A phone called placed between two VOIP enabled devices using SIP has about as much chance of executing arbitrary code as a browser does displaying a jpg image. Yes, a chance exists (poorly written code with buffer overflows at precisely the wrong time) but on a scale of 1 to 10 it's a -7.
Have you studied SIP? It's just begging for security problems between the nightmare of parsing and the arbitrary URLs being allowed in various fields. If a SIP message has "Alert-Info: <http://cracked.site.com/booby_trap.wav>", in it, do you think the SIP stack is going to fetch and play the ringtone, or will it hand it off to, say, a browser, or perhaps a media player?
One still has to wonder about diddling with the Via: headers in a message to redirect the response path to target systems within a network, but, well, that is another topic.
It's going to take years for SIP to get secured -- it's too new to have had a thorough shake out.
Why do we do everything over IP? I mean, honestly, it's a good protocol and all, but it's not perfect for everything. There are already digital wireless phones, and not all of them use IP.
Why would one want to use an ATM/IP/IPX/IP network when they could just use whatever works best for that application?
You are confused because you are thinking like an engineer, rather than a philosopher or an idealist. Ideally, we could just have one protocol (to rule them all, in the darkness bind (v9.2) them...), but it is not a very practical solution.
I rather suspect there is this problem with people getting the network protocols confused with the applications that run over them. The "everything over IP" crowd seems to be mostly the same group that feels that NAT is a bad thing -- i.e. that everything should be one big network with the same addressed space (i.e. the Intranet, really, rather than the Internet, because the latter implies connections between different networks.) From this point of view, the "everything over IP" is the equivalent of saying, for example, "everything over copper wire, and only over copper wire -- it does not matter if fiber optic cable makes more sense for certain specific applications, you would need a converter to convert between copper and fiber, and that would break the end to end connection!"
If you can pry the application out of the network protocol (i.e. IPv4), such that the application is independent of the underlying protocol (as it ought to be), then you could more easily use the apropriate protocol for the apropriate application when necessary. However, as long as the masses believe there is some magic inherent in end-to-end un-NAT'ed networks, IPv4 will remain God, and IPv6, among other things, will never arrive. (It's not magic, it's bad design which requires end-to-end transport without allowing for the possibility of transport conversion.)
It is a bizarrely almost Luddite mindset. I mean, honestly, is it just me, or does anyone else feel that the "IP is your Lord god, and you shall have no protocol before IP" mindset is intellectually stifling?
The parent comment definitely needs to be modded up. Magic bullet indeed. One does still look forward to how IPv6 enabled cell phones/wireless devices will be able to roam between cells without constantly having to disconnect and reconnect.
(A NULL prize for the folks who suggest Mobile IP style tunneling from a home network for VoIPv6 calls.)
Probably to make the 'next leap', so to speak, in version control systems for programming is to design or modify a language so it is more version control friendly, or add much more language-sensitivity to the version control system.
Most people will probably hate this, but for instance, if a comment for a specific line/block of code always had to appear in a specific area or syntactically consistant way such that the version control system can recognize that if a piece of code changed, but not the comments for that code, it could ask if the comments for the code need to be updated as well. Or if a function's parameters or return value have changed, whether or not all instances/uses of that function have also been changed, etc.
That is not to say that you cannot create a great system on top of existing languages, but that perhaps making some minor tweaks in the language to make the language itself easier to manage/version, then this may open up new tool possibilities.
This sort of technology is very interesting, conceptually, though given Microsoft's track record, it is questionable if they will come out with a decent implementation.
There does not seem to be much difference between being able to say "Only this certain person can play this music file in certain circumstances and not share it with anyone else" and "Only this organization can use this personal information I gave them in certain circumstances and not share this information with any other organization." The problems with DRM as currently proposed is that it is too one-sided, biased towards businesses, and a bit too specific.
In an ideal world, something like Palladium would be a step towards information management -- making sure a certain piece of information only goes to the people it is supposed to go to and no one else, that it is only valid for the length of time it is valid (either by life span or the ability to revoke), and that is trackable (just how many organizations out there do have copies of your credit information or home address, etc.) Right now, our information management capabilities compared to ability to acquire information seem pretty primitive. A real information management solution is probably a decade or so away at least, as it would require people to rethink how they handle their information and develop new processes/habits to do so.
Unfortunately, most people will probably look at this as a DRM attempt (which in Microsoft's case, this may very well be) and reject the entire concept of such technologies. This could very well be a problem in the longer run -- if we are in the information age, where information is our tools and our reality, then having the ability to manage and track our tools and reality will be a crucial technology.
This is not to say such a system would ever be perfect or uncrackable, but even though a firewall is not a perfect solution, it is still useful to have. Oddly, such a technology would probably completely fail in a DRM situation in the future because for most people they probably would not care if a music file was authentically signed/certified or not -- but it gets much more interesting for issues of business email/contracts, financial transactions, medical records, etc. If you could apply DRM-type technologies to the personal information you submit to other parties such that it would limit that information to only being read by those parties, then that could, potentially, be an interesting issue. (i.e. A person gets denied a loan/medical insurance -- demands to see why. The business claims that the information on the person indicates he's a bad risk. Person asks to see the certification on the information, since he never gave that information to the business. The business only has uncertified information on the person -- all the DRM-style information stripped out. Scenario: Either another organization stripped off the privacy/DRM on the information and passed it to the company, or the information is invalid. Being able to track/challenge such information could make things more interesting.) Again, such a system would never be bullet-proof, but it could add some value if done properly.
If information is the next economy, then information management tools will be the next banking technology, so to speak. They will undoubtedly arrive in some form.
Strictly speaking from a bandwidth usage point of view, IP is not more efficient than ATM for voice, unless you allow for higher latency per chunk of voice data.
That is, ATM has a fixed, roughly 10% header overhead per cell compared to data payload. IP can have lower relative overhead by having larger packets verses the IP header size -- *however* the time it takes to gather the data to fill one large IP packet increases the delay.
For instance, if you are using an 8:1 compression codec, then that 64K bits-per-second voice becomes 8Kbps, or 1KBps. You can fit that entire one 1K bytes into a single IP packet, yes -- but you have to wait one entire second (the time it takes to gather that second of voice) before you can send the packet. With 8:1 compression, each byte of data is roughly 1 millisecond of voice -- each byte you pause to gather adds one millisecond delay before you send the data.
ATM becomes more efficient for voice as the payload size decreases per IP packet below around 300 bytes (i.e. 300 milliseconds delay in voice transmission between the first byte encoded and the last byte encoded before the packet is sent.) IPv6 will have an even poorer efficiency, of course, due to the larger header.
This is not comparing the cost of ATM network hardware to IP networks, just commenting that from a strict data point of view (i.e. bits per second of payload), ATM is going to be have better efficiency/quality for voice data. Now, for mixed voice and data networks, that may not be the primary concern.
Does that mean that if EULAs are 100% enforceable, that every time a system administrator installs a piece of software with a EULA, the corporate lawyer has to be there to review the EULA to confirm that the EULA is safe for the company to agree to?
Could a system administrator even install the software if she/he was not an officer of the company or otherwise authorized to enter the company into a legally binding contract? (i.e. if the EULA gave the software developer the right to inspect/use the system the company installed it on -- which might also have on it confidential data, customer records, trade secrets, etc.)
Perhaps the US gov. will believe China can do it..
on
China Plans Moonbase
·
· Score: 5, Insightful
It would not necessarily be a bad thing if the US government thought China might successfully build a moon base. Perhaps there would be more serious initiatives to encourage more space exploration and development on this side of the Pacific.
Sure. I am sure they already exist for high security areas as well, just I would like to see more *development* in those areas to bring the capabilities down to all devices/applications. Maybe I am just in the wrong circles, but there does not seem to be a lot of talk about working on applying these concepts to desktop OS system, except insofar as it relates to not letting people copy music/movies as opposed to letting them set up policies to manage the protections/policies on their own data.
The security meta-data has to be capable of being sent along with the data itself when transferring the files between devices. That is, even if it is secure on an IBM workhorse, if the Pointy-Haired-Boss downloads data to his pony laptop/etch-a-sketch, the PHB can't accidently email the data/document out to random people to get their advice on it.
This will probably squick people by sounding like a cross-platform IPR protection/management systems (why, yes, yes it does), just aimed at corporate use. It probably would not be perfect (i.e. like anything else, not able to stand up against a focused attack), but would be useful in enforcing policy against accidental slips and/or carelessness.
Does IBM make an AS/400 laptop, BTW? That would be amusing!
If people consider PDAs, MP3 players, and digital cameras a security threat as a channel for bringing data in and/or out of a company, just wait for the next generation cell phones/PDAs. When you have a 3G/GPRS/GPS/Bluetooth/802.11/IrDA/Ethernet/USB/Fir ewire/etc. capable personal phone, would employers let you bring it into work? Even if you had no hostile intentions yourself, your phone might be compromised by a trojan or virus that might attempt to spread from your phone into the corporate network over whatever communications medium is available.
With the wireless connectivity becoming so common, network security is losing its "air gap".
It might be noted that the IP Rights protection software might end up being a problem for Open Source software acceptance in the market and work place. Not necessarily due to (most) corporations really concerning themselves about people copying music, but with employees copying confidential files to unsecured devices.
An operating system/networking system that provided built-in guards for transferring confidential/private data from secured/official devices to unsecured/private devices might have a lot more appeal to a corporation than one that has no protections against random file copying.
(Given that we are reaching the point where we have more memory and CPU power in computers than we know what to do with, I would be highly interested in seeing more OS development that allows for (security) meta-data to be associated with areas of memory as far as the permissions/state of that memory goes. It would be really nice to see a system where, say, image data loaded from a website might be marked in the OS as "image (jpeg) from foo.bar.com -- unauthenticated, non-executable", so that if some thing else tried to trigger the CPU to jump to that area of memory and execute it, the OS would reject the attempt. This is going to be more important with Bluetooth/ad-hoc connectivity, 'media' which are almost programs in themselves (Flash, Java, JavaScript, etc.) -- simply turning off all support for 'dangerous' media may not be practical if their use becomes wide-spread. This sort of internal OS meta-data system would have a high overhead, of course. And yes, the side effect is that it makes IPR-type enforcement much more possible, but the security issues may start pushing systems development in that direction. Free software folks should think about this one -- it would be highly ironic if by implementing IPR management software in Windows, Microsoft then stepped up and managed to make an OS with a superior internal security model based on extending the IPR system to manage internal data/executable security. Better start looking for quad Athlon servers...)
Hardly. The US has always been an excellent source of agricultural production, much more so than say the Soviet Union in its day. Freedom yields innovation, sure. But attempts to impose order and discipline on fundamentally disordered processes yield considerably more chaos than does courteous anarchy.
The key issue in your statement is "attempts to impose". You can have voluntary order/discipline -- cooperation, agreed upon standards, etc. The courteous anarchy your refer to. You have made the assumption I meant "imposed order".
I would rather say that people working together produce more than people who do not work together, thus order/discipline yields production. The statement does not imply one way or the other whether or not the order and/or discipline came from within or was imposed from without.
How exactly would you propose to have a workable decentralized system without some sort of standard or order? You could easily come up with an unworkable system, granteed, but a workable one, a productive one -- a useable one -- would require some level of cooperation/standards and the discipline to stick to the cooperation/standards.
Distributed services tend to take a hit in efficiency in terms of cost/resources than centralized services, though the service may be better -- centralized services tend to be able to take advantage of efficiencies of scale and mass production. Unless you can convince every one that it is worth paying more for the best and not just 'good enough' for them, centralized services will be out there if not the norm. The better solution is to find ways to allow for both centralized, decentralized, and hybrid systems to coexist politely. (i.e. both Wal-Mart and the mom-and-pop store.)
I am incredibly tired of hearing people constantly spout off how everything would be so much better if service ABC was distributed. It is such a consistant refrain of:
We should replace the centralized
service-name with a distributed model, so that everyone can do their own service-name for themselves. By developing the right technologies to make service-tools available for everyone, we can all benefit. If everyone had access to service-tools and could do their own service-name, then innovation can flourish as everyone becomes part-time service-person and might develop new and exciting uses in service-name.
If you stand in front of a bunch of (service-person = ) programmers, and say replace service-name with 'network services' and service-tools with 'computers', then everyone cheers. However, if do substitutions like service-name = "grocery stores/food distribution and production", service-people = "farmers", and service-tools = "farming tools and overalls", people start hemming and hawing -- unless, perhaps, you proposed that in front of a bunch of farmers. Or "sewage services", "sanitation engineers", and "septic tanks." -- unless when proposed in front of bunch of sanitation engineers.
Chaos/freedom yields innovation, but order/discipline yields production. Between the two is a varying place where the efficiency of the resources consumed verses the quality/quantity of what is produced is maximized. People may want the best in everything, but they cannot afford it -- people will pay for the best priced "good enough" -- this does not necesarily drive an improvement in quality, only efficiency. There's a reason why people don't grow their own food, manage their own waste, generate their own electricity, perform their own appendectomies, purify their own water, build their own homes, mine their own ores to hand-forge the nails they need to hammer together the boards they cut from the trees they felled to build their own home, etc. Doing it all yourself might, eventually with practice, yield far superior and customized services/products (from your own point of view), but it requires more effort.
Some people choose to put forth that effort, but equally important is to able to choose not to and buy services from some one else so that a person might focus their energies on their endeavor of choice and excell within that field, not spreading their energies around just to survive.
It is a good thing that if a person wanted to, they could grow their own food, make their own clothing, do everything for themselves -- they may come up with something interesting, after all, and they should be free to. It is also a good thing that if a person wants to buy services from other entities, even (gasp) from a centralized service so that the person may focus on their chosen endeavor -- one rather suspects Stephen Hawking would be hard pressed to grow his own food (without the purchase of considerable automation, at least.) People need to have the opportunity to choose what they want to buy and what they want to do themselves.
It's a bit of a rant, perhaps, but I just disgustedly tired by those who froth at the mouth about how centralized services are bad... while drinking coffee at Starbucks. When they are wearing/using products made in sweatshops in foreign countries while spouting off how "everyone should do their own network services for themselves because centralized service models suck", it's just adding insult to hypocrisy.
Centralized services are not inherently bad, nor distributed services inherently good. They are just models -- only when you map the model to an actual system or process and establish criteria for measuring performance can you then make a judgement on bad verses good. What is good is being allowed to make that decision for one's self and choose the model one wants to use -- no system should be entirely one or the other.
(And as far as not being able to pay for the bandwidth to run a successful site, that's why the Internet needs to go to a pay-to-play model where the people browsing should pay for the bandwith. Then no site is 'penalized' for success.)
Not while the Internet is viewed as a 'flat-rate' usage medium. The flat rate usage model was a useful thing, like being bottle-fed, to get things going, but things are rapidly reaching the point where a pay-for-play model is making far more sense, and this type of 'publishing' is one example.
Right now, if you are paying for 'bandwidth' in terms of a shared connection (going through DSLAMs, modem concentrators, etc.) it is not in the providers' best interest that you use the bandwidth. The flat rate is priced according to the 'average' usage across all users (so the people who use it less get screwed out of their money by the people who use it more) -- if the average usage increases, the provider loses money. The provider starts throwing these things like usage caps and blocking incoming server connections, etc., to throttle down the average usage levels.
This is a bad situation all around. The users are paying for a service which the providers make the most money on when the users don't use it. Work out the logical conclusions. The users *cannot* win, because the providers control the wires and can limit service accordingly. (NAT, application level firewalls, private networks, etc.) Websites have advertisements and subscriptions to cover the cost of their network connections.
Now, let's flip this around so we have a pay-for-play model where the providers make money for usage/bandwidth. That the more the network is used, the more content is used the more money the provider makes -- give the provider motivation to encourage use of the network. This has a far, far more interesting set of possibilities.
What does this have to do with publishing of music or writing online? Everything. The more content there is out there, the more *good* content, the more people would use the network in a pay-for-play situation, and the more money the providers would make. Potentially, the situation could be reached where it was in the network providers' best interest to sponsor or provide patronage to writers, artists, musicians, programmers, etc. that generate content -- *without* restrictions. The more the content is restricted, the less it could be sent over the network, which means the less revenue the provider would earn.
This would make search engines and services like google all the more important, of course, as in this model the users would be much more careful about what they looked at -- the need for promotion and quality control of content generation would increase.
Imagine a scenario where if you put a web server up on your DSL connection it cost you nothing -- that people who viewed your pages were paying for the bandwidth they used to view it. Providers would be doing their darndest to encourage people to set up web pages, put up content, exchange view points -- generate traffic. If a provider could make $14 a month from someone connecting to a $10 a month MMPORG, perhaps it would make sense for them to pay the $10 themselves, and earn extra revenue from the increased user base. Laws which chilled free speech or free exchange of information would suddenly be very much not in their own commercial interests.
Heck, perhaps the network provider could give you a cut of the revenue you generated for them by getting people to connect to your website. Then self-publishing could take on a whole new meaning -- it would take literally no more than a computer to host the content, be it music, text, software, movies, etc.
This is not to say the situation would necessarily work out that way, of course, but it seems a much more positive scenario than the one where the providers have to actively work against their users using their services in order to stay in business -- it makes them more interested in working with folks who do content control and restriction than against them.
(A bit off topic: VoIP should be an interesting disaster -- if it actually takes off among broadband users and raises the average bandwidth usage significantly, then all the broadband providers are going to start losing money verses the flat rate fees. Of course, the first one to raise their rates will lose, because all the users will jump to the ones who have not... While it's true that the costs of providing bandwidth go down every year (in theory), so do the prices of cars, but most people cannot afford new cars every year, and neither can most providers afford to upgrade their entire networks over night to lower costs (sic). If growth increases faster under a flat rate system than a provider can pay off the equipment, rates will have to rise or the provider goes out of business. In a pay-for-play system, the provider ends up paying off the equipment costs faster and can potentially upgrade sooner.)
I rather agree with some other posters that this system will most likely be supplanted by cell phone-based systems -- mostly because phones will probably soon include location/GPS systems. Not only will each purchase be tracked, but the location as well (E911 services) -- beyond the flip side of the privacy implications, that would make theft a bit more complicated, since the police would know the exact location of the thief. Note that since the anonyminity of cash is not existant in the system, the thief has a very small window of opportunity -- if he goes anywhere with video surveilance to use the system, between the ID of the electronic wallet, and the time stamp of the transaction, he will be recorded. If he transfers money to his own account, well... not quite the Darwin Awards but...
Pan-handling could become a thing of the past if no one has any cash to hand out and the homeless cannot get a device to have money transferred into. Drug dealers, porn stores, bookstores, charities, political groups, gun dealers, money laundring, etc.... what happens if anonymous cash and purchases are no longer common?
Would it make people spend money more easily as they have to think about it less? Just wave device/push a button?
Does this mean we can file a lawsuit against lawyers who allow themselves to be hired to conduct frivolous or harassing lawsuits for allowing themselves to be used to conduct frivolous or harassing lawsuits, instead of the people hiring the lawyers?
The idea that increasing transparency at all levels is an interesting one, but I would like to see how Brin would deal with the issue of simulated transparency verses actually seeing what is there.
He is correct that as the technology improves it is easier to share information and to gather information, it also makes it easier to simulate and falsify information. (Info-tainment, commercials disguised as informational presentations, etc.)
It might make for an interesting arms race between those who try to see what is really going on and those who obscure what is happening by creating false but believable data with the facilities available to them. A person could be so bombarded by so many 'experts', each claiming a different view point or interpretation of 'what really happened', that the person cannot decide who to believe.
There is probably a necessary layer of filtering required there (i.e. like people wear sunglasses to keep the glare from blinding them -- too much transparency can be bad), but that leads yet again to the accountability problem -- who runs the filters?
This should be addressed to children in the target age range today, not the slashdot folks who have (presumably) grown up since they were that age group. What would seem neat or interesting to us based on how we remembered that time period is not necessarily the same as what would be neat or interesting to children living in the current time (or 2005) rather than the times of a decade ago.
It sounds like the whole point of the experiment may be to see what the children will do with the technology, not that what people now would have wished they could have done when they were children -- that is, it sounds like building to a set of preconceptions could be counter productive to the goals of the experiment.
Now, if the goal is to develop a new class of technologies *first*, then expose the children to see if they develop mutant powers -- er, develop interesting new uses of technology, then that is a slightly different matter. Something like, oh, combining Instant Messenging with a neural network system -- give every child a PDA that is also a node on the neural network. Set it up so the children could set up rules/weights for automatically processing messages (i.e. if both Amy and Joey send me a message about the new movie, pop it up on my screen, otherwise I'm not interested in movies that Amy and Joey don't like. If Amy, Joey, and Bob like it, it must be really cool -- forward the message to Kelly, too!) Turn the nodes into a combination advanced instant messaging/USENET node. Sort of Google crossed with Instant Messenging. Every node contributes as a filter/forward/weighter of messages to the neighbor -- ideally, the entire system would start to more intelligently route messages around internally only to the people who are interested in them (i.e. don't alert me about that new article from CNN unless it also shows up on Slashdot and at least two of my friends think it is interesting). The major issue would be having a easy to use user interface that would let people easily set up the filtering/forwarding/weighting system.
"Under carefully controlled circumstances of light, temperature, pressure, and humidity, the organism will do what it damn well pleases."
They probably fear customer backlash from the sticker shock of what real bandwidth would cost. All of them would have to be willing to come to a sane price at the same time and figure out how to explain to customers, etc. why it really does cost that much.
You are also correct about the performance requirements -- unfortunately, as long as we are stuck with the current Internet standards, that is going to be hard to provide.
This sort of brewing dispute between the users (trying to get around limitations/TOS) and the carriers (trying to control their own networks) is just going to lead to wasted energy and pointless conflict -- neither side is going to want to grow up and address the actual problem.
Re:Use Existing Technology
on
Is Hyperchip Hype?
·
· Score: 3, Interesting
Anonymous Coward wrote:
Building it is one thing. Making it run efficiently is something else altogether. Perhaps that takes a class of people even smarter than the builders?
That is what I was referring to in my comment in a sense. Anyone can build chaos, diversity -- a jungle. Anyone can say "We will make the edges smart and the core dumb!", but the doing is another matter. Such a construction is not efficient, though. History tends to indicate that farming has won out over jungles, that civilization over barbarians, corporations over small buisinesses.
As the demands placed on the network become more stringent in terms of QoS, costs, efficiency -- once the network becomes no longer cutting edge, but boring old infrastructure, it will become ordered and managed to increase efficiency at the cost of diversity. Every frontier is eventually settled because it uses resources more efficiently that way.
Pretending that the core network does not need intelligence allows people to pretend that they can do whatever they want, drop whatever packets they want into the system, and have it work. (In the slightly higher application level, people learned that they could send SPAM to everyone else easily.) The issue is that this is slowly creating an hostile relationship with the core network. Issues with having ports blocked to prevent people from running servers on their connections are symptomatic of this -- the edge and the core are conflicting over what is allowed. (Hint: the core wins unless the edge pays at least the cost of the actual bandwidth used. The core can always cut the connection. If the edges do not cover the costs of the bandwidth, the core goes out of business, and everyone loses (you know, like all those DSL providers...))
Barbarians who have stood at the edges and shouted and screamed that they do not need civilization have always been pushed back by the expansion of civilization. The edges will have to be come civilized and deal with the core network in a civilized fashion, not just run rampant through it -- the core is alread setting up walls and gates on the edges to stop the barbarians: filtering out spoofed source addresses, NAT, firewalls, port blocking, monitors, sniffers, etc. Because the core network is denied any useful information/intelligence about services to make optimizations, because it has to handle *anything*, which is inefficient/expensive, the core network is , unsurprizingly, becoming dumb -- and, surprise, dumb things do not do well in performing a variety of services efficiently, the services and traffic have to be simple and uniform to be handled efficiently by a dumb box. So, the traffic and services are *made* simple -- no web servers for you, bud! We'll forcibly shape your traffic patterns until they are more simple and efficient for us, 'cause we're only a bunch of dumb core guys, right? We can't do anything complex! Why, yes, tech support really is staffed by low-grade morons -- the network is pretty dumb and simple, you know, doesn't take any brains to run!
Ultimately, the barbarians will have to become civilized, the only question is on whose terms, or find a new frontier. If the barbarians are going to want good terms, they are going to have to treat the core with respect -- they will have to have intelligence in the core to communicate with it. For QoS, etc., the edges will have to be able to tell the core what they want, and the core will have to have the intelligence to see if it can manage it, and arrange for the service. And the barbarians better negotiate while they still have power -- if they all get crowded into little reservations of network places with unfiltered services and become a tiny part of the market first without any bargaining power, well...
If the only communication/negotiation between the edge to the core is "Route packet! Route packet! Route packet!" The only reponse the core can have is "Yes" or "No". Allowing for more intelligent negotiation of service allows for compromises and more flexibility. The core can *always* say no.
Murphy's Golden Rule: Those who have the gold make the rules.
Possession is 9/10ths of the law.
As long as we need core networks, routers, interconnect points, etc. those who own them will ultimately have the power to make the rules. And they aren't owned by the IETF, and they aren't owned by the edges.
That is because there are people out there who believe that the network should be 'dumb' with all the intelligence in the edges. This class of people rarely understand that the network needs intelligence to do its job well.
You are only considering the equipment cost. You are not considering the operational costs -- maintaining a NOC 24x7 with people who have half a clue, who know how to run an IP network more or less, can mostly manage BGP4 routing, field techs to replace equipment, spare router blades, router service contract costs, electricity, management, etc. And that is only for a half-way able staffing. Staffing a NOC + field support with really good people who know what they are doing 24x7/oncall, full network redundancy (never mind just doubling the cost of the lines and the routers, *managing* the redundancy is expensive in terms of manpower), spares for all equipment, etc. is a huge operational, recurring cost.
Depending on how you handle the business model for a dial-up ISP, the business model gets *less* profitable the larger you get, due to the management overhead. Suppose you need to have 100 paying customers per month to support one tech support person answering the phones for that month (arbitrary number) -- at some point, you have so many tech support people working, you need to hire a manager to handle them -- but to pay that manager's salary, you need another 500 paying customers. The ratio of customers:tech support just went up. If you get so large that you have multiple managers and now need a senior manager... etc. The 'pyramid' of management that grows on top of the service base eats into the profit margin per customer. If this was a manufacturing system, this might not be an issue as as the business grows larger you could leverage economies of scale, but this is a *service* (i.e. tech support) issue, where you must have a certain number of tech support personnel per customer.
The network costs have a similar issue. When you have little traffic, a topology where all remote points talk to a central hub works fine and is fairly easy to manage, but as network traffic grows and you try to add links between more and more points in a many-to-many connected network, the number of links to manage starts going up very quickly (i.e. n!, or possibly n!/(n-m)! where m is the number of links per n end points). Managing all those links is an increasing cost that does not match the subscriber base. (i.e. the subscriber base grows linearly, the network management/complexity exponentially) -- eventually the costs exceed the revenue.
At that point, either quality goes down, or costs go up. Every one wants 'cheap' broadband, though, so... quality goes down, or the providers have to tie people into some other service to stay profitable. If people don't want the content providers to control how bandwidth is used, then they are going to have to be willing to pay *full* price for the bandwidth so that the bandwidth providers have no subsidies from the content providers to listen to, and only are interested in listening to their customer base.
Bandwidth costs are not well understood -- things are changing very rapidly, but it's neither as simple or as cheap as $ per month.
Bandwidth Costs Are Not Understood
on
Broadband Obstacles
·
· Score: 5, Interesting
I suspect a major issue is that bandwidth is not as cheap as people think/desire it to be. Look at all the places that advertised 'unlimited' usage, then went back and added usage caps -- look at the price to actually have 'unlimited' usage.
Up until this point 'unlimited' usage has worked because the statistical multiplexing of the traffic functioned to give the illusion of unlimited usage over the avaiable networks. As usage has increased and the need for consistancy of service, quality of service has increased, the illusion that the statistical multiplexing of the packet traffic in the network is failing.
Fast, good, cheap -- choose two.
If people want fast (broadband) and good (QoS, reliability of service, and not to be run into 50:1 broadband/last mile DSL concentrators feeding out into a single T1), it is not going to be cheap. What people have had so far is fast and cheap -- but no one noticed at first because having it at all was better than nothing.
Forget Installation -- it's the maintenance
on
Why ADCo?
·
· Score: 2
Getting a last mile connection laid is only part of the problem. In theory, it would be a one time issue and be finished with. The larger issue is the maintenance and operational costs that have to be paid on an ongoing basis to keep the system working.
Working out how to get the connection to the house is a technology problem, keeping the connection working is a service problem. Most people are going to be interested in buying services, not (just) technology.
Slashdot Mirror
Have you studied SIP? It's just begging for security problems between the nightmare of parsing and the arbitrary URLs being allowed in various fields. If a SIP message has "Alert-Info: <http://cracked.site.com/booby_trap.wav>", in it, do you think the SIP stack is going to fetch and play the ringtone, or will it hand it off to, say, a browser, or perhaps a media player?
One still has to wonder about diddling with the Via: headers in a message to redirect the response path to target systems within a network, but, well, that is another topic.
It's going to take years for SIP to get secured -- it's too new to have had a thorough shake out.
After reading some of the comments around here, I think there needs to be a new moderation type of "Missed the point".
You are confused because you are thinking like an engineer, rather than a philosopher or an idealist. Ideally, we could just have one protocol (to rule them all, in the darkness bind (v9.2) them...), but it is not a very practical solution.
I rather suspect there is this problem with people getting the network protocols confused with the applications that run over them. The "everything over IP" crowd seems to be mostly the same group that feels that NAT is a bad thing -- i.e. that everything should be one big network with the same addressed space (i.e. the Intranet, really, rather than the Internet, because the latter implies connections between different networks.) From this point of view, the "everything over IP" is the equivalent of saying, for example, "everything over copper wire, and only over copper wire -- it does not matter if fiber optic cable makes more sense for certain specific applications, you would need a converter to convert between copper and fiber, and that would break the end to end connection!"
If you can pry the application out of the network protocol (i.e. IPv4), such that the application is independent of the underlying protocol (as it ought to be), then you could more easily use the apropriate protocol for the apropriate application when necessary. However, as long as the masses believe there is some magic inherent in end-to-end un-NAT'ed networks, IPv4 will remain God, and IPv6, among other things, will never arrive. (It's not magic, it's bad design which requires end-to-end transport without allowing for the possibility of transport conversion.)
It is a bizarrely almost Luddite mindset. I mean, honestly, is it just me, or does anyone else feel that the "IP is your Lord god, and you shall have no protocol before IP" mindset is intellectually stifling?
And now the modding down may commence...
The parent comment definitely needs to be modded up. Magic bullet indeed. One does still look forward to how IPv6 enabled cell phones/wireless devices will be able to roam between cells without constantly having to disconnect and reconnect.
(A NULL prize for the folks who suggest Mobile IP style tunneling from a home network for VoIPv6 calls.)
Probably to make the 'next leap', so to speak, in version control systems for programming is to design or modify a language so it is more version control friendly, or add much more language-sensitivity to the version control system.
Most people will probably hate this, but for instance, if a comment for a specific line/block of code always had to appear in a specific area or syntactically consistant way such that the version control system can recognize that if a piece of code changed, but not the comments for that code, it could ask if the comments for the code need to be updated as well. Or if a function's parameters or return value have changed, whether or not all instances/uses of that function have also been changed, etc.
That is not to say that you cannot create a great system on top of existing languages, but that perhaps making some minor tweaks in the language to make the language itself easier to manage/version, then this may open up new tool possibilities.
Try one of these for your data archiving. No software dependencies, long media life, etc.
This sort of technology is very interesting, conceptually, though given Microsoft's track record, it is questionable if they will come out with a decent implementation.
There does not seem to be much difference between being able to say "Only this certain person can play this music file in certain circumstances and not share it with anyone else" and "Only this organization can use this personal information I gave them in certain circumstances and not share this information with any other organization." The problems with DRM as currently proposed is that it is too one-sided, biased towards businesses, and a bit too specific.
In an ideal world, something like Palladium would be a step towards information management -- making sure a certain piece of information only goes to the people it is supposed to go to and no one else, that it is only valid for the length of time it is valid (either by life span or the ability to revoke), and that is trackable (just how many organizations out there do have copies of your credit information or home address, etc.) Right now, our information management capabilities compared to ability to acquire information seem pretty primitive. A real information management solution is probably a decade or so away at least, as it would require people to rethink how they handle their information and develop new processes/habits to do so.
Unfortunately, most people will probably look at this as a DRM attempt (which in Microsoft's case, this may very well be) and reject the entire concept of such technologies. This could very well be a problem in the longer run -- if we are in the information age, where information is our tools and our reality, then having the ability to manage and track our tools and reality will be a crucial technology.
This is not to say such a system would ever be perfect or uncrackable, but even though a firewall is not a perfect solution, it is still useful to have. Oddly, such a technology would probably completely fail in a DRM situation in the future because for most people they probably would not care if a music file was authentically signed/certified or not -- but it gets much more interesting for issues of business email/contracts, financial transactions, medical records, etc. If you could apply DRM-type technologies to the personal information you submit to other parties such that it would limit that information to only being read by those parties, then that could, potentially, be an interesting issue. (i.e. A person gets denied a loan/medical insurance -- demands to see why. The business claims that the information on the person indicates he's a bad risk. Person asks to see the certification on the information, since he never gave that information to the business. The business only has uncertified information on the person -- all the DRM-style information stripped out. Scenario: Either another organization stripped off the privacy/DRM on the information and passed it to the company, or the information is invalid. Being able to track/challenge such information could make things more interesting.) Again, such a system would never be bullet-proof, but it could add some value if done properly.
If information is the next economy, then information management tools will be the next banking technology, so to speak. They will undoubtedly arrive in some form.
Strictly speaking from a bandwidth usage point of view, IP is not more efficient than ATM for voice, unless you allow for higher latency per chunk of voice data.
That is, ATM has a fixed, roughly 10% header overhead per cell compared to data payload. IP can have lower relative overhead by having larger packets verses the IP header size -- *however* the time it takes to gather the data to fill one large IP packet increases the delay.
For instance, if you are using an 8:1 compression codec, then that 64K bits-per-second voice becomes 8Kbps, or 1KBps. You can fit that entire one 1K bytes into a single IP packet, yes -- but you have to wait one entire second (the time it takes to gather that second of voice) before you can send the packet. With 8:1 compression, each byte of data is roughly 1 millisecond of voice -- each byte you pause to gather adds one millisecond delay before you send the data.
ATM becomes more efficient for voice as the payload size decreases per IP packet below around 300 bytes (i.e. 300 milliseconds delay in voice transmission between the first byte encoded and the last byte encoded before the packet is sent.) IPv6 will have an even poorer efficiency, of course, due to the larger header.
This is not comparing the cost of ATM network hardware to IP networks, just commenting that from a strict data point of view (i.e. bits per second of payload), ATM is going to be have better efficiency/quality for voice data. Now, for mixed voice and data networks, that may not be the primary concern.
Does that mean that if EULAs are 100% enforceable, that every time a system administrator installs a piece of software with a EULA, the corporate lawyer has to be there to review the EULA to confirm that the EULA is safe for the company to agree to?
Could a system administrator even install the software if she/he was not an officer of the company or otherwise authorized to enter the company into a legally binding contract? (i.e. if the EULA gave the software developer the right to inspect/use the system the company installed it on -- which might also have on it confidential data, customer records, trade secrets, etc.)
It would not necessarily be a bad thing if the US government thought China might successfully build a moon base. Perhaps there would be more serious initiatives to encourage more space exploration and development on this side of the Pacific.
Hey, it worked with Sputnik...
Sure. I am sure they already exist for high security areas as well, just I would like to see more *development* in those areas to bring the capabilities down to all devices/applications. Maybe I am just in the wrong circles, but there does not seem to be a lot of talk about working on applying these concepts to desktop OS system, except insofar as it relates to not letting people copy music/movies as opposed to letting them set up policies to manage the protections/policies on their own data.
The security meta-data has to be capable of being sent along with the data itself when transferring the files between devices. That is, even if it is secure on an IBM workhorse, if the Pointy-Haired-Boss downloads data to his pony laptop/etch-a-sketch, the PHB can't accidently email the data/document out to random people to get their advice on it.
This will probably squick people by sounding like a cross-platform IPR protection/management systems (why, yes, yes it does), just aimed at corporate use. It probably would not be perfect (i.e. like anything else, not able to stand up against a focused attack), but would be useful in enforcing policy against accidental slips and/or carelessness.
Does IBM make an AS/400 laptop, BTW? That would be amusing!
If people consider PDAs, MP3 players, and digital cameras a security threat as a channel for bringing data in and/or out of a company, just wait for the next generation cell phones/PDAs. When you have a 3G/GPRS/GPS/Bluetooth/802.11/IrDA/Ethernet/USB/Fir ewire/etc. capable personal phone, would employers let you bring it into work? Even if you had no hostile intentions yourself, your phone might be compromised by a trojan or virus that might attempt to spread from your phone into the corporate network over whatever communications medium is available.
With the wireless connectivity becoming so common, network security is losing its "air gap".
It might be noted that the IP Rights protection software might end up being a problem for Open Source software acceptance in the market and work place. Not necessarily due to (most) corporations really concerning themselves about people copying music, but with employees copying confidential files to unsecured devices.
An operating system/networking system that provided built-in guards for transferring confidential/private data from secured/official devices to unsecured/private devices might have a lot more appeal to a corporation than one that has no protections against random file copying.
(Given that we are reaching the point where we have more memory and CPU power in computers than we know what to do with, I would be highly interested in seeing more OS development that allows for (security) meta-data to be associated with areas of memory as far as the permissions/state of that memory goes. It would be really nice to see a system where, say, image data loaded from a website might be marked in the OS as "image (jpeg) from foo.bar.com -- unauthenticated, non-executable", so that if some thing else tried to trigger the CPU to jump to that area of memory and execute it, the OS would reject the attempt. This is going to be more important with Bluetooth/ad-hoc connectivity, 'media' which are almost programs in themselves (Flash, Java, JavaScript, etc.) -- simply turning off all support for 'dangerous' media may not be practical if their use becomes wide-spread. This sort of internal OS meta-data system would have a high overhead, of course. And yes, the side effect is that it makes IPR-type enforcement much more possible, but the security issues may start pushing systems development in that direction. Free software folks should think about this one -- it would be highly ironic if by implementing IPR management software in Windows, Microsoft then stepped up and managed to make an OS with a superior internal security model based on extending the IPR system to manage internal data/executable security. Better start looking for quad Athlon servers...)
The key issue in your statement is "attempts to impose". You can have voluntary order/discipline -- cooperation, agreed upon standards, etc. The courteous anarchy your refer to. You have made the assumption I meant "imposed order".
I would rather say that people working together produce more than people who do not work together, thus order/discipline yields production. The statement does not imply one way or the other whether or not the order and/or discipline came from within or was imposed from without.
How exactly would you propose to have a workable decentralized system without some sort of standard or order? You could easily come up with an unworkable system, granteed, but a workable one, a productive one -- a useable one -- would require some level of cooperation/standards and the discipline to stick to the cooperation/standards.
I am incredibly tired of hearing people constantly spout off how everything would be so much better if service ABC was distributed. It is such a consistant refrain of:
If you stand in front of a bunch of (service-person = ) programmers, and say replace service-name with 'network services' and service-tools with 'computers', then everyone cheers. However, if do substitutions like service-name = "grocery stores/food distribution and production", service-people = "farmers", and service-tools = "farming tools and overalls", people start hemming and hawing -- unless, perhaps, you proposed that in front of a bunch of farmers. Or "sewage services", "sanitation engineers", and "septic tanks." -- unless when proposed in front of bunch of sanitation engineers.
Chaos/freedom yields innovation, but order/discipline yields production. Between the two is a varying place where the efficiency of the resources consumed verses the quality/quantity of what is produced is maximized. People may want the best in everything, but they cannot afford it -- people will pay for the best priced "good enough" -- this does not necesarily drive an improvement in quality, only efficiency. There's a reason why people don't grow their own food, manage their own waste, generate their own electricity, perform their own appendectomies, purify their own water, build their own homes, mine their own ores to hand-forge the nails they need to hammer together the boards they cut from the trees they felled to build their own home, etc. Doing it all yourself might, eventually with practice, yield far superior and customized services/products (from your own point of view), but it requires more effort.
Some people choose to put forth that effort, but equally important is to able to choose not to and buy services from some one else so that a person might focus their energies on their endeavor of choice and excell within that field, not spreading their energies around just to survive.
It is a good thing that if a person wanted to, they could grow their own food, make their own clothing, do everything for themselves -- they may come up with something interesting, after all, and they should be free to. It is also a good thing that if a person wants to buy services from other entities, even (gasp) from a centralized service so that the person may focus on their chosen endeavor -- one rather suspects Stephen Hawking would be hard pressed to grow his own food (without the purchase of considerable automation, at least.) People need to have the opportunity to choose what they want to buy and what they want to do themselves.
It's a bit of a rant, perhaps, but I just disgustedly tired by those who froth at the mouth about how centralized services are bad... while drinking coffee at Starbucks. When they are wearing/using products made in sweatshops in foreign countries while spouting off how "everyone should do their own network services for themselves because centralized service models suck", it's just adding insult to hypocrisy.
Centralized services are not inherently bad, nor distributed services inherently good. They are just models -- only when you map the model to an actual system or process and establish criteria for measuring performance can you then make a judgement on bad verses good. What is good is being allowed to make that decision for one's self and choose the model one wants to use -- no system should be entirely one or the other.
(And as far as not being able to pay for the bandwidth to run a successful site, that's why the Internet needs to go to a pay-to-play model where the people browsing should pay for the bandwith. Then no site is 'penalized' for success.)
Not while the Internet is viewed as a 'flat-rate' usage medium. The flat rate usage model was a useful thing, like being bottle-fed, to get things going, but things are rapidly reaching the point where a pay-for-play model is making far more sense, and this type of 'publishing' is one example.
Right now, if you are paying for 'bandwidth' in terms of a shared connection (going through DSLAMs, modem concentrators, etc.) it is not in the providers' best interest that you use the bandwidth. The flat rate is priced according to the 'average' usage across all users (so the people who use it less get screwed out of their money by the people who use it more) -- if the average usage increases, the provider loses money. The provider starts throwing these things like usage caps and blocking incoming server connections, etc., to throttle down the average usage levels.
This is a bad situation all around. The users are paying for a service which the providers make the most money on when the users don't use it. Work out the logical conclusions. The users *cannot* win, because the providers control the wires and can limit service accordingly. (NAT, application level firewalls, private networks, etc.) Websites have advertisements and subscriptions to cover the cost of their network connections.
Now, let's flip this around so we have a pay-for-play model where the providers make money for usage/bandwidth. That the more the network is used, the more content is used the more money the provider makes -- give the provider motivation to encourage use of the network. This has a far, far more interesting set of possibilities.
What does this have to do with publishing of music or writing online? Everything. The more content there is out there, the more *good* content, the more people would use the network in a pay-for-play situation, and the more money the providers would make. Potentially, the situation could be reached where it was in the network providers' best interest to sponsor or provide patronage to writers, artists, musicians, programmers, etc. that generate content -- *without* restrictions. The more the content is restricted, the less it could be sent over the network, which means the less revenue the provider would earn.
This would make search engines and services like google all the more important, of course, as in this model the users would be much more careful about what they looked at -- the need for promotion and quality control of content generation would increase.
Imagine a scenario where if you put a web server up on your DSL connection it cost you nothing -- that people who viewed your pages were paying for the bandwidth they used to view it. Providers would be doing their darndest to encourage people to set up web pages, put up content, exchange view points -- generate traffic. If a provider could make $14 a month from someone connecting to a $10 a month MMPORG, perhaps it would make sense for them to pay the $10 themselves, and earn extra revenue from the increased user base. Laws which chilled free speech or free exchange of information would suddenly be very much not in their own commercial interests.
Heck, perhaps the network provider could give you a cut of the revenue you generated for them by getting people to connect to your website. Then self-publishing could take on a whole new meaning -- it would take literally no more than a computer to host the content, be it music, text, software, movies, etc.
This is not to say the situation would necessarily work out that way, of course, but it seems a much more positive scenario than the one where the providers have to actively work against their users using their services in order to stay in business -- it makes them more interested in working with folks who do content control and restriction than against them.
(A bit off topic: VoIP should be an interesting disaster -- if it actually takes off among broadband users and raises the average bandwidth usage significantly, then all the broadband providers are going to start losing money verses the flat rate fees. Of course, the first one to raise their rates will lose, because all the users will jump to the ones who have not... While it's true that the costs of providing bandwidth go down every year (in theory), so do the prices of cars, but most people cannot afford new cars every year, and neither can most providers afford to upgrade their entire networks over night to lower costs (sic). If growth increases faster under a flat rate system than a provider can pay off the equipment, rates will have to rise or the provider goes out of business. In a pay-for-play system, the provider ends up paying off the equipment costs faster and can potentially upgrade sooner.)
I rather agree with some other posters that this system will most likely be supplanted by cell phone-based systems -- mostly because phones will probably soon include location/GPS systems. Not only will each purchase be tracked, but the location as well (E911 services) -- beyond the flip side of the privacy implications, that would make theft a bit more complicated, since the police would know the exact location of the thief. Note that since the anonyminity of cash is not existant in the system, the thief has a very small window of opportunity -- if he goes anywhere with video surveilance to use the system, between the ID of the electronic wallet, and the time stamp of the transaction, he will be recorded. If he transfers money to his own account, well... not quite the Darwin Awards but...
... what happens if anonymous cash and purchases are no longer common?
Pan-handling could become a thing of the past if no one has any cash to hand out and the homeless cannot get a device to have money transferred into. Drug dealers, porn stores, bookstores, charities, political groups, gun dealers, money laundring, etc.
Would it make people spend money more easily as they have to think about it less? Just wave device/push a button?
Does this mean we can file a lawsuit against lawyers who allow themselves to be hired to conduct frivolous or harassing lawsuits for allowing themselves to be used to conduct frivolous or harassing lawsuits, instead of the people hiring the lawyers?
The idea that increasing transparency at all levels is an interesting one, but I would like to see how Brin would deal with the issue of simulated transparency verses actually seeing what is there.
He is correct that as the technology improves it is easier to share information and to gather information, it also makes it easier to simulate and falsify information. (Info-tainment, commercials disguised as informational presentations, etc.)
It might make for an interesting arms race between those who try to see what is really going on and those who obscure what is happening by creating false but believable data with the facilities available to them. A person could be so bombarded by so many 'experts', each claiming a different view point or interpretation of 'what really happened', that the person cannot decide who to believe.
There is probably a necessary layer of filtering required there (i.e. like people wear sunglasses to keep the glare from blinding them -- too much transparency can be bad), but that leads yet again to the accountability problem -- who runs the filters?
This should be addressed to children in the target age range today, not the slashdot folks who have (presumably) grown up since they were that age group. What would seem neat or interesting to us based on how we remembered that time period is not necessarily the same as what would be neat or interesting to children living in the current time (or 2005) rather than the times of a decade ago.
It sounds like the whole point of the experiment may be to see what the children will do with the technology, not that what people now would have wished they could have done when they were children -- that is, it sounds like building to a set of preconceptions could be counter productive to the goals of the experiment.
Now, if the goal is to develop a new class of technologies *first*, then expose the children to see if they develop mutant powers -- er, develop interesting new uses of technology, then that is a slightly different matter. Something like, oh, combining Instant Messenging with a neural network system -- give every child a PDA that is also a node on the neural network. Set it up so the children could set up rules/weights for automatically processing messages (i.e. if both Amy and Joey send me a message about the new movie, pop it up on my screen, otherwise I'm not interested in movies that Amy and Joey don't like. If Amy, Joey, and Bob like it, it must be really cool -- forward the message to Kelly, too!) Turn the nodes into a combination advanced instant messaging/USENET node. Sort of Google crossed with Instant Messenging. Every node contributes as a filter/forward/weighter of messages to the neighbor -- ideally, the entire system would start to more intelligently route messages around internally only to the people who are interested in them (i.e. don't alert me about that new article from CNN unless it also shows up on Slashdot and at least two of my friends think it is interesting). The major issue would be having a easy to use user interface that would let people easily set up the filtering/forwarding/weighting system.
"Under carefully controlled circumstances of light, temperature, pressure, and humidity, the organism will do what it damn well pleases."
They probably fear customer backlash from the sticker shock of what real bandwidth would cost. All of them would have to be willing to come to a sane price at the same time and figure out how to explain to customers, etc. why it really does cost that much.
You are also correct about the performance requirements -- unfortunately, as long as we are stuck with the current Internet standards, that is going to be hard to provide.
This sort of brewing dispute between the users (trying to get around limitations/TOS) and the carriers (trying to control their own networks) is just going to lead to wasted energy and pointless conflict -- neither side is going to want to grow up and address the actual problem.
That is what I was referring to in my comment in a sense. Anyone can build chaos, diversity -- a jungle. Anyone can say "We will make the edges smart and the core dumb!", but the doing is another matter. Such a construction is not efficient, though. History tends to indicate that farming has won out over jungles, that civilization over barbarians, corporations over small buisinesses.
As the demands placed on the network become more stringent in terms of QoS, costs, efficiency -- once the network becomes no longer cutting edge, but boring old infrastructure, it will become ordered and managed to increase efficiency at the cost of diversity. Every frontier is eventually settled because it uses resources more efficiently that way.
Pretending that the core network does not need intelligence allows people to pretend that they can do whatever they want, drop whatever packets they want into the system, and have it work. (In the slightly higher application level, people learned that they could send SPAM to everyone else easily.) The issue is that this is slowly creating an hostile relationship with the core network. Issues with having ports blocked to prevent people from running servers on their connections are symptomatic of this -- the edge and the core are conflicting over what is allowed. (Hint: the core wins unless the edge pays at least the cost of the actual bandwidth used. The core can always cut the connection. If the edges do not cover the costs of the bandwidth, the core goes out of business, and everyone loses (you know, like all those DSL providers...))
Barbarians who have stood at the edges and shouted and screamed that they do not need civilization have always been pushed back by the expansion of civilization. The edges will have to be come civilized and deal with the core network in a civilized fashion, not just run rampant through it -- the core is alread setting up walls and gates on the edges to stop the barbarians: filtering out spoofed source addresses, NAT, firewalls, port blocking, monitors, sniffers, etc. Because the core network is denied any useful information/intelligence about services to make optimizations, because it has to handle *anything*, which is inefficient/expensive, the core network is , unsurprizingly, becoming dumb -- and, surprise, dumb things do not do well in performing a variety of services efficiently, the services and traffic have to be simple and uniform to be handled efficiently by a dumb box. So, the traffic and services are *made* simple -- no web servers for you, bud! We'll forcibly shape your traffic patterns until they are more simple and efficient for us, 'cause we're only a bunch of dumb core guys, right? We can't do anything complex! Why, yes, tech support really is staffed by low-grade morons -- the network is pretty dumb and simple, you know, doesn't take any brains to run!
Ultimately, the barbarians will have to become civilized, the only question is on whose terms, or find a new frontier. If the barbarians are going to want good terms, they are going to have to treat the core with respect -- they will have to have intelligence in the core to communicate with it. For QoS, etc., the edges will have to be able to tell the core what they want, and the core will have to have the intelligence to see if it can manage it, and arrange for the service. And the barbarians better negotiate while they still have power -- if they all get crowded into little reservations of network places with unfiltered services and become a tiny part of the market first without any bargaining power, well...
If the only communication/negotiation between the edge to the core is "Route packet! Route packet! Route packet!" The only reponse the core can have is "Yes" or "No". Allowing for more intelligent negotiation of service allows for compromises and more flexibility. The core can *always* say no.
Murphy's Golden Rule: Those who have the gold make the rules.
Possession is 9/10ths of the law.
As long as we need core networks, routers, interconnect points, etc. those who own them will ultimately have the power to make the rules. And they aren't owned by the IETF, and they aren't owned by the edges.
That is because there are people out there who believe that the network should be 'dumb' with all the intelligence in the edges. This class of people rarely understand that the network needs intelligence to do its job well.
You are only considering the equipment cost. You are not considering the operational costs -- maintaining a NOC 24x7 with people who have half a clue, who know how to run an IP network more or less, can mostly manage BGP4 routing, field techs to replace equipment, spare router blades, router service contract costs, electricity, management, etc. And that is only for a half-way able staffing. Staffing a NOC + field support with really good people who know what they are doing 24x7/oncall, full network redundancy (never mind just doubling the cost of the lines and the routers, *managing* the redundancy is expensive in terms of manpower), spares for all equipment, etc. is a huge operational, recurring cost.
Depending on how you handle the business model for a dial-up ISP, the business model gets *less* profitable the larger you get, due to the management overhead. Suppose you need to have 100 paying customers per month to support one tech support person answering the phones for that month (arbitrary number) -- at some point, you have so many tech support people working, you need to hire a manager to handle them -- but to pay that manager's salary, you need another 500 paying customers. The ratio of customers:tech support just went up. If you get so large that you have multiple managers and now need a senior manager... etc. The 'pyramid' of management that grows on top of the service base eats into the profit margin per customer. If this was a manufacturing system, this might not be an issue as as the business grows larger you could leverage economies of scale, but this is a *service* (i.e. tech support) issue, where you must have a certain number of tech support personnel per customer.
The network costs have a similar issue. When you have little traffic, a topology where all remote points talk to a central hub works fine and is fairly easy to manage, but as network traffic grows and you try to add links between more and more points in a many-to-many connected network, the number of links to manage starts going up very quickly (i.e. n!, or possibly n!/(n-m)! where m is the number of links per n end points). Managing all those links is an increasing cost that does not match the subscriber base. (i.e. the subscriber base grows linearly, the network management/complexity exponentially) -- eventually the costs exceed the revenue.
At that point, either quality goes down, or costs go up. Every one wants 'cheap' broadband, though, so... quality goes down, or the providers have to tie people into some other service to stay profitable. If people don't want the content providers to control how bandwidth is used, then they are going to have to be willing to pay *full* price for the bandwidth so that the bandwidth providers have no subsidies from the content providers to listen to, and only are interested in listening to their customer base.
Bandwidth costs are not well understood -- things are changing very rapidly, but it's neither as simple or as cheap as $ per month.
I suspect a major issue is that bandwidth is not as cheap as people think/desire it to be. Look at all the places that advertised 'unlimited' usage, then went back and added usage caps -- look at the price to actually have 'unlimited' usage.
Up until this point 'unlimited' usage has worked because the statistical multiplexing of the traffic functioned to give the illusion of unlimited usage over the avaiable networks. As usage has increased and the need for consistancy of service, quality of service has increased, the illusion that the statistical multiplexing of the packet traffic in the network is failing.
Fast, good, cheap -- choose two.
If people want fast (broadband) and good (QoS, reliability of service, and not to be run into 50:1 broadband/last mile DSL concentrators feeding out into a single T1), it is not going to be cheap. What people have had so far is fast and cheap -- but no one noticed at first because having it at all was better than nothing.
Getting a last mile connection laid is only part of the problem. In theory, it would be a one time issue and be finished with. The larger issue is the maintenance and operational costs that have to be paid on an ongoing basis to keep the system working.
Working out how to get the connection to the house is a technology problem, keeping the connection working is a service problem. Most people are going to be interested in buying services, not (just) technology.