What annoys me is that the FCC, in particular chairman Michael Powell (yes, son of Colin Powell), have ignored their own purpose and directive and have been entertaining agendas that are not central to their entire purpose. The FCC was created in the early 1900s (around 1912 I think) to regulate frequency usage to reduce interference by being a netrual party coordinating spectrum usage. This was to prevent the problem of several broadcast stations competing simply by increasing their transmitted power.
Now it appears the FCC doesn't give a rat's ass about those they are suppose to protect and work with (i.e. licensed spectrum users) and are giving a carte blanc to unlicensed intereference. The amendenments allows basiclly more freedom for utilties to create intereference. They have ignored both the amateur radio community (i.e. the ARRL) and the US Government's spectrum management agency, GTIA (I think).
Michael Powell has been considered a disappointment, naively believe that the "free market" can balance what are "natural monopolies."
The other annoyance is that BPL has faired poorly in the majority of trials, and globally most BPL trials have been shutdown with no plans on deployment. I believe numerous power companies are in fact merely trying to boost their stock value, not plan on actually delivering Internet services to rural users.
Saying you want "networking skills" is like saying you need someone with "programming skills".
Well, I certainly would not hire a Java programmer that did not have programming skills. It is possible to knowledge a programming language, i.e. language syntax, without having the broader knowledge and experience to make that language knowledge useful as a developer.
When a job ad says they want networking skills, you should be able to deduce what sort of skills based on the job title (Network Administrator or Unix System Administrator), and the other keywords used in the ad. They are not likely looking for Novell experience / knowledge unless they mention it.
If they don't mention WANs or routers, network administration you likely don't need any Cisco IOS knowledge.
My employer produces a large-ish software package, with 10 years of history and a small, 2-3 people, development team. Since I joined we have made massive strides in automating the build process, include some unit tests, and a few smoke tests in an automated process.
Well, the effort paid off. Before we supported one version of HP/UX, and one release of Linux, now we support HP/UX (still a pain), and 4 looking at going to 6 Linux version/distributions and it is less work to produce a release now than ever just a year ago.
Tools like automake, autoconfig, libtool, cvstrac and of course cvs have made my life bearable.
Of course, there still are books that I dust off when I need them: Perl Cookbook, C++ ARM, Stephens' Network Programming. But it would seem a bit silly for slashdot to review these.
Raising aware of high quality and timeless technical books is a very worthy endeavor, IMHO. Many younger, less experienced geeks / technies / self professed network gods should be told about classics. Too many geeks in unnamed small town in Iowa need your help to know that The C Programming Language is a wise place to learn how to really program.
It is okay to take your time to learn how to become an expert. If you want to be proficent, do not expect to become an instant expert. Read Teach Yourself Programming in Ten Years to understand why we (IT professionals and IT fans) should remember to take the time to become good at what we do, rather than fall into the false trap of "Internet Time" for everything we do, and produce quick, (cheap) crap.
If you just want to be a network user, or are starting your learning of networking, this might be a useful book. But if you are going to be a System Administrator or Network Administrator go further.
In my day we called it a newsgroup, and FAQs were created to reduce the number of repetetive Q&A of basic, simple, and common questions.
IMHO web based forums suck because most of them have primitive search capabilities, so unless you find the correct answer on the first hit from google, you may be just as lost as search groups.google.com. They also lack indexes, and usefuliness. Too many forums are many questions and few people answering them. There is little or no reward for the person who takes time to answer questions, i.e. no reputation or quality indicator only a "member since..." perhaps.
My Usenet FAQ maintaince experience was similar. Hand crafted HTML document (which I blew away once during the HTML to ASCI conversion using lynx -dump) that I posted to my website, and manually posted monthly to Usenet in ASCII.
The worst part that it became a manual version of dmoz.org's directory of links that I tried to verify monthly before posting.
The updating of content was trivial and a bareable task in comparison to the maintaince of website addresses for software packages and high quality personal websites (that had a habit of sucking so much bandwidth from being too popular) that I gave up eventually.
I need a software package that combined a basic word processor with spelling and grammar checking and a http/ftp/gopher link checker.
I played around with the xfree86.conf (I think that's the name) file, switching "nv" with "nvidia" and back again.
The binary driver is called nvidia. So switch it to that, and leave it.
Read the log file (/var/log/XFree86.0.log), look for lines with (WW) and (EE). This will go a long way to track down your problems.
the DVI output on my card wouldn't work.
Do you mean a second video port? Under Linux the second port (video output) is independent of the first in the XFree86 configuration, so you have to configure it to use it explicitly. Something like 'Screen 1' or 'Option "ConnectedMonitor" "DFP" ' in the Section 'Device' should do it.
Your idea of using surplus is only good is you have whatever said surplus already laying around. I don't happen to have any of the old parts you mention (gameboys, zip drives, scanner, etc.) lying around, or you have a large enough surplus supply (electronic goldmine, ocean state electronics, ebay but prices get whacked quickly) on the market.
Experimenting with cheap 8-bit microcontrollers such as Microchip's PIC or Atmel's AVRs is quite cheap, and typically all you need is a chip and one (really cheap if want) device - a programmer to transfer the (binary/hex) programs from your PC to the microcontroller's flash memory.
You will quickly outgrow Radio Shack unless you need a part right now and you don't have the right one in your own stock pile, often referred to as a "junk box" regardless of actual physical size. You should be getting the free catalogs (or CDs) from Digikey, Mouser, Newark, and Jameco. These all have usable online ordering systems and reasonable minimum order & shipping fees. UK geeks check G3SEK's UK Component and Tool Suppliers web page.
Many useful projects can be made for less than $100 even if you need to buy all the parts. After you build a collection of common parts (common resistors, capacitor values, PIC 16F628, AVR AT90S2313, red & green LEDs, 2N2222A, 2N3904, 2N3906, 2N4401, 2N4403, 2N4416, 4N25, 1N4148, 1N4001, 1N4007, etc.) and tools this cost will go down.
The real question is do they assume a general audience or do they assume a "knowledgeable user" is their target market? If the stuff is purely "cookbook" & kit building (AmQRP kits as an example) with little or no encouragement (and knowledge transfer) for the average Make reader to explore and expand it won't survive IMHO. BTW AmQRP kits on their own are pretty limited at expanding your knowledge, but combined with the AMQRP Homebrewer magazine and Conference Proceedings they do teach a lot. There is also the QRP-L mailing list which is very useful for technical questions (and has a rich archive)
I think it should be what Nuts and Volts magazine tries to be, but without the "legacy" dead weight and filler articles. A gentler introduction to most of the Circuit Cellar type stuff.
If people think this will recreate the Homebrew Computer Club, I expect they will be mistaken, but if you expect it to awaken the curiousity and encourage youth to learn about electronics, then I hope it is a brillent success.
In the end, I am curious and not quite sure what to expect of Make. It could be really lame if all it ends up being is computer geeks pretending to be electronic engineers (or electronic hobbyists). I hope that at least 10% of it expands what I know, which is more than I can say of books like Hardware Hacking Projects for Geeks (O'Reilly) and Hardware Hacking: Have Fun While Voiding Your Warranty. I am more interested in reading stuff like Hacking the Xbox (An Introduction to Reverse Engineering) by Andrew "bunnie" Huang which starts simple but gets into FPGAs and reverse engineering.
Re:It is more a case of terminals
on
Semper WiFi
·
· Score: 2, Insightful
Governments spend unbelievable ammounts of money on military equiptment, can't some of it be appropriated to communications?
The military views this much like entertainment, it is not an operational priority, and for the DoD that is in a massively spending spreed yet knows it needs to limit it's spending, it cuts from the bottom of "non-operational" activities not the top like Space Weapons.
I thought 'battlefield' communications would be very good - I am utterly mystified how a country can have so many troops in a place and not have a solid redundant communciation netwrok that could be accessible to the troops.
This is an independent network from their operational computer network, it has to be because the morale traffic is unclassified, and knowingly sent to output networks (the Internet).
Perhaps this could be an oppourtunity for some community aid? Let the students get involved in configuring the units (after all, we are talking email and video messaging, nothing secret?)
Invite possible sucide bombers into an area with lots of military personnel on a US military base on foreign soil. I hope not. That's a death wish.
Having received e-mails from a friend in Iraq....I think this a great idea. Their time is often limited when they can gain any kind of Internet access and the access points are few.
For usage limited to "morale" (to friends & family) traffic it's usage may be okay.
The proposal seems to ignore filtering, not only to stay within DoD harassment policy, but filtering & confidentality (against network sniffing) is also important to ensure stragetic information is not leaked through benign comments from personel to family (Mom, I'm really neverous about tomorrow).
Sorry I wasn't clear, regardless of whether the lawsuit has merit it does tie up employee time, gathering and presenting evidence, and spends corporate dollars rather than contributing to profitable activities like developing and selling products.
A risk-adverse organization will avoid this expense whereas a larger organization that determines that it stands to gain from understanding its attackers, and so it may consider it a jusitifible expense.
Is it worth / recommended for the owner the first edition to buy/read the 2nd edition?
How does it compare to the "additional material" originally presented in Honeypots: Tracking Hackers by Lance Spitzner (member of Honeynet Project) which was to address the growing and changing nature of honeypots and the early evolution of honeynets?
What I've seen elsewhere is that unlicenced doesn't mean unregulated.
"License-free" devices are an approved specific design, with numerous technical limits and non-modifiable transmitters to reduce the possibility of causing complaints to other frequency users (who may have 'priority' by being licensed users).
If only Linksys is allowed to certify Linksys components, then where does that leave owners of Linksys products if they decide not to certify antennas of decent gains?
Free market economy, AFAIK you can mix and match a certified wireless router and a certified antenna from a different manufactors, unless I misunderstood the changes.
They just released 7dB antennas for their products, which isn't enough in my opinion.
Well, it is likely because they know that with 3rd-party firmware tranmitter power tweaks (nearly 1W or 1000mW) and a 6 or 7 db antenna the Linksys router would be putting out the maximum legal limit of EPR of 4W.
With a directorial 6 db Yagi antenna and a modest power tweak (250-500mW) you can get line of sight links over 10-25km, which is darn good IMHO. If you need a longer haul, mesh networking or MIMO based Wi-Fi networks are your best option.
There are people who use 1/4-wave ground planes (~0db gain omnidirectorial) antenna and less than 1W to communicate with satellites in orbit.
There is no 'licensed' use of Wifi bands...duh, that's why it's called 'unlicensed spectrum'.
You are confused because Wi-Fi is not the primary usage of that specific 2.4 GHz range which Wi-Fi uses.
There is no such thing as unlicensed spectrum (below 300+ GHz), it is all managed in the US by the FCC.
Under US (and Canadian) law I can legally modify and operate Wi-Fi equipment under Part 97 (or Part 94) rules as a licensed radio amateur. I could legally operate a 100W Wi-Fi station under my amateur radio callsign within the limits of my license (no commercial usage, no encryption, no profanity, etc.).
I can't use this spectrum I don't have any specific right to use, because he's got a big-ass antenna. Even though he obviously could just get a legal wifi card with a directional antenna and broadcast gibberish at me, I am complaining anyway.
As a licensed operator within the part of the 2.4 GHz frequency range used by Wi-Fi in the US, I could complain if an unlicensed Wi-Fi user caused intereference to my licensed amateur radio station.
If the modified Wi-Fi equipment emits RF outside the normial 2.4 ghz range, such as leaking a harmonic (say around 4.8 GHz or 7.2 GHz) or leaking a IF (intermitiate frequency) say 50.9 MHz, then the user would be outside the letter of the law (the Wireless Act, IIRC) and the FCC have the authority to shut down the modified Wi-Fi equipment, if not simply take it.
Broadcast Radio (like your local commercial AM or FM station) are not the only licensed frequency users. Just about everything the emits RF is licensed, either by type-approved devices (Part 15) or by licensed users (amateur radio, taxi's two-way radio, international shortwave broadcasters, fire departments, airports, and hundreds of licensed users).
About the only situtation you are correct is that a license-free Wi-Fi user cannot complain about other RF causing interference to them, whether the interference is caused by a licensed or license-free user.
Why would the FCC worry about the gain on these antennas?
Because Part 15 for license-free (or license-exempt I can't remember which term they use officially) limited the total effective raditated power (ERP) to 4W, and a limit of 1W transmitter. So you can use a up to a 1W transmitter and a 6db gain antenna and remain within the Part 15 limits, or a lower power transmitter (typically 100-250mW with WiFi) and a higher gain antenna.
Someone please explain why High Gain antennas are/were evil to the FCC?
Because license-free devices have no protection and are suppose not to interefere with licensed "services" (official term) in the same frequency band (2.4 GHz has several users including Industrial, Scientific and Medical usage, and I believe some satellite downlinks are also in 2.4 GHz).
Modified devices may create intereference on harmonics (normally non-approved amplifers are most common cause of harmonics). The limited gain of antennas limits intereference between license-free devices and licensed devices.
They realized that such a restriction with small wireless networks would be very difficult to enforce.
In nearly every country wireless/RF enforcement is complaint driven, so a "small wireless network" that intereferes with another (possibly licensed) wireless/RF activity and those users complain, then the FCC may take action -- investigation and possibly enforcement in servere cases.
The old days of spot checks by UK Post Office station inspectors and FCC inspectors are long gone. Old hams often have stories of having their station inspected by FCC or PO employees in the old days.
Intereference does happen, at work we have been dealing with intereference from possibly a license free wireless microphone and our downlink from a satellite. It is a pain to get any enforcement action.
How is it clearly illegal? I didn't know it was illegal to use your own attenas?
Yes, because license-exempt transmitters ("Part 15" devices) are approved based on a specifc design including the antenna.
Once you modify a Part 15 device, such as by using a non-approved antenna you modify its RF characteristics which change important details such as how much Effective Radiated Power (ERP) which is limited to 4W in the US (many European contries limit WiFi to 1W ERP I believe).
Sure thing, but you see, in the evenings I run a small consulting firm, and they bill $200 an hour plus expenses. So, no I don't mind the boss expecting me to pay for my own internet access and cell phone as long as he is willing to pay my rates.:-)
As a mail administrator for a medium size company I've had to deal with residential broadband ISPs blocking access to port 25 a lot lately. It was a headache explaining to employees that work at home, at the office, and at customer sites, that they must change their outgoing SMTP setting in Outlook depending on their location. This is a true PITA as lots of times your not supplied with that information (or at least it is not obvious to the non-technical people), for example, internet access in hotel rooms.
Um. Shouldn't you be fixing the problem, which is that you want these remote users to act as if they are part of your trusted corporate network? When you look at it this way, you realise that the best (and far more secure) solution is to be using an VPN into a DMZ that can access limited services needed for tele-commuters and road warriors.
I think Ed Willis missed one major point of Fred Brook's writing, and that is that when he was the manager of the OS/360 team, programming was focused on large system development. "Computers" weren't cheap microcomputers you store under the desk, but very expensive systems where priests (operators) in white robes (lab coats) keep it going, and commercial users were billed in dollars per seconds of computer time.
Brook's writing is focused on programming large systems like operating systems, or major Information Systems (IS) like bank's accounting, or a Wall-Mart's inventory system. These are still large complex tasks, which isn't done using a couple of programmers sitting side-by-side writing a bunch of code on a couple of PCs.
Willis' comparison to a classic book to modern programming method is laughable, because all those said modern methods (XP, Agile, iterative development, refactoring) were influenced by Brook's writings.
IMHO Willis' piece at ONLamp wasn't very insightful and didn't do much for me. I would recommend to any new or young programmer to read The Mythical Man-Month, it's consider a classic for a reason and don't get bogged down with the historic context in which it was written or trying to poorly graft modern programming paradigms onto MMM.
Exactly. If you want to find out if your crypto implementation is secure, ask the US government. If they say yes, you've got bugs.
Depends who in the US government you ask. Groups like the US State Department, the Dept of Commerce, CSRC of the NIST and half of the NSA (who has two purposes - one to protect against foreign intelligent threats, and one to exploit against foreign intelligent adverseries.) they want to protect most of the US public (and NAFTA, G8, and NATO interests) - including US businesses - from foreign governments. These groups can give you an idea of what is likely secure as we know in the non-classified knowledge outside the cloak and dagger world of the NSA, GCHQ, CSE, etc.
Mind you, I'm not sure why anyone would need to ask permission to export a public standard like AES. I'm pretty sure there aren't any secrets happening there.
AES was selected through a very open public process, so no knowledge about AES requires export permission. The US Dept of Commerce does regulateDual-Use items (i.e. items that have a military/dangerous/hostile use and non-military use) including information security software implementations such as toolkits, libraries, and binaries (and object code). Humanly readable source code is still somewhat in disupte, but based on some US state level court cases (Phil Karn and Bernstein) it appears that human readable source code is not regulated.
Slashdot Mirror
What annoys me is that the FCC, in particular chairman Michael Powell (yes, son of Colin Powell), have ignored their own purpose and directive and have been entertaining agendas that are not central to their entire purpose. The FCC was created in the early 1900s (around 1912 I think) to regulate frequency usage to reduce interference by being a netrual party coordinating spectrum usage. This was to prevent the problem of several broadcast stations competing simply by increasing their transmitted power.
Now it appears the FCC doesn't give a rat's ass about those they are suppose to protect and work with (i.e. licensed spectrum users) and are giving a carte blanc to unlicensed intereference. The amendenments allows basiclly more freedom for utilties to create intereference. They have ignored both the amateur radio community (i.e. the ARRL) and the US Government's spectrum management agency, GTIA (I think).
Michael Powell has been considered a disappointment, naively believe that the "free market" can balance what are "natural monopolies."
The other annoyance is that BPL has faired poorly in the majority of trials, and globally most BPL trials have been shutdown with no plans on deployment. I believe numerous power companies are in fact merely trying to boost their stock value, not plan on actually delivering Internet services to rural users.
Saying you want "networking skills" is like saying you need someone with "programming skills".
Well, I certainly would not hire a Java programmer that did not have programming skills. It is possible to knowledge a programming language, i.e. language syntax, without having the broader knowledge and experience to make that language knowledge useful as a developer.
When a job ad says they want networking skills, you should be able to deduce what sort of skills based on the job title (Network Administrator or Unix System Administrator), and the other keywords used in the ad. They are not likely looking for Novell experience / knowledge unless they mention it.
If they don't mention WANs or routers, network administration you likely don't need any Cisco IOS knowledge.
My employer produces a large-ish software package, with 10 years of history and a small, 2-3 people, development team. Since I joined we have made massive strides in automating the build process, include some unit tests, and a few smoke tests in an automated process.
Well, the effort paid off. Before we supported one version of HP/UX, and one release of Linux, now we support HP/UX (still a pain), and 4 looking at going to 6 Linux version/distributions and it is less work to produce a release now than ever just a year ago.
Tools like automake, autoconfig, libtool, cvstrac and of course cvs have made my life bearable.
Seriously. I was recently interviewing for a position that required "networking" skills. Uhh, OK. How do you prepare for that?
Experience.
Of course, there still are books that I dust off when I need them: Perl Cookbook, C++ ARM, Stephens' Network Programming. But it would seem a bit silly for slashdot to review these.
Raising aware of high quality and timeless technical books is a very worthy endeavor, IMHO. Many younger, less experienced geeks / technies / self professed network gods should be told about classics. Too many geeks in unnamed small town in Iowa need your help to know that The C Programming Language is a wise place to learn how to really program.
lots of shortcut keys to make it look a lot more complicated than it is.
keyboard shortcuts? Pheeease. Try a network analyzer, Ethernet vampire taps, and a soldering iron to make a real impression.
It is okay to take your time to learn how to become an expert. If you want to be proficent, do not expect to become an instant expert. Read Teach Yourself Programming in Ten Years to understand why we (IT professionals and IT fans) should remember to take the time to become good at what we do, rather than fall into the false trap of "Internet Time" for everything we do, and produce quick, (cheap) crap.
If you just want to be a network user, or are starting your learning of networking, this might be a useful book. But if you are going to be a System Administrator or Network Administrator go further.
In my day we called it a newsgroup, and FAQs were created to reduce the number of repetetive Q&A of basic, simple, and common questions.
IMHO web based forums suck because most of them have primitive search capabilities, so unless you find the correct answer on the first hit from google, you may be just as lost as search groups.google.com. They also lack indexes, and usefuliness. Too many forums are many questions and few people answering them. There is little or no reward for the person who takes time to answer questions, i.e. no reputation or quality indicator only a "member since
My Usenet FAQ maintaince experience was similar. Hand crafted HTML document (which I blew away once during the HTML to ASCI conversion using lynx -dump) that I posted to my website, and manually posted monthly to Usenet in ASCII.
The worst part that it became a manual version of dmoz.org's directory of links that I tried to verify monthly before posting.
The updating of content was trivial and a bareable task in comparison to the maintaince of website addresses for software packages and high quality personal websites (that had a habit of sucking so much bandwidth from being too popular) that I gave up eventually.
I need a software package that combined a basic word processor with spelling and grammar checking and a http/ftp/gopher link checker.
I played around with the xfree86.conf (I think that's the name) file, switching "nv" with "nvidia" and back again.
The binary driver is called nvidia. So switch it to that, and leave it.
Read the log file (/var/log/XFree86.0.log), look for lines with (WW) and (EE). This will go a long way to track down your problems.
the DVI output on my card wouldn't work.
Do you mean a second video port? Under Linux the second port (video output) is independent of the first in the XFree86 configuration, so you have to configure it to use it explicitly. Something like 'Screen 1' or 'Option "ConnectedMonitor" "DFP" ' in the Section 'Device' should do it.
Your idea of using surplus is only good is you have whatever said surplus already laying around. I don't happen to have any of the old parts you mention (gameboys, zip drives, scanner, etc.) lying around, or you have a large enough surplus supply (electronic goldmine, ocean state electronics, ebay but prices get whacked quickly) on the market.
Experimenting with cheap 8-bit microcontrollers such as Microchip's PIC or Atmel's AVRs is quite cheap, and typically all you need is a chip and one (really cheap if want) device - a programmer to transfer the (binary/hex) programs from your PC to the microcontroller's flash memory.
You will quickly outgrow Radio Shack unless you need a part right now and you don't have the right one in your own stock pile, often referred to as a "junk box" regardless of actual physical size. You should be getting the free catalogs (or CDs) from Digikey, Mouser, Newark, and Jameco. These all have usable online ordering systems and reasonable minimum order & shipping fees. UK geeks check G3SEK's UK Component and Tool Suppliers web page.
Many useful projects can be made for less than $100 even if you need to buy all the parts. After you build a collection of common parts (common resistors, capacitor values, PIC 16F628, AVR AT90S2313, red & green LEDs, 2N2222A, 2N3904, 2N3906, 2N4401, 2N4403, 2N4416, 4N25, 1N4148, 1N4001, 1N4007, etc.) and tools this cost will go down.
The real question is do they assume a general audience or do they assume a "knowledgeable user" is their target market? If the stuff is purely "cookbook" & kit building (AmQRP kits as an example) with little or no encouragement (and knowledge transfer) for the average Make reader to explore and expand it won't survive IMHO. BTW AmQRP kits on their own are pretty limited at expanding your knowledge, but combined with the AMQRP Homebrewer magazine and Conference Proceedings they do teach a lot. There is also the QRP-L mailing list which is very useful for technical questions (and has a rich archive)
I think it should be what Nuts and Volts magazine tries to be, but without the "legacy" dead weight and filler articles. A gentler introduction to most of the Circuit Cellar type stuff.
If people think this will recreate the Homebrew Computer Club, I expect they will be mistaken, but if you expect it to awaken the curiousity and encourage youth to learn about electronics, then I hope it is a brillent success.
In the end, I am curious and not quite sure what to expect of Make. It could be really lame if all it ends up being is computer geeks pretending to be electronic engineers (or electronic hobbyists). I hope that at least 10% of it expands what I know, which is more than I can say of books like Hardware Hacking Projects for Geeks (O'Reilly) and Hardware Hacking: Have Fun While Voiding Your Warranty. I am more interested in reading stuff like Hacking the Xbox (An Introduction to Reverse Engineering) by Andrew "bunnie" Huang which starts simple but gets into FPGAs and reverse engineering.
Governments spend unbelievable ammounts of money on military equiptment, can't some of it be appropriated to communications?
The military views this much like entertainment, it is not an operational priority, and for the DoD that is in a massively spending spreed yet knows it needs to limit it's spending, it cuts from the bottom of "non-operational" activities not the top like Space Weapons.
I thought 'battlefield' communications would be very good - I am utterly mystified how a country can have so many troops in a place and not have a solid redundant communciation netwrok that could be accessible to the troops.
This is an independent network from their operational computer network, it has to be because the morale traffic is unclassified, and knowingly sent to output networks (the Internet).
Perhaps this could be an oppourtunity for some community aid? Let the students get involved in configuring the units (after all, we are talking email and video messaging, nothing secret?)
Invite possible sucide bombers into an area with lots of military personnel on a US military base on foreign soil. I hope not. That's a death wish.
For usage limited to "morale" (to friends & family) traffic it's usage may be okay.
The proposal seems to ignore filtering, not only to stay within DoD harassment policy, but filtering & confidentality (against network sniffing) is also important to ensure stragetic information is not leaked through benign comments from personel to family (Mom, I'm really neverous about tomorrow).
If the intruder sued, the corporate lawyers...
Sorry I wasn't clear, regardless of whether the lawsuit has merit it does tie up employee time, gathering and presenting evidence, and spends corporate dollars rather than contributing to profitable activities like developing and selling products.
A risk-adverse organization will avoid this expense whereas a larger organization that determines that it stands to gain from understanding its attackers, and so it may consider it a jusitifible expense.
could someone (legally) elaborate on the illegalities of honeypots and nets?
The many issue is for government (and perhaps government contractors) running honeypots/honeynets and the legal definition of entrapment.
The rest is mainly a risk taking or adversion decision. At the very least a criminal caught using evident from a honeypot/net may launch a lawsuit.
Is it worth / recommended for the owner the first edition to buy/read the 2nd edition?
How does it compare to the "additional material" originally presented in Honeypots: Tracking Hackers by Lance Spitzner (member of Honeynet Project) which was to address the growing and changing nature of honeypots and the early evolution of honeynets?
What I've seen elsewhere is that unlicenced doesn't mean unregulated.
"License-free" devices are an approved specific design, with numerous technical limits and non-modifiable transmitters to reduce the possibility of causing complaints to other frequency users (who may have 'priority' by being licensed users).
If only Linksys is allowed to certify Linksys components, then where does that leave owners of Linksys products if they decide not to certify antennas of decent gains?
Free market economy, AFAIK you can mix and match a certified wireless router and a certified antenna from a different manufactors, unless I misunderstood the changes.
They just released 7dB antennas for their products, which isn't enough in my opinion.
Well, it is likely because they know that with 3rd-party firmware tranmitter power tweaks (nearly 1W or 1000mW) and a 6 or 7 db antenna the Linksys router would be putting out the maximum legal limit of EPR of 4W.
With a directorial 6 db Yagi antenna and a modest power tweak (250-500mW) you can get line of sight links over 10-25km, which is darn good IMHO. If you need a longer haul, mesh networking or MIMO based Wi-Fi networks are your best option.
There are people who use 1/4-wave ground planes (~0db gain omnidirectorial) antenna and less than 1W to communicate with satellites in orbit.
There is no 'licensed' use of Wifi bands...duh, that's why it's called 'unlicensed spectrum'.
You are confused because Wi-Fi is not the primary usage of that specific 2.4 GHz range which Wi-Fi uses.
There is no such thing as unlicensed spectrum (below 300+ GHz), it is all managed in the US by the FCC.
Under US (and Canadian) law I can legally modify and operate Wi-Fi equipment under Part 97 (or Part 94) rules as a licensed radio amateur. I could legally operate a 100W Wi-Fi station under my amateur radio callsign within the limits of my license (no commercial usage, no encryption, no profanity, etc.).
I can't use this spectrum I don't have any specific right to use, because he's got a big-ass antenna. Even though he obviously could just get a legal wifi card with a directional antenna and broadcast gibberish at me, I am complaining anyway.
As a licensed operator within the part of the 2.4 GHz frequency range used by Wi-Fi in the US, I could complain if an unlicensed Wi-Fi user caused intereference to my licensed amateur radio station.
If the modified Wi-Fi equipment emits RF outside the normial 2.4 ghz range, such as leaking a harmonic (say around 4.8 GHz or 7.2 GHz) or leaking a IF (intermitiate frequency) say 50.9 MHz, then the user would be outside the letter of the law (the Wireless Act, IIRC) and the FCC have the authority to shut down the modified Wi-Fi equipment, if not simply take it.
Broadcast Radio (like your local commercial AM or FM station) are not the only licensed frequency users. Just about everything the emits RF is licensed, either by type-approved devices (Part 15) or by licensed users (amateur radio, taxi's two-way radio, international shortwave broadcasters, fire departments, airports, and hundreds of licensed users).
About the only situtation you are correct is that a license-free Wi-Fi user cannot complain about other RF causing interference to them, whether the interference is caused by a licensed or license-free user.
-a licensed RF user
Why would the FCC worry about the gain on these antennas?
Because Part 15 for license-free (or license-exempt I can't remember which term they use officially) limited the total effective raditated power (ERP) to 4W, and a limit of 1W transmitter. So you can use a up to a 1W transmitter and a 6db gain antenna and remain within the Part 15 limits, or a lower power transmitter (typically 100-250mW with WiFi) and a higher gain antenna.
Someone please explain why High Gain antennas are/were evil to the FCC?
Because license-free devices have no protection and are suppose not to interefere with licensed "services" (official term) in the same frequency band (2.4 GHz has several users including Industrial, Scientific and Medical usage, and I believe some satellite downlinks are also in 2.4 GHz).
Modified devices may create intereference on harmonics (normally non-approved amplifers are most common cause of harmonics). The limited gain of antennas limits intereference between license-free devices and licensed devices.
They realized that such a restriction with small wireless networks would be very difficult to enforce.
In nearly every country wireless/RF enforcement is complaint driven, so a "small wireless network" that intereferes with another (possibly licensed) wireless/RF activity and those users complain, then the FCC may take action -- investigation and possibly enforcement in servere cases.
The old days of spot checks by UK Post Office station inspectors and FCC inspectors are long gone. Old hams often have stories of having their station inspected by FCC or PO employees in the old days.
Intereference does happen, at work we have been dealing with intereference from possibly a license free wireless microphone and our downlink from a satellite. It is a pain to get any enforcement action.
How is it clearly illegal? I didn't know it was illegal to use your own attenas?
Yes, because license-exempt transmitters ("Part 15" devices) are approved based on a specifc design including the antenna.
Once you modify a Part 15 device, such as by using a non-approved antenna you modify its RF characteristics which change important details such as how much Effective Radiated Power (ERP) which is limited to 4W in the US (many European contries limit WiFi to 1W ERP I believe).
dedicated staff who desire to be responsive
:-)
Sure thing, but you see, in the evenings I run a small consulting firm, and they bill $200 an hour plus expenses. So, no I don't mind the boss expecting me to pay for my own internet access and cell phone as long as he is willing to pay my rates.
As a mail administrator for a medium size company I've had to deal with residential broadband ISPs blocking access to port 25 a lot lately. It was a headache explaining to employees that work at home, at the office, and at customer sites, that they must change their outgoing SMTP setting in Outlook depending on their location. This is a true PITA as lots of times your not supplied with that information (or at least it is not obvious to the non-technical people), for example, internet access in hotel rooms.
Um. Shouldn't you be fixing the problem, which is that you want these remote users to act as if they are part of your trusted corporate network? When you look at it this way, you realise that the best (and far more secure) solution is to be using an VPN into a DMZ that can access limited services needed for tele-commuters and road warriors.
I think Ed Willis missed one major point of Fred Brook's writing, and that is that when he was the manager of the OS/360 team, programming was focused on large system development. "Computers" weren't cheap microcomputers you store under the desk, but very expensive systems where priests (operators) in white robes (lab coats) keep it going, and commercial users were billed in dollars per seconds of computer time.
Brook's writing is focused on programming large systems like operating systems, or major Information Systems (IS) like bank's accounting, or a Wall-Mart's inventory system. These are still large complex tasks, which isn't done using a couple of programmers sitting side-by-side writing a bunch of code on a couple of PCs.
Willis' comparison to a classic book to modern programming method is laughable, because all those said modern methods (XP, Agile, iterative development, refactoring) were influenced by Brook's writings.
IMHO Willis' piece at ONLamp wasn't very insightful and didn't do much for me. I would recommend to any new or young programmer to read The Mythical Man-Month, it's consider a classic for a reason and don't get bogged down with the historic context in which it was written or trying to poorly graft modern programming paradigms onto MMM.
Exactly. If you want to find out if your crypto implementation is secure, ask the US government. If they say yes, you've got bugs.
Depends who in the US government you ask. Groups like the US State Department, the Dept of Commerce, CSRC of the NIST and half of the NSA (who has two purposes - one to protect against foreign intelligent threats, and one to exploit against foreign intelligent adverseries.) they want to protect most of the US public (and NAFTA, G8, and NATO interests) - including US businesses - from foreign governments. These groups can give you an idea of what is likely secure as we know in the non-classified knowledge outside the cloak and dagger world of the NSA, GCHQ, CSE, etc.
Mind you, I'm not sure why anyone would need to ask permission to export a public standard like AES. I'm pretty sure there aren't any secrets happening there.
AES was selected through a very open public process, so no knowledge about AES requires export permission. The US Dept of Commerce does regulate Dual-Use items (i.e. items that have a military/dangerous/hostile use and non-military use) including information security software implementations such as toolkits, libraries, and binaries (and object code). Humanly readable source code is still somewhat in disupte, but based on some US state level court cases (Phil Karn and Bernstein) it appears that human readable source code is not regulated.