I doubt Ricochet got their frequencies for free. What band are they using? Given my knowledge of the 900 MHz band, there are only a few places where one can just "set up" such a system, and I don't think there's room for dozens of channels. Given these things can talk a mile, their base stations and the service as a whole are likely licensed (although a quick FCC database search does not find them). Someone buying up Ricochet's frequency license and finding all these existing users there likely would be pissed.
Being (been?) field tested in Great Britain
on
The Sound of Safety?
·
· Score: 1
Pardon me for not having a link, but supposively there are field trials going on in Great Britain where emergency vehicles are equipped with sirens that alternate between making their siren noise and emitting white noise to provide a location pinpoint. Since many people can't locate a siren when they first hear it and hence move out of the way, they hope sirens equipped like these will reduce response time.
I saw this on television though, so this trial may be long over.
Forget the "dependant" and "legacy" jargon; I think I know what they're supposed to mean here, but they are confusing terms. All we are doing is asking one web server to fetch an XML page from another containing a user's information according to a set schema. Essentialy, the proposal is just fetching the XML equivalent of the "V-Card" many email programs generate with someone's phone, address, etc., and told to watch that document for any updates.
The article explicitly says that the XML document accessed does not contain passwords. This is not.NET by any means; just a way to fill out registration forms quicker, and possibly giving a firm more information than they would have asked for otherwise.
Marketers likely will send programs scouring for these files, or ask certain sites to sell them lists of where these files are. Your personal "public" record will be used to deliver a lot more than you ever intended.
Now IANAL, but keep in mind that all sorts of GPL'ed software is compiled on a regular basis on MS Visual C, Borland C, etc., compilers. Makefiles are often adapted to support them. That being said, compiling GPL'ed software on a proprietary platform in many cases is allowable. Keep in mind the GPL is a *redistribution* license (to another party); not a limitation of rights already given under copyright when you receive a copy.
Unless Microsoft puts a clause in saying that software designed and/or compiled on an MS.NET system must be run on a Microsoft platform or at least under a non-GNU system, there is no reason one can not do so. Proprietary modules are loaded into Linux kernels all the time. But don't laugh; Internet Explorer has langauge requiring Windows versions to be run under MS Windows, and I seem to recall MS Visual Studio having a clause stating it was only to be used to develop MS Windows applications.
They also do the same with your regular tickets; the magnetic stripe on the back has a start time, the teller knows the end time. You just *really* have to speed to the point they can't ignore it before they ticket you over it. Word from a guest lectuer I had from the NJDOT was that this was one of the selling points they were making about their system prior to its purchase.
Just wait until EZ-Pass sensors are placed over many roads; I heard this might happen in order to monitor traffic congestion. Presently, they use radar (I believe) for this purpose.
You *can* do this with many motherboards
on
nVidia nForce
·
· Score: 4
Check your BIOS: If you have a setting called "Memory Interleave" or something like that, you likely can do this with your motherboard today. The motherboard I have that does this (an EPOX EP-MVP3G) has three settings: None, Two Bank, and Four Bank. Benchmarks suggest a major improvement with a K6-2/450 when Two Bank is selected, although I don't have enough slots to try Four Bank out (it just reverts to two, or so it seems).
And dareth I mention it, many Macintoshes have been able to do this for quite some time now. Just add extra RAM to a Mac, make sure all the SIMMs are identical, and you will suddenly have a nice performance boost for more than one reason.
"I hope it is becoming clear to everyone reading this, that we can not have a stable Internet economy while 13 year-old children are free to deny arbitrary Internet services with impunity."
While this is true, anyone who goes online should not set their system up like a 13 year old might either.
In other words: Don't leave your door open if you do not wish to be victimized. Unfortunately, the local cable company turns on MS file sharing for "support purposes" on all new installs, so one can see how easy it was for this person to gain control of so many systems.
Granted, the US Patent and Trademark office is presently quite searchable, and these searches are for free. But if they could not be available for no cost, the model they should follow is that of the United States' Federal Court's Public Access to Court Records (PACER) system. Note this is an explicit congestion notification impaired link, so shut TCP ECN off if you wish to go there.
The PACER system charges for searches and retreival of court documents. The rate is presently seven cents per "page" (about 50 lines of monospaced text, more or less), or sixty cents per minute if you dial an 800 number with a modem. Most Federal Courts are online and searchable.
Given the large amount of work that goes into putting huge amounts of data online like patents and court records, a minor fee likely is approriate for accessing these records. As long as it isn't prohibitive to the common person, paying on the order of micropayments for access to data is not such a bad idea.
But I only would pay slightly more than the equivalent of what they would make if I was a user of their site who did see them. Anything above $10 to access a site without ads for a year is too much for me.
On a slightly off-topic note, one major problem with online pay-access systems is that they are single points of failure. All the databases (UMI, ProQuest, etc.) that libraries only a few years ago had CD-ROMs of are now purchased as web services. Granted, this allows them to be constantly updated, but only to those with constant subscriptions. Should an online only service go out of business, and their purchaser decide not to salvage their data, even its ex-subscribers would lose a signficiant amount of data.
Read what I wrote. I said "well on its way." I did not say "definitely will become." Just because I did not explicitly say "but may not reach that point" doesn't mean it that isn't implied.
RFCs tended to be well documented protocols and procedures that tend to head towards standards or at least widely used methods. Most protocols never even reach this point. If a person or group writes an RFC, they believe they have something worthy of a larger audience.
And yes, I am aware of the multitude of humorous standards in there (IMPS, RFC 2795, comes instantly to mind, RFC 1097 or "subliminal telnet messaging" being an earlier one).
Still, my point in that post was that many RFCs are widely used as if they were standards even though they are not stands. Internet Relay Chat is RFC's 1459, 2810, 2811, 2812, and 2813, all marked "Experimental" or "Informational". Their headers do state they are not information standards, but this has not stopped over 10 IRC networks, dozens of client programs and tens of thousands of users from using them. Likewise, RFC 1413, a.k.a. the ident protocol, has been a proposed standard for seven years, yet is included in every UNIX-based operating system. Your secure shell products (SSH) use a protocol that has a working group, but they have not even reached the RFC point in the process!
Just because someone says something is not a standard does not mean it is not widely adopted.
Personally, I want to implement RFC 2324, better known as the Hyper Text Coffee Pot Control Protocol:)
The reason countries such as Argentina and India love free software is because it's cheap. Compared to many western countries, items in general are cheap. In many countries, one can either pay $500 for a copy of MS Office or hire someone at a decent salary for a year.
I knew someone from India who made more as an intern in the US than his father did as an Engineer in his native country. His father could take his family eating out every night if desired, yet his son lived in a [legitamite] shared home with eight others, barely making it along.
On one hand, you have companies that love foreign countries such as China for their labor. Remember the stories about a certain famous shoe manufactuer that makes their shoes abroad for $20 but sells them in the United States for $150? Companies love those types of deals. But other companies then try to sell their products in the local markets at US rates. For some reason, people making the equivalent of US $20 per month are not happy paying $500 for a computer, $500 for each program needed, etc. You've got to wonder why there are problems...
Unfortunately, power is not the only thing that rides on a power cord. Keep in mind that you have components operating anywhere between 100 MHz and 1 GHz inside of a computer. Given FM radio is from about 85-108 MHz, UHF TV around 500 MHz, your 900 MHz cordless phones, etc., one sees that all you need to get a computer to cause interference is an antenna that takes said signal outside of the shielding metal case. What better way is there to get a signal out of a computer than a power cable? After all, 50/60 Hz cables were never designed to keep 100 MHz+ signals contained.
Granted, you can fight this noise by using shielded cables, bypass capacitors, etc., but adding components comes at a cost. Do you really want the extra cost of shielding power cables/connectors & RFI that made it into the power supply?
This reminds me of story (I don't know if it's true or not). First, they build your US $100+ priced power supply, and call it Class A. Then they take out a few components (a few dollars worth), see if it works, and call it Class B (aroud $30-50). Then they take out a few more, and call it Class C ($15) if it still operates. Most computers have Class C supplies. No wonder bad or unstable power supplies are the cause of so many failures.
ECN is *NOT* a standard, nor even standards track.
The fact ECN is written up as a request for comments document (RFC) means it *is* well on its way to becoming an Internet standard. Even the process itself of becoming an Internet standard is written up as an RFC. Look at the main web page at www.ietf.org and click on the link marked "The Internet Standards Process." Look at what is there! RFC 2026!
Many protocols in modern use never became an Internet "standard"; these include things like Mobile IP and 802.11 wireless Ethernet. Your idenfication protocol used by almost any IRC server is RFC's 1431 and 0931; they never became a standard. The number of Internet standards actually issued number less than 70. The IETF itself doesn't link to them much anymore since there is an normally an RFC representing the final form of each one.
[The] systems that you have 'problems' with are systems that support ECN, not systems that don't support ECN
Sorry! Thanks for playing. If the client says it supports ECN by flagging that fact with the bits once reserved for future use, it will not run into problems if the other side says it does not. The routers, firewalls, load balancers and/or servers on the other that do not know simply to leave those bits alone and continue normally can be faulted. The TCP protocol said those bits might be used later, but many programmers did not heed that warning. Instead, they drop packets using the once reserved bits, send TCP or ICMP reset messages, etc.
So in a way, it is the client's fault for supporing a newer extension of TCP/IP that the older one. The extension works fine -- as long as the other end still tries to establish a connection reguardless of ECN support!
The reason you have trouble with these sites is because you have a client which respects the ECN bit, and there are thousands/millions of other clients which don't, which has the effect of you never reaching the site, since you always back off in deference to those clients which don't.
Major sites must be busy to the point their links are congested, aren't they? I hope not. Read the article; the problem is routers, firewalls, and other devices seeing the bits marked "for furture use" being used, and considering packets invalid. Again, the fact that an ECN host tries contacting a host that does not support ECN is irrelevant; as long as the packets get through, the ECN-aware end will realize the other end does not, and revert to normal congestion behavior.
If no device on the other end spoke ECN, you wouldn't have this problem, as it wouldn't have any way to know to treat an ECN aware client differently than one that wasn't.
The ECN aware client is in charge, at least in the failure cases cited by the article. In most failure cases (at least those I have seen), it is the *client* requesting that the connection use ECN in the first place (although servers are welcome to as well). If after the initial handshake it discovers the remote host does not know ECN, it uses the old-style of TCP throttling behavior in response to bad packets. The ECN extension was designed to allow backwards compatibility with older clients; the people who designed it were not that foolish.
Get an education before you start posting pretending you know what you're talking about.
Is the fact I have a bachelors degree in Electrical and Computer Engineering (with honors), 99% of the work for a masters degree in the same, and the fact I was accepted to one of the top doctoral schools in the country enough education? I have spent many many years studying network protocol theory, and several years administering servers. I even wrote my own IRC client at ones point in time based off the RFC documents on it, and that protocol is hardly "experimental" anymore...
Let me just say that it is the systems that do *not* handle ECN that are at fault, not the systems that *do* support it. Read the RFC specification here here, or from your nearest RFC mirror (#2481). Note how bits marked as "presently unused" and "reserved for future use" are used for explicit congestion notification.
Any protocol implementation with a bit of sanity would know to leave reserved bits it did not how handle unchanged. Unfortunately, many systems do not do this. Some firewalls see reserved bits being used as a threat, and reset connections. Other systems have no clue how to react if a reserved bit is not the default value.
A partial list of sites I know have trouble with ECN enabled (thank goodness they are the minority of web sites out there) is below. But this is like the Y2K bug; it never really should have existed.
Sites with known ECN problems (that I've seen, anyway)
www.zdnet.com
www.theregister.co.uk
www.returnbuy.com
www.uscourts.gov (the entire tree, more or less)
www.burstnet.net (at least I don't see their ads!)
www.time.com
www.latimes.com
www.e3expo.com
(These are only sites I visit rarely, thank goodness; I typically surf another 20+ websites daily without incident)
Why France has not had a major nuclear accident
on
Fission in a Box
·
· Score: 2
A previous poster noted that France has not had a nuclear problem. The reason behind this is quite simple: standardization.
Several decades ago, France was searching for power sources. Lacking local natural resources needed to power conventional plants, they considered nuclear power to be their best bet.
Unlike most of the rest of the world, France realized that safety came from using standarized equipment. They came up with an initial reactor design, and stayed with it. Everyone working on nuclear plants in France is trained on the same equipment; countless engineers could easily transfer from one plant to another without missing a beat.
This is not the case in many other countries. Most of the world's reactors outside of France all have their own custom designs, largely in part to utilize later discoveries. Should someone design a home reactor, the fact that it is a well analyzed design should bring some comfort (hopefully with interlocks!). Nuclear technology has gotten a lot safer; but the early accidents have scared the public away, possibly forever.
The way to create the best application possible is to take a langauge you know well, and use it. Period. Suddenly going and studying "Language X" because you think it might be best for a client while doing work for said client likely will create a lot of headaches and long hours for everyone involved. If you find out in the end that it wasn't the langauge you should have used for the project, you're screwed.
Optimize the code you know how to optimize, and use (properly coded) external tools to handle requests you can't handle well on your own. Breaking up large programs into a series of smaller ones is acceptable; look at KDE.
One tool that I am surprised does not get more publicity is FastCGI. It is the only langauge and web server independant (more or less) way I have found to speed up CGI scripts. Perl scripts coded for mod_perl more or less port easily to FastCGI, with most of the performance boost. And here's the real kicker; unlike mod_perl or PHP, which take up huge chunks of memory, mod_fastcgi for Apache does not. A small handler simply hands off control to one or more copies of your program running on the side, possibly even on another server!
I've used FastCGI extensively on systems that otherwise could not serve the load they had to handle. While it is not used as much as mod_perl or PHP (it no longer is in the core Apache distribution because it evolved too rapidly), I strongly encourage people to consider it a choice.
This debate was handled very well; I encourage everyone to actually listen to it or read the transcript. The panelists realize that we are living in the middle of a transition from one type of society to another.
Concepts from artist's rights to software piracy to how the Internet should be run in the future are covered in this discussion in a very civil manner, with intelligent responses all-around. It makes for very intresting reading.
Many highways you travel on have cameras that go back to the Department of Transportation, where TV stations, etc., get their live feeds for their news shows. In fact, states like New Jersey are starting to put these camera online. I believe Atlanta and a few other cities have extensive survailence networks; one tiny piece of New York City has so many public and private cameras it isn't funny.
Now IANAL, but I belive the laws in the United States at the moment do *not* cover video survailance. Prosecutions of people spying on other people are normally because someone performed *audio* survailence (i.e., left the microphone running on the camera). There was a case where landlord put a camcorder in a couple's bedroom behind a two-way mirror. The landlord would have actually been within his rights to put a camera there except for the fact he left the microphone attached.
Remember one of your favorite companies that got shareware authors to release their software for free in exchange for including an ad client that watched where you went on the Internet? They also got sued. Their settlement? You can purchase a discounted version of Go!Zilla Plus through them, which I believe is actually the registered version one of their products.
If you believe you once used a product with the Auriate/Radiate ad client, and believe you might be entitled to the aforementioned discounted version of Go!Zilla, the page to determine this is titled "Class Action", and may be found off of Radiate's privacy disclosure. They used to be called Auriate until a series of negatively slanted stories came out about them (or, so several articles have led me to believe).
Note I did not this link to this page directly because they redirect you to their privacy policy page first anyway. Please don't take advantage of their offer unless you really *really* installed a product that used their ad client; I don't feel like being sued for posting this.
There is an old story about a Novell server being locked in a closet, forgotten about, and rediscovered three years later still operational. However, I never found out where this happened. Given the uptimes on the Novell servers on my university's campus (well over six months is possible), one would have to consider this possible.
If only (*cough*) certain other operating systems that are constantly feuded over (*cough*) could have that reliablity. Granted, our Linux servers have had 90+ day uptimes, and our FreeBSD ones as well, but someone keeps finding bugs in their kernels (not that it doesn't happen to Novell on rare occasion)...
If you look in the/sbin directory of a system with PAM's pwdb module installed, you'll find a set-uid helper called "pwdb_chkpwd" that is actually used to access the shadow file. The idea is that only simple applications with known code should do password checking. I believe KDE takes a similar approach towards applications that need to do something as root (calling little helper applications to do the tasks needed). And no, you typically can not run this application by hand (it will syslog a complaint if you do).
Note I am not a PAM programmer, so read the documentation to figure out how to use this.
In one of my classes, the class was divided up into groups. Each group is reponsible for taking a week's worth of notes and writing them up in a manner similar to a chapter of a book. The professor teaching the class intends to edit the submissions and string them together into a textbook. This textbook will be submitted to publishers for possible publication.
Now, no formal contract was signed between the professor and the students. As far as I know, no student will receive proceeds from the book, although the professor will. He does intend to credit all the original writers on a credits page.
Given that the work was done for a course that students *paid* to attend, is he allowed to simply take our work and walk away with it? There is no rights assignment policy at our University that I am aware of.
Given that it is now publicly known that the the response needed to get on the network is an MD5 sum, the next move likely would be to calculate the MD5 sum plus a "secret" unknownst to the free AOL client developers but known to them. This secret could be a piece of any file related to the main AIM distribution, an advertisement that your client recently downloaded, some piece of the program found in memory while running in a certain state, etc. Just have that secret added before, after, or somewhere in the middle of the string the MD5 sum is being calculated from, and you'll have major headaches working around that.
Sure you could query a system which ran the actual client and note the results, but then they would "taint" the RAM used so no two instant messangers looked the same. The calculation time needed to brute force a shared secret is enormous; the legal risks tapering with their EULA to reverse engineer it high. And given that AOL likely only gives one or two chances for the challenge/response sequence to proceed, this roadblock may keep alternative clients from using OSCAR for a long time.
MD5 sums with secrets is nothing new; look at your local/etc/shadow file (if you can). MD5-based password hashes (typically starting with "$1") support the concept of a "machine secret," although this typically is not used. All in all I've got to hand it to AOL; this is a brilliant move on their part, and one that makes it much harder to use their full-service protocol against their wishes on their network.
One could write a client that referenced AOL's in order to get online, but I would hate to see the legal mess they would get into.
This has been argued actually; note there is only 33 feet difference between the two. Those measurements, if memory serves me right, do not include the antenna tower on top of Sears Tower, yet include the pinnacle* of Petronas. The logic here by the official raters is that the antenna tower can be easily removed, while the pinnacle is a permanent feature of the Petronas towers. Granted, I do not quite see the logic here; if you have a better explaination, please chime in.
If you include both the pinnacle and the antenna tower, Sears Tower beats Pentronas by a foot or so, and the same holds true if neither the antenna tower or pinnacle is counted. Note I am recalling all this from memory, so I might have something incorrect.
Still, the link you provide is intresting. Looks like something (two somethings, actually) may shortly beat Petronas.
* A pinnacle is a fancy top piece for a building, typically with a large point on top of it. The concept dates back to at least Medival times.
Slashdot Mirror
I doubt Ricochet got their frequencies for free. What band are they using? Given my knowledge of the 900 MHz band, there are only a few places where one can just "set up" such a system, and I don't think there's room for dozens of channels. Given these things can talk a mile, their base stations and the service as a whole are likely licensed (although a quick FCC database search does not find them). Someone buying up Ricochet's frequency license and finding all these existing users there likely would be pissed.
Pardon me for not having a link, but supposively there are field trials going on in Great Britain where emergency vehicles are equipped with sirens that alternate between making their siren noise and emitting white noise to provide a location pinpoint. Since many people can't locate a siren when they first hear it and hence move out of the way, they hope sirens equipped like these will reduce response time.
I saw this on television though, so this trial may be long over.
Forget the "dependant" and "legacy" jargon; I think I know what they're supposed to mean here, but they are confusing terms. All we are doing is asking one web server to fetch an XML page from another containing a user's information according to a set schema. Essentialy, the proposal is just fetching the XML equivalent of the "V-Card" many email programs generate with someone's phone, address, etc., and told to watch that document for any updates.
The article explicitly says that the XML document accessed does not contain passwords. This is not .NET by any means; just a way to fill out registration forms quicker, and possibly giving a firm more information than they would have asked for otherwise.
Marketers likely will send programs scouring for these files, or ask certain sites to sell them lists of where these files are. Your personal "public" record will be used to deliver a lot more than you ever intended.
Now IANAL, but keep in mind that all sorts of GPL'ed software is compiled on a regular basis on MS Visual C, Borland C, etc., compilers. Makefiles are often adapted to support them. That being said, compiling GPL'ed software on a proprietary platform in many cases is allowable. Keep in mind the GPL is a *redistribution* license (to another party); not a limitation of rights already given under copyright when you receive a copy.
Unless Microsoft puts a clause in saying that software designed and/or compiled on an MS .NET system must be run on a Microsoft platform or at least under a non-GNU system, there is no reason one can not do so. Proprietary modules are loaded into Linux kernels all the time. But don't laugh; Internet Explorer has langauge requiring Windows versions to be run under MS Windows, and I seem to recall MS Visual Studio having a clause stating it was only to be used to develop MS Windows applications.
Remember when Samba nearly nearly ran into this problem? It has happened before, and will happen again.
Expect to see more things like this when the Hauge Convention requires all paricipating countries to uphold laws like this worldwide.
Just wait until EZ-Pass sensors are placed over many roads; I heard this might happen in order to monitor traffic congestion. Presently, they use radar (I believe) for this purpose.
Check your BIOS: If you have a setting called "Memory Interleave" or something like that, you likely can do this with your motherboard today. The motherboard I have that does this (an EPOX EP-MVP3G) has three settings: None, Two Bank, and Four Bank. Benchmarks suggest a major improvement with a K6-2/450 when Two Bank is selected, although I don't have enough slots to try Four Bank out (it just reverts to two, or so it seems).
And dareth I mention it, many Macintoshes have been able to do this for quite some time now. Just add extra RAM to a Mac, make sure all the SIMMs are identical, and you will suddenly have a nice performance boost for more than one reason.
Quoting today's popular quote:
"I hope it is becoming clear to everyone reading this, that we can not have a stable Internet economy while 13 year-old children are free to deny arbitrary Internet services with impunity."
While this is true, anyone who goes online should not set their system up like a 13 year old might either.
In other words: Don't leave your door open if you do not wish to be victimized. Unfortunately, the local cable company turns on MS file sharing for "support purposes" on all new installs, so one can see how easy it was for this person to gain control of so many systems.
Granted, the US Patent and Trademark office is presently quite searchable, and these searches are for free. But if they could not be available for no cost, the model they should follow is that of the United States' Federal Court's Public Access to Court Records (PACER) system. Note this is an explicit congestion notification impaired link, so shut TCP ECN off if you wish to go there.
The PACER system charges for searches and retreival of court documents. The rate is presently seven cents per "page" (about 50 lines of monospaced text, more or less), or sixty cents per minute if you dial an 800 number with a modem. Most Federal Courts are online and searchable.
Given the large amount of work that goes into putting huge amounts of data online like patents and court records, a minor fee likely is approriate for accessing these records. As long as it isn't prohibitive to the common person, paying on the order of micropayments for access to data is not such a bad idea.
But I only would pay slightly more than the equivalent of what they would make if I was a user of their site who did see them. Anything above $10 to access a site without ads for a year is too much for me.
On a slightly off-topic note, one major problem with online pay-access systems is that they are single points of failure. All the databases (UMI, ProQuest, etc.) that libraries only a few years ago had CD-ROMs of are now purchased as web services. Granted, this allows them to be constantly updated, but only to those with constant subscriptions. Should an online only service go out of business, and their purchaser decide not to salvage their data, even its ex-subscribers would lose a signficiant amount of data.
Let me say this once before everyone goes nuts:
I never said that RFC == standard.
Read what I wrote. I said "well on its way." I did not say "definitely will become." Just because I did not explicitly say "but may not reach that point" doesn't mean it that isn't implied.
RFCs tended to be well documented protocols and procedures that tend to head towards standards or at least widely used methods. Most protocols never even reach this point. If a person or group writes an RFC, they believe they have something worthy of a larger audience.
And yes, I am aware of the multitude of humorous standards in there (IMPS, RFC 2795, comes instantly to mind, RFC 1097 or "subliminal telnet messaging" being an earlier one).
Still, my point in that post was that many RFCs are widely used as if they were standards even though they are not stands. Internet Relay Chat is RFC's 1459, 2810, 2811, 2812, and 2813, all marked "Experimental" or "Informational". Their headers do state they are not information standards, but this has not stopped over 10 IRC networks, dozens of client programs and tens of thousands of users from using them. Likewise, RFC 1413, a.k.a. the ident protocol, has been a proposed standard for seven years, yet is included in every UNIX-based operating system. Your secure shell products (SSH) use a protocol that has a working group, but they have not even reached the RFC point in the process!
Just because someone says something is not a standard does not mean it is not widely adopted. Personally, I want to implement RFC 2324, better known as the Hyper Text Coffee Pot Control Protocol :)
The reason countries such as Argentina and India love free software is because it's cheap. Compared to many western countries, items in general are cheap. In many countries, one can either pay $500 for a copy of MS Office or hire someone at a decent salary for a year.
I knew someone from India who made more as an intern in the US than his father did as an Engineer in his native country. His father could take his family eating out every night if desired, yet his son lived in a [legitamite] shared home with eight others, barely making it along.
On one hand, you have companies that love foreign countries such as China for their labor. Remember the stories about a certain famous shoe manufactuer that makes their shoes abroad for $20 but sells them in the United States for $150? Companies love those types of deals. But other companies then try to sell their products in the local markets at US rates. For some reason, people making the equivalent of US $20 per month are not happy paying $500 for a computer, $500 for each program needed, etc. You've got to wonder why there are problems...
Unfortunately, power is not the only thing that rides on a power cord. Keep in mind that you have components operating anywhere between 100 MHz and 1 GHz inside of a computer. Given FM radio is from about 85-108 MHz, UHF TV around 500 MHz, your 900 MHz cordless phones, etc., one sees that all you need to get a computer to cause interference is an antenna that takes said signal outside of the shielding metal case. What better way is there to get a signal out of a computer than a power cable? After all, 50/60 Hz cables were never designed to keep 100 MHz+ signals contained.
Granted, you can fight this noise by using shielded cables, bypass capacitors, etc., but adding components comes at a cost. Do you really want the extra cost of shielding power cables/connectors & RFI that made it into the power supply?
This reminds me of story (I don't know if it's true or not). First, they build your US $100+ priced power supply, and call it Class A. Then they take out a few components (a few dollars worth), see if it works, and call it Class B (aroud $30-50). Then they take out a few more, and call it Class C ($15) if it still operates. Most computers have Class C supplies. No wonder bad or unstable power supplies are the cause of so many failures.
All right, this is a flame. Dareth I answer it...
ECN is *NOT* a standard, nor even standards track.
The fact ECN is written up as a request for comments document (RFC) means it *is* well on its way to becoming an Internet standard. Even the process itself of becoming an Internet standard is written up as an RFC. Look at the main web page at www.ietf.org and click on the link marked "The Internet Standards Process." Look at what is there! RFC 2026!
Many protocols in modern use never became an Internet "standard"; these include things like Mobile IP and 802.11 wireless Ethernet. Your idenfication protocol used by almost any IRC server is RFC's 1431 and 0931; they never became a standard. The number of Internet standards actually issued number less than 70. The IETF itself doesn't link to them much anymore since there is an normally an RFC representing the final form of each one.
[The] systems that you have 'problems' with are systems that support ECN, not systems that don't support ECN
Sorry! Thanks for playing. If the client says it supports ECN by flagging that fact with the bits once reserved for future use, it will not run into problems if the other side says it does not. The routers, firewalls, load balancers and/or servers on the other that do not know simply to leave those bits alone and continue normally can be faulted. The TCP protocol said those bits might be used later, but many programmers did not heed that warning. Instead, they drop packets using the once reserved bits, send TCP or ICMP reset messages, etc.
So in a way, it is the client's fault for supporing a newer extension of TCP/IP that the older one. The extension works fine -- as long as the other end still tries to establish a connection reguardless of ECN support!
The reason you have trouble with these sites is because you have a client which respects the ECN bit, and there are thousands/millions of other clients which don't, which has the effect of you never reaching the site, since you always back off in deference to those clients which don't.
Major sites must be busy to the point their links are congested, aren't they? I hope not. Read the article; the problem is routers, firewalls, and other devices seeing the bits marked "for furture use" being used, and considering packets invalid. Again, the fact that an ECN host tries contacting a host that does not support ECN is irrelevant; as long as the packets get through, the ECN-aware end will realize the other end does not, and revert to normal congestion behavior.
If no device on the other end spoke ECN, you wouldn't have this problem, as it wouldn't have any way to know to treat an ECN aware client differently than one that wasn't.
The ECN aware client is in charge, at least in the failure cases cited by the article. In most failure cases (at least those I have seen), it is the *client* requesting that the connection use ECN in the first place (although servers are welcome to as well). If after the initial handshake it discovers the remote host does not know ECN, it uses the old-style of TCP throttling behavior in response to bad packets. The ECN extension was designed to allow backwards compatibility with older clients; the people who designed it were not that foolish.
Get an education before you start posting pretending you know what you're talking about.
Is the fact I have a bachelors degree in Electrical and Computer Engineering (with honors), 99% of the work for a masters degree in the same, and the fact I was accepted to one of the top doctoral schools in the country enough education? I have spent many many years studying network protocol theory, and several years administering servers. I even wrote my own IRC client at ones point in time based off the RFC documents on it, and that protocol is hardly "experimental" anymore...
Let me just say that it is the systems that do *not* handle ECN that are at fault, not the systems that *do* support it. Read the RFC specification here here, or from your nearest RFC mirror (#2481). Note how bits marked as "presently unused" and "reserved for future use" are used for explicit congestion notification.
Any protocol implementation with a bit of sanity would know to leave reserved bits it did not how handle unchanged. Unfortunately, many systems do not do this. Some firewalls see reserved bits being used as a threat, and reset connections. Other systems have no clue how to react if a reserved bit is not the default value.
A partial list of sites I know have trouble with ECN enabled (thank goodness they are the minority of web sites out there) is below. But this is like the Y2K bug; it never really should have existed.
Sites with known ECN problems (that I've seen, anyway)
(These are only sites I visit rarely, thank goodness; I typically surf another 20+ websites daily without incident)
A previous poster noted that France has not had a nuclear problem. The reason behind this is quite simple: standardization.
Several decades ago, France was searching for power sources. Lacking local natural resources needed to power conventional plants, they considered nuclear power to be their best bet.
Unlike most of the rest of the world, France realized that safety came from using standarized equipment. They came up with an initial reactor design, and stayed with it. Everyone working on nuclear plants in France is trained on the same equipment; countless engineers could easily transfer from one plant to another without missing a beat.
This is not the case in many other countries. Most of the world's reactors outside of France all have their own custom designs, largely in part to utilize later discoveries. Should someone design a home reactor, the fact that it is a well analyzed design should bring some comfort (hopefully with interlocks!). Nuclear technology has gotten a lot safer; but the early accidents have scared the public away, possibly forever.
The way to create the best application possible is to take a langauge you know well, and use it. Period. Suddenly going and studying "Language X" because you think it might be best for a client while doing work for said client likely will create a lot of headaches and long hours for everyone involved. If you find out in the end that it wasn't the langauge you should have used for the project, you're screwed.
Optimize the code you know how to optimize, and use (properly coded) external tools to handle requests you can't handle well on your own. Breaking up large programs into a series of smaller ones is acceptable; look at KDE. One tool that I am surprised does not get more publicity is FastCGI. It is the only langauge and web server independant (more or less) way I have found to speed up CGI scripts. Perl scripts coded for mod_perl more or less port easily to FastCGI, with most of the performance boost. And here's the real kicker; unlike mod_perl or PHP, which take up huge chunks of memory, mod_fastcgi for Apache does not. A small handler simply hands off control to one or more copies of your program running on the side, possibly even on another server!
I've used FastCGI extensively on systems that otherwise could not serve the load they had to handle. While it is not used as much as mod_perl or PHP (it no longer is in the core Apache distribution because it evolved too rapidly), I strongly encourage people to consider it a choice.
This debate was handled very well; I encourage everyone to actually listen to it or read the transcript. The panelists realize that we are living in the middle of a transition from one type of society to another.
Concepts from artist's rights to software piracy to how the Internet should be run in the future are covered in this discussion in a very civil manner, with intelligent responses all-around. It makes for very intresting reading.
Many highways you travel on have cameras that go back to the Department of Transportation, where TV stations, etc., get their live feeds for their news shows. In fact, states like New Jersey are starting to put these camera online. I believe Atlanta and a few other cities have extensive survailence networks; one tiny piece of New York City has so many public and private cameras it isn't funny.
Now IANAL, but I belive the laws in the United States at the moment do *not* cover video survailance. Prosecutions of people spying on other people are normally because someone performed *audio* survailence (i.e., left the microphone running on the camera). There was a case where landlord put a camcorder in a couple's bedroom behind a two-way mirror. The landlord would have actually been within his rights to put a camera there except for the fact he left the microphone attached.
Remember one of your favorite companies that got shareware authors to release their software for free in exchange for including an ad client that watched where you went on the Internet? They also got sued. Their settlement? You can purchase a discounted version of Go!Zilla Plus through them, which I believe is actually the registered version one of their products.
If you believe you once used a product with the Auriate/Radiate ad client, and believe you might be entitled to the aforementioned discounted version of Go!Zilla, the page to determine this is titled "Class Action", and may be found off of Radiate's privacy disclosure. They used to be called Auriate until a series of negatively slanted stories came out about them (or, so several articles have led me to believe).
Note I did not this link to this page directly because they redirect you to their privacy policy page first anyway. Please don't take advantage of their offer unless you really *really* installed a product that used their ad client; I don't feel like being sued for posting this.
There is an old story about a Novell server being locked in a closet, forgotten about, and rediscovered three years later still operational. However, I never found out where this happened. Given the uptimes on the Novell servers on my university's campus (well over six months is possible), one would have to consider this possible.
If only (*cough*) certain other operating systems that are constantly feuded over (*cough*) could have that reliablity. Granted, our Linux servers have had 90+ day uptimes, and our FreeBSD ones as well, but someone keeps finding bugs in their kernels (not that it doesn't happen to Novell on rare occasion)...
If you look in the /sbin directory of a system with PAM's pwdb module installed, you'll find a set-uid helper called "pwdb_chkpwd" that is actually used to access the shadow file. The idea is that only simple applications with known code should do password checking. I believe KDE takes a similar approach towards applications that need to do something as root (calling little helper applications to do the tasks needed). And no, you typically can not run this application by hand (it will syslog a complaint if you do).
Note I am not a PAM programmer, so read the documentation to figure out how to use this.
In one of my classes, the class was divided up into groups. Each group is reponsible for taking a week's worth of notes and writing them up in a manner similar to a chapter of a book. The professor teaching the class intends to edit the submissions and string them together into a textbook. This textbook will be submitted to publishers for possible publication.
Now, no formal contract was signed between the professor and the students. As far as I know, no student will receive proceeds from the book, although the professor will. He does intend to credit all the original writers on a credits page.
Given that the work was done for a course that students *paid* to attend, is he allowed to simply take our work and walk away with it? There is no rights assignment policy at our University that I am aware of.
Given that it is now publicly known that the the response needed to get on the network is an MD5 sum, the next move likely would be to calculate the MD5 sum plus a "secret" unknownst to the free AOL client developers but known to them. This secret could be a piece of any file related to the main AIM distribution, an advertisement that your client recently downloaded, some piece of the program found in memory while running in a certain state, etc. Just have that secret added before, after, or somewhere in the middle of the string the MD5 sum is being calculated from, and you'll have major headaches working around that.
Sure you could query a system which ran the actual client and note the results, but then they would "taint" the RAM used so no two instant messangers looked the same. The calculation time needed to brute force a shared secret is enormous; the legal risks tapering with their EULA to reverse engineer it high. And given that AOL likely only gives one or two chances for the challenge/response sequence to proceed, this roadblock may keep alternative clients from using OSCAR for a long time.
MD5 sums with secrets is nothing new; look at your local /etc/shadow file (if you can). MD5-based password hashes (typically starting with "$1") support the concept of a "machine secret," although this typically is not used. All in all I've got to hand it to AOL; this is a brilliant move on their part, and one that makes it much harder to use their full-service protocol against their wishes on their network.
One could write a client that referenced AOL's in order to get online, but I would hate to see the legal mess they would get into.
This has been argued actually; note there is only 33 feet difference between the two. Those measurements, if memory serves me right, do not include the antenna tower on top of Sears Tower, yet include the pinnacle* of Petronas. The logic here by the official raters is that the antenna tower can be easily removed, while the pinnacle is a permanent feature of the Petronas towers. Granted, I do not quite see the logic here; if you have a better explaination, please chime in.
If you include both the pinnacle and the antenna tower, Sears Tower beats Pentronas by a foot or so, and the same holds true if neither the antenna tower or pinnacle is counted. Note I am recalling all this from memory, so I might have something incorrect.
Still, the link you provide is intresting. Looks like something (two somethings, actually) may shortly beat Petronas.
* A pinnacle is a fancy top piece for a building, typically with a large point on top of it. The concept dates back to at least Medival times.