I was referring to the situation where the good driver (you) is travelling through an already green light at or near the road speed when some nut slams through the light and threatens to hit. Anybody who even has a clue about defensive driving knows not to charge through a freshly green light without looking and certainly the circumstances under which a red light can be run legitimately are very narrow.
If you implement systems like this, or other speed enforcement techniques like photo radar, the DOT needs to fix the underposted speed limits first. Traffic engineering rules specify that a good speed limit is the 85th percentile speed of unrestricted (IE, not stuck in traffic, not being enforced by a cop) traffic, rounded up to the nearest multiple of five. Studies show that this speed is the safest speed to drive at, regardless of any artificially chosen "limit" which is clearly not a limit in any sense of the word because the limits are routinely disobeyed.
If you want people to take speed limits seriously you need to make the limits appropriate and enforce them appropriately. A favorite trick in many states is to post a rediculously low (20 or 30mph under the prevailing traffic speed) work zone speed limit where no actual work is occuring. Then a police officer sits there and pulls over the people at the high end of the normal traffic speeds and tickets them. This behavior is unsafe, unfair, increases distrust of law enforcement and leads people to believe the whole traffic system is a scam.
A local expressway here is posted at 65. People typically drive between 65 and 80. Some drive faster. 80 is a completely safe speed on this road (in good conditions) and the off duty police drive much faster on their way home. A reasonable solution would be to set the limit at 80 or 85. Most people wouldn't drive that fast. I know most of the time I'd stick around 70 for fuel mileage but knowing it was legal to accelerate faster than that for passing or traffic maneuvers would increase safety.
Consider the following example. You are headed through a green light when, being an observant and defensive driver, you notice somebody running the perpendicular red light and about to hit you. Do you:
A) Hit the brakes B) Hit the accelerator C) Do nothing.
I answer B. IMHO, anyone who would answer A in this situation or let their "instincts" get the better of them while driving should consider taking a real driving course. Driving is a complex activity involving the need to make split second decisions. If you'd rather reduce your speed and crash as opposed to increasing your speed to avoid an accident I'd prefer you stay off the public roads.
In an emergency, the driver needs as much control of the vehicle as s/he can get. Systems that defeat this are a serious safety hazard.
No no NO! The MPAA rating system is/voluntary/, just like the video game rating system is now. There is nothing illegal about minors seeing R-Rated movies. Theatres just have personal policies against allowing minors to see those movies.
Unfortunately for those of us who aren't large corporations, it remains very difficult or expensive to get a non-self-signed certificate. I run a personal free hosting service for friends and family and even the cheap SSL certs are just another expense on top of the cost of colocation, maintainence and bandwidth. Obviously my users can't complain for the price they pay but it would sure be nice to have a "real" certificate.
CACert is a start, but unfortunately at this point in time no browsers include their root CA by default. If and when this does happen, it will be a very valuable resource for hobbyists and personal/FOAF level servers. I'd like to set up CACert signed certificates, but until then it remains largely a joke for anyone who isn't already a capable of importing a root CA.
Well, one of the reasons why this blew up so bad was that the rootkit was poorly coded. Furthermore, so was the uninstall tool. Macrovision has a lot more resources than small time startups like First4. They can hire better coders, and they have better resources to do QA. So maybe Macrovisions stuff is still doing all the naughty bits, but they've hidden it better and it doesn't open up your computer like swiss cheese.
Just because the system has a little switch that says "violate privacy", and that switch is currently "off", doesn't mean there is no need for concern. History has shown that governments will abuse any power they are granted.
This is a valid point, but if the poster I quoted is correct the switch is under the control of the cellphone company, not the government. And, I actually trust the cell phone companies more. I think a lot of users would complain if they found out their company was sending personal location data to the government.
Maybe I'm being an idealist.
People complain about cameras that estimate traffic flow too. Yet, the data these cameras give to the public in the form of traffic information is IMHO invaluable. It is great to be able to look on a website before heading out and know where the backups are. Is it abusable? Sure. Is everything in life a tradeoff? Yes. In this case I believe it is a fair trade.
Provided the information in this comment is accurate, privacy concerns in this case are largely unfounded. There is good potential benefit for a system like this. I'd love to be able to dial up a map of the Boston metro area and see the congested roads marked in red (Never mind that/all/ of them would be red in Boston...).
I'm fully in support of such a system provided (and this is a neccessity) the information provided to the state is fully randomized. If, as you suggest, the UK system is being abused today, it sounds like it was poorly implemented from a privacy standpoint.
There are lots of alternatives to gmail. I run my own mailserver on a colocated box and give access to friends. POP, IMAP, Webmail, and remote SMTP submission (and lots of other goodies). You might be able to find a similar geek friendly server or run your own.
Personally I don't like the idea of running my email through hotmail, yahoo, gmail. Advertising supported mail in general just gives me the creeps.
Most of those CDs, especially those sold in Asia, are bit-by-bit copies of legit CDs. Usually they are actually pressed CDs, not CDRs. So, the large scale operations buy a master disk and duplicate it. It would be pointless to download low quality, potentially flawed rips from slow p2p networks when you can buy a master copy for pennies compared to what you'll get from it.
A broadband ISP would be crazy to enforce this, since one of the largest selling points of broadband access is quick downloads of large media content such as this. I'm not saying it would make people go back to dialup, but I do think the cable/DSL/FiOS speed war is fueled by the downloading of media. ISPs use their download rates to attract new customers at a price premium, and it works. Remove that incentive and you'll be back to the lowest common denominator (768k DSL.. how can they even call it broadband?!).
Yes, finally! My only concern now is that they will destroy this by putting DRM, etc. They're going to want to prevent people from skipping the commercials. Lets hope they trust the honor system (and the viewers follow said system) instead of making the downloads useless by
Personally, I would gladly pay to download the few shows I like to watch. We only get ultrabasic cable, so I can't watch channels like Comedy Central anyways. A reasonable ($1-$5) per-download fee or a season subscription fee would be a great model for those who prefer to watch TV when they want to. For prices at the low end of the spectrum I would even be willing to tolerate ads.
I tried DenyHosts and found it disapointing. These days I use login_sentry which has been improved by a friend of mine. Check it out, cross platform too (/etc/hosts.deny).
If you're so smart, let's hear YOUR explanation why IPv6 hasn't happened yet. All the tech is there, isn't it? What's going to push everybody "over the edge"?
Why hasn't it happened yet? Because there is no rush. We're waiting for ISPs to start offering native server to end users, or tunneled service like Earthlink offers. "Geeky" ISPs like Speakeasy are likely to do this first. Nobody every said the transition to IPv6 had to happen overnight. It could take ten years or more. But by doing it gradually you guarantee things go smoothly.
If your clients followed your advice of "waiting until everyone else is using it" they'll be more than fashionably late.
As a postscript, don't post as anonymous coward because you want to troll. It is truly a rude and cowardly thing to do.
DJB once again shows his ignorance and arrogance. The protocols don't need to be interoperable. Both servers and clients can support both IPv6 and IPv4. Everything is in place to do this today (I have both IPv6 enabled servers and clients today). If the server has an AAAA record, the client will connect over IPv6. If it only has A records, the client uses IPv4. Easy, and it doesn't matter how long it takes to do the eventual "transition" because it is completely seamless when you run dual stacked. You simply let the IPv4 support hang there like a vestigial tail until it drops off:)
Through networks like Hurricane Electric, Freenet6 and (on a more serious level) OCCAID people are experimenting with IPv6 today. I recently colocated a server and for no additional cost receive native, dual stacked IPv6 service. Do many people use it? No, but it is a start. The trick will be to get as many servers working on this dual stacked service as possible. Eventually ISPs will start supplying dual stacked service.
Earthlink even offers a custom WRT54G firmware which will automatically set up an IPv6 tunnel for you. What are you waiting for? Now is the time to support both protocols so we can begin the very lengthy transition.
There is no need to convert to *only* IPv6. Dual stacked service is available today in many data centers! This means you can simply give your interface an IPv4 and IPv6 address, and give it A and AAAA DNS records. IPv6 enabled clients will use the IPv6 address and IPv4 clients will use the IPv4 address. Simple transition.. and it can be as long as it needs to be.
Now, everytime I get a spam from a zombie machine or see a box DDoSed by a botnet we can thank Sony, because they're working hard to make the virus writing schmucks jobs easier.
Thanks.
I will never buy another Sony product again. I removed all Sony products from my amazon wishlist as Christmas shopping season approaches. I will grin from ear to ear as Sony is sued into oblivion. Honestly, I'd like to see the people responsible arrested.
Unix factor fails me again!
on
RSA-640 Factored
·
· Score: 3, Funny
factor: `3107418240490043721350750035888567930037346022842 72754572016194882320644051808150455634682967172328 67824379162728380334154710731085019195485290073377 24822783525742386454014691736602477652346609' is too large
Charter and Comcast are independant companies. It is the number four cable television provider in the United States, apparently.
See Wikipedia's article.
No. If you read my comment you would understand that the restriction is only present before you register your computer's MAC address with the captive portal. Until that point, you can only access certain things. Why would you assume this means no access for non-Windows?
No; He reported it to somebody who was being attacked by the same person. And, if you knew anything about IRC you'd know it is awfully difficult to keep bad guys off your network when there are so many open proxies. If a cracker tried to use this person's network to run a botnet, they already had their hands full trying to keep all of the bots from DoSing the network.
This person didn't try to "report it to the admin who is responsible for maintaining the resource from where the attack was launched." He bitched about it to somebody who was taking the brunt of the attack, in traffic and otherwise.
The IRCop is right. It is very difficult to track this stuff down, and it is a pain. Believe me, if I was in his position I'd be pretty ticked at you, as your compromised machine was reponsible for abusing his network and it even looks like your box got banned from the network. You're even guilty of ban evasion!
I am an IRCop on a very small network which had a botnet problem last year. Hundreds and hundreds of bots would connect, all joining channels. We wrote scripts to ban all the bots, upgraded services, the whole lot. They keep coming. Some of them came to new channels. The "owners" hadn't showed up at this point, not even once. After around 5 days some people showed up in those channels from ISPs in the middle east. I did track them down, and sent abuse emails to their ISPs. Got a response in a few days, offending account shut down. But that account was probably another 0wned box anyways.
Unfortunately sending ISP abuse emails to all of the bot IPs was much too daunting a task for a small time IRC network.
Keeping unwanted things off an IRC network is hard work. Kiddies often have hundreds of open proxy and otherwise usable IPs to use for ban evasion.
I hate to be brutally honest, but you share a lot of responsibility. *Your* IP was abusing his system.
Slashdot Mirror
Thank you for reading what I wrote :)
I was referring to the situation where the good driver (you) is travelling through an already green light at or near the road speed when some nut slams through the light and threatens to hit. Anybody who even has a clue about defensive driving knows not to charge through a freshly green light without looking and certainly the circumstances under which a red light can be run legitimately are very narrow.
If you implement systems like this, or other speed enforcement techniques like photo radar, the DOT needs to fix the underposted speed limits first. Traffic engineering rules specify that a good speed limit is the 85th percentile speed of unrestricted (IE, not stuck in traffic, not being enforced by a cop) traffic, rounded up to the nearest multiple of five. Studies show that this speed is the safest speed to drive at, regardless of any artificially chosen "limit" which is clearly not a limit in any sense of the word because the limits are routinely disobeyed.
If you want people to take speed limits seriously you need to make the limits appropriate and enforce them appropriately. A favorite trick in many states is to post a rediculously low (20 or 30mph under the prevailing traffic speed) work zone speed limit where no actual work is occuring. Then a police officer sits there and pulls over the people at the high end of the normal traffic speeds and tickets them. This behavior is unsafe, unfair, increases distrust of law enforcement and leads people to believe the whole traffic system is a scam.
A local expressway here is posted at 65. People typically drive between 65 and 80. Some drive faster. 80 is a completely safe speed on this road (in good conditions) and the off duty police drive much faster on their way home. A reasonable solution would be to set the limit at 80 or 85. Most people wouldn't drive that fast. I know most of the time I'd stick around 70 for fuel mileage but knowing it was legal to accelerate faster than that for passing or traffic maneuvers would increase safety.
Consider the following example. You are headed through a green light when, being an observant and defensive driver, you notice somebody running the perpendicular red light and about to hit you. Do you:
A) Hit the brakes
B) Hit the accelerator
C) Do nothing.
I answer B. IMHO, anyone who would answer A in this situation or let their "instincts" get the better of them while driving should consider taking a real driving course. Driving is a complex activity involving the need to make split second decisions. If you'd rather reduce your speed and crash as opposed to increasing your speed to avoid an accident I'd prefer you stay off the public roads.
In an emergency, the driver needs as much control of the vehicle as s/he can get. Systems that defeat this are a serious safety hazard.
Where are you located? The MPAA system in the US is voluntary.
No no NO! The MPAA rating system is /voluntary/, just like the video game rating system is now. There is nothing illegal about minors seeing R-Rated movies. Theatres just have personal policies against allowing minors to see those movies.
Unfortunately for those of us who aren't large corporations, it remains very difficult or expensive to get a non-self-signed certificate. I run a personal free hosting service for friends and family and even the cheap SSL certs are just another expense on top of the cost of colocation, maintainence and bandwidth. Obviously my users can't complain for the price they pay but it would sure be nice to have a "real" certificate.
CACert is a start, but unfortunately at this point in time no browsers include their root CA by default. If and when this does happen, it will be a very valuable resource for hobbyists and personal/FOAF level servers. I'd like to set up CACert signed certificates, but until then it remains largely a joke for anyone who isn't already a capable of importing a root CA.
Well, one of the reasons why this blew up so bad was that the rootkit was poorly coded. Furthermore, so was the uninstall tool. Macrovision has a lot more resources than small time startups like First4. They can hire better coders, and they have better resources to do QA. So maybe Macrovisions stuff is still doing all the naughty bits, but they've hidden it better and it doesn't open up your computer like swiss cheese.
Just because the system has a little switch that says "violate privacy", and that switch is currently "off", doesn't mean there is no need for concern. History has shown that governments will abuse any power they are granted.
This is a valid point, but if the poster I quoted is correct the switch is under the control of the cellphone company, not the government. And, I actually trust the cell phone companies more. I think a lot of users would complain if they found out their company was sending personal location data to the government.
Maybe I'm being an idealist.
People complain about cameras that estimate traffic flow too. Yet, the data these cameras give to the public in the form of traffic information is IMHO invaluable. It is great to be able to look on a website before heading out and know where the backups are. Is it abusable? Sure. Is everything in life a tradeoff? Yes. In this case I believe it is a fair trade.
Provided the information in this comment is accurate, privacy concerns in this case are largely unfounded. There is good potential benefit for a system like this. I'd love to be able to dial up a map of the Boston metro area and see the congested roads marked in red (Never mind that /all/ of them would be red in Boston...).
I'm fully in support of such a system provided (and this is a neccessity) the information provided to the state is fully randomized. If, as you suggest, the UK system is being abused today, it sounds like it was poorly implemented from a privacy standpoint.
There are lots of alternatives to gmail. I run my own mailserver on a colocated box and give access to friends. POP, IMAP, Webmail, and remote SMTP submission (and lots of other goodies). You might be able to find a similar geek friendly server or run your own.
Personally I don't like the idea of running my email through hotmail, yahoo, gmail. Advertising supported mail in general just gives me the creeps.
Most of those CDs, especially those sold in Asia, are bit-by-bit copies of legit CDs. Usually they are actually pressed CDs, not CDRs. So, the large scale operations buy a master disk and duplicate it. It would be pointless to download low quality, potentially flawed rips from slow p2p networks when you can buy a master copy for pennies compared to what you'll get from it.
Don't forget DRM would potentially lock out Linux and other users.
A broadband ISP would be crazy to enforce this, since one of the largest selling points of broadband access is quick downloads of large media content such as this. I'm not saying it would make people go back to dialup, but I do think the cable/DSL/FiOS speed war is fueled by the downloading of media. ISPs use their download rates to attract new customers at a price premium, and it works. Remove that incentive and you'll be back to the lowest common denominator (768k DSL.. how can they even call it broadband?!).
Yes, finally! My only concern now is that they will destroy this by putting DRM, etc. They're going to want to prevent people from skipping the commercials. Lets hope they trust the honor system (and the viewers follow said system) instead of making the downloads useless by
Personally, I would gladly pay to download the few shows I like to watch. We only get ultrabasic cable, so I can't watch channels like Comedy Central anyways. A reasonable ($1-$5) per-download fee or a season subscription fee would be a great model for those who prefer to watch TV when they want to. For prices at the low end of the spectrum I would even be willing to tolerate ads.
I tried DenyHosts and found it disapointing. These days I use login_sentry which has been improved by a friend of mine. Check it out, cross platform too (/etc/hosts.deny).
Why hasn't it happened yet? Because there is no rush. We're waiting for ISPs to start offering native server to end users, or tunneled service like Earthlink offers. "Geeky" ISPs like Speakeasy are likely to do this first. Nobody every said the transition to IPv6 had to happen overnight. It could take ten years or more. But by doing it gradually you guarantee things go smoothly.
If your clients followed your advice of "waiting until everyone else is using it" they'll be more than fashionably late.
As a postscript, don't post as anonymous coward because you want to troll. It is truly a rude and cowardly thing to do.
DJB once again shows his ignorance and arrogance. The protocols don't need to be interoperable. Both servers and clients can support both IPv6 and IPv4. Everything is in place to do this today (I have both IPv6 enabled servers and clients today). If the server has an AAAA record, the client will connect over IPv6. If it only has A records, the client uses IPv4. Easy, and it doesn't matter how long it takes to do the eventual "transition" because it is completely seamless when you run dual stacked. You simply let the IPv4 support hang there like a vestigial tail until it drops off :)
Through networks like Hurricane Electric, Freenet6 and (on a more serious level) OCCAID people are experimenting with IPv6 today. I recently colocated a server and for no additional cost receive native, dual stacked IPv6 service. Do many people use it? No, but it is a start. The trick will be to get as many servers working on this dual stacked service as possible. Eventually ISPs will start supplying dual stacked service.
Earthlink even offers a custom WRT54G firmware which will automatically set up an IPv6 tunnel for you. What are you waiting for? Now is the time to support both protocols so we can begin the very lengthy transition.
There is no need to convert to *only* IPv6. Dual stacked service is available today in many data centers! This means you can simply give your interface an IPv4 and IPv6 address, and give it A and AAAA DNS records. IPv6 enabled clients will use the IPv6 address and IPv4 clients will use the IPv4 address. Simple transition.. and it can be as long as it needs to be.
Now, everytime I get a spam from a zombie machine or see a box DDoSed by a botnet we can thank Sony, because they're working hard to make the virus writing schmucks jobs easier.
Thanks.
I will never buy another Sony product again. I removed all Sony products from my amazon wishlist as Christmas shopping season approaches. I will grin from ear to ear as Sony is sued into oblivion. Honestly, I'd like to see the people responsible arrested.
factor:2 72754572016194882320644051808150455634682967172328 67824379162728380334154710731085019195485290073377 24822783525742386454014691736602477652346609' is too large
`310741824049004372135075003588856793003734602284
Charter and Comcast are independant companies. It is the number four cable television provider in the United States, apparently. See Wikipedia's article.
No. If you read my comment you would understand that the restriction is only present before you register your computer's MAC address with the captive portal. Until that point, you can only access certain things. Why would you assume this means no access for non-Windows?
No; He reported it to somebody who was being attacked by the same person. And, if you knew anything about IRC you'd know it is awfully difficult to keep bad guys off your network when there are so many open proxies. If a cracker tried to use this person's network to run a botnet, they already had their hands full trying to keep all of the bots from DoSing the network.
This person didn't try to "report it to the admin who is responsible for maintaining the resource from where the attack was launched." He bitched about it to somebody who was taking the brunt of the attack, in traffic and otherwise.
The IRCop is right. It is very difficult to track this stuff down, and it is a pain. Believe me, if I was in his position I'd be pretty ticked at you, as your compromised machine was reponsible for abusing his network and it even looks like your box got banned from the network. You're even guilty of ban evasion!
I am an IRCop on a very small network which had a botnet problem last year. Hundreds and hundreds of bots would connect, all joining channels. We wrote scripts to ban all the bots, upgraded services, the whole lot. They keep coming. Some of them came to new channels. The "owners" hadn't showed up at this point, not even once. After around 5 days some people showed up in those channels from ISPs in the middle east. I did track them down, and sent abuse emails to their ISPs. Got a response in a few days, offending account shut down. But that account was probably another 0wned box anyways.
Unfortunately sending ISP abuse emails to all of the bot IPs was much too daunting a task for a small time IRC network.
Keeping unwanted things off an IRC network is hard work. Kiddies often have hundreds of open proxy and otherwise usable IPs to use for ban evasion.
I hate to be brutally honest, but you share a lot of responsibility. *Your* IP was abusing his system.