I attended a talk given by Douglas at the University of Washington a few years before he passed away. It was amusing, but for someone who is not familiar with him or his work, he would have appeared somewhat run of the mill.
That was the remarkable thing. It reminded me that many of us, free to imagine, invent, and run amok can create things to amuse and amaze. Most of us appear unremarkable, but we don't have to be. We only have to let ourselves escape the adulthood we have been trained to achieve and have fun with life.
I will forever remember Douglas Adams as a person who inspired me to be free and fun.
That's actually a fair question. There are several answers, but there are two that seem the most potent to me:
1) There is a moral obligation to not harm other people, whether your neighbor, or your descendant.
2) We are driven to propagate our species. The very near example is procreation. A logcal extrapolation of that drive is to preserve our culture. This can be witnessed to varying degrees in monuments and artifacts designed to last a long time. To that end, we should also not leave a legacy that could kill our culture.
And just how long should it be stored unsafely until it's ready to be tossed into the sun? I imagine your prediction of "within the next centry" is going to be off, just like most predictions out there. If human behavior remains the same, people would rather store it indefinitely in "temporary" facilities rather than go to the trouble of sending it to the sun. I, for one, would much rather have a permanent storage facility for the waste to sit until it's ready to be disposed of via some other method, if ever.
Plus, just because it's going to be easier to toss it into the sun than it is now, that doesn't mean it's going to be easier than burying it, nor does it mean it will be tossed into the sun.
Re:Surprised? No. Opportunity? Yes.
on
XP, Phone Home
·
· Score: 2
You're misusing the term marketing. You are defining it to be vapid and misleading. Marketing is more general than that and includes useful things such as product technical specifications and price comparisons.
Re:Surprised? No. Opportunity? Yes.
on
XP, Phone Home
·
· Score: 2
I hate to say it, but there is a huge relationship between marketing and sales. Our economy is driven, to a large extent, by marketing. When you spend more on advertising, sales almost always go up. Large companies spend outrageous amounts of money on marketing and advertising. Any sociology or marketing class will tell you that.
Surprised? No. Opportunity? Yes.
on
XP, Phone Home
·
· Score: 5, Insightful
Obviously this isn't surprising. You have information Microsoft could possibly sell, and it is certainly information they can use. Of course they're gonna try to get it, and try to keep it quiet. This is happening more and more often, and it's everyone, not just Microsoft.
I do use XP, mostly as a gaming platform, but I use Mozilla, and when I'm not playing games often I am running Linux on the same box. This doesn't have me worried one bit. Some people are gonna get all in a twist about this, but this is just a small step towards the ultimate goal: human batteries.:)
This does make me wonder, however, since Microsoft is causing bandwidth to be used on my network for activities I have not expressly envoked, can I charge them for use of my connection?
I say, charge them for use of my bandwidth. They won't get it free out of me. I just wonder where do I send my bill..
Yeah, I thought about that, but how does the IP forwarding box communicate the IP address to the proxy? If they're the same box, then it's easy, but otherwise it would require some funky modifications.
Solution 3 isn't ideal since it still rests on the tacit assumption that there are only "proper" DNS roots and everything else is invalid. How do you know which roots the client is using? The answer is to let the client decide and to specify an IP address in the HTTP client request as well as the DNS name via the host field.
Thanks for saving me the trouble of explaining it, since most of the other posters seem to have misunderstood the problem.
The first two solutions are obvious, and I'm surprised caching proxies still don't use either of them. I'm sure they've been suggested before, but I haven't been keeping up with the caching IETF working groups.
Solution 1:
Send to the proxy the address of the DNS server you want the proxy to use for resolution. This is a kludge, and would result in duplicate DNS queries, which can take a long time, but at least the proxy would see the world as your client would see it. Unfortunately, you're either breaking the proxy's transparent feature by doing this, or you're mixing up the layers and violating good architecture by embedding resolution information in your HTTP client request.
Solution 2:
HTTP/1.1 specifies the host field for HTTP client requests. The solution is to also provide an IP address field, but make it optional. If it is present, then the proxy would not resolve the host field to an address, but otherwise it would. It's simple and it does not violate the nice layers set up in the architecture.
This is the solution I would like to see, and it is so simple.
Okay, I'll go along with that. This seems very unfortunate. Some people who use encryption use it to help protect their data from the government accessing it. There's a common phrase that goes something like "you can pry my keys from my cold, dead, hands."
Are there any cases where people have gone to jail for not revealing their passphrase or turning over a private or symmetric key? I am a huge fan of cryptography, but if keys kept in my head can be attacked by putting me in jail, then I'm not so sure it's the best solution.
I was making a distinction between providing materials and bearing witness. Under the 5th, the court can't compell someone to bear witness against themselves if it may be incriminating. Since the key can only be obtained via testimony, short of breaking the encryption, the 5th should cover it under the 'bear no witness' clause.
A corporation is a legal construct designed to give a business the same rights as a person, right? If so, in the face of a subpoena duces tecum, why can't a corporation plead the fifth amendment? I assume there's a clear legal answer, but IANAL.
Amendment V
No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a grand jury, except in cases arising in the land or naval forces, or in the militia, when in actual service in time of war or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.
When I worked at a Fortune 500 company, I noticed that people use email for almost everything internally. Most of the stuff that large companies are liable for get thrown about in email when there are many other, often better communication methods. Unfortunately, there are a lot of middle-aged administrative assistants and managers that seem to think everything goes in email.
The lesson? Don't use email to distribute that 10 MBib presentation. If you have a memo, then email everyone a link to it and set the web server to spit out a no-cache HTTP header with the page. If you have a file to share with some people, put it on a file server and give people the link via an email, but don't just attach the little bastard file, which probably isn't so little anyway.
I forgot about a critical field in our machine database: its location. This is the most useful field in the record for new-hires. Consequently, it is a common joke to not give a new-hire access to whole database, but rather to a view which does not include the location. We then make him try to track down the machine through the network. They get real familiar with our network closets during this process.
The canonical name of a machine is assigned by the person who is setting up the machine at the time a name is needed. That name stays with that machine throughout its "lifetime." More on a machine's lifetime later. The only three constraints on the name are as follows:
1. It must be something that most people can spell if they heard the name. 2. It must be a name which can be published in a newspaper without embarassing us. 3. The name may not be duplicated.
Notice that this is the canonical name for a machine. We never call one of our machines smtp or www. We alias those standard names to the canonical name.
We define a lifetime for a machine as the time from which it is named to when it has lost its essence. In turn, we define a machine's essence as that which fundamentally separates it from other machines. In our current business, a machine's essence almost always is defined as the machine's purpose in life, which typically includes its OS and the servers running on the machine. There are times where we have converted a machine from Linux to OpenBSD, for example, but kept the name. If the machine is retasked, then it usually gets a fresh OS and new name; the old machine "dies" and a new machine is "born."
That name is added to a database via a record which also contains the machine's hardware configuration, its MAC address, the OS, its maintainer's email address, and its intended purposes in life (smtp, http, file server, compute server, etc.). From that point on, it is the responsibility of the maintainer to update that record. The hostname is considered the database key, and is therefore not supposed to change.
Every six months, however, clean out the database, looking for cruft and abandoned machines. We also try to identify machines that didn't make it into the database and add them. This also provides a quick way to inventory our equipment, since we primarly own computers and network gear.
I don't know why everyone is so shocked that people can eavesdrop, there is almost zero emmission security in almost anything deployed almost anywhere. Then again, currently, there's no practical need for such secured equipment in a normal civilian environment.
On of the guys I used to work with would talk about the truck that would park outside their NOC to listen to their ethernet via radio receivers on the truck. One can guess where the truck came from, but the scary part is that this was more than a decade ago. They were doing things that might possibly be of interest to spooks, or perhaps a well-funded competitor.
It's fun to engage in a fantasy world where government spooks are around every corner, but in reality there's no justification for spending large amounts of money or time to protect yourself from imagined threats like that. I am more worried about somebody breaking into my house to steal my stuff or script kiddies from Germany installing an IRC server on my boxes than the government spying on me.
Most of us do not have anything that would justify non-criminals to bother with us. Those of us that do usually have the budgets to do something about it. And the criminals are not terribly sophisticated, so common sense and a decent system administrator are usually enough to meet the standard threats. Most criminals are opportunists, if you present a challenge, they'll move on to the guy who has his root password set to "password".
The people who have highly sensitive stuff know that there's no real security in most hardware and software and work to build environments to protect their stuff. They probably do not buy their hardware from Dell.
Those of us who really only need to protect our banking and personal information as well as our bandwidth don't need to worry about monitor emission security just yet. For banking information, it's much easier to get that information in much more mundane ways than eavesdropping on your monitor. You should worry about what your local convienence store does with their copy of your credit card receipt.
Okay, I got through about five issues before I couldn't stand it anymore. I've seen Pulp Fiction many times, I've seen Ep.I. No change in dialog wore on me, but the drawing is someone stimulating.
I suppose I would have gone through the whole thing if it weren't for the splash intro for each episode. Gah, I admire the person who went to the effort, but create a set without the splash intro for each issue!
I wonder how much like Star Trek our future will be. If there is a resemblance, I wonder how much of it will be because we have Star Trek in our cultural history, or because it was a reasonable vision of the future. Somebody invent transporters already!
Who would have thought? Well, half right, at least. Or, should I say, half-assed right?
"Mars is essentially in the same orbit... Mars is somewhat the same distance from the Sun, which is very important. We have seen pictures where there are canals, we believe, and water. If there is water, that means there is oxygen. If oxygen, that means we can breathe."
-- Vice President Dan Quayle, 8/11/89
Slashdot Mirror
I attended a talk given by Douglas at the University of Washington a few years before he passed away. It was amusing, but for someone who is not familiar with him or his work, he would have appeared somewhat run of the mill.
That was the remarkable thing. It reminded me that many of us, free to imagine, invent, and run amok can create things to amuse and amaze. Most of us appear unremarkable, but we don't have to be. We only have to let ourselves escape the adulthood we have been trained to achieve and have fun with life.
I will forever remember Douglas Adams as a person who inspired me to be free and fun.
That's actually a fair question. There are several answers, but there are two that seem the most potent to me:
1)
There is a moral obligation to not harm other people, whether your neighbor, or your descendant.
2)
We are driven to propagate our species. The very near example is procreation. A logcal extrapolation of that drive is to preserve our culture. This can be witnessed to varying degrees in monuments and artifacts designed to last a long time. To that end, we should also not leave a legacy that could kill our culture.
And just how long should it be stored unsafely until it's ready to be tossed into the sun? I imagine your prediction of "within the next centry" is going to be off, just like most predictions out there. If human behavior remains the same, people would rather store it indefinitely in "temporary" facilities rather than go to the trouble of sending it to the sun. I, for one, would much rather have a permanent storage facility for the waste to sit until it's ready to be disposed of via some other method, if ever.
Plus, just because it's going to be easier to toss it into the sun than it is now, that doesn't mean it's going to be easier than burying it, nor does it mean it will be tossed into the sun.
There are two facinating projects. The first is in response to your point: the need for a modern rosetta stone. The second is just darned cool.
Check them out:
Rosetta Project
Long Now Project
You're misusing the term marketing. You are defining it to be vapid and misleading. Marketing is more general than that and includes useful things such as product technical specifications and price comparisons.
I hate to say it, but there is a huge relationship between marketing and sales. Our economy is driven, to a large extent, by marketing. When you spend more on advertising, sales almost always go up. Large companies spend outrageous amounts of money on marketing and advertising. Any sociology or marketing class will tell you that.
Obviously this isn't surprising. You have information Microsoft could possibly sell, and it is certainly information they can use. Of course they're gonna try to get it, and try to keep it quiet. This is happening more and more often, and it's everyone, not just Microsoft.
:)
I do use XP, mostly as a gaming platform, but I use Mozilla, and when I'm not playing games often I am running Linux on the same box. This doesn't have me worried one bit. Some people are gonna get all in a twist about this, but this is just a small step towards the ultimate goal: human batteries.
This does make me wonder, however, since Microsoft is causing bandwidth to be used on my network for activities I have not expressly envoked, can I charge them for use of my connection?
I say, charge them for use of my bandwidth. They won't get it free out of me. I just wonder where do I send my bill..
I've been using Mozilla as my regular browser since the 0.9 series started and have been, for them most part, very happy.
What are you waiting for? Just use 0.9.9 and be happy. It'll only get better from here.
Yeah, I thought about that, but how does the IP forwarding box communicate the IP address to the proxy? If they're the same box, then it's easy, but otherwise it would require some funky modifications.
Solution 3 isn't ideal since it still rests on the tacit assumption that there are only "proper" DNS roots and everything else is invalid. How do you know which roots the client is using? The answer is to let the client decide and to specify an IP address in the HTTP client request as well as the DNS name via the host field.
This also avoids performing unneeded DNS lookups.
Thanks for saving me the trouble of explaining it, since most of the other posters seem to have misunderstood the problem.
The first two solutions are obvious, and I'm surprised caching proxies still don't use either of them. I'm sure they've been suggested before, but I haven't been keeping up with the caching IETF working groups.
Solution 1:
Send to the proxy the address of the DNS server you want the proxy to use for resolution. This is a kludge, and would result in duplicate DNS queries, which can take a long time, but at least the proxy would see the world as your client would see it. Unfortunately, you're either breaking the proxy's transparent feature by doing this, or you're mixing up the layers and violating good architecture by embedding resolution information in your HTTP client request.
Solution 2:
HTTP/1.1 specifies the host field for HTTP client requests. The solution is to also provide an IP address field, but make it optional. If it is present, then the proxy would not resolve the host field to an address, but otherwise it would. It's simple and it does not violate the nice layers set up in the architecture.
This is the solution I would like to see, and it is so simple.
Okay, I'll go along with that. This seems very unfortunate. Some people who use encryption use it to help protect their data from the government accessing it. There's a common phrase that goes something like "you can pry my keys from my cold, dead, hands."
Are there any cases where people have gone to jail for not revealing their passphrase or turning over a private or symmetric key? I am a huge fan of cryptography, but if keys kept in my head can be attacked by putting me in jail, then I'm not so sure it's the best solution.
I was making a distinction between providing materials and bearing witness. Under the 5th, the court can't compell someone to bear witness against themselves if it may be incriminating. Since the key can only be obtained via testimony, short of breaking the encryption, the 5th should cover it under the 'bear no witness' clause.
What if the material was encrypted and the passphrase was known by the CIO of the corporation?
A corporation is a legal construct designed to give a business the same rights as a person, right? If so, in the face of a subpoena duces tecum, why can't a corporation plead the fifth amendment? I assume there's a clear legal answer, but IANAL.
When I worked at a Fortune 500 company, I noticed that people use email for almost everything internally. Most of the stuff that large companies are liable for get thrown about in email when there are many other, often better communication methods. Unfortunately, there are a lot of middle-aged administrative assistants and managers that seem to think everything goes in email.
The lesson? Don't use email to distribute that 10 MBib presentation. If you have a memo, then email everyone a link to it and set the web server to spit out a no-cache HTTP header with the page. If you have a file to share with some people, put it on a file server and give people the link via an email, but don't just attach the little bastard file, which probably isn't so little anyway.
I forgot about a critical field in our machine database: its location. This is the most useful field in the record for new-hires. Consequently, it is a common joke to not give a new-hire access to whole database, but rather to a view which does not include the location. We then make him try to track down the machine through the network. They get real familiar with our network closets during this process.
Our naming convention is simple:
The canonical name of a machine is assigned by the person who is setting up the machine at the time a name is needed. That name stays with that machine throughout its "lifetime." More on a machine's lifetime later. The only three constraints on the name are as follows:
1. It must be something that most people can spell if they heard the name.
2. It must be a name which can be published in a newspaper without embarassing us.
3. The name may not be duplicated.
Notice that this is the canonical name for a machine. We never call one of our machines smtp or www. We alias those standard names to the canonical name.
We define a lifetime for a machine as the time from which it is named to when it has lost its essence. In turn, we define a machine's essence as that which fundamentally separates it from other machines. In our current business, a machine's essence almost always is defined as the machine's purpose in life, which typically includes its OS and the servers running on the machine. There are times where we have converted a machine from Linux to OpenBSD, for example, but kept the name. If the machine is retasked, then it usually gets a fresh OS and new name; the old machine "dies" and a new machine is "born."
That name is added to a database via a record which also contains the machine's hardware configuration, its MAC address, the OS, its maintainer's email address, and its intended purposes in life (smtp, http, file server, compute server, etc.). From that point on, it is the responsibility of the maintainer to update that record. The hostname is considered the database key, and is therefore not supposed to change.
Every six months, however, clean out the database, looking for cruft and abandoned machines. We also try to identify machines that didn't make it into the database and add them. This also provides a quick way to inventory our equipment, since we primarly own computers and network gear.
Those items you mention are all social and political issues, there're not really technological issues.
I don't know why everyone is so shocked that people can eavesdrop, there is almost zero emmission security in almost anything deployed almost anywhere. Then again, currently, there's no practical need for such secured equipment in a normal civilian environment.
On of the guys I used to work with would talk about the truck that would park outside their NOC to listen to their ethernet via radio receivers on the truck. One can guess where the truck came from, but the scary part is that this was more than a decade ago. They were doing things that might possibly be of interest to spooks, or perhaps a well-funded competitor.
It's fun to engage in a fantasy world where government spooks are around every corner, but in reality there's no justification for spending large amounts of money or time to protect yourself from imagined threats like that. I am more worried about somebody breaking into my house to steal my stuff or script kiddies from Germany installing an IRC server on my boxes than the government spying on me.
Most of us do not have anything that would justify non-criminals to bother with us. Those of us that do usually have the budgets to do something about it. And the criminals are not terribly sophisticated, so common sense and a decent system administrator are usually enough to meet the standard threats. Most criminals are opportunists, if you present a challenge, they'll move on to the guy who has his root password set to "password".
The people who have highly sensitive stuff know that there's no real security in most hardware and software and work to build environments to protect their stuff. They probably do not buy their hardware from Dell.
Those of us who really only need to protect our banking and personal information as well as our bandwidth don't need to worry about monitor emission security just yet. For banking information, it's much easier to get that information in much more mundane ways than eavesdropping on your monitor. You should worry about what your local convienence store does with their copy of your credit card receipt.
Okay, I got through about five issues before I couldn't stand it anymore. I've seen Pulp Fiction many times, I've seen Ep.I. No change in dialog wore on me, but the drawing is someone stimulating.
I suppose I would have gone through the whole thing if it weren't for the splash intro for each episode. Gah, I admire the person who went to the effort, but create a set without the splash intro for each issue!
Yep, that was my thought, too. It built perfectly for me, and I'm running Debian testing with OpenSSL 0.9.6c.
1. You must not speak English better than a native speaker who is 5 years old.
2. The dubbing must be out of sync from the movie by at least 1 second.
3. At least one out every ten words must be a gross mis-translation to add to the humor.
4. Whenever there is a plot-clarification dialog, it must be mangled beyond the point of sanity and include a chicken-crossing-the-road joke.
5. The dubber must drink a shot of vodka for every time the end of the world is threatened. Or, one shot every five minutes, whichever is greater.
6. If there is no humor is in the translation, it must be substituted with a 'momma' joke.
I wonder how much like Star Trek our future will be. If there is a resemblance, I wonder how much of it will be because we have Star Trek in our cultural history, or because it was a reasonable vision of the future. Somebody invent transporters already!
Who would have thought? Well, half right, at least. Or, should I say, half-assed right?
"Mars is essentially in the same orbit... Mars is somewhat the same
distance from the Sun, which is very important. We have seen pictures
where there are canals, we believe, and water. If there is water, that
means there is oxygen. If oxygen, that means we can breathe."
-- Vice President Dan Quayle, 8/11/89