I've just taken to abandoning both Hackers and Crackers and using Attackers. It works just fine in everyday conversation and nobody misunderstands you. "NAT can prevent attackers from breaking into your network, by removing global incoming addressability." "The web site was attacked, but survived." "Somebody is attacking my server."
I don't really get it. You've got a couple companies with a shit-ton of cash, none of which they want to give to you. (Promises, sure. They'll blow smoke up your ass about you being the next DVD format all day. But cash? No.) Or you've got a shit-ton of people with no shortage of cash, who wont give you the time of day if you pay attention to the aforementioned companies, but who will be more than happy to rain lots of money upon you if you give sell them what they would like to buy.
I mean, it's not like this story hasn't been played out before. Look at Dataplay. Gigabyte on a quarter. Tech's out now. Wrapped up in DRM.
DOA.
More CD-R's will be purchased in the next thirty seconds than Dataplay discs will be before they're pulled off the market. They wish I was exaggerating.
Seems to me that all DRM buys you is bankruptcy...
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Housing associations are attached to the house -- a major debting transaction that will follow your throughout much of your life. Governmental regulation as well follows you forever -- part and parcel with living in a militarily guarded state.
Houses aren't something you just go ahead and pick up. They're not "Consumer Durables".
When you pay the money for a house, it goes to the previous owner, and the social management responsibility goes to your neighbors and your jurisdiction.
When you pay the money for a door, it goes to the previous owner -- the vendor who sold you the door.
If the last guy who lived in the house told me he didn't like some of the changes I made, I'd tell him to go away. My neighbors might have a valid stake, one that I investigated when I decided to live in this neighborhood, due to the incredible debt being talked about with this transaction -- but if the previous owner was nervous about me doing things with his product, perhaps he shouldn't have sold anything to me.
Government regulation is different than what's being talked about here. I submit that the garage door company -- both in the analogy and the case study -- is sleazing their way out of the original deal. I bought a garage door. I may be beholden to my neighbors. I may be beholden to my government. But how am I beholden to the previous owner? Under what theory is that legitimate?
Don't sell me a crowbar proof door if it ain't crowbar proof.
Don't whine that stores shouldn't be selling crowbars.
And sure as hell, don't sue the guy making me a crowbar. Makes it sound like it ain't my door to bang on, makes it sound like it ain't your money to be suing anyone with.
Look, I don't know what to say. It's my door. I want to open it with whatever remote I damn well please. If it's possible for me to generate a remote for my door that doesn't actually require me to do anything particularly special *as the owner*, then the remote control I had doesn't actually protect me as much as I thought it would.
Now I know I may need to buy a new door, or I may decide to accept the risk. But it's my door to make that choice with.
I own an opener for that door. I even own the remote.
By, "I own", I mean it's my property -- it's not like I'm in some strange "leasing" arrangement, where, say, I need to ask permission from the last person who owned the garage door if it's OK now to open it on up.
See, it's mine. I can do with it what I want. If the guy who sold me the door says I can't do what I want with it, I say, he shouldn't have taken my credit card. It's not his property anymore, it's mine.
And if he says the door was his idea, his "intellectual property", I'll kindly point out that, er, that's nice, see that door? It's my door. Not your door. My door. My very nice door, sure -- great ideas behind it, I don't usually buy products with crappy ideas behind them. I think the goodness of the idea was inherent in me providing that money the guy so happily accepted.
So, er, bugger off.
Ah, now it comes time to paint the door. Excuse me. Paint *my* door. What the hell? There's some "anti-stick" teflon coating on my door?
It's illegal for me to remove this stuff? Isn't it mine?
I'm supposed to buy a new door, whole new color? But I already own a door, and the paint on that door. Isn't it all mine?
If I remove the surface, I go to jail?
If someone removes *my* Teflon (I may not want it, but I sure got it -- sort of like excessive packaging) and paint *my* door the color *I* want it, *I've* got a cellmate?
Now how exactly is this door mine?
And if I don't really own the door, do they really own the money I paid for it with?
I bet if I move, I have to burn the door down and leave the next owner to buy one of their own...
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
So much acrimony over a technology invented by children...
What? You don't realize language is designed by kids? Go study the formation of new ones, usually the result of multiple societies being crammed together by the latest political upheaval. The parents make the pidgin, which is pretty terrible. The kids make the creole, which is astonishingly correct.
It's not that Virii is right or wrong. It's that Viruses is inconvenient to speak -- it adds a redundant syllable, especially if you try to tack on possession (viruses' make write nicely, but vi-ruh-sis-izz-izz is a nightmare).
We need a better way to say this, but we don't have a good way of converting "-us" into a plural. So we try -ii, based off what we saw happen in, er, some word somewhere -- perhapps based on symmetry with the i early in virus. But lots of other people call bullshit(ii), and demand justification and reasoning and bla bla bla.
Whatever. It's all made by kids to make it easy to say stuff. Quit acting like the world is going to come to and end if it's not precisely like the way a bunch of dead people spoke:)
--Dan
Re:Stop the mindless Microsoft bashing...
on
Assorted CES Gizmos
·
· Score: 2
I had a pager and a cell phone. My cell phone's battery lasted a day. My pager's battery lasted several months. Guess which one people could depend on reaching me with?
This is ridiculous. We've got metric shit-tons of bad ass technology coming out of CES right now (Did you see the new Casio Exilim? 3Mpix, 3x Zoom, damn near flat!). But all people here can do is bitch about Gates' new toy.
I don't think you claim practical arguments without actually seeing the thing in use. We at least had screenshots for Aqua!
If I remember correctly, Sega used a similar system with bitmaps to enforce their ability to control who could make games for the Genesis. Accolade copied the bitmap, and was thusly sued by Sega.
The court ruled that since Sega had intentionally placed their mark in the way of Accolade's legally protected right to interface with Sega hardware, Sega couldn't turn around and sue Accolade for infringement on that trademark.
Sega played with fire -- and got rather burned.
Caveat: IANAL, and it's been a long time since I read about this case.
--Dan
Re:Stop the mindless Microsoft bashing...
on
Assorted CES Gizmos
·
· Score: 2
Are pagers ludicrous ideas?
Do they suddenly become ludicrous when they're on your watch instead of on your belt?
Or does the insanity begin when they stop giving phone numbers, and go fully alphanumeric?
Anyway, my point isn't about the usefulness of the technology. To you, it's useless. To me, watches are the gold standard of information, once only vaguely available to humans, becoming so widely deployed that the very nature of life was shifted. (Look into some of the sociological implications of the clock. They're not minor.) Attaching more context than the mere time of day seems quite apropos to this form factor -- provided it can be efficiently displayed.
Furthermore, watches happen to be, by far, the most energy efficient products in the world of consumer electronics. Owners of the Timex Beepwear complained that their watches died after three whole months! Leave your Palm alone for a week, and you've got a corpse -- and look how much love the Palm gets!
Dead batteries yield little data.
Bah. My point is that anti-Microsoft bigotry contributes nothing of value to the discussion. We both agree that a watch that informs you of Microsoft's stock price -- and nothing else -- is quite useless. But I suspect it does a little more.
People can have different opinions -- you hate Aqua, others are so attached to it that they port it to other systems whether Apple likes it or not. But your dislike of it at least comes from how it looks, not the fact that it's another crime against humanity by Apple Computer, Inc. Can I say the same about your reaction to the watch?
I'm serious. We all got (justifiably) goofy when IBM put together a prototype Linux watch -- unabashedly useless, but deliciously fun to imagine hacking on. If this watch came from some random valley startup, and was served by a Linux server farm, we'd be all over it.
But somehow, it comes from Microsoft, and it's crap. Whatever. Universal access to personally relevant data, tuned directly to my needs and priorities, without needing to worry about yet another gadget to throw in my pocket and/or recharge -- this is cool sh*t, folks!
Hell, it's a better use of FM than anything Clearchannel's managed to do lately.
I've been saying this for a while: People keep saying Microsoft engineers can't build anything right...and their marketing folks believe it, and do what they can to force people to buy anyway.
Bashing the engineers does nothing to dissuade the wayward marketeers, folks. It can only make them worse.
There's little more tragic than page after page of nonstop derision for Microsoft Tablet PC's peppered with whispered excitement over Linux Tablet PC's.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Pay phones would make more money if they, like, accepted lots of it, in large denominations, when being begged to.
Oh, do I have a rant for y'all.
===
Gather 'round the pixels, folks, and let a still green traveller relate a story from the olden days...
End of September, actually. Toorcon -- I flew out to San Diego to join Hikari's bad ass hackfest. Was so excited that I'd actually gotten my degree three days previous (not -- but that's another story entirely) that I didn't even think to check *where* in San Diego I was going.
Lesson #1: For f*ck's sake, know where you're going after the airport.
Figured I'd just check the net when I got there. *laughs*
Lesson #2: For f*ck's sake, KNOW you'll never get a net connection when you really, really need one. (Reference: "The Inverse Square Law vs. The Presence of Microsoft Powerpoint: May The Enemy Never Discover The Network Cloaking Power of Talking To People When Powerpoint Is On")
So. Rumor has it San Diego's Airport got a new water fountain once...it's talked about in hushed whispers, the emergency budget excess of 1983 brought a quenched thirst upon every traveler since. According to legend, other plumbing amenities relating to the invention of running water shall someday visit themselves upon this fine structure.
No friendly arrows, no Internet Cafe's -- and though the Starbucks served coffee, it came in Disass only. There wasn't even a poorly secured baggage handling network waiting to provide me with my next stop (not that I'd ever poke around an airport network; for God sakes lad, they have guns! And Latex Gloves! I plead Joey's Soverignty!)
So what could I do? Went to call my apartment.
On a Pay Phone.
Lesson #3: For f*ck's sake, buy a cell phone. Seven Eleven has them. They're FREE(after many rebates you'll never recieve). There's a REASON they're so profitable -- because PAY PHONES NOW SUCK.
Proof:
You want proof? My previous ranting is insufficient to show that I indeed know large scale suckitude when I recognize it in my cold, not quite dead flesh?
Got some overpriced food. Requested change in quarters -- I was off to the telephone to get fully ripped off, but there's a LOT of hotels in SD and I didn't much prefer to check each one.
"Bzzzzzz. I'm sorry, this phone doesn't accept coins for long distance calls."
Lesson #4: Remember how you heard that pay phones weren't making money? They mispelled "taking".
After bitching and moaning, I remembered I could charge my card to my credit card. Yes! Maybe my legal tender, unconstitutional to refuse (but we'll ignore that) couldn't get me moving, but surely the mighty power of Visa -- it's everywhere I want to be, and I want to be in a nice bed, and in that bed...er, anyway.
"Thank you for calling 1-800-CALL-ATT. For a credit card call, press this number or we'll sic Carrot Top on you."
"Thank you for selecting a credit card call. If you have a Mastercard, press 1. If you have an American Express, press 2. If you have a Discover Card, press 3. If you have a Visa, get a very strange look on your face."
"Thank you for getting a very strange look on your face. An operator will be with you shortly to further refuse payment for services."
You have to understand. I just graduated, I've got a LONG trip ahead of me -- this is right before the Singapore trip -- of all the problems I imagined possible, not having enough to pay for a single phone call was rather disconcerting.
I briefly considered my options for having myself placed under arrest. I hear those guys get a phone call. But then I realized their call is on a pay phone too. Oops.
Ended up calling my mother's company on their 800 number, tail between my legs, begging for info off a single web page. You'd THINK it ends here...
'cept the person I reach, despite the net connection on her desk, doesn't particularly know what to do with it. So she calls her husband. To access the net. For me.
Ever browsed the web through a listener that doesn't know what she's hearing but has to translate it into something she's saying? You Will, and the company that will bring it to you...
Anyway, no reason to rant further -- it was one heck of a trip, an absolute blast -- but indeed, no matter what country I ended up in, the pay phones were as spastic as an epiliptic monkey with a broken pacemaker.
I did like the 90 second pay phones, that took 75 seconds to establish a call. talkfastdoesn'tevenbegintocoverit
Needless to say, I am now vastly more knowledgable about that which is GSM.
If there is a life threatening condition down the road, the cloned person may have to endure a lot of pain and suffering that would have been avoided had they been a normal conception and birth.
I do believe it's important to point out that the "normal conception and birth" isn't an option for this person -- either they're born as a clone, or they live and die their entire life as but a single cell from the "superior original".
How supremely odd...a ban on cloning is, literally, a denial of a right to life -- one that extends before even conception.
Bush administration makes alot of noise that they're doing something serious to deal with Internet Security, and *gasp* all they're up to is just cajoling private industry to get their act together. The slackers!
A half year goes by, and again, more noise. This time they're doing something real -- central monitoring, accountability, mandatory support for legal interception, and *gasp* all they're up to is stealing control of private property to further their own nefarious goals. The nazis!
I'm not sure what people want. I'm not sure what I want. The only thing I am sure of is we'll not be happy with whatever we get.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Per-character latency tends to suck. Indeed, per *page* latency tends to suck. They're trying to avoid all that through serializing into a file, then transfering the files via FTP. It's not a bad way to go.
Everything you say about FTP is correct -- on an interactive protocol level.
But latency at the protocol layer is not what they're trying to solve (indeed, they'd be using TCP either way, so they're having protocol issues with latency no matter what). They're trying to solve latency from the perception of the operator, by batching all of his requests into a job file. And it's standardized access to a remote file system that FTP addresses well. While HTTP does all you claim, it does an undeniably poor job of standardizing the presentation of remote files. NASA's centralized all their custom programmatic work -- both in the encoding of batched commands, and the decoding of batched results -- into a tarball. (At least, that's what I'm assuming -- I've done the same thing in the past.)
Once you have these batches, everything is utterly standard. Yes, HTTP lets you download multiple files at a time. From which URLs? Ah, you must download the HTML, pick out all the links, create an index, from those links, and start pipelining a number of requests. How many requests? How deep can the pipe go? And dear god, uploading data into a HTTP system is an utter pain in the ass.
You can build things with wget and curl. But should you?
Sure, you can twist a web server into doing all this. But it's not what it was designed for. HTTP may offer significantly fewer round trips, but its presentation of a remote file system is immature at best and a horrifying fault of HTTP at worst. How many people do you know who FTP their updated web pages into the servers? Is there even a lightweight text editor with *HTTP* support?
FTP's all about centralizing the difficulty into the file format. HTTP ends up screaming at you(a human) to use a web browser to click some icons and fill out some forms.
A simple example: wget a directory served by apache. Notice all the files with weird names, like =AQ and whatnot? Those are alternate directory indexes. Grab the same directory of files over FTP, still using wget. This works right.
Funny -- the latency win is from serializing i/o to individual files. HTTP's so bad at file management, that its use would actually threaten the viability of using files...the protocol issues, both TCP and Layer 7 just get lost in the backwash compared to that.
--Dan
P.S. Yes, I looked into doing this over SSH...you could do something like:
ssh user@satellite "scan_here -o scan1; scan_there -o scan2; tar czvf - scan1 scan2" | tar xzvf -
Quantum Entanglement is much more proof of a quantum scale PRNG than people are willing to admit.
I suspect eventually the inherent conflict between Quantum Entanglement(subatomic particles may have their "random" states synchronized) and Quantum Cryptography(subatomic particles are perfect unique tokens because their random states may never be duplicated) will lead to a break in one or the other. They will likely mutually annihilate.
Telemetry's pretty error resilient; even if I drop a packet, I can usually interpolate without too much threat. Batches of instructions are another matter; if a packet's dropped, it needs to be replaced, in line, or the entire transfer fails. Thus me mentioning the tech used for reliable multicast -- it works by broadcasting to everyone, then letting individuals ask the central server (or eachother) for retransmissions. In this case, there's as few as one host to speak to -- but it may request retransmissions without even interrupting the primary link.
You mentioned multicast UDP for commands. I can see this for something like, "Everyone, point their dishes at this quadrant of space"...but managing error control and responses must not be fun.:-) I'm curious if you know any more about the work involved on this.
Thanks!
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
No effective method's been found. Light's been slowed down tremendously -- we're talking to around 30 miles per hour, inside of what's referred to as a Bose-Einstein Condensate -- but it doesn't appear possible to transmit information faster than the speed of light.
A couple people have used sleight of hand to create effects that, as a whole, do move faster than the speed of light. But there's nothing actually moving, you see. They're the physical equivalent of the disconnection between the rate of individual cars in traffic and the rate at which traffic dissapates. Imagine an accident's cleared, and traffic suddenly has an open path. Does it disappear immediately? No -- the first guy has to get off his brake and accelerate, then the second guy needs to see the first guy go, then the third guy needs to see the second guy, etc. So even though everyone could start accelerating immediately, this "wave", not composed of anything but the awareness that motion is possible, slowly eats away at the traffic jam.
Now, flip the situation -- imagine everyone's car had a computer that received a message saying, "traffic jam has been cleared; in 60 seconds, everyone start accelerating at the standard rate." No individual car is going to travel much faster than the speed limit -- but that pulse is going to go backwards at tens of thousands, maybe even hundreds of thousands of miles per hour. Theoretically, the "pulse" could go faster than light -- the timing information was deployed by radio, at the speed of light, but that was the past. It is now; no information needs to be exchanged to move, so there's no limit to the speed at which the "motion pulse" could occur.
But no information is moving. Just a pulse, only visible from afar.
Electricity moves as somewhere between half and two thirds the speed of light. It's slower, but still quite speedy (until you get into the scale of microchips, at which point you actually need to start taking into account signal propogation delay as you try to move from one side of the chip to the other).
There does appear to be some theory that gravity is instantaneous; my personal suspicion is that even if it was, the speed of which a sensor could react to it would be directly tied to the distance from the gravitational object (i.e. sure, the message might get sent, but it wouldn't have enough energy to be detectable until the requisite amount of light time had passed). Nature tends to be annoying in that way:-)
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Engineering Issues with Space Design
on
Web Enabled Spacecraft
·
· Score: 5, Interesting
Serious kudos to these guys for the work they're doing! From what it sounds like, they're using FTP inside of either a IPSec or custom layer 2 encrypted tunnel -- once you've been wrapped by that, you're mostly OK (though FTP servers in general have had some pretty nasty growing pains).
Some may be wondering why the use of FTP, instead of HTTP. Indeed, HTTP is a unified protocol capable of elegantly handling both (moderately) interactive command exchange and bulk data transfer. The problem is latency -- if this beast is going anywhere, there's going to be some significant (5-10 second, minimum) lag between issuing commands and receiving responses. In such an environment, you don't *want* interactive access; you want an elegant way of providing a series of commands and receiving a series of responses. FTP provides that -- among other things, while HTTP's capacity for downloading files is quite mature, anything more is asking a bit more of HTTP than it was designed.
FTP has specific commands for machine interaction w/ the file server -- NLST provides a standard formatted directory of files, independent of the underlying implementation. By contrast, Apache dumps some HTML.
WebDAV ("Web Folders) was meant to address complex file system operations under the rubrick of HTTP. Thus far, it hasn't been much of a success. It most likely never will be. Thus, FTP is used.
But FTP is built on TCP, and this introduces a problem: The affects of latency upon the underlying TCP error handling protocol. TCP implementations are notoriously untuned for the case of high bandwidth, high latency. They're built to assume the lack of a response implies either congestion on the line or packets being dropped; either way, implementations tend to scale back. Significant work has been done to address this case, mostly on the behalf of Satellite systems (the ultimate in high latency, high bandwidth access). Mostly, the idea is to expand window size (the amount of data that each side is allowed to send before it must receive an acknowledgement) to match the amount of data that's literally hanging amidst space and time on its way to its receiver. But this is a very hard problem, one of the few that the architecture of TCP has quite a bit of trouble scaling to handle.
NASA went to a bulk transfer protocol, partially because interactive performance across large distances is problematic. But the bulk transfer protocol itself is based upon an interactive error management protocol. It'd be interesting to repurpose an established protocol for error-handled bulk transfers for just this use...I'm certain one of the "reliable multicast" architectures out there would be an astonishingly elegant solution.
That's not to say they made the wrong choice with FTP -- particularly if they tuned their stacks well, and encapsulated themselves amidst lower layer security, great job! Just that there's lots of work in this arena left to do.
If I remember right, Vint Cerf and a couple of his colleagues were working on IP protocols suited for communication between Earth and Mars. We're talking *minutes* of latency! Now that'll be a hell of a hack:-)
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
A few years back, a company came to my school to give a talk about SDMA -- Spatial Division Multiple Access. It was essentially based on the concept that, duh, a single cell phone is only one position, so the tighter a beam you could direct / detect from the phone, the more points could use the same frequency.
The cool thing about SDMA is that as your load increases, so too (to a limited degree) does your available bandwidth. As long as people are relevantly separated from eachother, their physical positioning relative to other hosts adds disambiguatable bandwidth. It ain't perfect -- node to node crosstalk is a real problem, since your wifi cards are omni -- but they're talking about such range that there's lots and lots of omni hexes to expand through.
Whoot to Vivato; hopefully they'll get a lower end antenna for fixed wireless clients!
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
You're absolutely correct. Using client storage capacity to store encrypted alts is a particularly elegant solution. The reason why it works -- unlike the stream obfuscation of Everquest et al -- is because the client never receives the symmetric key for the encrypted data. It's remote storage; the carrier for a megabyte blob of something or other. There's no "partial disclosure"; AES or 3DES will deploy just fine, and no kiddie's getting around it. Throw a timestamp and an HMAC into the file pre-crypto, just to prevent various forms of corruption attacks.
Pretty trivial, and there goes the DB problems (in exchange for a bandwidth hit).
The job of the game is to be addictive and fun for as long as possible. Supporting group play, both in-house and across geographic boundries, is empirically one of the more important techniques for "keeping people hooked". If deciding to try an all-new character forces me to lose my original investment, I'm not likely to switch. But since my original interest was driven by boredom, I'm also not likely to continue paying $10 a month now that the entertainment value has ceased.
On a similar note, nobody ever paid $10 a month because they really felt good about supporting that EULA.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Re:...slightly related: text to speech, pitch adju
on
Turn-Key Linux Audio
·
· Score: 2
Play with PRAAT's PSOLA functionality. It's...odd...but interesting.
Broadcast is good, right? And the flag is GREAT! So, the Broadcast Flag sounds all nice and wonderful. You have to be technically aware to realize what it is:
VCR Poison. One swallow of tainted material, and everything dies.
The FCC is being asked to mandate that every VCR dutifully swallow any poison sent by a content provider. To refuse the poison would carry large fines and possibly jailtime. And the poison is cheap! The only cost would be a single switch:
Kill VCRs? ( ) Yes ( ) No
It's Just That Simple.
It's not "The Broadcast Flag". It's VCR Poison, and the FCC is deciding whether or not to allow it. This is still a democracy, folks -- what do YOU want?
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Slashdot Mirror
I've just taken to abandoning both Hackers and Crackers and using Attackers. It works just fine in everyday conversation and nobody misunderstands you. "NAT can prevent attackers from breaking into your network, by removing global incoming addressability." "The web site was attacked, but survived." "Somebody is attacking my server."
Say what you mean, mean what you say.
--Dan
I don't really get it. You've got a couple companies with a shit-ton of cash, none of which they want to give to you. (Promises, sure. They'll blow smoke up your ass about you being the next DVD format all day. But cash? No.) Or you've got a shit-ton of people with no shortage of cash, who wont give you the time of day if you pay attention to the aforementioned companies, but who will be more than happy to rain lots of money upon you if you give sell them what they would like to buy.
I mean, it's not like this story hasn't been played out before. Look at Dataplay. Gigabyte on a quarter. Tech's out now. Wrapped up in DRM.
DOA.
More CD-R's will be purchased in the next thirty seconds than Dataplay discs will be before they're pulled off the market. They wish I was exaggerating.
Seems to me that all DRM buys you is bankruptcy...
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Tremendous difference, wind:
Housing associations are attached to the house -- a major debting transaction that will follow your throughout much of your life. Governmental regulation as well follows you forever -- part and parcel with living in a militarily guarded state.
Houses aren't something you just go ahead and pick up. They're not "Consumer Durables".
When you pay the money for a house, it goes to the previous owner, and the social management responsibility goes to your neighbors and your jurisdiction.
When you pay the money for a door, it goes to the previous owner -- the vendor who sold you the door.
If the last guy who lived in the house told me he didn't like some of the changes I made, I'd tell him to go away. My neighbors might have a valid stake, one that I investigated when I decided to live in this neighborhood, due to the incredible debt being talked about with this transaction -- but if the previous owner was nervous about me doing things with his product, perhaps he shouldn't have sold anything to me.
Government regulation is different than what's being talked about here. I submit that the garage door company -- both in the analogy and the case study -- is sleazing their way out of the original deal. I bought a garage door. I may be beholden to my neighbors. I may be beholden to my government. But how am I beholden to the previous owner? Under what theory is that legitimate?
--Dan
It's called a crowbar.
Don't sell me a crowbar proof door if it ain't crowbar proof.
Don't whine that stores shouldn't be selling crowbars.
And sure as hell, don't sue the guy making me a crowbar. Makes it sound like it ain't my door to bang on, makes it sound like it ain't your money to be suing anyone with.
Look, I don't know what to say. It's my door. I want to open it with whatever remote I damn well please. If it's possible for me to generate a remote for my door that doesn't actually require me to do anything particularly special *as the owner*, then the remote control I had doesn't actually protect me as much as I thought it would.
Now I know I may need to buy a new door, or I may decide to accept the risk. But it's my door to make that choice with.
--Dan
I own a garage. It has a door.
I own an opener for that door. I even own the remote.
By, "I own", I mean it's my property -- it's not like I'm in some strange "leasing" arrangement, where, say, I need to ask permission from the last person who owned the garage door if it's OK now to open it on up.
See, it's mine. I can do with it what I want. If the guy who sold me the door says I can't do what I want with it, I say, he shouldn't have taken my credit card. It's not his property anymore, it's mine.
And if he says the door was his idea, his "intellectual property", I'll kindly point out that, er, that's nice, see that door? It's my door. Not your door. My door. My very nice door, sure -- great ideas behind it, I don't usually buy products with crappy ideas behind them. I think the goodness of the idea was inherent in me providing that money the guy so happily accepted.
So, er, bugger off.
Ah, now it comes time to paint the door. Excuse me. Paint *my* door. What the hell? There's some "anti-stick" teflon coating on my door?
It's illegal for me to remove this stuff? Isn't it mine?
I'm supposed to buy a new door, whole new color? But I already own a door, and the paint on that door. Isn't it all mine?
If I remove the surface, I go to jail?
If someone removes *my* Teflon (I may not want it, but I sure got it -- sort of like excessive packaging) and paint *my* door the color *I* want it, *I've* got a cellmate?
Now how exactly is this door mine?
And if I don't really own the door, do they really own the money I paid for it with?
I bet if I move, I have to burn the door down and leave the next owner to buy one of their own...
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
So much acrimony over a technology invented by children...
:)
What? You don't realize language is designed by kids? Go study the formation of new ones, usually the result of multiple societies being crammed together by the latest political upheaval. The parents make the pidgin, which is pretty terrible. The kids make the creole, which is astonishingly correct.
It's not that Virii is right or wrong. It's that Viruses is inconvenient to speak -- it adds a redundant syllable, especially if you try to tack on possession (viruses' make write nicely, but vi-ruh-sis-izz-izz is a nightmare).
We need a better way to say this, but we don't have a good way of converting "-us" into a plural. So we try -ii, based off what we saw happen in, er, some word somewhere -- perhapps based on symmetry with the i early in virus. But lots of other people call bullshit(ii), and demand justification and reasoning and bla bla bla.
Whatever. It's all made by kids to make it easy to say stuff. Quit acting like the world is going to come to and end if it's not precisely like the way a bunch of dead people spoke
--Dan
I had a pager and a cell phone. My cell phone's battery lasted a day. My pager's battery lasted several months. Guess which one people could depend on reaching me with?
This is ridiculous. We've got metric shit-tons of bad ass technology coming out of CES right now (Did you see the new Casio Exilim? 3Mpix, 3x Zoom, damn near flat!). But all people here can do is bitch about Gates' new toy.
I don't think you claim practical arguments without actually seeing the thing in use. We at least had screenshots for Aqua!
--Dan
If I remember correctly, Sega used a similar system with bitmaps to enforce their ability to control who could make games for the Genesis. Accolade copied the bitmap, and was thusly sued by Sega.
The court ruled that since Sega had intentionally placed their mark in the way of Accolade's legally protected right to interface with Sega hardware, Sega couldn't turn around and sue Accolade for infringement on that trademark.
Sega played with fire -- and got rather burned.
Caveat: IANAL, and it's been a long time since I read about this case.
--Dan
Are pagers ludicrous ideas?
Do they suddenly become ludicrous when they're on your watch instead of on your belt?
Or does the insanity begin when they stop giving phone numbers, and go fully alphanumeric?
Anyway, my point isn't about the usefulness of the technology. To you, it's useless. To me, watches are the gold standard of information, once only vaguely available to humans, becoming so widely deployed that the very nature of life was shifted. (Look into some of the sociological implications of the clock. They're not minor.) Attaching more context than the mere time of day seems quite apropos to this form factor -- provided it can be efficiently displayed.
Furthermore, watches happen to be, by far, the most energy efficient products in the world of consumer electronics. Owners of the Timex Beepwear complained that their watches died after three whole months! Leave your Palm alone for a week, and you've got a corpse -- and look how much love the Palm gets!
Dead batteries yield little data.
Bah. My point is that anti-Microsoft bigotry contributes nothing of value to the discussion. We both agree that a watch that informs you of Microsoft's stock price -- and nothing else -- is quite useless. But I suspect it does a little more.
People can have different opinions -- you hate Aqua, others are so attached to it that they port it to other systems whether Apple likes it or not. But your dislike of it at least comes from how it looks, not the fact that it's another crime against humanity by Apple Computer, Inc. Can I say the same about your reaction to the watch?
--Dan
...you're embarassing yourselves. All of you.
I'm serious. We all got (justifiably) goofy when IBM put together a prototype Linux watch -- unabashedly useless, but deliciously fun to imagine hacking on. If this watch came from some random valley startup, and was served by a Linux server farm, we'd be all over it.
But somehow, it comes from Microsoft, and it's crap. Whatever. Universal access to personally relevant data, tuned directly to my needs and priorities, without needing to worry about yet another gadget to throw in my pocket and/or recharge -- this is cool sh*t, folks!
Hell, it's a better use of FM than anything Clearchannel's managed to do lately.
I've been saying this for a while: People keep saying Microsoft engineers can't build anything right...and their marketing folks believe it, and do what they can to force people to buy anyway.
Bashing the engineers does nothing to dissuade the wayward marketeers, folks. It can only make them worse.
There's little more tragic than page after page of nonstop derision for Microsoft Tablet PC's peppered with whispered excitement over Linux Tablet PC's.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Whatever. Y'all seem to like it when *I* screw with TCP :-)
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Pay phones would make more money if they, like, accepted lots of it, in large denominations, when being begged to.
Oh, do I have a rant for y'all.
===
Gather 'round the pixels, folks, and let a still green traveller relate a story from the olden days...
End of September, actually. Toorcon -- I flew out to San Diego to join Hikari's bad ass hackfest. Was so excited that I'd actually gotten my degree three days previous (not -- but that's another story entirely) that I didn't even think to check *where* in San Diego I was going.
Lesson #1: For f*ck's sake, know where you're going after the airport.
Figured I'd just check the net when I got there. *laughs*
Lesson #2: For f*ck's sake, KNOW you'll never get a net connection when you really, really need one. (Reference: "The Inverse Square Law vs. The Presence of Microsoft Powerpoint: May The Enemy Never Discover The Network Cloaking Power of Talking To People When Powerpoint Is On")
So. Rumor has it San Diego's Airport got a new water fountain once...it's talked about in hushed whispers, the emergency budget excess of 1983 brought a quenched thirst upon every traveler since. According to legend, other plumbing amenities relating to the invention of running water shall someday visit themselves upon this fine structure.
No friendly arrows, no Internet Cafe's -- and though the Starbucks served coffee, it came in Disass only. There wasn't even a poorly secured baggage handling network waiting to provide me with my next stop (not that I'd ever poke around an airport network; for God sakes lad, they have guns! And Latex Gloves! I plead Joey's Soverignty!)
So what could I do? Went to call my apartment.
On a Pay Phone.
Lesson #3: For f*ck's sake, buy a cell phone. Seven Eleven has them. They're FREE(after many rebates you'll never recieve). There's a REASON they're so profitable -- because PAY PHONES NOW SUCK.
Proof:
You want proof? My previous ranting is insufficient to show that I indeed know large scale suckitude when I recognize it in my cold, not quite dead flesh?
Got some overpriced food. Requested change in quarters -- I was off to the telephone to get fully ripped off, but there's a LOT of hotels in SD and I didn't much prefer to check each one.
"Bzzzzzz. I'm sorry, this phone doesn't accept coins for long distance calls."
Lesson #4: Remember how you heard that pay phones weren't making money? They mispelled "taking".
After bitching and moaning, I remembered I could charge my card to my credit card. Yes! Maybe my legal tender, unconstitutional to refuse (but we'll ignore that) couldn't get me moving, but surely the mighty power of Visa -- it's everywhere I want to be, and I want to be in a nice bed, and in that bed...er, anyway.
"Thank you for calling 1-800-CALL-ATT. For a credit card call, press this number or we'll sic Carrot Top on you."
"Thank you for selecting a credit card call. If you have a Mastercard, press 1. If you have an American Express, press 2. If you have a Discover Card, press 3. If you have a Visa, get a very strange look on your face."
"Thank you for getting a very strange look on your face. An operator will be with you shortly to further refuse payment for services."
You have to understand. I just graduated, I've got a LONG trip ahead of me -- this is right before the Singapore trip -- of all the problems I imagined possible, not having enough to pay for a single phone call was rather disconcerting.
I briefly considered my options for having myself placed under arrest. I hear those guys get a phone call. But then I realized their call is on a pay phone too. Oops.
Ended up calling my mother's company on their 800 number, tail between my legs, begging for info off a single web page. You'd THINK it ends here...
'cept the person I reach, despite the net connection on her desk, doesn't particularly know what to do with it. So she calls her husband. To access the net. For me.
Ever browsed the web through a listener that doesn't know what she's hearing but has to translate it into something she's saying? You Will, and the company that will bring it to you...
Anyway, no reason to rant further -- it was one heck of a trip, an absolute blast -- but indeed, no matter what country I ended up in, the pay phones were as spastic as an epiliptic monkey with a broken pacemaker.
I did like the 90 second pay phones, that took 75 seconds to establish a call. talkfastdoesn'tevenbegintocoverit
Needless to say, I am now vastly more knowledgable about that which is GSM.
--Dan
If there is a life threatening condition down the road, the cloned person may have to endure a lot of pain and suffering that would have been avoided had they been a normal conception and birth.
I do believe it's important to point out that the "normal conception and birth" isn't an option for this person -- either they're born as a clone, or they live and die their entire life as but a single cell from the "superior original".
How supremely odd...a ban on cloning is, literally, a denial of a right to life -- one that extends before even conception.
--Dan
It's kind of sad.
Bush administration makes alot of noise that they're doing something serious to deal with Internet Security, and *gasp* all they're up to is just cajoling private industry to get their act together. The slackers!
A half year goes by, and again, more noise. This time they're doing something real -- central monitoring, accountability, mandatory support for legal interception, and *gasp* all they're up to is stealing control of private property to further their own nefarious goals. The nazis!
I'm not sure what people want. I'm not sure what I want. The only thing I am sure of is we'll not be happy with whatever we get.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Per-character latency tends to suck. Indeed, per *page* latency tends to suck. They're trying to avoid all that through serializing into a file, then transfering the files via FTP. It's not a bad way to go.
--Dan
Everything you say about FTP is correct -- on an interactive protocol level.
But latency at the protocol layer is not what they're trying to solve (indeed, they'd be using TCP either way, so they're having protocol issues with latency no matter what). They're trying to solve latency from the perception of the operator, by batching all of his requests into a job file. And it's standardized access to a remote file system that FTP addresses well. While HTTP does all you claim, it does an undeniably poor job of standardizing the presentation of remote files. NASA's centralized all their custom programmatic work -- both in the encoding of batched commands, and the decoding of batched results -- into a tarball. (At least, that's what I'm assuming -- I've done the same thing in the past.)
Once you have these batches, everything is utterly standard. Yes, HTTP lets you download multiple files at a time. From which URLs? Ah, you must download the HTML, pick out all the links, create an index, from those links, and start pipelining a number of requests. How many requests? How deep can the pipe go? And dear god, uploading data into a HTTP system is an utter pain in the ass.
You can build things with wget and curl. But should you?
Sure, you can twist a web server into doing all this. But it's not what it was designed for. HTTP may offer significantly fewer round trips, but its presentation of a remote file system is immature at best and a horrifying fault of HTTP at worst. How many people do you know who FTP their updated web pages into the servers? Is there even a lightweight text editor with *HTTP* support?
FTP's all about centralizing the difficulty into the file format. HTTP ends up screaming at you(a human) to use a web browser to click some icons and fill out some forms.
A simple example: wget a directory served by apache. Notice all the files with weird names, like =AQ and whatnot? Those are alternate directory indexes. Grab the same directory of files over FTP, still using wget. This works right.
Funny -- the latency win is from serializing i/o to individual files. HTTP's so bad at file management, that its use would actually threaten the viability of using files...the protocol issues, both TCP and Layer 7 just get lost in the backwash compared to that.
--Dan
P.S. Yes, I looked into doing this over SSH...you could do something like:
ssh user@satellite "scan_here -o scan1; scan_there -o scan2; tar czvf - scan1 scan2" | tar xzvf -
or even:
$ cat > test.sh
scan_here -o scan1;
scan_there -o scan2;
tar czf - scan1 scan2;
ssh user@host "`cat test.sh`" | tar xzf -
This also works, and with bigger scripts, but I haven't fixed a bug with it not exiting when it's done (it's with the tar on the client side):
cat test.sh | ssh user@host | tar xzf -
I threw 20K commmands into test.sh and it worked perfect.
--Dan
Cool! This makes total sense -- any manuever that's time sensitive would be loaded and verified long in advance.
Are sats constantly dumping their buffers and status to RF?
--Dan
*ACTIVATE WONDER CRANK POWERS*
Quantum Entanglement is much more proof of a quantum scale PRNG than people are willing to admit.
I suspect eventually the inherent conflict between Quantum Entanglement(subatomic particles may have their "random" states synchronized) and Quantum Cryptography(subatomic particles are perfect unique tokens because their random states may never be duplicated) will lead to a break in one or the other. They will likely mutually annihilate.
*WONDER CRANK POWERS BACK IN THE CELLAR*
But that's just what *I* think.
--Dan
Telemetry's pretty error resilient; even if I drop a packet, I can usually interpolate without too much threat. Batches of instructions are another matter; if a packet's dropped, it needs to be replaced, in line, or the entire transfer fails. Thus me mentioning the tech used for reliable multicast -- it works by broadcasting to everyone, then letting individuals ask the central server (or eachother) for retransmissions. In this case, there's as few as one host to speak to -- but it may request retransmissions without even interrupting the primary link.
:-) I'm curious if you know any more about the work involved on this.
You mentioned multicast UDP for commands. I can see this for something like, "Everyone, point their dishes at this quadrant of space"...but managing error control and responses must not be fun.
Thanks!
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
--Dan
No effective method's been found. Light's been slowed down tremendously -- we're talking to around 30 miles per hour, inside of what's referred to as a Bose-Einstein Condensate -- but it doesn't appear possible to transmit information faster than the speed of light.
:-)
A couple people have used sleight of hand to create effects that, as a whole, do move faster than the speed of light. But there's nothing actually moving, you see. They're the physical equivalent of the disconnection between the rate of individual cars in traffic and the rate at which traffic dissapates. Imagine an accident's cleared, and traffic suddenly has an open path. Does it disappear immediately? No -- the first guy has to get off his brake and accelerate, then the second guy needs to see the first guy go, then the third guy needs to see the second guy, etc. So even though everyone could start accelerating immediately, this "wave", not composed of anything but the awareness that motion is possible, slowly eats away at the traffic jam.
Now, flip the situation -- imagine everyone's car had a computer that received a message saying, "traffic jam has been cleared; in 60 seconds, everyone start accelerating at the standard rate." No individual car is going to travel much faster than the speed limit -- but that pulse is going to go backwards at tens of thousands, maybe even hundreds of thousands of miles per hour. Theoretically, the "pulse" could go faster than light -- the timing information was deployed by radio, at the speed of light, but that was the past. It is now; no information needs to be exchanged to move, so there's no limit to the speed at which the "motion pulse" could occur.
But no information is moving. Just a pulse, only visible from afar.
Electricity moves as somewhere between half and two thirds the speed of light. It's slower, but still quite speedy (until you get into the scale of microchips, at which point you actually need to start taking into account signal propogation delay as you try to move from one side of the chip to the other).
There does appear to be some theory that gravity is instantaneous; my personal suspicion is that even if it was, the speed of which a sensor could react to it would be directly tied to the distance from the gravitational object (i.e. sure, the message might get sent, but it wouldn't have enough energy to be detectable until the requisite amount of light time had passed). Nature tends to be annoying in that way
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Serious kudos to these guys for the work they're doing! From what it sounds like, they're using FTP inside of either a IPSec or custom layer 2 encrypted tunnel -- once you've been wrapped by that, you're mostly OK (though FTP servers in general have had some pretty nasty growing pains).
:-)
Some may be wondering why the use of FTP, instead of HTTP. Indeed, HTTP is a unified protocol capable of elegantly handling both (moderately) interactive command exchange and bulk data transfer. The problem is latency -- if this beast is going anywhere, there's going to be some significant (5-10 second, minimum) lag between issuing commands and receiving responses. In such an environment, you don't *want* interactive access; you want an elegant way of providing a series of commands and receiving a series of responses. FTP provides that -- among other things, while HTTP's capacity for downloading files is quite mature, anything more is asking a bit more of HTTP than it was designed.
FTP has specific commands for machine interaction w/ the file server -- NLST provides a standard formatted directory of files, independent of the underlying implementation. By contrast, Apache dumps some HTML.
WebDAV ("Web Folders) was meant to address complex file system operations under the rubrick of HTTP. Thus far, it hasn't been much of a success. It most likely never will be. Thus, FTP is used.
But FTP is built on TCP, and this introduces a problem: The affects of latency upon the underlying TCP error handling protocol. TCP implementations are notoriously untuned for the case of high bandwidth, high latency. They're built to assume the lack of a response implies either congestion on the line or packets being dropped; either way, implementations tend to scale back. Significant work has been done to address this case, mostly on the behalf of Satellite systems (the ultimate in high latency, high bandwidth access). Mostly, the idea is to expand window size (the amount of data that each side is allowed to send before it must receive an acknowledgement) to match the amount of data that's literally hanging amidst space and time on its way to its receiver. But this is a very hard problem, one of the few that the architecture of TCP has quite a bit of trouble scaling to handle.
NASA went to a bulk transfer protocol, partially because interactive performance across large distances is problematic. But the bulk transfer protocol itself is based upon an interactive error management protocol. It'd be interesting to repurpose an established protocol for error-handled bulk transfers for just this use...I'm certain one of the "reliable multicast" architectures out there would be an astonishingly elegant solution.
That's not to say they made the wrong choice with FTP -- particularly if they tuned their stacks well, and encapsulated themselves amidst lower layer security, great job! Just that there's lots of work in this arena left to do.
If I remember right, Vint Cerf and a couple of his colleagues were working on IP protocols suited for communication between Earth and Mars. We're talking *minutes* of latency! Now that'll be a hell of a hack
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
A few years back, a company came to my school to give a talk about SDMA -- Spatial Division Multiple Access. It was essentially based on the concept that, duh, a single cell phone is only one position, so the tighter a beam you could direct / detect from the phone, the more points could use the same frequency.
The cool thing about SDMA is that as your load increases, so too (to a limited degree) does your available bandwidth. As long as people are relevantly separated from eachother, their physical positioning relative to other hosts adds disambiguatable bandwidth. It ain't perfect -- node to node crosstalk is a real problem, since your wifi cards are omni -- but they're talking about such range that there's lots and lots of omni hexes to expand through.
Whoot to Vivato; hopefully they'll get a lower end antenna for fixed wireless clients!
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
You're absolutely correct. Using client storage capacity to store encrypted alts is a particularly elegant solution. The reason why it works -- unlike the stream obfuscation of Everquest et al -- is because the client never receives the symmetric key for the encrypted data. It's remote storage; the carrier for a megabyte blob of something or other. There's no "partial disclosure"; AES or 3DES will deploy just fine, and no kiddie's getting around it. Throw a timestamp and an HMAC into the file pre-crypto, just to prevent various forms of corruption attacks.
Pretty trivial, and there goes the DB problems (in exchange for a bandwidth hit).
The job of the game is to be addictive and fun for as long as possible. Supporting group play, both in-house and across geographic boundries, is empirically one of the more important techniques for "keeping people hooked". If deciding to try an all-new character forces me to lose my original investment, I'm not likely to switch. But since my original interest was driven by boredom, I'm also not likely to continue paying $10 a month now that the entertainment value has ceased.
On a similar note, nobody ever paid $10 a month because they really felt good about supporting that EULA.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Play with PRAAT's PSOLA functionality. It's...odd...but interesting.
It's also scriptable.
--Dan
Here's the thing, folks.
Broadcast is good, right? And the flag is GREAT! So, the Broadcast Flag sounds all nice and wonderful. You have to be technically aware to realize what it is:
VCR Poison. One swallow of tainted material, and everything dies.
The FCC is being asked to mandate that every VCR dutifully swallow any poison sent by a content provider. To refuse the poison would carry large fines and possibly jailtime. And the poison is cheap! The only cost would be a single switch:
Kill VCRs? ( ) Yes ( ) No
It's Just That Simple.
It's not "The Broadcast Flag". It's VCR Poison, and the FCC is deciding whether or not to allow it. This is still a democracy, folks -- what do YOU want?
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com