If you're a geek willing to put some time into learning VOIP and Asterisk, the options are endless.
How about this? Her work would give her a "desk" with an analog phone. You put an old Linux PC at the "desk" with a Digium FX0 card. You then have another PC at her home with with a VOIP phone jack or a headset with SIP software (like this Windows or this Linux) or run Asterisk on her home Linux box and run IAX between the two.
Reliability would depend on the reliability of the IP connection between home/work. Because of Internet delay (and possibly delay from your VPN encryption), there may be a noticable delay on the connections, so it may feel more like a cell phone conversation than a land line.
If you don't have time to tinker and really care about reliability, just get a $30 nationwide unlimited plan from your local phone company or long distance provider (BellSouth/MCI/AT&T), expense it to work, and be done with it.
Depending on how much time she needs to spend on the phone,
If she needs to spend lots of time on the phone, and if you love her, for goodness sake, get her a headseat or a cell phone with a speakerphone feature.
You're right, I was only thinking about inter-ISP BGP.
Some extra network design (use well-defined network numbering on backbone) would be needed to help filter customer-to-ISP traffic from intra-network traffic. If ISPs applied the following filter on each customer border router...
1a) "we will not accept packets into our network where the source address appears to be from our network", and
1b) "we will not accept packets into our network where the source or destination is a well-known private address (eg: RFC1918)", or
2) "we will not accept packets into our network where the source address is anything other that what we assigned you or agreed upon up front"
... it's another filter to protect ISPs from such attacks. They key is keeping customers/hackers from injecting improper source-ip-address packets into the network (or just improper packets in general).
If all else fails, whip out the modem and setup some new UUCP and FidoNet links.
Two routers on a border can control themselves enough to prevent these types of attacks. Each router would make sure they accept BGP packets for another router from only the interface connected to the other router. It would also preven inbound packets for the shared network (between routers) from entering the router on any other interface. In public peering topologies, all routers would need to make sure there's proper filtering for each and every peer session.
It's alot of work to do (if it's not done already), but that's why they pay high-end network engineer the big bucks. ISPs learned long ago to add filters to BGP sessions to avoid bad data from being passed nto one's network from a rogue ISP.
Lackadaisical (adj.) - 1) Lacking spirit, liveliness, or interest; languid: "There'll be no time to correct lackadaisical driving techniques after trouble develops" (William J. Hampton). 2) Affectedly pensive; languidly sentimental.
And now thanks to SCO and the RedHat lawsuit (page 5) referenced by the Groklaw article we might see an expansion of the definition for lawyers and geeks alike...
3) Lacking urgency and passionate conviction: "[SCO is]... taking a lackadaisical attitude toward pursuing its claims."
Take the hint and unsubscribe them from the newsletter/mailing that they "opted" to receive.
Preach on, brutha.
I've had a good experience with the people at AOL. They have full-time staff dedicated to serving their customers and outside mail administrators alike. You can actually call them and get yourself taken off a blacklist within hours (if you're polite). They tell you the thresholds their spam filters use. Once you know how the game is played, you can decide how you continue to play. AOL is enforcing rules that they enforce on behalf of their customers.
Some suggestions for postmasters with lots of AOL customers....
1. Make sure you have forward/reverse DNS for each of your mail servers. Your odds of getting blacklisted go down sharply if you properly list your mail servers in DNS.
2. Call them and schedule a phone appointment to get your servers onto their whitelist. You tell them the business you're in and what IP addresses are servers that belong to you. You also give them a contact address (eg: aolspamcomplaints@yourdomain.com) to where they can forward spam complaints. Once you sign/fax a document that says you understand their policies, you get put on the whitelist. It's not a guarantee that you'll never get dropped, but you at least see it coming before it happens.
2a. Register an additional address on your network from which you don't send mail. If at any time one of your other addresses does get blacklisted, you have another address through which you can relay AOL mail after you address the problem.
3. Something you must do is include a user's e-mail address as part of the mail message itself (not just in the headers). If any of the users' spam reports come back to you, AOL anonymizes the headers. You'll need the address information in the body to determine which idiot hit the "this is spam" button. You might send them a warning after you recieve two messages saying that if they claim any more of your messages are spam, they get removed from your list automatically. You need to protect your mail service for all of the other AOL users you have subscribed. Something else you might do is make sure your list or company name is part of the subject line. It'll make it easy for them to know it's your content. They do want to recieve your content, yes? Make it easy for them to read or delete your message by looking at the subject line (instead of mistaking it for spam). Good mailing lists include the list name in the subject line.
I run domain-based mail forwarding service for some of my web hosting clients. My customers' domain-based e-mail is forwarded through my servers (spam and all) to their AOL account at their request. When they say "this is spam" to their inbound mail, my servers get the bad reputation, not the spammers becasue I'm the one delivering the messages to AOL's servers. It sucks, but now that I've done steps 1/2/2a after my first blacklist experience, things seem to have been going pretty well. I need to do step 3 and help educate my customers about inadvertent spam tagging, but I've been too busy to implement it.
Aside: Compared to AOL, AT&T WorldNet sucks. I got wrongfully blacklisted by them recently. Their system is not as transparent as AOL. I had to use ARIN Whois network information to find a phone number for someone who could find me a phone number of someone who could give me the e-mail address of the people to whom I can request to be taken off their blacklist (aka runaround). Getting off their list takes several days and repeated e-mails instead of a single phone call. Boo! If one is going to blacklist mail servers and reject mail, make sure the mail server puts a URL in the rejection message so that white-hat mail administrators can find policies and contact info that can help them quickly resolve errant blacklisting. To do less is poor customer service.
BI-TCP is a new protocol that ensures a linear RTT fairness under large windows while offering both scalability and bounded TCP-friendliness. The protocol combines two schemes called additive increase and binary search increase. When the congestion window is large, additive increase with a large increment ensures linear RTT fairness as well as good scalability. Under small congestion windows, binary search increase is designed to provide TCP friendliness.
My interpretation: This protocol would transfer data more efficiently than TCP/IP's teeny tiny packets and quickly figure out the correct packet size to maximize transfer speed. For similar reasons that a congested ATM network shreds the performance of multiple large TCP/IP data transfers, BI-TCP works better than TCP/IP at higher speeds. If you don't have OC-oh-my-god between your end-points, TCP/IP will continue work fine for you.
How about "chmod ug-s/bin/passwd"? Someone running passwd wouldn't be able to escallate their uid/gid. To change passwords, run su(do) first. On systems wehre users arn't expected to change their passwords (web servers, etc.), this is usually a good preventative step for most setuid programs.
And for the Love of Scott, if you're going to tell the world about a patch, please, oh please, make sure the hyperlinks work.
Here's Sun's announcement, and if I click on the links to get patches,....
Sparc
Solaris 8 with patch 108993-32 or later
Solaris 9 with patch 113476-11 or later
.... the links give me:
Sorry! We couldn't find your document.
The file that you requested could not be found on this server.
G'dammit!
-ez
Karma: Whore (you look at your score after posting)
FPUs of the future? Re:Floating point performance
on
Mini-ITX Clustering
·
· Score: 2, Insightful
Mod me....
Informative:
If you're looking for a small form factor for high-end processors, you will likely find future products using the picoBTX form factor. The motherboard layout provides better cooling for hot processors that mini-ITX can't address. Here's a summary of the BTX form factors from Anandtech.
Interesting:
Has anyone figured out how to use the floating point power in their graphics cards for non-video applicaitons? Those things are becoming powerful that they use their own heat sinks. Just like we had floating point chips for the 486SX series, perhaps it will be more cost-effective and power-effective in the future to separate commodity, low-cost, and low-power I/O processing from floating point processing.
If graphics card developers start thinking of their cards as being more like floating point coprocessors and less like device controllers, they can help drive future floating point computing and leave traditional central processors to manage memory and I/O.
Redundant:
Imagine a beowulf cluster of video cards!
-ez
Disclaimer: I use a 500MHz Celeron on my desk and a 300MHz laptop at home. I'm not a luddite - I just don't utilize a 3D "rich" graphical environment to surf the web, create documents, and manage computers.
I see all alot of, "their rights have been violated", and "this is why I don't host in the US", and "here's what I think they're investigating", but I don't see anything constructive about how to protect your service uptime against a raid.
At a local security meeting, I learned about security incident handling, and things you can do to help preserve the chain of custody of the evidence (aka data). It's one thing to copy data, but just by reading data on most filesystems, you alter it. If a hacker determines that you are investigating them, that can and will try as fast as they can to cover their tracks, and it's alot quicker to delete/destroy/taint data than copy data.
The fastest and best to preserve a single machine's data is to break a RAID 1 array (pull out live disks). Your machines keep running, and the FBI gets a pristine copy of the disks that they can put into (hopefully antistatic) evidence bags and document chain of custody without modification of the data. They can go read it at their leisure off-site. Using RAID5 doesn't cut it. Using single disks with frequent backups doesn't cut it. Use RAID1.
Another way to protect data and preserve service is to store all non-OS data on enterprise storage that supports advanced mirroring or snapshot capabilities. If I had a NetApp, I could create a read-only snapshot and give the FBI access to that point in time copy of data and never delete it until I can do a DR copy of my filer onto another box. If I have an EMC or Hitachi or other large RAID1-capable unit, I can beak off a very large mirror and present it to FBI hosts on a SAN and continue to run off of unprotected data or implement a disaster recovery plan to get me running again on another similar storage. This data isn't as clean as a "drive in a bag", but with proper notes and techniques, the FBI can be convincing enough to a jury that the data was used in the investigation was correctly read unmodified "beyond a reasonable doubt".
If I'm really good, and have a bigger budget, I'll have a near-real-time mirror of that data (NetApp SnapMirror, EMC SRDF, "rsync", etc.) in a remote location that runs independently of my primary site and a plan that will help keep me running while I let the FBI tears apart my primary data center.
If you run a 100% uptime service ("Show me the nines!"), it's your responsiblity to to have an effective disaster recover plan. An FBI or Secret Service raid is an equivalent of a jumbo jet crashing into your data center. You as an individual, have a RIGHT to privacy and due process, but your company has created obligations to your customers to which you've guaranteed service, and your customers care more about the latter than the former. It's more responsible to have a DR plan and sue the FBI to replace your hardware than not have a plan and sue for lost business.
My celluar phone on Verizon made by LG has three options for its "GPS" functionality:
Enable all
Disable all
Disable all except 911
It is possible for me to have an expectation that my wireless company will not be able to find me. It's not guaranteed that my phone will comply with my local e911 service. Verizon can at least trace my signal to the cell tower if I have GPS disabled, but that's a multi-square-mile(km) area.
The following federally-mandated warning label would be a simple method to set expectations correctly to protect consumers:
"This software (or device) is not required to work with your local 911 service. Optional location-based 911 feature are available but are not guaranteed to work. If this is not acceptable, please return this software (or device) to your provider for a full refund."
Mandating 911 services for VOIP is as futile as requiring mobile ham radio operators to morse-code their latitute and longitude every time they start a transmission. I bet it's merely a [dumb] requirement idea brought up by ILEC companies in an effort to help slow VOIP deployment through regulation.
There are some good ways to have VOIP users to register their fixed-location numbers with VOIP services, perhaps some will be seen in this article's comment thread. The FCC (or FTC or homeland security) can pick one and help the 911 operators and VOIP (and ILEC and wireless and satellite and cable) providers implement it. After that, the VOIP vendors can change their software/firmware to allow customers to voluntarily register their locations using the new standard.
Again, moving to Mozilla (eventualllllllly) addresses only half of his problem. Oracle Apps (and the staff/consulting needed to support it) is expensive enough to make desktop OS licensing fees look like pocket change.
Requiring an Oracle license is one thing..., not working properly with Mozilla is another (you need IE to use it fully in HTML mode). What other options are there?
If you use Oracle Applications, you might be interested in Oracle's announcement that they're going to be supporting Mozilla.
That takes care of half of the problem.
-ez
Karma: Whore (you look at your article scores after posting)
You don't really need their new machine-agnostic service. It's not hard to find an old laptop or PentiumI PC lying around that can serve as your gateway module.
Step 1:
Find a PC with a USB port and install an
Ethernet card if it doesn't already have one.
Step 2:
Make sure the PC has Win98se, Win2000, or WinXP.
Install DirectTV as a USB client to their modem.
The DirecTV install tech should be able to help
you with this. You'll have an IP address on
DirecTV's network and be able to browse the web.
Step 3:
Setup Internet Connection Sharing on the PC to
enable a 192.168.0.0 network on the Ethernet
card.
Step 4:
Plug a hub or switch into the Ethernet card
to allow other clients to connect to your
192.168.0.0 network.
Step 5:
Take an Windows/Linux/Mac PC and set it to
boot via DHCP. It should work, just as if it
were talking to a cable modem or DSL modem.
Step 5a (optional):
For extra reliability/stability of web
connections, you could optionally set the
browser on the new client to use the gateway
PC as an HTTP proxy server. I think it listens
on 192.168.0.1:83, but I'm not sure.
Step 5b (optional):
It is possible to connect a standard broadband
router into the gateway PC and use its firewall
features to keep your home network protected
while you're connected or even connect wireless
gear to your network. You need to set the
WAN interface of the router to use DHCP, and you
need to set the internal netowrk to be something
other than the default 192.168.0.0 (for example
192.168.1.0), so that the router doesn't get
confused about addresses on the external and
intranal side of its network.
It's faster than dialup for downloads, but not as reliable. If you have access to anything else (cable, DSL, broadband wireless), you're better off.
I setup a remote coworker with 5/5a/5b who roamed around his house with an 802.11b wireless laptop. As long as there were no packet drops on his wireless, it worked ok. Note: If you get any packet loss, your packets now have a RTT of 1000ms to the remote server instead of just 100ms and retransmits really really suck.
It works great for your friend, but will it work well for everyone? At first, yes, but....
If enough people use that method, the spammers turn their attention to "how can we beat that method now?"
I was amused when they started injecting dictionary words to try to break through bayesian filters.
V<! pie >i<! north >a<! format >g<! lunar >r<! eclipse >a!
For your friend's method, it costs $7/domain to register a domain du jour. The spam masters can then take their trojan/hacked PCs and setup mail/nameservers on them to make them look like legitimate mail servers. They just haven't bothered yet because not many people use your friend's filtering method. They can create auto-responders for common confirmation code methods.
SPF has the same flaw. It's only a matter of time until spammers register SPF-compliant domains for their mail relays.
From: bill@yahoo.ashjdhr32.com
To: you@yourdomain
Subject: Increase your size by 3 inches
From: bob@aol-com.aolk54mn.com
To: you@yourdomain
Subject: Low mortgage rates
Whitelisting is a nutritious part of a well-balanced breakfast of anti-spam techniques.
Coffee-flavored cereal might taste interesting to people who like coffee. How about smokers?
You don't quite understand how much your stuff can be permeated by smoke while living with a smoker until you move in with someone who has never smoked. My mom was a heaver smoker, and I lived with her through college. Now on my own, I moved in with a friend who happened to come from a smoke-free household. I brought a bunch of my stuff with me, including a bucket of Kellogg's Corn Flakes. One morning, my friend sniffed around and asked, "What are those? Nicotine flakes?!?"
Wow, I took another bite and gave it a good taste, and sure enough, I understood what he smelled. Living with a smoker for so long, you just get used to it.
I then had a wonderfully evil thought... what if the tobacco companies latched onto the concept of nicotine flakes?
I believe 1994 was about the time when AT&T came out with it's "You will" commercials.
Coincidence? I think not!
Press release: HTML Sample commercial (nostalgia altert!): QuickTime
"You will, and the company that will bring it to you is AT&T."... becasue we're going to patent stuff now before we build it and then sue the pants off of everyone ten years from now.
Taxing is a form of censorship. If you censor e-mail, people will move alternative communication mediums (IRC/IM/Blog/etc.) or start using e-mail accounts in jurisdictions that aren't censored. When people move to other communication mediums, the spammers will be there to greet them (IM spam, pager spam, chat room spam, etc.).
Then again, maybe this bill is yet just another hoax.
I don't see anything regarding the aquisition on either VivendiUniversal's web site nor press releases on finance.yahoo.com for CNET. Looking at news.google.com, the only report is an unconfirmed rumor that quotes the message board article.
Given that the source is a message board, I'm wary to trust the source.
I was working at an ISP when my favorite customer asked me, "I need 12 Class C networks for all of my virtual hosts". A few months back, he had purchased a load balancer (Alteon) that could load-balance web servers and provide a public address to the Internet for the cluster. No one would have any reason to access each individual virtual IP address on the web servers themselves, so I pulled a few address blocks out of my pocket:
172.16.0.0
172.16.1.0
172.16.2.0...etc...
I later explained to him that they were reserved addresses that weren't routable. He thought I was a genius. I, like many other network engineers, was just doing my job. If no one has any business accessing a server or computer from the Internet, don't make it routable to the Internet.
-ez
Karma: Whore (you post anonymously when you nothing constructive to add)
Nope, that doesn't work either. I also tried SCO's search tool for "ethics", and I still couldn't find anything. Perhaps I should try another company if I'm looking for ethics.
I did find alot of results for "bug" in SCO's search engine, though.
I once interviewed Sid Meier (of Microprose) around the time that they released F19 Stealth Fighter on the C64. It was awe-inspiring how they could fit so much game into so little computer. Quote:
"It's not the number of bits you have, it's how you use them."
The same applies to cell phone games today. A friend of mine plays Doom on his cell phone. Amazing.
Slashdot Mirror
If you're a geek willing to put some time into learning VOIP and Asterisk, the options are endless.
How about this? Her work would give her a "desk" with an analog phone. You put an old Linux PC at the "desk" with a Digium FX0 card. You then have another PC at her home with with a VOIP phone jack or a headset with SIP software (like this Windows or this Linux) or run Asterisk on her home Linux box and run IAX between the two.
Reliability would depend on the reliability of the IP connection between home/work. Because of Internet delay (and possibly delay from your VPN encryption), there may be a noticable delay on the connections, so it may feel more like a cell phone conversation than a land line.
If you don't have time to tinker and really care about reliability, just get a $30 nationwide unlimited plan from your local phone company or long distance provider (BellSouth/MCI/AT&T), expense it to work, and be done with it.
Depending on how much time she needs to spend on the phone,
If she needs to spend lots of time on the phone, and if you love her, for goodness sake, get her a headseat or a cell phone with a speakerphone feature.
You're right, I was only thinking about inter-ISP BGP.
... it's another filter to protect ISPs from such attacks. They key is keeping customers/hackers from injecting improper source-ip-address packets into the network (or just improper packets in general).
Some extra network design (use well-defined network numbering on backbone) would be needed to help filter customer-to-ISP traffic from intra-network traffic. If ISPs applied the following filter on each customer border router...
1a) "we will not accept packets into our network where the source address appears to be from our network", and
1b) "we will not accept packets into our network where the source or destination is a well-known private address (eg: RFC1918)",
or
2) "we will not accept packets into our network where the source address is anything other that what we assigned you or agreed upon up front"
If all else fails, whip out the modem and setup some new UUCP and FidoNet links.
-ez
Two routers on a border can control themselves enough to prevent these types of attacks. Each router would make sure they accept BGP packets for another router from only the interface connected to the other router. It would also preven inbound packets for the shared network (between routers) from entering the router on any other interface. In public peering topologies, all routers would need to make sure there's proper filtering for each and every peer session.
It's alot of work to do (if it's not done already), but that's why they pay high-end network engineer the big bucks. ISPs learned long ago to add filters to BGP sessions to avoid bad data from being passed nto one's network from a rogue ISP.
-ez
Lackadaisical (adj.) - 1) Lacking spirit, liveliness, or interest; languid: "There'll be no time to correct lackadaisical driving techniques after trouble develops" (William J. Hampton). 2) Affectedly pensive; languidly sentimental.
... taking a lackadaisical attitude toward pursuing its claims."
And now thanks to SCO and the RedHat lawsuit (page 5) referenced by the Groklaw article we might see an expansion of the definition for lawyers and geeks alike...
3) Lacking urgency and passionate conviction: "[SCO is]
Take the hint and unsubscribe them from the newsletter/mailing that they "opted" to receive.
Preach on, brutha.
I've had a good experience with the people at AOL. They have full-time staff dedicated to serving their customers and outside mail administrators alike. You can actually call them and get yourself taken off a blacklist within hours (if you're polite). They tell you the thresholds their spam filters use. Once you know how the game is played, you can decide how you continue to play. AOL is enforcing rules that they enforce on behalf of their customers.
Some suggestions for postmasters with lots of AOL customers....
1. Make sure you have forward/reverse DNS for each of your mail servers. Your odds of getting blacklisted go down sharply if you properly list your mail servers in DNS.
2. Call them and schedule a phone appointment to get your servers onto their whitelist. You tell them the business you're in and what IP addresses are servers that belong to you. You also give them a contact address (eg: aolspamcomplaints@yourdomain.com) to where they can forward spam complaints. Once you sign/fax a document that says you understand their policies, you get put on the whitelist. It's not a guarantee that you'll never get dropped, but you at least see it coming before it happens.
2a. Register an additional address on your network from which you don't send mail. If at any time one of your other addresses does get blacklisted, you have another address through which you can relay AOL mail after you address the problem.
3. Something you must do is include a user's e-mail address as part of the mail message itself (not just in the headers). If any of the users' spam reports come back to you, AOL anonymizes the headers. You'll need the address information in the body to determine which idiot hit the "this is spam" button. You might send them a warning after you recieve two messages saying that if they claim any more of your messages are spam, they get removed from your list automatically. You need to protect your mail service for all of the other AOL users you have subscribed. Something else you might do is make sure your list or company name is part of the subject line. It'll make it easy for them to know it's your content. They do want to recieve your content, yes? Make it easy for them to read or delete your message by looking at the subject line (instead of mistaking it for spam). Good mailing lists include the list name in the subject line.
I run domain-based mail forwarding service for some of my web hosting clients. My customers' domain-based e-mail is forwarded through my servers (spam and all) to their AOL account at their request. When they say "this is spam" to their inbound mail, my servers get the bad reputation, not the spammers becasue I'm the one delivering the messages to AOL's servers. It sucks, but now that I've done steps 1/2/2a after my first blacklist experience, things seem to have been going pretty well. I need to do step 3 and help educate my customers about inadvertent spam tagging, but I've been too busy to implement it.
Aside: Compared to AOL, AT&T WorldNet sucks. I got wrongfully blacklisted by them recently. Their system is not as transparent as AOL. I had to use ARIN Whois network information to find a phone number for someone who could find me a phone number of someone who could give me the e-mail address of the people to whom I can request to be taken off their blacklist (aka runaround). Getting off their list takes several days and repeated e-mails instead of a single phone call. Boo! If one is going to blacklist mail servers and reject mail, make sure the mail server puts a URL in the rejection message so that white-hat mail administrators can find policies and contact info that can help them quickly resolve errant blacklisting. To do less is poor customer service.
-ez
Seen on his website...
BI-TCP is a new protocol that ensures a linear RTT fairness under large
windows while offering both scalability and bounded TCP-friendliness.
The protocol combines two schemes called additive increase and binary
search increase. When the congestion window is large, additive increase
with a large increment ensures linear RTT fairness as well as good
scalability. Under small congestion windows, binary search increase is
designed to provide TCP friendliness.
My interpretation: This protocol would transfer data more efficiently than TCP/IP's teeny tiny packets and quickly figure out the correct packet size to maximize transfer speed. For similar reasons that a congested ATM network shreds the performance of multiple large TCP/IP data transfers, BI-TCP works better than TCP/IP at higher speeds. If you don't have OC-oh-my-god between your end-points, TCP/IP will continue work fine for you.
Considering that EmperorLinux already supports the MM10, I suspect it won't be long at all before they sell the MM20.
-ez
So there's no workaround ...
/bin/passwd"? Someone running passwd wouldn't be able to escallate their uid/gid. To change passwords, run su(do) first. On systems wehre users arn't expected to change their passwords (web servers, etc.), this is usually a good preventative step for most setuid programs.
How about "chmod ug-s
And for the Love of Scott, if you're going to tell the world about a patch, please, oh please, make sure the hyperlinks work.
Here's Sun's announcement, and if I click on the links to get patches,....
Sparc
Solaris 8 with patch 108993-32 or later
Solaris 9 with patch 113476-11 or later
.... the links give me:
Sorry! We couldn't find your document.
The file that you requested could not be found on this server.
G'dammit!
-ez
Karma: Whore (you look at your score after posting)
Mod me....
Informative:
If you're looking for a small form factor for high-end processors, you will likely find future products using the picoBTX form factor. The motherboard layout provides better cooling for hot processors that mini-ITX can't address. Here's a summary of the BTX form factors from Anandtech.
Interesting:
Has anyone figured out how to use the floating point power in their graphics cards for non-video applicaitons? Those things are becoming powerful that they use their own heat sinks. Just like we had floating point chips for the 486SX series, perhaps it will be more cost-effective and power-effective in the future to separate commodity, low-cost, and low-power I/O processing from floating point processing.
If graphics card developers start thinking of their cards as being more like floating point coprocessors and less like device controllers, they can help drive future floating point computing and leave traditional central processors to manage memory and I/O.
Redundant:
Imagine a beowulf cluster of video cards!
-ez
Disclaimer: I use a 500MHz Celeron on my desk and a 300MHz laptop at home. I'm not a luddite - I just don't utilize a 3D "rich" graphical environment to surf the web, create documents, and manage computers.
I see all alot of, "their rights have been violated", and "this is why I don't host in the US", and "here's what I think they're investigating", but I don't see anything constructive about how to protect your service uptime against a raid.
At a local security meeting, I learned about security incident handling, and things you can do to help preserve the chain of custody of the evidence (aka data). It's one thing to copy data, but just by reading data on most filesystems, you alter it. If a hacker determines that you are investigating them, that can and will try as fast as they can to cover their tracks, and it's alot quicker to delete/destroy/taint data than copy data.
The fastest and best to preserve a single machine's data is to break a RAID 1 array (pull out live disks). Your machines keep running, and the FBI gets a pristine copy of the disks that they can put into (hopefully antistatic) evidence bags and document chain of custody without modification of the data. They can go read it at their leisure off-site. Using RAID5 doesn't cut it. Using single disks with frequent backups doesn't cut it. Use RAID1.
Another way to protect data and preserve service is to store all non-OS data on enterprise storage that supports advanced mirroring or snapshot capabilities. If I had a NetApp, I could create a read-only snapshot and give the FBI access to that point in time copy of data and never delete it until I can do a DR copy of my filer onto another box. If I have an EMC or Hitachi or other large RAID1-capable unit, I can beak off a very large mirror and present it to FBI hosts on a SAN and continue to run off of unprotected data or implement a disaster recovery plan to get me running again on another similar storage. This data isn't as clean as a "drive in a bag", but with proper notes and techniques, the FBI can be convincing enough to a jury that the data was used in the investigation was correctly read unmodified "beyond a reasonable doubt".
If I'm really good, and have a bigger budget, I'll have a near-real-time mirror of that data (NetApp SnapMirror, EMC SRDF, "rsync", etc.) in a remote location that runs independently of my primary site and a plan that will help keep me running while I let the FBI tears apart my primary data center.
If you run a 100% uptime service ("Show me the nines!"), it's your responsiblity to to have an effective disaster recover plan. An FBI or Secret Service raid is an equivalent of a jumbo jet crashing into your data center. You as an individual, have a RIGHT to privacy and due process, but your company has created obligations to your customers to which you've guaranteed service, and your customers care more about the latter than the former. It's more responsible to have a DR plan and sue the FBI to replace your hardware than not have a plan and sue for lost business.
-ez
If the checksum doesn't fit, you can't commit!
My celluar phone on Verizon made by LG has three options for its "GPS" functionality:
Enable all
Disable all
Disable all except 911
It is possible for me to have an expectation that my wireless company will not be able to find me. It's not guaranteed that my phone will comply with my local e911 service. Verizon can at least trace my signal to the cell tower if I have GPS disabled, but that's a multi-square-mile(km) area.
The following federally-mandated warning label would be a simple method to set expectations correctly to protect consumers:
"This software (or device) is not required to work with your local 911 service. Optional location-based 911 feature are available but are not guaranteed to work. If this is not acceptable, please return this software (or device) to your provider for a full refund."
Mandating 911 services for VOIP is as futile as requiring mobile ham radio operators to morse-code their latitute and longitude every time they start a transmission. I bet it's merely a [dumb] requirement idea brought up by ILEC companies in an effort to help slow VOIP deployment through regulation.
There are some good ways to have VOIP users to register their fixed-location numbers with VOIP services, perhaps some will be seen in this article's comment thread. The FCC (or FTC or homeland security) can pick one and help the 911 operators and VOIP (and ILEC and wireless and satellite and cable) providers implement it. After that, the VOIP vendors can change their software/firmware to allow customers to voluntarily register their locations using the new standard.
-ez
Good one. (- tips hat -)
Again, moving to Mozilla (eventualllllllly) addresses only half of his problem. Oracle Apps (and the staff/consulting needed to support it) is expensive enough to make desktop OS licensing fees look like pocket change.
-ez
Requiring an Oracle license is one thing ..., not working properly with Mozilla is another (you need IE to use it fully in HTML mode). What other options are there?
If you use Oracle Applications, you might be interested in Oracle's announcement that they're going to be supporting Mozilla.
That takes care of half of the problem.
-ez
Karma: Whore (you look at your article scores after posting)
You don't really need their new machine-agnostic service. It's not hard to find an old laptop or PentiumI PC lying around that can serve as your gateway module.
Step 1:
Find a PC with a USB port and install an
Ethernet card if it doesn't already have one.
Step 2:
Make sure the PC has Win98se, Win2000, or WinXP.
Install DirectTV as a USB client to their modem.
The DirecTV install tech should be able to help
you with this. You'll have an IP address on
DirecTV's network and be able to browse the web.
Step 3:
Setup Internet Connection Sharing on the PC to
enable a 192.168.0.0 network on the Ethernet
card.
Step 4:
Plug a hub or switch into the Ethernet card
to allow other clients to connect to your
192.168.0.0 network.
Step 5:
Take an Windows/Linux/Mac PC and set it to
boot via DHCP. It should work, just as if it
were talking to a cable modem or DSL modem.
Step 5a (optional):
For extra reliability/stability of web
connections, you could optionally set the
browser on the new client to use the gateway
PC as an HTTP proxy server. I think it listens
on 192.168.0.1:83, but I'm not sure.
Step 5b (optional):
It is possible to connect a standard broadband
router into the gateway PC and use its firewall
features to keep your home network protected
while you're connected or even connect wireless
gear to your network. You need to set the
WAN interface of the router to use DHCP, and you
need to set the internal netowrk to be something
other than the default 192.168.0.0 (for example
192.168.1.0), so that the router doesn't get
confused about addresses on the external and
intranal side of its network.
It's faster than dialup for downloads, but not as reliable. If you have access to anything else (cable, DSL, broadband wireless), you're better off.
I setup a remote coworker with 5/5a/5b who roamed around his house with an 802.11b wireless laptop. As long as there were no packet drops on his wireless, it worked ok. Note: If you get any packet loss, your packets now have a RTT of 1000ms to the remote server instead of just 100ms and retransmits really really suck.
-ez
It works great for your friend, but will it work well for everyone? At first, yes, but....
If enough people use that method, the spammers turn their attention to "how can we beat that method now?"
I was amused when they started injecting dictionary words to try to break through bayesian filters.
V<! pie >i<! north >a<! format >g<! lunar >r<! eclipse >a!
For your friend's method, it costs $7/domain to register a domain du jour. The spam masters can then take their trojan/hacked PCs and setup mail/nameservers on them to make them look like legitimate mail servers. They just haven't bothered yet because not many people use your friend's filtering method. They can create auto-responders for common confirmation code methods.
SPF has the same flaw. It's only a matter of time until spammers register SPF-compliant domains for their mail relays.
From: bill@yahoo.ashjdhr32.com
To: you@yourdomain
Subject: Increase your size by 3 inches
From: bob@aol-com.aolk54mn.com
To: you@yourdomain
Subject: Low mortgage rates
Whitelisting is a nutritious part of a well-balanced breakfast of anti-spam techniques.
We're doomed, I say, DOOMED!
Stop using e-mail!
-ez
Coffee-flavored cereal might taste interesting to people who like coffee. How about smokers?
You don't quite understand how much your stuff can be permeated by smoke while living with a smoker until you move in with someone who has never smoked. My mom was a heaver smoker, and I lived with her through college. Now on my own, I moved in with a friend who happened to come from a smoke-free household. I brought a bunch of my stuff with me, including a bucket of Kellogg's Corn Flakes. One morning, my friend sniffed around and asked, "What are those? Nicotine flakes?!?"
Wow, I took another bite and gave it a good taste, and sure enough, I understood what he smelled. Living with a smoker for so long, you just get used to it.
I then had a wonderfully evil thought... what if the tobacco companies latched onto the concept of nicotine flakes?
Marlboro Flakes - curiously addictive cereal.
-ez
I believe 1994 was about the time when AT&T came out with it's "You will" commercials.
... becasue we're going to patent stuff now before we build it and then sue the pants off of everyone ten years from now.
Coincidence? I think not!
Press release: HTML
Sample commercial (nostalgia altert!): QuickTime
"You will, and the company that will bring it to you is AT&T."
-ez
"Reach out and sue someone."
Taxing is a form of censorship. If you censor e-mail, people will move alternative communication mediums (IRC/IM/Blog/etc.) or start using e-mail accounts in jurisdictions that aren't censored. When people move to other communication mediums, the spammers will be there to greet them (IM spam, pager spam, chat room spam, etc.).
Then again, maybe this bill is yet just another hoax.
-ez
Slashdot is not immune to rumors and hoaxes.
I don't see anything regarding the aquisition on either VivendiUniversal's web site nor press releases on finance.yahoo.com for CNET. Looking at news.google.com, the only report is an unconfirmed rumor that quotes the message board article.
Given that the source is a message board, I'm wary to trust the source.
-ez
What happens when it's a "new moon"? Do they take the energy and wire it to a laser on the dark side of the moon to beam it to us?
If we become dependent upon this energy, what do we do when there's a lunar eclipse? "Doh! Where'd I put those batteries?"
I was working at an ISP when my favorite customer asked me, "I need 12 Class C networks for all of my virtual hosts". A few months back, he had purchased a load balancer (Alteon) that could load-balance web servers and provide a public address to the Internet for the cluster. No one would have any reason to access each individual virtual IP address on the web servers themselves, so I pulled a few address blocks out of my pocket: ...etc...
172.16.0.0
172.16.1.0
172.16.2.0
I later explained to him that they were reserved addresses that weren't routable. He thought I was a genius. I, like many other network engineers, was just doing my job. If no one has any business accessing a server or computer from the Internet, don't make it routable to the Internet.
-ez
Karma: Whore (you post anonymously when you nothing constructive to add)
Nope, that doesn't work either. I also tried SCO's search tool for "ethics", and I still couldn't find anything. Perhaps I should try another company if I'm looking for ethics.
I did find alot of results for "bug" in SCO's search engine, though.
-ez
I tried going here today, and it didn't work....
http://www.sco.com/ethics.htm
I once interviewed Sid Meier (of Microprose) around the time that they released F19 Stealth Fighter on the C64. It was awe-inspiring how they could fit so much game into so little computer. Quote:
"It's not the number of bits you have, it's how you use them."
The same applies to cell phone games today. A friend of mine plays Doom on his cell phone. Amazing.