> monopolies across wide areas, and then began trying to leverage those monopolies
That's an issue, and has been ever since cities starting granting government-enforced monopolies. Take a look at the New York City cable franchise map. It's ridiculous. Which company is allowd to serve you depends on which side the street you live on.
This isn't new with packet switching either. I'm old enough to remember when long-distance calls were $1.25 / minute, under the government-enforced monopoly rate structure. Then the telcos were deregulated and the rate IMMEDIATELY dropped to 15 cents. Then within two years it was 10 cents. Rates dropped over 90% as soon as the FCC got out of the way. Now of course most people don't pay anything for long distance minutes. Why they would want to go back to the FCC regulation, with the FCC deciding $1.25/minute is fair, baffles me.
> Educating one's self is pretty much all that matters, however that occurs (incidentally, due to my experience, I probably have more tech-savvy in my little finger than most millrnnials).
Agreed. I've made my living doing internet technology since 1998. As a member of IETF, I helped develop and draft standards such as HTTP and SMTP (web and email). During those years, I put my degree on hold while I working on developing the technology of the internet. For example, I developed the first live video with sound on the web. I won't be until six months from now that I get my degree. Yet at work, when a young programmer is working with some open source software such as Apache, there's a good chance I contributed to writing the software, so you could say I'm technically literate.
> Anyone with two eyes can see exactly what is happening here. They have been trying to convince people that protecting our rights on a free and open resource is somehow 'bad' from the start.
Since the 1990s I've seen, and participated in, the web's development from a mostly text-based medium at 28Kbps to what we have today. I've queued up a few gifs to download overnight, then a few years later helped people find the optimal encoding for HD video streaming. I've participated as consumer demand took us from AOL and Prodigy to "best viewed on Internet Explorer" to the open internet we have today - sites today on expected to work across all different kinds of devices, certainly they are tied to a specific browser anymore. What a difference from when you had to choose between the content available on Compuserv, different content on AOL, or another set of content on Prodigy.
Smart techs and market forces have created something pretty amazing in a very short period of time here -remember it takes five years for the federal government to just order and install new desktop computers. Then in 2015 the FCC decided that what we'd been doing was a failure. This is the same FCC that takes a decade to update one of their software programs. We've had Title II and net neutrality for 18 months. Exactly what good did that do? Did that spur innovation better than, or even comparable to, the incredible innovation on the web under the FTC since the 1990s? I haven't seen it, so please point out for me what great benefit there was, tell me how that helped. From where I sit, the development of the internet from the 1990s to 2010s, with the FTC rather than the FCC, and without bureaucratic neutrality rules, is one of the greatest success stories of all time.
Yep, that goes both ways. If you have the documents, you can see and prove what was said. When you're right, that's a win.
The big bonus of having documents is that when you have them, most conflicts can be resolved at the "minor misunderstanding" stage, well before it becomes a law suit. Somebody says "I told you X". You reply "oh, I'm sorry, I thought you said 'not X' in your email on January 3rd. Did I misunderstand? Let's discuss changing that. I guess I misunderstood your email, copied below."
I like *nix. The corporate IT folks built stuff around Windows, and support Macs since makes do fine in their environment.
At my last two jobs, the corporation officially supported Mac, which isn't surprising because they are easier to support in a Windows-centric than Linux, FreeBSD. On a Mac you can use Microsoft Office, Active Directory, etc. So the employer will provide a Mac.
The Mac is also full-on certified UNIX. Pop open a command line and can do anything you can do on Linux. Your Perl amd ahell scripts work just the same. (Obviously system administration is a bit different).
Certainly some products don't solve the problem they are designed to address, at least not long term. Some ads arw obviously shams. Others most certainly do solve the problem. Obvious example - cars actually solve transportation needs.
Here we are talking about *feelings*. Someone wants to *feel* better. Well that's often pretty easy, at least in the short term. Just yesterday a friend was feeling fat and ugly. She bought something at Victoria's Secret which helped her feel beautiful and attractive. Just with Victoria's Secret alone witnessed that at least three different times. She's feeling unattractive, she gets something she likes from VS, then she feels attractive, then she shows me how attractive she is in the new thing she bought.
So it does solve the problem of feeling ugly and unattractive. At least short term. It can also start a longer-term chain reaction. She feels attractive in the new camisole, she shows him. He tells her she looks good, and *shows* her that she is sexy. Now she feels even more attractive. She wants more, so she does something else - maybe with whipped cream. He finds that attractive amd expresses his appreciation for her... the cycle continues.
Agreed, insurance companies are really good at analyzing and mitigating risk. Insurance companies created the fire code and Underwriters Laboratories to reduce fire risk. If you don't meet fire code and UL your insurance rates are much higher, so businesses make and buy UL approved stuff. That hints at general approaches which may work well for information security, and specifically at *enforcement* - insurance companies look at a property before they underwrite a multi-million dollar policy, and require regular inspections.
That's good as far as it goes. Insurance companies are concerned with damages they'll have to pay, though. When a company builds or markets a product that has a vulnerability, how much do they or their insurance company need to pay, and who do they need to pay? They have to pay the people who had damages as a result, and pay enough to correct the damage. That's the general law. It's very difficult to know who was hurt by a security vulnerability in an IoT device, amd how much each was hurt.
Even to the extent you can figure out who was hurt and how much damage there is, each consumer who was actually affected might be entitled to $100 - hardly worth filing suit over. Our current best answer there is class action suits. Not exactly a great answer.
> And if we did what you suggest, it would be a whole lot worse.
I'm not sure what you think I'm suggesting. What I said is in some ways the opposite of what you seem to think I said.
I said the ISP is in a position in monitor the network as a whole and respond to emerging threats, such as botnets currently active on the network or scanning the network. I said the ISP can reasonably have people in the SOC actually responding in real-time as exploits are released and threats become real. That's pretty much the opposite of "block port 80 for everybody". In fact, port-based blocking is what you get with consumer routers, with each customer doing there own. That's quite 1990s. Modern security is more about analyzing trends in flows.
To address your example, sure some vendors will point out a open tftp as a potential exposure- open tftp is also how the bad guys can get the config off those switches and routers. Which is why you "just got an email a few days ago from our infosec guys." There was something that looked like it might be a risk, so he checked it out. Good job InfoSec guy. Findings can generally be categorized into four groups:
1) Appears normal / safe 2) Potential vulnerability (open telnet, tftp) 3) Probably an attack (nigerian prince w/ Word document) 4) Known attack
The other axis is the damage scale, but let's stick with this axis for now. It would be reasonable, I think, to notify you of vulnerabilities (hey, you have telnet open), block known attacks (somebody trying hundreds of passwords against the telnet) and apply some more sophisticated analysis to group 3, probable attacks. Are they coming from known-bad IP addresses? What's the scale? What level of damage is likely?
Both "non-technical people" amd "home networks" combined make that a tough one. A business full of non-technical people, or just people who don't specialize in security, can use a "experts included" solutions from companies like Alert Logic, but that's probably not reasonable for a home network.
A typical home network can be made noticeably more secure from these kinds of attacks by simply turning off UPnP on the router, though. Without UPnP, by default devices on the network can't be accessed from outside, from the internet. The standard router configuration using overloaded NAT (aka PAT) has the side effect of acting like a strict firewall. It's not an enterprise-grade firewall, just a simple packet filter, but it does prevent incoming connections / attacks, except for any port-forwards that are manually configured.
Other than disabling UPnP, the other main thing I can think of is keeping software and firmware up to date, at least for security patches. Devices running old versions are the low-hanging fruit for bad guys. The new software might have new security holes that nobody knows about, but the old version definitely has security holes that everybody knows about, and the bad guy and just run a script to automatically exploit those vulnerabilities.
Sorry I don't have better answers right now. The lack of good answers is why Australia is looking at having the ISP take care of some protection. The ISP can see trends across the whole network, and more importantly they can spend a few thousand dollars per month to contract with companies like Cisco TALOS and Alert Logic to deploy and monitor sophisticated, modern security systems. Yeah that brings up privacy issues, so there is no great solution that I can see.
Certainly there are privacy issues to be discussed, and there are many questions that can be asked about what exactly should be done and how it should be done. The concept does work quite well. Especially related to botnets.
This is standard procedure in the enterprise. Its 2017, not 1997, and we're far beyond "update your AV and pretend your safe". In enterprises that care at all about security, professionals, preferably security professionals in the SOC, but at least network professionals, use professional tools such as Cisco ASAs with Firepower to monitor incoming and outgoing traffic in a much more sophisticated and effective way than even a technical user would monitor their own workstation, much less some random clerk or manager. Where I work, the SOC is staffed 24/7 by career security professionals using $100,000+ toolsets. "Every user can update their AV", and "remind people not to open Office documents with macros" doesn't quite compete.
Certainly an ISP could monitor and null route or otherwise filter current verified malware sources and that sort of thing. They could easily prevent the spread of many botnet malware strains by not allowing the attacks to come out of their network, or through it.
So yeah it' much more than a "power grab". It's a solid idea that needs to be balanced against privacy concerns in how it is implemented.
> Paper books sometimes get discounts that make them cheaper than ebooks. Why would anyone pay more for bits?
I do a lot of studying 5-15 minutes at a time. I study a few pages in the bathroom, a few pages while waiting in line, etc. Dead tree books are rather inconvenient to keep in my pocket, so I prefer digital for studying.
For reference books paper can be good because it doesn't dissapear easily, but even for reference digital is searchable.
Hash the password AND block number through a key-stretching routine to get the encryption key. It is important to avoid using the same key for all blocks. If different blocks are XORed with the same key, I can still see your penguin: https://blog.filippo.io/the-ec...
Compression before encryption often results in a padding oracle or other problems. If you're designing a system that is supposed to be secure, avoid compression until you fully understand the issues. Avoid compressing and encrypting chosen plaintext at all - you'll never be sure you understand all of the issues with that.
> Texans have a problem believing too many lies, as usual.
The various ISPs I can order service from are lies, they don't actually exist? That's weird since I'm using the service to post this message.
Apparently *one of us* was lied to.
I work from home, so reliable service is important to me. For that reason I asked around to see which ISP is best in this area. Fellow customers didn't steer me wrong - I've not had any down time so far, nor have I had any billing issue.
On the coasts, many areas are still under legacy (and even new) franchise agreements. The New York City franchise map is a good example that is readily available - provider A is allowed to operate on one side of the street, on the other side only provider B can offer service. Customers get whichever ISP is assigned to their area by the bureaucrats (who get donations from the ISPs). The ISPs are free to suck, because there's no competition.
There was some hoopla around here a couple of years ago with people saying "franchise monopolies are now illegal". Not quite. The rule from the Obama administration was "before issuing a *new* franchise monopoly, a city must hold a meeting."
In many parts of Texas, we don't have the franchise (mandated monopoly) system. Instead, new providers are allowed to enter an area and offer better service. These are called "overbuilders" because they build new infrastructure, using modern technology, right on top of the incumbent's legacy network. Many provide "cable" TV and internet.
The last 10 years or so have been a very important time for overbuilders because previously, the incumbent had a huge advantage in that they already had the infrastructure in place. It's major expense for an overbuilder to replicate all the wiring that the legacy provider already has. The incumbent doesn't have that current cost. In some areas, the phone company was providing DSL service using wiring they laid 60 years ago.
Now that we're going to high-speed fiber, the incumbent no longer has the same advantage. Their decades-old copper infrastructure isn't an overwhelming advantage any more. Overbuilders come in and lay fiber, often with short lengths of high-quality, high-capacity coax for the last few hundred feet. In some parts of Austin there are four to six providers to choose from. Even in some very small towns there are two cable TV companies, competing to have the best, most reliable, and fastest network. If they one doesn't do a good job, customers don't choose them, and the company doesn't make money. Companies like to make money, of course, so they don't suck, not to the extent that they suck in guaranteed monopoly areas (government franchises). The lead engineer for my city of 150,000 gave me his cell phone number, telling me to call him directly if I have any problems and customer service doesn't take care of it properly.
> list of reasons to move to Texas will gain another entry.
We'd love to have you! Please bring that list with you. A lot of Californians move out here and I ask why they came. They came, perhaps, because we have good jobs and a low cost of living. A programmer II can afford a 2,600 square foot house here. Within a week they start telling me about things we should change in Texas, to be more like California. We should have California-style policies, they say, and they don't hear me when I point out those policies drive up costs and increase unemployment. Not that they are necessarily BAD policies. Maybe the benefits outweigh the costs, in some people's opinion. Fine. But if you want to do things the California way, and get the results California gets, it's easy to just stay in California. No need to come to Texas and try to turn it into California.
> > Also of course high frequency waves have high energy > What?
E=hn where E is energy in joules, n is frequency in hertz, and h is Planck's constant. In other words, energy is *directly proportional* to frequency.
Its quite intuitive when you think of a sound wave, rather than electromagnetic, especially a sound wave in water. Imagine a sound wave which moves 1 gram of water. Moving 1 gram of water 10 times in a second (10 hertz) represents a lot less energy than moving the water 1,000 times in that same second.
This is one of several reasons that lower frequencies are preferred for long-distance communication. Because it takes less energy to get the same amplitude (particle count) at low frequencies, they are more efficient. Atmospheric attenuation is the biggest reason).
A very large mesh network *used* to be possible. Not so much anymore.
> There is nothing in the rules of mathematics or laws of physics that prevents such a system.
In fact there the laws of physics DO put some serious limitations on it, especially a true mesh network. In a nutshell, the frequencies that carry over distance and through walls have limited bandwidth, which must be shared by *everyone* who wants to use any kind of wireless communication. Frequencies above 10 Ghz have a lot of bandwidth, but don't go through drywall. Also of course high frequency waves have high energy - think microwave oven.
Mesh networks are horribly inefficient in how they use the limited bandwidth available in desirable frequency bands. You can do much, much better if you have local transmitters around 1 Ghz communicating with local towers which form a backbone connected via high power dishes, or better yet fiber optics. There is a lot more usable bandwidth to go around using the backbone topology rather than wasting most of the bandwidth by using a mesh. That brings up the issue of who owns and controls the backbones.
Given the physics of it all, back in 1990 you could have built a mesh network to replace the wired connections of the day - 48Kbps max bandwidth, with each person using it an hour or two per day, on average. On a new network built today, you'd want 100,000 to 10,000,000 Kbps, with each person using it ten hours per day. So roughly 40,000 times as much total bandwidth. Not going to happen. Not with the physics we know in this century.
There *is* a way we can 40,000 times as much bandwidth as we had in the the 1990s, though. We actually have such a system working in much of Texas. It involves setting the greedy corporate ISPs up in a situation where to make money, they have to compete with other greedy corporate ISPs. Customers choose the best one, so an ISP can't make money if they suck. It's not a perfect system, but it beats the hell out of what I hear people on the coasts complaining about - a single monopoly ISP protected by a government franchise, an ISP that sucks but they don't care because nobody is allowed to offer competing service.
> Aren't there laws that require companies to protect customer data?
Yes, and there are laws requiring everyone to drive under 65 MPH. It seems that making a law doesn't actually mean people will do anything differently.
Unlike most protocols, rsync has a built-in checksum, actually many, many checksums, so it's much more reliable than just about any other protocol. It checksums every few kilobytes.
We backup many terabytes every day and we periodically verify the backups with Sha-2 hashes. I've never found corruption due to rsync. On the other hand, rsync *is* very flexible and there are many options. It's certainly possible to use a set of options that doesn't give you what you want.
Also, if you're backing up live systems, especially databases, using any method, you have to take care that the data doesn't change while your backing it up. That applies to any method of backup. For mysql, see man mysqldump, then back up the dumped files.
Using ssh transport instead of the native rsync protocol, which is unencrypted, is the *right* way to do remote rsync with sensitive data. Much like tunneling http over tls is the right way to do http for sensitive data.
You can also do the rsync network protocol bare, using a rsync:// url. That's the wrong way for sensitive data, and the way this developer chose to do it.
It's not at all clear to me what the author is asking Berners-Lee and W3C to do. The issue he brings up is a concern with a particular law. W3C doesn't write the law. Html EME defines a technical interface for "if you want a browser to use an encryption module, here's the code to declare that". It doesn't, and can't, effect any law in any way I can see.
It may be worth noting that depends on the nature of the work, whether the claimed "personal project" is the type or work the employee was hired to do.
Suppose a person is hired to write technical training manuals. The training manuals they write typically belong to the employer, absent an agreement to the contrary. If the same technical writer builds a ship in a bottle, that work would belong to the employee, again assuming no agreement to the contrary.
Of course varying circumstances can affect things too. If an employer directs their employee, as writer, to build a ship in a bottle on company time, on company premises, using company materials, for use at a company event, that ship probably belongs to the company.
1 watt wouldn't work very well to charge a smart phone with a 3,000 mah battery. On the other hand, a Bluetooth headphone will have a battery of around 100mah. In use, a Bluetooth headphone will use maybe 150mw or so. Idle, much less than that. So a constant charge of 1 watt, or even 100mw, would be sufficient to keep a Bluetooth headphone charged.
Do Apple customers have any use for Bluetooth headphones these days?:)
Slashdot Mirror
> monopolies across wide areas, and then began trying to leverage those monopolies
That's an issue, and has been ever since cities starting granting government-enforced monopolies. Take a look at the New York City cable franchise map. It's ridiculous. Which company is allowd to serve you depends on which side the street you live on.
This isn't new with packet switching either. I'm old enough to remember when long-distance calls were $1.25 / minute, under the government-enforced monopoly rate structure. Then the telcos were deregulated and the rate IMMEDIATELY dropped to 15 cents. Then within two years it was 10 cents. Rates dropped over 90% as soon as the FCC got out of the way. Now of course most people don't pay anything for long distance minutes. Why they would want to go back to the FCC regulation, with the FCC deciding $1.25/minute is fair, baffles me.
> Educating one's self is pretty much all that matters, however that occurs (incidentally, due to my experience, I probably have more tech-savvy in my little finger than most millrnnials).
Agreed. I've made my living doing internet technology since 1998. As a member of IETF, I helped develop and draft standards such as HTTP and SMTP (web and email). During those years, I put my degree on hold while I working on developing the technology of the internet. For example, I developed the first live video with sound on the web. I won't be until six months from now that I get my degree. Yet at work, when a young programmer is working with some open source software such as Apache, there's a good chance I contributed to writing the software, so you could say I'm technically literate.
> Anyone with two eyes can see exactly what is happening here. They have been trying to convince people that protecting our rights on a free and open resource is somehow 'bad' from the start.
Since the 1990s I've seen, and participated in, the web's development from a mostly text-based medium at 28Kbps to what we have today. I've queued up a few gifs to download overnight, then a few years later helped people find the optimal encoding for HD video streaming. I've participated as consumer demand took us from AOL and Prodigy to "best viewed on Internet Explorer" to the open internet we have today - sites today on expected to work across all different kinds of devices, certainly they are tied to a specific browser anymore. What a difference from when you had to choose between the content available on Compuserv, different content on AOL, or another set of content on Prodigy.
Smart techs and market forces have created something pretty amazing in a very short period of time here -remember it takes five years for the federal government to just order and install new desktop computers. Then in 2015 the FCC decided that what we'd been doing was a failure. This is the same FCC that takes a decade to update one of their software programs. We've had Title II and net neutrality for 18 months. Exactly what good did that do? Did that spur innovation better than, or even comparable to, the incredible innovation on the web under the FTC since the 1990s? I haven't seen it, so please point out for me what great benefit there was, tell me how that helped. From where I sit, the development of the internet from the 1990s to 2010s, with the FTC rather than the FCC, and without bureaucratic neutrality rules, is one of the greatest success stories of all time.
Yep, that goes both ways. If you have the documents, you can see and prove what was said. When you're right, that's a win.
The big bonus of having documents is that when you have them, most conflicts can be resolved at the "minor misunderstanding" stage, well before it becomes a law suit. Somebody says "I told you X". You reply "oh, I'm sorry, I thought you said 'not X' in your email on January 3rd. Did I misunderstand? Let's discuss changing that. I guess I misunderstood your email, copied below."
I like *nix. The corporate IT folks built stuff around Windows, and support Macs since makes do fine in their environment.
At my last two jobs, the corporation officially supported Mac, which isn't surprising because they are easier to support in a Windows-centric than Linux, FreeBSD. On a Mac you can use Microsoft Office, Active Directory, etc. So the employer will provide a Mac.
The Mac is also full-on certified UNIX. Pop open a command line and can do anything you can do on Linux. Your Perl amd ahell scripts work just the same. (Obviously system administration is a bit different).
Certainly some products don't solve the problem they are designed to address, at least not long term. Some ads arw obviously shams. Others most certainly do solve the problem. Obvious example - cars actually solve transportation needs.
Here we are talking about *feelings*. Someone wants to *feel* better. Well that's often pretty easy, at least in the short term. Just yesterday a friend was feeling fat and ugly. She bought something at Victoria's Secret which helped her feel beautiful and attractive. Just with Victoria's Secret alone witnessed that at least three different times. She's feeling unattractive, she gets something she likes from VS, then she feels attractive, then she shows me how attractive she is in the new thing she bought.
So it does solve the problem of feeling ugly and unattractive. At least short term. It can also start a longer-term chain reaction. She feels attractive in the new camisole, she shows him. He tells her she looks good, and *shows* her that she is sexy. Now she feels even more attractive. She wants more, so she does something else - maybe with whipped cream. He finds that attractive amd expresses his appreciation for her ... the cycle continues.
And then there are of course the scams too.
Agreed, insurance companies are really good at analyzing and mitigating risk. Insurance companies created the fire code and Underwriters Laboratories to reduce fire risk. If you don't meet fire code and UL your insurance rates are much higher, so businesses make and buy UL approved stuff. That hints at general approaches which may work well for information security, and specifically at *enforcement* - insurance companies look at a property before they underwrite a multi-million dollar policy, and require regular inspections.
That's good as far as it goes. Insurance companies are concerned with damages they'll have to pay, though. When a company builds or markets a product that has a vulnerability, how much do they or their insurance company need to pay, and who do they need to pay? They have to pay the people who had damages as a result, and pay enough to correct the damage. That's the general law. It's very difficult to know who was hurt by a security vulnerability in an IoT device, amd how much each was hurt.
Even to the extent you can figure out who was hurt and how much damage there is, each consumer who was actually affected might be entitled to $100 - hardly worth filing suit over. Our current best answer there is class action suits. Not exactly a great answer.
> And if we did what you suggest, it would be a whole lot worse.
I'm not sure what you think I'm suggesting. What I said is in some ways the opposite of what you seem to think I said.
I said the ISP is in a position in monitor the network as a whole and respond to emerging threats, such as botnets currently active on the network or scanning the network. I said the ISP can reasonably have people in the SOC actually responding in real-time as exploits are released and threats become real. That's pretty much the opposite of "block port 80 for everybody". In fact, port-based blocking is what you get with consumer routers, with each customer doing there own. That's quite 1990s. Modern security is more about analyzing trends in flows.
To address your example, sure some vendors will point out a open tftp as a potential exposure- open tftp is also how the bad guys can get the config off those switches and routers. Which is why you "just got an email a few days ago from our infosec guys." There was something that looked like it might be a risk, so he checked it out. Good job InfoSec guy. Findings can generally be categorized into four groups:
1) Appears normal / safe
2) Potential vulnerability (open telnet, tftp)
3) Probably an attack (nigerian prince w/ Word document)
4) Known attack
The other axis is the damage scale, but let's stick with this axis for now. It would be reasonable, I think, to notify you of vulnerabilities (hey, you have telnet open), block known attacks (somebody trying hundreds of passwords against the telnet) and apply some more sophisticated analysis to group 3, probable attacks. Are they coming from known-bad IP addresses? What's the scale? What level of damage is likely?
If they are grossly negligent, they already ARE liable.
The question is, who was hurt and by how much? They are liable *to somebody* for *some* amount of money. That's the hard part.
Both "non-technical people" amd "home networks" combined make that a tough one. A business full of non-technical people, or just people who don't specialize in security, can use a "experts included" solutions from companies like Alert Logic, but that's probably not reasonable for a home network.
A typical home network can be made noticeably more secure from these kinds of attacks by simply turning off UPnP on the router, though. Without UPnP, by default devices on the network can't be accessed from outside, from the internet. The standard router configuration using overloaded NAT (aka PAT) has the side effect of acting like a strict firewall. It's not an enterprise-grade firewall, just a simple packet filter, but it does prevent incoming connections / attacks, except for any port-forwards that are manually configured.
Other than disabling UPnP, the other main thing I can think of is keeping software and firmware up to date, at least for security patches. Devices running old versions are the low-hanging fruit for bad guys. The new software might have new security holes that nobody knows about, but the old version definitely has security holes that everybody knows about, and the bad guy and just run a script to automatically exploit those vulnerabilities.
Sorry I don't have better answers right now. The lack of good answers is why Australia is looking at having the ISP take care of some protection. The ISP can see trends across the whole network, and more importantly they can spend a few thousand dollars per month to contract with companies like Cisco TALOS and Alert Logic to deploy and monitor sophisticated, modern security systems. Yeah that brings up privacy issues, so there is no great solution that I can see.
Certainly there are privacy issues to be discussed, and there are many questions that can be asked about what exactly should be done and how it should be done. The concept does work quite well. Especially related to botnets.
This is standard procedure in the enterprise. Its 2017, not 1997, and we're far beyond "update your AV and pretend your safe". In enterprises that care at all about security, professionals, preferably security professionals in the SOC, but at least network professionals, use professional tools such as Cisco ASAs with Firepower to monitor incoming and outgoing traffic in a much more sophisticated and effective way than even a technical user would monitor their own workstation, much less some random clerk or manager. Where I work, the SOC is staffed 24/7 by career security professionals using $100,000+ toolsets. "Every user can update their AV", and "remind people not to open Office documents with macros" doesn't quite compete.
Certainly an ISP could monitor and null route or otherwise filter current verified malware sources and that sort of thing. They could easily prevent the spread of many botnet malware strains by not allowing the attacks to come out of their network, or through it.
So yeah it' much more than a "power grab". It's a solid idea that needs to be balanced against privacy concerns in how it is implemented.
I wrote three pieces of software:
Strongbox
Throttlebox
Clonebox
Then you chose Seqbox. :)
> Paper books sometimes get discounts that make them cheaper than ebooks. Why would anyone pay more for bits?
I do a lot of studying 5-15 minutes at a time. I study a few pages in the bathroom, a few pages while waiting in line, etc. Dead tree books are rather inconvenient to keep in my pocket, so I prefer digital for studying.
For reference books paper can be good because it doesn't dissapear easily, but even for reference digital is searchable.
My comment doesn't directly relate to having the *two* compression steps. I probably should have replied to the same person you replied to.
Hash the password AND block number through a key-stretching routine to get the encryption key. It is important to avoid using the same key for all blocks. If different blocks are XORed with the same key, I can still see your penguin:
https://blog.filippo.io/the-ec...
Compression before encryption often results in a padding oracle or other problems. If you're designing a system that is supposed to be secure, avoid compression until you fully understand the issues. Avoid compressing and encrypting chosen plaintext at all - you'll never be sure you understand all of the issues with that.
> Texans have a problem believing too many lies, as usual.
The various ISPs I can order service from are lies, they don't actually exist? That's weird since I'm using the service to post this message.
Apparently *one of us* was lied to.
I work from home, so reliable service is important to me. For that reason I asked around to see which ISP is best in this area. Fellow customers didn't steer me wrong - I've not had any down time so far, nor have I had any billing issue.
On the coasts, many areas are still under legacy (and even new) franchise agreements. The New York City franchise map is a good example that is readily available - provider A is allowed to operate on one side of the street, on the other side only provider B can offer service. Customers get whichever ISP is assigned to their area by the bureaucrats (who get donations from the ISPs). The ISPs are free to suck, because there's no competition.
There was some hoopla around here a couple of years ago with people saying "franchise monopolies are now illegal". Not quite. The rule from the Obama administration was "before issuing a *new* franchise monopoly, a city must hold a meeting."
In many parts of Texas, we don't have the franchise (mandated monopoly) system. Instead, new providers are allowed to enter an area and offer better service. These are called "overbuilders" because they build new infrastructure, using modern technology, right on top of the incumbent's legacy network. Many provide "cable" TV and internet.
The last 10 years or so have been a very important time for overbuilders because previously, the incumbent had a huge advantage in that they already had the infrastructure in place. It's major expense for an overbuilder to replicate all the wiring that the legacy provider already has. The incumbent doesn't have that current cost. In some areas, the phone company was providing DSL service using wiring they laid 60 years ago.
Now that we're going to high-speed fiber, the incumbent no longer has the same advantage. Their decades-old copper infrastructure isn't an overwhelming advantage any more. Overbuilders come in and lay fiber, often with short lengths of high-quality, high-capacity coax for the last few hundred feet. In some parts of Austin there are four to six providers to choose from. Even in some very small towns there are two cable TV companies, competing to have the best, most reliable, and fastest network. If they one doesn't do a good job, customers don't choose them, and the company doesn't make money. Companies like to make money, of course, so they don't suck, not to the extent that they suck in guaranteed monopoly areas (government franchises). The lead engineer for my city of 150,000 gave me his cell phone number, telling me to call him directly if I have any problems and customer service doesn't take care of it properly.
> list of reasons to move to Texas will gain another entry.
We'd love to have you! Please bring that list with you. A lot of Californians move out here and I ask why they came. They came, perhaps, because we have good jobs and a low cost of living. A programmer II can afford a 2,600 square foot house here. Within a week they start telling me about things we should change in Texas, to be more like California. We should have California-style policies, they say, and they don't hear me when I point out those policies drive up costs and increase unemployment. Not that they are necessarily BAD policies. Maybe the benefits outweigh the costs, in some people's opinion. Fine. But if you want to do things the California way, and get the results California gets, it's easy to just stay in California. No need to come to Texas and try to turn it into California.
> > Also of course high frequency waves have high energy
> What?
E=hn where E is energy in joules, n is frequency in hertz, and h is Planck's constant. In other words, energy is *directly proportional* to frequency.
Its quite intuitive when you think of a sound wave, rather than electromagnetic, especially a sound wave in water. Imagine a sound wave which moves 1 gram of water. Moving 1 gram of water 10 times in a second (10 hertz) represents a lot less energy than moving the water 1,000 times in that same second.
This is one of several reasons that lower frequencies are preferred for long-distance communication. Because it takes less energy to get the same amplitude (particle count) at low frequencies, they are more efficient. Atmospheric attenuation is the biggest reason).
A very large mesh network *used* to be possible. Not so much anymore.
> There is nothing in the rules of mathematics or laws of physics that prevents such a system.
In fact there the laws of physics DO put some serious limitations on it, especially a true mesh network. In a nutshell, the frequencies that carry over distance and through walls have limited bandwidth, which must be shared by *everyone* who wants to use any kind of wireless communication. Frequencies above 10 Ghz have a lot of bandwidth, but don't go through drywall. Also of course high frequency waves have high energy - think microwave oven.
Mesh networks are horribly inefficient in how they use the limited bandwidth available in desirable frequency bands. You can do much, much better if you have local transmitters around 1 Ghz communicating with local towers which form a backbone connected via high power dishes, or better yet fiber optics. There is a lot more usable bandwidth to go around using the backbone topology rather than wasting most of the bandwidth by using a mesh. That brings up the issue of who owns and controls the backbones.
Given the physics of it all, back in 1990 you could have built a mesh network to replace the wired connections of the day - 48Kbps max bandwidth, with each person using it an hour or two per day, on average. On a new network built today, you'd want 100,000 to 10,000,000 Kbps, with each person using it ten hours per day. So roughly 40,000 times as much total bandwidth. Not going to happen. Not with the physics we know in this century.
There *is* a way we can 40,000 times as much bandwidth as we had in the the 1990s, though. We actually have such a system working in much of Texas. It involves setting the greedy corporate ISPs up in a situation where to make money, they have to compete with other greedy corporate ISPs. Customers choose the best one, so an ISP can't make money if they suck. It's not a perfect system, but it beats the hell out of what I hear people on the coasts complaining about - a single monopoly ISP protected by a government franchise, an ISP that sucks but they don't care because nobody is allowed to offer competing service.
> Aren't there laws that require companies to protect customer data?
Yes, and there are laws requiring everyone to drive under 65 MPH. It seems that making a law doesn't actually mean people will do anything differently.
Unlike most protocols, rsync has a built-in checksum, actually many, many checksums, so it's much more reliable than just about any other protocol. It checksums every few kilobytes.
We backup many terabytes every day and we periodically verify the backups with Sha-2 hashes. I've never found corruption due to rsync. On the other hand, rsync *is* very flexible and there are many options. It's certainly possible to use a set of options that doesn't give you what you want.
Also, if you're backing up live systems, especially databases, using any method, you have to take care that the data doesn't change while your backing it up. That applies to any method of backup. For mysql, see man mysqldump, then back up the dumped files.
Using ssh transport instead of the native rsync protocol, which is unencrypted, is the *right* way to do remote rsync with sensitive data. Much like tunneling http over tls is the right way to do http for sensitive data.
You can also do the rsync network protocol bare, using a rsync:// url. That's the wrong way for sensitive data, and the way this developer chose to do it.
It's not at all clear to me what the author is asking Berners-Lee and W3C to do. The issue he brings up is a concern with a particular law. W3C doesn't write the law. Html EME defines a technical interface for "if you want a browser to use an encryption module, here's the code to declare that". It doesn't, and can't, effect any law in any way I can see.
It may be worth noting that depends on the nature of the work, whether the claimed "personal project" is the type or work the employee was hired to do.
Suppose a person is hired to write technical training manuals. The training manuals they write typically belong to the employer, absent an agreement to the contrary. If the same technical writer builds a ship in a bottle, that work would belong to the employee, again assuming no agreement to the contrary.
Of course varying circumstances can affect things too. If an employer directs their employee, as writer, to build a ship in a bottle on company time, on company premises, using company materials, for use at a company event, that ship probably belongs to the company.
1 watt wouldn't work very well to charge a smart phone with a 3,000 mah battery. On the other hand, a Bluetooth headphone will have a battery of around 100mah. In use, a Bluetooth headphone will use maybe 150mw or so. Idle, much less than that. So a constant charge of 1 watt, or even 100mw, would be sufficient to keep a Bluetooth headphone charged.
Do Apple customers have any use for Bluetooth headphones these days? :)