Ok, they do run some of the servers, and I agree that running the root servers is non-trivial, but is it really a billion dollars worth of non-triviality?
The Internet is NOT designed to have two different owners of a DNS zone.
That may be, but it's completely irrelevant.
The internet isn't designed to use IPv6 yet, it doesn't follow that IPv6 will destabilize the internet. My point is that neither side is addressing the issue of why name collision is so bad. Sure, it's different, but so what? (Note, I'm not saying that it isn't important, just that both sides seem to take it as a given that it would be disastrous.) ICANN seems to think that anyone who makes a TLD without their permission is evil, and Higgs claims ICANN are the bad guys, but neither questions the (un)viability of conflicted zones.
If uniqueness is so important, why allow names to be re-used? Shouldn't there at least be a "cooling off" period during which no one can have it?
If what people really want is a yellow pages lookup system then what they should look at is CNRP
If what people really want is a unique domain registration system, then second level domains should only be assigned to entities with an AS number.
Re:Great moderation, guys!
on
IETF vs. ICANN
·
· Score: 1
Some idiot posts complaining about moderation, and someone goes along with him and mods it down.
Just because a point is addressed in the linked to papers, doesn't mean highlighting the issues isn't relavent.
So where exactly in those linked to papers which I supposedly haven't read does it discuss the issue of why charging over $10,000,000 per root server is necessary for stability? Or describes why the "public" is best served by keeping the accounting a secret?
Do you have an email address? Do you give it out to other people and expect that they can send mail to that address and it will get to you? Thank centralized namespace authority.
Have you ever tried to fix a problem in the DNS, when one of the "authorities" disagrees with another?
Ever have the TTL on your domain set to 20 years?
Ever have an orginization take your domain name by threat of legal action, and then impersonate you?
Thank centralized namespace authority.
Ever send email to the wrong person?
Did the internet become destabolized when it happened?
Re:RFC's?! We don't need no stinking RFC's!!
on
IETF vs. ICANN
·
· Score: 1
...there has to be somebody to avoid conflicts...
First, I don't accept that conflicts "must" be avoided at all costs.
Second, if you really want to avoid conflicts, then pick names that are unlikely to be problems;
slashdot.org.icann.
Domain name registration doesn't need to be unique anymore than human names do.
Re:Stealing from Internic
on
IETF vs. ICANN
·
· Score: 1
So they are basicly saying that microsoft owns all domains with the word microsoft in it without having to pay for it.
No, it's the court that says Microsoft owns everything with the word "Microsoft" in it - as an extension of trademark law.
What "they" say that no one owns a domain unless you pay them.
For all the hype surrounding domain names,
they really aren't anything more or less than a nickname. A simple, easy to remember word or phrase (nickname) is associated with a hard to remember IP address.
The idea that we need a central authority to dictate nicknames is ludicrous. The idea that if nicknames collide, the internet is "destabolized" is equally silly. If more than one agency want to run a nickname listing service, then fine.
If that means that when I type in "sex.com" into a browser, I go to 64.28.67.150 and when you type it in, you go to 209.81.7.23 so what? It's my choice which listing service I use.
There are over 40 million registered top level domains. NSI gets anywhere from $6-$35 per year for each one. That's $240,000,000 to $1,400,000,000 dollars anually, and they don't even maintain the servers. If this is a public trust, then I'd like to see a public audit of the books.
Just because there are shades of gray, it
doesn't mean we can't tell black from white.
In the modern world, there is no need to "give" private information away. If I want to be informed about movie tickets, I can program my agent to look for them, and keep me informed. If I'm worried about being in a car accident, I can give authorization to access my medical records to a trusted third party (probably my doctor) who can access the situation
if I'm not able to for some reason.
I think I would care less about companies collecting information about me if they didn't try to sell it.
Imagine the protests if a proposed law required companies to give a copy of that information to anyone who asked for it without restrictions, for free.
And, soon, Microsoft might not have a breakup order hanging over its head. The D.C. Circuit Court of Appeals is expected to rule any day now on the company's appeal.
Maybe I'm just being a tad conservative, but before I accept that Microsoft is doing well, I'd like to actually hear the appeal court's decision.
DNS is little more than a glorified phone directory. But it does do two important things:
It offers a more persistant way to reach a particular computer, and
It creates easy to remember labels for a particular computer.
An all numeric system would solve the first problem, but doesn't help at all with the second.
(minor quibble: 1.2.3.4 is a valid IP address, so it can't also be a domain name without confusion.)
There's also the problem of hijacking domains. Hijacking is a problem with the current domain system too, but it doesn't have to be with an all numeric system. People could use RSA keys as "names," which would serve as proof that that domain is owned by the server(s) it points too, and could eliminate those pesky "secure digital certificates" too.
To solve the second problem, we have to have some sort of listing service. I think SMOOSH or something like it is the answer, but there are many other possibilities.
So Real Soon Now, I can get an incompatible 20 gig drive, that is almost as fast, nearly as small and more expensive than the one
Archos has been selling for months? Why, I only have to buy three disks at $200 a pop, and
I'm saving money!
3.3 Analysis limitations
There are three assumptions that underly our analysis:
* Address uniformity: attackers spoof source addresses at random.
This seems to me to be a currently acceptable assumption IF the attacks are of an unsophisticated/sophomoric nature; however, if the attackers are attempting to cause maximum utilization of the target network's resources, the attackers most likely will not use a randomly distributed source address. In fact, the optimal employment of spoofed addresses will likely be some subset of the addresses employed by the target's network.
Most networks have a single route to the rest of the internet. directing traffic through this router is a lot more likely to cause problems than packets that are handled within the network.
A limitation that makes more sense is "valid" ip addresses only. And it's simple to do - just pick a class A like 198.* that way you eliminate 10.* and 255.* which are might be filtered before they reach the main router. Since most IP's are valid (in that they get routed somewhere) this only makes a tiny difference in attack performance, but hey - every little bit hurts.
The statements above do not necessarily reflect the authors opinion.
Foo - One could do the same thing without all the expensive hardware (it would probably work better too, fewer timing problems to contend with) It's nothing more than an encryption layer added to IP addressing. You'll still need encryption on the packets themselves (unless you don't mind people being able to read everything you write) and a man in the middle attack wouldn't even notice that encryption was happening. Plus they've added an extra point of failure, and you have to trust the party that builds the cards.
There's so much misinformation about IPv6 in the replies I felt like commenting.
(It's probably to late to do any good for slashdot,
but at least I'll feel better for having done it.)
IPv6 uses 128 bit (16 byte) addressing.
The minimum allocation is still 1 address of course.
The minimum network allocation is a/64.
that's 2^64 addresses, or 281474976710656 class B address blocks. In theory, no ISP should ever have less, but clearly there's a market segment that has been ignored - ISP customers, and it will be serviced. I'm guessing that most home networks will get a/96 (4 billion address) but that's just a guess. Every ISP is probably going to do it differently.
IPv6 packets have a standard for encryption, which arguably means they will be easier to encrypt than IPv4 packets, but they aren't all encrypted by default. Also, encrypted IPv6 packets can encrypt the source address, making traffic analysis more difficult. However, packets encrypted using the standard encryption are easy to identify as encrypted packets. This would make traffic analysis of encrypted traffic easier.
Although technically no one owns IPv6 address space, it's extremely unlikely that anyone will ever be asked to return address space
until we are close to running out. According to the IPv6 specs., renumbering should be a simple task, and it also shouldn't be necessary. I'm not sure I believe either of those statements, but that is what is claimed. The real reason for this clause is to remind ISPs to tell their customers that they can't take their address space with them when they switch ISPs.
(I do think it's reasonable to assume this could happen again if it wasn't prevented.)
Some Windows IPv6 support already exists.
(I'm using it right now.) the website
hs247.com/ has a lot of information, go slashdot them.;)
FreeBSD and Linux already support IPv6. There are bugs, but then there are bugs in IPv4 too.
Apparently only 1% of the web is indexed and 99% is not!
Apparently, some people will believe anything they read. The majority of the un-indexed web is that way because it blocks search engines. Less than 10% do so.
Is it just me, or does anyone else think it's strange that out of the hundreds of Wintel mouse/keyboard combinations on the market, none of them combine the keyboard and mouse data into a single stream? Is it really that hard to embed mouse movement into the keyboard serial port?
Is competing specifications really what is destroying momentum of writeable DVD technology into end user systems?
Nope. It's the low cost of DVD-R, and DVD-RW that is killing DVD-RAM. Why buy something that won't even fit in your dvd player when for the same price you can by something that will?
The gist seems like the same old crap to me
on
Mundie Responds
·
· Score: 1
Mundie is once again touting the same lies.
Seems he thinks if he repeats them often enough, they
will some how become true:
He's also added a few sound bytes to punctuate his rhetoric, i.e.
What is at issue with the GPL? In a nutshell,
it debases the currency of the ideas and labor that transform
great ideas into great products.
Microsoft might complain that GPL is bad for business, but the
truth is, it's not bad for legal business practices at all.
Now, the illegal practices that Microsoft follows, such as
the abuse of Monopoly Power they were recently found guilty of
might suffer, but this is something we should applaud, not condemn,
Response sound byte:
GPL lets creators decide how their creations will be used. That's not debasement, it's freedom.
Why are we listening to a convicted monopolist's view of intelectual property anyway?
No, I think a dialog is exactly what they are hoping for. As long as people are discussing the issue, the government won't support open source, and especially not GPL which is what had already happened. It's like when big tobacco asks for a dialog on whether smoking causes cancer - they don't hope to win the debate, they just hope to stretch it out as long as possible.
Advertising (push media) does something that indexing (pull media) can't. It informs people of products or services that they didn't even know to ask about. Without push media, our lives would be a poorer. I hate spam as much as the next guy, but I never would have looked for cans of Whoop Ass if I hadn't seen the banner ad on/.
As much as Microsoft might like to kill the
whole idea of free software, I don't think that's really their goal.
They are trying like hell to prevent the government from sanctioning GPL,
or worse (from their viewpoint) requiring that projects paid for by
the government be GPLed. But in order to get to the "no support from
government" position, they're starting from a more extreme position so
they have room to be "trimmed down"
to just not having government support for free software.
Frankly, I don't care why MS is going after the GPL, it's enough
for me to know that they are. GPL is probably the best thing to
happen to Intellectual property in a long time.
(Obligatory link to article promoting open source)
If Microsoft can make enough public statements against open source
that congress feels it should not act to promote it, then we all lose.
If Microsoft is going to take extreme and unjustifiable positions,
then some of us need to take equally extreme and unjustifiable positions
on the other side. I suggest;
Because of it's abuse of Monopoly power, the government should use it's
power of eminent domain to seize Windows, and release it under a GPL.
Let's look at one of the first statements in the paper: "Most of these applications use a Relational
Database Management System (RDBMS) as their data store
while using an object oriented programming language for
development."
I claim this is false. If you want me to believe it you're
going to have to supply some data to back it up.
But ignoring that for the moment, (after all there
are some people out there trying to use OO and RDBM)
maybe it's the choice of OO as the programming language
that should be changed, not the database.
The simple fact that the paper does not even mention
this possibility makes me very skeptical of it.
It may come as a shock to you, but many of us do not
accept that encapsulation, polymorphism and inheritance
are necessarily good things, and aren't real keen on
having them forced upon us by a database system.
Having worked for a number of companies, I can say
from experience that the hardest part of the problem
isn't processing the data, but obtaining it. The key is whether
RDMS is better for the people who input the data.
These are the people who count.
A good programmer will do his job once. Data entry will continue for
many years to come. Worrying about the language,
or claiming that it's going to have a major impact on a
project is like worrying about the brand of wax your
mechanic uses for detailing. Sure, it matters, but
there are other things that are far more important.
"Quantum cryptography is the only way to ensure the absolute safety of a key."
"it has been experimentally demonstrated only over very small distances (tens of kilometers)."
"In this way, it's possible to communicate at that instant without transmitting a thing."
Slashdot Mirror
The Internet is NOT designed to have two different owners of a DNS zone.
That may be, but it's completely irrelevant. The internet isn't designed to use IPv6 yet, it doesn't follow that IPv6 will destabilize the internet. My point is that neither side is addressing the issue of why name collision is so bad. Sure, it's different, but so what? (Note, I'm not saying that it isn't important, just that both sides seem to take it as a given that it would be disastrous.) ICANN seems to think that anyone who makes a TLD without their permission is evil, and Higgs claims ICANN are the bad guys, but neither questions the (un)viability of conflicted zones.
If uniqueness is so important, why allow names to be re-used? Shouldn't there at least be a "cooling off" period during which no one can have it?
If what people really want is a yellow pages lookup system then what they should look at is CNRP
If what people really want is a unique domain registration system, then second level domains should only be assigned to entities with an AS number.
Just because a point is addressed in the linked to papers, doesn't mean highlighting the issues isn't relavent.
So where exactly in those linked to papers which I supposedly haven't read does it discuss the issue of why charging over $10,000,000 per root server is necessary for stability? Or describes why the "public" is best served by keeping the accounting a secret?
Have you ever tried to fix a problem in the DNS, when one of the "authorities" disagrees with another?
Ever have the TTL on your domain set to 20 years?
Ever have an orginization take your domain name by threat of legal action, and then impersonate you?
Thank centralized namespace authority.
Ever send email to the wrong person?
Did the internet become destabolized when it happened?
First, I don't accept that conflicts "must" be avoided at all costs.
Second, if you really want to avoid conflicts, then pick names that are unlikely to be problems; slashdot.org.icann.
Domain name registration doesn't need to be unique anymore than human names do.
No, it's the court that says Microsoft owns everything with the word "Microsoft" in it - as an extension of trademark law.
What "they" say that no one owns a domain unless you pay them.
The idea that we need a central authority to dictate nicknames is ludicrous. The idea that if nicknames collide, the internet is "destabolized" is equally silly. If more than one agency want to run a nickname listing service, then fine. If that means that when I type in "sex.com" into a browser, I go to 64.28.67.150 and when you type it in, you go to 209.81.7.23 so what? It's my choice which listing service I use.
There are over 40 million registered top level domains. NSI gets anywhere from $6-$35 per year for each one. That's $240,000,000 to $1,400,000,000 dollars anually, and they don't even maintain the servers. If this is a public trust, then I'd like to see a public audit of the books.
Just because there are shades of gray, it doesn't mean we can't tell black from white.
I think I would care less about companies collecting information about me if they didn't try to sell it.
Imagine the protests if a proposed law required companies to give a copy of that information to anyone who asked for it without restrictions, for free.
- It offers a more persistant way to reach a particular computer, and
- It creates easy to remember labels for a particular computer.
An all numeric system would solve the first problem, but doesn't help at all with the second. (minor quibble: 1.2.3.4 is a valid IP address, so it can't also be a domain name without confusion.)There's also the problem of hijacking domains. Hijacking is a problem with the current domain system too, but it doesn't have to be with an all numeric system. People could use RSA keys as "names," which would serve as proof that that domain is owned by the server(s) it points too, and could eliminate those pesky "secure digital certificates" too.
To solve the second problem, we have to have some sort of listing service. I think SMOOSH or something like it is the answer, but there are many other possibilities.
So Real Soon Now, I can get an incompatible 20 gig drive, that is almost as fast, nearly as small and more expensive than the one Archos has been selling for months? Why, I only have to buy three disks at $200 a pop, and I'm saving money!
Wow! how can anyone pass this up?
Most networks have a single route to the rest of the internet. directing traffic through this router is a lot more likely to cause problems than packets that are handled within the network.
A limitation that makes more sense is "valid" ip addresses only. And it's simple to do - just pick a class A like 198.* that way you eliminate 10.* and 255.* which are might be filtered before they reach the main router. Since most IP's are valid (in that they get routed somewhere) this only makes a tiny difference in attack performance, but hey - every little bit hurts.
The statements above do not necessarily reflect the authors opinion.
Foo - One could do the same thing without all the expensive hardware (it would probably work better too, fewer timing problems to contend with) It's nothing more than an encryption layer added to IP addressing. You'll still need encryption on the packets themselves (unless you don't mind people being able to read everything you write) and a man in the middle attack wouldn't even notice that encryption was happening. Plus they've added an extra point of failure, and you have to trust the party that builds the cards.
IPv6 uses 128 bit (16 byte) addressing.
The minimum allocation is still 1 address of course. /64.
that's 2^64 addresses, or 281474976710656 class B address blocks. In theory, no ISP should ever have less, but clearly there's a market segment that has been ignored - ISP customers, and it will be serviced. I'm guessing that most home networks will get a /96 (4 billion address) but that's just a guess. Every ISP is probably going to do it differently.
The minimum network allocation is a
IPv6 packets have a standard for encryption, which arguably means they will be easier to encrypt than IPv4 packets, but they aren't all encrypted by default. Also, encrypted IPv6 packets can encrypt the source address, making traffic analysis more difficult. However, packets encrypted using the standard encryption are easy to identify as encrypted packets. This would make traffic analysis of encrypted traffic easier.
Although technically no one owns IPv6 address space, it's extremely unlikely that anyone will ever be asked to return address space until we are close to running out. According to the IPv6 specs., renumbering should be a simple task, and it also shouldn't be necessary. I'm not sure I believe either of those statements, but that is what is claimed. The real reason for this clause is to remind ISPs to tell their customers that they can't take their address space with them when they switch ISPs. (I do think it's reasonable to assume this could happen again if it wasn't prevented.)
Some Windows IPv6 support already exists. (I'm using it right now.) the website hs247.com/ has a lot of information, go slashdot them. ;)
FreeBSD and Linux already support IPv6. There are bugs, but then there are bugs in IPv4 too.
Apparently only 1% of the web is indexed and 99% is not! Apparently, some people will believe anything they read. The majority of the un-indexed web is that way because it blocks search engines. Less than 10% do so.
Is it just me, or does anyone else think it's strange that out of the hundreds of Wintel mouse/keyboard combinations on the market, none of them combine the keyboard and mouse data into a single stream? Is it really that hard to embed mouse movement into the keyboard serial port?
Nope. It's the low cost of DVD-R, and DVD-RW that is killing DVD-RAM. Why buy something that won't even fit in your dvd player when for the same price you can by something that will?
Seems he thinks if he repeats them often enough, they will some how become true:
He's also added a few sound bytes to punctuate his rhetoric, i.e.
Microsoft might complain that GPL is bad for business, but the truth is, it's not bad for legal business practices at all. Now, the illegal practices that Microsoft follows, such as the abuse of Monopoly Power they were recently found guilty of might suffer, but this is something we should applaud, not condemn,
Response sound byte:
Why are we listening to a convicted monopolist's view of intelectual property anyway?
After all the hard work did making my own cheat drivers, now they want to release the tech. so anybody can do it?
There just aint no justice!
No, I think a dialog is exactly what they are hoping for. As long as people are discussing the issue, the government won't support open source, and especially not GPL which is what had already happened. It's like when big tobacco asks for a dialog on whether smoking causes cancer - they don't hope to win the debate, they just hope to stretch it out as long as possible.
Is there someplace where other people can add their signatures to this document?
It's not really a security hole unless you can use it to perform a denial of service attack against the company that sells the broken software.
Advertising (push media) does something that indexing (pull media) can't. It informs people of products or services that they didn't even know to ask about. Without push media, our lives would be a poorer. I hate spam as much as the next guy, but I never would have looked for cans of Whoop Ass if I hadn't seen the banner ad on /.
Frankly, I don't care why MS is going after the GPL, it's enough for me to know that they are. GPL is probably the best thing to happen to Intellectual property in a long time. (Obligatory link to article promoting open source) If Microsoft can make enough public statements against open source that congress feels it should not act to promote it, then we all lose.
If Microsoft is going to take extreme and unjustifiable positions, then some of us need to take equally extreme and unjustifiable positions on the other side. I suggest;
Because of it's abuse of Monopoly power, the government should use it's power of eminent domain to seize Windows, and release it under a GPL.
Weakness doesn't make right either.
I claim this is false.
If you want me to believe it you're going to have to supply some data to back it up.
But ignoring that for the moment, (after all there are some people out there trying to use OO and RDBM) maybe it's the choice of OO as the programming language that should be changed, not the database.
The simple fact that the paper does not even mention this possibility makes me very skeptical of it.
It may come as a shock to you, but many of us do not accept that encapsulation, polymorphism and inheritance are necessarily good things, and aren't real keen on having them forced upon us by a database system.
Having worked for a number of companies, I can say from experience that the hardest part of the problem isn't processing the data, but obtaining it.
The key is whether RDMS is better for the people who input the data.
These are the people who count.
A good programmer will do his job once. Data entry will continue for many years to come.
Worrying about the language, or claiming that it's going to have a major impact on a project is like worrying about the brand of wax your mechanic uses for detailing. Sure, it matters, but there are other things that are far more important.
"Quantum cryptography is the only way to ensure the absolute safety of a key."
"it has been experimentally demonstrated only over very small distances (tens of kilometers)."
"In this way, it's possible to communicate at that instant without transmitting a thing."