Not to denegrate the efforts of the Mozilla coders. Their entire project has been a boon to open source development. But to me it's just the same old featuritis, bloatware that Netscape has been crapping out for years now. Konqueror is where my I'm at for web browsing. Still problems with it to be sure, but the whole desktop integration thing I love. Moz will never be able to do this. It's also snappy and renders nicely. OTOH, I'm not big on plugins and I still use pine for mail. Just need 128bit SSL HTTP and stability.
That's right! One way or another, if the person setting up the router doesn't know wtf they're doing then something is going to be broken. I personally think the more 'socially' responsible thing would be to ship with egress filters config'd and let them sort out their internal issues. But you're right, either way you slice it it's a pain in the ass for somebody. But hey, this isn't kids stuff. You gotta know what you're doing.
Who ships a router with egress filters in place? I'm not aware of anyone doing this, but would love to know who is. You're responsible for your net and what kind of crap passes its border. You can't blame the 'upstream dweebs' for your own inability to configure a router!!
This is a very misleading post. First of, it's 10.0.0.0/8 not 10.0.0.0/16. Second, the only net you could remotely finger is the originating net for not doing egress filtering on the private nets. Everyone else is just routing based on dest IP and switching based on the data link (MAC) info. But there's no requirement for them to be doing that. The real fault lies with the local network engineer for not doing ingress filtering of packets with a source on a private net. You've got to take responsibility for your own misconfigurations. You can't blame everything on somebody else. They should have had a firewall in place and Exodus should have been doing the ingress filtering at their border. See my other post for a suggestion as to why this wasn't happening.
Here's what happens. You have your ethernet frame header and after that your IP header which includes source and destination addresses. The source is forged and the router is generally (discounting acl's and such) just looking at the destination. So, you're left with the MAC info in the ethernet frame header. Well, that gets tossed and rebuilt for each link in the network. In other words, the only way you find the source (by traditional means) is to trace all the way back to the first hop router that the frames are coming through and pick up the MAC there. After that point you've lost the data link info on source and your IP info is unreliable. And, yes, that excercise requires the cooperation of every network engineer whose routers the packets are coming through. It's much more a political feat than a technical one.
We didn't have any zombie-killing software or a firewall installed because of certain network topology issues.
Topology my ass. Exodus fights hard to make you use their 'value add' security services. Be honest guys, the reason you weren't protected was b/c those bastards were working you over for more money and don't want you running your own security, right? In fairness, there's some nice things about running out of an Exodus facility, but dealing with their physical and network security chimps is not one of the high points.
It doesn't use mirrors. There's certainly still many unanswered questions here (it's a press release, not a tech doc of any kind), but the news part of this seems to be the fact that it's using inkjet technology to switch the circuits.
When commanded, a bubble is created at the intersection of the appropriate waveguides and the light is reflected down a vertical path to the switched port. This bubble is formed using the same reliable technology now used in inkjet printers.
Why does inkjet always get described as being reliable? I've never been happy with inkjet products with the possible exception of my original HP Deskwriter. I can only imagine trying to troubleshoot connectivity problems on one of these things. What if you have a particular circuit that doesn't get used for a while. That ink is going to dry up and never inject! I'm really having a hard time even imagining how they can design "carrier class" equipment on inkjet technology.
Being a few feet from the giant blue arcs at BM98 was absolutely amazing. They mounted various objects on grounding poles in a circle around the coil and I just stood there for a long time (no time sense out there) watching these bright blue bolts come down right in front of me. The shriek and howl of the thing as it wound up would bring people wandering in. They had no idea what they were about to see and then...boom! the show would start and everyone was frozen with fixed eyes an mouth agape until they fried all there stuff and, I guess, probably had to give the motor a break.
I agree to an extent. Personal information is a valuable commodity as is software. It is fair to exchange one for the other and unreasonable to expect that all organizations will produce free software without something directly in exchange for it.
The problem here is that Real was not informing anyone of the monitoring. The actual terms of the exchange were never stated anywhere. That prevents the user from being able to make an informed decision as to whether the exchange is fair to them and whether they wish to enter in to the deal.
If I sell you a nice car for $10 I can't sneak into your house later to collect more money on the basis that the car was worth more and you really owe it to me. Those terms must be stated up front and at the time of the initial transaction. The only reason this isn't treated as theft is that our archane laws still don't treat personal information as property. All sorts of other data is, after our data is compiled into someone's database it is, but while we're in possession of it, nope! Not poperty, available to anyone for free.
People need to be made at least marginally aware of how their information is being used. HTTP is an open standard, so we can accept the fact that any tracking being done via that protocol is known to the user since they have the same access to the RFC's that anyone else does. In this case, Real is enticing users to install a trojan on their system which is not open source code, but required the efforts of a hacker to determine just what it was doing.
The bigger issue is not the collecting of data, but the secrecy with which it is done. In fact, it would almost seem that Real is deliberately misinforming in their own privacy and license statements. And it's one thing to track IP's or cookie s/n's as a user clicks around your website, I think it's something else entirely when you entice that user to install s/w on their system which then surreptitiously monitors their activities. As one person is quoted as pointing out, that's a damn trojan!
It may be amusing, but it's not on topic. Hardly one line of the article indicated a lack of understanding of giving open source. The rest was just bad statistics. Why is nobody taking issue with that? And what the hell is going on with moderation that something so mildly amusing and fully off-topic gets a 5?
I'm not an expert on BSD, but here's your basic breakdown: 386BSD - was the original 'PC' unix from that grew: FreeBSD - continue a focus on i386 NetBSD - main focus being platform proliferation (they support everything, though I don't know about laptops) OpenBSD - a fairly recent splinter form/Free|Net/BSD. Very significant security features, though I'm not sure how they affect usability.
As a general rule you'll find the BSD's more server focused than Linux (big generalization, but it holds up some). Drivers are always there weak point, but check the Slashdot BSD section for sites that help you locate what you need.
Also note that the article states a half dozen or so other companies are looking into the same tech. Also, they haven't given up. The article goes on to say that now they'll develop a spray which could have the same effect (among others, I'd imagine).
What spooks me most is where this leads logically. Imagine you're given a life saving gene therapy only to be told you've purchased a time limited license. In 12 months you can buy another license or die! That's the sort of situation we're heading for with all this IP protection BS.
Without getting into a critique of facist politics, I think the simplest argument against this is the difference in transmission. It is possible to prevent the transmission of HIV. It is much more difficult to prevent the transmission of airborne viruses. Quarantine isn't necessary, education is.
The same policy applies in the US. My new doctor can not legally get my file from the old one without me signing a consent form. The real problem is that when most people sign up for insurance the sign off on the same consent to allow the insurance company to share medical information "as necessary." The problem then is, what is everyone's definition of necessary and whose definition is correct?
When I was going to a client involved in credit card processing, I was subjected to a full scale, government grade, background check. My client involved in telemedecine, with thousands of personal medical records stored on their systems, barely knows who I am.
As others have pointed out, the fact is that telemedecine is crucially important in some parts of the world and could even help domestic patients, particularly when you get into the more obscure, difficult to diagnose problems. However, until attitudes change in the medical industry (starting at the insurance companies) we are at grave risk of being persecuted for our medical histories.
I'm no fan of legislative fixes. It think what is needed is for other type of government control. The Fed is very adept at arm twisting and coercing an industry when it wants something changed. Something must be done about the current state of information security in the medical industry. The insurance cartels are too powerful to be motivated by their customers. We need an infosec lobby whose first issue is the security of medical records.
I don't think we'll see much out of Celera. The promise to realease discoveries after providing customers with right of first refusal is just an attempt to keep the gov. off his back. Without some basic legislative framework around this industry there will never be any motivation for providing data for the public good.
I think it's great that they're going to put the brakes on Celeron. Vintner is an ass. There's still a problem here, though. (Disclaimer: I'm not a geneticist. I just provided net support at a govt. sequencing lab for a year)
Sequencing just provides the mapping of the genes. It doesn't tell you a damn thing about what they do. That's call phenotyping.
He did not believe the move would inhibit new medical discoveries, as a map of a gene does not reveal its function - that would remain to be discovered. What it would do, Dr Morgan said, was to "ensure that no one company can stop others working on a gene."
I think the above quote seems to suggest that pharma will still be allowed to get patents around phenotypes. Though there isn't a great deal of competition in modern drugs, my suspicion is that we'll see even less with gene therapies. If there's only one way to fix the screwed up genes that cause a particular disease, then that one method will be owned. This isn't perl programming. Genetics is a pretty set thing.
This policy is certainly a step in the right direction and I'm sure the NIH, et al will continue to race the private concerns on phenotyping as they've done with sequencing, but I'm sill concerned that gene based cures will be out of reach for most people long after they're developed. Maybe that's not much different from how things work today, but it's still a problem.
It's true that the ability of media is simply to reflect back images from it's own audience. It's not creative and in that sense very limited. However, I think you've lost sight of the fact that this is the voice of the oppressed. These are otherwise voiceless people finally being given the opportunity to speak. While Katz may be droning a bit, the beating of the drumn may be making some of our heads ache, that doesn't mean it isn't extrememely important that this continue. In fact, as long as these kids are still in pain and oppressed then it _must_ continue if things will ever change. You seem to take offense that the geeks are recieving so much attention here at this geek website. Would you go to a minority race or gay supporting website and tell everyone to get over it? I know, you likely feel this site is supposed to be about the tech, but the tech is part of a culture and really (as long as I've been around) slashdot hasn't only been about the tech. Many, many issues have found voice on this site. I think this one has particular importance.
Drone on Katz!! The geek voice must begin to be heard.
Slashdot Mirror
Not to denegrate the efforts of the Mozilla coders. Their entire project has been a boon to open source development. But to me it's just the same old featuritis, bloatware that Netscape has been crapping out for years now. Konqueror is where my I'm at for web browsing. Still problems with it to be sure, but the whole desktop integration thing I love. Moz will never be able to do this. It's also snappy and renders nicely. OTOH, I'm not big on plugins and I still use pine for mail. Just need 128bit SSL HTTP and stability.
That's right! One way or another, if the person setting up the router doesn't know wtf they're doing then something is going to be broken. I personally think the more 'socially' responsible thing would be to ship with egress filters config'd and let them sort out their internal issues. But you're right, either way you slice it it's a pain in the ass for somebody. But hey, this isn't kids stuff. You gotta know what you're doing.
Who ships a router with egress filters in place? I'm not aware of anyone doing this, but would love to know who is. You're responsible for your net and what kind of crap passes its border. You can't blame the 'upstream dweebs' for your own inability to configure a router!!
This is a very misleading post. First of, it's 10.0.0.0/8 not 10.0.0.0/16. Second, the only net you could remotely finger is the originating net for not doing egress filtering on the private nets. Everyone else is just routing based on dest IP and switching based on the data link (MAC) info. But there's no requirement for them to be doing that. The real fault lies with the local network engineer for not doing ingress filtering of packets with a source on a private net. You've got to take responsibility for your own misconfigurations. You can't blame everything on somebody else. They should have had a firewall in place and Exodus should have been doing the ingress filtering at their border. See my other post for a suggestion as to why this wasn't happening.
Here's what happens. You have your ethernet frame header and after that your IP header which includes source and destination addresses. The source is forged and the router is generally (discounting acl's and such) just looking at the destination. So, you're left with the MAC info in the ethernet frame header. Well, that gets tossed and rebuilt for each link in the network. In other words, the only way you find the source (by traditional means) is to trace all the way back to the first hop router that the frames are coming through and pick up the MAC there. After that point you've lost the data link info on source and your IP info is unreliable. And, yes, that excercise requires the cooperation of every network engineer whose routers the packets are coming through. It's much more a political feat than a technical one.
Topology my ass. Exodus fights hard to make you use their 'value add' security services. Be honest guys, the reason you weren't protected was b/c those bastards were working you over for more money and don't want you running your own security, right? In fairness, there's some nice things about running out of an Exodus facility, but dealing with their physical and network security chimps is not one of the high points.
It doesn't use mirrors. There's certainly still many unanswered questions here (it's a press release, not a tech doc of any kind), but the news part of this seems to be the fact that it's using inkjet technology to switch the circuits.
Why does inkjet always get described as being reliable? I've never been happy with inkjet products with the possible exception of my original HP Deskwriter. I can only imagine trying to troubleshoot connectivity problems on one of these things. What if you have a particular circuit that doesn't get used for a while. That ink is going to dry up and never inject! I'm really having a hard time even imagining how they can design "carrier class" equipment on inkjet technology.
Being a few feet from the giant blue arcs at BM98 was absolutely amazing. They mounted various objects on grounding poles in a circle around the coil and I just stood there for a long time (no time sense out there) watching these bright blue bolts come down right in front of me. The shriek and howl of the thing as it wound up would bring people wandering in. They had no idea what they were about to see and then...boom! the show would start and everyone was frozen with fixed eyes an mouth agape until they fried all there stuff and, I guess, probably had to give the motor a break.
I agree to an extent. Personal information is a valuable commodity as is software. It is fair to exchange one for the other and unreasonable to expect that all organizations will produce free software without something directly in exchange for it.
The problem here is that Real was not informing anyone of the monitoring. The actual terms of the exchange were never stated anywhere. That prevents the user from being able to make an informed decision as to whether the exchange is fair to them and whether they wish to enter in to the deal.
If I sell you a nice car for $10 I can't sneak into your house later to collect more money on the basis that the car was worth more and you really owe it to me. Those terms must be stated up front and at the time of the initial transaction. The only reason this isn't treated as theft is that our archane laws still don't treat personal information as property. All sorts of other data is, after our data is compiled into someone's database it is, but while we're in possession of it, nope! Not poperty, available to anyone for free.
People need to be made at least marginally aware of how their information is being used. HTTP is an open standard, so we can accept the fact that any tracking being done via that protocol is known to the user since they have the same access to the RFC's that anyone else does. In this case, Real is enticing users to install a trojan on their system which is not open source code, but required the efforts of a hacker to determine just what it was doing.
The bigger issue is not the collecting of data, but the secrecy with which it is done. In fact, it would almost seem that Real is deliberately misinforming in their own privacy and license statements. And it's one thing to track IP's or cookie s/n's as a user clicks around your website, I think it's something else entirely when you entice that user to install s/w on their system which then surreptitiously monitors their activities. As one person is quoted as pointing out, that's a damn trojan!
It may be amusing, but it's not on topic. Hardly one line of the article indicated a lack of understanding of giving open source. The rest was just bad statistics. Why is nobody taking issue with that? And what the hell is going on with moderation that something so mildly amusing and fully off-topic gets a 5?
I'm not an expert on BSD, but here's your basic breakdown: /Free|Net/BSD. Very significant security features, though I'm not sure how they affect usability.
386BSD - was the original 'PC' unix
from that grew:
FreeBSD - continue a focus on i386
NetBSD - main focus being platform proliferation (they support everything, though I don't know about laptops)
OpenBSD - a fairly recent splinter form
As a general rule you'll find the BSD's more server focused than Linux (big generalization, but it holds up some). Drivers are always there weak point, but check the Slashdot BSD section for sites that help you locate what you need.
Also note that the article states a half dozen or so other companies are looking into the same tech. Also, they haven't given up. The article goes on to say that now they'll develop a spray which could have the same effect (among others, I'd imagine).
What spooks me most is where this leads logically. Imagine you're given a life saving gene therapy only to be told you've purchased a time limited license. In 12 months you can buy another license or die! That's the sort of situation we're heading for with all this IP protection BS.
Without getting into a critique of facist politics, I think the simplest argument against this is the difference in transmission. It is possible to prevent the transmission of HIV. It is much more difficult to prevent the transmission of airborne viruses. Quarantine isn't necessary, education is.
The same policy applies in the US. My new doctor can not legally get my file from the old one without me signing a consent form. The real problem is that when most people sign up for insurance the sign off on the same consent to allow the insurance company to share medical information "as necessary." The problem then is, what is everyone's definition of necessary and whose definition is correct?
When I was going to a client involved in credit card processing, I was subjected to a full scale, government grade, background check. My client involved in telemedecine, with thousands of personal medical records stored on their systems, barely knows who I am.
As others have pointed out, the fact is that telemedecine is crucially important in some parts of the world and could even help domestic patients, particularly when you get into the more obscure, difficult to diagnose problems. However, until attitudes change in the medical industry (starting at the insurance companies) we are at grave risk of being persecuted for our medical histories.
I'm no fan of legislative fixes. It think what is needed is for other type of government control. The Fed is very adept at arm twisting and coercing an industry when it wants something changed. Something must be done about the current state of information security in the medical industry. The insurance cartels are too powerful to be motivated by their customers. We need an infosec lobby whose first issue is the security of medical records.
I don't think we'll see much out of Celera. The promise to realease discoveries after providing customers with right of first refusal is just an attempt to keep the gov. off his back. Without some basic legislative framework around this industry there will never be any motivation for providing data for the public good.
I think it's great that they're going to put the brakes on Celeron. Vintner is an ass. There's still a problem here, though. (Disclaimer: I'm not a geneticist. I just provided net support at a govt. sequencing lab for a year)
Sequencing just provides the mapping of the genes. It doesn't tell you a damn thing about what they do. That's call phenotyping.
He did not believe the move would inhibit new medical discoveries, as a map of a gene does not reveal its function - that would remain to be discovered. What it would do, Dr Morgan said, was to "ensure that no one company can stop others working on a gene."
I think the above quote seems to suggest that pharma will still be allowed to get patents around phenotypes. Though there isn't a great deal of competition in modern drugs, my suspicion is that we'll see even less with gene therapies. If there's only one way to fix the screwed up genes that cause a particular disease, then that one method will be owned. This isn't perl programming. Genetics is a pretty set thing.
This policy is certainly a step in the right direction and I'm sure the NIH, et al will continue to race the private concerns on phenotyping as they've done with sequencing, but I'm sill concerned that gene based cures will be out of reach for most people long after they're developed. Maybe that's not much different from how things work today, but it's still a problem.
It's true that the ability of media is simply to reflect back images from it's own audience. It's not creative and in that sense very limited. However, I think you've lost sight of the fact that this is the voice of the oppressed. These are otherwise voiceless people finally being given the opportunity to speak. While Katz may be droning a bit, the beating of the drumn may be making some of our heads ache, that doesn't mean it isn't extrememely important that this continue. In fact, as long as these kids are still in pain and oppressed then it _must_ continue if things will ever change. You seem to take offense that the geeks are recieving so much attention here at this geek website. Would you go to a minority race or gay supporting website and tell everyone to get over it? I know, you likely feel this site is supposed to be about the tech, but the tech is part of a culture and really (as long as I've been around) slashdot hasn't only been about the tech. Many, many issues have found voice on this site. I think this one has particular importance.
Drone on Katz!! The geek voice must begin to be heard.