...SCO has made public statements and accusations about IBM's Unix license and about Linux in an apparent attempt to create fear uncertainty and doubt among IBM's customers...
In other words, IBM invented FUD, IBM has a patent on FUD, and if you continue to use it you will be crushed by the blue monolith. You are irrelevant. Shoo.
And you know, I've always wanted to send in a check for a piece of software with a statement on it that says: "By accepting this check you agree to the following EULA which states that {yada yada yada} and you agree that the author of this check disclaims all warranties and conditions, either expressed or implied, including, but not limited to, any implied warranties of fitness for a particular purpose, including, but not limited to exchange for legal tender..."
I believe it is cubic. The mass of the sphere "below" you, given density D and radius R is (4 D R^3)/3. Oh, yeah, the force is then equal to your mass times ((4 D R^3)/3)/R^2, which simplifies to 4DR/3, which would be linear, just like you said. Ooops. My bad. Thanks for catching that.:)
the earth orbit would be shifted though becasue a black hole the mass of the sun would cause a much sharper curvature of space.
Not quite. The curvature of space would be almost exactly the same at the orbit of the earth. If the Sun were to become a black hole, the curvature of space (or the gravitational forces at any point in space) would be the same for any point not inside the current surface of the sun.
To explain this a bit, first imagine a spherical cow with uniform density, floating in empty space. As you aproach the cow, the gravitational attraction towards it is proportional to the inverse of the square of the distance to the center of gravity of the cow. The density of the cow doesn't matter. An infinitely dense point-mass cow would cause the same attraction. Now, continue on your path, and you puncture the outside of the cow. At this point, it's easier to figure out the gravitational force as the sum of two force vectors. One force vector is for the sphere of matter "below" you, which is the sphere of matter with its center at the center of gravity of the cow and its radius being your distance from it. That one's easy to figure out, it's just some fraction of the mass of the cow, times your mass, devided by the square of the radius. The harder part to figure out is the force vector of the spherical shell "above" you. this involves some mathematics that I can't recall right now, but trust me, the answer ends up being zero. So, if you graph out the gravitational attraction from infinity to the center of the spherical cow, it will start as an increasing parabolic curve and continue that way until you hit the surface, at which point it will begin to decrease at a cubic rate that ends up equal to zero at the center of the cow. Now, if you collapse the cow into a black hole, the exact same equations hold true, the only difference is that the surface of the cow is now so much closer to the center, that the parabolically increasing rate has much more distance over which to increase.
I hope that made sense. It's late, and I'm going to bed now....
Well, here are the ideas I've gathered. Some of them are kind of fun. You see, it's all a matter of attitude. If telemarketers are annoying solicitors, then all you get when the phone rings is the chance to be annoyed. But if you turn it into a game, then every phone call is a chance for high comedy. (Well, more like low comedy, but amusement nonetheless.)
As my page says, what I'm hoping for is that we can all become so highly annoying to the telemarketers that the DMA will create their own national "we don't want to call" list, and put my name right on the top.
There is another big difference between talking to a passenger and talking to someone on the phone. If I'm talking to a passenger, there is some chance that they will cause me to look at them, to make eye contact. My wife often complains that I don't look at her when I talk to her enough, but even once while driving is too many times.
I also have often wondered about how the laws about cellphones are written such that they cover cell phones but not cb's. And for some reason it really bothers me that there is almost certainly an explicit or implicit exclusion for police.
But, in a vain effort to swerve this post from its current tangent back towards on-topicness, the one thing that seems to bother me the most about the disappearance of payphones is that they're often very usefull in emergencies. Not everyone has a cellphone, and there are often circumstances which render them useless (bad signal reception, low battery, etc...) It's nice to have a hardline here and there where 911 can be dialed with ease, if you happen to see an accident or a fire, or a lynch mob, or perhaps if you're experiencing a heart attack or just went into labor. Granted, these are not common occurences, and the telco's certainly shouldn't be forced to maintain costly infrastructure at a loss, but at the same time that payphones are being pulled down, local and state governments are erecting emergency call boxes. Would it be all that hard to have the government agencies that are erecting the call boxes just use that money to pay the telco's to maintain their payphones? It seems like there should be a middle ground here....
'We don't want to ring the dinner bell for people who have ulterior motives and don't behave responsibly,'
Sorry, you're too late. The people with ulterior motives who don't behave responsibly have already been elected, and were the ones that directed the study to be done. They now have the information, and aren't giving it to the rest of us.
There is an elegant solution that seems tailor-made for this particular problem (i.e., massive bandwidth DDOS of a small number of servers serving a stateless udp-based service) It's called anycast, and it's being used successfully now. An excellent example of its use is the AS112 project
Now if we can just get all or most of the root-servers and gtld-servers moved to anycast, then there should be at least minor performance gains, and fairly large stability/resilience-to-DOS gains.
In general, I'd have to say we've got a fairly cool system of government. The constitution is really clever in many ways, and the ideas that the US were founded on were definitely revolutionary. But, like any complex-but-good idea, there are problems in the first few drafts. One of those is this:
The Constitution of the United States of America is, by its own declaration, the supreme law of the land. It defines, among other things, the Supreme Court to be the highest court in the land. So one would suspect that if a person were to be found by the highest court in the land to have violated, beyond a shadow of a doubt, with willful premeditation, that supreme law of the land, that the punishment they would be sentenced to would be severe in the extreme.
One would be wrong.
Take, as an excellent example, the first ten amendments to the Constitution, often referred to as the Bill of Rights. They are powerfully and clearly worded. They say such things as "Congress shall make no law which..." and "The Right of the People [...] shall not be infringed." But what if congress does make such a law? What if the rights of the people are infringed? It happens all too often. There are laws passed by congress that clearly and blatantly ignore these amendments. In many ways, it's much like civil disobedience, but somewhat different. I shall call it federal disobedience. Sometimes these violations are so obvious that they are seen to be so not only by me and every other citizen, but by the Supreme Court itself. And the people who originally perpetrated this crime, the senators and congressmen who proposed, supported, amended, and ultimately voted to accept these laws are not held accountable. They are not fined. They are not imprisoned. They are not prevented in any way from committing the same crime again. They are left in the position that they started in, with the full means, motive, and opportunity to become repeat offenders. If I were to break a local parking ordinance, I might have to pay $50 or so. If, on the other hand, I get myself elected to public office, and once in that public office, if I blatantly disobey the supreme law of the land, the fine that I face is exactly nothing. That is horribly, horribly wrong.
Well, look also at W5 - anonymous logon null sessions. And, while we're at it, weak LM hashing (W6).
By default, every windows box has both available. I haven't tried it lately, but there have been times when uninstalling SMB from a windows box has been far more difficult than uninstalling IE. Furthermore, for the most part, IE needs to be used in order to compromise your system. Don't use it, and you're (somewhat) more safe. (Of course, there are a lot of MS applications that will happily use it for you, so you're still screwed...)
But, if you install NT, 2K, or XP, you've got null sessions available as soon as you boot the box, before you even touch the keyboard.
No, TerraFlops. Terra (Earth). Flops. "We had a planet. We called it Terra. It flopped."
That's the whole reason for having this escapism virtual reality-ish thing in the first place. Because Terra Flops. It's a cooler sounding phrase than "Life sucks."
"The exempt purposes set forth in 501(c)(3) are charitable, religious, educational, scientific, literary, testing for public safety, fostering national or international amateur sports competition, and the prevention of cruelty to children or animals."
There it is right there! Windows operating systems are a form of cruelty, and the LUG is working to prevent them from happening to children and other people (who are, after all, animals too).
Of course, look at the rest of the accepted purposes:
Charitable: Maybe
Religious: Just ask your LUG about vi and emacs.
Educational: Duh.
Scientific: Probably.
Literary: Source code as literature? Sure.
Testing for public safety: QA! Check for buffer overflows to keep our networks safe!
Amateur sports: Marathon coding? Maybe not.;)
I'm curious how often the professional analysts and technology prophets go back and check their predictions. How often do you go back through articles you wrote three years ago that said "In three years, this product will have X% of market share" or "In three years this industry will be worth $X billions" and then look at the market today and see how far off you were?
So what do you think the chances are that the next version of the Flash plug-in will slightly "modify" your browser's operation when you try to access above.net or the RBL pages?
I actually have a Netra X1 right next to me. I've been playing around with it. I reallly like it. It is completely unexpandable (with the exception of a spot for a second hard drive and places for more memory), but elegant in it's simplicity. It has two 10/100 ethernet connectors, and 2 RJ-45 serial connectors (contrary to one above post, these serial connectors use the exact pinouts as Cisco gear, which makes me very happy, since I'm a Cisco sort of person). It also has a "personality card", which contains, at the least, the MAC addresses for the Ethernet cards. Apparently, if you have completely stock configurations, you can swap machines in and out by swapping these cards (although I haven't had a chance to play with this - I've only got one.) There are definitely reasons to love this box, or hate it.
Everything is integrated. If anything dies, you replace the whole thing.
LOM (Lights Out Management). This is very cool. I have not touched the power switch on this box (except once - I wanted to verify that pushing the power switch "off" would initiate a gracefull shutdown, which it did) LOM includes a built-in watchdog - you can run this daemon, and if it doesn't talk to the hardware within a certain amount of time, the hardware power-cycles itself, assuming the system has crashed. You can programmatically turn on an amber maintenance LED on the back of it. This can be very handy if you've got racks and racks of these things.
As someone pointed out, EVERYTHING can be done through the serial console. You will never need to connect a monitor, keyboard and mouse (not that there's anything to connect them to anyway).
They are also extremely easy to set up. Plug it in. Connect serial cable. At the LOM prompt, type "poweron". It boots, asks normal questions (what language do you speak, where am I, what's my name, what's my address, etc.), then boots and is very happy.
If you like Cisco, and want an out-of band management setup, you can use something like a Cisco 3640 with one FastEthernet and 3 NM-16A 16 port async ports to manage 48 of them (hey! that sounds like about one rack full) That's a sweet solution, and much cheaper than 48 ports worth of KVM switches (not to mention, you can't just type "#.poweroff" to power down a hung box). And the Cisco Octopus cables should just jack straight into the Netras.
Then on the other hand, there are some nice cheap x86 boxes from Einux. They're cute, and fuzzy, and are happy running Linux. And they cost exactly the same as a Netra X1. But I don't have one, so I can't say much about them.
In the end, there are several questions that you have to ask. Actually, just one. Which environment do you like better? The price point between the Einux boxes and Netra X1's isn't a difference. The Sun's are more easily managed, if you put some resources up front to learn the Sun way of doing things. And there may be a hidden value in how much a PHB will like the Sun name. Or you may have a non-PH Boss, who likes the Linux name. The x86 box might have a bit more horsepower (or maybe not)
In the end, it's really close to a wash. Choose the environment you're more comfortable in. If you're equally comfortable in both, do what I do. Take a coin, flip it in the air, and quick! Before it lands! think to yourself "which way am I hoping it will land?" If that doesn't work, look at the coin, because the two choices really are equal.
"It's all the same," Veal said. "They've done the creative work, and now someone says, 'I ought to be able to take it because it's there.' "
Well, not quite. Napster or no napster, if I don't know the words to the latest N*Sync song, men with guns will not come to my house and take from me my inalienable rights. It's not that I should be able to take it because it's there, it's that I should be able to take it if I'm required by law to know it.
It looks like a great deal for the organizations that write these things. They get to print these things and sell them without having to worry that they're not worth the price that's being asked. If the latest {insert your favorite band here} cd goes on sale, but they decide to sell it for $500 each, most people will decide not to buy it, because it's not worth it. In this case, people can't make that decision, because they have to buy it. In this particular case, people who build buildings have to buy it or go out of business.
It's also a great deal for the governments that adopt these laws and codes. They get to levy a tax on everyone that doesn't show up on any budget.
The only people it's not a great deal for are us. We just get screwed every 18 inches in compliance with a building code we have to pay an arm and a leg to see.
Simple. Just fly West at least two time zones every day. Does absolute wonders. Of course you end up on some very odd Pacific islands now and then, but the natives are generally friendly.
Actually, I've been doing a fair bit of flying from North America to Europe and back, and it's wonderful for about a week. I get to Europe at about 3pm local/9am EST, having slept a few hours on the plane, muck around for a little while, and crash about 10pm local/4pm EST. Wake up great in the morning, perfectly rested, and stay that way through the week. By the time I'm getting to sleep around midnight and getting up around 8am, it's usually time to go home. The flight home makes the day about 30 hours long, so when I get home I go to bed around 9pm local/3am not-so-local, and once again I'm fine for about a week.
My problem is that my sleep schedule isn't suited well to 24 hour days. When left to myself (vacations and such), my schedule rotates forward by about 2 hours every day. I figured out a schedule that I think would have worked well, replacing 7 24 hour days with 6 28 hour days per week. Unfortunately, my wife did not approve, and I suspect that if I had tried it out I would have gotten no sleep whatsoever. Similarly, I've figured out what I think would work well for waking me up - have one loud annoying buzzer-based alarm clock that I hit the snooze button on, one softer alarm radio that I leave on - I've found it helps a lot to give me some sense of time passing, something for my brain to lock onto to pull me into consciousness, and have my bedroom lights on a timer to brighten up the room in the morning. But, once again, the wife intervenes, and I'm left just oversleeping. If I could just get it so that she goes to work before me, all would be much better. Oh well.
For a while I worked IT at Miami International Airport. They take physical security very seriously. Everyone in the controlled section of the airport (with the single exception of pilots, who are treated specially, since they have to have physical access to planes, but don't actually work in the airport) is required to wear their badge above the waist, picture out, at all times. All doors have card swipes, and everyone who goes through the door has to swipe. Nothing particularly interesting yet, but there are two things that make it effective.
First, they rotate through people whose job it is to go around breaking regulations and seeing if they get reported - BTW, seeing someone break a regulation and not reporting it is considered just as bad as breaking the regulation yourself.
Second is the punishment. First offence, of any type, I believe is just a warning of some sort. Second, you have to go to a 4 hour security course. Third, you and your boss have to go to the course. Fourth, you and the president of your company have to go to the course (and if you work for, say, Delta or American Airlines or some large company like that, that's unlikely to happen.) After that, they just don't let you back in the airport.
It seemed to work very well. First off, because no one has gotten a bomb in there yet, and a lot have tried. Second because it's the only place I've ever seen where no one ever held a door for anyone - or got upset when someone didn't hold one for them.
I can just see some manager at IBM going to his team and saying "Look guys, we're going to be working on building the successor to the PS2!..... Don't look at me like that, I'm talking about the PlayStation 2!" "Oooohhhh. OK."
A fairly recent CryptoGram had a link to an answer very close to this question. On counterpane Schneier goes through a good description of what is called the "unicity distance" of plaintext. In order to test how good an algorithm is, you try and break it with known plaintext attacks. (Or even more intrusive attacks that you will rarely see in the wild, such as chosen plaintext attacks, or chosen ciphertext attacks) If you can't break these, then it's unlikely that you can break the algorithm with an unknown unchosen plaintext/ciphertext pair. If you're attacking a ciphertext in the wild, then the more you know about your target, the easier it is. With english text, you can brute force attack it if you have more than the unicity distance of ciphertext to work with. Your brute force cracking engine should look for several things, including the headers (such as the magic numbers for jpg files) and things that "look" like english (or some other language) text, and probably even apply some of the tests of randomness that one poster earlier mentioned. Of course the interesting thing is that truly random data has an infinite unicity distance, so to make decrypting your messages to someone@host.net really frustrating you might add a cron job something like:
*/5 * * * * if [-f $HOME/message-to-send.txt]; (gpg -$OPTIONS < $HOME/message-to-send.txt | mail -s "message" someone@host.net); else (dd if=/dev/urandom bs=1024 count=1 | gpg -$OPTIONS | mail -s "message" someone@host.net); fi
(please pardon if this won't actually run... I'm on a windows box and don't have my man pages handy - but you get the general idea...) Just make sure your message is exactly 1k, set up the appropriate procmail on the other end and... probably nothing. Chances are no one will care, and if they care enough, they'll just put a keyboard sniffer on your machine, find out your password, log in as you, and read your mail anyway. Always remember, you can't win, but sometimes it's fun to try and think of interesting ways to try.
Does this strike anyone as a really interesting form of birth control? Step one: man infects self with bacterium, becomes infertile with uninfected women. Step two: man dates uninfected women without fear of offspring. Step three: man finds woman he really really likes, they form a reasonably permanent relationship. Step four: couple decides they want children. Step five: woman infects self with bacterium. Step six: procreation.
Only problem is it only works for one generation, assuming the infection is passed from mother to child. But if it isn't, or if a woman can be "cured", then it could be really cool....
We're currently doing about what you want to, with a few exceptions. We've got worldwide offices all doing VPN between Cisco 2600/3600's. We also aren't using it as our "production" network. It's just a backup in case the WAN fails (except for a few offices where we can get internet, but not frame relay. Those just get VPN) We have PIX's in a few locations, but the only thing we use them for (besides firewalls) is what we call "client" VPN's - not between sites, but between the PIX and someone with a laptop. The reason we do that is because the Cisco IOS doesn't handle using SecurID cards for authentication very well (it'll work, but some features are missing) and the PIX's are OK with it. IOS-IOS IPSec is easy and fun. OK, maybe that's stretching it, but it certainly isn't bad. The way I do it is to just run GRE tunnels between all the sites, and then encrypt the GRE. (I know that means that I'm running a tunneling protocol inside of a tunneling protocol, but IOS doesn't abstract the IPSec tunnel mode into virtual interfaces the way it does with GRE, so GRE makes it a lot easier to do things like run multicast-based protocols (read: OSPF))It Makes a great network of virtual point-to-point links. And if for some reason the internet is broken between two of your sites, but not between others, the routing protocols will route around the problem.
But the short answer to your question is that it should work fine without any PIX's anywhere. We're running IOS 12.1.3a. It seems to work well.(and, if you've got memory spewing out your orifices, you can try the T images, and you can ssh into your router, if you so desire)
Slashdot Mirror
In other words, IBM invented FUD, IBM has a patent on FUD, and if you continue to use it you will be crushed by the blue monolith. You are irrelevant. Shoo.
And you know, I've always wanted to send in a check for a piece of software with a statement on it that says: "By accepting this check you agree to the following EULA which states that {yada yada yada} and you agree that the author of this check disclaims all warranties and conditions, either expressed or implied, including, but not limited to, any implied warranties of fitness for a particular purpose, including, but not limited to exchange for legal tender..."
I believe it is cubic. The mass of the sphere "below" you, given density D and radius R is (4 D R^3)/3. Oh, yeah, the force is then equal to your mass times ((4 D R^3)/3)/R^2, which simplifies to 4DR/3, which would be linear, just like you said. Ooops. My bad. Thanks for catching that. :)
Not quite. The curvature of space would be almost exactly the same at the orbit of the earth. If the Sun were to become a black hole, the curvature of space (or the gravitational forces at any point in space) would be the same for any point not inside the current surface of the sun.
To explain this a bit, first imagine a spherical cow with uniform density, floating in empty space. As you aproach the cow, the gravitational attraction towards it is proportional to the inverse of the square of the distance to the center of gravity of the cow. The density of the cow doesn't matter. An infinitely dense point-mass cow would cause the same attraction. Now, continue on your path, and you puncture the outside of the cow. At this point, it's easier to figure out the gravitational force as the sum of two force vectors. One force vector is for the sphere of matter "below" you, which is the sphere of matter with its center at the center of gravity of the cow and its radius being your distance from it. That one's easy to figure out, it's just some fraction of the mass of the cow, times your mass, devided by the square of the radius. The harder part to figure out is the force vector of the spherical shell "above" you. this involves some mathematics that I can't recall right now, but trust me, the answer ends up being zero. So, if you graph out the gravitational attraction from infinity to the center of the spherical cow, it will start as an increasing parabolic curve and continue that way until you hit the surface, at which point it will begin to decrease at a cubic rate that ends up equal to zero at the center of the cow. Now, if you collapse the cow into a black hole, the exact same equations hold true, the only difference is that the surface of the cow is now so much closer to the center, that the parabolically increasing rate has much more distance over which to increase.
I hope that made sense. It's late, and I'm going to bed now....
Now just add in a few wooden peripherals, and the occasional pigeon for the networking, and you'll be all set!
As my page says, what I'm hoping for is that we can all become so highly annoying to the telemarketers that the DMA will create their own national "we don't want to call" list, and put my name right on the top.
There is another big difference between talking to a passenger and talking to someone on the phone. If I'm talking to a passenger, there is some chance that they will cause me to look at them, to make eye contact. My wife often complains that I don't look at her when I talk to her enough, but even once while driving is too many times.
I also have often wondered about how the laws about cellphones are written such that they cover cell phones but not cb's. And for some reason it really bothers me that there is almost certainly an explicit or implicit exclusion for police.
But, in a vain effort to swerve this post from its current tangent back towards on-topicness, the one thing that seems to bother me the most about the disappearance of payphones is that they're often very usefull in emergencies. Not everyone has a cellphone, and there are often circumstances which render them useless (bad signal reception, low battery, etc...) It's nice to have a hardline here and there where 911 can be dialed with ease, if you happen to see an accident or a fire, or a lynch mob, or perhaps if you're experiencing a heart attack or just went into labor. Granted, these are not common occurences, and the telco's certainly shouldn't be forced to maintain costly infrastructure at a loss, but at the same time that payphones are being pulled down, local and state governments are erecting emergency call boxes. Would it be all that hard to have the government agencies that are erecting the call boxes just use that money to pay the telco's to maintain their payphones? It seems like there should be a middle ground here....
This has got to be an amusing typo.
According to Forbes, in 1976, the personal computer chic was invented. They neglect to mention her name.
Sorry, you're too late. The people with ulterior motives who don't behave responsibly have already been elected, and were the ones that directed the study to be done. They now have the information, and aren't giving it to the rest of us.
Here's a quick overview I found: http://www.pch.net/documents/tutorials/ipv4-anycas t/ipv4-anycast.ppt
Now if we can just get all or most of the root-servers and gtld-servers moved to anycast, then there should be at least minor performance gains, and fairly large stability/resilience-to-DOS gains.
In general, I'd have to say we've got a fairly cool system of government. The constitution is really clever in many ways, and the ideas that the US were founded on were definitely revolutionary. But, like any complex-but-good idea, there are problems in the first few drafts. One of those is this:
The Constitution of the United States of America is, by its own declaration, the supreme law of the land. It defines, among other things, the Supreme Court to be the highest court in the land. So one would suspect that if a person were to be found by the highest court in the land to have violated, beyond a shadow of a doubt, with willful premeditation, that supreme law of the land, that the punishment they would be sentenced to would be severe in the extreme.
One would be wrong.
Take, as an excellent example, the first ten amendments to the Constitution, often referred to as the Bill of Rights. They are powerfully and clearly worded. They say such things as "Congress shall make no law which..." and "The Right of the People [...] shall not be infringed." But what if congress does make such a law? What if the rights of the people are infringed? It happens all too often. There are laws passed by congress that clearly and blatantly ignore these amendments. In many ways, it's much like civil disobedience, but somewhat different. I shall call it federal disobedience. Sometimes these violations are so obvious that they are seen to be so not only by me and every other citizen, but by the Supreme Court itself. And the people who originally perpetrated this crime, the senators and congressmen who proposed, supported, amended, and ultimately voted to accept these laws are not held accountable. They are not fined. They are not imprisoned. They are not prevented in any way from committing the same crime again. They are left in the position that they started in, with the full means, motive, and opportunity to become repeat offenders. If I were to break a local parking ordinance, I might have to pay $50 or so. If, on the other hand, I get myself elected to public office, and once in that public office, if I blatantly disobey the supreme law of the land, the fine that I face is exactly nothing. That is horribly, horribly wrong.
Yeah, I'd have to agree.... OSPF is just so much better. Can't even do VLSM without going to V2...
Well, look also at W5 - anonymous logon null sessions. And, while we're at it, weak LM hashing (W6).
By default, every windows box has both available. I haven't tried it lately, but there have been times when uninstalling SMB from a windows box has been far more difficult than uninstalling IE. Furthermore, for the most part, IE needs to be used in order to compromise your system. Don't use it, and you're (somewhat) more safe. (Of course, there are a lot of MS applications that will happily use it for you, so you're still screwed...)
But, if you install NT, 2K, or XP, you've got null sessions available as soon as you boot the box, before you even touch the keyboard.
Reference SMBDie - QED.
No, TerraFlops. Terra (Earth). Flops. "We had a planet. We called it Terra. It flopped."
That's the whole reason for having this escapism virtual reality-ish thing in the first place. Because Terra Flops. It's a cooler sounding phrase than "Life sucks."
There it is right there! Windows operating systems are a form of cruelty, and the LUG is working to prevent them from happening to children and other people (who are, after all, animals too).
Of course, look at the rest of the accepted purposes: ;)
Charitable: Maybe
Religious: Just ask your LUG about vi and emacs.
Educational: Duh.
Scientific: Probably.
Literary: Source code as literature? Sure.
Testing for public safety: QA! Check for buffer overflows to keep our networks safe!
Amateur sports: Marathon coding? Maybe not.
I'm curious how often the professional analysts and technology prophets go back and check their predictions. How often do you go back through articles you wrote three years ago that said "In three years, this product will have X% of market share" or "In three years this industry will be worth $X billions" and then look at the market today and see how far off you were?
So what do you think the chances are that the next version of the Flash plug-in will slightly "modify" your browser's operation when you try to access above.net or the RBL pages?
Hmmmmm...
Then on the other hand, there are some nice cheap x86 boxes from Einux. They're cute, and fuzzy, and are happy running Linux. And they cost exactly the same as a Netra X1. But I don't have one, so I can't say much about them.
In the end, there are several questions that you have to ask. Actually, just one. Which environment do you like better? The price point between the Einux boxes and Netra X1's isn't a difference. The Sun's are more easily managed, if you put some resources up front to learn the Sun way of doing things. And there may be a hidden value in how much a PHB will like the Sun name. Or you may have a non-PH Boss, who likes the Linux name. The x86 box might have a bit more horsepower (or maybe not)
In the end, it's really close to a wash. Choose the environment you're more comfortable in. If you're equally comfortable in both, do what I do. Take a coin, flip it in the air, and quick! Before it lands! think to yourself "which way am I hoping it will land?" If that doesn't work, look at the coin, because the two choices really are equal.
"It's all the same," Veal said. "They've done the creative work, and now someone says, 'I ought to be able to take it because it's there.' "
Well, not quite. Napster or no napster, if I don't know the words to the latest N*Sync song, men with guns will not come to my house and take from me my inalienable rights. It's not that I should be able to take it because it's there, it's that I should be able to take it if I'm required by law to know it.
It looks like a great deal for the organizations that write these things. They get to print these things and sell them without having to worry that they're not worth the price that's being asked. If the latest {insert your favorite band here} cd goes on sale, but they decide to sell it for $500 each, most people will decide not to buy it, because it's not worth it. In this case, people can't make that decision, because they have to buy it. In this particular case, people who build buildings have to buy it or go out of business.
It's also a great deal for the governments that adopt these laws and codes. They get to levy a tax on everyone that doesn't show up on any budget.
The only people it's not a great deal for are us. We just get screwed every 18 inches in compliance with a building code we have to pay an arm and a leg to see.
Simple. Just fly West at least two time zones every day. Does absolute wonders. Of course you end up on some very odd Pacific islands now and then, but the natives are generally friendly.
Actually, I've been doing a fair bit of flying from North America to Europe and back, and it's wonderful for about a week. I get to Europe at about 3pm local/9am EST, having slept a few hours on the plane, muck around for a little while, and crash about 10pm local/4pm EST. Wake up great in the morning, perfectly rested, and stay that way through the week. By the time I'm getting to sleep around midnight and getting up around 8am, it's usually time to go home. The flight home makes the day about 30 hours long, so when I get home I go to bed around 9pm local/3am not-so-local, and once again I'm fine for about a week.
My problem is that my sleep schedule isn't suited well to 24 hour days. When left to myself (vacations and such), my schedule rotates forward by about 2 hours every day. I figured out a schedule that I think would have worked well, replacing 7 24 hour days with 6 28 hour days per week. Unfortunately, my wife did not approve, and I suspect that if I had tried it out I would have gotten no sleep whatsoever. Similarly, I've figured out what I think would work well for waking me up - have one loud annoying buzzer-based alarm clock that I hit the snooze button on, one softer alarm radio that I leave on - I've found it helps a lot to give me some sense of time passing, something for my brain to lock onto to pull me into consciousness, and have my bedroom lights on a timer to brighten up the room in the morning. But, once again, the wife intervenes, and I'm left just oversleeping. If I could just get it so that she goes to work before me, all would be much better. Oh well.
For a while I worked IT at Miami International Airport. They take physical security very seriously. Everyone in the controlled section of the airport (with the single exception of pilots, who are treated specially, since they have to have physical access to planes, but don't actually work in the airport) is required to wear their badge above the waist, picture out, at all times. All doors have card swipes, and everyone who goes through the door has to swipe. Nothing particularly interesting yet, but there are two things that make it effective.
First, they rotate through people whose job it is to go around breaking regulations and seeing if they get reported - BTW, seeing someone break a regulation and not reporting it is considered just as bad as breaking the regulation yourself.
Second is the punishment. First offence, of any type, I believe is just a warning of some sort. Second, you have to go to a 4 hour security course. Third, you and your boss have to go to the course. Fourth, you and the president of your company have to go to the course (and if you work for, say, Delta or American Airlines or some large company like that, that's unlikely to happen.) After that, they just don't let you back in the airport.
It seemed to work very well. First off, because no one has gotten a bomb in there yet, and a lot have tried. Second because it's the only place I've ever seen where no one ever held a door for anyone - or got upset when someone didn't hold one for them.
I can just see some manager at IBM going to his team and saying "Look guys, we're going to be working on building the successor to the PS2! ..... Don't look at me like that, I'm talking about the PlayStation 2!" "Oooohhhh. OK."
A fairly recent CryptoGram had a link to an answer very close to this question. On counterpane Schneier goes through a good description of what is called the "unicity distance" of plaintext. In order to test how good an algorithm is, you try and break it with known plaintext attacks. (Or even more intrusive attacks that you will rarely see in the wild, such as chosen plaintext attacks, or chosen ciphertext attacks) If you can't break these, then it's unlikely that you can break the algorithm with an unknown unchosen plaintext/ciphertext pair. If you're attacking a ciphertext in the wild, then the more you know about your target, the easier it is. With english text, you can brute force attack it if you have more than the unicity distance of ciphertext to work with. Your brute force cracking engine should look for several things, including the headers (such as the magic numbers for jpg files) and things that "look" like english (or some other language) text, and probably even apply some of the tests of randomness that one poster earlier mentioned. Of course the interesting thing is that truly random data has an infinite unicity distance, so to make decrypting your messages to someone@host.net really frustrating you might add a cron job something like:
*/5 * * * * if [-f $HOME/message-to-send.txt]; (gpg -$OPTIONS < $HOME/message-to-send.txt | mail -s "message" someone@host.net); else (dd if=/dev/urandom bs=1024 count=1 | gpg -$OPTIONS | mail -s "message" someone@host.net); fi
(please pardon if this won't actually run... I'm on a windows box and don't have my man pages handy - but you get the general idea...) Just make sure your message is exactly 1k, set up the appropriate procmail on the other end and... probably nothing. Chances are no one will care, and if they care enough, they'll just put a keyboard sniffer on your machine, find out your password, log in as you, and read your mail anyway. Always remember, you can't win, but sometimes it's fun to try and think of interesting ways to try.
Does this strike anyone as a really interesting form of birth control? Step one: man infects self with bacterium, becomes infertile with uninfected women. Step two: man dates uninfected women without fear of offspring. Step three: man finds woman he really really likes, they form a reasonably permanent relationship. Step four: couple decides they want children. Step five: woman infects self with bacterium. Step six: procreation.
Only problem is it only works for one generation, assuming the infection is passed from mother to child. But if it isn't, or if a woman can be "cured", then it could be really cool....
We're currently doing about what you want to, with a few exceptions. We've got worldwide offices all doing VPN between Cisco 2600/3600's. We also aren't using it as our "production" network. It's just a backup in case the WAN fails (except for a few offices where we can get internet, but not frame relay. Those just get VPN) We have PIX's in a few locations, but the only thing we use them for (besides firewalls) is what we call "client" VPN's - not between sites, but between the PIX and someone with a laptop. The reason we do that is because the Cisco IOS doesn't handle using SecurID cards for authentication very well (it'll work, but some features are missing) and the PIX's are OK with it. IOS-IOS IPSec is easy and fun. OK, maybe that's stretching it, but it certainly isn't bad. The way I do it is to just run GRE tunnels between all the sites, and then encrypt the GRE. (I know that means that I'm running a tunneling protocol inside of a tunneling protocol, but IOS doesn't abstract the IPSec tunnel mode into virtual interfaces the way it does with GRE, so GRE makes it a lot easier to do things like run multicast-based protocols (read: OSPF))It Makes a great network of virtual point-to-point links. And if for some reason the internet is broken between two of your sites, but not between others, the routing protocols will route around the problem.
But the short answer to your question is that it should work fine without any PIX's anywhere. We're running IOS 12.1.3a. It seems to work well.(and, if you've got memory spewing out your orifices, you can try the T images, and you can ssh into your router, if you so desire)