In trying to read his email and interview in the best-possible light I think that his bind-members mailing list proposal may not really be a bad thing for the internet community. We all rely on Bind and we all rely on mostly the same sources of information about vulnerabilities and vulnerability fixes (CERT, bugtraq, ISC-patches for Bind, etc).
I think what Mr. Vixie has said can be read this way:
Some vendors have ISC-derived private code. They want some support for their code from the ISC and they want to discuss fixing their closed-source Bind-derivatives in a closed forum (thus the NDA's and PGP encryption on the mailing list). The bind-members list will become that closed forum. New CERT advisories and ISC's own vulnerability discoveries will still be posted and available in open forums at the same time they are available to the closed forum. However, information that only applys to the closed forum will stay inside the closed forum.
If that "spin" is correct then the closed forum members will be subsidising the ISC's development efforts (on a regular basis) and getting privacy for their money.
I think there aught to be a parallel open forum for the free software Bind derivatives and distributions for posting bug discoveries and bug-fixes.
While Vixie's proposal is not strictly a bad thing we won't know if the closed forum is sticking to their stated mission. I think the real solution is to start development in the spirit of Mr. DeRaadt's comment: re-develop bind into task-oriented, well defined subcomponents. Large "hub" nameservers and root servers will use more components than small local nameservers and caching-only nameservers will use fewer still.
The development of this new nameserver daemon should be under a Free software liscense (GPL(!!)).
A friend of mine has a sony dvd player that was only able to read two brands of CDR discs. We tried A LOT of brands. I forgot what the other brand was (it had a very shiny gold color) but the one that we use which consistently workes is PNY. Maybe it is just a fluke but that's the only (reasonably priced) brand of CDR that works with his Sony. I am not sure if his player was supposed to support CDRs or not but even the super-expensive Sony-made CDRs did not work in his machine. I have heard several other people tell me that PNY works best for them in various CD or DVD/VCD players. Two months ago I ordered a 50-pack of 80-minute PNY CDRs on the web for ~$40. But last week I found Best Buy running a special where they sold for $15 / 50 (!!) plus a $15 rebate if you buy two packs. I hope they aren't switching to a cheaper dye or discontinuing the product. Anyhow that's just my experience. What brands do you all stick to?
Your arguement ivolving the murderous youth is invalid.
You state that some people claim that it is an ISP's fault if someone uses the ISP's weakness to attack another node. From the social perspective an ISP is a single node on the network.
You equate the ISP with society in general in the case of the murderous youth. The society allows the youth to become murderous. A more proper comparison to that situation would be that the network infrastructure as a whole allows for a single node to become malicious. This is true and it is acceptable. To reiterate: the ISP is not the entire network it is a node; The ISP cannot be compared to an entire society but only to a member of society that has not monitored his resourses and has allowed them to be used by another member with malcious intent. Therefore the ISP may be like the owner of a weapon that has left it lying in his open garage for a theif to steal and use to mug an old lady.
It is true that a the culture of a society is the sum of the attitudes and actions of all of it's members just as a network is the sum of all the modes and instaces of connection (including malicious) of the nodes on it.
Societies create govenments to police themselves and relinquish some rights of the members to their government. The society that is the internet (yes the internet is it's own society!)is not yet mature. To mature it must form a govenment that is responsive to and responible for the internet. It is not necessary that this govenement be seperate from the entities of existing governments but I suspect that it aught to be if it is to be effective and relatively free from corruption by the non-internet societies. The internet should be policed by it's own government which it's members choose to form and which is probably relatively autonomous from existing "non-virtual" societies.
The odds are 1 in 250 that one of the 60-odd satellites will hit SOMEONE. This does not mean that YOU have a 1 in 250 chance of being hit. This means that there is a 1 in 250 chance that a falling satellite will hit 1 of ~7 billion people on earth. The odds that one will hit YOU are 1 in 250*7x10^12 or... 1 in 1.75 trillion. Yes, that's right. There is a one in one trillion chance that Motorla will kill you with a piece of falling phone equiment. Get over it.
Slashdot Mirror
Mr. Vixie has been a little vague.
In trying to read his email and interview in the best-possible light I think that his bind-members mailing list proposal may not really be a bad thing for the internet community. We all rely on Bind and we all rely on mostly the same sources of information about vulnerabilities and vulnerability fixes (CERT, bugtraq, ISC-patches for Bind, etc).
I think what Mr. Vixie has said can be read this way:
Some vendors have ISC-derived private code. They want some support for their code from the ISC and they want to discuss fixing their closed-source Bind-derivatives in a closed forum (thus the NDA's and PGP encryption on the mailing list). The bind-members list will become that closed forum. New CERT advisories and ISC's own vulnerability discoveries will still be posted and available in open forums at the same time they are available to the closed forum. However, information that only applys to the closed forum will stay inside the closed forum.
If that "spin" is correct then the closed forum members will be subsidising the ISC's development efforts (on a regular basis) and getting privacy for their money.
I think there aught to be a parallel open forum for the free software Bind derivatives and distributions for posting bug discoveries and bug-fixes.
While Vixie's proposal is not strictly a bad thing we won't know if the closed forum is sticking to their stated mission. I think the real solution is to start development in the spirit of Mr. DeRaadt's comment: re-develop bind into task-oriented, well defined subcomponents. Large "hub" nameservers and root servers will use more components than small local nameservers and caching-only nameservers will use fewer still.
The development of this new nameserver daemon should be under a Free software liscense (GPL(!!)).
Then again, I could be wrong....
A friend of mine has a sony dvd player that was only able to read two brands of CDR discs. We tried A LOT of brands. I forgot what the other brand was (it had a very shiny gold color) but the one that we use which consistently workes is PNY. Maybe it is just a fluke but that's the only (reasonably priced) brand of CDR that works with his Sony. I am not sure if his player was supposed to support CDRs or not but even the super-expensive Sony-made CDRs did not work in his machine. I have heard several other people tell me that PNY works best for them in various CD or DVD/VCD players. Two months ago I ordered a 50-pack of 80-minute PNY CDRs on the web for ~$40. But last week I found Best Buy running a special where they sold for $15 / 50 (!!) plus a $15 rebate if you buy two packs. I hope they aren't switching to a cheaper dye or discontinuing the product. Anyhow that's just my experience. What brands do you all stick to?
-rob@NOellisbrosSPAMcom
Your arguement ivolving the murderous youth is invalid.
You state that some people claim that it is an ISP's fault if someone uses the ISP's weakness to attack another node. From the social perspective an ISP is a single node on the network.
You equate the ISP with society in general in the case of the murderous youth. The society allows the youth to become murderous. A more proper comparison to that situation would be that the network infrastructure as a whole allows for a single node to become malicious. This is true and it is acceptable. To reiterate: the ISP is not the entire network it is a node; The ISP cannot be compared to an entire society but only to a member of society that has not monitored his resourses and has allowed them to be used by another member with malcious intent. Therefore the ISP may be like the owner of a weapon that has left it lying in his open garage for a theif to steal and use to mug an old lady.
It is true that a the culture of a society is the sum of the attitudes and actions of all of it's members just as a network is the sum of all the modes and instaces of connection (including malicious) of the nodes on it.
Societies create govenments to police themselves and relinquish some rights of the members to their government. The society that is the internet (yes the internet is it's own society!)is not yet mature. To mature it must form a govenment that is responsive to and responible for the internet. It is not necessary that this govenement be seperate from the entities of existing governments but I suspect that it aught to be if it is to be effective and relatively free from corruption by the non-internet societies. The internet should be policed by it's own government which it's members choose to form and which is probably relatively autonomous from existing "non-virtual" societies.
What do you think?
The odds are 1 in 250 that one of the 60-odd satellites will hit SOMEONE. This does not mean that YOU have a 1 in 250 chance of being hit. This means that there is a 1 in 250 chance that a falling satellite will hit 1 of ~7 billion people on earth. The odds that one will hit YOU are 1 in 250*7x10^12 or ... 1 in 1.75 trillion. Yes, that's right. There is a one in one trillion chance that Motorla will kill you with a piece of falling phone equiment. Get over it.
Our Operating Systems I Class uses linux (embedded) on little bitty compaq skiff boards. Take a look at the Spring 2000 class page!