Slashdot Mirror


User: jd

jd's activity in the archive.

Stories
0
Comments
13,841
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 13,841

  1. Not really. on Is Simplified Spelling Worth Reform? · · Score: 1

    The sounds are superimposed - much like oe and ae tended to be (which is why, in archaic scripts, those letters are superimposed). The elimination of joined characters (evil typewriter mafia!) and the absence of accents makes things needlessly complicated. I reject utterly the arguments of the Campaign for Real Spelling (which seems to have existed from the day spelling was formalized in England), but rather believe that correct markup would greatly assist in the understanding of sounds.

  2. Oh I say, dear chap. on Is Simplified Spelling Worth Reform? · · Score: 1
    I have some spiffing Quatermass episodes from the 50s. Rum show, what! The problem there, old bean, is that BBC English probably hasn't changed that much, except in terms of the terms used. But there are very minor changes that can be picked out - the "w" of "what" starts with a very slight clicking sound in early UK recordings, totally absent in more modern English - even on the BBC. I'll watch them again and see if I can spot further changes - I strongly believe they are there. And there are the copious recordings available from the Pathe Newsreel archives to verify this with.


    Some words do not exist in modern English - "shew" (show, past tense) is essentially extinct, which means that you've got to watch context to ensure that what you think might be a difference in pronounciation isn't a different word altogether. Shew was still used in popular novels and science texts in the mid 1960s, but I believe it was dead by the time the 1970s rolled around.

  3. You're right, however... on Multi-Layer Security Platforms · · Score: 1
    In order to implement risk management, you'd ned to learn about risk assessment and business modelling. Insurance would need a working knowledge of statistics, Operational Research (for the optimization) and related methods such as cost/benefit analysis. In order to effectively discuss with managers (and/or users), you really need good communications skills (including formal and informal writing skills, and presentation skills). In order to turn actual requirements into programmable implementations, you would also want to know Requirements Analysis and Systems Specifications. In order to test the final product, you'd also want to be up on Systems Validation and Code Auditing.


    At a very rough guess, I'd say that between the two of us, we could produce a text at least 20-30 (maybe 40) volumes long on what a security expert would need to know. Dunno how much you could add, but I could certainly manage the chapter titles and maybe even a little of the content we've listed so far.


    Of course, that does beg another question. Other than manufacturing portable Black Holes, what would anyone do with such a book even if written? It would be unlikely anyone would even try to read it, and I seriously doubt many people - even very bright people - could completely digest a text up to twice the size of the entire Oxford English Dictionary. On the other hand, if something like that were not written, data security won't noticeably improve and ignorance of the scope of the problem will remain.

  4. Uh, this is stupid. on Is Simplified Spelling Worth Reform? · · Score: 5, Insightful
    Why stupid? Because:


    • Pronounciation drifts over time. This means that when you read a text, you must not read it as you pronounce things NOW, but how the writer pronounced things THEN, even assuming the same regional accent.
    • Pronounciation drifts over geography. Different areas have different accents. Some areas use sounds that simply don't exist - in any form - in other locations. So you must not read things as you pronounce them HERE, but how the writer pronounces them THERE, even assuming the same timeframe.
    • Words evolve over space and time, some falling into disuse, others changing in form or meaning. "Simplified" spelling does nothing to help in understanding what was written.
    • Simplified phonetic writing was used by the Norse - first as "Older Futhark" (30 characters) which was later simplified further to "Younger Futhark" (16 characters, plus 4 more they added on later when they discovered they couldn't write anything useful). In the end, it didn't make things any easier. It's easier to write, sure, but it's actually much harder to read.
    • It's impossible to validate, as the namespace would be vastly more oversaturated than it already is. If anything, we need a far MORE formalized spelling to reduce the number of collisions.


    "Simplified" spelling is a grave error, because the constant shifting of language rapidly overwhelms any benefits that might be had. The inconsistancies in a formal spelling system accumulate O(1), but the changes required in a phonetic system will accumulate O(n). Periodic re-alignments may be useful, but loosening the spelling system would be a disaster.

  5. Depends on FBI Password Database Compromised by Consultant · · Score: 1
    If their passwords are kept on an ancient Unix box (ie: no shadow password suite), OR the passwords are kept in a database (mysql, openldap, whatever) where the database file permissions are world-readable, OR the agent had a local root user AND .rhosts existed in the root account of the password server, OR sudo was installed with that agent's account having optional root privs...


    There are many possibilities, but they all boil down to three things: (a) users were granted rights that they not only did not need, they could only meaningfully use for malicious purposes, (b) technicians were NOT granted rights they needed to do their work, and (c) the FBI are probably not using Government-mandated standards for OS' or data security.


    That last one is inferred from the fact that there was no meaningful auditing and no meaningful access control barring users from reading the password file. If there's no real auditing and no access controls, the OS should not be certifiable under the Common Criteria, if I understand the requirements. If the OS is not CC-certified - formerly Orange Book certified - then the OS is not authorized for Government work. The Government also has rules barring a network from carrying both classified and unclassified material, which may also have been violated.


    Right about now, I would imagine that the NSA (which scrutinized a lot of this stuff) is probably having a quiet word with the FBI. In any other year, they'd probably (ok, hopefully!) be in for a full-blown audit, but this is an election year so the rules are very different. Nobody is going to publicly do or say anything that shows the Government is incapable of following its own (minimal) procedures.

  6. Re:Sorry; I wasn't that impressed... on Multi-Layer Security Platforms · · Score: 1
    I'll agree for the most part. If you took an A1-class general purpose OS, mandated IPSec w/ public key encryption for all connections, used S/Key-encrypted passwords over Kerberos for the user authentication, used source routing with an internal routing map, had a static DNS system also internal to it, ran firewalls on layers 2, 3 and 7, placed active intrusion detectors on a parallel (A1) OS on a parallel processor, ran all software with ElectricFence or other malloc protection, used secure (maybe encrypted) memory and an encrypted filesystem, then it could reasonably be trusted against likely attacks. Mind you, it'll (a) cost a fortune, and (b) have no compute power left to actually run any applications, but it will at least be secure. :)


    Seriously, yes, the only way to have a system that could be even remotely worthy of the name "secure" would need to use a very wide range of techniques for active and passive defenses. Having them on different (and diverse) machines would protect against timing-related vulnerabilities and would also allow for passive detection of attacks by other machines in the network, which would allow them to actively defend the network as a whole. The whole class of encryption and trust mechanisms that fall into the Byzantine category all rely on parallel architectures, where the number of "good" nodes is at least 2/3rds + 1 the number of nodes under consideration. A large, heterogenius network is capable of an entire class of defences an isolated computer - however "secure" - is (by definition) incapable of.

  7. Re:An interesting read on Multi-Layer Security Platforms · · Score: 3, Insightful
    Read absolutely everything the DoD and NSA have published on host and network security. Study the crypto and hashing function lounges to understand what underlying mechanisms are known to be flawed and which have a high liklihood of having problems. Devour everything that NIST, NESSIE and eCrypt have published on cryptographic techniques (such as authenticating encryption modes). Read up on intrusion detection and intrusion countermeasure systems, their strengths and their weaknesses. Find out about different active and passive scanning techniques (you can get a lot of forensics from timings, and passive fingerprinting is a big nasty). Understand completely ALL of the implications of the Byzantine General's Problem, The Byzantine Agreement Problem, Byzantine Fault Tolerent Authentication (ie: parallel security). Comprehend the consequences of DNS poisoning, router table poisoning, ARP poisoning and other lower-layer attacks.


    Then go on BBC's Mastermind. Or be the world's leading expert on IT security. Or both. The problem is that security is one of those fields where there needs to be only one weakness and ALL of the strengths will count for nothing. As such, comprehending one tiny segment in isolation is not a valuable exercise - it WILL be bypassed. Security specialists are the worst specialists to be, you need to be a security generalist if you are to be able to stop anything much beyond the most trivial of attackers. Particularly in a day and age where tools are so easily exchanged that attackers do NOT need to be generalists. The Internet is a gestalt of everyone who uses it and is ergo the ultimate generalist. THAT is who you would be defending against.

  8. Re:Should We Be Throwing Some In The Freezer? on Bone Marrow Cells Repair Heart · · Score: 1
    I stand corrected. (Yeah, I'm one of the less common posters who admits to being human! :) Oh, I absolutely agree that foetal development isn't fast - I guess I've tended to assume that actual damage that can't readily repair itself will tend to be a very small part of the problem, that by clearing out such damage will enable the rest to repair itself, leaving only a very small region that actually needs major intervention. I've also tended to assume that there would, of course, be some sort of temporary "patch" whilst everything got back to normal.


    (An obvious exception to this would be Alzeimers. If I understand it correctly, large quantities of tau protein is formed, squishing brain cells in the process. There, most of the damage is quite definitely major. You'd really want to remove both the tau protein producers and the grey cell smoothie, then replace the lot. However, here we have a slight advantage - it doesn't matter if the repairs don't happen overnight. You want to accelerate it, if possible, sure, but things don't need to be perfect immediately.)


    Heart damage - yeah, you really can't do without the heart being fully operational. Filling in where a scar was extracted with stem cells won't solve the problem - biology doesn't work like construction work, you can't just use stem cells as an organic plaster of paris and hope it holds up. You'd presumably want some kind of patch that can pull the damaged sections together and prevent spillage. It would only need to last long enough for the stem cells to become heart cells and to bond to what was already there. Depending on what sort of patch is possible, I guess you might even want to piggyback a mechanical heart, so as to reduce the forces imposed on and by the organic heart, just until the repair was complere.


    Would that seem a reasonable approach?

  9. Re:Should We Be Throwing Some In The Freezer? on Bone Marrow Cells Repair Heart · · Score: 4, Insightful
    My guess is that adult stem cells do age. Dolly the sheep was cloned using "old" mitochondrial DNA, if I remember the history correctly, and showed premature aging. Provided I've got that right, it would imply that the age of the mitochondria would be very significant. So, older adult stem cells would (by inference) be less effective than younger adult stem cells. It would follow that using younger adult stem cells - OR older adult stem cells with younger/repaired mitochondria - would be more effective.


    What about other adult stem cells? Well, the skin is constantly regenerated by adult stem cells, and unquestionably ages. How much of that is due to the adult stem cells wearing out and how much is due to the chemistry of the skin changing over time I'll leave to experts. (There are experts on Slashdot? :) What amazes me is how rapidly the skin can replace itself, yet keeping features (moles, birthmarks, scars, etc) unchanged. I presume that is precisely because stem cells aren't specialized and therefore acquire the characteristics of what is there. The skin is important to understand in this precisely because it is necessarily very rapidly generating and using those stem cells - my guess would be that it's much faster than any of the other stem cell factories in the body. If I'm right in that, then by comparing adult stem cells of different kinds at different ages would seem to be the way to understand how stem cells (and probably mitochondria) age. It might also give some ideas on how to control the speed of adult stem cell duplication, which might be a valuable tool in treating damage to such factories.


    Getting back to the heart of the matter (argh! :), if the bone marrow stem cells can clear away damaged tissue, you only have half the equation. You still need to repair the damage. The heart repairs, but only so fast. I wonder if it would be possible to use a mixed solution - the bone marrow stem cells with some modified juvenile stem cells (ie: with your DNA present) - the first to clear the damage as described, the latter to rapidly fill in the now-cleared section. Relying on the heart to do all the repair work might not be so good, as the heart cells will be old, which may produce a weaker repair.


    I wonder where else the bone marrow stem cells can remove damage. It would seem that many diseases leave residual damage that the body cannot ordinarily remove and repair. If a general solution existed for removing the damage, even if no solution existed for fixing it, it would seem you can't really lose and (if it stimulates the body's own mechanisms) you would likely gain.

  10. It depends on Patient Revives After 19 Years By Rewiring Brain · · Score: 1
    If the mechanism for self-repair exists, then the mechanism can (in principle) be assisted and/or accelerated. If no mechanism for rewiring existed, then adding one would be impractical at our level of technology, but boosting something that already exists is a much easier proposition. Any such technology will be greatly improved if/when stem cell research gets somewhere. If, in theory, you could extract the dead cells and inject stem cells in their place, full function might be restored.


    The existing cases of repair are all partial, my guess being that this is because using a section of brain that's not designed for the task is (a) suboptimal, and (b) taking away resources from somewhere else. If, however, the brain had the option of wiring up a totally unprogrammed set of stem cells, it is possible it could do more.


    IIRC, there were experiments in the US with injecting stem cells into the brains of Alzheimer sufferers, in a fairly uncontrolled manner, which did produce some indication of improvement. This would indicate that the brain can make at least limited use of such cells with no further assistance. If you were to combine raw stem cell injections with a therapy that actively promoted the brain's self-repair mechanisms - once such therapies are discovered - then maybe, just maybe, a more complete recovery in a shorter timeframe would be achievable.


    For those neuroscientists shaking their heads in despair, I would point out that I am fully aware that each of these observations is a data point in isolation, and that extrapolation from a single data point is almost invariably a Bad Idea. On the other hand, Slashdot hasn't been bought out by the Oxford University Press (yet) so wild speculation is definitely in.

  11. It's not quite that sensitive. on The Shallow Roots of the Human Family Tree · · Score: 1
    With a Y chromosome test, every brother will match, as will the father, the grandfather, all uncles on the father's side, all male first cousins on the father's side, all male second cousins on the grandtather's side... This is with a 64-point test. The markers simply don't change fast enough. With the mitochondrial DNA as well, you can narrow it down further, as it's (hopefully) unlikely that most of those will overlap. But close-knit families in Victorian times (and before) did marry over multiple generations, which will complicate the picture. With a comprehensive enough tests, over enough types of data, you can probably narrow it down fairly well, though.


    So, if we were to speculate on this World Family Tree, with the quality and quantity of data that would imply, then yes there are certainly a lot of major privacy factors to consider. Such data would need to be maintained by a strictly neutral, strictly benign group that would need to be 100% protected from ANY interest (political, law enforcement, whatever) for ANY and all reasons whatsoever, no matter what, no exceptions. A fully automated system (so no humans are involved) that used the best in encryption and tamper-proof technology to collect and collate the data would be good. Problem is, the data is then useless as nobody would be allowed to see it.


    Now, if instead of building a current family tree, we ONLY store historic data to this level of accuracy, it would be useless for three-letter agencies that should know better, but extremely useFUL for scientists and genealogists.

  12. And I agree. on The Shallow Roots of the Human Family Tree · · Score: 1
    The tests currently being done look for particularly stable markers in DNA, so you wouldn't be able to get down to the resolution of single individuals, but with - say - 64 markers on the Y chromosome and something of comparable detail on the mitochondrial DNA, you'd be able to get down to the resolution of a couple of generations. That would provide easily enough information to build a basic family tree of absolutely everybody, even if you can't be certain of some of the exact details.

    Now, if we superimpose on that some other genetic traits - less stable characteristics that aren't useful for long-term study but are excellent for figuring out the ordering of very closely-related groups - then you would be able to complete the tree. Well, almost. You would know for certain how everybody alive today (or dead but DNA-testable) related to each other, exactly, with the exception of ancient DNA that does not belong to any surviving group, even remotely. If everyone were to carry out the best existing test tody, and published the results on a DNA search engine, you'd have a map of phenominal detail that could show how every living person related to every other living person. The knowledge and technical capability exists today.

    Sure, as I said, to get the absolute map, you'd need to have people take a test that included more than just the regular markers but looked for additional information. Maybe recessive genes, or something, where the presence/absence alone would tell you nothing but when combined with the other information may provide you with the ability to order the groups with identical markers.

    So, yes, I see nothing to stop a world family tree from being done today. Getting people to take part in something that in-depth and that invasive might be hard - people are naturally suspicious of any new technology and how it can be misused. For that reason, I think it would be better if museums started the ball rolling - do a COMPLETE map of the DNA of every human skeleton they have in their posession. Better yet, of every hominid. The mechanisms will apply just as well to neanderthals and others. And by complete, I mean complete. Every known genetic marker, every known recessive gene, every identifiable trait, for y-DNA and mt-DNA as far as it still exists. The whole lot. (Many Egyptian mummies are not strictly in museums, but they're still reachable and so still technically testable.) Then, as far as can be done, do the same with any deceased historic figure whose identity and time-frame can be firmly established. (Any remains with a provable timeframe would be useful to build up the tree, but the more you can put names and faces to the DNA, the better.)

    I'll repeat - this has to be the maximum resolution analysis you can possibly do on what survives today. 10-point samples won't cut it, unless that's all the data you have, in which case it's not much use in constructing the tree anyway.

    THEN make that same test available as cheaply as possible. Not everyone can afford the few thousand dollars the multiple tests at such high resolution would cost, at today's prices. The perceived benefit has to outweigh both the cost AND the perceived risks combined. Because the perceived risks are very high, the cost needs to be extremely small. The Genography Project has a lot of samples, but to do a World Family Tree, you need thousands of times as many participants just to get an outline, with tests that are vastly more extensive and sensitive, with vastly better coverage of the planet. You can't limit it to richer countries. You need about 2-3 billion samples, fairly evenly distributed across the planet, to build a high-quality tree. Ideally, you'd sample all 7 billion people alive today.

    Could something on this scale be done? Sure. Even something as gigantic as that is within the capacity of modern technology. If you were to gather all the currently unemployed lab technicians around the world, guarantee them a job for about four or five years, and provide

  13. Maybe. on The Shallow Roots of the Human Family Tree · · Score: 1
    As far as I know, mitochondrial Eve was pre-migration from Africa, as was y-Chromosome Adam. It is extremely unlikely that every single person on Earth descends to a single point newer than these, for the simple reason that the earlier genetic information would have ceased to exist at the point of constriction. Furthermore, it would be impossible to do Deep Ancestory past that choke-point, as there would be no markers predating that choke-point existing in the current gene pool.


    Thus, we can deduce that it seems unreasonable to believe in such a choke-point. Ok, now can I test this theory? Sure. There are genetic markers in parts of Europe which date back to early stone-age migrants. We have cases where direct ancestors of such migrants are known, the most famous being a school teacher who matches perfectly with 6,000 year old bones found in a cave near the Cheddar Gorge. Their DNA markers are generally considered "rare" (less than 1% of the population). For the claim to be correct, then either their mtDNA or yDNA must coincide with other people. It doesn't, beyond tracing back to mtEve or yAdam.


    Now, isolated populations get interesting. The Australian Aborigines are the earliest surviving migrants from Africa (apart from a family group that split off somewhere in India) and it would be utterly impossible for such migrants to share ANY DNA whatsoever with other peoples after their point of divergence. The stone-age peoples in Papau New Guinea, or on the islands around Sri Lanka, are likely to be equally ancient, as they don't interact with modern peoples. I am not sure what confidence researchers have that these have DNA that are within mtEve or yAdam, as obtaining DNA samples from peoples who are vehemently protective of their communities (to the point of lobbing spears at people delivering emergency aid after the tsunami) must be hard.


    It would not surprise me if there exists a community isolated enough that it does not fit within the mtEve/yAdam model - more than one woman and man existed at those times, it's just the other lines haven't made it to the modern day amongst mainstream populations, but this does NOT mean that no other lines survived at all. We simply don't know where they are, if they do. But truly isolated groups may well include such lines, if it is simply not possible for researchers to test them. We can draw no inferences from data we have never collected, particularly when it comes to populations so obscure or remote that we don't even know for sure if they still exist.

  14. Re:Family Tree Grafting on The Shallow Roots of the Human Family Tree · · Score: 1
    Many family history groups work with DNA information. There are some groups that collect every DNA dataset they can, whereas others work with specific surnames. If you google "DNA" and your surname, the odds are high you'll find at least one such group. y-search - which collects as much Y-chromosome information as it can - is also a good place to look. The databases tend to be poorly organized, but that's just a matter of time and effort.


    Existing tests range from 10 data points (Oxford Ancestors) to 64 data points - there may be groups that do more. 10-12 data points is enough for deep ancestory checks (for example, I know that there's a high probability that my deep ancestors come from Scandanavia), but you really want to be in the mid-20s to have enough data to do genealogy. 64 data points seems overkill for most purposes, but would likely give you lots of extremely useful data once the databases become more populated.

  15. Re:Myspace? on Kent State Banning Athletes from Using Facebook · · Score: 1

    But... Stef went to all that trouble to set up facexpaces!

  16. While I seriously doubt... on The 10 Tech People Who Don't Matter · · Score: 2, Interesting
    ...Rob Malda would take me up on this offer, I'd be more than happy to edit/subedit. The fact that Slashdot even got mentioned in the top 10 is proof that it is a site with enormous power and tremendous influence. I would like it to stay that way and if there's anything I can do to help in this, I am certainly willing to do what I can.


    I do submit stories. Not enough to get in the High Score table - I generally stick to stuff I firmly believe is highly significant in science or technology, though there have been a few exceptions. Then, there's also the obvious - I regularly post, moderate and metamoderate, and even occasionally journal. I am still not satisfied, though, that I'm doing as much for Slashdot as I'm getting out of it. Any thoughts - particularly from any of the editors - on what more to do would be appreciated.

  17. A very important point you missed... on String Theory a Disaster for Physics? · · Score: 2, Interesting
    ...is that the particle accelerators ARE confirming the predictions of the standard model and AREN'T coming up with anything horribly unexpected. Yes, you noted these things, but you missed several critical points raised by them. First, physics has rarely gone for long without some massively conflicting observation creeping in. We're not seeing one. Second, we're about at the point where some of the stranger predictions made by fancier modern theories aught to be starting to show up - the higgs particle is still unobserved, even indirectly, as is any evidence of quantum foam, etc.


    Now, some of these could do with an explanation. Quantum foam probably can't be observed directly (as yet) but it must radiate for the same reason black holes must radiate - the laws of thermodynamics don't provide for exceptions. In fact, it's the requirement for a non-absolute environment that produced the theory of quantum foam in the first place. We won't be able to see this radiation directly, but we should be able to observe the effects of it, as it should purturb high-energy atom-smashing experiments ever-so-slightly and apparently randomly.


    Superstings are tough, as they're not assumed to be everywhere, but again we should be seeing some experimental evidence by now. They have negative gravity, for example, which makes them bloody obvious even if you can't see them. Particles should clearly be exposed to a force that is repulsive in nature. With 99% of the Universe in the form of clumps of dark matter, we should have much better luck at seeing that. Again, particles should behave oddly on occasion. We're not seeing it.


    This lack of exciting observations may mean that upgrades to the standard model may not be necessary, useful or even vaguely correct. In which case, the observations and/or chains of thought that led to those ideas may need revisiting. Observation trumps speculation, and the observations we are seeing do NOT match up to more modern speculations.

  18. Re:Journalism isn't an exact science on Library Chief Criticized for Requiring Subpoena · · Score: 1

    If she winds up irrevocably on the "do not fly" list, gets barred from any Government-related job, and gets her address mentioned on a talk radio show sympathetic to the administration, winning a court case isn't going to help. I'm not saying the government would do that, only that they can. I'm not one to believe that the administration is evil, only that it is quite capable not only of evil but evil of such magnitude that any victory for the opponent is strictly pyrrhic.

  19. Router Autoconf on U.S. Government to Adopt IPv6 in 2008 · · Score: 1
    Routers in IPv6 are autoconfigured the same way as hosts - they listen for the router advertisement for the upstream router and then query that router for their address. Each router has a prefix associated with it. Each time you add a new router to the chain, you take the prefix of the router before and attach an identifier to the next byte along to establish which network is being referred to.


    This avoids the messiness of manually configuring routers and allows entire networks to be mobile. The prefix doubles as both address and routing instructions.


    IPv6 follows the philosophy of one address per interface. This can be a physical interface, a virtual interface, whatever. Doesn't matter. The machine does not have an actual address, only the interface does. (Although this is technically true on IPv4, it gets very fuzzy at times, with such concepts as 'hostnames' that are associated with an IP address. With IPv6, an effort has been made to avoid this confusion, although they could probably have done better.)


    This association of a port, rather than a machine, with a number is how multipath and peering can be supported on a discovered network. There is absolutely nothing to prevent an IPv6 router from having multiple upstream connections - it will simply have multiple prefixes, one for each. A peered network is simply one where the usual router discovery and prefix collection takes place, but the prefix is not propagated past that network interface.


    There is generally no reason to be concerned with MAC addresses on the IPv6 network. IPv6 uses IPSec - generally end-router to end-router, so no person between those two points can see the MAC address (or IP address) of either source or destination. It's in the encrypted payload and is only visible on the LANs at the far end. There's nothing to stop you from creating virtual devices, of course, with the physical network device IPSec'ed to the router, carrying the virtual network. Then, even at the remote end, what they will see is the virtual MAC and virtual IP. The physical address would never get past the first segment.

  20. Journalism isn't an exact science on Library Chief Criticized for Requiring Subpoena · · Score: 5, Insightful

    And journalists rarely let facts get in the way of a good story. So, I would caution people to not assume everything printed is correct. Nonetheless, to whatever degree it is true that a librarian was asked to break the law by the police, the librarian was in the right to refuse. She is likely to be punished, possibly severely, regardless. I doubt the city or the police will forget in a hurry, no matter who was in the right, and that should be the real point of concern. When revenge becomes more important than upholding the law, there is no law. It is a troubling cultural divide by zero error.

  21. Re:What are the Downsides to IPv6? Anyone? on U.S. Government to Adopt IPv6 in 2008 · · Score: 1
    I discount manual configuration as you can't produce reliable mobility (as you can't guarantee an available address and can't use the prefix to back-propogate topology changes), you place the latency and burden of a DHCPv6 server on the network, you have to have reverse lookup, and machines that do do autoconfigure can't know for certain if you are there or not. Anything that adds inefficiency and breaks standards is Evil Incarnate. At least, when it's everyone's favourite vendor who is adding inefficiency and breaking standards! :)


    (I prefer not to draw a distinction. But that's because my drawings suck.)

  22. Re:What are the Downsides to IPv6? Anyone? on U.S. Government to Adopt IPv6 in 2008 · · Score: 1
    Technically, IPv6 is supposed to use 100% automatically network-generated addresses. Manual addresses on an interface are a big no-no, as that breaks a whole bunch of things. When the 6bone was in operation, and test addresses were used, there wasn't the infrastructure there to auto-generate. Instead, you'd typically request a prefix, based on your AS number and other characteristics of your network. You then fed that manually into your machine.


    However. this is not the correct way to go about this, and now that test addresses are no longer in use, manual configuration (except on totally isolated segments) would be a Bad Idea.

  23. Re:What are the Downsides to IPv6? Anyone? on U.S. Government to Adopt IPv6 in 2008 · · Score: 1

    IPv6 does use multicast and anycast (which is multicast in one direction, unicast in the other) for all discovery services and protocols, which means you won't be able to do any kind of initialization over a switch that drops multicast packets. I guess this could be considered "not working". :)

  24. Re:What are the Downsides to IPv6? Anyone? on U.S. Government to Adopt IPv6 in 2008 · · Score: 1
    You do the same in reverse. The first 72 bits are based on the location in the network heirarchy and the type of traffic. The last 48 bits are the MAC address. So, to get the MAC address, you simply peel off the last 48 bits of the IP address.


    An IPv6-aware router could use this to avoid needing any additional tables or protocols in order to track MAC addresses, as they could just copy those last 48 bits directly into the ethernet frame. There would be no need to index anything or look anything up. For most networks, this will not make an obvious difference, but for very large networks, the elimination of an entire search phase and the elimination of all ARP-like traffic should reduce latencies and packet loss.

  25. Re:By biggest question on if this is ready is.. on U.S. Government to Adopt IPv6 in 2008 · · Score: 1

    Linux and the *BSDs can software firewall IPv6 very nicely. For hardware firewalling, Cisco's PIX boxes can be nice. Buggers to set up well, though. I don't know what firewalling software for Windows will work with IPv6, though since Microsoft's IPv6 came out of their Microsoft Research labs, you might want to see if they have anything in beta. If not, a quick e-mail to them probably wouldn't hurt. Too much.