I wasn't aware of that, but in today's world of rampant stupidity, it doesn't surprise me a bit.
Never mind that the airport at which they landed likely had an ILS beacon, which never stopped broadcasting the whole time they were there. Or that inertial navigational systems are pretty off-the-shelf technology, and even adding terrain-mapping is not much more difficult.
Or, if it comes to that (and I expect the Secret Service at my door shortly after posting this one), homing a missle in on e.g. Air Force One's transponder, radio transmissions, et alia.
Heck, _because_ of the way they treat certain aircraft, it is _trivially_ easy to pick those planes out of the crowd whilst still in the air - the worst place for a disaster to happen.
At any rate, I also echo your sentiments about the Europeans caving in on a completely independent system.
Sim time in a 747 would be a terrific Christmas present, if anyone cares. And the bug story is great. Not so great in a real aircraft, discovered the hard way, though.
Gliders, eh? I've been tempted, but I dunno. There have been those occasions when I *HAD* to go around. (And once at PDK when I *REALLY*, *REALLY* had to go around. They're probably still talking about that attempt in the tower, as many years as its been.) Motor gliders, maybe, although I think helicopters have more apeal right now.
Anyway, yes, HITS (Highway In The Sky) technology - if it ever gets here - will make flying precision approaches as easy (or easier) than playing a video game. (Well, other than gusts, wind shear, icing, basic aerodynamics, yada yada....) The heads-up approach has a lot of unexplored potential - witness the car which uses infrared to overlay a heads-up display of what's around the corner.
Also, random last minute thought -- don't most airliners with autoland capability also have radar altimeters?
Thanks for the update. I assumed this was true in some places, but it's always nice to have confirmation.
Just out of curiosity, is the Tacoma approach in question WAAS-only, or just IFR-GPS?
I also don't follow the logic about the reference point being between the two runways. If the computer knows where it is, and where it's going, any 'reference point' (which is actually provided by at least 4 sats possibly plus a ground station) is completely arbitrary. And if the autopilot can't (physically) fly it GPS, it can't fly it ILS, either, right?
I know that typical GPS approaches have worse minimums than comparable ILSs, as the (unaugmented) accuracy is not as good, particularly when it comes to altitude. I'd have to check, but IIRC, WAAS is supposed to be accurate to within 1.5 meters. And believe me, I (and many other students) have dropped a plane out of the sky from higher than that.:)
I don't know about _zero visibility_ approaches - I've never actually seen one. Every ILS approach chart I've ever seen has specified some level of ceiling and minimum visibility requirements, along with the corresponding requirement that one *see* the runway before landing. (Then again, I don't fly a lot of autoland-equipped aircraft, either.;)
However, there *are* WAAS approaches out there. The airport at AOPA headquarters in Frederick, MD was the first to receive a WAAS-certified approach, which has minimums less than 10' different from its ILS. And deployment continues (finally).
Also note that it can cost more than $1M to install a single ILS, serving only one runway. WAAS can be installed significantly cheaper, and can handle multiple runways - one reason that has so many smaller airports interested.
One downside is that there is (to the best of my knowledge) only one FAA-certified WAAS-capable receiver, though that will surely change.
Due to the rollout of WAAS (Wide Area Augmentation System), there are a growing number of airports in the country which have GPS approaches. WAAS provides accurate enough GPS signal correction (from ground based stations) to provide full auto-land functionality for so-equipped airliners.
This is a reality _today_, and requires nothing from the Europeans, or waiting until 2008.
As a side note, directed more to the lurkers, what no one seems to consider is that there are many navigational systems which pre-date GPS. ILS and Loran signals, for example, are NOT encrypted, and do NOT have selective availability.
They've been called 'notebooks' for several years, exactly because the heat can be prohibitive for laptop use, and the manufacturers don't want to invite more lawsuits.
So I'm supposed to send all my mail through my ISP's mailserver, for no good reason? Never mind that for example this will break any ESMTP connections between my - perfectly legitimate - SMTP server and my recipients.
I run a business SMTP server on the end of a DSL connection, and have for many years. The server in question is likely firewalled _better_ than my ISP's.
So tell me again why I can't use port 25 outbound?
Note that my ISP will _not_ give me reverse DNS control, nor make any changes on my behalf, despite my having a static IP.
You're right about it being OT.;) But it sounds to me like you need to run sendmail on your desktop computer, and have the mail server running in store-and-forward mode.
Or cron fetchmail every 30 seconds -- how 'instant' does it really *have* to be?
Unfortunately, I'm not sure that Lotus Notes handles those errors well, and many legitimate companies do still use Notes. (I feel sorry for them, but that's another story.)
Last time I was forced to use the product, any error on the receiving end would result in the message getting dropped (with no notification to the sender). Though perhaps they've [finally] improved their SMTP gateway.
Actually, I've found one of the biggest problems to be that PHBs won't even _consider_ Linux on the desktop. I have even gone so far as to propose a voluntary trial effort (backed by several interested parties), and using old machines due to be recycled.
I thought that would be a good test of viability, with a safety net and very little downside. (How much IS a PC-for-recyle worth?)
And yet the response to this zero $$$ low-effort proof-of-concept - from the CIO, or my boss' boss - was effectively "shut up and sit down".
This WAS a large enough company to leverage threats about switching, which might have played a role.
So the fact that there are uneducated PHBs who do make decisions based on glossy ads and golf conversation is perfectly valid.
And personally, I think it's a mistake to focus on 'making it easy to migrate from Windows'. To the nth degree, this means recreating the Windows desktop. BLEAH. By all means, work on making an easy-to-use-as-possiible desktop, but please, let's try and move the world forward, not backward!
All good points, from a security point of view. I should point out that I do stay current on security patches, including randomness issues, and that ALL of the connections in these networks involve at least one Linux box.
Regarding SSH over VPN, I don't do it for added security, and am familiar with at least some of the dangers multiple encryption layers can present. I do it because when the laptop is wireless, it CAN'T talk to anything without the VPN -- and there is no command line access to any of my boxes save SSH, even through the wired network.
And actually, the nature of the root post should make it clear that 'just because I use [WPA] I'm safe' is a fallacy. It's entirely possible to make SSH and/or IPSec relatively insecure.
For example, using a pre-shared key that is the name of your dog, and e-mailing it to the receipient on the other end, well...
But as far as making people aware, as far as I know, no one has even been able to get across the concept of strong passwords, never mind creating memorable ones that don't need to be written down anywhere.
It's unlikely that people are going to change, meaning that encryption needs to be make stronger IN SPITE OF the user. It wouldn't be that hard, for example, to add a routine to new WPA boxes that refused to accept weak passwords.
Yes, there are people who say that. My take on it is that anyone who can't get over my calling it Winblows has some petty and immaturity issues of their own with which to deal...
And heck, I never even once typed Windoze instead.
Speaking of misconceptions, I know _exactly_ what services all of my machines are running. In fact, even if you were to break into one of my machines at the keyboard, you still would have highly limited access to the other machines.
Why in ANYONE's name would I be running nPnP?
In case anyone is wondering, I've done SysAdmin work in real environments since the early 90s, and spent many years prior to that breaking mainframe/mini/micro security from the programmer side. Securing a couple modest home networks is hardly a full-time challenge.
Although what that has to do with end-to-end encryption being easier than WEP/WPA and safer than MAC address filtering... <shrug>
Interesting; I didn't realize they'd dropped that product. I didn't find a copy locally, but the original download is probably still on my girlfriend's laptop - although I'd have to check redistribution licensing.
It's a shame; it makes it MUCH easier to do IPSec than the built-in XP VPN feature. (Their connector product looks comparable, but I really don't know anything about it.)
Actually that's a finger slip (trying to hard to remember the name of the SSH Sentinel product;) - actual implementation is IPSec VPNs. However, I do have all my SSH clients and servers set up for SSH2 only, and use SSH/SCP exclusively for remote access. Even across the VPN.;)
The FACTs are that when SP2 was installed, it altered the system configuration, and installed a perfectly useless product. (Actively dangerous, as noted by the bug which enables file/printer sharing across ALL connections if you have it on any!)
As for not knowing what happened, it took me about 10 seconds to solve the problem. And, in fact, DID require a reboot, but then again, that's Winblows.
As for lacking sufficient knowledge of firewalls, you're welcome to try and hack mine. It's been up for 7 years now without an intrusion. And not for trying, according to my logs.
NOT really a good idea to start a thread about morons, and then act like one.
_YOUR_ wlan card may have the MAC address burned into it. Once ALL NIC did. I think it was more than 10 years ago that I saw my first NIC that DID NOT HAVE a MAC address (it was all zeroes, and expected to be set in software).
_MY_ wlan card will _CERTAINLY_ let me change the MAC address - under Linux _or_ Windows.
Theoretically, perhaps - but how secure does it need to be? All wireless traffic in my home uses SSH tunnels between the laptop and the firewall.
When it becomes possible to conveniently crack SSH tunnels, I'll start to worry. By then, I'm sure there will be something better available. Meanwhile, you can sniff those ESP packets to your heart's content.
This is trivial under Linux, and not much more difficult under Winblows (clients), and I'm surprised more people don't suggest it as an alternative to WEP/WPA.
(My girlfriend uses Winblows w/ SSH Sentinel, and has only had one problem that rebooting wouldn't fix - in over 3 years. That one? Installing XP / SP2 turns on the [useless] firewall, which blocks the ports needed by the VPN.)
No, not EVERY on-line store; only those that support international transactions. It's a moot point, as IMHO the patent is just BS - but "every online store" is quite an exaggeration.
http://www.theboyz.biz/Your source for computers, parts, electronics, small appliances and more!
Slashdot Mirror
I wasn't aware of that, but in today's world of rampant stupidity, it doesn't surprise me a bit.
Never mind that the airport at which they landed likely had an ILS beacon, which never stopped broadcasting the whole time they were there. Or that inertial navigational systems are pretty off-the-shelf technology, and even adding terrain-mapping is not much more difficult.
Or, if it comes to that (and I expect the Secret Service at my door shortly after posting this one), homing a missle in on e.g. Air Force One's transponder, radio transmissions, et alia.
Heck, _because_ of the way they treat certain aircraft, it is _trivially_ easy to pick those planes out of the crowd whilst still in the air - the worst place for a disaster to happen.
At any rate, I also echo your sentiments about the Europeans caving in on a completely independent system.
Sim time in a 747 would be a terrific Christmas present, if anyone cares. And the bug story is great. Not so great in a real aircraft, discovered the hard way, though.
Gliders, eh? I've been tempted, but I dunno. There have been those occasions when I *HAD* to go around. (And once at PDK when I *REALLY*, *REALLY* had to go around. They're probably still talking about that attempt in the tower, as many years as its been.) Motor gliders, maybe, although I think helicopters have more apeal right now.
Anyway, yes, HITS (Highway In The Sky) technology - if it ever gets here - will make flying precision approaches as easy (or easier) than playing a video game. (Well, other than gusts, wind shear, icing, basic aerodynamics, yada yada....) The heads-up approach has a lot of unexplored potential - witness the car which uses infrared to overlay a heads-up display of what's around the corner.
Also, random last minute thought -- don't most airliners with autoland capability also have radar altimeters?
Thanks for the update. I assumed this was true in some places, but it's always nice to have confirmation.
:)
Just out of curiosity, is the Tacoma approach in question WAAS-only, or just IFR-GPS?
I also don't follow the logic about the reference point being between the two runways. If the computer knows where it is, and where it's going, any 'reference point' (which is actually provided by at least 4 sats possibly plus a ground station) is completely arbitrary. And if the autopilot can't (physically) fly it GPS, it can't fly it ILS, either, right?
I know that typical GPS approaches have worse minimums than comparable ILSs, as the (unaugmented) accuracy is not as good, particularly when it comes to altitude. I'd have to check, but IIRC, WAAS is supposed to be accurate to within 1.5 meters. And believe me, I (and many other students) have dropped a plane out of the sky from higher than that.
I don't know about _zero visibility_ approaches - I've never actually seen one. Every ILS approach chart I've ever seen has specified some level of ceiling and minimum visibility requirements, along with the corresponding requirement that one *see* the runway before landing. (Then again, I don't fly a lot of autoland-equipped aircraft, either. ;)
However, there *are* WAAS approaches out there. The airport at AOPA headquarters in Frederick, MD was the first to receive a WAAS-certified approach, which has minimums less than 10' different from its ILS. And deployment continues (finally).
Also note that it can cost more than $1M to install a single ILS, serving only one runway. WAAS can be installed significantly cheaper, and can handle multiple runways - one reason that has so many smaller airports interested.
One downside is that there is (to the best of my knowledge) only one FAA-certified WAAS-capable receiver, though that will surely change.
And that invalidates my earlier statements exactly how?
Due to the rollout of WAAS (Wide Area Augmentation System), there are a growing number of airports in the country which have GPS approaches. WAAS provides accurate enough GPS signal correction (from ground based stations) to provide full auto-land functionality for so-equipped airliners.
This is a reality _today_, and requires nothing from the Europeans, or waiting until 2008.
As a side note, directed more to the lurkers, what no one seems to consider is that there are many navigational systems which pre-date GPS. ILS and Loran signals, for example, are NOT encrypted, and do NOT have selective availability.
They've been called 'notebooks' for several years, exactly because the heat can be prohibitive for laptop use, and the manufacturers don't want to invite more lawsuits.
So I'm supposed to send all my mail through my ISP's mailserver, for no good reason? Never mind that for example this will break any ESMTP connections between my - perfectly legitimate - SMTP server and my recipients.
I run a business SMTP server on the end of a DSL connection, and have for many years. The server in question is likely firewalled _better_ than my ISP's.
So tell me again why I can't use port 25 outbound?
Note that my ISP will _not_ give me reverse DNS control, nor make any changes on my behalf, despite my having a static IP.
You're right about it being OT. ;) But it sounds to me like you need to run sendmail on your desktop computer, and have the mail server running in store-and-forward mode.
Or cron fetchmail every 30 seconds -- how 'instant' does it really *have* to be?
http://www.theboyz.biz/Your source for hardware, software, video games and more!
Unfortunately, I'm not sure that Lotus Notes handles those errors well, and many legitimate companies do still use Notes. (I feel sorry for them, but that's another story.)
Last time I was forced to use the product, any error on the receiving end would result in the message getting dropped (with no notification to the sender). Though perhaps they've [finally] improved their SMTP gateway.
Actually, I've found one of the biggest problems to be that PHBs won't even _consider_ Linux on the desktop. I have even gone so far as to propose a voluntary trial effort (backed by several interested parties), and using old machines due to be recycled.
I thought that would be a good test of viability, with a safety net and very little downside. (How much IS a PC-for-recyle worth?)
And yet the response to this zero $$$ low-effort proof-of-concept - from the CIO, or my boss' boss - was effectively "shut up and sit down".
This WAS a large enough company to leverage threats about switching, which might have played a role.
So the fact that there are uneducated PHBs who do make decisions based on glossy ads and golf conversation is perfectly valid.
And personally, I think it's a mistake to focus on 'making it easy to migrate from Windows'. To the nth degree, this means recreating the Windows desktop. BLEAH. By all means, work on making an easy-to-use-as-possiible desktop, but please, let's try and move the world forward, not backward!
So is *this* the reason that Chris left Novell on Friday?
http://www.theboyz.biz/Your source for hardware, software, video games, small appliances, electronics and more!
All good points, from a security point of view. I should point out that I do stay current on security patches, including randomness issues, and that ALL of the connections in these networks involve at least one Linux box.
Regarding SSH over VPN, I don't do it for added security, and am familiar with at least some of the dangers multiple encryption layers can present. I do it because when the laptop is wireless, it CAN'T talk to anything without the VPN -- and there is no command line access to any of my boxes save SSH, even through the wired network.
And actually, the nature of the root post should make it clear that 'just because I use [WPA] I'm safe' is a fallacy. It's entirely possible to make SSH and/or IPSec relatively insecure.
For example, using a pre-shared key that is the name of your dog, and e-mailing it to the receipient on the other end, well...
But as far as making people aware, as far as I know, no one has even been able to get across the concept of strong passwords, never mind creating memorable ones that don't need to be written down anywhere.
It's unlikely that people are going to change, meaning that encryption needs to be make stronger IN SPITE OF the user. It wouldn't be that hard, for example, to add a routine to new WPA boxes that refused to accept weak passwords.
Sorry I don't have any points to mod that one up as 'funny', Sein.
What - you think you can hack my firewall, but you can't even find the IP from which I'm posting? Sorry, no cardboard cookies for you!
Yes, there are people who say that. My take on it is that anyone who can't get over my calling it Winblows has some petty and immaturity issues of their own with which to deal...
And heck, I never even once typed Windoze instead.
Speaking of misconceptions, I know _exactly_ what services all of my machines are running. In fact, even if you were to break into one of my machines at the keyboard, you still would have highly limited access to the other machines.
Why in ANYONE's name would I be running nPnP?
In case anyone is wondering, I've done SysAdmin work in real environments since the early 90s, and spent many years prior to that breaking mainframe/mini/micro security from the programmer side. Securing a couple modest home networks is hardly a full-time challenge.
Although what that has to do with end-to-end encryption being easier than WEP/WPA and safer than MAC address filtering... <shrug>
Interesting; I didn't realize they'd dropped that product. I didn't find a copy locally, but the original download is probably still on my girlfriend's laptop - although I'd have to check redistribution licensing.
It's a shame; it makes it MUCH easier to do IPSec than the built-in XP VPN feature. (Their connector product looks comparable, but I really don't know anything about it.)
Actually that's a finger slip (trying to hard to remember the name of the SSH Sentinel product ;) - actual implementation is IPSec VPNs. However, I do have all my SSH clients and servers set up for SSH2 only, and use SSH/SCP exclusively for remote access. Even across the VPN. ;)
The FACTs are that when SP2 was installed, it altered the system configuration, and installed a perfectly useless product. (Actively dangerous, as noted by the bug which enables file/printer sharing across ALL connections if you have it on any!)
As for not knowing what happened, it took me about 10 seconds to solve the problem. And, in fact, DID require a reboot, but then again, that's Winblows.
As for lacking sufficient knowledge of firewalls, you're welcome to try and hack mine. It's been up for 7 years now without an intrusion. And not for trying, according to my logs.
Once again I draw your attention to the problems with making conclusions about the entire world based on your one example.
This is a *trivial* exercise, and certainly does not require any hard-wiring.
http://www.theboyz.biz/Computers, parts, electronics, small appliances and more!
NOT really a good idea to start a thread about morons, and then act like one.
_YOUR_ wlan card may have the MAC address burned into it. Once ALL NIC did. I think it was more than 10 years ago that I saw my first NIC that DID NOT HAVE a MAC address (it was all zeroes, and expected to be set in software).
_MY_ wlan card will _CERTAINLY_ let me change the MAC address - under Linux _or_ Windows.
http://www.theboyz.biz/Computers, parts, electronics, small appliances and more!
Theoretically, perhaps - but how secure does it need to be? All wireless traffic in my home uses SSH tunnels between the laptop and the firewall.
When it becomes possible to conveniently crack SSH tunnels, I'll start to worry. By then, I'm sure there will be something better available. Meanwhile, you can sniff those ESP packets to your heart's content.
This is trivial under Linux, and not much more difficult under Winblows (clients), and I'm surprised more people don't suggest it as an alternative to WEP/WPA.
(My girlfriend uses Winblows w/ SSH Sentinel, and has only had one problem that rebooting wouldn't fix - in over 3 years. That one? Installing XP / SP2 turns on the [useless] firewall, which blocks the ports needed by the VPN.)
http://www.theboyz.biz/Computers, parts, electronics, small appliances and more!
Apparently you have not read our FAQs.
No, not EVERY on-line store; only those that support international transactions. It's a moot point, as IMHO the patent is just BS - but "every online store" is quite an exaggeration.
http://www.theboyz.biz/Your source for computers, parts, electronics, small appliances and more!