I read a few interesting bullets in the original thread. One poster claimed that a flaw in the agreement voids the entire agreement. I also remember hearing that agreements like this can be voided if challenged in court.
I'd be very surprised if the document didn't contain a clause that said that the various items weren't 'separable'. This means that if one clause is challenged and thrown out, the rest of the contract remains in force.
The bottom line is that the offending clause would be thrown out, and the rest of the document left standing.
IANAL either, so am unsure of what the customer's legal rights are in a UCITA state, or whether the contract specifies the jurisdiction (look for text of the form "This agreement to be interpreted under the laws of...")
It would seem to me that the NSA may benifit from being perceived as behind in technology on several fronts. First it may cause those they monitor to let their guard down, though I cna't imagine anyone with any smarts really falling for that old trick.
Remember the World Trade Center bombing? Do you know how they caught the culprits? One of the hirelings went back to get the deposit on the Ryder truck. Of course, the guy who rented it to him was just a tad suspicious, since there wasn't any actual truck being returned, and it was all over the news that some Ryder place was out one truck, because it was in little bits all over a parking garage.
No, nobody with smarts will fall for it. However, you can expect that half the bad guy are below average intelligence, and you only have to get one to fall for it....
The IBM 3090-300J processor controller would phone home. The part that floored me was when it put up a dialog box on the hardware control console, asking for permission to make a long-distance phone call...
Definitely makes you pause when it happens at 2AM.,
A recent issue of the IBM Journal of Research and Development was devoted to reliability issues in the G5 and G6 series chipsets used in recent IBM big iron.
Let's see - one stray alpha particle can cause a Pentium III to crash. It's not the chip's fault, it's just the way it is.
On the other hand, here's what the IBM mainframes call error recovery:
1) Each CPU chip is actually 2 complete CPU's running in lockstep with a "tell me twice" comparator.
2) At the end of each instruction, the entire internal states of both sides are compared, and if they match, the state is latched out for safekeeping, and the next instruction is started.
3) If the two sides *dont* compare, this is a "soft" error. The current state is latched out for offline analysis. The saved state from the latch-out is reloaded, and the instruction is retried. The reload will clear any corrupted bits due to alpha hits or the like., so this is all that's needed for recovery.
4) If after a retry the two sides still don't agree, the known-good latch-out is then loaded into an entirely new spare CPU chipset (a common configuration is 12 CPU and 2 spare, from what I read) and execution is resumed on the new CPU, with no impact on processing.
5) You don't get a actual "CPU failed" error until it's done a soft retry and then moved to a spare repeatedly, and run out of spares. THAT is why you end up with engineers on a plane - to get to that point the machine has to be seriously sick.
You did that with ONE system? Interesting - the Mirapoint results for 400K users needed:
2 POP server machines
5 SMTP router machines
10 message store machines
1 benchmark manager machine
1 mail sink machine
5 load generator machines
Dealing with 300K outbound postings is no biggie - I've been able to deal with that level on an old IBM RS6000-F30 (166mz 604). You don't need really big iron for outbound mail until you have more than 500K or so RCPT TO's on one piece of mail. It's mostly a matter of good queue management, and Sendmail 8.12 has new queue management code that makes it even easier (I should know, I tested it).
The only real magic is not getting logjammed due to DNS waits and unreachable destinations.
On the other hand, having 40K people doing POP accesses while you're dumping mail into their mailboxes is trickier. Some of the more obvious issues:
The obvious popd solution leaves you 40K processes running at once. This could be bad.
Locking issues get interesting.
Even with a journaling filesystem, you can get killed on the I/O. Remember that writing to a file means you also need to do stuff with the inode....
Xerox and Kleenex have large well-funded staff. If you are a script-writer for a TV show, you *CAN* use the line "Hand me a kleenex". However, if a box of tissues shows on camera, and it's Scott or something other than Kleenex, the show *WILL* get a nice notification about it.
Similarly, if a character says "Let me go Xerox this", and it's a Canon, there WILL be repercussions.
To have any chance of winning, you'd have to show that it HAD become generic, like linoleum (which used to be a trademark). It's covered in 15 USC 22 (1065)(4):
(4) no incontestable right shall be acquired in a mark which is the generic name for the goods or services or a portion thereof, for which it is registered.
However, the courts have held that agggressive action against any infringements found is defense against this. So much effort is expended on sending a nice letter to *every* infringement spotted, no matter how slight.
A number of people with projects at SourceForge that have software that talks to AOL's messaging software, and which uses the letters 'A', 'I', and 'M' in their project titles, recently got nice "cut it out" letters from a AOL's legal support crew.
IANAL, but I suspect trying to register it and use "generic" as a defense would get you sued to your skivvies. You'd have better luck using the defense that you're engaged in a different line of business, with different goods and services (which is why the ABC television network has a trademark on 'ABC', but ABC Bug Exterminators can have a trademark as well - they are in different business segments and unlikely to cause confusion.
This actually impacted Apple Computer - in order to use 'Apple', they had to make concessions to Apple Records to not engage in music distribution.
Re:hmm I think I suggested doing something like th
on
DSLBlaster?
·
· Score: 2
The slowdown comes from the fact that they *dont* use the same lines, exactly. Sure, it's the same copper - but for starters, a voice-grade line has this nice little filter that lops off everything over 4Khz. Remember that the *original* use of a T-1 line at 1.544mbits/second was to carry 24 voice lines. To get them to fit, the telco would lop it off at 4khz (which is why a phone call doesn't sound "in person"). That frequency was chosen as a good compromise between bandwidth utilization and reproduction *human voice*.
A DSL line gets its speed mostly by virtue of not having to fit the bits through a 4khz filter. Shannon tells us that 33.6 is about the limit for a 4kz signal - 56K modems actually cheat (hint - *every* computer store stocks the "consumer" end of a 56K modem - ever tried to buy the *uplink* end of the pair, and provisioned the line from the telco?;) Also, there's no pesky power restrictions - those enter into it because the power determines just how close to a perfect square wave youy can get (since the power is basically the slope of the near-vertical parts of the waveform).
Re:the rant that CmdrTaco mentioned ....
on
Themes.org Cracked
·
· Score: 2
It's a *very* real attack.
That's why there's a provision for disabling X forwarding. Other things to do to help close down the hole are having your 'ssh' X NOT connect back to your real X server, but to an XNest or mxconns instead.
Note that blindly daisy chaining crypto together is *NOT*, repeat *NOT* safer, unless you understand *ALL* the implications.
Read Schneier's "Applied Cryptography" for an explanation of why double-DES is *NOT* *ANY* stronger than single-DES, and why triple-DES has only twice the effective key length of single-DES, not the triple-length you'd expect.
Do you know how to calculate the probability that your 5 passphrases are not vulnerable to a meet-in-the-middle attack, or are not entropy-weak, or the combination of passphrases is subject to differential cryptanalysis?
And that's just a off-top-of-head issues. The crypto geeks probably know more issues...
As Bruce Schneier pointed out, if you're communicating with somebody, there has to be a cover story of why you and the somebody are exchanging JPGs of giraffes, and the cover story has to have existed before you started using stenography.
"Hiding" it inside a.JPG doesn't do you much good, if the fact that you're suddenly exchanging.JPGs is itself a clue that Something Is Up. Traffic analysis is a powerful tool - the first people outside the high levels of the US Government that knew that Operation Desert Storm was in gear were the pizza parlors that noted a BIG increase in late-night deliveries to Department of Defense buildings in Washington DC.
had the good fortune to be playing with this recently via simulation. If you give the processor a *huge* instruction window (256
instructions) and the ability to execute *any* number of instructions of *any* type in parallel (except for memory accesses - see
below), you still get an average Instructions Per Clock of about 2.1-2.2. 95% of the time, you're getting four instructions or fewer
issued (and most of the time, far fewer than that).
Yes. You average 2.1-2.2, and 95% of the time
you're only getting 4 or fewer. However, when
you look at the other stuff the Power3 architecture includes, it's pretty obvious what the overall intent is:
Hardware Loop Unrolling.
IBM has got some customers that use some serious CPU. We're talking national labs and the like. For them, the ability to run 8 of those neat 'multiply-and-add' instructions per clock cycle is quite an important feature.
The chip *starts* at 375mz, and can do 16 floating point ops/clock (an amazing amount of code uses that mult-and-add over an array - and the IBM compilers are smart enough to detect and convert divide to multiply-by-inverse and add/subtract issues).
And of course, IBM is hoping that even though the big SP/2 iron is limited to national labs and Fortune-500 companies (see The Top500 List for details), that they'll be able to sell a lot of the smaller 43P deskside boxes (1-4 Power3 CPUS) and the 8-16 CPU rackmount servers, to all the smaller companies that need number-crunching.
If a system is working and the
features you use are not affected by a bug fix, why upgrade?
Tell you what - if you expand this to "working, features not affected, and no security fixes",
then I'll be more than happy to agree with you.
However, 1.3.19 does include security fixes, so I guess we all get to do the Upgrade Polka.
Of course, there's something to consider..
on
Anticryptography
·
· Score: 1
The fact that they receive our signal only means that they currently possess technology capable of receiving our signal. It does not mean that they comprehend said technology, or possess the cluons needed to think about the message received. Or they may have some agenda forcing them to intentionally or subconsciously mis-interpret the message.
Case in point number 1 (cluon flux): Douglas Adam's ship full of telephone sanitizers and marketing consultants.
Case in point number 2 (technology comprehension): Dilbert's "Pointy Haired Boss". Remember "To reboot it, just hold it upside down above your head and shake it"? Of course, lack of cluon flux doesn't help matters here - but you can have cluons but not understand the tech. I have no idea what encoding scheme a CD uses. I just play them....
Case in point number 3 (agenda): Any tobacco or Microsoft laywer. If either of these offends you, feel free to insert whatever group of people who you know are totally unable to see The Truth because they interpret everything according to Some Totally Crocked Theory. We as humans have enough such groups to go around.
Anybody who can't think of at least 5 examples for each of the 3 classes of failures to understand obviously doesn't know 15 other people.
And as this consolidation spreads throughout all industries, will we soon have a situation similar to the one we have with DNS tables
where a single global registry of trademarks is enforced in all contexts? I'm not sure there's even a problem with that, but you have to
admit, it'll take some getting used to.
This issue is, in fact, one reason why there was pressure on ICANN to add more top-level domains
(see some of the already approved). Of course, there's
all sorts of devil-in-the-details issues,
such as "Famous trademarks" and how/when to roll out any additional top-level domains, but ICANN is slowly but surely wading through it
Actually, IBM had to pay a large sum of money to get the 'e in a circle' e-commerce logo they're using, as another company was already using a similar device in a similar context.
Big Brother (and everybody else) is watching...
on
Online Journals
·
· Score: 1
6 billion weblogs, and if you searched Google, it would have a cache of every single one.
On the one hand, that's almost a funny image.
On the other hand, that's a very scary image.
Re:Why is it only psychotics post stuff online?
on
Online Journals
·
· Score: 2
Stephen King was once asked "Why do you choose such scary stories to write about?". He replied
"What makes you think I have a choice in the matter?".
Remember that it's still a bit of effort to start and maintain a journal - it's more work than just pissing and moaning with your buds over a beer at the local tavern. Almost everybody has issues, but most of us are able to find a friend, dump on them for 10-15 mins about what a total ***hole their boss was today, and get on with their lives. However, some people can't find a person to vent at, or find themselves unable to, or whatever. As a result, people won't start a journal unless they have a pressing need to vent about something.
You haven't seen an online journal of a "sane person" because sane people by and large do not feel a need to vent their sanity. People with issues do feel a need to vent.
Re:Online Journals are asking for TROUBLE
on
Online Journals
·
· Score: 1
Amen. Yes, it's a good way to get a bitchfest out of your system. On the other hand, I just made a list of the top 5 things I'd want to rant about, and I find:
one has a rather interesting NDA attached to it, one is regarding as-yet-unreleased writing I'm doing not free to talk about, two I'm not free to speak about because it's my reaction to somebody else's as-not-yet-public problem, and the last one I need to deal in a public forum with the author of the offending comments, not in a journal.
Usually if I need to bitch, I do it on the IETF, Bugtraq, or NANOG mailing lists anyhow;)
If I can't address it in a forum like that, it's time to bend the ear of a friend, or pick up my '78 Ibanez Artist and crank it up for a few hours, and wish I had a Marshall stack, and a place I could actually crank it to where it sounded good....
"Even if you compressed your whole root partition... the savings would be negligible"
AIX has supported LZ compression of files in the file system for several years. I've found about a 30% savings in disk space for/usr and/home (although I'm not into the mp3/mpg scene, so a lot of it is source files). Hardly "negligible", and
it's only using LZ compression (mostly for the speed issue).
"the whole system would be generally slower"
Surprisingly enough, on a lot of boxes, using filesystem compression made it *faster*. On a system that is not already CPU constrained, it's often faster to fetch 4 512-byte sectors of compressed data and unpack them into a 4K block than it is to fetch 8 512-byte sectors. If your disks are being beat to hell already, it's even more of a win - ever had to move stuff from drive to drive because your web server was serving up HTML and the fetches were clogging things? How'd you like to get rid of 2/3 of the I/O?;)
Hmm... I've never heard of a trip on bad shrooms called a "Terran Polar Reversal" before....
Re:Use encryption needlessly, constantly! [MUCH MO
on
The Encryption Wars
·
· Score: 1
...Perhaps some sort of extension to sendmail and friends, whereby a simple script configuration could activate a
mode wherein outgoing emails [probably only of willing participants, I wouldn't want to be overbearing or
myself lessen anyones freedom to use the network as I choose, no matter how foolishly]
Sendmail 8.10.0 and later (current is 8.11.1) support building with SSL support for inter-MTA transfers. It's not total end-to-end, but if widely deployed, it would make life a lot harder for the Carnivore types.
Re:Use encryption needlessly, constantly! [MUCH MO
on
The Encryption Wars
·
· Score: 1
Why this functionality isn't already built into every single mail reader in existence, I just don't understand. Some
people will raise the issue of needing to decentralize the storage of the keys, etc, but isn't that an incredibly minor
concern considering the state of things now? People make secure connections all the time on the net. They do
this because SSL is built into every browser and encryption happens transparently and automatically. Until we
have the same for email, we won't have secure email.
Actually, the vast majority of users out there already have access to either PGP or S/MIME plugins. The problem is that the public key infrastructure issue is just a bit harder to hand-wave. For instance, the Exmh mail program provides support for fetching a PGP public key from one of the PGP key servers - but that still involves you in the "Is this key really that person's key" issue.
People make secure connections over the web all the time - but do they ever actually *click* the 'Security' button on Netscape (or whatever IE's equivalent is) to verify that the page loaded from the server they expected, and that the SSL certificate was the one they expected to see?
Slashdot Mirror
I'd be very surprised if the document didn't contain a clause that said that the various items weren't 'separable'. This means that if one clause is challenged and thrown out, the rest of the contract remains in force.
The bottom line is that the offending clause would be thrown out, and the rest of the document left standing.
IANAL either, so am unsure of what the customer's legal rights are in a UCITA state, or whether the contract specifies the jurisdiction (look for text of the form "This agreement to be interpreted under the laws of...")
Remember the World Trade Center bombing? Do you know how they caught the culprits? One of the hirelings went back to get the deposit on the Ryder truck. Of course, the guy who rented it to him was just a tad suspicious, since there wasn't any actual truck being returned, and it was all over the news that some Ryder place was out one truck, because it was in little bits all over a parking garage.
No, nobody with smarts will fall for it. However, you can expect that half the bad guy are below average intelligence, and you only have to get one to fall for it....
The IBM 3090-300J processor controller would phone home. The part that floored me was when it put up a dialog box on the hardware control console, asking for permission to make a long-distance phone call...
Definitely makes you pause when it happens at 2AM.,
A recent issue of the IBM Journal of Research and Development was devoted to reliability issues in the G5 and G6 series chipsets used in recent IBM big iron.
Let's see - one stray alpha particle can cause a Pentium III to crash. It's not the chip's fault, it's just the way it is.
On the other hand, here's what the IBM mainframes call error recovery:
1) Each CPU chip is actually 2 complete CPU's running in lockstep with a "tell me twice" comparator.
2) At the end of each instruction, the entire internal states of both sides are compared, and if they match, the state is latched out for safekeeping, and the next instruction is started.
3) If the two sides *dont* compare, this is a "soft" error. The current state is latched out for offline analysis. The saved state from the latch-out is reloaded, and the instruction is retried. The reload will clear any corrupted bits due to alpha hits or the like., so this is all that's needed for recovery.
4) If after a retry the two sides still don't agree, the known-good latch-out is then loaded into an entirely new spare CPU chipset (a common configuration is 12 CPU and 2 spare, from what I read) and execution is resumed on the new CPU, with no impact on processing.
5) You don't get a actual "CPU failed" error until it's done a soft retry and then moved to a spare repeatedly, and run out of spares. THAT is why you end up with engineers on a plane - to get to that point the machine has to be seriously sick.
Dealing with 300K outbound postings is no biggie - I've been able to deal with that level on an old IBM RS6000-F30 (166mz 604). You don't need really big iron for outbound mail until you have more than 500K or so RCPT TO's on one piece of mail. It's mostly a matter of good queue management, and Sendmail 8.12 has new queue management code that makes it even easier (I should know, I tested it). The only real magic is not getting logjammed due to DNS waits and unreachable destinations.
On the other hand, having 40K people doing POP accesses while you're dumping mail into their mailboxes is trickier. Some of the more obvious issues:
Similarly, if a character says "Let me go Xerox this", and it's a Canon, there WILL be repercussions.
To have any chance of winning, you'd have to show that it HAD become generic, like linoleum (which used to be a trademark). It's covered in 15 USC 22 (1065)(4):
However, the courts have held that agggressive action against any infringements found is defense against this. So much effort is expended on sending a nice letter to *every* infringement spotted, no matter how slight.A number of people with projects at SourceForge that have software that talks to AOL's messaging software, and which uses the letters 'A', 'I', and 'M' in their project titles, recently got nice "cut it out" letters from a AOL's legal support crew.
IANAL, but I suspect trying to register it and use "generic" as a defense would get you sued to your skivvies. You'd have better luck using the defense that you're engaged in a different line of business, with different goods and services (which is why the ABC television network has a trademark on 'ABC', but ABC Bug Exterminators can have a trademark as well - they are in different business segments and unlikely to cause confusion.
This actually impacted Apple Computer - in order to use 'Apple', they had to make concessions to Apple Records to not engage in music distribution.
A DSL line gets its speed mostly by virtue of not having to fit the bits through a 4khz filter. Shannon tells us that 33.6 is about the limit for a 4kz signal - 56K modems actually cheat (hint - *every* computer store stocks the "consumer" end of a 56K modem - ever tried to buy the *uplink* end of the pair, and provisioned the line from the telco? ;) Also, there's no pesky power restrictions - those enter into it because the power determines just how close to a perfect square wave youy can get (since the power is basically the slope of the near-vertical parts of the waveform).
That's why there's a provision for disabling X forwarding. Other things to do to help close down the hole are having your 'ssh' X NOT connect back to your real X server, but to an XNest or mxconns instead.
Note that blindly daisy chaining crypto together is *NOT*, repeat *NOT* safer, unless you understand *ALL* the implications. Read Schneier's "Applied Cryptography" for an explanation of why double-DES is *NOT* *ANY* stronger than single-DES, and why triple-DES has only twice the effective key length of single-DES, not the triple-length you'd expect. Do you know how to calculate the probability that your 5 passphrases are not vulnerable to a meet-in-the-middle attack, or are not entropy-weak, or the combination of passphrases is subject to differential cryptanalysis? And that's just a off-top-of-head issues. The crypto geeks probably know more issues...
As Bruce Schneier pointed out, if you're communicating with somebody, there has to be a cover story of why you and the somebody are exchanging JPGs of giraffes, and the cover story has to have existed before you started using stenography. "Hiding" it inside a .JPG doesn't do you much good, if the fact that you're suddenly exchanging .JPGs is itself a clue that Something Is Up. Traffic analysis is a powerful tool - the first people outside the high levels of the US Government that knew that Operation Desert Storm was in gear were the pizza parlors that noted a BIG increase in late-night deliveries to Department of Defense buildings in Washington DC.
Yes. You average 2.1-2.2, and 95% of the time you're only getting 4 or fewer. However, when you look at the other stuff the Power3 architecture includes, it's pretty obvious what the overall intent is:
Hardware Loop Unrolling.
IBM has got some customers that use some serious CPU. We're talking national labs and the like. For them, the ability to run 8 of those neat 'multiply-and-add' instructions per clock cycle is quite an important feature.
The chip *starts* at 375mz, and can do 16 floating point ops/clock (an amazing amount of code uses that mult-and-add over an array - and the IBM compilers are smart enough to detect and convert divide to multiply-by-inverse and add/subtract issues).
And of course, IBM is hoping that even though the big SP/2 iron is limited to national labs and Fortune-500 companies (see The Top500 List for details), that they'll be able to sell a lot of the smaller 43P deskside boxes (1-4 Power3 CPUS) and the 8-16 CPU rackmount servers, to all the smaller companies that need number-crunching.
Tell you what - if you expand this to "working, features not affected, and no security fixes", then I'll be more than happy to agree with you.
However, 1.3.19 does include security fixes, so I guess we all get to do the Upgrade Polka.
Case in point number 1 (cluon flux): Douglas Adam's ship full of telephone sanitizers and marketing consultants.
Case in point number 2 (technology comprehension): Dilbert's "Pointy Haired Boss". Remember "To reboot it, just hold it upside down above your head and shake it"? Of course, lack of cluon flux doesn't help matters here - but you can have cluons but not understand the tech. I have no idea what encoding scheme a CD uses. I just play them....
Case in point number 3 (agenda): Any tobacco or Microsoft laywer. If either of these offends you, feel free to insert whatever group of people who you know are totally unable to see The Truth because they interpret everything according to Some Totally Crocked Theory. We as humans have enough such groups to go around.
Anybody who can't think of at least 5 examples for each of the 3 classes of failures to understand obviously doesn't know 15 other people.
If they're from hyperbolic or taxicab space, how did they get our message?
Actually, IBM had to pay a large sum of money to get the 'e in a circle' e-commerce logo they're using, as another company was already using a similar device in a similar context.
On the one hand, that's almost a funny image.
On the other hand, that's a very scary image.
Remember that it's still a bit of effort to start and maintain a journal - it's more work than just pissing and moaning with your buds over a beer at the local tavern. Almost everybody has issues, but most of us are able to find a friend, dump on them for 10-15 mins about what a total ***hole their boss was today, and get on with their lives. However, some people can't find a person to vent at, or find themselves unable to, or whatever. As a result, people won't start a journal unless they have a pressing need to vent about something.
You haven't seen an online journal of a "sane person" because sane people by and large do not feel a need to vent their sanity. People with issues do feel a need to vent.
one has a rather interesting NDA attached to it,
one is regarding as-yet-unreleased writing I'm doing not free to talk about,
two I'm not free to speak about because it's my reaction to somebody else's as-not-yet-public problem,
and the last one I need to deal in a public forum with the author of the offending comments, not in a journal.
Usually if I need to bitch, I do it on the IETF, Bugtraq, or NANOG mailing lists anyhow ;)
If I can't address it in a forum like that, it's time to bend the ear of a friend, or pick up my '78 Ibanez Artist and crank it up for a few hours, and wish I had a Marshall stack, and a place I could actually crank it to where it sounded good....
Hmm... I've never heard of a trip on bad shrooms called a "Terran Polar Reversal" before....