Given that DDoS attacks seem to be becoming more accessible, what counter measures are there and can anything in the design of the Internet Protocol be modified, in a non-breaking way, to reduce the risk?
Indeed, if we are talking about untrustworthy countries, most places are looking kinda bad these days. The US has some really bad laws (DMCA etc.) and registrars based there are likely infiltrated by or actively cooperating with the NSA. UK registrars have similar issues withe GCHQ.
The other issue, is related to privacy and whether your 'trusted' registrar chain is sharing information with other entities, for which you did not explicitly agree to, in a clear and understandable contract?
Why in the hell would anyone trust certificates signed by a Chinese CA to begin with?
Maybe ask the question differently: Why would you trust any company? In the end it comes down to the chain of trust, for which due diligence is part of, along with the fact no flags have been raised at any point. The flag here is that there is behaviour to create doubt, but why should it just be 'because it is Chinese'?
Nothing should *ever* be opt-out. The default should always be to opt-in. If you can't make that enabling process easy to do and successfully sell the idea to your prospective end users (AKA "source of data" - because they are absolutely going to be saving all your DNS queries as "metadata"), then maybe it wasn't such a good idea to start with.
I won't argue with that, though I was more thinking about the alternative of not having a choice (opt-in or opt-out), as to having this imposed. I just don't want to see a 'Great Moat of Britain', being imposed. There are enough right wing isolationist attitudes at play, in the country today, that we don't need another one added to the fray.
I would also argue that when they present the product they present it as a "computer with MS Windows installed", so it is clear from the outset what is being offered. If the person doesn't want that configuration, then they should look elsewhere. There are plenty of alternatives, and based on the opinions of the/. readership, better ones.
At the same time, then could also include a refund cost of $0 and charge $100 admin and support fee as part of the small print?
SES-10 was suppose to be flown on a reused rocket, in October.
Yup and you'll probably find it is going to be pre-flight tested extensively, before they put any satellite on it. In many ways they'll know more about potential failures of a reused rocket, then a brand new one?
It all depends how you read the quote. Just like exam questions. I read it the same way you did, now see they probably meant this was the 'exact same configuration', as opposed to 'previously flown'. Choice of words can be a huge thing in conveying a clear message. Of course, they may have chosen the wording to confuse?
Should the robots file be updated to indicate a site requires payment to appear in search results? Sure for anyone who gets tech it will be equivalent to 'do not index', but maybe a lesson to content owners?
Well, if the federal government forced on messaging systems a requirement to interchange with other messaging systems, then some of this may be reduced? Back in the 20th century this was done for the voice-landline networks and in many ways has resulted in the only non-fragmented, multi-vendor, communications system we have today. GSMA was formed because of the fragmentation of the analogue cellular networks at the time, but inherited to a certain extent the regulatory requirements to interconnect.
XMPP held a certain promise there, but because there was no regulatory requirement, businesses just said 'screw this and lets keep our little nation states isolated for more money'. We saw this happen with both Facebook and Google. Other systems just made it difficult for apps such as Pidgin to talk to their systems from the start.
Myself I would welcome any move to interconnect, since I have 5 messaging apps just to be able to keep up with friends, since the favoured platform varies with region. SMS isn't the best, but most friends still have a phone number.
This story was more about cellular carriers rather than ISPs: even in the US, ISPs are really pathetic in terms of IPv6 support. How are Canadian cellular carriers, like Rogers, in terms of IPv6 support?
Non-existant. They don't even know what IPv6 is. In the US there is already a move and while some may be dual stack, they are ultimately going pure IPv6 with NAT64 and DNS64, for performance reasons. This is part of the reason Apple required iOS apps to be IPv6 capable to be in the App Store.
I am not blaming the victims. I am simply saying that you try to reduce risk where possible. Even with the belief that you have covered all risk scenarios, there is still a possibility that people will get screwed.
For the scenario you provided, while the ultimate blame is still on the attacker, you can still argue that they increased the risk factor by choosing the passage they did. I experienced a similar situation recently, where my bag was stolen. While the ultimate issue is with person who took the bag (frigging low life of a person), I need to accept that I was a little too trusting in where I put my bag and that I didn't factor in how I was facilitating the opportunity for a crime.
If you are going to fund something you should probably also try to do some due diligence. Sure, it is probably not easy, but in many ways you are acting as an investor and should take the same precautions that a professional investor would.
64-bit encryption with a golden key should be sufficient?
If they do introduce a law it should probably be tied to Moore's law, such that we don't end up with something that can be broken in 20 minutes with an average BitCoin processor
I don't think it is that simple. Perversion of the constitution appears to go beyond party lines and more into the current culture of the halls of power - congressional, president or bureaucratic. The difference now is that someone noticed and blew the whistle. The result of those who would wish to hide the dirty laundry are doing everything to point fingers elsewhere.
It can be argued than an NDA that is incompatible with the constitution should be null and void?
Not at all, it is about jurisdiction and laws. A server outside of your country is essentially in the jurisdiction of the country it is hosted in and subjected to the laws of the hosting country. If said hosting country decides to confiscate said servers or make a copy of that data, then there is not much the owner of the data can do. Is it really spying when the data was stored outside the originating country?
By having the data limited to being stored in the territory of the country it belongs to, you are avoiding potential diplomatic issues around. it.
In many ways what the government is doing here is no different from financial organisations. Due to the regulated nature of these organisations, any cloud service provider must be able to limit where the data is being stored or they won't being selected a vendor.
For example, e-mails exchanged between employees in Switzerland may not be stored outside of the country, even if the company is a multinational and has other e-mail archives.
If it is a business with a fair amount of daily transactions, then I would hope that it is not dial-up either. For the smaller places, that aren't using the internet for connectivity, the payment terminals have the modem built in (see the Ingenico iCT250, as an example). Others, like the wireless terminals in restaurants, may even use the cellular network (some do in Canada, such as this one).
Just have a nice chat with the clerk about the queue that is forming behind you, and suggest they get a proper net connection:)
You can and you may get a better picture of why things aren't working and who is in cause. It could be the merchant or it could be the financial system.
The slowness can be explained by some merchants still using dial-up or being in an area with poor communication infrastructure. I know. Few merchants I go to, have slow systems because a) they use dial-up and b) it is also their voice line. When it is slow, just have a friendly chat with the clerk about how life is - just chill out:)
Slashdot Mirror
Also there are fanatics on both sides. An action attacking negative news on the public figure doesn't mean it was carried out by the opposing team.
There is a good chance a fanatical supporter was involved, but it doesn't eliminate the leadership or a sympathetic friend either.
Given that DDoS attacks seem to be becoming more accessible, what counter measures are there and can anything in the design of the Internet Protocol be modified, in a non-breaking way, to reduce the risk?
Sounds an awful lot like "g-spot."
Well, hopefully it will be more user-friendly, since apparently there are many who still can't make it work.
Indeed, if we are talking about untrustworthy countries, most places are looking kinda bad these days. The US has some really bad laws (DMCA etc.) and registrars based there are likely infiltrated by or actively cooperating with the NSA. UK registrars have similar issues withe GCHQ.
The other issue, is related to privacy and whether your 'trusted' registrar chain is sharing information with other entities, for which you did not explicitly agree to, in a clear and understandable contract?
Why in the hell would anyone trust certificates signed by a Chinese CA to begin with?
Maybe ask the question differently: Why would you trust any company? In the end it comes down to the chain of trust, for which due diligence is part of, along with the fact no flags have been raised at any point. The flag here is that there is behaviour to create doubt, but why should it just be 'because it is Chinese'?
Nothing should *ever* be opt-out. The default should always be to opt-in. If you can't make that enabling process easy to do and successfully sell the idea to your prospective end users (AKA "source of data" - because they are absolutely going to be saving all your DNS queries as "metadata"), then maybe it wasn't such a good idea to start with.
I won't argue with that, though I was more thinking about the alternative of not having a choice (opt-in or opt-out), as to having this imposed. I just don't want to see a 'Great Moat of Britain', being imposed. There are enough right wing isolationist attitudes at play, in the country today, that we don't need another one added to the fray.
If they do this, I hope that they will allow an opt-out. Anything else would feel like an act of censorship, even if that may not be the intent.
I would also argue that when they present the product they present it as a "computer with MS Windows installed", so it is clear from the outset what is being offered. If the person doesn't want that configuration, then they should look elsewhere. There are plenty of alternatives, and based on the opinions of the /. readership, better ones.
At the same time, then could also include a refund cost of $0 and charge $100 admin and support fee as part of the small print?
SES-10 was suppose to be flown on a reused rocket, in October.
Yup and you'll probably find it is going to be pre-flight tested extensively, before they put any satellite on it. In many ways they'll know more about potential failures of a reused rocket, then a brand new one?
It all depends how you read the quote. Just like exam questions. I read it the same way you did, now see they probably meant this was the 'exact same configuration', as opposed to 'previously flown'. Choice of words can be a huge thing in conveying a clear message. Of course, they may have chosen the wording to confuse?
BTW I got my clarification that it wasn't a previously flown stage from: http://www.bbc.com/news/world-...
No different than an artist agent?
Should the robots file be updated to indicate a site requires payment to appear in search results? Sure for anyone who gets tech it will be equivalent to 'do not index', but maybe a lesson to content owners?
So you would prefer a form of indentured servitude due to overpriced medicine, so that the CEOs can buy their super yachts?
Well, if the federal government forced on messaging systems a requirement to interchange with other messaging systems, then some of this may be reduced? Back in the 20th century this was done for the voice-landline networks and in many ways has resulted in the only non-fragmented, multi-vendor, communications system we have today. GSMA was formed because of the fragmentation of the analogue cellular networks at the time, but inherited to a certain extent the regulatory requirements to interconnect.
XMPP held a certain promise there, but because there was no regulatory requirement, businesses just said 'screw this and lets keep our little nation states isolated for more money'. We saw this happen with both Facebook and Google. Other systems just made it difficult for apps such as Pidgin to talk to their systems from the start.
Myself I would welcome any move to interconnect, since I have 5 messaging apps just to be able to keep up with friends, since the favoured platform varies with region. SMS isn't the best, but most friends still have a phone number.
This story was more about cellular carriers rather than ISPs: even in the US, ISPs are really pathetic in terms of IPv6 support. How are Canadian cellular carriers, like Rogers, in terms of IPv6 support?
Non-existant. They don't even know what IPv6 is. In the US there is already a move and while some may be dual stack, they are ultimately going pure IPv6 with NAT64 and DNS64, for performance reasons. This is part of the reason Apple required iOS apps to be IPv6 capable to be in the App Store.
Still frustrated that the ISPs in Canada are still lagging on getting IPv6. The biggest failing ISP is Bell, with no publicly announced plans.
There has been the "Call Your ISP for IPv6" campaign by the guys over at Sixxs:
https://www.sixxs.net/wiki/Cal...
I am not blaming the victims. I am simply saying that you try to reduce risk where possible. Even with the belief that you have covered all risk scenarios, there is still a possibility that people will get screwed.
For the scenario you provided, while the ultimate blame is still on the attacker, you can still argue that they increased the risk factor by choosing the passage they did. I experienced a similar situation recently, where my bag was stolen. While the ultimate issue is with person who took the bag (frigging low life of a person), I need to accept that I was a little too trusting in where I put my bag and that I didn't factor in how I was facilitating the opportunity for a crime.
If you are going to fund something you should probably also try to do some due diligence. Sure, it is probably not easy, but in many ways you are acting as an investor and should take the same precautions that a professional investor would.
64-bit encryption with a golden key should be sufficient?
If they do introduce a law it should probably be tied to Moore's law, such that we don't end up with something that can be broken in 20 minutes with an average BitCoin processor
I don't think it is that simple. Perversion of the constitution appears to go beyond party lines and more into the current culture of the halls of power - congressional, president or bureaucratic. The difference now is that someone noticed and blew the whistle. The result of those who would wish to hide the dirty laundry are doing everything to point fingers elsewhere.
It can be argued than an NDA that is incompatible with the constitution should be null and void?
Not at all, it is about jurisdiction and laws. A server outside of your country is essentially in the jurisdiction of the country it is hosted in and subjected to the laws of the hosting country. If said hosting country decides to confiscate said servers or make a copy of that data, then there is not much the owner of the data can do. Is it really spying when the data was stored outside the originating country?
By having the data limited to being stored in the territory of the country it belongs to, you are avoiding potential diplomatic issues around. it.
In many ways what the government is doing here is no different from financial organisations. Due to the regulated nature of these organisations, any cloud service provider must be able to limit where the data is being stored or they won't being selected a vendor.
For example, e-mails exchanged between employees in Switzerland may not be stored outside of the country, even if the company is a multinational and has other e-mail archives.
If it is a business with a fair amount of daily transactions, then I would hope that it is not dial-up either. For the smaller places, that aren't using the internet for connectivity, the payment terminals have the modem built in (see the Ingenico iCT250, as an example). Others, like the wireless terminals in restaurants, may even use the cellular network (some do in Canada, such as this one).
Just have a nice chat with the clerk about the queue that is forming behind you, and suggest they get a proper net connection :)
You can and you may get a better picture of why things aren't working and who is in cause. It could be the merchant or it could be the financial system.
The slowness can be explained by some merchants still using dial-up or being in an area with poor communication infrastructure. I know. Few merchants I go to, have slow systems because a) they use dial-up and b) it is also their voice line. When it is slow, just have a friendly chat with the clerk about how life is - just chill out :)