As for wasteful? I didn't know using webcams to talk to friends and family you can't just drive to see as they live too far aways is deemed wasteful. How stupid of me.
No, I did not refer to those kinds of things as "wasteful", that sounds pretty practical to me, unless you have your web-cam up and passing data 7x24 "because you can". I highly doubt you would run afoul of a reasonable threshold if you do that. Napster/Gnutella, etc. probably would be considered wasteful, as would downloading everything off of freshmeat even if you are not going to use it "because you can". In the latter cases, you are likely to see a higher bill if your provider charges for excessive usage and I think that is reasonable.
As far as the AC you were applauding, his argument is even dumber than yours. His comparison of food to bandwidth is like comparing stealing a candy bar to rape.
I wouldn't mind if they gave the hoggers their own lines to hog from, but what's the point if they are still hoggin from the shared bandwidth? it doesn't help me.. it only helps the greedy cable company
I don't agree (at least not 100%). There are 2 arguments I could make to your statement:
- If they are charging more, folks are less likely to "waste" bandwidth. "Wasteful" activities like P2P, recklessly downloading large files (ISOs, etc.) will be curtailed if there is a direct cost associated with them. Folks will think twice, and chances are some of you shared bandwidth will open up. This is basic economics.
- Your bandwidth is shared, but only within local domains. You are sharing with your neighborhood, not your entire community at least in respect to the concept of sharing bandwidth on a TV cable. If there are lots of people wasting bandwidth, this does add up over the many shared domains in a community and forces the Cable company to add additional bandwidth out of their facility, causing a very direct cost to them, somewhat justifiying the additional fees.
Bottom line, your argument is not consistent with reality. Though I do not completely dismiss the fact your cable company hopes to make a few bucks off this, the reality is it will likely reduce waste and benefit you, as well as it is not completely unreasonable for the cable company to try to recoup costs. Hopefully the thresholds the providers set are reasonable, and the over-threshold fess are reasonable. From the numbers being tossed around ($80 for the excessive users) those seem darn reasonable.
Impossible, as a former MSN Tech Support weiner I can tell you that MSN uses standard PPP MS-CHAP dialups with a username of "MSN/" and your regular password.
Very true, but how about email? The "proprietary" secure password mechanism for POP retrieval requires Windoze libraries. Webmail sucks and is the only option for non-Windoze users.
The people behind the Icebox clearly come from a consumer electronics background.
They have a kitchen appliance background. Iceboxllc is a subsidiary of Salton, the same people who brought you the George Foreman grill, Juiceman, Breadman, etc. It slices, it dices, it displays your pr0n;)
Exactly! The consumer! remember us? $400 for MS Office is ridiculous, per connection fees to a server running NT/2000/XP are just highway robbery!
In that case regulation is not the answer, vote with your checkbook! If the price is unreasonable, don't buy it. Determining what is excessive profits is not going to work or solve any problems without completely stifling innovation.
I admit this can be problematic, but that is why many (all?) capitalist countries have anti-trust regulations. If those are enforced, the system will work. The process is simple, let the market determine pricing, but watch carefully for market abuses such as monopolistic practices and chop the violators off at the knees.
Simple...NO. Perfect....NO. But proactive regulation will make even legit business impractical. The current system in use in modern capitalist societies seems to be the right approach. Let businesses compete, but set ground-rules and enforce them.
In case you are wondering, I thoroughly believe that M$ has crossed the line and needs to be curtailed. I am very disappointed with the settlements that are occurring. My problem with them has NOTHING to do with their profits, but with their tactics. Had they done this legally and ethically, I would have no issue whatsoever.
If you're big enough, you can buy the soon to be released "Red Hat Network in a Box" where you can run you're own completely autonomous Red Hat Network w/in your own corporation.
It appears it has been released (at least by marketing ). They have 2 options (a local "proxy" and a standalone "satellite" system) both described here.. They don't give much in the way of details, but a decent high-level description. We have about 200 RH systems in our shop, looks worth investigating.
BTW, AOL has actually developed a Linux AOL client. It is not (to the best of my knowledge) available publicly as a standalone package, but was released publicly in the form of Gateway's Internet appliance last year. Gateway's (failed) appliance was very Linux (RedHat, I think, not sure) and very AOL.
Hopefully, they will release it as a standalone package some day. Not that I personally care, but it would remove a roadblock for folks like you.
Well, for one thing, check out "Windows Scripting Host" on the Microsoft website. Using either VBScript or (much preferably) Jscript, you can do pretty much anything you want...
...including a nice virus. See info on the Gigger virus. Gigger exploits the Windows Scripting Host to do "anything it wants". The exploit sends a.htm attachment (not one normally thinks of as "executable"). Can't MS do anything without opening a gaping security hole?
Or not, seeing as California is a pretty liberal state. Remember, that's Condit Country.
It is also Reagan (and Nixon I think) Country. It is a state of major contradictions. Last I heard it was about 48% radical liberal, 48% radical conservative. Starting a political argument there is quite easy.
I thought anything responsibility like this not expressly given to the US Gov't by the constition was by that same constitution given to the state as a responsibility? Is this legal?
The most common method to circumvent this is a simple matter of funding. The fed usually uses highway funding as their lever. They will not make a law mandating a national ID or anything like that. They will make a law (or sometimes the president does it using an executive order) that highway (or whatever) funds will be witheld unless the state cooperates with the DL interlinking.
A great example of this is the nationwide drinking age of 21. This is not a federal law (the feds have no jurisdiction on this), this is a set of 50 state laws, many of which were forced by the fed threatening to withold highway funds. Wisconsin, Louisiana and Alaska (I believe) were amongst several that bitterly fought this, but gave up as they could not afford to go without the highway funds. This same tactic has been used on many occasions (the old 55 MPH speed limit was enforced by the same method, a presidential order by Jerry Ford witholding highway funds to those states that did not comply).
I have no idea if this has ever been tested in the courts, my guess is it has and passed. IMHO, this is an unconstitutional practice, but it seems to work.
Another example (a bit more radical) of how the fed can enforce their will was the case of Utah and statehood. The fed required that Utah outlaw polygamy before they were admitted to the union. I am not dead-sure what would happen if they decided to change their minds and drop the law;)
Also, the article says they can expand capacity 300%. Frankly, that sounds like pretty short-term planning to me. In my experience, it's a rare data store that doesn't double in size every year or two.
I don't know, in the last 12 months my guess is ISP datacenters (Exodus and the like) have been shrinking, along with their customer base. I go to one of Exodus' datacenters in Santa Clara about once a month to maintain our server rack, the place is getting emptier and emptier every time I go.
Re:DVD's look much better on an HD capable set
on
To HDTV or Not to HDTV?
·
· Score: 2, Informative
Dead on. A few months ago I bought a 38" 16x9 tube TV from RCA, built-in HDTV (not just "ready"). I plugged in an antenna for a couple days to see what HDTV is all about. It is just the same old crap in high-res. Yeah, looks good, but I hate regular TV and this is no better.
DVDs, especially since my recent progressive scan purchase, are simply awesome. No (or very minor on super-wide ratios) letterboxing, beautiful picture......unbelievable.
Then there is DVD-Audio..... I can't say enough about how cool that is.
I'd choke using this as a networked machine. The supported network connections are a choice of 2 USB ethernet for "10/100" connectivity (3Com and D-Link). Hmmm, USB is maxed out at 11Mbps. Also, the way that USB works is each device "reserves" a slice of bandwidth appropriate for their needs, but must be careful to not hog all of it or nothing else will work on the same bus. If I recall correctly, at least the 3Com USB (which is an OEM from Acton and I believe the same as the D-Link) only reserves 2Mbps. Boy, that would suck when you are used to near 100Mbps (or even 10Mbps) to local servers.
Just be honest about it. If bandwidth usage is the concern, just say so.
I agree. I really wish these folks would wake up, quit playing games, and charge based on costs not on some strange concept of usage types.
If someone wants to run a website with their vacation or baby pictures for family, excellent, it will likely drain resources very little. If someone wants to run Gnutella or a higher volume web site, great, but I am sure it will not last long once they get the bill or will be justified by the profits/satisfaction they generate.
Basically, consumption is self-regulating and businesses should base their charges on costs, not some market segmentation. If one uses more resources, they should pay more. Blocking things like VPN usage is ridiculous, as it has no bearing on the cost of services.... fortunately most ISPs don't regulate this, and hopefully it remains that way.
I have no idea if there is a V.92 upgrade available for the Courier, but if there is you need to grab the Xmodem variant of the upgrade image. In your terminal package, type the following command to the modem "AT~X!" and use the Xmodem send command in your term package and send the file to the modem.
Some very good advice, yet I would disagree on the point that you will never "turn" a manager who is not comfortable with it. I have turned every manager I have had, but admittedly it has been a struggle each time. I even got my last boss to the point where if there was something he needed urgently he would say "can you just work from home tomorrow, focus on it and crank it out?". It took him a while, but he definitely did a 180 on the issue.
After 12 years of telecommuting (couple days a week) I can share the following advice:
- Go out of your way to be available by phone. I have a sign on my cube wall ENCOURAGING people to call me on my cellphone and have a speed dial button on my desk phone to make it easy.
- Try to have only 1 phone number they can always reach you on (in or out of the office). A cell phone is good, a "one-number" service can also work, and/or forward your desk phone to your cell if you can.
- Try to have conference call (3-way calling) features on your phone. That makes getting a few people together for an impromptu discussion easy.
- Be VERY responsive to email. Fast responses are always appreciated, even if it is a simple "thanks", "I'm on it" or whatever. Just an acknowledgement that you received it helps alleviate some of the mystery.
- Be sure to drop your boss a couple notes a day on accomplished tasks (or progress/status). Remember "perception is reality" and most bosses will make the connection over time that you seem to get more done when telecommuting. I even occasionally use a somewhat devious tactic of waiting to tell my boss about a task completion until I am home (even though I might have got it done at the office). Don't over do it though.
- Avoid over telecommuting! 2 (maybe 3) days a week is usually the most you should do. Otherwise you will lose touch and might go insane;)
- If you can, try making a hard schedule of which days you are out. People then can adjust and will know when to expect you there, and when not to. Bosses will almost always prefer this, as will your team mates.
- Never forget that you are the one bucking the trend and being given a privelege. Don't abuse it, and always go out of your way to accomodate others.
Anyway, these are the basic concepts that have made it work for me. I hope they help.
And if they did pay for your commute (to your office) our (US) nasty tax laws would require them to report that as "pay" and it would be taxed like pay including FICA, etc.
To be fair though, a recent (last year or two) law allows a business to pay for public transport costs (within limits) by buying you tickets or a transit pass (or whatever the local transit system calls for). I thought this was a brilliant idea.
They are talking about passwords entered after you log in. To things like sudo, or SQL front ends, or other crap like that.
I do not believe you are correct, from their document it appears they are focussing on the initial login. It is much easier as they know where in the stream to look. Trying to capture a sudo, etc. would be very difficult as you would need to analyze the entire session stream (that is almost certainly intermixed with writing emails, scripting, coding, etc.) and look for repeating patterns (and that assumes you are entering the password alot for various things).
Or loging into another machine.
Yes, they do address that. But now that involves them having a very, very (almost too) convenient location from which to sniff, twice (or they are sniffing from your machine itself). Using switched networks (super common) and decent physical security will make this really hard. Also, if you use RSA style auth on this operation too, you have circumvented it again.
I think the original posters statement that RSA authentication is the way to short-circuit this potential vulnerability is correct. Perhaps the use of the word "nullify" is a bit strong, but it sure makes an extremely difficult task even more difficult (perhaps approaching impossible). I have to be honest, I have always found RSA auth annoying, but this vulnerability has perhaps convinced me that it is the right way to go.
I'm lucky NOW to get a 9600. Usually it's about 7200. Yes, bps. And then only to one ISP.
Sounds like they hosed something up on the inter-CO trunks (misconfigured IMTs or something like that) somewhere between your exchange(s) and the ISP. Until they fix it you might try temporarily disabling 56K (V.90, x2 and/or K56). Often the fallback from 56K protocols is butt ugly, but if you skip that and start out at V.34 it can be less drastic a dive. The commands to do that vary modem to modem, several are listed here at 56k.com. Just scroll down and you will see lots of modems and their 56K disable commands listed.
The problem is, with Rhythms going under, I now have no choice but to stay with Telocity and let Ameritech provide the line. Or, I could switch to Ameritech DSL.
Or you could refuse to allow your business to go to the evil entity that helped drive Rhythms out of business and go with Sprint ION. Yeah, it is ADSL, but it is (up to) 8 Mbit/1 Mbit. They also move your phone line to VoDSL (over ATM, no VoIP) and turn the screws a little bit more on Ameritech.
I am not sure I consider Sprint any kind of shining knight, but they are considerably lower on the evil scale, are not likely to go belly up soon, and have the legal muscle to minimize Ameritech's ability to screw with them. The loop has already been installed for me, and (in theory) Sprint comes next week to finish it off.
Basically, fsck Ameritech! Not sure if you are in Sprint's service area for ION, but it sounds like you are in Chicago, if so, you likely are.
In order to use the service, you need to have a DHCP client, and the DHCP client listens on UDP port 68 for DHCP server requests. If a server is defined as "software which listens on a TCP or UDP port for incoming connections or packets and generates responses to those requests", then both the DHCP client and the DHCP server are "servers".
Actually (no offense intended) but since you are trying to get technical, DHCP does not work that way. It is a true client in every sense of the word. All DHCP operations I can think of are initiated by the CLIENT in your machine.
When you bootup, your client sends out a DHCPDISCOVER (a broadcast initiated by your machine), the server responds, and a short negotiation takes place. The next most common operation is a renewal, also initated by the client (when the lease is 50% of the way towards expiration).
I guess you could argue that ARP responses and ping responses are "server" functions (and one or the other often is part of DHCP verification procedures), but that would really be stretching definitions.;)
Perhaps they mean "servers" in a less formal sense, like "mail servers" and "web servers". That definition still allows various "peer to peer" software which is simultaneously client and server.
I know my contract (Sprint ION) that I just signed specifically lists several types (web, mail, etc.) then adds a catch-all for something like "any server providing services or content to other users".
- The fact that Audrey is 'hackable' is probably 3Com's (Audrey's makers) fault and not QSSL's (QNX's makers) fault. 3Com designed and packaged the system.
You are quite correct, except it wasn't really a "design fault" but a code leak. I have seen several "attempts" to hack Audrey and none were successful until this guy got a hold of an internal version that had a shell. I am not going to say that it would be impossible to do without it, but I doubt many (if any) would have the fortitude and knowledge to accomplish it (outside of 3Com and QNX).
I will say, looking at what he did, he accomplished quite a bit. Probably a hundred or more people had a flash card with this code on it, and he is the first one I have seen to figure out how to dissassemble it and do something with it. He did some great social and reverse engineering.
Slashdot Mirror
As for wasteful? I didn't know using webcams to talk to friends and family you can't just drive to see as they live too far aways is deemed wasteful. How stupid of me.
No, I did not refer to those kinds of things as "wasteful", that sounds pretty practical to me, unless you have your web-cam up and passing data 7x24 "because you can". I highly doubt you would run afoul of a reasonable threshold if you do that. Napster/Gnutella, etc. probably would be considered wasteful, as would downloading everything off of freshmeat even if you are not going to use it "because you can". In the latter cases, you are likely to see a higher bill if your provider charges for excessive usage and I think that is reasonable.
As far as the AC you were applauding, his argument is even dumber than yours. His comparison of food to bandwidth is like comparing stealing a candy bar to rape.
Not reasonable when you consider the fact of continued packet loss problems...snip
Perhaps true, but a completely separate debate. The debate was regarding charging for excessive bandwidth usage, not quality of service.
OTOH, depending on the source of the performance problems, reduction of usage could very well help out the situation.
I wouldn't mind if they gave the hoggers their own lines to hog from, but what's the point if they are still hoggin from the shared bandwidth? it doesn't help me.. it only helps the greedy cable company
I don't agree (at least not 100%). There are 2 arguments I could make to your statement:
- If they are charging more, folks are less likely to "waste" bandwidth. "Wasteful" activities like P2P, recklessly downloading large files (ISOs, etc.) will be curtailed if there is a direct cost associated with them. Folks will think twice, and chances are some of you shared bandwidth will open up. This is basic economics.
- Your bandwidth is shared, but only within local domains. You are sharing with your neighborhood, not your entire community at least in respect to the concept of sharing bandwidth on a TV cable. If there are lots of people wasting bandwidth, this does add up over the many shared domains in a community and forces the Cable company to add additional bandwidth out of their facility, causing a very direct cost to them, somewhat justifiying the additional fees.
Bottom line, your argument is not consistent with reality. Though I do not completely dismiss the fact your cable company hopes to make a few bucks off this, the reality is it will likely reduce waste and benefit you, as well as it is not completely unreasonable for the cable company to try to recoup costs. Hopefully the thresholds the providers set are reasonable, and the over-threshold fess are reasonable. From the numbers being tossed around ($80 for the excessive users) those seem darn reasonable.
Impossible, as a former MSN Tech Support weiner I can tell you that MSN uses standard PPP MS-CHAP dialups with a username of "MSN/" and your regular password.
Very true, but how about email? The "proprietary" secure password mechanism for POP retrieval requires Windoze libraries. Webmail sucks and is the only option for non-Windoze users.
The people behind the Icebox clearly come from a consumer electronics background.
;)
They have a kitchen appliance background. Iceboxllc is a subsidiary of Salton, the same people who brought you the George Foreman grill, Juiceman, Breadman, etc. It slices, it dices, it displays your pr0n
Who determines what "excessive profit" is? You?
Exactly! The consumer! remember us? $400 for MS Office is ridiculous, per connection fees to a server running NT/2000/XP are just highway robbery!
In that case regulation is not the answer, vote with your checkbook! If the price is unreasonable, don't buy it. Determining what is excessive profits is not going to work or solve any problems without completely stifling innovation.
I admit this can be problematic, but that is why many (all?) capitalist countries have anti-trust regulations. If those are enforced, the system will work. The process is simple, let the market determine pricing, but watch carefully for market abuses such as monopolistic practices and chop the violators off at the knees.
Simple...NO. Perfect....NO. But proactive regulation will make even legit business impractical. The current system in use in modern capitalist societies seems to be the right approach. Let businesses compete, but set ground-rules and enforce them.
In case you are wondering, I thoroughly believe that M$ has crossed the line and needs to be curtailed. I am very disappointed with the settlements that are occurring. My problem with them has NOTHING to do with their profits, but with their tactics. Had they done this legally and ethically, I would have no issue whatsoever.
If you're big enough, you can buy the soon to be released "Red Hat Network in a Box" where you can run you're own completely autonomous Red Hat Network w/in your own corporation.
It appears it has been released (at least by marketing ). They have 2 options (a local "proxy" and a standalone "satellite" system) both described here.. They don't give much in the way of details, but a decent high-level description. We have about 200 RH systems in our shop, looks worth investigating.
BTW, AOL has actually developed a Linux AOL client. It is not (to the best of my knowledge) available publicly as a standalone package, but was released publicly in the form of Gateway's Internet appliance last year. Gateway's (failed) appliance was very Linux (RedHat, I think, not sure) and very AOL.
Hopefully, they will release it as a standalone package some day. Not that I personally care, but it would remove a roadblock for folks like you.
Well, for one thing, check out "Windows Scripting Host" on the Microsoft website. Using either VBScript or (much preferably) Jscript, you can do pretty much anything you want...
.htm attachment (not one normally thinks of as "executable"). Can't MS do anything without opening a gaping security hole?
...including a nice virus. See info on the Gigger virus. Gigger exploits the Windows Scripting Host to do "anything it wants". The exploit sends a
Sure - but who in their right mind would install a root capable tool and NOT restrict access by IP?
;)
Pretty much the same crowd that would need Webmin
Or not, seeing as California is a pretty liberal state. Remember, that's Condit Country.
It is also Reagan (and Nixon I think) Country. It is a state of major contradictions. Last I heard it was about 48% radical liberal, 48% radical conservative. Starting a political argument there is quite easy.
I thought anything responsibility like this not expressly given to the US Gov't by the constition was by that same constitution given to the state as a responsibility? Is this legal?
;)
The most common method to circumvent this is a simple matter of funding. The fed usually uses highway funding as their lever. They will not make a law mandating a national ID or anything like that. They will make a law (or sometimes the president does it using an executive order) that highway (or whatever) funds will be witheld unless the state cooperates with the DL interlinking.
A great example of this is the nationwide drinking age of 21. This is not a federal law (the feds have no jurisdiction on this), this is a set of 50 state laws, many of which were forced by the fed threatening to withold highway funds. Wisconsin, Louisiana and Alaska (I believe) were amongst several that bitterly fought this, but gave up as they could not afford to go without the highway funds. This same tactic has been used on many occasions (the old 55 MPH speed limit was enforced by the same method, a presidential order by Jerry Ford witholding highway funds to those states that did not comply).
I have no idea if this has ever been tested in the courts, my guess is it has and passed. IMHO, this is an unconstitutional practice, but it seems to work.
Another example (a bit more radical) of how the fed can enforce their will was the case of Utah and statehood. The fed required that Utah outlaw polygamy before they were admitted to the union. I am not dead-sure what would happen if they decided to change their minds and drop the law
Also, the article says they can expand capacity 300%. Frankly, that sounds like pretty short-term planning to me. In my experience, it's a rare data store that doesn't double in size every year or two.
I don't know, in the last 12 months my guess is ISP datacenters (Exodus and the like) have been shrinking, along with their customer base. I go to one of Exodus' datacenters in Santa Clara about once a month to maintain our server rack, the place is getting emptier and emptier every time I go.
Dead on. A few months ago I bought a 38" 16x9 tube TV from RCA, built-in HDTV (not just "ready"). I plugged in an antenna for a couple days to see what HDTV is all about. It is just the same old crap in high-res. Yeah, looks good, but I hate regular TV and this is no better.
DVDs, especially since my recent progressive scan purchase, are simply awesome. No (or very minor on super-wide ratios) letterboxing, beautiful picture......unbelievable.
Then there is DVD-Audio..... I can't say enough about how cool that is.
I'd choke using this as a networked machine. The supported network connections are a choice of 2 USB ethernet for "10/100" connectivity (3Com and D-Link). Hmmm, USB is maxed out at 11Mbps. Also, the way that USB works is each device "reserves" a slice of bandwidth appropriate for their needs, but must be careful to not hog all of it or nothing else will work on the same bus. If I recall correctly, at least the 3Com USB (which is an OEM from Acton and I believe the same as the D-Link) only reserves 2Mbps. Boy, that would suck when you are used to near 100Mbps (or even 10Mbps) to local servers.
Just be honest about it. If bandwidth usage is the concern, just say so.
.... fortunately most ISPs don't regulate this, and hopefully it remains that way.
I agree. I really wish these folks would wake up, quit playing games, and charge based on costs not on some strange concept of usage types.
If someone wants to run a website with their vacation or baby pictures for family, excellent, it will likely drain resources very little. If someone wants to run Gnutella or a higher volume web site, great, but I am sure it will not last long once they get the bill or will be justified by the profits/satisfaction they generate.
Basically, consumption is self-regulating and businesses should base their charges on costs, not some market segmentation. If one uses more resources, they should pay more. Blocking things like VPN usage is ridiculous, as it has no bearing on the cost of services
I have no idea if there is a V.92 upgrade available for the Courier, but if there is you need to grab the Xmodem variant of the upgrade image. In your terminal package, type the following command to the modem "AT~X!" and use the Xmodem send command in your term package and send the file to the modem.
Some very good advice, yet I would disagree on the point that you will never "turn" a manager who is not comfortable with it. I have turned every manager I have had, but admittedly it has been a struggle each time. I even got my last boss to the point where if there was something he needed urgently he would say "can you just work from home tomorrow, focus on it and crank it out?". It took him a while, but he definitely did a 180 on the issue.
;)
After 12 years of telecommuting (couple days a week) I can share the following advice:
- Go out of your way to be available by phone. I have a sign on my cube wall ENCOURAGING people to call me on my cellphone and have a speed dial button on my desk phone to make it easy.
- Try to have only 1 phone number they can always reach you on (in or out of the office). A cell phone is good, a "one-number" service can also work, and/or forward your desk phone to your cell if you can.
- Try to have conference call (3-way calling) features on your phone. That makes getting a few people together for an impromptu discussion easy.
- Be VERY responsive to email. Fast responses are always appreciated, even if it is a simple "thanks", "I'm on it" or whatever. Just an acknowledgement that you received it helps alleviate some of the mystery.
- Be sure to drop your boss a couple notes a day on accomplished tasks (or progress/status). Remember "perception is reality" and most bosses will make the connection over time that you seem to get more done when telecommuting. I even occasionally use a somewhat devious tactic of waiting to tell my boss about a task completion until I am home (even though I might have got it done at the office). Don't over do it though.
- Avoid over telecommuting! 2 (maybe 3) days a week is usually the most you should do. Otherwise you will lose touch and might go insane
- If you can, try making a hard schedule of which days you are out. People then can adjust and will know when to expect you there, and when not to. Bosses will almost always prefer this, as will your team mates.
- Never forget that you are the one bucking the trend and being given a privelege. Don't abuse it, and always go out of your way to accomodate others.
Anyway, these are the basic concepts that have made it work for me. I hope they help.
And if they did pay for your commute (to your office) our (US) nasty tax laws would require them to report that as "pay" and it would be taxed like pay including FICA, etc.
To be fair though, a recent (last year or two) law allows a business to pay for public transport costs (within limits) by buying you tickets or a transit pass (or whatever the local transit system calls for). I thought this was a brilliant idea.
They are talking about passwords entered after you log in. To things like sudo, or SQL front ends, or other crap like that.
I do not believe you are correct, from their document it appears they are focussing on the initial login. It is much easier as they know where in the stream to look. Trying to capture a sudo, etc. would be very difficult as you would need to analyze the entire session stream (that is almost certainly intermixed with writing emails, scripting, coding, etc.) and look for repeating patterns (and that assumes you are entering the password alot for various things).
Or loging into another machine.
Yes, they do address that. But now that involves them having a very, very (almost too) convenient location from which to sniff, twice (or they are sniffing from your machine itself). Using switched networks (super common) and decent physical security will make this really hard. Also, if you use RSA style auth on this operation too, you have circumvented it again.
I think the original posters statement that RSA authentication is the way to short-circuit this potential vulnerability is correct. Perhaps the use of the word "nullify" is a bit strong, but it sure makes an extremely difficult task even more difficult (perhaps approaching impossible). I have to be honest, I have always found RSA auth annoying, but this vulnerability has perhaps convinced me that it is the right way to go.
I'm lucky NOW to get a 9600. Usually it's about 7200. Yes, bps. And then only to one ISP.
Sounds like they hosed something up on the inter-CO trunks (misconfigured IMTs or something like that) somewhere between your exchange(s) and the ISP. Until they fix it you might try temporarily disabling 56K (V.90, x2 and/or K56). Often the fallback from 56K protocols is butt ugly, but if you skip that and start out at V.34 it can be less drastic a dive. The commands to do that vary modem to modem, several are listed here at 56k.com. Just scroll down and you will see lots of modems and their 56K disable commands listed.
Hope this helps you out.
The problem is, with Rhythms going under, I now have no choice but to stay with Telocity and let Ameritech provide the line. Or, I could switch to Ameritech DSL.
Or you could refuse to allow your business to go to the evil entity that helped drive Rhythms out of business and go with Sprint ION. Yeah, it is ADSL, but it is (up to) 8 Mbit/1 Mbit. They also move your phone line to VoDSL (over ATM, no VoIP) and turn the screws a little bit more on Ameritech.
I am not sure I consider Sprint any kind of shining knight, but they are considerably lower on the evil scale, are not likely to go belly up soon, and have the legal muscle to minimize Ameritech's ability to screw with them. The loop has already been installed for me, and (in theory) Sprint comes next week to finish it off.
Basically, fsck Ameritech! Not sure if you are in Sprint's service area for ION, but it sounds like you are in Chicago, if so, you likely are.
And there is this story at Yahoo.
And, too bad about Alan Kessler leaving. He was one of the few former 3Com guys that I really respected. A good guy, and seemed sharp.
In order to use the service, you need to have a DHCP client, and the DHCP client listens on UDP port 68 for DHCP server requests. If a server is defined as "software which listens on a TCP or UDP port for incoming connections or packets and generates responses to those requests", then both the DHCP client and the DHCP server are "servers".
;)
Actually (no offense intended) but since you are trying to get technical, DHCP does not work that way. It is a true client in every sense of the word. All DHCP operations I can think of are initiated by the CLIENT in your machine.
When you bootup, your client sends out a DHCPDISCOVER (a broadcast initiated by your machine), the server responds, and a short negotiation takes place. The next most common operation is a renewal, also initated by the client (when the lease is 50% of the way towards expiration).
I guess you could argue that ARP responses and ping responses are "server" functions (and one or the other often is part of DHCP verification procedures), but that would really be stretching definitions.
Perhaps they mean "servers" in a less formal sense, like "mail servers" and "web servers". That definition still allows various "peer to peer" software which is simultaneously client and server.
I know my contract (Sprint ION) that I just signed specifically lists several types (web, mail, etc.) then adds a catch-all for something like "any server providing services or content to other users".
- The fact that Audrey is 'hackable' is probably 3Com's (Audrey's makers) fault and not QSSL's (QNX's makers) fault. 3Com designed and packaged the system.
You are quite correct, except it wasn't really a "design fault" but a code leak. I have seen several "attempts" to hack Audrey and none were successful until this guy got a hold of an internal version that had a shell. I am not going to say that it would be impossible to do without it, but I doubt many (if any) would have the fortitude and knowledge to accomplish it (outside of 3Com and QNX).
I will say, looking at what he did, he accomplished quite a bit. Probably a hundred or more people had a flash card with this code on it, and he is the first one I have seen to figure out how to dissassemble it and do something with it. He did some great social and reverse engineering.