While stopping short of a full denial-of-service attack, the method could substantially clog the target computer's Internet connection.
So they are going to attempt to clog a users' Internet connections... Seems to be that this could be a very dangerous thing to do. Depending on a user's ISP or LAN configuration, blocking one machine may well cause problems for others (Take the example of 'bandwidth hogs' bogging down a neighbourhood on cable...).
Also, say I work at a large multinational company and decide to use file-swapping from there (assumming it is allowed or I want to risk my job). They might not take kindly to a DoS attack and may well kick back.
Finally, I believe that DoS attacks were present in early versions of the Gnutella network - people were forming ping/pong packets with large bogus payloads and sending them out with a high TTL... Some of the simpler clients didn't strip off spurious junk after a valid header on a packet (probably using a strategy similar to wormhole routing...) and thus forwarded it. Guess what? Those clients got fixed and the problem went away...
A good resolve would be to discover the IP's of the computers used to launch the attacks on the P2P networks, and build it into each P2P client to ping these computers, or even better some router in front of them (remembering to spoof source IP address). Might make for a very nice DDoS...
...once they unveiled the code-morphing (or whatever it's called) technology I was really impressed.
Erm, I think that if you look hard enough, there are similar tricks going on in the Intel Pentiums (and probably others too) to give performace while still being compatible with even the earliest of x86 code. In fact, I heard somewhere that the core of the P6 is essentially RISC based, and that x86 instructions are converted "into simple micro-ops" prior to RISC style execution.
Sounds like "code-morphing technology" technology to me!
Lots of people are explaining how this works (sends some tones down the line so that automated tools are tricked into thinking that the line is disconnected).
However, over here in the UK, I don't believe that (any?) telemarketers use automated tools that can be tricked by other automated tools!
I worked in a telemarketing office about 5 years ago (it was hell) and the only things we got were a long list of numbers and a sore finger from dialing!
I thought that VMWare just gave you a 'virtual machine' onto which you install what ever OS you want, which, presumably if it is Windows, offers all the features of that OS, but with a slight performance hit from the underlying management of the real->virtual mappings used to give the virtual machine.
A while ago a story was posted on Slashdot about O'Reilly attempting a similar thing, except he was trying to get 802.11 to travel 20.9 miles using a standard.11 card and a very directional antenna.
The good news is that it worked for him, but the bad news is the he was going for less than half the distance you need. He did use a relay station after the 20.9 mile mark tho' so it might be of use if you want to build 3 of them (presuming that you own/can afford the land to build them on).
Oh, and his target was halfway up a big hill, making line of site no problem!
Whether this patch is added or not is surely just a question of whether it is stable enough or not.
As it says in the interview, the enablement of the patch is an option in the config... For those that want it (i.e. most desktop users I would expect) it's there. For those that don't, it can be disabled.
It seems that the patch works, as scientifically explored by his benchmarks. If there is a fault in the patch, I'm sure that half of slashdot will email the chap.
In summary, it works, is probably stable and can be enabled/disabled in config if needed. It already does, and probably can, benefit lots of people.
Put it in!
(At worst it can be removed and a new kernel released the day after... hehe)
It's a real shame that when dealing with perceptual redundancy you can't get a computer as the expert listener. If such a thing existed and could say something like "Sample A differs 10%" from the original and then give some details, it would probably help developers of these formats a lot....
The only test I can think of that makes sure that the output of the compression is good is to attempt to bzip an mp3 and see if it shrinks much - if it does, it isn't fully entropic/compressed. But this has nothing todo with fidelity.
Isn't one of the things that puts commercial software houses off releasing for linux the amount of tech support required?
Linux comes in many forms, flavours and has a following of hackers who tinker with the systems making it difficult to make a product easily installs 'out-of-the-box' and works properly. How many times have you had a tarball fail to make or config because of dependencies, missing files or version issues? Too many times for me...
Microsoft did a wonderful thing with Windows - they assimilated all PC's into the same thing enabling people to release software that has a much better chance of installing correctly on any win9x/NT/2000 machine. (But then i guess you could also argue that win users expect lots of stuff never to work and random crashes so don't bleat to tech sup so much;)
Also the fact that linux folks seem to *hate* commercial software under linux...
A small feature which would be greatly appreciated is the functionality of the xmms-crossfade plugin.
I recon this sounds more interestings.
More info also here in a good New Scientist article that also conducted an experiment like the Turing test, but with an audience of clubbers listening to the artificial DJ.
Unfortunately I think the HP has the patents on these algorithms, but I guess it maybe possible to licence...
As you point out, it is very dependant on cell size. Smaller cells==better resolution of tracking, and indeed in central London and places of high population that require smaller cells and more infastructre to support demand resolution is better (within 50 meters [Source: Wapland.com]). In Stockholm accuracy is between 100-200 meters [Source: Also Wapland.com] as the cells are larger.
So basically, unless you are in London or perhaps New York, I don't believe the GSM network can currently deliver such accuracy, which is probably why e911 demands this.
Of course, you might work of a telco and know more than me - but this is the thoughts I have formed from the media I read.
Traffic analysis: You sit at some point on the internet, like a router, and watch all the packets go past.
You just notice where packets are to and from (this cannot be encrypted) and when they are sent. The only problem is getting your probes into a suitable point on the internet where you can see the packets going past - likely you want to sit on a major router or ISP peering point.
Using their own routers wouldn't work either I'm afraid. Basically the strength of the internet is it's ability to route packets around congestion and outages (the famous nuclear attack scenario). Attempting to limit the packets you only your own network means you are weaker than using the internet (and indeed, setting up routing such that packets do not leak out would be hard).
As someone points out, setting up their own routers is akin to making a new network...
Folks might like to look at http://www.fcc.gov/e911/ to see why this is being done.
Basically, this US mandate requires among other things, that mobile phone handsets that are capable of reporting location must be on sale by 1 October 2001, and that 100% of mobile phones sold after 31 December 2002 must include such capabilities.
Required accuracy of location reporting will initially be to within 50 meters for 67% of calls and within 150 meters for 95% of calls.
Of course, there are many other benefits too - but also many worries I guess.
Taken from the "Into to Crypto" PDF that accompanies PGP:
"Given all of today's computing power and available time--even a billion computers doing a billion checks a second--it is not possible to decipher the result of strong cryptography before the end of the universe."
I'd assume that if this guy was bothering to use PGP, or encryption of any sort, then he would also be the type of guy that used the largest key length that he could .
I don't think that it can be cracked unless the US have a secret quantum computer somewhere; remember that for each extra bit on the key length, you double the number of possible key combinations - 2^2048 is a BIG number, 2^2049 is a VERY BIG number!!!
Isn't it possible to get an old pentium box (get a HP vectra or something since I think they can take a lot of RAM), stuff it full of ram and then make a massive ramdisk.
Then just setup an NFS server and big UPS. You might like to use gigabit ethernet too.
You may also like to write a little prog to copy all data to disk every once in a while, something along the lines of a crontab with 'cp -r' should do the trick, and the same again for when the UPS signals.
Could do this in a day, although you would do well to top a few gb and NFS might diminish seek time, but boy of boy it would be cool!
> just pulled all of its software out of the EU, flipping them the bird and leaving them to
> scramble for dry ground
I think that the EU constitutes such a large market that it would be a major portion of MS revenus to lose; I doubt they would want that.
Also, there are many alternatives to MS products, and it would surely just fuel the market for the alternatives. In fact, if MS did pull out of the EU it might give competition products the market space needed to pose a really threat to MS products....
The US is not the centre of the world, and you need to appreciate this.
Seems like a reverse approach to what people believed in the past; that the universe was dictated by some huge equation that one day would be found and understood (turns out that chaos theory means it is impossible to know the starting state to an accuracy where todays universe can be known).
Just this seems to be the other way around - make a formula and find the universe it creates.
> I should note I'm running 512 MB RAM and 640 MB of swap on 2 partitions, and the system barely ever goes to swap now
So how can you tell if the new VM is much better if you hardly go into it?
It's only really when the system is loaded and starts to swap that you notice how good/bad it is. At the moment my system is reduced to rubble as soon as it goes into swap, but I have an early 2.2 kernel:(
> The trouble is, even if some court orders Microsoft to throw Real Player into the Windows
> package, it doesn't make much difference if most users can't figure out how to switch the
> default player of music files from Windows Media to Real.
I really don't think that this is possible. While most users probably don't know 'of the top of their head' how to change the config, windows does have extensive help and various guides are available (I got a manual with my copy of win98 for example) that detail how to do this.
e.g. (Win98)
Start->Help->Index
Type the word 'file' in the box and a short way down the list the topic 'file extensions' appears with sub-topic 'associating with programs'.
Also, it is easy for programs to check file associations themselves and question the user whether to change them, as we all know (Preferably with an option to disable such a feature).
Now if Microsoft removed the API calls to do this...
Sounds to me like the reporter had a bad day with this in the office and decided to moan to the world.
I don't read Slashdot for this type of news - I read CNN or BBC who do a much better job (they are pros at this) and provide more info than a pair of links to these sites.
I think people should be able to moderate the postings. This would allow me to browse at +2 and avoid this type of submission that is surely offtopic for slashdot.
Sure I can select not to view US stories, but some of them actually are interesting - just not these ones.
Surely this question is just a poor attempt to conduct some sort of market research to see if there is a market for such a compiler?
Asking whether 'Linux needs' the compiler is a dumb question - it's not about linux, its about the people that would use the compiler. Firstly, do they/be willing to use Linux, and secondly is there enough market space left around the other compiler offerings.
As for comparison with gcc, it *should* be better really if people are being paid to develop this thing, otherwise they are wasting their own time. Also, it would be easy for them to benchmark code against other compilers and aim to better it... I would hope that this product is better than gcc, otherwise there certainly isn't a market for it on linux.
"Cameras followed me as I walked from the main station to the underground, and there were cameras at each of the stations on the way to King's Cross"
As a Briton, I can say that I have never seen a camera 'follow me' as I walk around. These cameras don't follow people around - they are usually hidden in domes that prevent you from seeing which way they are facing, or are on fixed mountings.
"...surveillance is being used to keep punks out of shopping malls"
Yeah, just like having a security officer stood infront of the mall. Except it is cheaper, doesn't blink and can't fall asleep!
Jeez, I'd recon that this article is written just to keep yanks out of the UK!!! Don't belive it until you experience it for yourself.
It's good that these projects are including gesture support but I wonder if time would have been better spent designing it into some layer underneath the application? Perhaps adding X extensions for gesuture messages/events would be better?
That way, any humble developer could add the posibility of using gesture input to their app (and it would seem popular enough that people may wat to do this), and we wouldn't have duplicated work in different apps.
OTOH, this might make a race as to who can provide the best gesture engine and give us some great benefits.
I hope it does look the same. You see, I am getting bored of more eyecandy on my desktop. Pretty as it all is, and great to look at, I find my system is becoming slower and slower as more pretty pictures seem to eat away at more memory/cpu.
I would far prefer Gnome (or KDE) releases to stop adding visible features and just try to make everything go faster, using less memory and be darned more efficient. And I am sure that this is not impossible since Windoze seems to radically outperform both KDE and Gnome in responsiviness (although I have no figures for this, I rarely have to wait while my system goes to swap space for a new window to appear under M$).
One of the nice features of the browser wars was the M$ spent lots of effort making IE have a faster rendering engine.
Maybe we need a similar window manager war on *speed*, not eyecandy?
Slashdot Mirror
While stopping short of a full denial-of-service attack, the method could substantially clog the target computer's Internet connection.
So they are going to attempt to clog a users' Internet connections... Seems to be that this could be a very dangerous thing to do. Depending on a user's ISP or LAN configuration, blocking one machine may well cause problems for others (Take the example of 'bandwidth hogs' bogging down a neighbourhood on cable...).
Also, say I work at a large multinational company and decide to use file-swapping from there (assumming it is allowed or I want to risk my job). They might not take kindly to a DoS attack and may well kick back.
Finally, I believe that DoS attacks were present in early versions of the Gnutella network - people were forming ping/pong packets with large bogus payloads and sending them out with a high TTL... Some of the simpler clients didn't strip off spurious junk after a valid header on a packet (probably using a strategy similar to wormhole routing...) and thus forwarded it. Guess what? Those clients got fixed and the problem went away...
A good resolve would be to discover the IP's of the computers used to launch the attacks on the P2P networks, and build it into each P2P client to ping these computers, or even better some router in front of them (remembering to spoof source IP address). Might make for a very nice DDoS...
Erm, I think that if you look hard enough, there are similar tricks going on in the Intel Pentiums (and probably others too) to give performace while still being compatible with even the earliest of x86 code. In fact, I heard somewhere that the core of the P6 is essentially RISC based, and that x86 instructions are converted "into simple micro-ops" prior to RISC style execution.
Sounds like "code-morphing technology" technology to me!
Sorry to disappoint....
Lots of people are explaining how this works (sends some tones down the line so that automated tools are tricked into thinking that the line is disconnected).
However, over here in the UK, I don't believe that (any?) telemarketers use automated tools that can be tricked by other automated tools!
I worked in a telemarketing office about 5 years ago (it was hell) and the only things we got were a long list of numbers and a sore finger from dialing!
> VMWare have pretty weak DirectX
I thought that VMWare just gave you a 'virtual machine' onto which you install what ever OS you want, which, presumably if it is Windows, offers all the features of that OS, but with a slight performance hit from the underlying management of the real->virtual mappings used to give the virtual machine.
no?
A while ago a story was posted on Slashdot about O'Reilly attempting a similar thing, except he was trying to get 802.11 to travel 20.9 miles using a standard .11 card and a very directional antenna.
The good news is that it worked for him, but the bad news is the he was going for less than half the distance you need. He did use a relay station after the 20.9 mile mark tho' so it might be of use if you want to build 3 of them (presuming that you own/can afford the land to build them on).
Oh, and his target was halfway up a big hill, making line of site no problem!
Whether this patch is added or not is surely just a question of whether it is stable enough or not.
As it says in the interview, the enablement of the patch is an option in the config... For those that want it (i.e. most desktop users I would expect) it's there. For those that don't, it can be disabled.
It seems that the patch works, as scientifically explored by his benchmarks. If there is a fault in the patch, I'm sure that half of slashdot will email the chap.
In summary, it works, is probably stable and can be enabled/disabled in config if needed. It already does, and probably can, benefit lots of people.
Put it in!
(At worst it can be removed and a new kernel released the day after... hehe)
It's a real shame that when dealing with perceptual redundancy you can't get a computer as the expert listener. If such a thing existed and could say something like "Sample A differs 10%" from the original and then give some details, it would probably help developers of these formats a lot....
The only test I can think of that makes sure that the output of the compression is good is to attempt to bzip an mp3 and see if it shrinks much - if it does, it isn't fully entropic/compressed. But this has nothing todo with fidelity.
Isn't one of the things that puts commercial software houses off releasing for linux the amount of tech support required?
;)
Linux comes in many forms, flavours and has a following of hackers who tinker with the systems making it difficult to make a product easily installs 'out-of-the-box' and works properly. How many times have you had a tarball fail to make or config because of dependencies, missing files or version issues? Too many times for me...
Microsoft did a wonderful thing with Windows - they assimilated all PC's into the same thing enabling people to release software that has a much better chance of installing correctly on any win9x/NT/2000 machine. (But then i guess you could also argue that win users expect lots of stuff never to work and random crashes so don't bleat to tech sup so much
Also the fact that linux folks seem to *hate* commercial software under linux...
A small feature which would be greatly appreciated is the functionality of the xmms-crossfade plugin.
I recon this sounds more interestings. More info also here in a good New Scientist article that also conducted an experiment like the Turing test, but with an audience of clubbers listening to the artificial DJ.
Unfortunately I think the HP has the patents on these algorithms, but I guess it maybe possible to licence...
As you point out, it is very dependant on cell size. Smaller cells==better resolution of tracking, and indeed in central London and places of high population that require smaller cells and more infastructre to support demand resolution is better (within 50 meters [Source: Wapland.com]). In Stockholm accuracy is between 100-200 meters [Source: Also Wapland.com] as the cells are larger.
So basically, unless you are in London or perhaps New York, I don't believe the GSM network can currently deliver such accuracy, which is probably why e911 demands this.
Of course, you might work of a telco and know more than me - but this is the thoughts I have formed from the media I read.
Traffic analysis: You sit at some point on the internet, like a router, and watch all the packets go past.
You just notice where packets are to and from (this cannot be encrypted) and when they are sent. The only problem is getting your probes into a suitable point on the internet where you can see the packets going past - likely you want to sit on a major router or ISP peering point.
Using their own routers wouldn't work either I'm afraid. Basically the strength of the internet is it's ability to route packets around congestion and outages (the famous nuclear attack scenario). Attempting to limit the packets you only your own network means you are weaker than using the internet (and indeed, setting up routing such that packets do not leak out would be hard).
As someone points out, setting up their own routers is akin to making a new network...
>Why not just encrypt across internet2 or something?
Encryption is still subject to traffic analysis (i.e. monitoring when data moves and where it is going to/from).
Also it may be vunerable to DoS attacks if going across a public network.
> i really don't understand why everyone is crying pearl harbor about everything anyway...
Me neither - I though it was just a knee jerk reaction, but it seems to be persisting.
Folks might like to look at http://www.fcc.gov/e911/ to see why this is being done.
Basically, this US mandate requires among other things, that mobile phone handsets that are capable of reporting location must be on sale by 1 October 2001, and that 100% of mobile phones sold after 31 December 2002 must include such capabilities.
Required accuracy of location reporting will initially be to within 50 meters for 67% of calls and within 150 meters for 95% of calls.
Of course, there are many other benefits too - but also many worries I guess.
Taken from the "Into to Crypto" PDF that accompanies PGP:
"Given all of today's computing power and available time--even a billion computers doing a billion checks a second--it is not possible to decipher the result of strong cryptography before the end of the universe."
I'd assume that if this guy was bothering to use PGP, or encryption of any sort, then he would also be the type of guy that used the largest key length that he could .
I don't think that it can be cracked unless the US have a secret quantum computer somewhere; remember that for each extra bit on the key length, you double the number of possible key combinations - 2^2048 is a BIG number, 2^2049 is a VERY BIG number!!!
Don't believe the propaganda...
Isn't it possible to get an old pentium box (get a HP vectra or something since I think they can take a lot of RAM), stuff it full of ram and then make a massive ramdisk.
Then just setup an NFS server and big UPS. You might like to use gigabit ethernet too.
You may also like to write a little prog to copy all data to disk every once in a while, something along the lines of a crontab with 'cp -r' should do the trick, and the same again for when the UPS signals.
Could do this in a day, although you would do well to top a few gb and NFS might diminish seek time, but boy of boy it would be cool!
> just pulled all of its software out of the EU, flipping them the bird and leaving them to
> scramble for dry ground
I think that the EU constitutes such a large market that it would be a major portion of MS revenus to lose; I doubt they would want that.
Also, there are many alternatives to MS products, and it would surely just fuel the market for the alternatives. In fact, if MS did pull out of the EU it might give competition products the market space needed to pose a really threat to MS products....
The US is not the centre of the world, and you need to appreciate this.
Seems like a reverse approach to what people believed in the past; that the universe was dictated by some huge equation that one day would be found and understood (turns out that chaos theory means it is impossible to know the starting state to an accuracy where todays universe can be known).
Just this seems to be the other way around - make a formula and find the universe it creates.
> I should note I'm running 512 MB RAM and 640 MB of swap on 2 partitions, and the system barely ever goes to swap now
:(
So how can you tell if the new VM is much better if you hardly go into it?
It's only really when the system is loaded and starts to swap that you notice how good/bad it is. At the moment my system is reduced to rubble as soon as it goes into swap, but I have an early 2.2 kernel
> The trouble is, even if some court orders Microsoft to throw Real Player into the Windows
> package, it doesn't make much difference if most users can't figure out how to switch the
> default player of music files from Windows Media to Real.
I really don't think that this is possible. While most users probably don't know 'of the top of their head' how to change the config, windows does have extensive help and various guides are available (I got a manual with my copy of win98 for example) that detail how to do this.
e.g. (Win98)
Start->Help->Index
Type the word 'file' in the box and a short way down the list the topic 'file extensions' appears with sub-topic 'associating with programs'.
Also, it is easy for programs to check file associations themselves and question the user whether to change them, as we all know (Preferably with an option to disable such a feature).
Now if Microsoft removed the API calls to do this...
Sounds to me like the reporter had a bad day with this in the office and decided to moan to the world.
I don't read Slashdot for this type of news - I read CNN or BBC who do a much better job (they are pros at this) and provide more info than a pair of links to these sites.
I think people should be able to moderate the postings. This would allow me to browse at +2 and avoid this type of submission that is surely offtopic for slashdot.
Sure I can select not to view US stories, but some of them actually are interesting - just not these ones.
Why not just take new data from /dev/random? It's must have similar odds of finding life.
Surely this question is just a poor attempt to conduct some sort of market research to see if there is a market for such a compiler?
Asking whether 'Linux needs' the compiler is a dumb question - it's not about linux, its about the people that would use the compiler. Firstly, do they/be willing to use Linux, and secondly is there enough market space left around the other compiler offerings.
As for comparison with gcc, it *should* be better really if people are being paid to develop this thing, otherwise they are wasting their own time. Also, it would be easy for them to benchmark code against other compilers and aim to better it... I would hope that this product is better than gcc, otherwise there certainly isn't a market for it on linux.
"Cameras followed me as I walked from the main station to the underground, and there were cameras at each of the stations on the way to King's Cross"
As a Briton, I can say that I have never seen a camera 'follow me' as I walk around. These cameras don't follow people around - they are usually hidden in domes that prevent you from seeing which way they are facing, or are on fixed mountings.
"...surveillance is being used to keep punks out of shopping malls"
Yeah, just like having a security officer stood infront of the mall. Except it is cheaper, doesn't blink and can't fall asleep!
Jeez, I'd recon that this article is written just to keep yanks out of the UK!!! Don't belive it until you experience it for yourself.
It's good that these projects are including gesture support but I wonder if time would have been better spent designing it into some layer underneath the application? Perhaps adding X extensions for gesuture messages/events would be better?
That way, any humble developer could add the posibility of using gesture input to their app (and it would seem popular enough that people may wat to do this), and we wouldn't have duplicated work in different apps.
OTOH, this might make a race as to who can provide the best gesture engine and give us some great benefits.
Just thoughts.
I hope it does look the same. You see, I am getting bored of more eyecandy on my desktop. Pretty as it all is, and great to look at, I find my system is becoming slower and slower as more pretty pictures seem to eat away at more memory/cpu.
I would far prefer Gnome (or KDE) releases to stop adding visible features and just try to make everything go faster, using less memory and be darned more efficient. And I am sure that this is not impossible since Windoze seems to radically outperform both KDE and Gnome in responsiviness (although I have no figures for this, I rarely have to wait while my system goes to swap space for a new window to appear under M$).
One of the nice features of the browser wars was the M$ spent lots of effort making IE have a faster rendering engine.
Maybe we need a similar window manager war on *speed*, not eyecandy?