First of all, ad hoc networks are currently focused on applications where everyone has a common goal. If you're going to work in an area outside of that, you need security. Jamming, etc can be worked out with spread spectrum or licensing (then it's illegal to jam, not that laws are always so easy to enforce), so mostly you need to worry about the routing and access control. Foolish people leaving them wide open won't happen if people are businesses trying to make a product out of this (otherwise, you're giving away product for free), and those who set up their own "open" manets are like those who leave open 802.11 nets. (Maybe a bit worse, but not much given how easy MAC addr spoofing is).
Security is a young and pretty exciting area in wireless network routing; some work by Zygmunt Haas, David Johnson, and Adrian Perrig, there are a couple tech reports by Brian Levine, Elizabeth Royer, Robin Kravetz (those you have to dig a bit deeper for...)
IANAL, but the legal issues come down to two things: (1) whoever was doing things with intent (eg, who put the file on their hard drive and opened it to the network intending for it to be copied, or better yet, who was doing the copying), and (2) did you do anything actually negligent.
Great question. It turns out that ad hoc network capacity is limited; in a randomly moving network, with sane discovery procedures, bandwidth per user goes down at some suprising rate. However, if your communications are local, that isn't a big deal. Also, several research groups have looked into cluster-based routing as a way to make things scale better, so only cluster-heads need to route amongst themselves, and the other nodes just go through the cluster heads.
I suppose gnutella could also benefit from such an architecture... I seem to recall that some P2P systems have "supernodes." However, the attractiveness of p2p systems is that they're really hard to shut down; 0wning all the supernodes would hurt. (Not shutting them down, just making them stop forwarding requests) Also, if one of these evil companies that advertise using P2P becomes a supernode, there's no end to the evil that company can perpetrate.
This is all a vast oversimplification, of course...
Ad hoc networks can support videoconferencing over LANs (in moving cars)... it's really not that big a deal. You just need to be proactive about link breakage prediction, then you can go 4 or even 6 hops with very reasonable latency and jitter.
Key word is *seems*, and perhaps more correctly "may seem." As you'll recall from the parent post you replied to, I'm quite supportive of democracy in India, and use it as proof that even a country China's size can be governed, and even democratically.
I have a hard time imagining that raw materials are much cheaper. It costs the same amount of money for the gas to move the ballots, etc.
Restaurants in India are unimaginably cheaper than you suggest. But the point is that when so many people are under the poverty line, voting seems like a grand waste of money, because *any* marginal cost could also be used to feed the populace.
The original question is the possibility of governing 10^9 people. Of course you can't think of another one offhand: India's the only country that can compare in size to China, and it manages, with a democracy. Yes, India has lots of issues, which is why I say it's even harder, and it does have these weak alliances that make the government collapse when they shift, but the point is that they manage, in spite of a much more challenging situation than China.
I don't see the difference between sinking someones Direct Connect hub and launching a DoS attack against a webserver.
So do you have a problem with/. linking to webservers that are likely to go down due to the load?
Unlike traditional web site DoS attacks, based on sending malformed messages (provable intent), DoS attacks in P2P can look like normal requests from normal clients that just come in really fast. IANAL, but much criminal law arises from intent, and the web DoSers (or bounce DoSers) clearly have intent. P2P networks just have a high-overhead protocol.
I don't think, in the end, that you can rely on laws to stop such problems. If you design a flooding mechanism into a protocol, you better be sure to rate-limit somehow... Maybe make people do some amount of work to perform a flood (though precomputation becomes problematic, because you want it to some extent, but not too extreme an extent).
Frankly, I don't know how a one-billion-people country can be ruled. I don't even know if a democratic regime as we know it would ever work there. But I'm sure that it can't be much worse than it already is.
Of course it can be... Look at India. Sure, the government collapses once in a while, but I think India's a lot harder to run: $2.2k GNP per cap, vs China's $3.6k GNP, massive ethnic strife in India and interests from so many different states, etc.
My point is that India is a pretty radical experiment in democracy... just consider the expense of running elections in a place that has a $2200 per capita GNP.
I don't see any reason why one country's citizens should be responsible for following the laws of another country if they're in their home country.
"I don't see any reason why one state's residents should be responsible for following the laws of another state if they're in their home state." Well, yes, but if the Supreme Court thinks its OK for a Washington State resident to be sued in California for a piece of software harming California industries, even if it was "only" placed on the web.
IANAL, but a state court will claim personal jurisdiction if a tortious act was commited against a resident of that state, even if the tortfeasor never entered that state.
Of course, between countries its slightly different, since the US is unlikely to have an extradition treaty with a country with barbaric laws (e.g. Taliban controlled Afghanistan), but we can't (shouldn't) go knocking on their door when they have someone who violated a US law.
I started university at 13, and I have to say I'm really glad that I did. I had a good social life as an undergrad, and also had a "normal" undergrad experience during my first years as a grad school. I think it's the best of both worlds, plus the extra salary is amazing. 3-4 years at your highest salary (you have to count the last years of your employment) is also around $1m (today, inflation-adjusted)!
Talk to people like us before you feel sorry for people like us. If I had gone to high school, my peers would have been morons and I'd be bored stiff.
I hook up a 19" CRT to my laptop screen, and can view 2 different screens: one on my CRT and one on the laptop screen below it. It's quite nice, actually... 1024x1536 resolution, sub-pixel antialiased fonts when I want them...
More accurately, factoring is not known to be NP-Complete. And if I remember correctly, if it is found _not_ to be NP-Complete, that would show its in P, AND show that P != NP.
0wn the DB server and you're doomed. If you're billing once a month, why not bill everyone on the same day, encrypt all the necessary information with RSA, and have the DB server burn the information onto a CD. Physically take the burnt CD to a net isolated machine that knows the key, have that machine decrypt everything and send it to Visa?
IANAL, but fair use is extremely vague. It may seem to go beyond fair use to you, but are you a copyright lawyer? Have courts held that position? AHRA (Audio Home Recording Act) compliant devices actually mostly allow what you've just described, so Congress apparently doesn't think that the scenario you described represents rampant piracy.
From the photo it looks like you're giving up two PCI slots for the tube and associated electronics, which are about as far away from the audio output as one could possibly place them. So you have to run the tube'd audio past all this noise, and they're not advertising balanced lines.
For my two PCI slots in the ultimate audiophile machine, I think I'd drop in a ProTools board, and hang a 24/96 or 24/192 interface off of it. The analog audio would then all live inside a nice shielded box with a good power supply (computer power supplies aren't real clean), and I can hang outboard gear off of that box.
Tubes are great for warmth and all, but there are much better places to put it. Like off the motherboard and in a separate shielded case. If they're serious about making their motherboards better for the audiophile, at least put a S/PDIF or ADAT out on the thing...
The argument seems reasonable on the face of it, but when you hire a secretary, do you make sure that they don't know how to cook or play the piano, since you won't be able to use those skills? It seems outrageous that you don't actually worry about this person's qualifications to achieve the mission of the organization, but rather try to hire the minimal person possible; in that case, hire a bum and train them!
You still haven't answered the question about whether or not you view employees as disposables; if you hire the HTML guy three years ago, do you fire him now that HTML is not hot, and hire an XML guy? What about recruiting costs?
I guess I do realize that the job market is flooded with those who are underqualified, and it's a heck of a lot easier to hire them. But it's not clear to me that that's a long-term win, especially monetarily; at a school, your budget is probably pressed a lot more than at a company, and you're naturally going to try to save money at the cost of morale, good business practice, and hiring qualified people (as you've pointed out). It just strikes me that it's not a wise business decision.
What do you use for a case? I have a Vx with the Palm hard case, and haven't found anything similar for Sonys, other than their latest one (NR70V?) which serves as its own case...
If you're buying a red crayon for a particular project, and are going to fire the "purchase" after the project is done, by all means. Your morale will suck, and employee recruiting costs will be outrageously high. If an employee costs $30,000 to recruit (look at what headhunters charge; this is modest), and you have the choice of a $60,000 guy you can keep for 10 years and a $40,000 guy you have to replace every year (or worse, 6 months), which one's cheaper?
A well educated person who can write an OS, compiler, network stack, build a pipelined CPU from transistors, and build TCP/IP over 802.3 from a PHY layer understands the fundamentals, and can (likely) pick up the next project with no sweat. They may not need any one of those particular skills for any project (eg, I've never used my computer architecture knowledge, but understand certain types of performance implications much more clearly), but even obscure knowledge like statistics are often useful (eg for signal processing). They're also more capable of helping others in your organization reach your goals.
I hope management in any company I own stock in does not have your attitude towards employee skills and competence.
IANAL, but it's not tying; see Marts v. Xerox, Inc., 77 F.3d 1109 (8th Cir. 1996). "The court concluded that there was no tying arrangement, since the customer could forgo the warranty and purchase cartridges and service from an independent source." The Lawletter.
I've run 802.11, with video and voice, with speeds around 20mph (~35km/h). Perhaps the range goes down, but it still works. Better yet, we've run the old AT I've long wanted a valet key that only allows the use of so many gears at such a speed... Would also allow greater parental control (kids keys limited to 65mph and hours from 7a-9p or something).
Voice recognition in noise: why not have a "command" button (ala the Motorola v60). Can mount it on the steering wheel...
Send a daisy-cutter towards your jammer, and all the sacrificial targets, plus the real one, will go down in one shot:)
But let's play a thought experiment for a moment. Suppose the controller were 1000 miles away and the jammer were 100 miles away; we'll assume free-space propogation, because everything goes up. That gives a 20dB advantage to the jammer. We'll get it back for the good guys by going to a 20dB directional antenna, plus we'll put out 100 chips per bit (not even UWB, == 20dB processing gain). Combine that with a 100W transmitter, and the jammer has to do 1kW to do a reasonable job jamming (-10dB SNR).
Agents stealing the radio codes isn't that easy. Suppose each UAV has a tamperproof module that speaks some key exchange protocol. Controller and UAV exchange nonces, run keyexchange, hash nonces and key exchange results for a session key, and communicate using that as an encryption key, chipping code, etc. Basically then the only person who can steal the codes is the operator him/herself, or someone who can compromise both the UAV and the controller, which makes a physical attack better than a jamming attack (eg disable the rudder or whatever).
Hope you're not using the public key algorithms in PGP and GnuPG if your paranoid about the NSA. Consider that the NSA typically is 15 years ahead of the academics in security (hence DES' security against differential cryptanalysis). Recently there's been some talk about being able to factor 3x as many bits just as quickly; imagine what factoring breakthroughs the NSA has made...
If you want something really secure, exchange keys privately and use a secure private key block cipher in CBC mode, and pray that the NSA hasn't broken your block cipher...
I use an old ThinkPad as my access point. It runs Linux. I assume that most of your clients are going to be running Windows. Anyone else should be clever enough to emulate PPTP.
I first chose a random WEP key. I don't consider this secure at all.
I have my ThinkPad play DHCP server (so anyone with the WEP key can get a DHCP addr), and firewall everything other than DHCP and PPTP from the wireless interface. I then use slirp with PoPToP to provide stateless 128-bit MPPE, and assign each windows box a unique password (this is where the security comes from). All real traffic is encrypted; all the user has to do is "dial-in". Of course, everything is NAT'ed; hope that's what you wanted anyways:)
Obviously this works with 2 APs and one computer behind them.
Slashdot Mirror
First of all, ad hoc networks are currently focused on applications where everyone has a common goal. If you're going to work in an area outside of that, you need security. Jamming, etc can be worked out with spread spectrum or licensing (then it's illegal to jam, not that laws are always so easy to enforce), so mostly you need to worry about the routing and access control. Foolish people leaving them wide open won't happen if people are businesses trying to make a product out of this (otherwise, you're giving away product for free), and those who set up their own "open" manets are like those who leave open 802.11 nets. (Maybe a bit worse, but not much given how easy MAC addr spoofing is).
Security is a young and pretty exciting area in wireless network routing; some work by Zygmunt Haas, David Johnson, and Adrian Perrig, there are a couple tech reports by Brian Levine, Elizabeth Royer, Robin Kravetz (those you have to dig a bit deeper for...)
IANAL, but the legal issues come down to two things: (1) whoever was doing things with intent (eg, who put the file on their hard drive and opened it to the network intending for it to be copied, or better yet, who was doing the copying), and (2) did you do anything actually negligent.
Great question. It turns out that ad hoc network capacity is limited; in a randomly moving network, with sane discovery procedures, bandwidth per user goes down at some suprising rate. However, if your communications are local, that isn't a big deal. Also, several research groups have looked into cluster-based routing as a way to make things scale better, so only cluster-heads need to route amongst themselves, and the other nodes just go through the cluster heads.
I suppose gnutella could also benefit from such an architecture... I seem to recall that some P2P systems have "supernodes." However, the attractiveness of p2p systems is that they're really hard to shut down; 0wning all the supernodes would hurt. (Not shutting them down, just making them stop forwarding requests) Also, if one of these evil companies that advertise using P2P becomes a supernode, there's no end to the evil that company can perpetrate.
This is all a vast oversimplification, of course...
Ad hoc networks can support videoconferencing over LANs (in moving cars)... it's really not that big a deal. You just need to be proactive about link breakage prediction, then you can go 4 or even 6 hops with very reasonable latency and jitter.
Key word is *seems*, and perhaps more correctly "may seem." As you'll recall from the parent post you replied to, I'm quite supportive of democracy in India, and use it as proof that even a country China's size can be governed, and even democratically.
So thank you for your misreading.
I have a hard time imagining that raw materials are much cheaper. It costs the same amount of money for the gas to move the ballots, etc.
Restaurants in India are unimaginably cheaper than you suggest. But the point is that when so many people are under the poverty line, voting seems like a grand waste of money, because *any* marginal cost could also be used to feed the populace.
The original question is the possibility of governing 10^9 people. Of course you can't think of another one offhand: India's the only country that can compare in size to China, and it manages, with a democracy. Yes, India has lots of issues, which is why I say it's even harder, and it does have these weak alliances that make the government collapse when they shift, but the point is that they manage, in spite of a much more challenging situation than China.
Unlike traditional web site DoS attacks, based on sending malformed messages (provable intent), DoS attacks in P2P can look like normal requests from normal clients that just come in really fast. IANAL, but much criminal law arises from intent, and the web DoSers (or bounce DoSers) clearly have intent. P2P networks just have a high-overhead protocol.
I don't think, in the end, that you can rely on laws to stop such problems. If you design a flooding mechanism into a protocol, you better be sure to rate-limit somehow... Maybe make people do some amount of work to perform a flood (though precomputation becomes problematic, because you want it to some extent, but not too extreme an extent).
Of course it can be... Look at India. Sure, the government collapses once in a while, but I think India's a lot harder to run: $2.2k GNP per cap, vs China's $3.6k GNP, massive ethnic strife in India and interests from so many different states, etc.
My point is that India is a pretty radical experiment in democracy... just consider the expense of running elections in a place that has a $2200 per capita GNP.
"I don't see any reason why one state's residents should be responsible for following the laws of another state if they're in their home state." Well, yes, but if the Supreme Court thinks its OK for a Washington State resident to be sued in California for a piece of software harming California industries, even if it was "only" placed on the web.
IANAL, but a state court will claim personal jurisdiction if a tortious act was commited against a resident of that state, even if the tortfeasor never entered that state.
Of course, between countries its slightly different, since the US is unlikely to have an extradition treaty with a country with barbaric laws (e.g. Taliban controlled Afghanistan), but we can't (shouldn't) go knocking on their door when they have someone who violated a US law.
BTW this is a stale news story...
I started university at 13, and I have to say I'm really glad that I did. I had a good social life as an undergrad, and also had a "normal" undergrad experience during my first years as a grad school. I think it's the best of both worlds, plus the extra salary is amazing. 3-4 years at your highest salary (you have to count the last years of your employment) is also around $1m (today, inflation-adjusted)!
Talk to people like us before you feel sorry for people like us. If I had gone to high school, my peers would have been morons and I'd be bored stiff.
I hook up a 19" CRT to my laptop screen, and can view 2 different screens: one on my CRT and one on the laptop screen below it. It's quite nice, actually... 1024x1536 resolution, sub-pixel antialiased fonts when I want them...
I take it you'll never buy a house.
More accurately, factoring is not known to be NP-Complete. And if I remember correctly, if it is found _not_ to be NP-Complete, that would show its in P, AND show that P != NP.
0wn the DB server and you're doomed. If you're billing once a month, why not bill everyone on the same day, encrypt all the necessary information with RSA, and have the DB server burn the information onto a CD. Physically take the burnt CD to a net isolated machine that knows the key, have that machine decrypt everything and send it to Visa?
IANAL, but fair use is extremely vague. It may seem to go beyond fair use to you, but are you a copyright lawyer? Have courts held that position? AHRA (Audio Home Recording Act) compliant devices actually mostly allow what you've just described, so Congress apparently doesn't think that the scenario you described represents rampant piracy.
From the photo it looks like you're giving up two PCI slots for the tube and associated electronics, which are about as far away from the audio output as one could possibly place them. So you have to run the tube'd audio past all this noise, and they're not advertising balanced lines.
For my two PCI slots in the ultimate audiophile machine, I think I'd drop in a ProTools board, and hang a 24/96 or 24/192 interface off of it. The analog audio would then all live inside a nice shielded box with a good power supply (computer power supplies aren't real clean), and I can hang outboard gear off of that box.
Tubes are great for warmth and all, but there are much better places to put it. Like off the motherboard and in a separate shielded case. If they're serious about making their motherboards better for the audiophile, at least put a S/PDIF or ADAT out on the thing...
The argument seems reasonable on the face of it, but when you hire a secretary, do you make sure that they don't know how to cook or play the piano, since you won't be able to use those skills? It seems outrageous that you don't actually worry about this person's qualifications to achieve the mission of the organization, but rather try to hire the minimal person possible; in that case, hire a bum and train them!
You still haven't answered the question about whether or not you view employees as disposables; if you hire the HTML guy three years ago, do you fire him now that HTML is not hot, and hire an XML guy? What about recruiting costs?
I guess I do realize that the job market is flooded with those who are underqualified, and it's a heck of a lot easier to hire them. But it's not clear to me that that's a long-term win, especially monetarily; at a school, your budget is probably pressed a lot more than at a company, and you're naturally going to try to save money at the cost of morale, good business practice, and hiring qualified people (as you've pointed out). It just strikes me that it's not a wise business decision.
Sokie,
What do you use for a case? I have a Vx with the Palm hard case, and haven't found anything similar for Sonys, other than their latest one (NR70V?) which serves as its own case...
If you're buying a red crayon for a particular project, and are going to fire the "purchase" after the project is done, by all means. Your morale will suck, and employee recruiting costs will be outrageously high. If an employee costs $30,000 to recruit (look at what headhunters charge; this is modest), and you have the choice of a $60,000 guy you can keep for 10 years and a $40,000 guy you have to replace every year (or worse, 6 months), which one's cheaper?
A well educated person who can write an OS, compiler, network stack, build a pipelined CPU from transistors, and build TCP/IP over 802.3 from a PHY layer understands the fundamentals, and can (likely) pick up the next project with no sweat. They may not need any one of those particular skills for any project (eg, I've never used my computer architecture knowledge, but understand certain types of performance implications much more clearly), but even obscure knowledge like statistics are often useful (eg for signal processing). They're also more capable of helping others in your organization reach your goals.
I hope management in any company I own stock in does not have your attitude towards employee skills and competence.
property needs not be tangible.
IANAL, but it's not tying; see Marts v. Xerox, Inc., 77 F.3d 1109 (8th Cir. 1996). "The court concluded that there was no tying arrangement, since the customer could forgo the warranty and purchase cartridges and service from an independent source." The Lawletter.
I've run 802.11, with video and voice, with speeds around 20mph (~35km/h). Perhaps the range goes down, but it still works. Better yet, we've run the old AT I've long wanted a valet key that only allows the use of so many gears at such a speed... Would also allow greater parental control (kids keys limited to 65mph and hours from 7a-9p or something).
Voice recognition in noise: why not have a "command" button (ala the Motorola v60). Can mount it on the steering wheel...
Send a daisy-cutter towards your jammer, and all the sacrificial targets, plus the real one, will go down in one shot :)
But let's play a thought experiment for a moment. Suppose the controller were 1000 miles away and the jammer were 100 miles away; we'll assume free-space propogation, because everything goes up. That gives a 20dB advantage to the jammer. We'll get it back for the good guys by going to a 20dB directional antenna, plus we'll put out 100 chips per bit (not even UWB, == 20dB processing gain). Combine that with a 100W transmitter, and the jammer has to do 1kW to do a reasonable job jamming (-10dB SNR).
Agents stealing the radio codes isn't that easy. Suppose each UAV has a tamperproof module that speaks some key exchange protocol. Controller and UAV exchange nonces, run keyexchange, hash nonces and key exchange results for a session key, and communicate using that as an encryption key, chipping code, etc. Basically then the only person who can steal the codes is the operator him/herself, or someone who can compromise both the UAV and the controller, which makes a physical attack better than a jamming attack (eg disable the rudder or whatever).
Hope you're not using the public key algorithms in PGP and GnuPG if your paranoid about the NSA. Consider that the NSA typically is 15 years ahead of the academics in security (hence DES' security against differential cryptanalysis). Recently there's been some talk about being able to factor 3x as many bits just as quickly; imagine what factoring breakthroughs the NSA has made...
If you want something really secure, exchange keys privately and use a secure private key block cipher in CBC mode, and pray that the NSA hasn't broken your block cipher...
I use an old ThinkPad as my access point. It runs Linux. I assume that most of your clients are going to be running Windows. Anyone else should be clever enough to emulate PPTP.
:)
I first chose a random WEP key. I don't consider this secure at all.
I have my ThinkPad play DHCP server (so anyone with the WEP key can get a DHCP addr), and firewall everything other than DHCP and PPTP from the wireless interface. I then use slirp with PoPToP to provide stateless 128-bit MPPE, and assign each windows box a unique password (this is where the security comes from). All real traffic is encrypted; all the user has to do is "dial-in". Of course, everything is NAT'ed; hope that's what you wanted anyways
Obviously this works with 2 APs and one computer behind them.