[Sarcasim] Because remeber kids, no one ever uses a router for interoffce communications. All routers connect to the internet so you just need to block non local IP ranges. [/Sarcasim]
I didn't say anything at all about routers. I said RPC shouldn't be listening to ALL possible IP addresses. It's much safer to default to a local range and leave administrators the option (and hopefully informed decision) of widening this up, than to force people to run firewalls.
If nothing's listening on port 135, you don't need to firewall it!
Remember the SQL server worm a while back? You might have heard about it.. Had SQL Server defaulted to listening to 127.0.0.1 or local addresses that outbreak would never have been that bad, since a vast majority of SQL servers only need to be reachable (for executing SQL statements) from the LAN. Turns out they were reachable by every other machine on the internet. Oops. HTTP, now that's a different story, but SQL? RPC?
You're wondering why a REMOTE Procedure Call service is exposed to the network? There's no good reason for a REMOTE Procedure Call to be exposed to the network?
127.0.0.1/16? sure! The LAN, (192.168.0.0/24 or 10.0.0.0/8, perhaps some Link-Local/Broadcast addresses..) perhaps. The entire INTERNET? No fudging way, man!
Other MS weirdness; I have filesharing turned on. It's only associated with the LAN card's TCP/IP stack (NOT the PPTP (DSL) connection's TCP/IP stack). Nevertheless, were it not for my spiffy firewall software thingy you'd be able to access it from the internet! Yippee..
Today I noticed that every morning our couple XP computers at work send out a few uPnP related packets to 239.255.255.250:1900. They're going beyond our lan and out through our gateway to the internet. It's probably not worth the effort to investigate further and correct, but it bugs me a little.
Your network is misconfigure. 239.255.0.0/16 is a local scope multicast address. (RFC2365) The message sent is to let other uPNP devices know your computer is there.
Let's see, they offer a PDF version and an HTML version. Hrm? I know! This is Slashdot, and we have to try and bring them down. Rather than link to the HTML version, let's link to the PDF version.
Good idea actually, as the HTML version stinks. Looks like they used google to convert PDF to HTML(!)
Obviously, the employees at SCO read
slashdot. With so much, perhaps unfounded, speculation going on at slashdot about insider trading, perhaps it's a good time to point out to
our SCO readership the Insider Trading Bounty program. If there are any transactions going on by insiders that isn't listed here or here, the SEC, and slashdot, would like to know!
Better drivers where? Windows? Linux? We are talking about the X-Box2 here. I can promise you that the drivers for ATI's card on the X-Box2 will be very good. They will be working very close with Microsoft to get the performance they need.
More than that, if need be the drivers can be included in the game if the original drivers don't work properly. Other than loading times and conservation of dvd disc space there's no reason for not distributing the entire OS with each and every game.
If it's detected that the actual hardware is different (i.e. XBOX3) they can always drop back to using ROM supplied drivers/hardware abstraction.
Anyway, my idea for an open source number generator is to have people on slashdot post the first number that comes to mind in this thread. I don't know if it could get more random.... (patent pending)
"IMAP is just not a very rich protocol," Steve Conn, Exchange Server product manager, told ZDNet Australia during the company's Tech Ed conference. "The great majority of people used Outlook Express because they weren't on a LAN environment, and Outlook was just too fat for them."
In other words, Microsoft saw OE as their IMAP client, and so by dropping OE, they are also abandoning the IMAP mail protocol. In spite of what Mr Conn says, IMAP is a very rich protocol: it allows you to maintain multiple mail folders on the server, it allows you to keep your mail client configuration on the server, and in principle it allows you to store arbitrary files on the server.
But it's not as rich as, let's say, MAPI.. And by "rich" I mean that IMAP isn't bloated, and everyone can write clients that use it! There are no proprietary secret extensions! That sucks!
IBM bought Sequent, how is Sequent not going to "divulge" what they are doing?? IBM owns them, that would be like me buying a house and the old home owner saying, ok well here it is, but you can't use the basement, its off limits because of the terms under which we bought the house.
A house isn't a legal person. If you buy a company that has a fiduciary duty (such as a bank) or that has signed NDAs with other companies that in some way exclude you, the new owner, from access to certain secrets, you can bet your ass they are liable if they divulge those secrets.
If you buy Boeing, they still won't tell you about their topsecret government contracts, other than if they're making a profit or not..
Now, if Sequent had merged with IBM it would have been a different story; but in that case all its contracts would have to have been renegotiated because they would be transferred to a new entity.
When you buy another company, certain parts of it will be useless to you. That's why you don't take it at face value, but you have to go through a process of due diligence. That's why often companies are bought for less than their stock is being traded on the market. It's like buying a house even though you know you're going to be knocking down a few walls and renovating the kitchen.
This is the license for some product called Dynix, quite distinct from IBM's AIX licensing.
Interestingly, this contract is with Sequent, not IBM. They're now alleging that Sequent gave IBM (it's parent) the code, breaching this contract. But seeing as IBM is a different company than Sequent, surely they were not under an obligation to keep that code to themselves; Sequent fudged up by giving it to IBM, so why should IBM's license to AIX be revoked? The Sequent contract read, according to this press release, that derivative could should be treated "as if" it were UNIX code, not that it actually became the property of SCOX.
It looks to me that the code was a trade secret at Sequent ("treaded as if..") but they retained copyright. Then it got divulged to IBM, who even obtained the copyrights, and could disperse of it as they pleased. Liability is then ristricted to Sequent's officers who breached the contract with SCOX, and perhaps some IBM officers if it can be prover they coerced Sequent. IBM's AIX license and copyrights (and thus ability to GPLize) stand, IFF this press release contains the actual facts!
Identify; to establish the identity - e.g. ask a user name (c.f. anonymous ftp).
Authenticate; checking the proofs of identification are legit, e.g. check that photo ID isn't a fake, check credentials w/ password.
Authorization; making sure this schmo you identified and whos id you authenticated is actually allowed to do what he's doing, e.g. permissions.
Auditing; keeping records, i.e. logging. Non-repudiation; making sure some one can't claim "it wasn't me", e.g. videotaping ATM users. (Cryptographic non-repudiation often depends on keeping a secret, such as a secret key. Not a good assumption; "it was my 0wnx0r!")
Confidentiality; keeping secrets, i.e. don't give out private information.
Integrity; making sure stuff isn't changed (if it is changed, make sure it's audited)
Accesibility; make sure legit users can actually use their stuff.
Identity theft wouldn't be such a big problem if corporations and branches of government would authenticate properly. People's dogs are getting pre-approved credit card spam! If you know someone's momma's maiden name, banks will roll over and give you the key to the vault. Sure, they've got tons of money spent on all the other security features (except auditing of course. and integrity/accesibility, disaster data recovery people gotta make a buck to) but it doesn't help if you think someone's mom's maiden name is a secret!
About the author Walther fon Bernstien is a 31 year old technical writer from Houston, TX. He lives a quiet life writing from the historical "McDuff's Castle" building on 33nd Elm Street, left to him in 1989 by his mother, an accomplished pianist who performed under her maiden name Mary Jane Smythe. His interests include golfing at the Nine Yards Club, his dogs Whisky and Brandy, and numerology; he beliefs it's no coincidence that his social security number is 696969, while both his VISA and Mastercard creditcards have 6969 as the last 4 digits as well! Send him a card on his birthday, the 9th of June!
The first problem, that SSNs are used everywhere, isn't really a security problem. SSNs aren't secret by a long stretch. To use them as passwords (as in problem 2) is just not right. The problem with SSNs being used everywhere is that it makes it trivial to combine records from different databases, which would not otherwise be easily automated. Gleaning information from databases that are combined can benefit companies, and hurt consumers.
Your health insurance people sure would like to know if you're ordering books on amazon.com that were also ordered by people who bought "Advancing Smoker's Rights" or "100% LARD - gravy recipes for every day of the month".. If every database listed your SSN, a unique identifier, it's a hell of a lot easier than figuring out whether J.Doe at 31 Palacestreet is also John K. Doe at 31 Palacest.
Of course, SSNs do make it easier to access information in general, so an identity thief can make life easier on himself by using your SSN to get ahold of your credit report or medical records, but that's not a failing of the SSN itself. That's just not keeping things secret.
Mother's maiden name authentication schemes suck ass (donkey!). In general not a lot of thought is given to security, especially when everything is done on paper; it took the internet before credit cards got those numbers on the back that change when you get a new card (smartest thing ever; my CCnumber is on the invoices I get. Which also list the expiration date when the invoice is for the yearly fee.. I've not been asked for the CVC/CVV code yet..)
It's basically a choice for convenience over security.
2) I agree with your comment about getting people involved with the counting. I've thought of this myself: the more volunteers involved in the counting, the more people who are actually involved with the election. I see involvement like this as a means to help fight increasing voter apathy. In the long run, I think electronic voting will increase voter apathy, and thus decrease democracy.
Maybe the US could do with some sort of voting duty.. Every, what, 4 years, twelve people are picked at random to decide who will be, beyond reasonable doubt, the next president, and that's that, no more vote counting needed.
If found a bug, by you it is, report it you must, or fixed not it will be. This I sense in the Force. Chances you must take not, that reported by others it is, such a bug. Vigilant always, a kernel tester must be.
(For those of you who report "Jedi" as your faith on the Census).
Nope. Sorry, doesn't work that way. As long as there are people out there who can think independently, there will be some who want to kill you, take your home, rape your children, whatever. As long as human beings have free will, there will be people who wish you harm.
This has nothing to do with what you do or do not do. You can make more people dislike you through your choices, but you can never make no people dislike you. You can never be loved by everyone. Sooner or later, somebody's going to come along who hates you, hates your way of life, and wants to kill you.
Societies that fail to defend themselves from these kind of people inevitably fall to them... or wake up and start hammering their plowshares into swords.
The best way to guarantee a war is to be unprepared for one. And the best way to prevent a war is to be absolutely, undoubtedly ready to wage one if called upon to do so.
I told Saddam it was a mistake to let weapon's inspectors disarm him! His way of life was just a bit too much for Bush..
does this mean I can sell the hardware to someone, and the software to someone else?
It means you can't sell the software at all. You don't own it, and the license is not transferable.
So what? Nobody's making a copy, the software is already there. No copy, no copyright infringement.
Even if the previous owner has signed some ghastly contract that governs how the equipment is used (probably null and void from a legal standpoint anyway, unless it's signed in blood an contains a first-born-son clause) s/he can always draw up a simple contract that says: the owner retains all title etc. of the equipment and license to the software the owner gets $SOME_NUMBER from the party of the second part the party of the second part is appointed an agent for the owner within respect to the operating and safekeeping of said equipment, so long as this does not incur additional expense to the owner if the continued operation requires upgrades etc. which the manufacturer will only supply to the owner, the owner will order these for the agent upon payment of the manufacturer's fees.
et voila.
No need for this though, doctrine of first sale and all that.
Every once in a while, though, they're right. Three years ago, I was having intermittent problems with my cable modem.
Call up tech support. One of the things she asks: "is the modem plugged into a surge supressor?" Me: "of course." Tech:"Unplug, and plug directly in wall." Me (dripping in sarcasm) "Oh, I'm sure that's the problem." So, to humor her, I move a bunch of furniture (disconnecting the phone in the process). Low and behold, the sumbitch is fixed.
Now, previously I'd been rebooting by unplugging the adaptor from the back of the modem, so it wasn't a simple power cycle. Can anyone explain why this fixed it, or did she just get lucky?
1) simple surge surpressors are single use and when they do encounter a surge they're supposed to burn straight through, maybe a semi-surge semi-burnt it out? or, most likely, 2) when you told her you actually went to do it, she quickly fixed the problem at her end, so as to mystify you, so you would NEVER doubt tech support ever again LART LART LART!
When you use an IM program like MSN messenger, do voice streams run through the server? No, they're client-to-client. There will be other problems, like people behind NAT, people on dialup who won't be able to listen to more than 2 people shouting to each other, but so what? People with the most impressive hardware/pipe will get the best experience. Same as it always was.
You might also want to note that there already are non-MMORPG games that use voice. They seem to have solved these problems, no?
Slashdot Mirror
[Sarcasim]
Because remeber kids, no one ever uses a router for interoffce communications. All routers connect to the internet so you just need to block non local IP ranges.
[/Sarcasim]
I didn't say anything at all about routers. I said RPC shouldn't be listening to ALL possible IP addresses. It's much safer to default to a local range and leave administrators the option (and hopefully informed decision) of widening this up, than to force people to run firewalls.
If nothing's listening on port 135, you don't need to firewall it!
Remember the SQL server worm a while back? You might have heard about it.. Had SQL Server defaulted to listening to 127.0.0.1 or local addresses that outbreak would never have been that bad, since a vast majority of SQL servers only need to be reachable (for executing SQL statements) from the LAN. Turns out they were reachable by every other machine on the internet. Oops.
HTTP, now that's a different story, but SQL? RPC?
AND you misspelled "sarcasm".. Geez Louise!
You're wondering why a REMOTE Procedure Call service is exposed to the network? There's no good reason for a REMOTE Procedure Call to be exposed to the network?
127.0.0.1/16? sure! The LAN, (192.168.0.0/24 or 10.0.0.0/8, perhaps some Link-Local/Broadcast addresses..) perhaps. The entire INTERNET? No fudging way, man!
Other MS weirdness; I have filesharing turned on. It's only associated with the LAN card's TCP/IP stack (NOT the PPTP (DSL) connection's TCP/IP stack). Nevertheless, were it not for my spiffy firewall software thingy you'd be able to access it from the internet! Yippee..
Today I noticed that every morning our couple XP computers at work send out a few uPnP related packets to 239.255.255.250:1900. They're going beyond our lan and out through our gateway to the internet. It's probably not worth the effort to investigate further and correct, but it bugs me a little.
Your network is misconfigure. 239.255.0.0/16 is a local scope multicast address. (RFC2365) The message sent is to let other uPNP devices know your computer is there.
Let's see, they offer a PDF version and an HTML version. Hrm? I know! This is Slashdot, and we have to try and bring them down. Rather than link to the HTML version, let's link to the PDF version.
Good idea actually, as the HTML version stinks. Looks like they used google to convert PDF to HTML(!)
Obviously, the employees at SCO read slashdot. With so much, perhaps unfounded, speculation going on at slashdot about insider trading, perhaps it's a good time to point out to our SCO readership the Insider Trading Bounty program. If there are any transactions going on by insiders that isn't listed here or here, the SEC, and slashdot, would like to know!
Better drivers where? Windows? Linux? We are talking about the X-Box2 here. I can promise you that the drivers for ATI's card on the X-Box2 will be very good. They will be working very close with Microsoft to get the performance they need.
More than that, if need be the drivers can be included in the game if the original drivers don't work properly. Other than loading times and conservation of dvd disc space there's no reason for not distributing the entire OS with each and every game.
If it's detected that the actual hardware is different (i.e. XBOX3) they can always drop back to using ROM supplied drivers/hardware abstraction.
Anyway, my idea for an open source number generator is to have people on slashdot post the first number that comes to mind in this thread. I don't know if it could get more random.... (patent pending)
69
"IMAP is just not a very rich protocol," Steve Conn, Exchange Server product manager, told ZDNet Australia during the company's Tech Ed conference. "The great majority of people used Outlook Express because they weren't on a LAN environment, and Outlook was just too fat for them."
In other words, Microsoft saw OE as their IMAP client, and so by dropping OE, they are also abandoning the IMAP mail protocol. In spite of what Mr Conn says, IMAP is a very rich protocol: it allows you to maintain multiple mail folders on the server, it allows you to keep your mail client configuration on the server, and in principle it allows you to store arbitrary files on the server.
But it's not as rich as, let's say, MAPI.. And by "rich" I mean that IMAP isn't bloated, and everyone can write clients that use it! There are no proprietary secret extensions! That sucks!
IBM bought Sequent, how is Sequent not going to "divulge" what they are doing?? IBM owns them, that would be like me buying a house and the old home owner saying, ok well here it is, but you can't use the basement, its off limits because of the terms under which we bought the house.
A house isn't a legal person. If you buy a company that has a fiduciary duty (such as a bank) or that has signed NDAs with other companies that in some way exclude you, the new owner, from access to certain secrets, you can bet your ass they are liable if they divulge those secrets.
If you buy Boeing, they still won't tell you about their topsecret government contracts, other than if they're making a profit or not..
Now, if Sequent had merged with IBM it would have been a different story; but in that case all its contracts would have to have been renegotiated because they would be transferred to a new entity.
When you buy another company, certain parts of it will be useless to you. That's why you don't take it at face value, but you have to go through a process of due diligence. That's why often companies are bought for less than their stock is being traded on the market. It's like buying a house even though you know you're going to be knocking down a few walls and renovating the kitchen.
if you understand the headline
/. I'm writing another MS Blaster story, bi0tch!"
FSF FTP Site Cracked, Looking for MD5 Sums
You just might be a geek.
The headline should have been simply
FSF ftp 0wn3d IM RMS teh md5sum's
Then the mainstream media would be all "OMFG WTF?! STFU
This is the license for some product called Dynix, quite distinct from IBM's AIX licensing.
Interestingly, this contract is with Sequent, not IBM. They're now alleging that Sequent gave IBM (it's parent) the code, breaching this contract. But seeing as IBM is a different company than Sequent, surely they were not under an obligation to keep that code to themselves; Sequent fudged up by giving it to IBM, so why should IBM's license to AIX be revoked? The Sequent contract read, according to this press release, that derivative could should be treated "as if" it were UNIX code, not that it actually became the property of SCOX.
It looks to me that the code was a trade secret at Sequent ("treaded as if..") but they retained copyright. Then it got divulged to IBM, who even obtained the copyrights, and could disperse of it as they pleased. Liability is then ristricted to Sequent's officers who breached the contract with SCOX, and perhaps some IBM officers if it can be prover they coerced Sequent. IBM's AIX license and copyrights (and thus ability to GPLize) stand, IFF this press release contains the actual facts!
>>>If I'm working for a cash rich company, why can't I use the free toolkit and pocket the extra money set aside for "tools"?
;-)
Oh, I dunno, let's see, maybe because that would be EMBEZZLEMENT?
It's not embezzlement if you out-source to MeMyselfAndIAssociatesInc. who invoice you and everything
Identify; to establish the identity - e.g. ask a user name (c.f. anonymous ftp).
Authenticate; checking the proofs of identification are legit, e.g. check that photo ID isn't a fake, check credentials w/ password.
Authorization; making sure this schmo you identified and whos id you authenticated is actually allowed to do what he's doing, e.g. permissions.
Auditing; keeping records, i.e. logging.
Non-repudiation; making sure some one can't claim "it wasn't me", e.g. videotaping ATM users. (Cryptographic non-repudiation often depends on keeping a secret, such as a secret key. Not a good assumption; "it was my 0wnx0r!")
Confidentiality; keeping secrets, i.e. don't give out private information.
Integrity; making sure stuff isn't changed (if it is changed, make sure it's audited)
Accesibility; make sure legit users can actually use their stuff.
Identity theft wouldn't be such a big problem if corporations and branches of government would authenticate properly. People's dogs are getting pre-approved credit card spam! If you know someone's momma's maiden name, banks will roll over and give you the key to the vault. Sure, they've got tons of money spent on all the other security features (except auditing of course. and integrity/accesibility, disaster data recovery people gotta make a buck to) but it doesn't help if you think someone's mom's maiden name is a secret!
About the author Walther fon Bernstien is a 31 year old technical writer from Houston, TX. He lives a quiet life writing from the historical "McDuff's Castle" building on 33nd Elm Street, left to him in 1989 by his mother, an accomplished pianist who performed under her maiden name Mary Jane Smythe. His interests include golfing at the Nine Yards Club, his dogs Whisky and Brandy, and numerology; he beliefs it's no coincidence that his social security number is 696969, while both his VISA and Mastercard creditcards have 6969 as the last 4 digits as well! Send him a card on his birthday, the 9th of June!
The first problem, that SSNs are used everywhere, isn't really a security problem. SSNs aren't secret by a long stretch. To use them as passwords (as in problem 2) is just not right. The problem with SSNs being used everywhere is that it makes it trivial to combine records from different databases, which would not otherwise be easily automated. Gleaning information from databases that are combined can benefit companies, and hurt consumers.
Your health insurance people sure would like to know if you're ordering books on amazon.com that were also ordered by people who bought "Advancing Smoker's Rights" or "100% LARD - gravy recipes for every day of the month".. If every database listed your SSN, a unique identifier, it's a hell of a lot easier than figuring out whether J.Doe at 31 Palacestreet is also John K. Doe at 31 Palacest.
Of course, SSNs do make it easier to access information in general, so an identity thief can make life easier on himself by using your SSN to get ahold of your credit report or medical records, but that's not a failing of the SSN itself. That's just not keeping things secret.
Mother's maiden name authentication schemes suck ass (donkey!). In general not a lot of thought is given to security, especially when everything is done on paper; it took the internet before credit cards got those numbers on the back that change when you get a new card (smartest thing ever; my CCnumber is on the invoices I get. Which also list the expiration date when the invoice is for the yearly fee.. I've not been asked for the CVC/CVV code yet..)
It's basically a choice for convenience over security.
We'll have to wait for a dupe until ThinkGeek starts selling it..
This is a great idea in concept, but the potential for abuse is incredibly high (if it's implement on a system that actually matters, like google).
Check out the voting buttons on the google toolbar.
2) I agree with your comment about getting people involved with the counting. I've thought of this myself: the more volunteers involved in the counting, the more people who are actually involved with the election. I see involvement like this as a means to help fight increasing voter apathy. In the long run, I think electronic voting will increase voter apathy, and thus decrease democracy.
Maybe the US could do with some sort of voting duty.. Every, what, 4 years, twelve people are picked at random to decide who will be, beyond reasonable doubt, the next president, and that's that, no more vote counting needed.
Right... This proves it. HTML needs a <sracasm> tag. :)
;-)
And a <DWIMNWIS> tag
I'd much rather cast my attention to impartial, un-biased sites such as /.
;-)
Excuse me? Slashdot unbiased? Oh well, whatever you say,... Care to invest in a sailing trip around zwitserland?
CoolVibe, you tree-hugging hippie, he was being sarcastic!
If found a bug, by you it is, report it you must, or fixed not it will be. This I sense in the Force. Chances you must take not, that reported by others it is, such a bug. Vigilant always, a kernel tester must be.
(For those of you who report "Jedi" as your faith on the Census).
Nope. Sorry, doesn't work that way. As long as there are people out there who can think independently, there will be some who want to kill you, take your home, rape your children, whatever. As long as human beings have free will, there will be people who wish you harm.
This has nothing to do with what you do or do not do. You can make more people dislike you through your choices, but you can never make no people dislike you. You can never be loved by everyone. Sooner or later, somebody's going to come along who hates you, hates your way of life, and wants to kill you.
Societies that fail to defend themselves from these kind of people inevitably fall to them... or wake up and start hammering their plowshares into swords.
The best way to guarantee a war is to be unprepared for one. And the best way to prevent a war is to be absolutely, undoubtedly ready to wage one if called upon to do so.
I told Saddam it was a mistake to let weapon's inspectors disarm him! His way of life was just a bit too much for Bush..
North Korea won't make the same mistake.
the smoke ring gun that ThinkGeek (among others) sell.
So can anyone tell me who the among others are?
google can!
They even lists what appears to be the manufacturer. Contact them for wholesale info.
does this mean I can sell the hardware to someone, and the software to someone else?
It means you can't sell the software at all. You don't own it, and the license is not transferable.
So what? Nobody's making a copy, the software is already there. No copy, no copyright infringement.
Even if the previous owner has signed some ghastly contract that governs how the equipment is used (probably null and void from a legal standpoint anyway, unless it's signed in blood an contains a first-born-son clause) s/he can always draw up a simple contract that says:
the owner retains all title etc. of the equipment and license to the software
the owner gets $SOME_NUMBER from the party of the second part
the party of the second part is appointed an agent for the owner within respect to the operating and safekeeping of said equipment, so long as this does not incur additional expense to the owner
if the continued operation requires upgrades etc. which the manufacturer will only supply to the owner, the owner will order these for the agent upon payment of the manufacturer's fees.
et voila.
No need for this though, doctrine of first sale and all that.
Every once in a while, though, they're right. Three years ago, I was having intermittent problems with my cable modem.
Call up tech support. One of the things she asks: "is the modem plugged into a surge supressor?"
Me: "of course."
Tech:"Unplug, and plug directly in wall."
Me (dripping in sarcasm) "Oh, I'm sure that's the problem."
So, to humor her, I move a bunch of furniture (disconnecting the phone in the process). Low and behold, the sumbitch is fixed.
Now, previously I'd been rebooting by unplugging the adaptor from the back of the modem, so it wasn't a simple power cycle. Can anyone explain why this fixed it, or did she just get lucky?
1) simple surge surpressors are single use and when they do encounter a surge they're supposed to burn straight through, maybe a semi-surge semi-burnt it out?
or, most likely,
2) when you told her you actually went to do it, she quickly fixed the problem at her end, so as to mystify you, so you would NEVER doubt tech support ever again LART LART LART!
What about bandwidth and processing power?
When you use an IM program like MSN messenger, do voice streams run through the server? No, they're client-to-client. There will be other problems, like people behind NAT, people on dialup who won't be able to listen to more than 2 people shouting to each other, but so what? People with the most impressive hardware/pipe will get the best experience. Same as it always was.
You might also want to note that there already are non-MMORPG games that use voice. They seem to have solved these problems, no?