Exactly. If I'm a Ukrainian soldier and I believe my death may help bring about a true end to Russian tyranny, it may be worth fighting. If I look at the numbers and say "we're screwed either way," then it's just a choice of which is better: to live with Russian tyranny in a neighboring territory (not where I live), or to be dead and have the same Russian tyranny in the same neighboring territory (where I can't live, because I'm not alive).
Well, according to the OP, about 50% joined the Russian side, so even without the outside forces you'd have most people dead, assuming equal training and weaponry (which if they're all from the same base, is pretty likely). Also, most of these guys would have served together for years, so it's likely they didn't relish the idea of killing (and being killed by) their comrades when the alternative was "pack up your shit and go home to be with your families."
Now add in the outside Russian forces, and anyone who fought back would have been quickly destroyed. Ukrainians aren't stupid, but they can be pretty pragmatic. The ones from Crimea were likely Russian heritage or at least had Russian sympathies, and the ones who were just stationed there likely didn't give much of a rat's arse about losing the peninsula after most of the people there voted to leave Ukraine. So rather than dying, they went home.
There's a lot to be said for living to fight another day, and it seems like these people "get it" in that regard. Why die for a lost cause that you may not really believe in? Why defend a peninsula that doesn't really seem to want to be defended? Russia takes what it wants, the "allies" of Ukraine have made it clear they have no intention of doing more than a bit of posturing in response, why stay and fight?
Right, that was mostly to make a nice even $500/yr, I think mine is actually closer to $75. And of course, a lot of the entry level plans are quite a bit cheaper, and there's all the discounting and such that happens, and a fair portion of bills is taxes and fees.
But, using $42/month as a starting number gives a very generous cushion for the numbers - given what's actually charged to most customers, the $10k for a peering link seems even more insignificant.
I understand you probably don't work with this type/scale of equipment/network on a regular basis, but the fact is $10k *is* extremely cheap. It's also probably a bit of a bogus number, or at least incorporates a whole lot of stuff beyond the actual connection (not just the cost of the optics, but some of the cost of the blade/chassis, and cost of power and rack space over an X year period, etc). The optics themselves are pretty cheap now - probably no more than $800/side, and with the scale of the large operators it's a good bet they're paying $500/ea for 10g SFPs. Believe me, a network operator of this size sneezes 10g optics without thinking about it - their on-site guys probably play dominoes with the spares.
A little fun math: Let's say for the sake of easy math that the average customer pays $42/month for broadband, or $500/year. Let's say the average lifecycle of a 10g optical link and the associated routers is 3 years, and the single cross-connect costs $10k, spread across those 3 years, for a cost of approximately $3500/yr. So, ignoring the cost of the last-mile infrastructure (partly because the vast majority is in place and has probably been paid off for years), the cable company would have to add 7 customers to pay for each new cross-connect. Again using nice round decimal numbers for the sake of easy math, at a cap of 50mbps per subscriber, you could have 200 customers fully saturating their links before you would saturate the 10gbps cross-connect, assuming ALL customer traffic was being routed that way. So if your first 7 customers paid for the cross-connect, and we're talking about 3-year equipment lifecycles, that leaves just shy of $290k for the ISP to spend on their other infrastructure and overhead.
Summary: I think they'll be just fine, and not need to raise your fees (they probably will raise them anyway, but that's an entirely different discussion).
A lot of towns/cities will stop traffic for things like very large pre-organized motorcycle rides, convoys, funeral processions, and the like. Just because you're not as special as the president doesn't mean he's being treated quite like a king. Stop and Go traffic is for individuals, while police escorts and blocked traffic are for large convoys, and the POTUS happens to travel in a large convoy.
Yep, it's pretty common... they do that when you don't maintain them properly, which is also pretty common. There's a wonderful thing called preventative maintenance, which is a pain in the ass but means your car isn't likely to spontaneously break down on the side of the road. It's why my car with just shy of 200k miles hasn't let me down, and why the one before that made it to 320k, only letting me down once when the timing belt snapped - I hadn't checked the proper interval on that car, and accidentally took it to double that. Fortunately it was a non-interference engine, so I changed the belt and kept going.
You can bet the Beast won't overheat in traffic though, because it's no doubt meticulously maintained.
Up until your last statement, I was following... DNS based techniques have been widely settled on as the stupid, lazy option which pushes the cost onto innocent third party service providers, and isn't really that effective for all the reasons already cited in this thread (primarily, that it redirects based on where the user's DNS resolver lies, which may be on the opposite side of the country from the user).
For web-based traffic, properly implemented redirects are typically the best option. For other services with a dedicated client, there are much better options that can be implemented, and can also provide a much better user experience.
Correct, the short TTLs are for the "traffic management" portion of things rather than the "global" portion of things, but in practice they're typically coupled. I've had many conversations with devs in the past about why we wouldn't want to just set GTM to use a TTL of 0. As I recall, we ended up setting it at 60. Yes, that's 60 seconds. So essentially, if an entire datacenter dropped off the face of the planet, things should fail over to an alternate site within approximately monitoring frequency + TTL. As a slightly amusing side effect, this means when the GTM system has a major problem, everyone's cache expires long before anyone has a chance to fix it, causing massive service outages. Sadly, massive outages are usually a bad time to tell the decision makers "I told you so..."
Rather than mucking about with DNS or routing protocols, the proper method is to build this into the app layer. For web traffic, the initial load of the page should check the source IP and issue an appropriate redirect to a geo-specific server pool. For failover, round robin DNS and an intelligent client/resolver that will try more than one IP address provide the answer. Unfortunately, some resolvers and browsers will stop on the first error instead, so this isn't a perfect solution either.
My address is very real, and perfectly routable within my network. I'm making the point that I don't trust any of the public DNS resolvers to be run correctly and provide reliable results. And 7 years doesn't make me a newbie, it means I have an old DNS server. Also, 7 years ago is when I moved and re-IP'd my network. Prior to that I believe I was using 192.168.1.100. For awhile the two networks were bridged with a VPN, so changed my network to make everything easily routable. So, I'm not entirely sure what your point is.
Funny, I've been using 192.168.2.100 for at least the last 7 years. I've switched ISPs, seen ISPs (and their servers) come and go, but that server has been rock solid. Except for that one time when it was going through fsck on a 6TB volume, then I had to fall back to 192.168.2.1 for a while (which is just a cache of whatever upstream server it got from DHCP).
Actually, there are a few major GTM (Global Traffic Management) schemes that do use the IP address of your DNS server, rather than your actual IP. They basically abuse the DNS system with super-short TTLs and give a different response to the DNS query based on the IP of the downstream DNS server. So, if you use a DNS server located on the east coast of the US when you're on the west coast, you'll get an east coast server even if that service has a west coast datacenter available.
This is done primarily to free companies from the burden of having to design proper geolocation into their app/service, turning it into a more plug-n-play solution while breaking several of the finer points of DNS (like proper caching). This type of traffic management could easily be contributing to Comcast's DNS troubles, as it drastically increases load on the entire DNS infrastructure. Paul Vixie did a good detailed write-up about this type of traffic management a few years back. Unfortunately it's probably here to stay, and is used by some very major corporations and online services.
If you want the most reliable DNS service, and want to be directed to the closest servers for the services you use, your only real option is to run your own recursive name server. A simple caching name server isn't enough, and will curse you with many of the same problems you see from your upstream. Fortunately, recursive name servers are pretty simple to set up, in both the *nix and Windows worlds.
Remember when/. was "news for nerds, stuff that matters?" When the heck did it become "propaganda distribution for damn hippies, shit that just enough people care about to be really annoying?"
Did these people miss the part of elementary school science class where when you water a plant, most of that moisture later evaporates and condenses into clouds in the sky, which then become rain and come back to earth? Or maybe the part where those acres and acres of green things also take CO2 and turn it back into O2, which allows us humans to keep breathing successfully?
Someone needs to offer these people a nice juicy top sirloin with a side of bacon if they'll just shut the hell up. If I want more legumes I'll eat a can of baked beans with my steak, dammit.
RMFP. I didn't say anything about who it would be sold to or who/what it was designed for, and those points are completely irrelevant to mine.
To recap: 1) If there's a way to put it together, there's a way to take it apart. This is true no matter who it's sold to. The defense industry tends to hire clever people, who are often clever at disassembly as well. 2) It kind of sucks to have your data wiped if your phone takes a major spill and thinks you're trying to break it open. This is still true if you work on sooper sekrit stuphs. The suckage of a broken phone is not predicated on the usage model of the phone. There may be a good reason for that level of security, but having your data wiped from it unnecessarily would still make for a bad day.
If there's a way to put it together, there's a way to take it apart. Also, it kind of sucks to have your data wiped if your phone takes a major spill and thinks you're trying to break it open.
If you judge people based on their choice of free or low-cost email provider then you, sir, are the hack. I've been using Yahoo email since they bought Geocities (and used Geocities email before that, as back in the day they were the only ones to offer pop3/smtp access for free).
In all those years, there have only been a few noticeable outages, mostly very short-term. Their service is fast, reliable, and they keep making improvements. Why would I switch?
I generally assume anything I allow on a network will be read or looked at by someone. I'd imagine all photos uploaded to most online services are scanned/flagged by some automated process looking for kiddie porn, and then anything flagged is reviewed by a human, and true violators reported to LE.
Is it an invasion of privacy? Fair question. It's probably somewhere in the EULA for OneSky, I didn't read the whole thing though so I'm not sure. Was it obnoxious and extreme to kill someone's account because they had nude pictures of their kids uploaded? Yes.
I have a Lumia 925. I read all the warnings and things I had to click "Allow" or "OK" on when setting up the phone. I also just went and read the article. To summarize, it boils down to "the phone is uploading and transmitting exactly what I agreed to when I clicked 'Allow' when setting up the phone."
It uploads my text messages... obviously, because I turned on text message backup. It uploads my pictures... well yes, I turned on backup/auto-upload of my pictures to OneSkyDriveWalkCrawl. It uploads my location... when I have it attached to my pictures, or when I turn on the "find my phone" feature, or use mapping and location services. It uses a MSFT proxy for web stuff, if I turned on the "speed up my browsing by using a proxy service" option. It asks on initial setup if I want to use this service.
As a result, there are now two brands of hardware that I will refuse to purchase. I swore off (and at) Belkin when I bought one of their APs and it wouldn't let me change the network for its management IP. It was hardcoded to 192.168.1.0/24, and their "customer service" response was "by design, FOAD."
I have a few of their surge suppressors, but generally anything with the Belkin name doesn't come into my house after that experience. Also, I'll never buy one of their PDUs for the datacenter - if their consumer support is that bad, why would I trust them in the enterprise?
Dear Businesses: Enterprise purchasing decisions are made by people who are also consumers who buy stuff for their homes.
And which both countries are likely willing to sell to just about any other country for the right price. "You no let us build oil pipeline through your country? What if we give you whiz-bang, now you will? Da? Good. We set."
You really think China won't supply some of these NK for a beta test against any one of the proxy nations of their most hated trading partner?
And if those countries won't supply them, the French will surely buy a few from somewhere and then sell them to whoever can pony up the cash (or diamonds, or whatever else the French may want these days).
They can... but the tech may not be quite there yet. Or it might be, but we don't know. High enough intensity lasers that can be aimed and focused on an incoming hypersonic missile and stay aimed/focused long enough to take it out are sort of challenging to build, I'd wager. Also, if fired from an aerial platform, one would have to be a bit careful about any miss taking things out on the ground. People might react badly to being scorched by lasers from the sky, after all. Not to mention burning flesh is an awful smell.
Slashdot Mirror
Exactly. If I'm a Ukrainian soldier and I believe my death may help bring about a true end to Russian tyranny, it may be worth fighting. If I look at the numbers and say "we're screwed either way," then it's just a choice of which is better: to live with Russian tyranny in a neighboring territory (not where I live), or to be dead and have the same Russian tyranny in the same neighboring territory (where I can't live, because I'm not alive).
Easy choice, that.
Well, according to the OP, about 50% joined the Russian side, so even without the outside forces you'd have most people dead, assuming equal training and weaponry (which if they're all from the same base, is pretty likely). Also, most of these guys would have served together for years, so it's likely they didn't relish the idea of killing (and being killed by) their comrades when the alternative was "pack up your shit and go home to be with your families."
Now add in the outside Russian forces, and anyone who fought back would have been quickly destroyed. Ukrainians aren't stupid, but they can be pretty pragmatic. The ones from Crimea were likely Russian heritage or at least had Russian sympathies, and the ones who were just stationed there likely didn't give much of a rat's arse about losing the peninsula after most of the people there voted to leave Ukraine. So rather than dying, they went home.
There's a lot to be said for living to fight another day, and it seems like these people "get it" in that regard. Why die for a lost cause that you may not really believe in? Why defend a peninsula that doesn't really seem to want to be defended? Russia takes what it wants, the "allies" of Ukraine have made it clear they have no intention of doing more than a bit of posturing in response, why stay and fight?
Right, that was mostly to make a nice even $500/yr, I think mine is actually closer to $75. And of course, a lot of the entry level plans are quite a bit cheaper, and there's all the discounting and such that happens, and a fair portion of bills is taxes and fees.
But, using $42/month as a starting number gives a very generous cushion for the numbers - given what's actually charged to most customers, the $10k for a peering link seems even more insignificant.
I understand you probably don't work with this type/scale of equipment/network on a regular basis, but the fact is $10k *is* extremely cheap. It's also probably a bit of a bogus number, or at least incorporates a whole lot of stuff beyond the actual connection (not just the cost of the optics, but some of the cost of the blade/chassis, and cost of power and rack space over an X year period, etc). The optics themselves are pretty cheap now - probably no more than $800/side, and with the scale of the large operators it's a good bet they're paying $500/ea for 10g SFPs. Believe me, a network operator of this size sneezes 10g optics without thinking about it - their on-site guys probably play dominoes with the spares.
A little fun math: Let's say for the sake of easy math that the average customer pays $42/month for broadband, or $500/year. Let's say the average lifecycle of a 10g optical link and the associated routers is 3 years, and the single cross-connect costs $10k, spread across those 3 years, for a cost of approximately $3500/yr. So, ignoring the cost of the last-mile infrastructure (partly because the vast majority is in place and has probably been paid off for years), the cable company would have to add 7 customers to pay for each new cross-connect. Again using nice round decimal numbers for the sake of easy math, at a cap of 50mbps per subscriber, you could have 200 customers fully saturating their links before you would saturate the 10gbps cross-connect, assuming ALL customer traffic was being routed that way. So if your first 7 customers paid for the cross-connect, and we're talking about 3-year equipment lifecycles, that leaves just shy of $290k for the ISP to spend on their other infrastructure and overhead.
Summary: I think they'll be just fine, and not need to raise your fees (they probably will raise them anyway, but that's an entirely different discussion).
A lot of towns/cities will stop traffic for things like very large pre-organized motorcycle rides, convoys, funeral processions, and the like. Just because you're not as special as the president doesn't mean he's being treated quite like a king. Stop and Go traffic is for individuals, while police escorts and blocked traffic are for large convoys, and the POTUS happens to travel in a large convoy.
Yep, it's pretty common... they do that when you don't maintain them properly, which is also pretty common. There's a wonderful thing called preventative maintenance, which is a pain in the ass but means your car isn't likely to spontaneously break down on the side of the road. It's why my car with just shy of 200k miles hasn't let me down, and why the one before that made it to 320k, only letting me down once when the timing belt snapped - I hadn't checked the proper interval on that car, and accidentally took it to double that. Fortunately it was a non-interference engine, so I changed the belt and kept going.
You can bet the Beast won't overheat in traffic though, because it's no doubt meticulously maintained.
Up until your last statement, I was following... DNS based techniques have been widely settled on as the stupid, lazy option which pushes the cost onto innocent third party service providers, and isn't really that effective for all the reasons already cited in this thread (primarily, that it redirects based on where the user's DNS resolver lies, which may be on the opposite side of the country from the user).
For web-based traffic, properly implemented redirects are typically the best option. For other services with a dedicated client, there are much better options that can be implemented, and can also provide a much better user experience.
Correct, the short TTLs are for the "traffic management" portion of things rather than the "global" portion of things, but in practice they're typically coupled. I've had many conversations with devs in the past about why we wouldn't want to just set GTM to use a TTL of 0. As I recall, we ended up setting it at 60. Yes, that's 60 seconds. So essentially, if an entire datacenter dropped off the face of the planet, things should fail over to an alternate site within approximately monitoring frequency + TTL. As a slightly amusing side effect, this means when the GTM system has a major problem, everyone's cache expires long before anyone has a chance to fix it, causing massive service outages. Sadly, massive outages are usually a bad time to tell the decision makers "I told you so..."
Rather than mucking about with DNS or routing protocols, the proper method is to build this into the app layer. For web traffic, the initial load of the page should check the source IP and issue an appropriate redirect to a geo-specific server pool. For failover, round robin DNS and an intelligent client/resolver that will try more than one IP address provide the answer. Unfortunately, some resolvers and browsers will stop on the first error instead, so this isn't a perfect solution either.
Just remember that most decisions in the tech industry are made by technically inept bean counters, and everything will make much more sense.
My address is very real, and perfectly routable within my network. I'm making the point that I don't trust any of the public DNS resolvers to be run correctly and provide reliable results. And 7 years doesn't make me a newbie, it means I have an old DNS server. Also, 7 years ago is when I moved and re-IP'd my network. Prior to that I believe I was using 192.168.1.100. For awhile the two networks were bridged with a VPN, so changed my network to make everything easily routable. So, I'm not entirely sure what your point is.
Funny, I've been using 192.168.2.100 for at least the last 7 years. I've switched ISPs, seen ISPs (and their servers) come and go, but that server has been rock solid. Except for that one time when it was going through fsck on a 6TB volume, then I had to fall back to 192.168.2.1 for a while (which is just a cache of whatever upstream server it got from DHCP).
Actually, there are a few major GTM (Global Traffic Management) schemes that do use the IP address of your DNS server, rather than your actual IP. They basically abuse the DNS system with super-short TTLs and give a different response to the DNS query based on the IP of the downstream DNS server. So, if you use a DNS server located on the east coast of the US when you're on the west coast, you'll get an east coast server even if that service has a west coast datacenter available.
This is done primarily to free companies from the burden of having to design proper geolocation into their app/service, turning it into a more plug-n-play solution while breaking several of the finer points of DNS (like proper caching). This type of traffic management could easily be contributing to Comcast's DNS troubles, as it drastically increases load on the entire DNS infrastructure. Paul Vixie did a good detailed write-up about this type of traffic management a few years back. Unfortunately it's probably here to stay, and is used by some very major corporations and online services.
If you want the most reliable DNS service, and want to be directed to the closest servers for the services you use, your only real option is to run your own recursive name server. A simple caching name server isn't enough, and will curse you with many of the same problems you see from your upstream. Fortunately, recursive name servers are pretty simple to set up, in both the *nix and Windows worlds.
Remember when /. was "news for nerds, stuff that matters?" When the heck did it become "propaganda distribution for damn hippies, shit that just enough people care about to be really annoying?"
Did these people miss the part of elementary school science class where when you water a plant, most of that moisture later evaporates and condenses into clouds in the sky, which then become rain and come back to earth? Or maybe the part where those acres and acres of green things also take CO2 and turn it back into O2, which allows us humans to keep breathing successfully?
Someone needs to offer these people a nice juicy top sirloin with a side of bacon if they'll just shut the hell up. If I want more legumes I'll eat a can of baked beans with my steak, dammit.
RMFP. I didn't say anything about who it would be sold to or who/what it was designed for, and those points are completely irrelevant to mine.
To recap:
1) If there's a way to put it together, there's a way to take it apart. This is true no matter who it's sold to. The defense industry tends to hire clever people, who are often clever at disassembly as well.
2) It kind of sucks to have your data wiped if your phone takes a major spill and thinks you're trying to break it open. This is still true if you work on sooper sekrit stuphs. The suckage of a broken phone is not predicated on the usage model of the phone. There may be a good reason for that level of security, but having your data wiped from it unnecessarily would still make for a bad day.
In summary, don't be such an ass.
Ooohhhh, look who knows so much...
How do you know what industry I'm in, or what phone they'll want me to carry?
If there's a way to put it together, there's a way to take it apart. Also, it kind of sucks to have your data wiped if your phone takes a major spill and thinks you're trying to break it open.
If you judge people based on their choice of free or low-cost email provider then you, sir, are the hack. I've been using Yahoo email since they bought Geocities (and used Geocities email before that, as back in the day they were the only ones to offer pop3/smtp access for free).
In all those years, there have only been a few noticeable outages, mostly very short-term. Their service is fast, reliable, and they keep making improvements. Why would I switch?
I generally assume anything I allow on a network will be read or looked at by someone. I'd imagine all photos uploaded to most online services are scanned/flagged by some automated process looking for kiddie porn, and then anything flagged is reviewed by a human, and true violators reported to LE.
Is it an invasion of privacy? Fair question. It's probably somewhere in the EULA for OneSky, I didn't read the whole thing though so I'm not sure. Was it obnoxious and extreme to kill someone's account because they had nude pictures of their kids uploaded? Yes.
I have a Lumia 925. I read all the warnings and things I had to click "Allow" or "OK" on when setting up the phone. I also just went and read the article. To summarize, it boils down to "the phone is uploading and transmitting exactly what I agreed to when I clicked 'Allow' when setting up the phone."
It uploads my text messages... obviously, because I turned on text message backup.
It uploads my pictures... well yes, I turned on backup/auto-upload of my pictures to OneSkyDriveWalkCrawl.
It uploads my location... when I have it attached to my pictures, or when I turn on the "find my phone" feature, or use mapping and location services.
It uses a MSFT proxy for web stuff, if I turned on the "speed up my browsing by using a proxy service" option. It asks on initial setup if I want to use this service.
In essence, *yawn*.
Forget hacksaw, apply your favorite exploding target and a high power rifle. I guarantee it will be wireless, and no one will be accessing it anymore.
As a result, there are now two brands of hardware that I will refuse to purchase. I swore off (and at) Belkin when I bought one of their APs and it wouldn't let me change the network for its management IP. It was hardcoded to 192.168.1.0/24, and their "customer service" response was "by design, FOAD."
I have a few of their surge suppressors, but generally anything with the Belkin name doesn't come into my house after that experience. Also, I'll never buy one of their PDUs for the datacenter - if their consumer support is that bad, why would I trust them in the enterprise?
Dear Businesses: Enterprise purchasing decisions are made by people who are also consumers who buy stuff for their homes.
Something about this just seems like a bad idea.
Oh, and we would never again have a true full moon - some of it would be missing.
And which both countries are likely willing to sell to just about any other country for the right price. "You no let us build oil pipeline through your country? What if we give you whiz-bang, now you will? Da? Good. We set."
You really think China won't supply some of these NK for a beta test against any one of the proxy nations of their most hated trading partner?
And if those countries won't supply them, the French will surely buy a few from somewhere and then sell them to whoever can pony up the cash (or diamonds, or whatever else the French may want these days).
If we blew the annoying countries to bits in the first place we wouldn't be here to have missiles shot at us.
FTFY.
They can... but the tech may not be quite there yet. Or it might be, but we don't know. High enough intensity lasers that can be aimed and focused on an incoming hypersonic missile and stay aimed/focused long enough to take it out are sort of challenging to build, I'd wager. Also, if fired from an aerial platform, one would have to be a bit careful about any miss taking things out on the ground. People might react badly to being scorched by lasers from the sky, after all. Not to mention burning flesh is an awful smell.
So right, as I was saying... technically complex.