CALEA is only about wire tapping communications when an order has already been issued, and applies only to telecommunications carriers, and the only time IP traffic is required to be able to be inspected by the SP is when a carrier offers telecommunication services over IP (as in VoIP), so um, no. Try again.
When they say "Engineered to comply with CALEA", that is a marketing refrain for more $$$ in the vendor's pocket for not doing much at all.
If they start NAT'ing massively, the scarcity could evaporate. Much of the IP space is consumed by these ISPs.
Also, since they are now NAT'ing, this would mean they are no longer using additional IPs and would no longer be able to justify their existing allocations, and this could eventually mean that they would be required to return IP addresses to the registry, or they would flood the 'transfer market' for the financial incentive of receiving the small amounts of $$ transfer considerations.
Perhaps they'll start sending letters CC'd to everyone who was using the IP at the same time, since when the court or anti-pirate org sends in the subpoena or discovery order,
the ISP will reply with a long list of users.
Then the RIAA e-mails will start getting labelled as spam, perhaps, since they are obviously bulk, unsolicited, and meaningless, in that case??
Well, brute force no longer works... less-effective search methods would have to be used, like predictive IP address guessing... DNS harvesting, based on google searches for well-known V6 addresses, or by having 'malware web servers' that bait search engines with SEO and capture IPv6 IPs of all clients that visit.
And creative assumptions, such as assuming auto-config, predicting the 'gateway' might have a common address such as "1" and subnet numbers might be something common like numbers in a standard VLAN number or street number range, and guessing well-known MAC addresses or probable MAC addresses, possibly requiring either at least one host compromised on the L2 subnet or some insider knowledge.
but the web server would spawn a process on a higher numbered, unprivileged process for the actual traffic transfer.
No. All traffic is exchanged over the HTTP connection initiated by the client, the server's source port for HTTP traffic is always port 80, or the port the client connected to.
What happens, is (in the case of Apache); the web server initially starts up as root and binds port 80, then "changes user ID" to apache, after the port is already bound, to start its child processes.
Since the superserver is already bound to port 80, it no longer requires root privileges to accept further connections on that port... root permissions are only required to initially open the socket (which was done before it dropped privileges).
As each HTTP client connects, the superserver can pass the descriptor to the corresponding child process(es), which will take over the connection, completely transparent to the remote client (port numbers do not change, additional remote connections are not established).
If I were to be NATed, I would not want to pay more than 5 dollars a month for such a crippled connection, regardless of bandwidth. So you will automatically have to sell the service to ten subscribers like me instead of just one to make the same revenue.
But 99% of the people might not notice.
They could give 99% of their customers NAT'ed service, and when someone calls and complains, apologize, and offer them a unique public ip for $5 extra per month,
or if they upgrade to a "business class line" that permits them to have a dedicated static, addressable IP.
They won't like NAT, because P2P is still possible (even though it's hard), especially once NAT traversal extensions get implemented by the ISP,
such as the ability to 'open listening ports'
But tracking down the uploaders in order to send them letters or ID them is almost impossible, since there may be 100 people sharing their IP.
Instead, the RIAA will have to keep track of both an IP and a port number for NAT'ed users.
But NAT' users can go through ports fast.
Port numbers are easily re-used by innocent users, AND unless the ISP has extremely detailed logs, and the RIAA and ISP can both timestamp everything with very high precision, it will be (basically) impossible to track uploaders.
If the RIAA wants to continue their model of "send threatening notices" or "sue filesharers", then it will be absolutely essential that the internet heads for IPv6 adoption, instead of massive NAT.
Alternative addressing such as IPv6 is still the answer, however.
We really need to think of the environment and try to minimize our IPv4 footprint.
Start using IPv6... the internet depends on it.
The fact of the matter is IPv4 addresses aren't allocatable cleanly.
Every time V4 addresses begin to get announced, we get expansion of the DFZ,
causing global routing table sprawl.
At this rate of increase of the number of global routing table entries, we are quickly looming towards a point, when eventually, we won't be able to forward any packets at hardware forwarding rates.
Within 10 years, the Tier 1 routers will start to melt, washing away entire web sites due to the tremendous packet loss rates.
At that point, we could very well be heading towards an internet ice age.
Punish the whole of Texas because you dislike something happening in east Texas?
The point is not to punish Texas really, there is some collateral damage (which could also provide some pressure for residents there to reform or address the issue with the court), but the point is to avoid personal jurisdiction within the district court located in the state of Texas.
A consequence of not distributing to or conducting business with anyone in the state of Texas, is the court lacks jurisdiction, therefore, making it possible to deny the patent trolls the ability to bring their case to that court.
The GPL has a clause that specifically does allow geographic restrictions to be added, if distribution and/or use of the program is restricted by patents or copyright interfaces.
This is not a problem. Invariably, something in the program will be patented in the US, protected by an "invalid" patent on obvious methods.
doesn't represent the actual behavior of most admins, even those using that distro.
I think we're talking about totally different things.
You seem to be referring to what you see sysadmins do.... i'm thinking what users and web developers do; especially users who don't come from a sysadmin background and have little understanding of 'package signing'.
A lot of admins check signatures only in the case where this is done automatically, and sometimes bypass the checks if they get in the way.
I see windows admins clicking.EXE and.MSI files of popular programs distributed from sourceforge all the time and ask..
"Hey, did you verify the MD5 checksum or PGP signature on that before you ran the program or ran the build/install script as root?"
I can guarantee to you , that 95% or more of the time, the answer is along the lines of "Huh? The MD5 what?? What GPG signature?"........ "Oh.. sounds like a pain... / I forgot / I don't have time for that"
Now one can only imagine where casual users would be....
that was pending in federal court in the Eastern District of Texas.'"
Enough is enough, with their cochamany legal antics and patent trolls.
I want to add a clause to the GPL forbidding use of software in the State of Texas, until they clear this up,
and boycott the state -- with all software products, so Texas will not benefit from the software or technology
until they clean up their act, and stop allowing 21st-century robbers to loot the treasuries of successful technlogy firms.
Who's with me???
Maybe that's why? You didn't run into show-stopping bugs related to package signing like this one, and therefore encounter the recommended workarounds.
Micah Cowan 2009-04-21 16:20:01 EDT
Any hints for workarounds? Right now we (VMware) are recommending people
disable signature checks.
But, the packages are signed with the distro's key anyway, which is essentially impossible to fake.
Not that it matters... people usually just disable GPG checking or force install, when the signature check fails.
Or they don't bother to check the "signature that's essentially 'impossible' to fake" before installing the tarball, anyways.
We should be more concerned about PLANES finding the exact locations of BUILDINGS on the ground.
2001 was not about things crashing into planes, it was about PLANES divebombing things on the ground.
A feat that is facilitated by Printed road maps, Google maps and Google earth more than THIS.
I think this is all a red herring for the real reason government doesn't want this app to exist.
It gives the people too much power; from the ground, they can actually know what aircraft are above them,
where they are going, etc.
This is about wanting to keep as much information away from the public as possible.
Last I checked, the realistic situation wasn't Terrorists getting a hold of surface to air missiles.
Or terrorists crashing into other airplanes.
Terrorists have had no problems wreaking havoc if they ever get control of a plane... specific buildings on the ground are much easier, more dangerous, stationary targets.
If they wanted to target other planes, they could usually just use the on-board radar or transponder signals of other planes to get precise info.
Instead... this is a chance for some bureaucrats who are really doing nothing to try to justify their existence, by complaining about other people's technology.
If they were actually doing their job, it would be no concern that anyone could know the position and probable course of any other plane with this tracking system.
Because terrorists are effectively denied the ability to fly or to gain control of aircraft.
If terrorists managed to obtain s-to-air missiles, they don't need a frickin' iPhone app to tell them the position and heading of a plane.
Two other technologies they can use: Radar, or home-brewed electronics that can do the same thing the iPhone app can, but more precisely,
and actually wired up to their targetting system.
The iPhone is like a black box... it is unlikely they can wire that up into their targetting system without some serious expertise and hacking work
If a bloody simple iPhone app is able to tap into the tracking system, then it reasons (just as easily) terrorists can tap into the tracking system,
and without the aid of the iPhone app... terrorists who can afford surface-to-air missiles and the expertise required to operate them,
can doubtlessly find the expertise needed to ID and track targets.
The reundandcy did its job.. There are 13 root servers, and the Army research lab only runs one of them.
Individual root servers themselves were never expected to be redundant, that wasn't the design of the domain name system.
Lets set aside for now the fact that the other root server operators are running additional root servers for profit.
As in selling corporations the ability to have their very own local anycasted root server mirror.
And likely making a ton of cash selling lookup data about queries made to root servers.
What? You thought the root server operators were altruistic, and 'redundancy' was present in these systems, to improve reliability of the Internet,
with no profit to the operators?
If it is too slow, and people can see it coming, lobbyists will have the laws changed to prevent technology from reigning in on their parade.
And by the way, the clock starts now or yesterday, because congress critters and lobbyists by now are becoming more aware of the risks
technology may pose to their fiefdom.
For example, by requiring DRM, licensing restrictions on digital versions of legislation and congressional records, or just limiting plain material availability
of the text of laws themselves.
I'm sure there are a lot of reps who would support laws preventing their votes and actions from being disseminated electronically in a database
and info retrieval systems, to reduce constituent scrutiny.
Yes.... and until there's a cheap hosting provider that offers WebDAV, Bitbucket is a good option.
However, if you're an enterprise, such as a bank, you might be concerned about the risk of your code repository site getting hacked....
in that regard, Open Source projects are more amenable to services like this... at least until DVCS clients support host-proof encryption of files on the server.
OTOH they can offer web-based tools that make it easy to visualize changes and other things that would be a pain to setup.
Every minute you or people in your organization are dicking around with the DVCS and scripts on your PC that you're trying to use as an ad-hoc web server for code hosting, is a minute that you are not coding.
There's some value to having a code repository provider do all the heavy lifting.... just make sure you keep backups of your own.
This is almost as good as an it could be worse plan.
Instead of doing research about your customer base and if they're willing to pay... announce you're going to pay model, announce you are going to shutdown.. let your users beg to pay for a service they used to get for free.
You have framed the conversation. And all "complaints" about going to a pay service are now de-legitimized.
Youtube, Twitter, Facebook could learn from them.... not making money? Striving to find a business model? Want to go premium, don't announce that there will now be a fee.... announce you're shutting down, because your business is so unprofitable.
Let your customers beg to save you by promising to buy some sort of premium service from you.
I'm not saying Xmarks planned it that way or anything, it just (abstractly) seems like the perfect strategy to move towards premium while p***'ing off as few people as possible.
I imagine things would have been totally different if their first announcement was everyone with more than say 100 bookmarks would have to start paying for sync.
gets a huge grant from the government in exchange for the company enlisting and sending half their employees over to be cannon fodder.
This sounds like a scheme Dogbert would come up with.
This does solve the little pesky problem about what to do with the unpaid intern who just finished their internship or people you were planning to lay off anyways... now they won't be able to go off and join a competitor, and you can re-staff with no guilt of putting people on the street, and profit at the same time, brilliant!
There's probably a simple solution to this then.. don't market it to children, market it to their parents, and don't denote it as intended for children under age 12....
That would just rapidly accelerate the long-term secular trend of tunnelling of all internet traffic over HTTP and HTTPS, whether web-related or not.
CALEA is only about wire tapping communications when an order has already been issued, and applies only to telecommunications carriers, and the only time IP traffic is required to be able to be inspected by the SP is when a carrier offers telecommunication services over IP (as in VoIP), so um, no. Try again.
When they say "Engineered to comply with CALEA", that is a marketing refrain for more $$$ in the vendor's pocket for not doing much at all.
If they start NAT'ing massively, the scarcity could evaporate. Much of the IP space is consumed by these ISPs.
Also, since they are now NAT'ing, this would mean they are no longer using additional IPs and would no longer be able to justify their existing allocations, and this could eventually mean that they would be required to return IP addresses to the registry, or they would flood the 'transfer market' for the financial incentive of receiving the small amounts of $$ transfer considerations.
Perhaps they'll start sending letters CC'd to everyone who was using the IP at the same time, since when the court or anti-pirate org sends in the subpoena or discovery order, the ISP will reply with a long list of users.
Then the RIAA e-mails will start getting labelled as spam, perhaps, since they are obviously bulk, unsolicited, and meaningless, in that case??
Well, brute force no longer works... less-effective search methods would have to be used, like predictive IP address guessing... DNS harvesting, based on google searches for well-known V6 addresses, or by having 'malware web servers' that bait search engines with SEO and capture IPv6 IPs of all clients that visit.
And creative assumptions, such as assuming auto-config, predicting the 'gateway' might have a common address such as "1" and subnet numbers might be something common like numbers in a standard VLAN number or street number range, and guessing well-known MAC addresses or probable MAC addresses, possibly requiring either at least one host compromised on the L2 subnet or some insider knowledge.
but the web server would spawn a process on a higher numbered, unprivileged process for the actual traffic transfer.
No. All traffic is exchanged over the HTTP connection initiated by the client, the server's source port for HTTP traffic is always port 80, or the port the client connected to.
What happens, is (in the case of Apache); the web server initially starts up as root and binds port 80, then "changes user ID" to apache, after the port is already bound, to start its child processes.
Since the superserver is already bound to port 80, it no longer requires root privileges to accept further connections on that port... root permissions are only required to initially open the socket (which was done before it dropped privileges). As each HTTP client connects, the superserver can pass the descriptor to the corresponding child process(es), which will take over the connection, completely transparent to the remote client (port numbers do not change, additional remote connections are not established).
If I were to be NATed, I would not want to pay more than 5 dollars a month for such a crippled connection, regardless of bandwidth. So you will automatically have to sell the service to ten subscribers like me instead of just one to make the same revenue.
But 99% of the people might not notice. They could give 99% of their customers NAT'ed service, and when someone calls and complains, apologize, and offer them a unique public ip for $5 extra per month, or if they upgrade to a "business class line" that permits them to have a dedicated static, addressable IP.
They won't like NAT, because P2P is still possible (even though it's hard), especially once NAT traversal extensions get implemented by the ISP, such as the ability to 'open listening ports'
But tracking down the uploaders in order to send them letters or ID them is almost impossible, since there may be 100 people sharing their IP.
Instead, the RIAA will have to keep track of both an IP and a port number for NAT'ed users.
But NAT' users can go through ports fast. Port numbers are easily re-used by innocent users, AND unless the ISP has extremely detailed logs, and the RIAA and ISP can both timestamp everything with very high precision, it will be (basically) impossible to track uploaders.
If the RIAA wants to continue their model of "send threatening notices" or "sue filesharers", then it will be absolutely essential that the internet heads for IPv6 adoption, instead of massive NAT.
Strangely... the RIAA should be pushing IPv6 hard
Alternative addressing such as IPv6 is still the answer, however. We really need to think of the environment and try to minimize our IPv4 footprint. Start using IPv6... the internet depends on it.
The fact of the matter is IPv4 addresses aren't allocatable cleanly. Every time V4 addresses begin to get announced, we get expansion of the DFZ, causing global routing table sprawl.
At this rate of increase of the number of global routing table entries, we are quickly looming towards a point, when eventually, we won't be able to forward any packets at hardware forwarding rates.
Within 10 years, the Tier 1 routers will start to melt, washing away entire web sites due to the tremendous packet loss rates.
At that point, we could very well be heading towards an internet ice age.
Punish the whole of Texas because you dislike something happening in east Texas?
The point is not to punish Texas really, there is some collateral damage (which could also provide some pressure for residents there to reform or address the issue with the court), but the point is to avoid personal jurisdiction within the district court located in the state of Texas.
A consequence of not distributing to or conducting business with anyone in the state of Texas, is the court lacks jurisdiction, therefore, making it possible to deny the patent trolls the ability to bring their case to that court.
The GPL doesn't allow that.
The GPL has a clause that specifically does allow geographic restrictions to be added, if distribution and/or use of the program is restricted by patents or copyright interfaces.
This is not a problem. Invariably, something in the program will be patented in the US, protected by an "invalid" patent on obvious methods.
doesn't represent the actual behavior of most admins, even those using that distro.
I think we're talking about totally different things.
You seem to be referring to what you see sysadmins do.... i'm thinking what users and web developers do; especially users who don't come from a sysadmin background and have little understanding of 'package signing'.
A lot of admins check signatures only in the case where this is done automatically, and sometimes bypass the checks if they get in the way.
I see windows admins clicking .EXE and .MSI files of popular programs distributed from sourceforge all the time and ask..
"Hey, did you verify the MD5 checksum or PGP signature on that before you ran the program or ran the build/install script as root?"
I can guarantee to you , that 95% or more of the time, the answer is along the lines of "Huh? The MD5 what?? What GPG signature?" .... .... "Oh.. sounds like a pain... / I forgot / I don't have time for that"
Now one can only imagine where casual users would be....
that was pending in federal court in the Eastern District of Texas.'"
Enough is enough, with their cochamany legal antics and patent trolls.
I want to add a clause to the GPL forbidding use of software in the State of Texas, until they clear this up, and boycott the state -- with all software products, so Texas will not benefit from the software or technology until they clean up their act, and stop allowing 21st-century robbers to loot the treasuries of successful technlogy firms. Who's with me???
This is like suggesting the Intel floating point bug after the 13th decimal is a good reason to stay away from floating point math.
(mostly Ubuntu and Debian),
Maybe that's why? You didn't run into show-stopping bugs related to package signing like this one, and therefore encounter the recommended workarounds.
Since 99.9% of the Win32/Blaster infections still in the wild are Windows XP based computers.
This doesn't say anything good about those 2/3 of those systems who are still running XP
Probably the reason that to contact a peer to request or offer file blocks from/to them, you need to know their address?
But, the packages are signed with the distro's key anyway, which is essentially impossible to fake.
Not that it matters... people usually just disable GPG checking or force install, when the signature check fails. Or they don't bother to check the "signature that's essentially 'impossible' to fake" before installing the tarball, anyways.
We should be more concerned about PLANES finding the exact locations of BUILDINGS on the ground. 2001 was not about things crashing into planes, it was about PLANES divebombing things on the ground. A feat that is facilitated by Printed road maps, Google maps and Google earth more than THIS.
I think this is all a red herring for the real reason government doesn't want this app to exist. It gives the people too much power; from the ground, they can actually know what aircraft are above them, where they are going, etc. This is about wanting to keep as much information away from the public as possible.
Last I checked, the realistic situation wasn't Terrorists getting a hold of surface to air missiles. Or terrorists crashing into other airplanes. Terrorists have had no problems wreaking havoc if they ever get control of a plane... specific buildings on the ground are much easier, more dangerous, stationary targets.
If they wanted to target other planes, they could usually just use the on-board radar or transponder signals of other planes to get precise info. Instead... this is a chance for some bureaucrats who are really doing nothing to try to justify their existence, by complaining about other people's technology. If they were actually doing their job, it would be no concern that anyone could know the position and probable course of any other plane with this tracking system. Because terrorists are effectively denied the ability to fly or to gain control of aircraft.
If terrorists managed to obtain s-to-air missiles, they don't need a frickin' iPhone app to tell them the position and heading of a plane. Two other technologies they can use: Radar, or home-brewed electronics that can do the same thing the iPhone app can, but more precisely, and actually wired up to their targetting system.
The iPhone is like a black box... it is unlikely they can wire that up into their targetting system without some serious expertise and hacking work
If a bloody simple iPhone app is able to tap into the tracking system, then it reasons (just as easily) terrorists can tap into the tracking system, and without the aid of the iPhone app... terrorists who can afford surface-to-air missiles and the expertise required to operate them, can doubtlessly find the expertise needed to ID and track targets.
The reundandcy did its job.. There are 13 root servers, and the Army research lab only runs one of them. Individual root servers themselves were never expected to be redundant, that wasn't the design of the domain name system.
Lets set aside for now the fact that the other root server operators are running additional root servers for profit. As in selling corporations the ability to have their very own local anycasted root server mirror.
And likely making a ton of cash selling lookup data about queries made to root servers.
What? You thought the root server operators were altruistic, and 'redundancy' was present in these systems, to improve reliability of the Internet, with no profit to the operators?
hahaha....
If it is too slow, and people can see it coming, lobbyists will have the laws changed to prevent technology from reigning in on their parade. And by the way, the clock starts now or yesterday, because congress critters and lobbyists by now are becoming more aware of the risks technology may pose to their fiefdom.
For example, by requiring DRM, licensing restrictions on digital versions of legislation and congressional records, or just limiting plain material availability of the text of laws themselves.
I'm sure there are a lot of reps who would support laws preventing their votes and actions from being disseminated electronically in a database and info retrieval systems, to reduce constituent scrutiny.
Yes.... and until there's a cheap hosting provider that offers WebDAV, Bitbucket is a good option. However, if you're an enterprise, such as a bank, you might be concerned about the risk of your code repository site getting hacked.... in that regard, Open Source projects are more amenable to services like this... at least until DVCS clients support host-proof encryption of files on the server.
OTOH they can offer web-based tools that make it easy to visualize changes and other things that would be a pain to setup.
Every minute you or people in your organization are dicking around with the DVCS and scripts on your PC that you're trying to use as an ad-hoc web server for code hosting, is a minute that you are not coding.
There's some value to having a code repository provider do all the heavy lifting.... just make sure you keep backups of your own.
This is almost as good as an it could be worse plan. Instead of doing research about your customer base and if they're willing to pay... announce you're going to pay model, announce you are going to shutdown.. let your users beg to pay for a service they used to get for free.
You have framed the conversation. And all "complaints" about going to a pay service are now de-legitimized.
Youtube, Twitter, Facebook could learn from them.... not making money? Striving to find a business model? Want to go premium, don't announce that there will now be a fee.... announce you're shutting down, because your business is so unprofitable. Let your customers beg to save you by promising to buy some sort of premium service from you.
I'm not saying Xmarks planned it that way or anything, it just (abstractly) seems like the perfect strategy to move towards premium while p***'ing off as few people as possible. I imagine things would have been totally different if their first announcement was everyone with more than say 100 bookmarks would have to start paying for sync.
gets a huge grant from the government in exchange for the company enlisting and sending half their employees over to be cannon fodder.
This sounds like a scheme Dogbert would come up with.
This does solve the little pesky problem about what to do with the unpaid intern who just finished their internship or people you were planning to lay off anyways... now they won't be able to go off and join a competitor, and you can re-staff with no guilt of putting people on the street, and profit at the same time, brilliant!
There's probably a simple solution to this then.. don't market it to children, market it to their parents, and don't denote it as intended for children under age 12....