or similar on the video card or in the monitor, which would be what I'd design in if I were trying to take all your rights away.
That's a management nightmare, though. Just look at the proliferation of DeCSS. Now imagine a similar program for decoding the video stream and an online database of compromised keys. Sure, the HDCP consortium can update their compromised keylists, but there's a time delay in getting those updates out to the hardware (using the video media as the vector). Cue a game of cat and mouse with the hackers putting out keysets and the HDCP struggling to keep their updates moving.
The big problem that they don't appear to realise is that they are sending the secret keys out into hostile territory! The only way a cryptosystem can remain secure is if you can maintain security of the secret key(s). If the user were choosing the keys for the hardware themselves to protect a datastream over a local video broadcast medium, then that would be fine, because the person choosing the private keys is the person who can maintain the security of those keys.
An analogy: creating a PGP key pair and placing your public key on the 'net for people to use. Now encode your private key onto a CD, which you give to someone. They leak your key, so you issue a recovation and generate a new keypair, but every time you generate a new keypair, you publish your private key (no matter how it has been obscured). As soon as someone other than you has access to your private key, it should be assumed to be compromised.
All in all, a better attempt than CSS, but still fundamentally broken.
The Australian Competition and Consumer Commission (the ACCC) is investigating this very point. The article here has some interesting quotes about the issue, particularly by the local Warner Home Video MD Mr Marc Gareton. Of particular interest:
"There are a lot of reasons why movies can't be released in cinemas all round the world on the same date - mainly the cost of film prints and marketing."
"If it's available on DVD, I'd be surprised if people would go to the movie."
This guy has a seriously skewed view of the world, but then, that appears to be true of all these MPAA/RIAA types. I've always been annoyed at having to wait 6+ months to get movies, games, etc. released down under when I can order them over the net when they're released in the US.
I always thought the localisations required (dubbing, subtitling, censorship requirements, etc.) would have been the major cause for delays, but no, apparently it's just the costs of marketing and printing film. At the prices we pay down here, I think they can afford to cut a few extra copies and do a simultaneous release.
Katz is a tabloid journalist. He writes whatever will get the best ratings^W^Wmost comments. People respond accordingly. Now someone from the side he's attacked defends themselves, and we have the same reactions; some defend their position, some attack it.
I fail to see how any of this is really that remarkable. So p2p is the latest buzzword. So what? So long as we have marketroids who have to make quotas or journalists with deadlines, there'll be buzzwords. And wherever there are buzzwords there will be people to attack or defend them.
Personally, I'm going back to play with some cool bleeding edge stuff that might just be involved with a buzzword or two. I don't care, since I think it's cool in and of its own right.
A transaction tax would essentially be a government providing a guarantee (by providing a stable economy, police, legal and military protection) that your money will safely move from A to B. In return for this service (yes, a protection racket, more or less) the government takes a small slice of the transaction.. some micropayment type percentage.
Each small chunk would be trivial compared to the size of standard transactions, but the total amount of money being moved around would add up to a lot.. which could be arranged to easily cover what is raised currently through more traditional methods.
It would be fair, because those who have less money (and hence move it around less) will pay less in tax, just the same percentage. If you have a lot of money or move a lot around, then you will get taxed more.. but again, the same percentage per transaction.
This could easily be extended internationally, since you will be transferring money from your account in one country to an account somewhere else. Each country takes a small slice. If you insist on moving money through 15 different countries/banks/money laundering operations/whatever then you will pay for the priviledge of ensuring that whatever money is left arrives safely at the destination.
There are probably numerous issues with this concept which require clarification, but it would certainly make tax evasion more difficult (which only the mega rich can currently afford to do properly) and get the money grubbing governments off everyone's backs. Simple tax laws means they can't cheat you out of your hard earned dollars either.
One would expect that athletes are not treated as diplomats, and thus must honour the local laws of the country they are in. Being in Sydney, this means they are not only denied the right to free speech they may normally enjoy in the US of A, but they'll also be subject to the swathe of recent draconian legislation passed by our government.
I recommend a combination of boycott and civil disobedience. The IOC (and others) can't censor international websites entirely, and I for one am very glad to be out of Sydney for the Olympics.
Your Linux admin is much more likely to play with settings, recompile the kernel, and do other major things. The source availability is part of it. The culture of Linux is another.
You can't risk that. If the NT machine is screwy, redoing the installation actually isn't such a bad option. If you have reasonable documentation, you can get the box back up in an hour. Good luck keeping as good docs with a Linux box. I use both systems in my company, and it is impossible to keep a Linux doc, you make too many changes. A NT box is really straightfoward and has less tweaking.
This is a REAL issue. Whining about NT's problems doesn't fix it.
It would appear that you are holding a biased view here; The same problem as in the article. A tech making unauthorised changes to a production environment is not the fault of the software, hardware or any other inanimate object. It is a people issue. The solution is Change Control. It amazes me that people who are ostensibly professionals make this kind of fundamental error. Then again, it's why I have a job.
And why on earth is it more difficult to document one particular OS vs. another? Unless you decide to document one in esperanto and the other in ancient hebrew, I don't see the problem. Documentation needs to be done no matter what the system. If you're changing things so much that you can't keep the documentation up to date, then you're making too many changes. Change Control again. Documenting changes is part of the process.
This comment was simply more anti-Linux FUD. More disturbing is the insight it gives into the mind of the author. I shudder to think of someone like this being let loose in an HA environment, because they have no appreciation for the processes required. Actually, no... They have an appreciation, but only know enough to be dangerous. The 'culture' you refer to above is not limited to linux. I see it everywhere. They're called cowboys and companies spend a lot of money on people like me to clean up after them.
As a lurker the main thing I notice about Jon Katz' articles is that there are very few articles written by anyone else. Jon dominates /. through volume. Getting rid of Jon will only drop the amount of signal on this site... assuming you think Jon's articles constitute signal ;).
I would like to see more articles by other members of the community. People out there in the real world who are geeks, nerds, techos, painters, doctors, etc. I'd love to see articles by people who aren't journalists but who write well. Having more opinions expressed will dilute Jon's influence over the outward perception of /. and the topics he writes about. I'm misquoting this badly but: 'The solution to bad speech is not censorship, but more speech!' My apologies to the author of the original statement, but you get the idea.
From memory, I can submit my own articles here somewhere, so rather than simply drop my own opinion in the comments, I'm going to do something else about it. I'll think of something to write about and give it a go. We'll see if CmdrTaco and crew think it's worthy of posting. We'll also see if /. readers end up hating me as much as Jon.
Is it just me? Let's look at recent events:
- Molecular biology progresses in leaps and bounds.
- Computer networks are becoming more and more a part of everyone's daily life.
- Corporations are becoming more and more powerful, while governments become less so.
- Neural interfaces to computers are possible, if crude.
- Surgery which used to be too dangerous for casual use is now being used for "art".
- Various and sundry other items that appear here on a semi-regular basis.
Ok, the link from this lizardman thing to here is a stretch, but it just kinda struck me as one more link in the chain. I remember thinking it was feasible to get to Gibson's world from here a couple of years ago. The more I watch, the more it seems to be happening.But maybe it's just me.
The main section that I can remember (since AustLII doesn't appear to be up at the moment) is that you have the right to review any information held on you and ask for it to be corrected if wrong.
I am not overly concerned by people attempting to do targeted marketing or to have a profile of me to make my customer experience more worthwhile, provided it is for a specific company. For example, I like having account records for the phone company so that they can suggets I change to a different mobile phone charging plan to save me money. It's a lot like having the waiters/waitresses at my local Italian restaurant knowing what I usually order. I get good service, and they get repeat business. This is good for both sides.
What I don't like is for a private company to gather information from disparate sources, throw it into a database and sell the extracted information to someone else that I may or may not have had any previous dealings with. If you check the fine print on most forms, there is a little section which says "If you sign this you agree to let us give/sell this information to a certain select few groups (eg: police)", so I have, in a roundabout sort of way, given my permissions to have this information gathered. of course, not signing the form denies me the services of that company, which is akin to blackmail in my mind.
What is more concerning is that with the speed of SMP computing and some rather funky algorithms it is possible to glean a great deal of information from trend analysis and similar techniques. This is information that you have not explicitly provided, but which has been deduced from your spending habits, amount of insurance, type of car, marital status, credit rating, etc.
Now I'm sure most of the uses for this information will be benign (if annoying) things like directed advertising, because the majority of people aren't interesting enough to be subjected to the wild schemes others here have concocted. A few will be though, and reality is often stranger than fiction. I don't want to be the guinea pig for one of those schemes. I want the opportunity to opt out, which should be my right as a consumer. Others may not be bothered by this company's motives. Fine. Let them remain in the database. I want out though.
If I am not given that option, then I may need to start taking subversive (yet amusing) action. A few random thoughts (please comment if you really are a lawyer):
I've spent some years learning The Way To Do Software Engineering through university for some years now, I've done some reading and I've worked on quite a few projects. In essence I agree with pretty much everything that has been said so far.
/and/ code the majority of the system. Other people perform support tasks. Larger projects require a more rigourous/formal approach but the intent is the same. Do read "The Mythical Man Month" as was referred to earlier as it explains why this sort of approach is a Good Thing.
I have a couple of things to clarify/add:
- Assume you will throw your first one away. I think I got that from the Camel book, but it has proven very correct in the real world. If you are doing something that has not been done before or is not substantially similar, you will get it wrong the first time. This is a Good Thing. The first try (sometimes called a prototype, or the alpha version, or whatever; pick a label) will teach you a lot about what it is you're trying to do. You will discover holes in the requirements. You will discover that what seemed easy is actually hard, and vice versa. You can then take this newly gained experience and start again. A caveat: Don't try to hack bits together to make the first try work. Scavenge the good bits and write the thing again, or you'll end up with an unmaintainable kludge that doesn't work properly and is difficult to debug. Clean code is good code.
- Don't adhere to one design methodology all the time. Just as sometimes it's good to use Perl and other times you need C or assembler or whatever, you need to choose the correct tools for the job. Informal methods may work well for you, or you may prefer a structured approach. Project size will affect your decision. I generally use an informal approach on small to medium projects with 1 or 2 system architects who design
Ultimately, experience is the best teacher. Learn how to run a project by participating in one. Note what works well and what doesn't. Constantly review what you've learned (albeit subconsciously). Everyone has their own style and their own preferences. Learn from others and develop your own. You'll know you've got it right when it works well.
Justin
Impressive.
Keep up the good work Rob!