Does this affect anyone other than IBM?
on
SCO SCO SCO!
·
· Score: 2, Interesting
Even if IBM lose, can anyone else be affected? The organisation breaching contract and revealing the trade secret would be IBM, not their customers, nor any other distributor of Linux or their customers either.
The biggest precedent should be the use of electronic securities exchanges. These have existed since the eighties, matching buyers with sellers. A financial security is essentially an intangible represented by a document, but it is easy to swap that intangiable for something tangiable with very little change to the technology.
This has been going on since the eighties. Maybe not on the Internet, but definitely within private networks of cooperating organisations.
The main problem with the Aral sea wasn't really a dam but something else, the extensive irrigation system constructed in Kazakhstan and Uzbekistan by the Soviets. For whatever reason, the central planners allocated Cotton to Uzbekistan, a thirsty crop and this was grown in what was effectively a desert.
It wasn't really a single dam that harmed things but more a series of minor errors in agriculture and water management poliicy that ended up becoming a major one. It is a slow disaster, but the end result is major with an entire region being rendered uninhabitable.
The 3 Gorges project is different. Here is a single trigger which will have many downstream effects. At the same time, helping China solve its energy problem is a major 'good', helping peace and stability in the area.
Virtual machines such as the Java VM are supposed to be very secure about what they permit to be executed. However, it is sometimes possible to break out of a VM by triggering a fault condition.
What would be the equivalent of a suitable fault in our version of 'real' life?
Actually I would see Pakistan as the greater danger. There are plenty of Pakistanis who are ok but the country hasn't been democratic for more than a few years at a time.
A combination of a military and religious extremisim in an undemocratic country is not exactly consucive to peace. China is less of a danger now that at least some eonomic reforms have taken place, which give a form of democracy.
India isn't a particularly agressive country and apart from the expense (when so many remain so poor), I don't have any problems with them being armed, particularly with Pakistan next door.
Lower costs is the answer. How much does a programmer in India earn and how much in the US? Maybe the american programmer is paid more but how much of that income is disposable? These are costs that can't be easily reduced. You can't pay a programmer less than it costs him to live.
I just hope that India is as open to the import of services as the rest of the world. Last time I heard, it was quite expensive and quite difficult for a foreign company to open up shop there.
I have no problems about a world market. However, it should always work both ways.
I know that it usually doesn't go much beyond the Central Office, but do big private switches ever connect in via IP. The last installation I had my teeth on, we had fibre coming in to a box from the telco and separate lines coming out of the box for the switch and data. My area was just the data and we just saw an unswitched circuit (well, actually lots, but each delivered separately).
The main issue was to provide a very large address space. Worldcom had some very big ideas at the time and to keep the traffic separated. I think in those days (about 18 months before the fall) they had an incredible amount of international capacity. They were also a major provider of data links to the Pentagon amongst others. How much was just planned and how much was in execution, I don't know as my friend was a manager rather than a technical type.
My apologies (note, I heard this from a manager rather than a techie). The idea was that they need the service class concept to separate and prioritise traffic. The other benefit from IPv6 was better separation between the many IPv4 links that would tunnel through the net. Voice was interesting but the major selling point was supposed to be video conferencing. Note that Worldcom was a major supplier of network services to the military (I guess thats why MCI were so quick into Iraq. they probably already have some infrastructure travelling with the HQ staff).
The friend was working in London and Frankfurt (mostly). AFAIK, it was only on the backbones and maybe only some of those. The idea was just to use QoS to separate traffic so that they could sell different service levels depending upon the nature of the data (i.e. video conferencing).
You are quite right, I was simplifying. However, I see many non-bank services that do not use https.
Even with https, if I can attack your machine, the https security isn't worth anything. For example, SSL establishes a random session key. The random number generator could be 'randomly' generating the value 1, in which case the SSL session can always be broken. If your machine is well protected, that wouldn't be possible. However we are talking here about a PC with a wireless LAN adapter directly connected.
The PC is probably running Windows, and is probably unpatched - and so on. Incidentally, to prevent key capture, my bank allows number entry via mouse-clicks.
A friend was an engineering manager for them, the network was based around ATM as the transport and at least some of the stuff was IPv6. This was only seen at the deeper levels and the corporate network was IPv4 for data which would have been routed on top of the IPv6 connections.
Modern switches can talk IP. They are essentially just computers with some specialised I/O. Switches can talk to each other locally via a LAN and they can send long distance traffic via a variety of WAN connections. IP6 has been preferred for a while between switching centres because of the QoS support. The lower layer is generally ATM.
A friend who used to work for Nortel (didn't many) mentioned this. Worldcom did most of their long distance stuff on top of IP6.
I agree that IPsec is better, but as it is deeper in the protocol stack, it generally need more configuration. As someone else has already said, SSH is just a way of using SSL as a transport layer.
I agree that VPN tunneling is also a solution but again it either means extra hardware and/or some complicated configuration (at least more complicated than the average user can cope with). I see a lot of ADSL or broadband routers with a builtin AP that is being sold to SOHOs and domestic users, to avoid unsightly wiring. These are hardly ever run even with WEP enabled.
Please just give me something that runs secure out of the box that the average person can set up.
About five hours of traffic seems to be enough to attack WEP. Additionally, some time is needed for analysis but with modern systems it wouldn't take more than a couple of hours or so. With 1GHz P3 machines and half a Gig of memory, it was around five hours.
The things is that we are not talking about a normal WAN link which tries to be economical with the packets. All it takes is, for example, a live news feed and there will be lots of packets going over the link.
As for distamce, a normal AP can easily manage 50 metres or so without any problems. This goes up if a directional antenna is used.
The issue isn't about who is going to steal my Internet (however a real problem in an apartment block), it is about privacy.
Do you want to manage your online bank account by CB?
It seems the committee approving 802.11 had no cryptographer. The protocol is borked and is unsuitable without frequent changes of key for any kind of privacy. The best bet is the MAC as most APs allow restriction of which MACs can connect, but that too can be overcome.
In reality, you want to firewall off the AP and then use SSL to tunnel through it as you suggest. If they had built something better into the spec like IPsec (as good as SSL, but implemented deeper in the protocol stack), it would have been much better. Setting up SSL properly isn't so easy and it woould be nice to give the average WEP user something that works 'out of the box'.
Ahem, Buran was only flown without crew because the life support system wasn't ready. It was always intended to be flown with a crew in normal service. What was interesting and very non-Shuttle-like was the ability
The word about the Tu144 is that the Concorde prototype plans that were acquired by the Soviets contained some deliberate mistakes (an old engineering trick) and these led to the crash.
The Russians did have some very good copies of the VAX 11/780 though running VMS. It was only through an almighty balls up by Digital that they lost their advantage after the end of the Soviet Union. HP did wel out of Digital's mistake.
They give dire warnings that this is a neutered version (and not for use on a non-private system). I only have one 2K box left and I use Trend's housecall every so often.
I junked Norton and Mcaffee after I saw hoe much they took in resources. My old 500MHz machines weren't big enough. Now all but one is running Linux.
In the old days, one of the goofies on the NT resource kit was something called Posix services for N, exploiting and promoting the NT Posix API. The applications provided as part of this package were sometimes BSD, but often GNU. Microsoft even provided the source code to maintain compliance. GCC was there too.
This can only work within a country and with the cooperation of the plaintiff's lawyers. We are talking here about mischief from almost every SCO subsidiary. Anyone who is involved with either supplying Linux, organising Linux related events and particularly the authors of the kernel have their own rights to reply because it is they who are affected by the suit.
It wasn't a problem earlier because mobile networks have their own area codes. You call an area code of a mobile, you know it will cost you more from a land line.
When someone leaves an investment bank, they are probably going to end up working for a rival institution. A non-compete is therefore unreasonable.
The bank just pays the employee not to work for a period of around three months, during which time they are not permitted to work anywhere else. This is referred to in the City as "Gardening Leave". Note, someone jumping ship may well have another place to go to, that is permitted. However, they can't start work until the end of the "gardening leave". Both sides understand that.
I thought that the PADI tables are not the same as USN tables. They are based on them, but are far more conservative (i.e., less time at any depth) than the navy tables. Indeed, PADI warn recreational divers to stay clear of tables for professional purposes. Another point is that the USN tables assume a younger and fitter diver. PADI has to use a tissue model for a much wider range of body types (for non divers here, the amount of nitrogen held by different types of tissue, i.e., muscle, fat, is variable).
However, that last bit you say about trying to dive with a buddy with a different computer is one of the best ideas. I also plan my dive with the PADI wheel which gives a third level of checking.
Slashdot Mirror
Even if IBM lose, can anyone else be affected? The organisation breaching contract and revealing the trade secret would be IBM, not their customers, nor any other distributor of Linux or their customers either.
This has been going on since the eighties. Maybe not on the Internet, but definitely within private networks of cooperating organisations.
It wasn't really a single dam that harmed things but more a series of minor errors in agriculture and water management poliicy that ended up becoming a major one. It is a slow disaster, but the end result is major with an entire region being rendered uninhabitable.
The 3 Gorges project is different. Here is a single trigger which will have many downstream effects. At the same time, helping China solve its energy problem is a major 'good', helping peace and stability in the area.
What would be the equivalent of a suitable fault in our version of 'real' life?
Bulgakov is good but I wouldn't necessarily recommend it to someone that doesn't know much about the surreal aspects life of Russia.
A combination of a military and religious extremisim in an undemocratic country is not exactly consucive to peace. China is less of a danger now that at least some eonomic reforms have taken place, which give a form of democracy.
India isn't a particularly agressive country and apart from the expense (when so many remain so poor), I don't have any problems with them being armed, particularly with Pakistan next door.
I just hope that India is as open to the import of services as the rest of the world. Last time I heard, it was quite expensive and quite difficult for a foreign company to open up shop there.
I have no problems about a world market. However, it should always work both ways.
I know that it usually doesn't go much beyond the Central Office, but do big private switches ever connect in via IP. The last installation I had my teeth on, we had fibre coming in to a box from the telco and separate lines coming out of the box for the switch and data. My area was just the data and we just saw an unswitched circuit (well, actually lots, but each delivered separately).
The main issue was to provide a very large address space. Worldcom had some very big ideas at the time and to keep the traffic separated. I think in those days (about 18 months before the fall) they had an incredible amount of international capacity. They were also a major provider of data links to the Pentagon amongst others. How much was just planned and how much was in execution, I don't know as my friend was a manager rather than a technical type.
My apologies (note, I heard this from a manager rather than a techie). The idea was that they need the service class concept to separate and prioritise traffic. The other benefit from IPv6 was better separation between the many IPv4 links that would tunnel through the net. Voice was interesting but the major selling point was supposed to be video conferencing. Note that Worldcom was a major supplier of network services to the military (I guess thats why MCI were so quick into Iraq. they probably already have some infrastructure travelling with the HQ staff).
The friend was working in London and Frankfurt (mostly). AFAIK, it was only on the backbones and maybe only some of those. The idea was just to use QoS to separate traffic so that they could sell different service levels depending upon the nature of the data (i.e. video conferencing).
Even with https, if I can attack your machine, the https security isn't worth anything. For example, SSL establishes a random session key. The random number generator could be 'randomly' generating the value 1, in which case the SSL session can always be broken. If your machine is well protected, that wouldn't be possible. However we are talking here about a PC with a wireless LAN adapter directly connected.
The PC is probably running Windows, and is probably unpatched - and so on. Incidentally, to prevent key capture, my bank allows number entry via mouse-clicks.
A friend was an engineering manager for them, the network was based around ATM as the transport and at least some of the stuff was IPv6. This was only seen at the deeper levels and the corporate network was IPv4 for data which would have been routed on top of the IPv6 connections.
A friend who used to work for Nortel (didn't many) mentioned this. Worldcom did most of their long distance stuff on top of IP6.
I agree that VPN tunneling is also a solution but again it either means extra hardware and/or some complicated configuration (at least more complicated than the average user can cope with). I see a lot of ADSL or broadband routers with a builtin AP that is being sold to SOHOs and domestic users, to avoid unsightly wiring. These are hardly ever run even with WEP enabled.
Please just give me something that runs secure out of the box that the average person can set up.
The things is that we are not talking about a normal WAN link which tries to be economical with the packets. All it takes is, for example, a live news feed and there will be lots of packets going over the link.
As for distamce, a normal AP can easily manage 50 metres or so without any problems. This goes up if a directional antenna is used.
The issue isn't about who is going to steal my Internet (however a real problem in an apartment block), it is about privacy.
Do you want to manage your online bank account by CB?
In reality, you want to firewall off the AP and then use SSL to tunnel through it as you suggest. If they had built something better into the spec like IPsec (as good as SSL, but implemented deeper in the protocol stack), it would have been much better. Setting up SSL properly isn't so easy and it woould be nice to give the average WEP user something that works 'out of the box'.
The word about the Tu144 is that the Concorde prototype plans that were acquired by the Soviets contained some deliberate mistakes (an old engineering trick) and these led to the crash.
The Russians did have some very good copies of the VAX 11/780 though running VMS. It was only through an almighty balls up by Digital that they lost their advantage after the end of the Soviet Union. HP did wel out of Digital's mistake.
I junked Norton and Mcaffee after I saw hoe much they took in resources. My old 500MHz machines weren't big enough. Now all but one is running Linux.
In the old days, one of the goofies on the NT resource kit was something called Posix services for N, exploiting and promoting the NT Posix API. The applications provided as part of this package were sometimes BSD, but often GNU. Microsoft even provided the source code to maintain compliance. GCC was there too.
The free version will not operate in a networked environment. This kind of sucks if you have a home LAN.
This can only work within a country and with the cooperation of the plaintiff's lawyers. We are talking here about mischief from almost every SCO subsidiary. Anyone who is involved with either supplying Linux, organising Linux related events and particularly the authors of the kernel have their own rights to reply because it is they who are affected by the suit.
It wasn't a problem earlier because mobile networks have their own area codes. You call an area code of a mobile, you know it will cost you more from a land line.
The bank just pays the employee not to work for a period of around three months, during which time they are not permitted to work anywhere else. This is referred to in the City as "Gardening Leave". Note, someone jumping ship may well have another place to go to, that is permitted. However, they can't start work until the end of the "gardening leave". Both sides understand that.
However, that last bit you say about trying to dive with a buddy with a different computer is one of the best ideas. I also plan my dive with the PADI wheel which gives a third level of checking.