I pay what I consider an exorbitant monthly fee for my digital cable access, considering the number of actual programming hours I watch - and then I still have to deal with fscking commercials.
Here's the deal: Commercials are good, and should be there. TV really is different than renting a movie, and always should be. Yes, you can PVR your favorite stuff, but where's the fun in that. Live shows, your favorite sitcom, the local news, etc are all best enjoyed when they're actually on, not when replayed at will. Without the commercial breaks, when would you get up from the couch to move the laundry to the dryer, or step out for a cigarette, or grab a bag of popcorn?
The problem is that they've gotten greedy and made too many commercials, to the point that they're just stupid and annoying wastes of my time. They need to go back to an "intermission" model. Raise my cable rates about 25% higher than they currently are - use a lot of that revenue to replace lost ad revenue instead of lining the cable company's inefficient pockets - and cut waaay back on commercials. I think an appropriate level would be one 3-5 minute commercial break during a half-hour regular TV show, and one 5-7 minute commercial break per hour during a longer item like a movie or major event. People would pay the extra cable bill to cover it - and product placement covers some more. If that's not enough to cover it - well then there's too many talentless worthless people in the entertainment industry with too much money, they can take the pay cut.
And yes, they should send commercial marker signals, and PVRs should skip them. The commercials are for live watching, not for recording. And of course it should still be illegal to rebroadcast or sell your recordings, but there's no sense in trying to use technology to enforce that.
The same I2C protocol used in PCs for environmental monitoring and whatnot is useful for embedded too. You can string several devices on a two-wire bus, you get 2Mbps of speed (I think, it's been a while), and I've seen embeeded systems boards as well as devices like lcd display units that support this protocol for generic communication. There's also the I2C-variant "SMBus", not really sure what the difference is between the two.
Use linux, and go ext3 (the journalling version of ext2). Mount the ext3 filesystem with options "sync,data=journal", and you should never have any issues.
Spam email does cost real damages. I'm sure any ISP could measure the percentage fo their bandwidth consumed by spam every month, and talk baout what that costs them. There's also the poor sobs on 56k dialups, who spend a lot fo time downloading those junk mails to their mail client.
My experience has been that once you use an email address and publicize it in tags/webpages for a year or two, your inbound spam:realmail ratio becomes 10:1 or worse. That phone-line time for the 56k user is tying up resources, preventing that crucial phone call for a job interview, as validly as the fax line scanario at a business. It's also eating hard drive space, contributing to "windows entropy", wasting the user's time filtering spam when he should be just reading directed expected emails and going about his business....
IANAL, but I'm pretty sure case law is a fairly ambigious thing. I'm pretty sure that a lawyer can cite a decision in a state court in georgia as case-law backup in a court in california - it just doesn't hold as much weight as it would if you stayed in the same state - but it can be cited and used to bolster a case.
They have a 1U hardware unit that does a 6-channel GPS time sync, and has all kinds of crazy outputs for your ntp machine (IRIG-B, pps, ppm, etc). But better yet, you could just plug an ethernet jack into their box and it has an ntp serevr built in. Ideally you'd make this your tier-1, and put a couple of unix NTP boxen in the second tier to serve to other machines - you don't want tons of clients hitting the ntp port on the little hardware box.
As a meta note - this is one of many similar peices of hardware available out there from many companies. It took one google search for "GPS NTP hardware", and this was like the fourth link on the page. This is not ask slashdot material, it's just a dumb question from someone who can't use a search engine.
Well, there are certainly some issues facing wireless towers as well, but I'd like to defend against some of them:
1) You could spike some towers into the ice here and there - I'm not talking huge things, I'm talking 10-20 foot tall small towers.
2) I don't believe the path crosses any ocean, or at least the fiber article didn't seem to indicate this.
3) By not making it too directional, you can overcome the drift in the wireless path.
4) You could run a power cable to power them - I think engineering a big electrical cable along this path has got to be easier than running fiber.
But, supposing none of this works - how about some truly innovative and novel approach to antartic communication then? For instance (I'm I'm just throwing this out, it's a stretch) could one engineer some lightwave communication *through* the ice? Perhaps at a certain depth (a few hundred meters at most?) the ice takes on a very regular crystalline structure, permitting light signalling with some very custom equipment?
It would seem Antartica provides one of the most hostile environments imaginable for wires, especially fragile fiber. Someone may come up with a very novel cabling system that might work, but despite all efforts chances are it will break down in the first year of use because of some onforseen engineering complications.
So... why not go wireless? They seem to only consider satellites as wireless options, but why no ground-based wireless?
Surely for this amount of money one could devices a wireless repeater system to be more stable. Apparently you only have to get the signal about 2000km to Concordia and you're good to go - so why not deploy a wireless repeater station every X kilometers?
There are no obstructions in the path except for snow/ice storms in the air - surely one can find a frequency that deals with this problem well and provides decent bandwidth ver a decent distance right? If you can go 20km at a time it's only 100 repeater stations along the way (or maybe you'd place 2-3 of them 1 km or so apart at each repeat point for redundancy)
Probably not - a DSL connection can share a line with voice service, but I'm pretty sure that that two dsl modems won't co-exist nicely on the same line. Seeing as even a single DSL connection is more than enough for a household in terms of average bandwidth use throughout the month - and most people want to aggregate just for occasional peaks, you should probably share with neighbors.
Do the Multi-nat aggregate above between you and your neighbors DSL (as many neighbors as you can get). By pooling your bandwidth assets, you're all paying the same as you used to for regular DSL service, but you all get a much higher peak bandwidth, at least for multiple streams (You'll be limited to a single DSL worth of bandwidth for one download, but if you download several things in parallel you reap benefits).
To avoid disputes over bandwidth usage, you could set up some shaping software on the nat box to gaurantee a minimum pipe to each neighbor even when someone else is trying to hog it all.
Bastard mods dropped me two points for "Offtopic". I really hate when legit meta-discussion gets pushed down as noise, makes me feel like I'm being censored by the Slashdot Police or something.
It seems so from here. Not only am I getting slow page loads and occasional flat out denials - I'm also getting "wierdness" - like changing my threshold inside the article and being dumped back to the front page.
Perhaps the game table guy is pissed at being slashdotted and mounted a DDoS on slashdot itself?
It's a complex issue, but my overall thoughts on the matter - note this isn't neccesarily what's actually legal today, but what I feel is "right".
Anyone (a private citizen, a corporation, or a government agency) should be allowed to surveil public places. If I want to wear a bodycam walking all over the public parts of town, it's my business. Same goes for security cams watching streets/sidewalks near a business, and the same goes for government run cams. After all, you have no expectation of privacy in public anyways.
Publication/Sale/Transferrance of camera footage shot by these cameras should be forbidden without the permission of everyone in every frame. If you can't track them all down, and get their consent, you can't publish it raw. You can get away with it by blurring out any unknowns or non-consenters with a good blurring algorithm (I highly suspect some current forms of blurring seen on police tv programs can be undone by averaging the errors over time, but it's just a suspicion). I think this should include celebrities, contrary to current legal opinion.
Of course, in the case of the government, we really can't them from doing what they want with the images. Luckily on a broad scale they probably couldn't track us all, simply too much data. However, they could easily actively track for a "top 100 list" of people that they want to find and/or track. What I'd like to see is that any active wide-area face/person tracking (e.g. watching for a list of specific terrorists' faces on all cams in Manhattan for period of time) should require some sort of warrant or court order that relies on some evidence or at least reasonable suspicion - and no, "Ashcroft says so" doesn't meet that requirement for me.
RogueWave's SourcePro DB is basically what you're looking for, and RogueWave is fairly well known in the C++ comminity. The only caveat for you is that it directly doesn't support MySQL. It does however support Oracle, Sybase, MS SQL, Informix, and DB2. It also supports generic ODBC on the back, and I'm pretty sure there's an ODBC interface for MySQL out there - so you could use it that way.
I would imagine it would be with the right software. It falls in the same vein as a proven method for restoring old grainy video/film. Most of a given scene appears in hundreds of frames in a row, and the camera and it's flaws change position over the course of those frames - therefore you can average out the errors by comparing to neighboring frames and truly "restore" the film to a better-than-original quality.
Similary, but without the nagging worry of having killed subtle temporal changes in the object, I would imagine you could composite many cheap cameras into one large image, averaging all overlaps (almost everything should be overlapped many times) and get a very high res picture.
We're not done bursting the bubble yet. On a fundamental level, I believe in the value of computing and information technology. Any money and effort spent there is bound to reward any large company. The problem is that the effort/money isn't spent well. We've been in a long era (going back much further than.com) where IT is 90% bullshit and 10% reality. It's time to drop the excess weight and get back to doing things.
Among any technical job title out there, be it "Java Developer", "Web Guru", "Network Designer", "Oracle DBA", or any of the other millions, I firmly believe that a large chunk of the people holding a given title (75%, higher in some areas) aren't worth their salaries. They should be making $30,000 for the amount of real benefit they are providing, not $90,000.
Companies need to get real. They need to spend IT HR money into two basic categories, and wisely: Production Support (mostly human macro tasks, shouldn't pay all that well), R&D (coders, testers, app designers, systems/network engineers - should pay well, but you should have about 10% of the staff you have now, and they should all be skilled and worth their money).
With a clear vision and none of the bullshit overspending fluff this industry continues to see, I bet the average IT dept could run on 20-30% of their normal budgets.
Yeah most current software doesn't deal well with these as well as other control characters - but it's conceivable to make them work, by using wide characters and unicode-aware stuff in your C code, and maybe revamping a bash-variant to do the same. I'm pretty sure glibc has the right functions in there, just most people don't use them - they prefer to live in an ascii dreamland.
1 - raw network man in the middle - this bug kills the browser warning.
2 - DNS Spoof - ditto, it kills the browser warning for you.
In both cases though, the attack was possible to begin with - you've just eliminated the warning, that again I think most bulk users would click through.
The problem is more complicated than the question makes it out to be. An Ideal filesystem should allow any random binary bits to make up a filename, such that the filenames can be Unicode, so that Chinese people can name files in Chinese, Math professors can use the unicode for a math formula as the name of a document describing how to solve it. When you think in this bigger sense - it becomes a lot harder.
Ideally the encoding method (Unicode in this example) should provide some way of seeing the equivalency of certain characters (two different representations of the equal sign, two different cases of the letter A, etc..), and the application should be able to make use of this during a regex search, or maybe even during a library wrapped "open() or readdir()" call, where the application is "Windows Explorer", "bash", or anything else.
Ultimately this has to be resolved in userland tools and the libraries that support them - the best answer for the filesystem layer is to support all possible characters literally and meaningfully in filenames, so as not to restrict the schemes layered on top of it.
Most of the above attacks aren't unique to this bug though, that's the problem. If you can root the client or server, you don't need this bug. If you can modify the DNS records, you don't need this bug (well, you can at least get all the new clients, maybe not the ones who saw the cert once already).
What's unique is that previously if the client, server, and DNS were well-secured, then the only viable remote electronic attack was by a physical man-in-the-middle on the intervening network, and that attack would cause a warning to the browser (which many would sadly just click past) - now with this bug, the browser warning goes away.
Please beware that the overall impact of this problem is relatively minimal. The sky isn't falling. What this allows is a man-in-the-middle attack without the usual telltale browser confirmation box that one sees when using an unsigned certificate. The attacker still has to get on the network between you and the website and essentially transparent-proxy your connection through a rogue ssl proxy to make this all work. For the most part people with this level of network access for wide numbers of people are not so devious as to actually do this for profit.
On another note - if they did a traditional man-in-the-middle SSL attack, it might be very hard to track down who did it, but it would be very easy to tell it was being done (because you'd get a browser warning about the certificate not being vaild for this site and/or signed properly). With this new approach, you get no browser warning, but it's presumably easy to track down the culprit, since the certificate signing chain will include a legitimate cert issued to the attacker that can be queried at Verisign or whoever they used - unless they steal a cert from someone else.
Slashdot Mirror
I pay what I consider an exorbitant monthly fee for my digital cable access, considering the number of actual programming hours I watch - and then I still have to deal with fscking commercials.
Here's the deal: Commercials are good, and should be there. TV really is different than renting a movie, and always should be. Yes, you can PVR your favorite stuff, but where's the fun in that. Live shows, your favorite sitcom, the local news, etc are all best enjoyed when they're actually on, not when replayed at will. Without the commercial breaks, when would you get up from the couch to move the laundry to the dryer, or step out for a cigarette, or grab a bag of popcorn?
The problem is that they've gotten greedy and made too many commercials, to the point that they're just stupid and annoying wastes of my time. They need to go back to an "intermission" model. Raise my cable rates about 25% higher than they currently are - use a lot of that revenue to replace lost ad revenue instead of lining the cable company's inefficient pockets - and cut waaay back on commercials. I think an appropriate level would be one 3-5 minute commercial break during a half-hour regular TV show, and one 5-7 minute commercial break per hour during a longer item like a movie or major event. People would pay the extra cable bill to cover it - and product placement covers some more. If that's not enough to cover it - well then there's too many talentless worthless people in the entertainment industry with too much money, they can take the pay cut.
And yes, they should send commercial marker signals, and PVRs should skip them. The commercials are for live watching, not for recording. And of course it should still be illegal to rebroadcast or sell your recordings, but there's no sense in trying to use technology to enforce that.
The underscores are quite traditional for emphasis, dating back to the earliest of crappy BBS networks and early internet.
The same I2C protocol used in PCs for environmental monitoring and whatnot is useful for embedded too. You can string several devices on a two-wire bus, you get 2Mbps of speed (I think, it's been a while), and I've seen embeeded systems boards as well as devices like lcd display units that support this protocol for generic communication. There's also the I2C-variant "SMBus", not really sure what the difference is between the two.
Use linux, and go ext3 (the journalling version of ext2). Mount the ext3 filesystem with options "sync,data=journal", and you should never have any issues.
Spam email does cost real damages. I'm sure any ISP could measure the percentage fo their bandwidth consumed by spam every month, and talk baout what that costs them. There's also the poor sobs on 56k dialups, who spend a lot fo time downloading those junk mails to their mail client.
My experience has been that once you use an email address and publicize it in tags/webpages for a year or two, your inbound spam:realmail ratio becomes 10:1 or worse. That phone-line time for the 56k user is tying up resources, preventing that crucial phone call for a job interview, as validly as the fax line scanario at a business. It's also eating hard drive space, contributing to "windows entropy", wasting the user's time filtering spam when he should be just reading directed expected emails and going about his business....
Spam does have costs.
IANAL, but I'm pretty sure case law is a fairly ambigious thing. I'm pretty sure that a lawyer can cite a decision in a state court in georgia as case-law backup in a court in california - it just doesn't hold as much weight as it would if you stayed in the same state - but it can be cited and used to bolster a case.
They have a 1U hardware unit that does a 6-channel GPS time sync, and has all kinds of crazy outputs for your ntp machine (IRIG-B, pps, ppm, etc). But better yet, you could just plug an ethernet jack into their box and it has an ntp serevr built in. Ideally you'd make this your tier-1, and put a couple of unix NTP boxen in the second tier to serve to other machines - you don't want tons of clients hitting the ntp port on the little hardware box.
As a meta note - this is one of many similar peices of hardware available out there from many companies. It took one google search for "GPS NTP hardware", and this was like the fourth link on the page. This is not ask slashdot material, it's just a dumb question from someone who can't use a search engine.
Well, there are certainly some issues facing wireless towers as well, but I'd like to defend against some of them:
1) You could spike some towers into the ice here and there - I'm not talking huge things, I'm talking 10-20 foot tall small towers.
2) I don't believe the path crosses any ocean, or at least the fiber article didn't seem to indicate this.
3) By not making it too directional, you can overcome the drift in the wireless path.
4) You could run a power cable to power them - I think engineering a big electrical cable along this path has got to be easier than running fiber.
But, supposing none of this works - how about some truly innovative and novel approach to antartic communication then? For instance (I'm I'm just throwing this out, it's a stretch) could one engineer some lightwave communication *through* the ice? Perhaps at a certain depth (a few hundred meters at most?) the ice takes on a very regular crystalline structure, permitting light signalling with some very custom equipment?
It would seem Antartica provides one of the most hostile environments imaginable for wires, especially fragile fiber. Someone may come up with a very novel cabling system that might work, but despite all efforts chances are it will break down in the first year of use because of some onforseen engineering complications.
So... why not go wireless? They seem to only consider satellites as wireless options, but why no ground-based wireless?
Surely for this amount of money one could devices a wireless repeater system to be more stable. Apparently you only have to get the signal about 2000km to Concordia and you're good to go - so why not deploy a wireless repeater station every X kilometers?
There are no obstructions in the path except for snow/ice storms in the air - surely one can find a frequency that deals with this problem well and provides decent bandwidth ver a decent distance right? If you can go 20km at a time it's only 100 repeater stations along the way (or maybe you'd place 2-3 of them 1 km or so apart at each repeat point for redundancy)
Probably not - a DSL connection can share a line with voice service, but I'm pretty sure that that two dsl modems won't co-exist nicely on the same line. Seeing as even a single DSL connection is more than enough for a household in terms of average bandwidth use throughout the month - and most people want to aggregate just for occasional peaks, you should probably share with neighbors.
Do the Multi-nat aggregate above between you and your neighbors DSL (as many neighbors as you can get). By pooling your bandwidth assets, you're all paying the same as you used to for regular DSL service, but you all get a much higher peak bandwidth, at least for multiple streams (You'll be limited to a single DSL worth of bandwidth for one download, but if you download several things in parallel you reap benefits).
To avoid disputes over bandwidth usage, you could set up some shaping software on the nat box to gaurantee a minimum pipe to each neighbor even when someone else is trying to hog it all.
Keep going assholes.
Bastard mods dropped me two points for "Offtopic". I really hate when legit meta-discussion gets pushed down as noise, makes me feel like I'm being censored by the Slashdot Police or something.
It seems so from here. Not only am I getting slow page loads and occasional flat out denials - I'm also getting "wierdness" - like changing my threshold inside the article and being dumped back to the front page.
Perhaps the game table guy is pissed at being slashdotted and mounted a DDoS on slashdot itself?
It's a complex issue, but my overall thoughts on the matter - note this isn't neccesarily what's actually legal today, but what I feel is "right".
Anyone (a private citizen, a corporation, or a government agency) should be allowed to surveil public places. If I want to wear a bodycam walking all over the public parts of town, it's my business. Same goes for security cams watching streets/sidewalks near a business, and the same goes for government run cams. After all, you have no expectation of privacy in public anyways.
Publication/Sale/Transferrance of camera footage shot by these cameras should be forbidden without the permission of everyone in every frame. If you can't track them all down, and get their consent, you can't publish it raw. You can get away with it by blurring out any unknowns or non-consenters with a good blurring algorithm (I highly suspect some current forms of blurring seen on police tv programs can be undone by averaging the errors over time, but it's just a suspicion). I think this should include celebrities, contrary to current legal opinion.
Of course, in the case of the government, we really can't them from doing what they want with the images. Luckily on a broad scale they probably couldn't track us all, simply too much data. However, they could easily actively track for a "top 100 list" of people that they want to find and/or track. What I'd like to see is that any active wide-area face/person tracking (e.g. watching for a list of specific terrorists' faces on all cams in Manhattan for period of time) should require some sort of warrant or court order that relies on some evidence or at least reasonable suspicion - and no, "Ashcroft says so" doesn't meet that requirement for me.
RogueWave's SourcePro DB is basically what you're looking for, and RogueWave is fairly well known in the C++ comminity. The only caveat for you is that it directly doesn't support MySQL. It does however support Oracle, Sybase, MS SQL, Informix, and DB2. It also supports generic ODBC on the back, and I'm pretty sure there's an ODBC interface for MySQL out there - so you could use it that way.
I would imagine it would be with the right software. It falls in the same vein as a proven method for restoring old grainy video/film. Most of a given scene appears in hundreds of frames in a row, and the camera and it's flaws change position over the course of those frames - therefore you can average out the errors by comparing to neighboring frames and truly "restore" the film to a better-than-original quality.
Similary, but without the nagging worry of having killed subtle temporal changes in the object, I would imagine you could composite many cheap cameras into one large image, averaging all overlaps (almost everything should be overlapped many times) and get a very high res picture.
Dude, Imagine a Beowulf Cluster of these!
We're not done bursting the bubble yet. On a fundamental level, I believe in the value of computing and information technology. Any money and effort spent there is bound to reward any large company. The problem is that the effort/money isn't spent well. We've been in a long era (going back much further than
Among any technical job title out there, be it "Java Developer", "Web Guru", "Network Designer", "Oracle DBA", or any of the other millions, I firmly believe that a large chunk of the people holding a given title (75%, higher in some areas) aren't worth their salaries. They should be making $30,000 for the amount of real benefit they are providing, not $90,000.
Companies need to get real. They need to spend IT HR money into two basic categories, and wisely: Production Support (mostly human macro tasks, shouldn't pay all that well), R&D (coders, testers, app designers, systems/network engineers - should pay well, but you should have about 10% of the staff you have now, and they should all be skilled and worth their money).
With a clear vision and none of the bullshit overspending fluff this industry continues to see, I bet the average IT dept could run on 20-30% of their normal budgets.
Yeah most current software doesn't deal well with these as well as other control characters - but it's conceivable to make them work, by using wide characters and unicode-aware stuff in your C code, and maybe revamping a bash-variant to do the same. I'm pretty sure glibc has the right functions in there, just most people don't use them - they prefer to live in an ascii dreamland.
If you can slip in code, you don't need this bug.
I'll give you 2 new attacks, but not 3
1 - raw network man in the middle - this bug kills the browser warning.
2 - DNS Spoof - ditto, it kills the browser warning for you.
In both cases though, the attack was possible to begin with - you've just eliminated the warning, that again I think most bulk users would click through.
The problem is more complicated than the question makes it out to be. An Ideal filesystem should allow any random binary bits to make up a filename, such that the filenames can be Unicode, so that Chinese people can name files in Chinese, Math professors can use the unicode for a math formula as the name of a document describing how to solve it. When you think in this bigger sense - it becomes a lot harder.
Ideally the encoding method (Unicode in this example) should provide some way of seeing the equivalency of certain characters (two different representations of the equal sign, two different cases of the letter A, etc..), and the application should be able to make use of this during a regex search, or maybe even during a library wrapped "open() or readdir()" call, where the application is "Windows Explorer", "bash", or anything else.
Ultimately this has to be resolved in userland tools and the libraries that support them - the best answer for the filesystem layer is to support all possible characters literally and meaningfully in filenames, so as not to restrict the schemes layered on top of it.
Most of the above attacks aren't unique to this bug though, that's the problem. If you can root the client or server, you don't need this bug. If you can modify the DNS records, you don't need this bug (well, you can at least get all the new clients, maybe not the ones who saw the cert once already).
What's unique is that previously if the client, server, and DNS were well-secured, then the only viable remote electronic attack was by a physical man-in-the-middle on the intervening network, and that attack would cause a warning to the browser (which many would sadly just click past) - now with this bug, the browser warning goes away.
Why is it surprising that a book about food would be popular on Slashdot? Think about it...
Please beware that the overall impact of this problem is relatively minimal. The sky isn't falling. What this allows is a man-in-the-middle attack without the usual telltale browser confirmation box that one sees when using an unsigned certificate. The attacker still has to get on the network between you and the website and essentially transparent-proxy your connection through a rogue ssl proxy to make this all work. For the most part people with this level of network access for wide numbers of people are not so devious as to actually do this for profit.
On another note - if they did a traditional man-in-the-middle SSL attack, it might be very hard to track down who did it, but it would be very easy to tell it was being done (because you'd get a browser warning about the certificate not being vaild for this site and/or signed properly). With this new approach, you get no browser warning, but it's presumably easy to track down the culprit, since the certificate signing chain will include a legitimate cert issued to the attacker that can be queried at Verisign or whoever they used - unless they steal a cert from someone else.