The "Chair's slides" basically deal with HTTP Auth issues. Take a look - the presentations were rather interesting, altough it seemed at the time that a WG may not be formed out of these.
So, I've had enough. I'm out of here forever. I want to leave before I get so disgruntled that I end up using windows. - Con on LKML.
How soon we'll be seeing him as a Windows 7 advocate?-)
Anyway, I guess he's been really bitter lately, going from anger from Linus not accepting his patches to escalating to the point where the entire Linux is a spawn of the devil and should be cut up and left out to dry. Sounds more like a runaway rant, really...And I guess it's good to vent all that anger, but credibility is taking a bit of a hit.
(Yeah, thanks for the SD scheduler - I've been using Con's patches for 2-3 years now and been very happy with'em. I guess I'll switch to mainline kernel when 2.6.23 hits).
"Essentially" - it started out as a P2/333. And yes, there have been upgrades in HDD and GFX card too - but I haven't bought a "new" computer. Motherboard is still same, as is PSU, sound card, etc.
(Of course...when you fit a new handle to your axe...does it become a new axe).
Well, for me - I still have a desktop at home that was essentially bought in 1998 (1,2 GHz Celeron). It works for me for everything (including World of Warcraft). At work I have a dual-processor Athlon (1 GHz), bought at 2001. It still works for me - does everything I need it to do at work (ie. Wireshark, SSH, browsing, e-mail, office and some custom network analyzing applications).
Why I haven't upgraded is 1) these computers still do everything for me. In 2001 I purposefully specced my work-desktop to have two processors so that I could run lots of computing power-requiring non-interactive processes in the background without bogging the system down.
The second reason, and the point that I'm getting here, is that 2) Apart from a broken fan, those desktop machines STILL work just fine.
In the same time, I have went through 5 laptops (currently using Lenovo Z60m) that my company has issued me. Usually not anything "destructive", but batteries dying, keyboards getting sticky, plastic parts (display, PCMCIA ports) breaking...so basically, when I have asked IT to fix it, they have just given me a new one.
Meanwhile, my desktops just keeps on going.
So, I wonder - is the "growth" in laptop sales a result of the fact that they force you into upgrade cycle since they don't have easily replaceable parts that you can fix if things break, so you're essentially getting a new comp everytime something breaks (even if you have insurance footing the bill).
Basically Breach series was tactical combat like UFO/X-Com or Laser Squad, and Rules of Engagement was tactical space combat - two completely independent games.
Well, install'em both and you get the boarding party sequences (capturing starships) from RoE to play through in Breach.
I do wish this was used more often elsewhere, definitely.
You can die drinking water, not drowning, just drinking. If you drink enough (it is extremely hard to do but you can do it) you'll dilute the electrolytes in your body to the point it can't function, and you will die.
But the fact of the matter is, other people have spent all this time assisting him because of the morality of the license.
In the 90's, I think most of the people worked on Linux due to the unclear legal status of BSD, not some funny "morality" issue.
Without the legal issues, FreeBSD would probably be where Linux is now, perhaps even further, and Linux would never have taken off like that - it would have stayed as a little practice project for the Helsinki University. However, now Linux just has so much momentum with it that it's the focus of most open source efforts.
They have. The problem is that the batteries also are providing power for heaters to keep the rover warm during the night. They probably won't (especially the batteries) survive a deep-freeze to -40C, so when sun starts shining again there may be too many things broken to start the rover up again.
Someone better start operating one...Then virtual cops can come and enforce the decision and virtual collectors agencies can come and take your virtual goods to pay any restitutions and then your virtual character can be locked up in virtual jail where you can escape with the virtual file to saw off the virtual bars. Then they can have a virtual chase of the prison escapee..
Oh, after reading other comments, I guess they really are going for solving the high-bandwidth high-latency link problems. I didn't even consider that to be necessary since I thought that was pretty much solved and as such, "old news".
I guess this device works as some sort of wrapper so that legacy TCP implementations don't get slowdowns, but doesn't strike as anything revolutionary to me - the RFCs are from year 2003.
Sounds like they just skip TCP slow start algorithm and stuff like that - so it's probably not faster than regular TCP after the window has stabilized. Slow-start and backoff algorithms of course cause slowdowns.
Other possibility is some sort of header compression.
Anyway, to use this safely you'd need to be *sure* you know your link charasteristics. The reason TCP has the slow-start mechanisms in the first place is to make sure you don't overflow the link - that's why it's known as flow control:)
It IS specific to Germany in some respects. Remember, the directive only specifies the MINIMUM requirements for the law; The implementations are country-specific.
When a distinguished but elderly scientist states that something is possible, he is almost certainly right. When he states that something is impossible, he is very probably wrong.
Try photographing something that is in the range of more than one color and heavily saturated (like a yellowish-orangish sunset). The matrixing algorithm that is used to reconstruct the original color from the sensor tries its best, but cannot really match a normal Bayer-based dSLR at the moment (either Canon or Nikon).
Canon G1 had a CMY pattern if I recall correctly. This also meant that it didn't suffer from the nice IR artifact (take a picture of hot charcoal and you actually get reddish image, lots of other cameras see it as purple...)
Only problem is that Foveon (at least current implementation) is crap. The three colors have too much overlap and they also aren't very sensitive, either. Fine, you get rid of some of the bayer artifacts, but in return you lose most of the extreme colors and lots of sensitivity.
Ok, could somebody please explain to me what classifies as a cyber-attack? It seems all these are applicable only to public Internet, not private networks. What's all the fuss?
Targeted, distributed DDos against goverment websites? Ok. I can see that (see what happened in Estonia). Lots of mitigating technologies including but not limited to stuff like BGP blackholing and so on and the most obvious attack vector. However, is there really anything else?
Breaking into systems? Ok, but do you really have anything critical on a public webservers and other Internet-facing systems? This isn't the 80's when things like Cuckoo's Egg happened easily and some systems didn't even have passwords. Of course admins in several organizations are incompetent, but it's not like you could play Wargames (ie. launch nukes or similar), since those systems are not connected to Internet.
Mostly I'm thinking what exactly is the impact of all this? A temporarily blocked access to public websites? What else is there? "Cyber-attack" just seems a buzzword. What do they mean?
Or do they really have attacks going against private, supposedly secure networks (perhaps intercepting satellite communications or undersea fibers?)
Not really. The DHC is the standardized method of denying incoming telemarketers. Setting your AP to not broadcast SSID or activating WEP/WPA is a standardized method of informing that this is not a public network.
Does anyone know if this defense has been used anywhere?
Basically, if I open my laptop, it's explicitly ASKING for permission, with the IEEE 802.11 standard association request.
Basically, it goes
AP sends out beacons "Here, I have this SSID, it uses open authentication!"
Laptop => AP (Association request) "Can I come?" AP => Laptop (Association request) "Sure!" Laptop => AP (Open Authentication request) "...and you don't even care who I am?" AP => Laptop (Open Authentication response) "No, just come on in!" Laptop => DHCP server "Hi, the AP just let me in. Are you also going to give me IP address so I can talk to the Internet?" DHCP Server => Laptop "Sure! Here you go!"
Now, if the AP had *any* other form of settings. No need to specify if it's using WEP, WPA, whatever, it still says "authorization needed". So
AP sends out beacons "Here is this SSID, but it uses shared auth and WEP so you're not allowed unless you know the key"
Then it goes that you know the key, you're authorized. If you use WepCrack, then you're trespassing (and whatnot).
Anyway, has this *ever* been tested in court with this defense? I mean, basically, you ARE asking for permission when your laptop sends out that first association request, and you ARE advertising a public service if your Access Point sends out beacons advertising open SSID!
Actually, that's one of the arguments my friends (medium-sized) company had to keep electronic locks, passcard or anything like that OUT of their office building, and stay with "old-fashioned" keys. I mean, how hard would it be to bribe some button-pusher in a security company to tell some hoodlum that ok, these guys are right now at workplace, go rob their house...
(Ok, in addition they saved a pile of money by not having to install all the cardreaders and other junk).
Cue the ensuing Mebi/Gibi/Tebi vs. SI notation fights.
While it's takes a while to get used to it, I actually prefer the Bi-units now. 4,3GiB or 4,7GB is already a huge difference when talking about DVD capacity. At terabyte, it gets enormous.
Linux already uses those units.
Only place where I still see a purpose for using binary units in computing is memory - address bus is still addressed exactly with n lines so memory capacity will be 2^n. For all other cases, it's not needed. Yes, the hard drives have 512 to 4096 byte sectors, but who cares when were talking about trillions of them?
So you've implemented a DMZ. Nothing special about that.
And besides, you just might want to block all the *other* ports anyway, even in DMZ deployment. And maybe put some sort of IDS system to check on the traffic going to that open port.
Slashdot Mirror
Watched the presentation at Chicago earlier this week. HTTPBis BOF basically dealt with these:
p bis-2.ppt - Chair's Slidesp bis-1.pdf - Cookies & Cachingp bis-0.pdf - Etags
http://www3.ietf.org/proceedings/07jul/slides/htt
http://www3.ietf.org/proceedings/07jul/slides/htt
http://www3.ietf.org/proceedings/07jul/slides/htt
The "Chair's slides" basically deal with HTTP Auth issues. Take a look - the presentations were rather interesting, altough it seemed at the time that a WG may not be formed out of these.
So, I've had enough. I'm out of here forever. I want to leave before I get so disgruntled that I end up using windows. - Con on LKML.
How soon we'll be seeing him as a Windows 7 advocate?-)
Anyway, I guess he's been really bitter lately, going from anger from Linus not accepting his patches to escalating to the point where the entire Linux is a spawn of the devil and should be cut up and left out to dry. Sounds more like a runaway rant, really...And I guess it's good to vent all that anger, but credibility is taking a bit of a hit.
(Yeah, thanks for the SD scheduler - I've been using Con's patches for 2-3 years now and been very happy with'em. I guess I'll switch to mainline kernel when 2.6.23 hits).
"Essentially" - it started out as a P2/333. And yes, there have been upgrades in HDD and GFX card too - but I haven't bought a "new" computer. Motherboard is still same, as is PSU, sound card, etc.
(Of course...when you fit a new handle to your axe...does it become a new axe).
Well, for me - I still have a desktop at home that was essentially bought in 1998 (1,2 GHz Celeron). It works for me for everything (including World of Warcraft). At work I have a dual-processor Athlon (1 GHz), bought at 2001. It still works for me - does everything I need it to do at work (ie. Wireshark, SSH, browsing, e-mail, office and some custom network analyzing applications).
Why I haven't upgraded is 1) these computers still do everything for me. In 2001 I purposefully specced my work-desktop to have two processors so that I could run lots of computing power-requiring non-interactive processes in the background without bogging the system down.
The second reason, and the point that I'm getting here, is that 2) Apart from a broken fan, those desktop machines STILL work just fine.
In the same time, I have went through 5 laptops (currently using Lenovo Z60m) that my company has issued me. Usually not anything "destructive", but batteries dying, keyboards getting sticky, plastic parts (display, PCMCIA ports) breaking...so basically, when I have asked IT to fix it, they have just given me a new one.
Meanwhile, my desktops just keeps on going.
So, I wonder - is the "growth" in laptop sales a result of the fact that they force you into upgrade cycle since they don't have easily replaceable parts that you can fix if things break, so you're essentially getting a new comp everytime something breaks (even if you have insurance footing the bill).
Such things have been done before, see
c /strategy_games/games_q_r/rules_of_engagement_2.ht ml
http://free-game-downloads.mosw.com/abandonware/p
Basically Breach series was tactical combat like UFO/X-Com or Laser Squad, and Rules of Engagement was tactical space combat - two completely independent games.
Well, install'em both and you get the boarding party sequences (capturing starships) from RoE to play through in Breach.
I do wish this was used more often elsewhere, definitely.
You can die drinking water, not drowning, just drinking. If you drink enough (it is extremely hard to do but you can do it) you'll dilute the electrolytes in your body to the point it can't function, and you will die.
Indeed:
http://www.msnbc.msn.com/id/16614865/
But the fact of the matter is, other people have spent all this time assisting him because of the morality of the license.
In the 90's, I think most of the people worked on Linux due to the unclear legal status of BSD, not some funny "morality" issue.
Without the legal issues, FreeBSD would probably be where Linux is now, perhaps even further, and Linux would never have taken off like that - it would have stayed as a little practice project for the Helsinki University. However, now Linux just has so much momentum with it that it's the focus of most open source efforts.
They have. The problem is that the batteries also are providing power for heaters to keep the rover warm during the night. They probably won't (especially the batteries) survive a deep-freeze to -40C, so when sun starts shining again there may be too many things broken to start the rover up again.
Someone better start operating one...Then virtual cops can come and enforce the decision and virtual collectors agencies can come and take your virtual goods to pay any restitutions and then your virtual character can be locked up in virtual jail where you can escape with the virtual file to saw off the virtual bars. Then they can have a virtual chase of the prison escapee..
...what's the point in having insurance for all, if insurance companies will just deny all the claims due to conditions obscured in legalese?
Oh, after reading other comments, I guess they really are going for solving the high-bandwidth high-latency link problems. I didn't even consider that to be necessary since I thought that was pretty much solved and as such, "old news".
ftp://ftp.rfc-editor.org/in-notes/rfc3649.txt
ftp://ftp.rfc-editor.org/in-notes/rfc3742.txt
I guess this device works as some sort of wrapper so that legacy TCP implementations don't get slowdowns, but doesn't strike as anything revolutionary to me - the RFCs are from year 2003.
Sounds like they just skip TCP slow start algorithm and stuff like that - so it's probably not faster than regular TCP after the window has stabilized. Slow-start and backoff algorithms of course cause slowdowns.
:)
Other possibility is some sort of header compression.
Anyway, to use this safely you'd need to be *sure* you know your link charasteristics. The reason TCP has the slow-start mechanisms in the first place is to make sure you don't overflow the link - that's why it's known as flow control
It IS specific to Germany in some respects. Remember, the directive only specifies the MINIMUM requirements for the law; The implementations are country-specific.
Outlawing Tor is very much specific to Germany.
You get paid 120 EUR / day. And if I understood correctly, it's counted as "allowance", meaning it's tax-free..
When a distinguished but elderly scientist states that something is possible, he is almost certainly right. When he states that something is impossible, he is very probably wrong.
Generation ships. Suspended animation. Bussard Ramjets.
Baby steps throughout Kuiper Belt and Oort Cloud.
Try photographing something that is in the range of more than one color and heavily saturated (like a yellowish-orangish sunset). The matrixing algorithm that is used to reconstruct the original color from the sensor tries its best, but cannot really match a normal Bayer-based dSLR at the moment (either Canon or Nikon).
The spatial resolution is of course better.
Canon G1 had a CMY pattern if I recall correctly. This also meant that it didn't suffer from the nice IR artifact (take a picture of hot charcoal and you actually get reddish image, lots of other cameras see it as purple...)
Only problem is that Foveon (at least current implementation) is crap. The three colors have too much overlap and they also aren't very sensitive, either. Fine, you get rid of some of the bayer artifacts, but in return you lose most of the extreme colors and lots of sensitivity.
Ok, could somebody please explain to me what classifies as a cyber-attack? It seems all these are applicable only to public Internet, not private networks. What's all the fuss?
Targeted, distributed DDos against goverment websites? Ok. I can see that (see what happened in Estonia). Lots of mitigating technologies including but not limited to stuff like BGP blackholing and so on and the most obvious attack vector. However, is there really anything else?
Breaking into systems? Ok, but do you really have anything critical on a public webservers and other Internet-facing systems? This isn't the 80's when things like Cuckoo's Egg happened easily and some systems didn't even have passwords. Of course admins in several organizations are incompetent, but it's not like you could play Wargames (ie. launch nukes or similar), since those systems are not connected to Internet.
Mostly I'm thinking what exactly is the impact of all this? A temporarily blocked access to public websites? What else is there? "Cyber-attack" just seems a buzzword. What do they mean?
Or do they really have attacks going against private, supposedly secure networks (perhaps intercepting satellite communications or undersea fibers?)
Well, at least Babylon 5 actually did it for real.
Not really. The DHC is the standardized method of denying incoming telemarketers. Setting your AP to not broadcast SSID or activating WEP/WPA is a standardized method of informing that this is not a public network.
Cannot really see how this is analogous to spam.
Does anyone know if this defense has been used anywhere?
Basically, if I open my laptop, it's explicitly ASKING for permission, with the IEEE 802.11 standard association request.
Basically, it goes
AP sends out beacons "Here, I have this SSID, it uses open authentication!"
Laptop => AP (Association request) "Can I come?"
AP => Laptop (Association request) "Sure!"
Laptop => AP (Open Authentication request) "...and you don't even care who I am?"
AP => Laptop (Open Authentication response) "No, just come on in!"
Laptop => DHCP server "Hi, the AP just let me in. Are you also going to give me IP address so I can talk to the Internet?"
DHCP Server => Laptop "Sure! Here you go!"
Now, if the AP had *any* other form of settings. No need to specify if it's using WEP, WPA, whatever, it still says "authorization needed". So
AP sends out beacons "Here is this SSID, but it uses shared auth and WEP so you're not allowed unless you know the key"
Then it goes that you know the key, you're authorized. If you use WepCrack, then you're trespassing (and whatnot).
Anyway, has this *ever* been tested in court with this defense? I mean, basically, you ARE asking for permission when your laptop sends out that first association request, and you ARE advertising a public service if your Access Point sends out beacons advertising open SSID!
Actually, that's one of the arguments my friends (medium-sized) company had to keep electronic locks, passcard or anything like that OUT of their office building, and stay with "old-fashioned" keys. I mean, how hard would it be to bribe some button-pusher in a security company to tell some hoodlum that ok, these guys are right now at workplace, go rob their house...
(Ok, in addition they saved a pile of money by not having to install all the cardreaders and other junk).
Cue the ensuing Mebi/Gibi/Tebi vs. SI notation fights.
While it's takes a while to get used to it, I actually prefer the Bi-units now. 4,3GiB or 4,7GB is already a huge difference when talking about DVD capacity. At terabyte, it gets enormous.
Linux already uses those units.
Only place where I still see a purpose for using binary units in computing is memory - address bus is still addressed exactly with n lines so memory capacity will be 2^n. For all other cases, it's not needed. Yes, the hard drives have 512 to 4096 byte sectors, but who cares when were talking about trillions of them?
See http://en.wikipedia.org/wiki/Binary_prefix for more.
So you've implemented a DMZ. Nothing special about that.
And besides, you just might want to block all the *other* ports anyway, even in DMZ deployment. And maybe put some sort of IDS system to check on the traffic going to that open port.