Yep. Just like the last mile for cell phones is a natural monopoly - why have duplicate towers serving the same area?
I'm glad I get unlimited everything for $30 from Boost Mobile, with no contract, because Washington bureaucrats decreed that was the proper monthly rate. Oh, that wasn't decreed by government? You say that government decreed that my 64k landline, running on copper that's been there for 30 years, must cost MORE than my 4G wireless service? Well that's kinda stupid.
> If the FCC had decided to treat the net like a phone, we would have massive competition, lower prices, and better service.
Yep, common carrier phone systems (landlines) have so much competition, and service has improved so much in the last 100 years. I want some of what you're smoking.
The FEC's position in CU was that because the people of Dice and the ACLU work together as a corporation, they can't talk about political issues. Had the FEC won, Dice couldn't run this story without FEC approval because Dice is corporation, they spend money running the site, and it touches on a political issue.
It IS unfortunate that with free speech, some people and organizations can get a bigger megaphone than others. Is silencing everyone really the solution? The CU ruling is what allows the ACLU and the FSF to continue to comment on political issues. Do you really want to silence them, in order to silence those who disagree with them?
I propose an alternative. I propose that ACLU Inc be allowed to make their case publicly, the BSA can make theirs, and the FSF can say what they want to say. Then, you and I, the voters, can decide who we agree with after hearing them.
Sure, they can support a position that a candidate supports. Alternatively, they can oppose a policy that a candidate supports. For example, under the Citizens United ruling, Dice can run stories supporting net neutrality. Had the ruling gone the other way, the FEC (via Mcain-Feingold) or FCC (through the fairness doctrine) could prevent publication of these stories because it's Dice spending money in support of a political position.
Could Dice also say "Obama sucks", and do it shortly before the election? Sure, and maybe that's imperfect, but it's a heck of a lot better than the alternative. The alternative, argued in Citizen's, was to say that because Dice and the ACLU are both incorporated, neither may talk about political issues.
The LibreSSL team has deleted tens of thousands of lines of code from OpenSSL, saying that one of their key goals is to remove as many features as possible. Their reasoning is that simple is more secure, that features which don't exist can't have bugs.
That principle is correct, unless either: a) It's a feature people need, in which case each code-monkey will scratch out their own homebrew version.
or
b) It's a security feature, a chunk of code designed to make things more secure.
Right or wrong, it appears unlikely that LibreSSL will ever get anywhere near feature parity with OpenSSL. They would consider it a failure if they did that.
That would at least be logically consistent - the FCC would, legally, gain vast new powers by treating ISPs as monopoly common carriers. I think at this time, at this point in the development of the internet, it would be a huge mistake. It would essentially outlaw any significant advancement. For example, Google fiber would be illegal in about six different ways under common carrier rules. Maybe in another 30 years there won't be any new innovations taking place and common carrier regulation will make sense for the internet.
Personally, I'd like to see competition. I'd like to be able to tell my ISP that I'll switch to their competitor if they do X. To me, the franchise laws that make competition illegal are a key part of the problem.
> Nothing is wrong with it when you put it that way, but that's not the way it is. The problem is that PACs are about donations
FYI, the #1 rule of PAC Club is that they can't donate to candidates. The #2 rule is that they can't coordinate with any candidate's campaign.
What they CAN do, and what the Citizen's United case sought to outlaw, is the kind of thing Michael Moore's organization did - make a political statement separate and apart from any candidate. I happen to think Michael Moore is disgusting, and he's admitted that his movies are full of lies, but I think it's pretty clear that he and his friends have the right to get together and make stupid movies. Citizen's United made movies too, with a political point just like Michael Moore's movies. The FEC sought to prevent them from making these movies. This is a plain violation of the first amendment. It has little or nothing to do with political donations - they were making movies. The FEC said that's illegal because they spent some money making the movies, and under their rules it was illegal to spend any money exercising your first amendment rights.
Does NTIA have Constitutional authority to pass laws? Did they pass a law giving the FCC the authority to pass laws? If not, the ruling of the court is (obviously) correct.
The question before the court was a fourth grade civics quiz question:
True or false: the executive branch is empowered the make new laws. True False
The correct answer is "false".
Note again, this has nothing to do with whether any particular law labeled "net neutrality" might be good or bad. The court just ruled what everyone already knows - Congress makes new laws, not the FCC.
It occurs to me that logically, it's also possible that they do not actually believe it's bad for people to work together to effect change. It's possible that they are trying to mislead people, saying they believe that when they really don't. So the three possible options are:
1. They've chosen to do wrong, to do what they believe is evil.
2. They've utterly failed to think about what they actually believe.
3. They are trying to mislead people about what they actually believe.
I don't know which of the three is true about these people, but basic logic shows it must be one of the three.
In a way, I see that point. On the other hand, pick one:
A) Banding together to exercise your free speech rights through an organization is something you should do.
B) Banding together to exercise your free speech rights through an organization is so bad that it should be illegal.
You can't believe both A and B. If you believe it's bad thing, in fact so bad that it's worth violating other people's first amendment rights over, yet you do it anyway, you've chosen to do evil. So they've either chosen to do evil, or they simply haven't thought things through. Their thinking process ends at their own four-word slogan.
I wouldn't even look to the court. The court merely read the law, which very plainly states that the FCC may not do what they tried to do. In essence, the law says:
The FCC must regulate common carriers according to a, b, and c. The FCC may not regulate b or c in regard to anyone other than common carriers.
The FCC wanted to do B without C, so they claimed "ISPs are not common carriers, so we don't have to do C. ISPs are common carriers, so we're going to do B". That's ridiculous, you can't say they ARE common carriers and NOT common carriers at the same time. Therefore, the FCC can't make up net neutrality laws.
If and when we end up needing a net neutrality law, Congress will need to pass one. That should be pretty clear to anyone who has passed fourth grade civics, so I really don't see why the FCC tried to make up the law themselves in the first place. Any half-competent court would strike them down.
What the hell? They don't like that Citizens United said that free speech means people can cooperate together in the political process, through what's called a "super PAC". So their solution is to form a super PAC so they can cooperate in affecting the political process. They're trying to outlaw themselves.
I knew that that the people who got all excited about Citizen's United were dense, but I didn't realize they were THAT dense!
Most web sites have no need for SSL/TLS. Therefore, 17% of web sites could mean ALL "secure" sites were affected. OpenSSL might have 90% market share in the sense that 90% of SSL connections use OpenSSL and that could still be 17% of web sites.
I guess you're not a programmer, and therefore don't know what a shallow bug is. Conveniently, the rest of the sentence you alluded to explains the term:
"Given enough eyeballs, all bugs are shallow... the fix will be obvious to someone."
If you have to dig deep into the code to figure out what's causing the problem and how to fix it, that's a deep bug. A bug that doesn't require digging is shallow. Heartbleed was fixed in minutes or hours after the symptom was noticed - a very shallow bug indeed. "The fix will be obvious to someone."
The presence or absence of bugs is an orthogonal question. That's closely correlated with the code review and testing process - how many people have to examine and sign off on the code before it's committed, and if there is a full suite of automated unit tests.
The proprietary code I write is only seen by me. Some GPL code I write also doesn't get proper peer review, but most of it is reviewed by at least three people, and often several others look at it and comment. For Moodle, for example, I post code I'm happy with. I post it with unit tests which test the possible inputs and verify that each function does its job. Then anyone interested in the topic looks at my code and comments, typically 2-4 people. I post revisions and after no-one has any complaints it enters official peer review. At that stage, a designated programmer familiar with that section of the code examines it, suggests changes, and eventually signs off on it when we're both satisfied that it's correct. Then it goes to the tester. After that, the integration team. Moodle doesn't get very many new bugs because of this quality control process. That's independent of how easily bugs are fixed, how shallow they are, depending on how many people are trying to fix the bug.
> Have you never had to deal with constant interruptions from management and clients/customers asking about the status of tickets?
I know what you mean.
"I'd be glad to talk to you about this. Right now, would you prefer that I discuss it with you, or go fix it?"
That line normally puts an end to any interruptions.:) I've been fortunate that I've always been in a position where I can ask that question. I've either been the president of the company, or the system owner - the only one who can fix it. For Y2K, I did hire a couple of extra people to answer the phone and say "We apologize for the inconvenience. We are aware of the problem and working on resolving it." It turns out that we didn't need them for Y2K since that was just a display issue for any sanely designed software. 2038 could be a much larger problem.
You should explain all that to the people who wrote the VESA standard, because they think they used 4 lanes of PCIe-capable pairs AND a lower bandwidth aux channel on pin 15 and pin 17 that can speak USB. The display part of Thunderbolt is DisplayPort. DisplayPort has always had the USB channel. Technically, that channel COULD be used for something other than USB, but on all implementations I've ever seen it's broken out into USB plug.
VESA publishes a very nice document called "Overview of DisplayPort" that explains it pretty well in just 40 pages. It's a good thing to read if you want to have some understanding of the protocol. It's suggested that you know something about it before arguing about it.
Thanks for that info. Do yyou know if that cable is boosted or unboosted cable? It can be hard to tell. For 75', it's probably boasted.
From my research, it seems that at that distance, some displays are sometimes able to sync with some sources, using some cables, in some environments. A different source, a different display, or new sources of interference may cause it to stop working. Sometimes it'll work for a while, then require restarting in a certain order. For my purpose, it needs to work every time, without me being there to suggest restarting things or deal with a dimmer that's causing interference.
HDbaseT 1.0 included RS-232, which could be used for keyboard and mouse. HDbaseT 2.0 includes USB over the same cable.
However, if computer terminals are what you want, not top quality video, there are better options. Obviously there are things like VNC and RDP. I buy and sell Raritan IP KVMs, which I use in my datacenter. The KVMs give full control, from BIOS to GUI, over the internet. HDbaseT is targeted at entertainment video - lots of motion, and high quality video.
I've been studying the HDMI options intensely for just a few days for a project I'm working on - connecting a computer to two large TV sets 80 feet away at my church. (Plus another one 15' away).
> Last I checked, there still is not a good way to do this over gigabit ethernet.
HDbaseT is the standard for HDMI over CAT6. Several vendors support it, sometimes branding it with their own name. As an alternative, boosted HDMI cables are good up to about 50 feet or so, depending on resolution.
Using boosted cabling, a 4X4 HDMI matrix will let you connect four sources to four receivers. HDbaseT will connect (at least) one source to multiple displays. I'm not sure if HDbaseT works for multiple sources without a matrix box.
You can find matrices and HDbaseT for about $130 now. You'll also see roughly similar, older equipment being sold for $3,000. There's been a huge price drop, kind of like enterprise grade wide SCSI cards are still expensive, though consumer level SATA hardware outperforms it for 1/10th the price.
> I'm not sure there's anything that USB does that Thunderbolt can't do
Thunderbolt does PCIe and USB, so there is nothing USB can do that Thunderbolt can't. If there were, Thunderbolt would do it via USB. Thunderbolt is basically PCIe + USB + HDMI + power, all on the same cable.
That definition absolutely includes what this thread is about. TFA talked mostly about malicious email attachments. When you do that, things stop working right. The discussion has talked about poor passwords. When your poorly chosen password is cracked, things stop working right. Using a good passphrase helps keep things working they way you expect them to work.
Our company, for example, uses Linux and measures uptime in years. Machines are rebooted for CPU and kernel upgrades and that's about it. Hard drive upgrades don't require a reboot, and they sure as heck don't crash. One machine had a bad memory module that caused a crash. We don't have users or software that crashes.
I've recently learned a new definition of security, one that's a little bit different from what I'd thought about before.
A secure system is a system that continues to work as expected, even in the face of unexpected events.
Users like a system that works the way they expect. They don't like crashes, endless popups, and systems slowed to a halt by malware. So teach them the benefits they can expect. You can have a fast, trouble-free computer by doing x, y, and z. Clicking on "virus alerts" makes your computer slow and prone to crashing. Opening unexpected PDF files causes a huge hassle of needing to change your passwords and all that mess.
> If everyone was on solar as you say there would be no problem because excess energy goes back into the grid
There would be no grid! If everyone (or many people) are producing a lot of energy for six hours per day, and therefore paying nothing, there's no money, and therefore no power grid.
> no more dependence on prehistoric power like coal and foreign oil, no more pollutants
For several hours, on sunny days. Except that there is no power, because there is no grid.
Yep. Just like the last mile for cell phones is a natural monopoly - why have duplicate towers serving the same area?
I'm glad I get unlimited everything for $30 from Boost Mobile, with no contract, because Washington bureaucrats decreed that was the proper monthly rate. Oh, that wasn't decreed by government? You say that government decreed that my 64k landline, running on copper that's been there for 30 years, must cost MORE than my 4G wireless service? Well that's kinda stupid.
> If the FCC had decided to treat the net like a phone, we would have massive competition, lower prices, and better service.
Yep, common carrier phone systems (landlines) have so much competition, and service has improved so much in the last 100 years. I want some of what you're smoking.
The FEC's position in CU was that because the people of Dice and the ACLU work together as a corporation, they can't talk about political issues. Had the FEC won, Dice couldn't run this story without FEC approval because Dice is corporation, they spend money running the site, and it touches on a political issue.
It IS unfortunate that with free speech, some people and organizations can get a bigger megaphone than others. Is silencing everyone really the solution? The CU ruling is what allows the ACLU and the FSF to continue to comment on political issues. Do you really want to silence them, in order to silence those who disagree with them?
I propose an alternative. I propose that ACLU Inc be allowed to make their case publicly, the BSA can make theirs, and the FSF can say what they want to say. Then, you and I, the voters, can decide who we agree with after hearing them.
Sure, they can support a position that a candidate supports. Alternatively, they can oppose a policy that a candidate supports. For example, under the Citizens United ruling, Dice can run stories supporting net neutrality. Had the ruling gone the other way, the FEC (via Mcain-Feingold) or FCC (through the fairness doctrine) could prevent publication of these stories because it's Dice spending money in support of a political position.
Could Dice also say "Obama sucks", and do it shortly before the election? Sure, and maybe that's imperfect, but it's a heck of a lot better than the alternative. The alternative, argued in Citizen's, was to say that because Dice and the ACLU are both incorporated, neither may talk about political issues.
> 3. LibreSSL gains feature parity with OpenSSL
The LibreSSL team has deleted tens of thousands of lines of code from OpenSSL, saying that one of their key goals is to remove as many features as possible. Their reasoning is that simple is more secure, that features which don't exist can't have bugs.
That principle is correct, unless either:
a) It's a feature people need, in which case each code-monkey will scratch out their own homebrew version.
or
b) It's a security feature, a chunk of code designed to make things more secure.
Right or wrong, it appears unlikely that LibreSSL will ever get anywhere near feature parity with OpenSSL. They would consider it a failure if they did that.
That would at least be logically consistent - the FCC would, legally, gain vast new powers by treating ISPs as monopoly common carriers. I think at this time, at this point in the development of the internet, it would be a huge mistake. It would essentially outlaw any significant advancement. For example, Google fiber would be illegal in about six different ways under common carrier rules. Maybe in another 30 years there won't be any new innovations taking place and common carrier regulation will make sense for the internet.
Personally, I'd like to see competition. I'd like to be able to tell my ISP that I'll switch to their competitor if they do X. To me, the franchise laws that make competition illegal are a key part of the problem.
> Nothing is wrong with it when you put it that way, but that's not the way it is. The problem is that PACs are about donations
FYI, the #1 rule of PAC Club is that they can't donate to candidates. The #2 rule is that they can't coordinate with any candidate's campaign.
What they CAN do, and what the Citizen's United case sought to outlaw, is the kind of thing Michael Moore's organization did - make a political statement separate and apart from any candidate. I happen to think Michael Moore is disgusting, and he's admitted that his movies are full of lies, but I think it's pretty clear that he and his friends have the right to get together and make stupid movies. Citizen's United made movies too, with a political point just like Michael Moore's movies. The FEC sought to prevent them from making these movies. This is a plain violation of the first amendment. It has little or nothing to do with political donations - they were making movies. The FEC said that's illegal because they spent some money making the movies, and under their rules it was illegal to spend any money exercising your first amendment rights.
Does NTIA have Constitutional authority to pass laws? Did they pass a law giving the FCC the authority to pass laws? If not, the ruling of the court is (obviously) correct.
The question before the court was a fourth grade civics quiz question:
True or false: the executive branch is empowered the make new laws.
True
False
The correct answer is "false".
Note again, this has nothing to do with whether any particular law labeled "net neutrality" might be good or bad. The court just ruled what everyone already knows - Congress makes new laws, not the FCC.
It occurs to me that logically, it's also possible that they do not actually believe it's bad for people to work together to effect change. It's possible that they are trying to mislead people, saying they believe that when they really don't. So the three possible options are:
1. They've chosen to do wrong, to do what they believe is evil.
2. They've utterly failed to think about what they actually believe.
3. They are trying to mislead people about what they actually believe.
I don't know which of the three is true about these people, but basic logic shows it must be one of the three.
In a way, I see that point. On the other hand, pick one:
A) Banding together to exercise your free speech rights through an organization is something you should do.
B) Banding together to exercise your free speech rights through an organization is so bad that it should be illegal.
You can't believe both A and B. If you believe it's bad thing, in fact so bad that it's worth violating other people's first amendment rights over, yet you do it anyway, you've chosen to do evil. So they've either chosen to do evil, or they simply haven't thought things through. Their thinking process ends at their own four-word slogan.
I wouldn't even look to the court. The court merely read the law, which very plainly states that the FCC may not do what they tried to do. In essence, the law says:
The FCC must regulate common carriers according to a, b, and c.
The FCC may not regulate b or c in regard to anyone other than common carriers.
The FCC wanted to do B without C, so they claimed "ISPs are not common carriers, so we don't have to do C. ISPs are common carriers, so we're going to do B". That's ridiculous, you can't say they ARE common carriers and NOT common carriers at the same time. Therefore, the FCC can't make up net neutrality laws.
If and when we end up needing a net neutrality law, Congress will need to pass one. That should be pretty clear to anyone who has passed fourth grade civics, so I really don't see why the FCC tried to make up the law themselves in the first place. Any half-competent court would strike them down.
What the hell? They don't like that Citizens United said that free speech means people can cooperate together in the political process, through what's called a "super PAC". So their solution is to form a super PAC so they can cooperate in affecting the political process. They're trying to outlaw themselves.
I knew that that the people who got all excited about Citizen's United were dense, but I didn't realize they were THAT dense!
Most web sites have no need for SSL/TLS. Therefore, 17% of web sites could mean ALL "secure" sites were affected. OpenSSL might have 90% market share in the sense that 90% of SSL connections use OpenSSL and that could still be 17% of web sites.
I guess you're not a programmer, and therefore don't know what a shallow bug is. Conveniently, the rest of the sentence you alluded to explains the term:
"Given enough eyeballs, all bugs are shallow ... the fix will be obvious to someone."
If you have to dig deep into the code to figure out what's causing the problem and how to fix it, that's a deep bug. A bug that doesn't require digging is shallow. Heartbleed was fixed in minutes or hours after the symptom was noticed - a very shallow bug indeed. "The fix will be obvious to someone."
The presence or absence of bugs is an orthogonal question. That's closely correlated with the code review and testing process - how many people have to examine and sign off on the code before it's committed, and if there is a full suite of automated unit tests.
The proprietary code I write is only seen by me. Some GPL code I write also doesn't get proper peer review, but most of it is reviewed by at least three people, and often several others look at it and comment. For Moodle, for example, I post code I'm happy with. I post it with unit tests which test the possible inputs and verify that each function does its job. Then anyone interested in the topic looks at my code and comments, typically 2-4 people. I post revisions and after no-one has any complaints it enters official peer review. At that stage, a designated programmer familiar with that section of the code examines it, suggests changes, and eventually signs off on it when we're both satisfied that it's correct. Then it goes to the tester. After that, the integration team. Moodle doesn't get very many new bugs because of this quality control process. That's independent of how easily bugs are fixed, how shallow they are, depending on how many people are trying to fix the bug.
> Have you never had to deal with constant interruptions from management and clients/customers asking about the status of tickets?
I know what you mean.
"I'd be glad to talk to you about this. Right now, would you prefer that I discuss it with you, or go fix it?"
That line normally puts an end to any interruptions. :)
I've been fortunate that I've always been in a position where I can ask that question. I've either been the president of the company, or the system owner - the only one who can fix it. For Y2K, I did hire a couple of extra people to answer the phone and say "We apologize for the inconvenience. We are aware of the problem and working on resolving it." It turns out that we didn't need them for Y2K since that was just a display issue for any sanely designed software. 2038 could be a much larger problem.
> However there is some sort of filter at the TV's end. The cable is not supposed to be reversed.
That sounds like the boosted cables I've seen. HDMI provides the power for a buffer/ booster at the display end. Where did you find it for $45?
You should explain all that to the people who wrote the VESA standard, because they think they used 4 lanes of PCIe-capable pairs AND a lower bandwidth aux channel on pin 15 and pin 17 that can speak USB. The display part of Thunderbolt is DisplayPort. DisplayPort has always had the USB channel. Technically, that channel COULD be used for something other than USB, but on all implementations I've ever seen it's broken out into USB plug.
VESA publishes a very nice document called "Overview of DisplayPort" that explains it pretty well in just 40 pages. It's a good thing to read if you want to have some understanding of the protocol. It's suggested that you know something about it before arguing about it.
Thanks for that info. Do yyou know if that cable is boosted or unboosted cable? It can be hard to tell. For 75', it's probably boasted.
From my research, it seems that at that distance, some displays are sometimes able to sync with some sources, using some cables, in some environments. A different source, a different display, or new sources of interference may cause it to stop working. Sometimes it'll work for a while, then require restarting in a certain order. For my purpose, it needs to work every time, without me being there to suggest restarting things or deal with a dimmer that's causing interference.
HDbaseT 1.0 included RS-232, which could be used for keyboard and mouse. HDbaseT 2.0 includes USB over the same cable.
However, if computer terminals are what you want, not top quality video, there are better options. Obviously there are things like VNC and RDP. I buy and sell Raritan IP KVMs, which I use in my datacenter. The KVMs give full control, from BIOS to GUI, over the internet. HDbaseT is targeted at entertainment video - lots of motion, and high quality video.
I've been studying the HDMI options intensely for just a few days for a project I'm working on - connecting a computer to two large TV sets 80 feet away at my church. (Plus another one 15' away).
> Last I checked, there still is not a good way to do this over gigabit ethernet.
HDbaseT is the standard for HDMI over CAT6. Several vendors support it, sometimes branding it with their own name.
As an alternative, boosted HDMI cables are good up to about 50 feet or so, depending on resolution.
Using boosted cabling, a 4X4 HDMI matrix will let you connect four sources to four receivers.
HDbaseT will connect (at least) one source to multiple displays. I'm not sure if HDbaseT works for multiple sources without a matrix box.
You can find matrices and HDbaseT for about $130 now. You'll also see roughly similar, older equipment being sold for $3,000. There's been a huge price drop, kind of like enterprise grade wide SCSI cards are still expensive, though consumer level SATA hardware outperforms it for 1/10th the price.
> I'm not sure there's anything that USB does that Thunderbolt can't do
Thunderbolt does PCIe and USB, so there is nothing USB can do that Thunderbolt can't. If there were, Thunderbolt would do it via USB.
Thunderbolt is basically PCIe + USB + HDMI + power, all on the same cable.
That definition absolutely includes what this thread is about. TFA talked mostly about malicious email attachments. When you do that, things stop working right. The discussion has talked about poor passwords. When your poorly chosen password is cracked, things stop working right. Using a good passphrase helps keep things working they way you expect them to work.
Our company, for example, uses Linux and measures uptime in years. Machines are rebooted for CPU and kernel upgrades and that's about it. Hard drive upgrades don't require a reboot, and they sure as heck don't crash. One machine had a bad memory module that caused a crash. We don't have users or software that crashes.
I've recently learned a new definition of security, one that's a little bit different from what I'd thought about before.
A secure system is a system that continues to work as expected, even in the face of unexpected events.
Users like a system that works the way they expect. They don't like crashes, endless popups, and systems slowed to a halt by malware.
So teach them the benefits they can expect. You can have a fast, trouble-free computer by doing x, y, and z. Clicking on "virus alerts" makes your computer slow and prone to crashing. Opening unexpected PDF files causes a huge hassle of needing to change your passwords and all that mess.
> If everyone was on solar as you say there would be no problem because excess energy goes back into the grid
There would be no grid! If everyone (or many people) are producing a lot of energy for six hours per day, and therefore paying nothing, there's no money, and therefore no power grid.
> no more dependence on prehistoric power like coal and foreign oil, no more pollutants
For several hours, on sunny days. Except that there is no power, because there is no grid.