Of course, Saddam also learned to gas his own people from the Brittish. When Iraq was part of the British Empire, the brits regularly used bombing raids with conventional and poison gas armament to enforce payment of the taxes they had imposed. Churchill himself pushed for more gassings.
Fact is that the Brits probably killed more Iraqis during thier occupations over the last century tha Saddam did. If I recall my history correctly, this is the fourth time the Brits have invaded Iraq to overthrow the government. Funny, you'd think they'd be a lot better at it then they were this last time.
There would be nothing illegal about building a cruise missile. The thing is simply a small experimental/hobby aircraft. Legal issues would not arise until you armed the thing and used it as a weapon. Cruise missiles don't just randomly take off at self-selected targets and explode.
I've never heard of consumer GPS systems disabling themselves at high speeds and can't locate anything in the specs at the major vendors, do you have a reference for that?
Of course, it's irrelevant to the task at hand, there are plenty of GPS recievers with NAV-OUT ports that are right at home at these speeds. Plus, GPS is just the most accessible of the nav aids out there. The FAA has hundreds of beacons scattered around the country, their exact LAT, LON and ALT are published for anyone to use. Same with costal waterway navigaion beacons via the Coast Guard. And then there's simple direction finding with any commercial broadcasting antenna. (Missile: fly to the strongest radio source at this frequency (choose a station that broascasts from downtown), then circle until you run out of fuel. Navigating via these methods is well documented, and the equipment involved could be (in many cases) cooked up at home with some wire and transistors; unlike the more complex GPS receivers and their very sensitive timing systems.
People are up in arms over this because Bill Gates made it priority one in the company to make their software more secure and more reliable. This is just another blatent example of how they are failing in that mission. (This and the almost daily security updates). Here we have a simple bug that should be a test case. The word "crash" is not required, just that the type directive has a null value since it is not followed by an equal sign. The code would not hang the browser. The code would crash it just the same as it is again missing the equal sign. It's completely concievable that a developer that hand codes HTML would accidentally omit the character.
This is simple buffer underflow checking: "does the thing I just recieved have the minimum expected size/value?" and just like all the buffer overflow issues, they don't bother checking the untrusted input before sending it off for critical processing.
Why is it that whenever I point out that our government violates our Constitution and seeks to further erode its meaning/value, that the only rebuttle I get is that I should leave the county and/or die?
Why don't I ever get back a factual, logical exchange of opinions or ideas? Show me the justification for passing laws that completely trample our fundamental rights. Give me even one good reason for violating international laws and causing ill will in the other 90% of the world's population.
As for leaving? Hell no. I am an American. Demanding that my country's values and laws be upheld by the government is not any reason for me to leave, or be expelled.
I've encountered that company before. They say they can detect pop-up blockers, protect HTML code, etc. What's interesting is that I've never run in to any of their products in use in the wild. I think it's telling that they don't offer any links to satisfied customers' web sites.
I've bypassed each of their pop-up blocker tests by using iCab. iCab sends all the requests, and just ignores the responses, and doesn't download the content it requested. The server doesn't check that the DL was actually completed, just that it started. In fact, I was viewing their own pages with the top and bottom banner ads filtered out.
As for thier HTML protection: if a browser can display it, then it came down the wire and I can intercept it and display it. If it's encypted then the decrypting script is also on the wire, and I can download it and run or reverse engineer it.
That only works if they don't program enough intelligence in to the database system servicing the pages.
If the database is smart, it will keep state info via cookies or something of the sort. I will NOT allow any request for page B until the interstitial page has been sent, and at least 15 seconds have elapsed.
If you look at most links on large sites (Slashdot is a typical example), your browser deos not send a request for a specific file, but sends a GET request with some funky stuff in the URL. You as the end user really have no idea what will be displayed based on the information in the URL.
Now... this can be done on the fly. The fastest way for a site to loose eyeballs would be to consitently place interstitial pages between major sections, or in front of popular areas. If the backend systems are programmed to do this ony 20% of the time, you'll never know if the request for "http://www.nyt.com/online?uid=234324&pageview=398 43" will pop up the article you want, or stop by an interstitial advertisement.
IE: the backend says: Hey... to get to X number of impressions per hour at the current load, I'd better serve up an ad with this request, and so updates the session state info to show that you are getting the ad, and instead of your article sends the full page ad. If your browser attempts to request the article URL again without waiting 15 seconds, you get locked out or the ad again with perhaps anothe 15 second timeout.
It's important to know that the SAME URL will be in the refresh meta tag! The server determines if it serves the actual request, or an ad. This is little different than serving up different content based on requested language or browser ID strings. Nothing you can change on the client side will prevent this ad from being served instead of the content you are interested in.
It's a simple thing to do in iCab (my browser of choice on the Mac). It's simply a preferences setting. As for how to do it in any other browser? I have no idea. I think Safari (if you enable the debug menu) allows you to change the client ID.
Advertising makers, please don't read this or use any of the ideas in here!
The insideous part of this is that it doesn't require any scripting on the client side. In todays database served web pages, all that has to happen is that each link is really a link to an ad, and passes to the ad a reference to the actual content that should be displayed afterward. That reference may be an actual URL, or just a symbol that only the server can decipher.
This will all be taken care of on the server side. Ex: Slashdot main page is displayed. Instead of a link taking you to an article, it links directyl to a full page ad, but as part of a hidden form the real destination page is passed. So you click the link to see the full article, you first see a full page ad, then the ad sends you to the article page.
All the client ever sees is standard HTML, and a header with a "refresh content" directive with a 15 second delay.
The best you could hope for here is that a browser, upon recieving an HTML header with a reload directive would immediately jump to the new URL and not display the ad's URL. Of course, the web server could have an extension that would literally lock you out of the content until the 15 seconds were up. To be more malicious, the server may be set to lock you out of the entire site for progressively longer periods if it detects you are bypassing the ads. You might find that you are barred from a site for 24 hours because you refuse to generate a revenue stream for them.
The short of it all: This may very well be the Internet killer that everyone has feared.
We can block pop-ups. we can filter images, we can block most spam, but we can't get around this ad scheme, at least no completely.
A pop-up ad is one thing. It's small code and content-wise. It probably takes 3-4 seconds to download, but the article states that these new ads are 300K!!! That's almost a full minute to download at 56K modem speeds.
If their going to force people to spend 1 minute to download an ad (plus a forced 15 seconds to view the ad), they had better come up with a way to reimburse people, either financially, or with MUCH better content.
Your right... in the U.S. They'd decrypt the message with you during a 20 year to life term in a maximum security prison without ever charging you with anything or giving you a trial by your peers.
The decryption sessions would occur in a a small dark room where you would be "inconvienenced" and "annoyed" and "harrased" by being forced to stand for LONG periods of time, having food and water withheld, being locked in a 3x3 room with no human contact for weeks on end, being woken up at random times just to be asked a question hoping that in a sleepy state you might divulsge something, having sound payed and near painful levels for hours/days on end.
Yea... the U.S. system is SOOO much better than the old Soviet system. At least the Soviets had the balls to make it common knowledge what they did, you knew what to expect. Here in the U.S. the government pussyfoots around the issue and makes you think that the "interviewees" are treated just like you and I when questioned by the local beat cop.
Okay, I've been going to town the last two days. I think I've spent about $70 in the iTunes Music store so far. I've purchased 93 tracks. That works out to about $0.75 per song. This thing's an even better value than they advertise.
On a side note, I've found that my original 5GB iPod can now hold 37% MORE songs! Given that AAC is a higher quality codec, I've found that I can use the "ConvertSelection to AAC" under "Advanced" to change all my existing MP3 files to AAC. I set the "Importing" preferences to AAC and 80kbit stereo first. Even if you use 96kbit AAC you still get 25% more music in the same space compared to the MP3s. I can't discern any difference with the speakers I have on my system or the headphones on the iPod. I'm not saying there isn't a difference, just that there isn't any difference that I notice or care about.
NOTE: When iTunes makes the conversion, it does not delete the source file(s) so you will need enough space to store both files.
I'm surprised you don't have a CD player connected to your stereo since your purchase CDs at the store. You could simply burn the song to CD and play it on the stereo.
For the moment I know of no AAC to MP3 converters that will bypass/ignore the DRM in the AAC. I haven't tried it, but you SHOULD be able to burn your AAC tracks to and audio CD, then RIP that audio CD to MP3 format. Given that 128kbit AAC is so close to CD quality, you shouldn't loose much quality.
It's a kludge I know, but then this is the whole point of Apple's stance: Anyone with the resolve will bypass the DRM of any system. They impliment DRM that discourages most people most of the time, but does not make circumvention very difficult for the knowledable users.
1. The "album" proces on ti Apple service are generally $9.99 ($10 us), so a CD with 16 tracks is less than $1/track.
2. You can't really include the cost of bandwidth, as people are paying for it already, regardless of their using this service. If you want to include the cost of bandwidth for downloadig then you should include the cost of driving a vehicle to the store to purchase a CD (IE about 40 cents per mile to cover insurance, deprecieation, wear and tare amd the opportunity costs of my "wasting" time in traffic)
3. Even if you are going to include the cost of bandwitdth, you can't amortize the entire monthly fee in to a single CD download. IF that ADSL account costs $60au/month, then it costs about $.0014au per minute on average, or about $.0028au (point three cents au) per song to download given your guestimates. Afterall, you're paying for the line whether you DL or not. You might as well use the bandwidth you pay for.
What we have so far is that a download or a CD costs $10.003au. I'd like to know what kind of CDs you are download ing that average 17 tracks!! That's what's required for a CD to consume 60MB and 3.5MB per track. At the more reasonable number of 10 tracks per CD, that's 35MB/cd, or closer to $.01au per song or $1au per CD to store.
So now we're up to $11.003au per CD total cost for download. Or do you want to amortize my monthly electric bill, total computer costs, etc. in to the download costs also?
Now contrast that with the physical store purchase: I drive an average of 5 miles one way to the store, at $.40 per mile, that's $10us round trip. Add in the opportunity costs of my sitting in the car doing nothing instead of being productive (lets lowball at $5/hr(us)). 10 miles at an average speed of 30 miles per hour is twenty minutes or $3.30us (we're at $13.30us already and we don't have any product in our hands. We putter around the mall and various music stores to locate a CD. We finally purchase one. Cost $15us. Total so far $28.30us or $47.16au. Not looking like a bargin to me.
Plus... if I drop the CD on the way to or from the car, and it's scratched, I have no recourse, I'll have to go buy another one. Also the CD I purchased may be copy protected, so I can't make a backup or copy it to my MP3 player.
For all that I get a single CD which I am (by U.S. law) only allowed to make one backup copy of.
In contrast the Apple music license allows me to simultaneously have: ANY number of copies stored on iPods, 10 burned copies on CD, and three copies on different Macs (not necessarily MINE). So to extrapolate further: with the physical CD, I have one "useful" copy of the CD, or $28us (~$46au)per copy. With the Apple license I have (lets be conservative) 5 usable, leagal copies or : $1.32us(~$2.20au)per copy. The Apple download service is cheaper by a factor of twenty!
Statistics... you can make data say anything you like.:)
Am I the only one who finds it annoying that the older music does not have the correct year in the meta info? I mean, there's stuff in there from 50 years go and it has a "year" value of 2001. The oldest date I can locate in the service is 1988. This sort of defeats the whole purpose of iTunes' Smart Playists where songs can be sorted by decade or the like. It's just a tad weird (for example)to have Bing Crosby's "White Christmas" sorted in the category "90s music".
Yes, yea, I know it's the publishers who set those values, not Apple, and it's probably the year the song was last released on any album, but it's still annoying just the same.
I post this most every time I run across a discussion of network security and the "evil hacker" protections people try to impliment. Where is your IDS? At or near the firewall from your Internet connection I'm willing to bet.
Okay, now what about the malicous hacker wanna-be that lives within your trusted network. This could be a student in a campus lab, Jane doe in cubicle 12B who lilives a secret on-line life as Kamander KRak, or Dave Smith the quiet guy in the corder office who thinks he's about to get fired. What about those cleaning crew who have full access to every square inch of the facility at night without any supervision. What about The CEO who just brought a new WiFi notebook in and connected it to the LAN and offeres an open WAP to anyone within 200 feet of the office.
We all spend a whole lot of time and money securing our Internet connections and services from external hackers. Yet most managers/admins almost completely ignore the internal threats. And ONE inside job will do a lot more damage than a dozen attacks from outside.
Those on your LAN already have password access to the network and services. They know what servers to hit, they know what data is stored where. They know where the wiring closet is, and what equipment you run (your memos frequently tell them you are upgrading Windows from NT4 to 2000). They can open a closet door, or slide over a ceiling panel and easily connect a device to the monitoring port of thier distribution switch.
A comprehensive security plan needs to at least acnowledge these threats, and find ways to secure these services and components from otherwise trusted sources. IDS on each major server, physical lockdown of all remote network devices, regular/random physical inspections of the wiring closets. Some facilities may require that the night cleaning crews be cleared with at least a basic background check.
In my experience, protecting against outside attack is really rather trivial compared to protecting against the potential internal threat.
There is (some claim) a shortage of ozone in the upper atmosphere. This is a layer of O3 that absorbs and reflects a lot of the sun's ultraviolet radiation and allows us humans to live on the surface without wearing sunscreen and still remain different skin colors. Without the ozone layer we would all be dark brown (perhaps not a bad thing).
Ozone in lower parts of the atmosphere are hazerdous to humans. Breathing air that has high levels of ozone is attributed to several heath maladies such as asthma. Ozone near the ground is also a major component of smog, that ugly brown cloud that hangs over most major cities.
Unfortunately ozone generated on the ground does not politely rise through the atmosphere to the ozone layer where it can do some good. If you get too much ozone in your office, you could always release som CFCs, which readily break down O3 and make it harmless.
The cows you mention emit methane, which is considered a green house gas, and also the most common and insideous greenhouse gas: Hydrodgen Oxide. Methane at least can be used as a fuel to generate electricity or heat. Gaseous hydrogen oxide has no such qualities, but can be used as a very powerful cleaning agent (especially under pressure and temperature). If cows somehow emit ozone, this would be the first I've heard of it.
As others have mentioned, you don't state the size or "enclosedness" of your lab, but some thoughts anyway:
1. Most (90%+) dust inside a home or office is generated by the shedding of human skin and hair or our clothing. Hence, most dust is generated within 5 feet of the fans sucking it in to the computer. In these environments you should have at least low density foam filters (think about the one on your hair dryer) on each intake fan. The case fans of your systems should be positively pressurizing the case so that all incoming air passes through a filter, not through any small openings.
2. Try to keep the intake fans on the computer cases as high off the ground and as open/exposed as possible. Ex: don't stick the fan in a corner under a desk, this is where air currents will deposit the most dust. In that same vein, your HVAC intakes should be on the ceiling, not near the floor. Moving them can be quite inexpensive.
3. Don't use ionizers. Ionizers are different than electrostatic filters. Ionizers are designed to change the balance of electrical charge in the ambient air (they spit out electrons). To me that's just a bad thing when highly sensitive electronic parts are about. The more out of balance the charges are, the more likely you are to experience static discharges, and we all know that kills computers.
4. For larger labs/offices I recommend an electrostatic filter that gets built in to the HVAC system. These things are highly effective at removing the lightest/smallest of dust particles. They are a bit expensive to install, and aren't the easiest things to clean, but they do a great job and you probably have a cleaning/maintenance crew. These devices do put out a small amount of ozone but this is usually not a problem with the normal air exchange that takes place in an average building. If you have a VERY high efficiency(tight) building, consider having an indoor/outdoor air/heat exchanger installed, or have the power in the filter unit reduced so ozone production is minimized(this is usually a jumper setting in the power supply). Most U.S. buildings will not require such measures.
5. Don't underestimate the effectiveness of a simple furnace filter at the air intake and/or exhaust points from your HVAC system. Paper is the best filter, but reduces flow the most. Foam filters are pretty good, especially the "charged" ones. The cheap "spider web" filters are useless, don't use them. They'll catch large debris, but not the stuff clogging up you case fans.
6. If this is a very small room, one or more portable HEPA filters will help immensely. I install these in all the smaller server rooms that I work in. Run them continuously(24x7).
7. If at all possible, have your cleaning crew use HEPA filters on all vacuum cleaners used in your lab. Otherwise, a significant amount of light dust will simply be blown out of the vacuum unit and in to the air where it can be sucked in to the computers. Even better than the HEPA filters is to use a built-in type vacuum system where exhaust air is routed outdoors.
In my home, I use central electrostatic filters, a central vacuum, and keep my computers on the desk, not the floor. I have VERY little dust accumulation in my systems (or anywhere else).
Apple doesn't phyisically manufacture their own chips because it costs too much to start such a factory. Then you have to re-tool the factory every few months every time you want to use some new technology or technique (like smaller trace sized, SOI, copper interconnects, etc). This is also a similar question to "Why buy milk when you could just own a cow?" (or produce any other commodity you normally purchase). It's a matter of scale. For you to own and care for one cow is not cost effective. It's cheaper for you to pay someone else to deal with that hassle and let them make a profit from it, than for you to do it directly. This is the same reason that Apple doesn't own an LCD display fab or an injecetion molding fab, etc. Outsourcing is easier and keeps Apple focused on what they do best: design neat hardware, write killer software and make some deliciously addictive Kool-aid.
Apple DOES however use a chip they designed. Apple was one third of the consortium that designed the PPC platform. You may recall the AIM(Apple, IBM, Motorola) partnership? The group sat down and designed a common CPU reference platform that could be scaled to many uses, be power efficient, and be economical to produce. As such Apple does not need to license anything from anyone to have someone build the PPC for them.
The thing is though, that the PPC specs are more like black boxes than blueprints. In other words, the specs tell you what you put in, and what you get out, not what happens in the middle. The spec doesn't tell you what the chip should look like or how to construct it, just how it should work. Hence Apple negotiates with different manufacturers to impliment the PPC specs in the best technology available.
If you recall the whole reason Apple stuck with Motorola for so long is because IBM refused to impliment the "Altivec" enhancements in silicon. Apple was torn because IBM's processes are FAR better than Motorola's (faster clock speeds, lower power draw, lower heat output, higher yields). Now IBM is willing to do Altivec, and Apple gains all the other IBM nicities like SOI, copper, and smaller process size.
If Apple wanted to they could negotiate/contract with Intel, AMD or and of the myriad of chip fabs in the world to make the PPC. One has to ask themselves though... why would Intel or AMD be interested in building the PPC? Who other than Apple would be a customer? And what extra costs would Apple incur because the new company had to start with a design from scratch?
Huh? What do you mean "...functionality is directly related to proprietary nature of the platform..."?
What exactly is proprietary about the Mac?
The CPU? Nope, PPC is arguably on of the most open CPU formats on the market. Almost anyone willing to can join the PPC consortium and produce processors based on the platform.
The RAM? Nope. Macs use standard RAM modules that are commodoty parts.
Peripheral bus? I think most people in the world can get their hands on a PCI or AGP card pretty quickly.
Disk storage? Hmmm. IDE and SCSI interfaces are the most popular and widely produced drive interface formats out there.
Network? Ethernet 1000bT, at least 100bT standard on most models. Just plug in and let DHCP do its thing.
Okay, I think we're starting to narrow it down.
CDROM? Again, IDE and SCSI cover it. Most any off-the-shelf drive pops in and "just works"
Display ports: VGA monitors work with all Mac hardware. You may need an adapter for Mac/VGA though. I know, I have three CRT displays on my Mac at the moment, one via the built-in Apple large port, one via a VGA port and one via a digital video port with a digital/crt adapter on PCI display cards.
Mouse and keboard? USB devices are supported completely. In fact, before the iMac adopted it, USB was pretty much just "that funny connector" on most PCs. Yea, Intel invented USB, but Apple brought it to the mainstream.
Okay, so the hardware isn't proprietary, well it must be the software then.
Networking: TCP/IP, DNS, HTTP, SMTP, ARP nope, nothing proprietary there. But oh yea, you still have AppleTalk available for all those small networks that just don't want to bother with TCP/IP.
Graphics: OpenGL and PDF. Industry standards. In fact, some of the most open standards available.
Data interchange: OS X is probably the leader in adopting and supporting XML.
Multimedia: Quicktime supports most all industry standard codecs: MPEG2, MPEG4,AAC,MP3,sorenson, AIFF,etc.
Hmmm.... so tell me: what exactly is so proprietary about the Mac again? What you must mean by proprietary is that Windows' x86 binaries don't run natively on the machine under Mac OS.
To get anything proprietary hardware wise on a Mac you have to go back quite a few years to when they were all ADB, mini-din serial ports, NuBus based systems, and that was quite a while ago.
Your telling me that a large tape silo with a single robotic arm, and 10 tape streamers has more moving parts than 576 hard drives? Um, I think not.
The tape silo also cosumes a LOT less power, takes up less space, and doesn't demand as much environmental conditioning. Can you imagine the heat generated by 576 drives spinning at 5400RPM?
Yea, the system cost under half a million to build, it will also cost that in electricty over the five year life expectancy.
It wasn't so much competition that killed hte Newton, as poor management at Apple at the time of its release. Those where the dark days of Apple when Steve was out of the driver's seat and the company was releasing a new desktop or laptop model every week. The company was killing itself from the inside out. Steve came back and killed the Newton (along with 90% of the product line), because he needed to get the company back to its foundations in order to frow stong agin. I personally ahve little doubt that had Steve never been ousted, and the Newton released with him at the helm, that it would have been the top dog in the PDA market.
The problem with your plans is market share. Software makers already claim they can't find the financial profitability in porting their software to Mac becuase of such a small audiience. If Apple splits its market in to two incompatible processor technologies, it would be even LESS likely that new software would be ported, and it would have to be ported twice. That means twice as many SKUs, twice the inventory and shipping problems, twice the testing issues, all for what? Perhaps 20% grater market share?
And my point is that short of random physical inspections of the topology down to the desktop, how would you know of such a re-writing NAT device? You would have to epoxy the RJ45 connectors to the network card and the wall plate to have any real certainty that the cable is not moved to another device. That is of course counter productive in the long run, but perhaps necessary in some environments (like the White House situation room for example).
For the truely dedicated hacker, you can purchase a computer that's the size of a pack of cigarettes that has enough computing power to handle this job. This device could be removed in moments without causing network disruption. (the NAT device assumes the MAC and IP address of the supported box, switching these two out does not require the switch to re-learn the MAC address, just a brief period where the physicsl link is down.). A really swift hacker would place this device on a co-worker's system a reasonable distance away to prevent job termination when the thing is discovered.
It seems to me that the best way to catch NAT devices is to perform actual network traffic analysis. Eg: It's unlikely that a single user would be able to maintain 20-30 initial web page requests (not including intrapage requests for components) per minute. A node exibiting such behavior is either running some sort of 'bot that I probably don't want on my network, or a NAT that is allowing many users to access the web through my network.
The same could be said about simple throughput. If the mean througput from a single workstation is 10K/s average over the course of a day, and I have two nodes that are sustaining 90K/s average, then that's something to investigate. Tansparent redirection and logging of packets may be called for, or a a chat with the employee who works at the node.
Intenal "sabotage" is usually my biggest concern as a network admin. I know where the hackers are outside, I can detect them and their attacks. But a disgruntled and intelligent employee already has phyisical and password access to my resources. When they go bad, things can get ugly fast. I still recall the employee who kept sending the "ping of death" to all the nodes on the LAN.
Perhaps one solution to the whole unothorized WAP access issue, is that companies should purchase inexpensive base stations and let them advertise to the world, but have no access to anything. With so many bogus APs for the outsiders to filter through, it would give the admins more time to locate the offending APs and shut them down.
But (IIRC) this is all easiily defeated with a small freely available piece of software called Linux and iptables. iptables in particular allows you to mangle packets in the firewall/router.
In the case they provide of the illicit NAT box with host A and B behind them, you can make iptables re-write the IP header's TTL value to whatever you like for packets that were NATed. To the switch and the sFlow box, these NATed packets would appear the same as packets sourced from the NAT box.
So while this technique will foil the casual NATter's attempts, anyone with a little time on their hands, and a little knowledge can circumvent these detection methods.
There's a simple rule that history prooves about the classic cops/robbers drama: The robbers always have more money, more motivation and more talent than the cops. No matter how devious the cops tactics, they will always be one-upped by the robbers who will win out in the end (as a whole).
Slashdot Mirror
Of course, Saddam also learned to gas his own people from the Brittish. When Iraq was part of the British Empire, the brits regularly used bombing raids with conventional and poison gas armament to enforce payment of the taxes they had imposed. Churchill himself pushed for more gassings.
Fact is that the Brits probably killed more Iraqis during thier occupations over the last century tha Saddam did. If I recall my history correctly, this is the fourth time the Brits have invaded Iraq to overthrow the government.
Funny, you'd think they'd be a lot better at it then they were this last time.
There would be nothing illegal about building a cruise missile. The thing is simply a small experimental/hobby aircraft.
Legal issues would not arise until you armed the thing and used it as a weapon. Cruise missiles don't just randomly take off at self-selected targets and explode.
I've never heard of consumer GPS systems disabling themselves at high speeds and can't locate anything in the specs at the major vendors, do you have a reference for that?
Of course, it's irrelevant to the task at hand, there are plenty of GPS recievers with NAV-OUT ports that are right at home at these speeds. Plus, GPS is just the most accessible of the nav aids out there. The FAA has hundreds of beacons scattered around the country, their exact LAT, LON and ALT are published for anyone to use. Same with costal waterway navigaion beacons via the Coast Guard. And then there's simple direction finding with any commercial broadcasting antenna. (Missile: fly to the strongest radio source at this frequency (choose a station that broascasts from downtown), then circle until you run out of fuel.
Navigating via these methods is well documented, and the equipment involved could be (in many cases) cooked up at home with some wire and transistors; unlike the more complex GPS receivers and their very sensitive timing systems.
People are up in arms over this because Bill Gates made it priority one in the company to make their software more secure and more reliable. This is just another blatent example of how they are failing in that mission. (This and the almost daily security updates).
Here we have a simple bug that should be a test case. The word "crash" is not required, just that the type directive has a null value since it is not followed by an equal sign.
The code would not hang the browser. The code would crash it just the same as it is again missing the equal sign. It's completely concievable that a developer that hand codes HTML would accidentally omit the character.
This is simple buffer underflow checking: "does the thing I just recieved have the minimum expected size/value?" and just like all the buffer overflow issues, they don't bother checking the untrusted input before sending it off for critical processing.
Why is it that whenever I point out that our government violates our Constitution and seeks to further erode its meaning/value, that the only rebuttle I get is that I should leave the county and/or die?
Why don't I ever get back a factual, logical exchange of opinions or ideas? Show me the justification for passing laws that completely trample our fundamental rights. Give me even one good reason for violating international laws and causing ill will in the other 90% of the world's population.
As for leaving? Hell no. I am an American. Demanding that my country's values and laws be upheld by the government is not any reason for me to leave, or be expelled.
I've encountered that company before. They say they can detect pop-up blockers, protect HTML code, etc. What's interesting is that I've never run in to any of their products in use in the wild. I think it's telling that they don't offer any links to satisfied customers' web sites.
I've bypassed each of their pop-up blocker tests by using iCab. iCab sends all the requests, and just ignores the responses, and doesn't download the content it requested. The server doesn't check that the DL was actually completed, just that it started. In fact, I was viewing their own pages with the top and bottom banner ads filtered out.
As for thier HTML protection: if a browser can display it, then it came down the wire and I can intercept it and display it. If it's encypted then the decrypting script is also on the wire, and I can download it and run or reverse engineer it.
That only works if they don't program enough intelligence in to the database system servicing the pages.
8 43" will pop up the article you want, or stop by an interstitial advertisement.
If the database is smart, it will keep state info via cookies or something of the sort. I will NOT allow any request for page B until the interstitial page has been sent, and at least 15 seconds have elapsed.
If you look at most links on large sites (Slashdot is a typical example), your browser deos not send a request for a specific file, but sends a GET request with some funky stuff in the URL. You as the end user really have no idea what will be displayed based on the information in the URL.
Now... this can be done on the fly. The fastest way for a site to loose eyeballs would be to consitently place interstitial pages between major sections, or in front of popular areas. If the backend systems are programmed to do this ony 20% of the time, you'll never know if the request for "http://www.nyt.com/online?uid=234324&pageview=39
IE: the backend says: Hey... to get to X number of impressions per hour at the current load, I'd better serve up an ad with this request, and so updates the session state info to show that you are getting the ad, and instead of your article sends the full page ad. If your browser attempts to request the article URL again without waiting 15 seconds, you get locked out or the ad again with perhaps anothe 15 second timeout.
It's important to know that the SAME URL will be in the refresh meta tag! The server determines if it serves the actual request, or an ad. This is little different than serving up different content based on requested language or browser ID strings. Nothing you can change on the client side will prevent this ad from being served instead of the content you are interested in.
It's a simple thing to do in iCab (my browser of choice on the Mac). It's simply a preferences setting.
As for how to do it in any other browser? I have no idea. I think Safari (if you enable the debug menu) allows you to change the client ID.
Advertising makers, please don't read this or use any of the ideas in here!
The insideous part of this is that it doesn't require any scripting on the client side. In todays database served web pages, all that has to happen is that each link is really a link to an ad, and passes to the ad a reference to the actual content that should be displayed afterward. That reference may be an actual URL, or just a symbol that only the server can decipher.
This will all be taken care of on the server side. Ex: Slashdot main page is displayed. Instead of a link taking you to an article, it links directyl to a full page ad, but as part of a hidden form the real destination page is passed. So you click the link to see the full article, you first see a full page ad, then the ad sends you to the article page.
All the client ever sees is standard HTML, and a header with a "refresh content" directive with a 15 second delay.
The best you could hope for here is that a browser, upon recieving an HTML header with a reload directive would immediately jump to the new URL and not display the ad's URL. Of course, the web server could have an extension that would literally lock you out of the content until the 15 seconds were up. To be more malicious, the server may be set to lock you out of the entire site for progressively longer periods if it detects you are bypassing the ads. You might find that you are barred from a site for 24 hours because you refuse to generate a revenue stream for them.
The short of it all: This may very well be the Internet killer that everyone has feared.
We can block pop-ups. we can filter images, we can block most spam, but we can't get around this ad scheme, at least no completely.
A pop-up ad is one thing. It's small code and content-wise. It probably takes 3-4 seconds to download, but the article states that these new ads are 300K!!! That's almost a full minute to download at 56K modem speeds.
If their going to force people to spend 1 minute to download an ad (plus a forced 15 seconds to view the ad), they had better come up with a way to reimburse people, either financially, or with MUCH better content.
Your right... in the U.S. They'd decrypt the message with you during a 20 year to life term in a maximum security prison without ever charging you with anything or giving you a trial by your peers.
The decryption sessions would occur in a a small dark room where you would be "inconvienenced" and "annoyed" and "harrased" by being forced to stand for LONG periods of time, having food and water withheld, being locked in a 3x3 room with no human contact for weeks on end, being woken up at random times just to be asked a question hoping that in a sleepy state you might divulsge something, having sound payed and near painful levels for hours/days on end.
Yea... the U.S. system is SOOO much better than the old Soviet system. At least the Soviets had the balls to make it common knowledge what they did, you knew what to expect. Here in the U.S. the government pussyfoots around the issue and makes you think that the "interviewees" are treated just like you and I when questioned by the local beat cop.
Okay, I've been going to town the last two days. I think I've spent about $70 in the iTunes Music store so far. I've purchased 93 tracks. That works out to about $0.75 per song. This thing's an even better value than they advertise.
On a side note, I've found that my original 5GB iPod can now hold 37% MORE songs! Given that AAC is a higher quality codec, I've found that I can use the "ConvertSelection to AAC" under "Advanced" to change all my existing MP3 files to AAC. I set the "Importing" preferences to AAC and 80kbit stereo first. Even if you use 96kbit AAC you still get 25% more music in the same space compared to the MP3s.
I can't discern any difference with the speakers I have on my system or the headphones on the iPod. I'm not saying there isn't a difference, just that there isn't any difference that I notice or care about.
NOTE: When iTunes makes the conversion, it does not delete the source file(s) so you will need enough space to store both files.
I'm surprised you don't have a CD player connected to your stereo since your purchase CDs at the store. You could simply burn the song to CD and play it on the stereo.
For the moment I know of no AAC to MP3 converters that will bypass/ignore the DRM in the AAC. I haven't tried it, but you SHOULD be able to burn your AAC tracks to and audio CD, then RIP that audio CD to MP3 format.
Given that 128kbit AAC is so close to CD quality, you shouldn't loose much quality.
It's a kludge I know, but then this is the whole point of Apple's stance: Anyone with the resolve will bypass the DRM of any system. They impliment DRM that discourages most people most of the time, but does not make circumvention very difficult for the knowledable users.
"...the baclight is kind of dim when it's really bloody cold..."
:)
Which is really rather ironic when you think that the iBook uses a cold cathode tube for the lighting.
Several problems with your math:
:)
1. The "album" proces on ti Apple service are generally $9.99 ($10 us), so a CD with 16 tracks is less than $1/track.
2. You can't really include the cost of bandwidth, as people are paying for it already, regardless of their using this service. If you want to include the cost of bandwidth for downloadig then you should include the cost of driving a vehicle to the store to purchase a CD (IE about 40 cents per mile to cover insurance, deprecieation, wear and tare amd the opportunity costs of my "wasting" time in traffic)
3. Even if you are going to include the cost of bandwitdth, you can't amortize the entire monthly fee in to a single CD download. IF that ADSL account costs $60au/month, then it costs about $.0014au per minute on average, or about $.0028au (point three cents au) per song to download given your guestimates. Afterall, you're paying for the line whether you DL or not. You might as well use the bandwidth you pay for.
What we have so far is that a download or a CD costs $10.003au. I'd like to know what kind of CDs you are download ing that average 17 tracks!! That's what's required for a CD to consume 60MB and 3.5MB per track. At the more reasonable number of 10 tracks per CD, that's 35MB/cd, or closer to $.01au per song or $1au per CD to store.
So now we're up to $11.003au per CD total cost for download. Or do you want to amortize my monthly electric bill, total computer costs, etc. in to the download costs also?
Now contrast that with the physical store purchase: I drive an average of 5 miles one way to the store, at $.40 per mile, that's $10us round trip. Add in the opportunity costs of my sitting in the car doing nothing instead of being productive (lets lowball at $5/hr(us)). 10 miles at an average speed of 30 miles per hour is twenty minutes or $3.30us (we're at $13.30us already and we don't have any product in our hands.
We putter around the mall and various music stores to locate a CD. We finally purchase one. Cost $15us. Total so far $28.30us or $47.16au. Not looking like a bargin to me.
Plus... if I drop the CD on the way to or from the car, and it's scratched, I have no recourse, I'll have to go buy another one. Also the CD I purchased may be copy protected, so I can't make a backup or copy it to my MP3 player.
For all that I get a single CD which I am (by U.S. law) only allowed to make one backup copy of.
In contrast the Apple music license allows me to simultaneously have: ANY number of copies stored on iPods, 10 burned copies on CD, and three copies on different Macs (not necessarily MINE).
So to extrapolate further:
with the physical CD, I have one "useful" copy of the CD, or $28us (~$46au)per copy.
With the Apple license I have (lets be conservative) 5 usable, leagal copies or : $1.32us(~$2.20au)per copy.
The Apple download service is cheaper by a factor of twenty!
Statistics... you can make data say anything you like.
Am I the only one who finds it annoying that the older music does not have the correct year in the meta info? I mean, there's stuff in there from 50 years go and it has a "year" value of 2001. The oldest date I can locate in the service is 1988.
This sort of defeats the whole purpose of iTunes' Smart Playists where songs can be sorted by decade or the like.
It's just a tad weird (for example)to have Bing Crosby's "White Christmas" sorted in the category "90s music".
Yes, yea, I know it's the publishers who set those values, not Apple, and it's probably the year the song was last released on any album, but it's still annoying just the same.
I post this most every time I run across a discussion of network security and the "evil hacker" protections people try to impliment.
Where is your IDS? At or near the firewall from your Internet connection I'm willing to bet.
Okay, now what about the malicous hacker wanna-be that lives within your trusted network. This could be a student in a campus lab, Jane doe in cubicle 12B who lilives a secret on-line life as Kamander KRak, or Dave Smith the quiet guy in the corder office who thinks he's about to get fired. What about those cleaning crew who have full access to every square inch of the facility at night without any supervision. What about The CEO who just brought a new WiFi notebook in and connected it to the LAN and offeres an open WAP to anyone within 200 feet of the office.
We all spend a whole lot of time and money securing our Internet connections and services from external hackers. Yet most managers/admins almost completely ignore the internal threats. And ONE inside job will do a lot more damage than a dozen attacks from outside.
Those on your LAN already have password access to the network and services. They know what servers to hit, they know what data is stored where. They know where the wiring closet is, and what equipment you run (your memos frequently tell them you are upgrading Windows from NT4 to 2000). They can open a closet door, or slide over a ceiling panel and easily connect a device to the monitoring port of thier distribution switch.
A comprehensive security plan needs to at least acnowledge these threats, and find ways to secure these services and components from otherwise trusted sources. IDS on each major server, physical lockdown of all remote network devices, regular/random physical inspections of the wiring closets. Some facilities may require that the night cleaning crews be cleared with at least a basic background check.
In my experience, protecting against outside attack is really rather trivial compared to protecting against the potential internal threat.
There is (some claim) a shortage of ozone in the upper atmosphere. This is a layer of O3 that absorbs and reflects a lot of the sun's ultraviolet radiation and allows us humans to live on the surface without wearing sunscreen and still remain different skin colors. Without the ozone layer we would all be dark brown (perhaps not a bad thing).
Ozone in lower parts of the atmosphere are hazerdous to humans. Breathing air that has high levels of ozone is attributed to several heath maladies such as asthma. Ozone near the ground is also a major component of smog, that ugly brown cloud that hangs over most major cities.
Unfortunately ozone generated on the ground does not politely rise through the atmosphere to the ozone layer where it can do some good. If you get too much ozone in your office, you could always release som CFCs, which readily break down O3 and make it harmless.
The cows you mention emit methane, which is considered a green house gas, and also the most common and insideous greenhouse gas: Hydrodgen Oxide. Methane at least can be used as a fuel to generate electricity or heat. Gaseous hydrogen oxide has no such qualities, but can be used as a very powerful cleaning agent (especially under pressure and temperature).
If cows somehow emit ozone, this would be the first I've heard of it.
As others have mentioned, you don't state the size or "enclosedness" of your lab, but some thoughts anyway:
1. Most (90%+) dust inside a home or office is generated by the shedding of human skin and hair or our clothing. Hence, most dust is generated within 5 feet of the fans sucking it in to the computer. In these environments you should have at least low density foam filters (think about the one on your hair dryer) on each intake fan. The case fans of your systems should be positively pressurizing the case so that all incoming air passes through a filter, not through any small openings.
2. Try to keep the intake fans on the computer cases as high off the ground and as open/exposed as possible. Ex: don't stick the fan in a corner under a desk, this is where air currents will deposit the most dust. In that same vein, your HVAC intakes should be on the ceiling, not near the floor. Moving them can be quite inexpensive.
3. Don't use ionizers. Ionizers are different than electrostatic filters. Ionizers are designed to change the balance of electrical charge in the ambient air (they spit out electrons). To me that's just a bad thing when highly sensitive electronic parts are about. The more out of balance the charges are, the more likely you are to experience static discharges, and we all know that kills computers.
4. For larger labs/offices I recommend an electrostatic filter that gets built in to the HVAC system. These things are highly effective at removing the lightest/smallest of dust particles. They are a bit expensive to install, and aren't the easiest things to clean, but they do a great job and you probably have a cleaning/maintenance crew. These devices do put out a small amount of ozone but this is usually not a problem with the normal air exchange that takes place in an average building. If you have a VERY high efficiency(tight) building, consider having an indoor/outdoor air/heat exchanger installed, or have the power in the filter unit reduced so ozone production is minimized(this is usually a jumper setting in the power supply). Most U.S. buildings will not require such measures.
5. Don't underestimate the effectiveness of a simple furnace filter at the air intake and/or exhaust points from your HVAC system. Paper is the best filter, but reduces flow the most. Foam filters are pretty good, especially the "charged" ones. The cheap "spider web" filters are useless, don't use them. They'll catch large debris, but not the stuff clogging up you case fans.
6. If this is a very small room, one or more portable HEPA filters will help immensely. I install these in all the smaller server rooms that I work in. Run them continuously(24x7).
7. If at all possible, have your cleaning crew use HEPA filters on all vacuum cleaners used in your lab. Otherwise, a significant amount of light dust will simply be blown out of the vacuum unit and in to the air where it can be sucked in to the computers. Even better than the HEPA filters is to use a built-in type vacuum system where exhaust air is routed outdoors.
In my home, I use central electrostatic filters, a central vacuum, and keep my computers on the desk, not the floor. I have VERY little dust accumulation in my systems (or anywhere else).
Apple doesn't phyisically manufacture their own chips because it costs too much to start such a factory. Then you have to re-tool the factory every few months every time you want to use some new technology or technique (like smaller trace sized, SOI, copper interconnects, etc). This is also a similar question to "Why buy milk when you could just own a cow?" (or produce any other commodity you normally purchase). It's a matter of scale. For you to own and care for one cow is not cost effective. It's cheaper for you to pay someone else to deal with that hassle and let them make a profit from it, than for you to do it directly. This is the same reason that Apple doesn't own an LCD display fab or an injecetion molding fab, etc. Outsourcing is easier and keeps Apple focused on what they do best: design neat hardware, write killer software and make some deliciously addictive Kool-aid.
Apple DOES however use a chip they designed. Apple was one third of the consortium that designed the PPC platform. You may recall the AIM(Apple, IBM, Motorola) partnership? The group sat down and designed a common CPU reference platform that could be scaled to many uses, be power efficient, and be economical to produce. As such Apple does not need to license anything from anyone to have someone build the PPC for them.
The thing is though, that the PPC specs are more like black boxes than blueprints. In other words, the specs tell you what you put in, and what you get out, not what happens in the middle. The spec doesn't tell you what the chip should look like or how to construct it, just how it should work. Hence Apple negotiates with different manufacturers to impliment the PPC specs in the best technology available.
If you recall the whole reason Apple stuck with Motorola for so long is because IBM refused to impliment the "Altivec" enhancements in silicon. Apple was torn because IBM's processes are FAR better than Motorola's (faster clock speeds, lower power draw, lower heat output, higher yields). Now IBM is willing to do Altivec, and Apple gains all the other IBM nicities like SOI, copper, and smaller process size.
If Apple wanted to they could negotiate/contract with Intel, AMD or and of the myriad of chip fabs in the world to make the PPC. One has to ask themselves though... why would Intel or AMD be interested in building the PPC? Who other than Apple would be a customer? And what extra costs would Apple incur because the new company had to start with a design from scratch?
Huh?
What do you mean "...functionality is directly related to proprietary nature of the platform..."?
What exactly is proprietary about the Mac?
The CPU?
Nope, PPC is arguably on of the most open CPU formats on the market. Almost anyone willing to can join the PPC consortium and produce processors based on the platform.
The RAM?
Nope. Macs use standard RAM modules that are commodoty parts.
Peripheral bus?
I think most people in the world can get their hands on a PCI or AGP card pretty quickly.
Disk storage?
Hmmm. IDE and SCSI interfaces are the most popular and widely produced drive interface formats out there.
Network?
Ethernet 1000bT, at least 100bT standard on most models. Just plug in and let DHCP do its thing.
Okay, I think we're starting to narrow it down.
CDROM?
Again, IDE and SCSI cover it. Most any off-the-shelf drive pops in and "just works"
Display ports: VGA monitors work with all Mac hardware. You may need an adapter for Mac/VGA though. I know, I have three CRT displays on my Mac at the moment, one via the built-in Apple large port, one via a VGA port and one via a digital video port with a digital/crt adapter on PCI display cards.
Mouse and keboard?
USB devices are supported completely. In fact, before the iMac adopted it, USB was pretty much just "that funny connector" on most PCs. Yea, Intel invented USB, but Apple brought it to the mainstream.
Okay, so the hardware isn't proprietary, well it must be the software then.
Networking: TCP/IP, DNS, HTTP, SMTP, ARP nope, nothing proprietary there. But oh yea, you still have AppleTalk available for all those small networks that just don't want to bother with TCP/IP.
Graphics: OpenGL and PDF. Industry standards. In fact, some of the most open standards available.
Data interchange: OS X is probably the leader in adopting and supporting XML.
Multimedia: Quicktime supports most all industry standard codecs: MPEG2, MPEG4,AAC,MP3,sorenson, AIFF,etc.
Hmmm.... so tell me: what exactly is so proprietary about the Mac again? What you must mean by proprietary is that Windows' x86 binaries don't run natively on the machine under Mac OS.
To get anything proprietary hardware wise on a Mac you have to go back quite a few years to when they were all ADB, mini-din serial ports, NuBus based systems, and that was quite a while ago.
Your telling me that a large tape silo with a single robotic arm, and 10 tape streamers has more moving parts than 576 hard drives? Um, I think not.
The tape silo also cosumes a LOT less power, takes up less space, and doesn't demand as much environmental conditioning. Can you imagine the heat generated by 576 drives spinning at 5400RPM?
Yea, the system cost under half a million to build, it will also cost that in electricty over the five year life expectancy.
It wasn't so much competition that killed hte Newton, as poor management at Apple at the time of its release.
Those where the dark days of Apple when Steve was out of the driver's seat and the company was releasing a new desktop or laptop model every week. The company was killing itself from the inside out.
Steve came back and killed the Newton (along with 90% of the product line), because he needed to get the company back to its foundations in order to frow stong agin.
I personally ahve little doubt that had Steve never been ousted, and the Newton released with him at the helm, that it would have been the top dog in the PDA market.
The problem with your plans is market share. Software makers already claim they can't find the financial profitability in porting their software to Mac becuase of such a small audiience.
If Apple splits its market in to two incompatible processor technologies, it would be even LESS likely that new software would be ported, and it would have to be ported twice. That means twice as many SKUs, twice the inventory and shipping problems, twice the testing issues, all for what? Perhaps 20% grater market share?
And my point is that short of random physical inspections of the topology down to the desktop, how would you know of such a re-writing NAT device? You would have to epoxy the RJ45 connectors to the network card and the wall plate to have any real certainty that the cable is not moved to another device. That is of course counter productive in the long run, but perhaps necessary in some environments (like the White House situation room for example).
For the truely dedicated hacker, you can purchase a computer that's the size of a pack of cigarettes that has enough computing power to handle this job. This device could be removed in moments without causing network disruption.
(the NAT device assumes the MAC and IP address of the supported box, switching these two out does not require the switch to re-learn the MAC address, just a brief period where the physicsl link is down.). A really swift hacker would place this device on a co-worker's system a reasonable distance away to prevent job termination when the thing is discovered.
It seems to me that the best way to catch NAT devices is to perform actual network traffic analysis. Eg: It's unlikely that a single user would be able to maintain 20-30 initial web page requests (not including intrapage requests for components) per minute. A node exibiting such behavior is either running some sort of 'bot that I probably don't want on my network, or a NAT that is allowing many users to access the web through my network.
The same could be said about simple throughput. If the mean througput from a single workstation is 10K/s average over the course of a day, and I have two nodes that are sustaining 90K/s average, then that's something to investigate. Tansparent redirection and logging of packets may be called for, or a a chat with the employee who works at the node.
Intenal "sabotage" is usually my biggest concern as a network admin. I know where the hackers are outside, I can detect them and their attacks. But a disgruntled and intelligent employee already has phyisical and password access to my resources. When they go bad, things can get ugly fast. I still recall the employee who kept sending the "ping of death" to all the nodes on the LAN.
Perhaps one solution to the whole unothorized WAP access issue, is that companies should purchase inexpensive base stations and let them advertise to the world, but have no access to anything. With so many bogus APs for the outsiders to filter through, it would give the admins more time to locate the offending APs and shut them down.
But (IIRC) this is all easiily defeated with a small freely available piece of software called Linux and iptables.
iptables in particular allows you to mangle packets in the firewall/router.
In the case they provide of the illicit NAT box with host A and B behind them, you can make iptables re-write the IP header's TTL value to whatever you like for packets that were NATed. To the switch and the sFlow box, these NATed packets would appear the same as packets sourced from the NAT box.
So while this technique will foil the casual NATter's attempts, anyone with a little time on their hands, and a little knowledge can circumvent these detection methods.
There's a simple rule that history prooves about the classic cops/robbers drama: The robbers always have more money, more motivation and more talent than the cops. No matter how devious the cops tactics, they will always be one-upped by the robbers who will win out in the end (as a whole).