Personally I consider returning the attack to be justified only once two criteria are met:
I have traced back the source of the attack, contacted the admins and/or owners of the source and either gotten no response at all or had them refuse to do anything about the attacks.
The attacks are sufficiently serious that even the best filtering will still leave my systems impacted to an unacceptable degree.
Anywhere short of this point, returning the attack isn't justified.
It doesn't look like open-source provided an advantage in finding this bug. But because PGP is open source, there are still two advantages:
The nature of the problem was found. Had this been closed-source software, we likely would have known the keys were non-random but would have no clue why they were non-random under certain circumstances, at least until the creator decided to release this information.
I can fix the problem. Literally minutes after viewing the Slashdot story, I was in the process of rebuilding my copy of PGP5 after having modified it to fix the bug. I would still have been waiting on a fix for a closed-source program.
As far as I can see, open source still provides advantages over closed source when it comes to finding and fixing bugs.
Well, I would guess you have nothing to hide in your personal life and finances. So, perhaps we should arrange for the details of your checking account, including who you wrote which checks to and for how much, and the contents of all the letters you wrote to your friends and family, including those love notes to your wife ( if you are in fact married, substitute appropriately if not ). And that little rant to your friend about what you really think of your boss at work. No? This doesn't appeal to you? Why not? After all, why do you need your privacy if you don't have anything to hide?
I do know that the legal department at my employer is rather insistent: never give out confidential information until after you have a signed non-disclosure agreement from the recipient in hand specifically because without it we wouldn't have legal grounds to keep them from disclosing what they were given without it.
The question is whether, legally, if you are given something in readable and usable form before you are told any license applies, you can use it whether or not you agree to the license. It would take a lawyer to answer that one.
At least on my system, the maximum TCP window size can be controlled on a per-route basis. You could probably dynamically determine an appropriate max window size from RTT information. The idea is that an optimistic-ACKing client operates on the assumption that the window can grow without limit, so one imposes a relatively large but finite limit on the server side. At some point the client will then ACK data that hasn't been sent, because it's assuming the server has increased the window when it fact it has hit it's limit. That should create a permanent hole in the TCP data stream, causing interesting times for the client machine.
Assumption: any link has a capacity determined by transfer speed and latency. Rough estimate is that the window will naturally settle at about 2x capacity, give or take. Correct or not?
If both ACKs are for data that has been received, then the first ACK received won't cause any data loss and the second ACK received will cause nothing to be discarded because it's already been handled by the first one. There's no need to alter current behavior with regard to that part of things. It only hits clients who ACK data that they haven't yet received, and should merely cause the client to stall with a hole in the data stream it can't fill in.
Another interesting question: if someone makes information available to you in readable and usable form before you have agreed to any of their terms, can they prevent you from using it if you refuse their terms? After all, it was given to you without requiring you to agree to any license.
This is a question I'm interested in because I downloaded the specs from MS's Web site and unpacked them into a readable PDF file without encountering any mention of a license at all until after I had opened and could read the entire PDF file. And I did not use any non-standard tools, merely IE to download it and save it to disk, WinZip to unpack it into a folder after bringing up the right-button menu on the saved archive file and Acrobat Reader to open and read it. I can't post their file, but precisely what legally would prevent me from reading what was made available to be before the license was mentioned ( the entire file ) and summarizing it's contents?
Check me if I'm wrong, but wouldn't simply having the server's TCP stack discard all data for which it had received an ACK, regardless of whether that data had been transmitted or not, in combination with a finite maximum window size and discarding ACKs that do not correspond with the end of a packet, make optimistic ACKing completely counter-productive?
There are those that would say that this sort of extended implementation equals non-compliance. For what it's worth, I disagree.
The problem isn't that they added extensions. The problem is that they used those extensions in a way that makes it impossible for Windows workstations to interoperate with other Windows machines when authenticating through a non-Windows Kerberos server. This pretty much forces anyone wanting to use Windows workstations to switch to Windows for the Kerberos servers whether they want or need to or not. Or they have to drop Kerberos authentication for those workstations. This despite the fact that they easily could have made things interoperate right, using the additional capabilities when using a Windows Kerberos server and dropping back to standard Kerberos behavior otherwise.
Actually it is good, and reasonable. Take it back into older areas for a moment. If deep linking were not legal, then it would be illegal for me to refer to you a particular page in a reference book, allowing you to skip over everything else the authors put into the book. The authors could legally restrict deep linking into their book, forcing me to tell you only the title and making you search for the relevant information on your own using what they provided.
Remember the other half of the judge's decision: that it must be clear who owns the content you're deep-linking to. It would still, under this decision, be illegal for tickets.com to link to Ticketmaster information and present it as their own. And if they clearly identify it as Ticketmaster information, what you complain about goes away.
Censorware doesn't prevent your kids from finding undesirable content. There are so many holes in it that they'll still easily be able to access the stuff you're trying to block them from.
It's been widely documented that censorware will prevent them from finding content that you wouldn't object to or would want them to view when that content doesn't match the censorware creator's own prejudices. For example, several excellent Bible sites are blocked by the software in question if I recall correctly.
In short, while your end may be fine, the software you're supporting doesn't accomplish that end.
Re:Why is this a "free speech" issue?
on
Victory in Holland
·
· Score: 1
I would have to disagree. Filtering is precisely about limiting access to ideas. They may be ideas that you consider wrong, but they're still ideas.
Big problem #1 with the various filtering proposals is that the groups that want them don't want to limit them to just children. The Holland proposal was to filter all computers in the library, including the ones used by adults. A claim that it's to protect the children sounds rather wrong in the face of that. Adults aren't children, so why filter the adult computers if it's the children you're interested in proteecting?
Second big problem is one you stated. Currently, it's the libraries that decide what to buy and not buy. The Holland proposal would have taken the decision about what was and was not available on the net out of the hands of the library and placed it in the hands of a group that didn't live anywhere near the area, one that has it's own agenda as demonstrated by some of the sites they block that have nothing to do with pornography.
Or there's another defensive use of the patents. Right now, the companies getting and holding patents on things are telling everyone that if they want to use the patents, they have to play by those companies' rules. If open-source people hold similar patents, they can do the same thing and tell those companies that if they want to use the patents, they have to play by open-source rules or pay hefty license fees. And the same court rulings and legal rules that benefit the big companies can be used by the little guys. You're right about the expenses, but then again there are competent lawyers willing to do some pro-bono work for open-source projects too.
The problem is, this wasn't just subpoenaing information. This was a blanket demand to turn over all information, whether or not it was germane to the case, held on a computer not owned or controlled by the company requesting the information. Traditionally with paper, one has to subpoena the information and then convince the judge that relevant information exists and was not turned over before being allowed to ransack a person's property and looking at everything there.
And frankly I find the attorney's quote about speech about a company not being protected frightening. By his standards, the publicity about the propensity of the gas tanks of one model of car to explode and kill people in rear-end collisions could legally have been suppressed by the car maker because the people making those statements and producing the evidence would not have had a legal right to malign a corporation that way. Gah!
Nor would they need to compile anything. Distributions come with precompiled packages, and the distributors provided updates as precompiled packages. Just use the GUI or command-line install tools, no compiling needed.
Those who can and do like to compile things and tweak them, though, have that option with Linux. We don't with Win2K.
Problem: some things aren't legally theirs. For example, the courts have held consistently that the people who bought something, be it a book, a music tape or the like, have certain rights under copyright. If you buy a book, you have the right to make copies of it for your use. You have the right to tape a TV show for later viewing by yourself. You have the right to copy songs from a CD to a cassette to play in your car.
The RIAA doesn't want to protect their rights to their property with their pushing for encryption and security. They want to bypass the courts and take away consumer's rights by technical means that they can't take away by legal ones. I don't like that.
Re:Yeah, sure...blame the media!
on
Apocalypse Not
·
· Score: 1
True. One point, though. In the articles I've read, and I've read a lot, the reports of disasters have usually been done with little critical attention, witness all the reports of the 9-Sep-1999 "bug" which, if one thinks about it for 10 seconds, was a completely nonsensical idea. You can't confuse "090999" and "999999". The articles reporting the assurances that nothing would happen, though, tended to have a tone of "Yeah, right, but they have to say that.". I'm sorry, but I can't help but feel that a large fraction of the mainstream media were looking for a disaster, because face it things going right doesn't make for news.
I'd disagree. Getting to be able to download mail from an ISP involves three tasks: getting the system booted and in a runnable state, configuring the networking and PPP connection, and configuring the system that will download mail and make it available. If I have a permanent cable modem connection, task 2 changes but 1 and 3 do not.
Parallel: learning to drive a car involves, as a prerequisiet, obtaining a car. Yet no course on driving a car will explain how to go about buying a car. That's because buying a car isn't part of the task of driving a car, even though you need to buy one before you can drive it. Same thing with the tasks you outlined.
Now, I agree there should be a simple document with basic tasks like 'getting the system booted', 'configuring a PPP connection' and such, with basic information and pointers to more detailed information. But if you want to get a system up and running and download mail over a PPP dialup connection, you should not expect one document to cover all of it. Way too much duplication of information that way, caused by pulling together logically seperate tasks.
No, the GPL prevents you from using someone else's work under terms they do not wish it used under. You want the right to do anything you wish with their work, and are annoyed that they will not give it to you. If you want to think of it in your terms, consider the returning of your improvements to the code to the rest of the community as the purchase price of the chunk of code you used to avoid having to reinvent the wheel.
But if a corporation is to work with the free software movement and still stay inside the laws of its own country, it might need to add in its EULA some statements not fully covered in the GPL.
But not where they contradict the GPL. If the company needs to distribute GPL'd software under terms not compatible with the GPL, then it has two choices:
Contact the copyright holders of the software and negotiate a different license.
Do not distribute the software.
Whether the GPL is convenient for a corporation or not is irrelevant. It's purpose is to prevent the addition of clauses like the one Corel imposed. Corel is free to impost their terms on their software, but not on anyone else's without that party's permission. Were I to have redistributed Corel's software under terms not compatible with their license to me, they would have had their legal department contact me and their position would have been very non-negotiable: cease doing that immediately or face legal action. I see no reason to apply any different standard to them than they would apply to me.
Your missing the point, i CAN send mail to that server, and people on that server can send mail back to me. The other server doesn't say, well that mail is coming from a netcom address so i'm not going to let him mail my people, that is stupid.
Actually, you're wrong on both points. I'm an XMission subscriber. You are not. If you attempt to connect to XMission's mail server and use it to send mail, it will refuse to let you connect to it because you are not a subscriber. And if you are on an ISP listed in the RBL, you will not be able to send mail to me because XMission's mail servers will not accept incoming mail from your ISP. XMission also blocks incoming mail from some other domains that they've had problems with, and if you're on one of those domains you won't be able to send mail to me.
Summed up: they're XMission's servers, XMission can and does decide who can send mail out and in through them. IM servers are the same.
MS has some points, but it's blowing smoke on one issue. A single IM standard will not allow MS clients to communicate with AOL clients. The reason is simple: to communicate with AOL clients you need to use AOL servers. AOL has the right to prevent non-AOL subscribers from using it's servers. And if you think that's wrong, think about other servers. Your ISP has it's mail servers configured to prevent anyone but it's subscribers from using them to send mail. ISPs that don't end up on the RBL. They probably also have them configured to not handle mail from certain domains, typically to block incoming spam. They probably have their news servers configured similarly, so that only their subscribers can read news off of them. Why should IM servers be different?
A single standard would be neccesary, but if MS wants their subscribers to be able to talk to AOL's subscribers, they need to negotiate a contract with AOL to have AOL's servers carry MS's traffic. Which, to date, MS has shown no apparent interest in doing.
None of those address the actual problems with Microsoft, though. I think what needs done is simply two things:
Seperate the OS and application aspects of Microsoft, and make their applications people deal with the OS side of the house through the same channels as every other application vendor out there.
Impose a restriction on Microsoft and every other application vendor: if they claim to support a standard, they must completely and exactly support the standard as it is written. If they want to add extensions to it and depend on them, they can't claim compatibility with the standard.
Except that we aren't working blind. We've been connecting IP-capable devices to networks for years. We know what various appliances are capable of, and what things can be done to damage them. For example, with a refrigerator you can turn the thermostat up or down too far, causing it to either get too warm and spoil the food or get too cold and freeze everything up including it's own workings. If you can control the thermostat via a TCP/IP connection, you can predict that somebody will reset it incorrectly and what problems will result from that.
Even if all you could do is monitor the temperature, the results are easy to predict. Salescritters want to call you when you're home. The temperature in the refrigerator goes up when you open the door to get something. The door only opens when someone's home to open it. So salescritter sets a program to watching the temperature in your refrigerator. when it spikes, a flag goes up and a call goes out to your phone number.
Now, was that sort of prediction all that hard? Didn't think so.
Personally I consider returning the attack to be justified only once two criteria are met:
- I have traced back the source of the attack, contacted the admins and/or owners of the source and either gotten no response at all or had them refuse to do anything about the attacks.
- The attacks are sufficiently serious that even the best filtering will still leave my systems impacted to an unacceptable degree.
Anywhere short of this point, returning the attack isn't justified.It doesn't look like open-source provided an advantage in finding this bug. But because PGP is open source, there are still two advantages:
- The nature of the problem was found. Had this been closed-source software, we likely would have known the keys were non-random but would have no clue why they were non-random under certain circumstances, at least until the creator decided to release this information.
- I can fix the problem. Literally minutes after viewing the Slashdot story, I was in the process of rebuilding my copy of PGP5 after having modified it to fix the bug. I would still have been waiting on a fix for a closed-source program.
As far as I can see, open source still provides advantages over closed source when it comes to finding and fixing bugs.Well, I would guess you have nothing to hide in your personal life and finances. So, perhaps we should arrange for the details of your checking account, including who you wrote which checks to and for how much, and the contents of all the letters you wrote to your friends and family, including those love notes to your wife ( if you are in fact married, substitute appropriately if not ). And that little rant to your friend about what you really think of your boss at work. No? This doesn't appeal to you? Why not? After all, why do you need your privacy if you don't have anything to hide?
I do know that the legal department at my employer is rather insistent: never give out confidential information until after you have a signed non-disclosure agreement from the recipient in hand specifically because without it we wouldn't have legal grounds to keep them from disclosing what they were given without it.
The question is whether, legally, if you are given something in readable and usable form before you are told any license applies, you can use it whether or not you agree to the license. It would take a lawyer to answer that one.
At least on my system, the maximum TCP window size can be controlled on a per-route basis. You could probably dynamically determine an appropriate max window size from RTT information. The idea is that an optimistic-ACKing client operates on the assumption that the window can grow without limit, so one imposes a relatively large but finite limit on the server side. At some point the client will then ACK data that hasn't been sent, because it's assuming the server has increased the window when it fact it has hit it's limit. That should create a permanent hole in the TCP data stream, causing interesting times for the client machine.
Assumption: any link has a capacity determined by transfer speed and latency. Rough estimate is that the window will naturally settle at about 2x capacity, give or take. Correct or not?
If both ACKs are for data that has been received, then the first ACK received won't cause any data loss and the second ACK received will cause nothing to be discarded because it's already been handled by the first one. There's no need to alter current behavior with regard to that part of things. It only hits clients who ACK data that they haven't yet received, and should merely cause the client to stall with a hole in the data stream it can't fill in.
Another interesting question: if someone makes information available to you in readable and usable form before you have agreed to any of their terms, can they prevent you from using it if you refuse their terms? After all, it was given to you without requiring you to agree to any license.
This is a question I'm interested in because I downloaded the specs from MS's Web site and unpacked them into a readable PDF file without encountering any mention of a license at all until after I had opened and could read the entire PDF file. And I did not use any non-standard tools, merely IE to download it and save it to disk, WinZip to unpack it into a folder after bringing up the right-button menu on the saved archive file and Acrobat Reader to open and read it. I can't post their file, but precisely what legally would prevent me from reading what was made available to be before the license was mentioned ( the entire file ) and summarizing it's contents?
That's sorta the idea. Play games, hose yourself.
Check me if I'm wrong, but wouldn't simply having the server's TCP stack discard all data for which it had received an ACK, regardless of whether that data had been transmitted or not, in combination with a finite maximum window size and discarding ACKs that do not correspond with the end of a packet, make optimistic ACKing completely counter-productive?
There are those that would say that this sort of extended implementation equals non-compliance. For what it's worth, I disagree.
The problem isn't that they added extensions. The problem is that they used those extensions in a way that makes it impossible for Windows workstations to interoperate with other Windows machines when authenticating through a non-Windows Kerberos server. This pretty much forces anyone wanting to use Windows workstations to switch to Windows for the Kerberos servers whether they want or need to or not. Or they have to drop Kerberos authentication for those workstations. This despite the fact that they easily could have made things interoperate right, using the additional capabilities when using a Windows Kerberos server and dropping back to standard Kerberos behavior otherwise.
Actually it is good, and reasonable. Take it back into older areas for a moment. If deep linking were not legal, then it would be illegal for me to refer to you a particular page in a reference book, allowing you to skip over everything else the authors put into the book. The authors could legally restrict deep linking into their book, forcing me to tell you only the title and making you search for the relevant information on your own using what they provided.
Remember the other half of the judge's decision: that it must be clear who owns the content you're deep-linking to. It would still, under this decision, be illegal for tickets.com to link to Ticketmaster information and present it as their own. And if they clearly identify it as Ticketmaster information, what you complain about goes away.
There's only two problems with this position:
- Censorware doesn't prevent your kids from finding undesirable content. There are so many holes in it that they'll still easily be able to access the stuff you're trying to block them from.
- It's been widely documented that censorware will prevent them from finding content that you wouldn't object to or would want them to view when that content doesn't match the censorware creator's own prejudices. For example, several excellent Bible sites are blocked by the software in question if I recall correctly.
In short, while your end may be fine, the software you're supporting doesn't accomplish that end.I would have to disagree. Filtering is precisely about limiting access to ideas. They may be ideas that you consider wrong, but they're still ideas.
Big problem #1 with the various filtering proposals is that the groups that want them don't want to limit them to just children. The Holland proposal was to filter all computers in the library, including the ones used by adults. A claim that it's to protect the children sounds rather wrong in the face of that. Adults aren't children, so why filter the adult computers if it's the children you're interested in proteecting?
Second big problem is one you stated. Currently, it's the libraries that decide what to buy and not buy. The Holland proposal would have taken the decision about what was and was not available on the net out of the hands of the library and placed it in the hands of a group that didn't live anywhere near the area, one that has it's own agenda as demonstrated by some of the sites they block that have nothing to do with pornography.
Or there's another defensive use of the patents. Right now, the companies getting and holding patents on things are telling everyone that if they want to use the patents, they have to play by those companies' rules. If open-source people hold similar patents, they can do the same thing and tell those companies that if they want to use the patents, they have to play by open-source rules or pay hefty license fees. And the same court rulings and legal rules that benefit the big companies can be used by the little guys. You're right about the expenses, but then again there are competent lawyers willing to do some pro-bono work for open-source projects too.
The problem is, this wasn't just subpoenaing information. This was a blanket demand to turn over all information, whether or not it was germane to the case, held on a computer not owned or controlled by the company requesting the information. Traditionally with paper, one has to subpoena the information and then convince the judge that relevant information exists and was not turned over before being allowed to ransack a person's property and looking at everything there.
And frankly I find the attorney's quote about speech about a company not being protected frightening. By his standards, the publicity about the propensity of the gas tanks of one model of car to explode and kill people in rear-end collisions could legally have been suppressed by the car maker because the people making those statements and producing the evidence would not have had a legal right to malign a corporation that way. Gah!
Nor would they need to compile anything. Distributions come with precompiled packages, and the distributors provided updates as precompiled packages. Just use the GUI or command-line install tools, no compiling needed.
Those who can and do like to compile things and tweak them, though, have that option with Linux. We don't with Win2K.
Problem: some things aren't legally theirs. For example, the courts have held consistently that the people who bought something, be it a book, a music tape or the like, have certain rights under copyright. If you buy a book, you have the right to make copies of it for your use. You have the right to tape a TV show for later viewing by yourself. You have the right to copy songs from a CD to a cassette to play in your car.
The RIAA doesn't want to protect their rights to their property with their pushing for encryption and security. They want to bypass the courts and take away consumer's rights by technical means that they can't take away by legal ones. I don't like that.
True. One point, though. In the articles I've read, and I've read a lot, the reports of disasters have usually been done with little critical attention, witness all the reports of the 9-Sep-1999 "bug" which, if one thinks about it for 10 seconds, was a completely nonsensical idea. You can't confuse "090999" and "999999". The articles reporting the assurances that nothing would happen, though, tended to have a tone of "Yeah, right, but they have to say that.". I'm sorry, but I can't help but feel that a large fraction of the mainstream media were looking for a disaster, because face it things going right doesn't make for news.
I'd disagree. Getting to be able to download mail from an ISP involves three tasks: getting the system booted and in a runnable state, configuring the networking and PPP connection, and configuring the system that will download mail and make it available. If I have a permanent cable modem connection, task 2 changes but 1 and 3 do not.
Parallel: learning to drive a car involves, as a prerequisiet, obtaining a car. Yet no course on driving a car will explain how to go about buying a car. That's because buying a car isn't part of the task of driving a car, even though you need to buy one before you can drive it. Same thing with the tasks you outlined.
Now, I agree there should be a simple document with basic tasks like 'getting the system booted', 'configuring a PPP connection' and such, with basic information and pointers to more detailed information. But if you want to get a system up and running and download mail over a PPP dialup connection, you should not expect one document to cover all of it. Way too much duplication of information that way, caused by pulling together logically seperate tasks.
No, the GPL prevents you from using someone else's work under terms they do not wish it used under. You want the right to do anything you wish with their work, and are annoyed that they will not give it to you. If you want to think of it in your terms, consider the returning of your improvements to the code to the rest of the community as the purchase price of the chunk of code you used to avoid having to reinvent the wheel.
But if a corporation is to work with the free software movement and still stay inside the laws of its own country, it might need to add in its EULA some statements not fully covered in the GPL.
But not where they contradict the GPL. If the company needs to distribute GPL'd software under terms not compatible with the GPL, then it has two choices:
- Contact the copyright holders of the software and negotiate a different license.
- Do not distribute the software.
Whether the GPL is convenient for a corporation or not is irrelevant. It's purpose is to prevent the addition of clauses like the one Corel imposed. Corel is free to impost their terms on their software, but not on anyone else's without that party's permission. Were I to have redistributed Corel's software under terms not compatible with their license to me, they would have had their legal department contact me and their position would have been very non-negotiable: cease doing that immediately or face legal action. I see no reason to apply any different standard to them than they would apply to me.Your missing the point, i CAN send mail to that server, and people on that server can send mail back to me. The other server doesn't say, well that mail is coming from a netcom address so i'm not going to let him mail my people, that is stupid.
Actually, you're wrong on both points. I'm an XMission subscriber. You are not. If you attempt to connect to XMission's mail server and use it to send mail, it will refuse to let you connect to it because you are not a subscriber. And if you are on an ISP listed in the RBL, you will not be able to send mail to me because XMission's mail servers will not accept incoming mail from your ISP. XMission also blocks incoming mail from some other domains that they've had problems with, and if you're on one of those domains you won't be able to send mail to me.
Summed up: they're XMission's servers, XMission can and does decide who can send mail out and in through them. IM servers are the same.
MS has some points, but it's blowing smoke on one issue. A single IM standard will not allow MS clients to communicate with AOL clients. The reason is simple: to communicate with AOL clients you need to use AOL servers. AOL has the right to prevent non-AOL subscribers from using it's servers. And if you think that's wrong, think about other servers. Your ISP has it's mail servers configured to prevent anyone but it's subscribers from using them to send mail. ISPs that don't end up on the RBL. They probably also have them configured to not handle mail from certain domains, typically to block incoming spam. They probably have their news servers configured similarly, so that only their subscribers can read news off of them. Why should IM servers be different?
A single standard would be neccesary, but if MS wants their subscribers to be able to talk to AOL's subscribers, they need to negotiate a contract with AOL to have AOL's servers carry MS's traffic. Which, to date, MS has shown no apparent interest in doing.
None of those address the actual problems with Microsoft, though. I think what needs done is simply two things:
Except that we aren't working blind. We've been connecting IP-capable devices to networks for years. We know what various appliances are capable of, and what things can be done to damage them. For example, with a refrigerator you can turn the thermostat up or down too far, causing it to either get too warm and spoil the food or get too cold and freeze everything up including it's own workings. If you can control the thermostat via a TCP/IP connection, you can predict that somebody will reset it incorrectly and what problems will result from that.
Even if all you could do is monitor the temperature, the results are easy to predict. Salescritters want to call you when you're home. The temperature in the refrigerator goes up when you open the door to get something. The door only opens when someone's home to open it. So salescritter sets a program to watching the temperature in your refrigerator. when it spikes, a flag goes up and a call goes out to your phone number.
Now, was that sort of prediction all that hard? Didn't think so.