Another good example is try moving a network card to a different PCI slot.
With Windows, I can't even begin to recount my experiences. In a nutshell, when I rebooted, Windows would detect "my new" network card and add another NIC in the list, but refuse to let me remove the original, "shadow" NIC. Because it wouldn't let me remove the original configuration, I couldn't set the IP in the new device. I refused to spend more than 30 minutes on this problem because my time and sanity is worth much more, so in the end I just wound up giving the device a different IP. (Fortunately I had that option available to me.) My father had a very similar experience when moving his NIC to a different slot.
Of course, in Linux it simply wasn't an issue. Linux doesn't care what slot the card is in. It just works.
And then there's the time I tried to install a serial mouse on an NT4 system that originally had a PS/2 mouse. I spent an entire day trying to make that work until finally I just reinstalled NT. (Before you ask, I have years of experience supporting and maintaining NT in a large organization, so I figure I should know how to switch a mouse.)
Of course I don't know how the technology works, but given that the number of false positives is so high, I'm guessing the algorithms are liberal in what they accept as a match. So my hunch is the number of false negatives would be much, much lower than the number of false positives.
No, but we do knee-jerk when our American neighbours "ask" us to do something. And they'll likely "ask" us to follow suit with respect to their encryption laws.
I noticed that too. I usually enjoy being confrontational about these things too, but was dissappointed when they didn't ask me for my name. (What can I say? I'm an asshole.)
My brother also told me one of our local restaurants was known to include a gratuity into the bill. (He said he was there during a lunch meeting when they did it, but he didn't bother saying anything since he wasn't the one paying the bill.) I went there a few times since then, but they never pulled it on me. I would have asked to see the manager, instruct him to personally bring me back a bill with no gratuity included, and then explain to him why his server won't receive a tip from me.
Jason.
Re:So I will drive with my windows open, NEXT
on
Remote Breathalyzer
·
· Score: 3, Insightful
This in itself isn't such a horrible thing, true.
The real problem is more fundamental. People are slowly being desensitized to loosing their privacy. First we get sensors in our cars to detect if we've been drinking. Then they add sensors to alert cops if we're speeding. Next, cops will get alerted if we don't come to a complete stop at a stop sign. No problem right? I mean, these aren't too serious. No one should speed, and we should always come to complete stops because otherwise these could jeopardize lives on the road. Next they'll put cameras in our cars so we have a photo identity of the person responsible for breaking the above laws. Well that's certainly bothersome, but don't worry about it, the government will tell us, we already know when you're drinking, speeding, and rolling stops. Then the government sets up devices to monitor our phone and email conversations. (Well, we already know they're monitoring email at least.) No problem, you don't have anything to worry about unless you're breaking the law. They're also going to put cameras on the streets pointing at every house. This is for your own protection so that they can catch burglars better. Why stop there? Let's put cameras inside the home too.
Yes, this is an unrealistic slippery slope. It's extreme, but you see my point. At what point do we draw the line? Putting cameras in our house is obviously invading our privacy. Putting alcohol sensors in our cars isn't? Who decides what violates privacy and what doesn't? I say stop them before they start.
But it's not using native widgets on any platform. A massive amount of time has been spent recreating open dialogs, scroll bars, drop down menus, and all manner of UI objects. My objection to this is that they could have had a dozen native front ends together in the time it's taken to recreate all the various tid bits that Microsoft, Apple, Gtk, and Qt (to name a few) have already done.
Sun travelled down this road with Java's AWT. AWT abstracted the native GUI on each platform so that Java apps using AWT would run using the native platform's look and feel. this was a great idea at first glance because it meant better integration.
The problem with AWT was that each platform's GUI had its own little nuances and idiosynchrasies that made uniform rendering across the board impossible. It was a mind numbing experience to make a dialog box that rendered the same on all of Java's platform, and sometimes the rendering would be out to lunch.
So instead Java got the Swing UI. Swing does precisely the same thing as XPFE in this context. It's a single API implemented using low level graphics functions on each platform and ensures that rendering widgets stays uniform on all platforms. Swing L&F (look and feel) is pluggable so that you can have a native look with the Java app, but it's still Swing. XUL too is skinnable, and once Mozilla 1.0 is released and the skin stuff stabilizes, expect to see a slew of quality themes that integrate well with the platform of your choice.
Jason.
Coming from the field ...
on
Dorm Storm?
·
· Score: 2, Interesting
I work for a significantly smaller university and deal with the same sort of problems, only on a much smaller scale. For example, we may have 75 students move into the residences at the start of the term who have to be serviced by our very small department (of 3 full-time staff).
Even though our scale is (much) smaller, I'm sure we face the same types of problems. So, I do have some advice:
Stable network: A stable network is totally crucial. This time last year our residences were wired with thinnet, using transceivers in every room which students plugged directly into their AUI ports on the network cards we provided them. This was an absolute nightmare. It didn't help that the network was cabled out of spec (we didn't do it! It was passed down to us from the previous staff in the department), but the network cards were arcane, and Windows 2000 stopped supporting some of them. So, perpetual physical network problems gave us nothing but grief, and inevitably as students moved in they would put additional stress on the badly cabled network and cause endless brokenness that would take usually weeks to get fixed. It's a wonder the students put up with us. Since then we have wired the residences with CAT5E using managed switches. We made sure professionals certified the cabling as CAT5E compliant. The difference in reliability and time spent in supporting the network is night and day.
Faculty still need help: The faculty procrastinate just like the rest of us, and they're frantically trying to prepare for their courses that are going to start in a few days. They always have last minute problems, or come to us and say, "Oh, we need this software XYZ available in all the labs for next week. Didn't I tell you?" It helps to be proactive before the beginning of the term to determine their requirements. But even still, their requests are going to tax your resources while you're busy helping students get connected to the campus network.
Delegate as much as possible: We give all our network cards to student services, and the student services staff handle assigning NICs to the new students, and give them instruction sheets on how to setup their systems. A lot of the new students are computer science students, so they can usually handle a basic NIC setup. For those students that can't, we have residence advisors (some of whom are co-op students in our department) and will help out in setup. Only when there are non-trivial problems do they reach the full-time staff for troubleshooting. Of course, this is the way it should be.
Students are your customers: Let's face it, anyone who works in this type of support role knows you get stupid questions, stupid problems, and stupid people. But the students are your customers. They are the people who ultimately pay your cheques. Be courteous and helpful. If you can't solve their problem as quick as they want, tell them politely they may have to wait a day or two because their problem is complicated, but do not forget about them! Remind them they can use the labs for all their computing needs while their PC is out of commission. Remember, they're your customers.
In my experience, the first point is the most important one. The more stable your infrastructure is, the less problems you'll have. Use reliable network cards, switches, and cabling. Unless you're professionally trained, contract out your cabling, or at the very least, get it professionally certified. You do not want to spend 2 days troubleshooting a network problem a single student is having only to find out it's because their wire is running beside a BX cable in the wall somewhere.
I'll probably get modded down for saying this, but...
It's reverse psychology.
Me: You'll probably mod me down for this but... Moderator: Oh yeah!? Here, take these mod points! I sure showed you, bitch!
The scary thing is, it seems to work. How many +3-5 comments do you read that begin with, "I'll probably get modded down for saying this..." So I agree with you. If they're expecting it, or are asking for it, I wouldn't want to disappoint them.
Well, 6.x is just as slow and bloated as Mozilla, but Netscape 4.7x is much faster than either.
6.1 is better than 6.0 in all respects, especially performance. Mozilla has seen amazing performance increases since the branch NS6 was forked from. It's still got some improvements to go yet, but 6.1 (Mozilla 0.9.x) is actually usable, as opposed to 6.0.
Yes, it's true. Netscape6/Mozilla will never be as fast as NS4 (at least as far as the UI goes). For better or for worse, Mozilla really is a platform, and along with it you get all of the overhead. But not only is that overhead seeing plenty of profiling and optimization, but keep in mind processor speed has at least doubled since the project began. And processor speed continues to increase. So while Mozilla will never be as fast as NS4, there will come a time when the performance difference will be statistical noise, and no one will care. Yes, we all want a competitor to IE that can beat it in performance now, but I like to think of Mozilla as the "browser of the future."
Is there any actual feature advantage to Mozilla/Netscape6.x over Netscape 4.78?
I don't know if you deliver web content or not, but the big thing is that Mozilla/NS6 implements the W3C recommended standards like CSS1/2 and DOM. If you're just a normal user, this may not impress you so much, but believe me, this is very significant. The sooner we can bury Netscape4, the sooner content deliverers can start to develop using CSS, and truly cross-platform web applications can be built using the DOM. In other words, there may not be an immediate advantage (at least, a big advantage from a user's perspective), but the real benefit is in the web's future.
And what is all the fuss over IE?
Maybe I'll get tarred and feathered for this, but IE really is a good browser. It implements quite a bit of CSS and DOM, and, while it does have its braindead idiosynchrasies (like all browsers), developing IE-compatable content doesn't make me pull my hair out like NS4 does.
That's not the start button and icon tray at the bottom. It is Netscape's status bar. I do realize it could be a window manager with Windowsish window frames, which is why I looked at Netscape's scrollbar, which is a dead giveaway.
At any rate, this discussion is completely pedantic and entirely moot.:)
Nothing. That's right. Life goes on as usual. The net and its users survive yet another disturbance in the force, and we return to our regularly scheduled program.
Sierra's *Quest games were pretty popular last decade too. King's Quest I was a great, challenging game, and set the stage for a new genre of gaming. Let's also not forgot Space Quest, Police Quest, and the ever-perverted Leisure Suit Larry!
That's right, replies to the spoofed packet will not reach you (unless you are spoofing a different IP on the same segment that you're on).
It used to be the case where you could manage to create 'blind' TCP sessions by predicting the ACK number produced by the remote host. This was pretty commonly used on IRC where someone would have a legit, non-spoofed connection and sit in a channel and have a blind, spoofed TCP session along side it. He could then see the channel activity, and even interact with others through the spoofed connection, usually long enough at least to gain ops and take the channel.
These days (almost?) every new TCP/IP stack will generate acceptably random ACK numbers to prevent these ACK prediction spoofs. But for the purposes of a DoS, it doesn't matter if you never get the return packet. In fact, in the case of ICMP, it works to your advantage. If I flood 1400 byte ICMP echo requests using spoofed IPs (random or otherwise), not only will I hit your downstream bandwidth but because of the replies you (by default) generate I'll also be hurting your upstream bandwidth and your replies won't flood me back.
As most others have pointed out, the only real solution is egress filtering. Unfortunately if a box is compromised that is sufficiently close to a backbone, this solution (FWICS) won't work.
A lot of people seem to be worried that Mono will ultimately be Ximian's undoing. Even if this is true and Ximian folds up, what have we lost?
We lose a company that presents a corporate face to GNOME. We have not lost the developers. The Ximian hackers are so pationate about what they do (if the recent Mono articles haven't made that clear nothing will) that I think they would still hack on GNOME if they had nothing but a cardboard box on Central Ave. and a laptop.
Others have mentioned that Ximian is losing focus on its current projects like Gnumeric, their desktop distrution, and Evolution. In fact, people have shouted this with extreme prejudice. Well let's get one thing clear: Ximian owes us nothing! Ximian can direct their efforts to whatever project they damn well wish. They are
OSS developers in their core, and OSS developers scratch their own itches. That's the way it works, folks.
.NET is an interesting idea, and Mono is an interesting project. Ximian is surely treading in unknown territory but the payoffs could be big in 3-5 years. It's worth a gamble. Ximian isn't dropping their current projects, but if you're worried Evolution or Gnumeric or whatever isn't going to be ready for your desktop as soon as you'd like, then sign up the mailing lists and look at contributing.
The shortage is not in people in general, rather in talented (or hell, I'd settle for competent) people.
When a new IT related position opens up in our organization we don't have a shortage of applicants. But very rarely do we get an applicant that impresses me. In fact, some of the applicants barely reach what I'd consider to be competent.
For the last 5-7 years parents and guidance counsellors have been telling their kids, "go into the computers, it's the 'wave of the future'!" And this whole IT shortage thing making the headlines over the last couple of years has made a lot of students enter computer science and IT related programs in school. (I ought to know, I work for one.) Unfortunately, just because these people get a degree, doesn't mean they're particularly good or even competent. (Yes, the occasional incompetent student manages to get a degree. It happens.) As a result, we now have tons and tons of students in or graduating from IT and computer science. So it may seem like there's no shortage, but really try interviewing a random selection of this pool and you'll see that the shortage is in the truly skilled.
If your mail server uses qmail, you can create user aliases. So suppose you want to download some 3com drivers but they require registration. Just create a file in your home directory called.qmail-3com and inside it put the email address you want forwarded to. If your username is fred, then email sent to fred-3com@domain.com will get forwarded to the address you place in the file.
It's a painless and effective way to create new email addresses when you want to register with a new service. Then, when you get email sent to one of those addresses from an unknown party, you know precisely who to blame. I have been following this practice for over a year now, and -- knock on wood -- I haven't had a single address leaked, and I've registered with some pretty obscure places. I have about 50 aliases setup.
Jason.
Or, for that matter, for your co-workers or whoever inherits your systems. Obscurity can improve security, but at a dreadful cost: maintainability.
Within certain contexts that's true. But in some cases, obscurity doesn't sacrifice maintainability much at all. The example used in the article was changing the port number a certain intranet webserver is run on. This type of obscurity is fairly benign.
My view is that obscurity should be the last layer applied to any security system. And as you point out, if the cost of obscurity is too high in terms of maintainability, maybe it's not such a good idea. A system ought to be secure without any obscurity, but having a "sane obscurity layer" sours the pot for the kiddies.
I too have had excellent experiences with Shaw. I do know a little bit about their infrastructure. I toured their facilities since I have business contacts at Shaw and was quite impressed. In my city, at least, they have deployed fiber to a dozen or two nodes around town (I live in a small city of 80k - Sault Ste. Marie, ON) and each of the nodes, while equipped to handle about 5000 connections, are split once they reach 50% capacity (split meaning they essentially create another node).
Apparently they have some agreement with Terayon to use all their stuff, but while the equipment they use for the nodes claim to handle so many connections, Shaw has noticed reliability drops from 100% once capacity passes 50%. Perhaps other cable companies don't bother doing QA testing and take the word of the sales department of the technology the use at face value.
In any event, infrastructure-wise they certainly seem to have their shit together, at least here. I've been happy with their service. Tier-1 support in Calgary are handled by a bunch of morons, but that's okay because they're supposed to deal with lesser morons. For our business contact we go right to the local tech manager and we always get very prompt and competent responses. (Which is good, because it saves me from giving the Tier 1 guys the usual "Look, I've forgotten more than the Tier 2 guys know, so please pass me up to someone who can make decisions.")
I'd certainly recommend Shaw cable to anyone in Canada.
Slashdot Mirror
With Windows, I can't even begin to recount my experiences. In a nutshell, when I rebooted, Windows would detect "my new" network card and add another NIC in the list, but refuse to let me remove the original, "shadow" NIC. Because it wouldn't let me remove the original configuration, I couldn't set the IP in the new device. I refused to spend more than 30 minutes on this problem because my time and sanity is worth much more, so in the end I just wound up giving the device a different IP. (Fortunately I had that option available to me.) My father had a very similar experience when moving his NIC to a different slot.
Of course, in Linux it simply wasn't an issue. Linux doesn't care what slot the card is in. It just works.
And then there's the time I tried to install a serial mouse on an NT4 system that originally had a PS/2 mouse. I spent an entire day trying to make that work until finally I just reinstalled NT. (Before you ask, I have years of experience supporting and maintaining NT in a large organization, so I figure I should know how to switch a mouse.)
Jason.
And you say:
Jason.
Of course I don't know how the technology works, but given that the number of false positives is so high, I'm guessing the algorithms are liberal in what they accept as a match. So my hunch is the number of false negatives would be much, much lower than the number of false positives.
Jason.
No, but we do knee-jerk when our American neighbours "ask" us to do something. And they'll likely "ask" us to follow suit with respect to their encryption laws.
Jason.
I noticed that too. I usually enjoy being confrontational about these things too, but was dissappointed when they didn't ask me for my name. (What can I say? I'm an asshole.)
My brother also told me one of our local restaurants was known to include a gratuity into the bill. (He said he was there during a lunch meeting when they did it, but he didn't bother saying anything since he wasn't the one paying the bill.) I went there a few times since then, but they never pulled it on me. I would have asked to see the manager, instruct him to personally bring me back a bill with no gratuity included, and then explain to him why his server won't receive a tip from me.
Jason.
The real problem is more fundamental. People are slowly being desensitized to loosing their privacy. First we get sensors in our cars to detect if we've been drinking. Then they add sensors to alert cops if we're speeding. Next, cops will get alerted if we don't come to a complete stop at a stop sign. No problem right? I mean, these aren't too serious. No one should speed, and we should always come to complete stops because otherwise these could jeopardize lives on the road. Next they'll put cameras in our cars so we have a photo identity of the person responsible for breaking the above laws. Well that's certainly bothersome, but don't worry about it, the government will tell us, we already know when you're drinking, speeding, and rolling stops. Then the government sets up devices to monitor our phone and email conversations. (Well, we already know they're monitoring email at least.) No problem, you don't have anything to worry about unless you're breaking the law. They're also going to put cameras on the streets pointing at every house. This is for your own protection so that they can catch burglars better. Why stop there? Let's put cameras inside the home too.
Yes, this is an unrealistic slippery slope. It's extreme, but you see my point. At what point do we draw the line? Putting cameras in our house is obviously invading our privacy. Putting alcohol sensors in our cars isn't? Who decides what violates privacy and what doesn't? I say stop them before they start.
Jason.
Sun travelled down this road with Java's AWT. AWT abstracted the native GUI on each platform so that Java apps using AWT would run using the native platform's look and feel. this was a great idea at first glance because it meant better integration.
The problem with AWT was that each platform's GUI had its own little nuances and idiosynchrasies that made uniform rendering across the board impossible. It was a mind numbing experience to make a dialog box that rendered the same on all of Java's platform, and sometimes the rendering would be out to lunch.
So instead Java got the Swing UI. Swing does precisely the same thing as XPFE in this context. It's a single API implemented using low level graphics functions on each platform and ensures that rendering widgets stays uniform on all platforms. Swing L&F (look and feel) is pluggable so that you can have a native look with the Java app, but it's still Swing. XUL too is skinnable, and once Mozilla 1.0 is released and the skin stuff stabilizes, expect to see a slew of quality themes that integrate well with the platform of your choice.
Jason.
Even though our scale is (much) smaller, I'm sure we face the same types of problems. So, I do have some advice:
In my experience, the first point is the most important one. The more stable your infrastructure is, the less problems you'll have. Use reliable network cards, switches, and cabling. Unless you're professionally trained, contract out your cabling, or at the very least, get it professionally certified. You do not want to spend 2 days troubleshooting a network problem a single student is having only to find out it's because their wire is running beside a BX cable in the wall somewhere.
Cheers,
Jason.
It's reverse psychology.
Me: You'll probably mod me down for this but ...
Moderator: Oh yeah!? Here, take these mod points! I sure showed you, bitch!
The scary thing is, it seems to work. How many +3-5 comments do you read that begin with, "I'll probably get modded down for saying this ..." So I agree with you. If they're expecting it, or are asking for it, I wouldn't want to disappoint them.
Jason
6.1 is better than 6.0 in all respects, especially performance. Mozilla has seen amazing performance increases since the branch NS6 was forked from. It's still got some improvements to go yet, but 6.1 (Mozilla 0.9.x) is actually usable, as opposed to 6.0.
Yes, it's true. Netscape6/Mozilla will never be as fast as NS4 (at least as far as the UI goes). For better or for worse, Mozilla really is a platform, and along with it you get all of the overhead. But not only is that overhead seeing plenty of profiling and optimization, but keep in mind processor speed has at least doubled since the project began. And processor speed continues to increase. So while Mozilla will never be as fast as NS4, there will come a time when the performance difference will be statistical noise, and no one will care. Yes, we all want a competitor to IE that can beat it in performance now, but I like to think of Mozilla as the "browser of the future."
Is there any actual feature advantage to Mozilla/Netscape6.x over Netscape 4.78?
I don't know if you deliver web content or not, but the big thing is that Mozilla/NS6 implements the W3C recommended standards like CSS1/2 and DOM. If you're just a normal user, this may not impress you so much, but believe me, this is very significant. The sooner we can bury Netscape4, the sooner content deliverers can start to develop using CSS, and truly cross-platform web applications can be built using the DOM. In other words, there may not be an immediate advantage (at least, a big advantage from a user's perspective), but the real benefit is in the web's future.
And what is all the fuss over IE?
Maybe I'll get tarred and feathered for this, but IE really is a good browser. It implements quite a bit of CSS and DOM, and, while it does have its braindead idiosynchrasies (like all browsers), developing IE-compatable content doesn't make me pull my hair out like NS4 does.
Cheers,
Jason.
That's not the start button and icon tray at the bottom. It is Netscape's status bar. I do realize it could be a window manager with Windowsish window frames, which is why I looked at Netscape's scrollbar, which is a dead giveaway.
:)
At any rate, this discussion is completely pedantic and entirely moot.
Jason.
It's windows. You can tell by the scrollbar in Netscape. Jason.
Nothing. That's right. Life goes on as usual. The net and its users survive yet another disturbance in the force, and we return to our regularly scheduled program.
Jason.
Jason.
It used to be the case where you could manage to create 'blind' TCP sessions by predicting the ACK number produced by the remote host. This was pretty commonly used on IRC where someone would have a legit, non-spoofed connection and sit in a channel and have a blind, spoofed TCP session along side it. He could then see the channel activity, and even interact with others through the spoofed connection, usually long enough at least to gain ops and take the channel.
These days (almost?) every new TCP/IP stack will generate acceptably random ACK numbers to prevent these ACK prediction spoofs. But for the purposes of a DoS, it doesn't matter if you never get the return packet. In fact, in the case of ICMP, it works to your advantage. If I flood 1400 byte ICMP echo requests using spoofed IPs (random or otherwise), not only will I hit your downstream bandwidth but because of the replies you (by default) generate I'll also be hurting your upstream bandwidth and your replies won't flood me back.
As most others have pointed out, the only real solution is egress filtering. Unfortunately if a box is compromised that is sufficiently close to a backbone, this solution (FWICS) won't work.
Jason.
We lose a company that presents a corporate face to GNOME. We have not lost the developers. The Ximian hackers are so pationate about what they do (if the recent Mono articles haven't made that clear nothing will) that I think they would still hack on GNOME if they had nothing but a cardboard box on Central Ave. and a laptop.
Others have mentioned that Ximian is losing focus on its current projects like Gnumeric, their desktop distrution, and Evolution. In fact, people have shouted this with extreme prejudice. Well let's get one thing clear: Ximian owes us nothing! Ximian can direct their efforts to whatever project they damn well wish. They are OSS developers in their core, and OSS developers scratch their own itches. That's the way it works, folks.
.NET is an interesting idea, and Mono is an interesting project. Ximian is surely treading in unknown territory but the payoffs could be big in 3-5 years. It's worth a gamble. Ximian isn't dropping their current projects, but if you're worried Evolution or Gnumeric or whatever isn't going to be ready for your desktop as soon as you'd like, then sign up the mailing lists and look at contributing.
This is our community. Take action.
Jason.
When a new IT related position opens up in our organization we don't have a shortage of applicants. But very rarely do we get an applicant that impresses me. In fact, some of the applicants barely reach what I'd consider to be competent.
For the last 5-7 years parents and guidance counsellors have been telling their kids, "go into the computers, it's the 'wave of the future'!" And this whole IT shortage thing making the headlines over the last couple of years has made a lot of students enter computer science and IT related programs in school. (I ought to know, I work for one.) Unfortunately, just because these people get a degree, doesn't mean they're particularly good or even competent. (Yes, the occasional incompetent student manages to get a degree. It happens.) As a result, we now have tons and tons of students in or graduating from IT and computer science. So it may seem like there's no shortage, but really try interviewing a random selection of this pool and you'll see that the shortage is in the truly skilled.
Jason.
It's a painless and effective way to create new email addresses when you want to register with a new service. Then, when you get email sent to one of those addresses from an unknown party, you know precisely who to blame. I have been following this practice for over a year now, and -- knock on wood -- I haven't had a single address leaked, and I've registered with some pretty obscure places. I have about 50 aliases setup. Jason.
Well said! You read my mind -- verbatim.
Jason.
Within certain contexts that's true. But in some cases, obscurity doesn't sacrifice maintainability much at all. The example used in the article was changing the port number a certain intranet webserver is run on. This type of obscurity is fairly benign.
My view is that obscurity should be the last layer applied to any security system. And as you point out, if the cost of obscurity is too high in terms of maintainability, maybe it's not such a good idea. A system ought to be secure without any obscurity, but having a "sane obscurity layer" sours the pot for the kiddies.
Jason.
How do you enable SSL with IMAP and SMTP? I'm not able to find the options. Maybe they weren't compiled into the package distributed via Red Carpet?
Jason.
Apparently they have some agreement with Terayon to use all their stuff, but while the equipment they use for the nodes claim to handle so many connections, Shaw has noticed reliability drops from 100% once capacity passes 50%. Perhaps other cable companies don't bother doing QA testing and take the word of the sales department of the technology the use at face value.
In any event, infrastructure-wise they certainly seem to have their shit together, at least here. I've been happy with their service. Tier-1 support in Calgary are handled by a bunch of morons, but that's okay because they're supposed to deal with lesser morons. For our business contact we go right to the local tech manager and we always get very prompt and competent responses. (Which is good, because it saves me from giving the Tier 1 guys the usual "Look, I've forgotten more than the Tier 2 guys know, so please pass me up to someone who can make decisions.")
I'd certainly recommend Shaw cable to anyone in Canada.
Jason.
Cat5e is rated up to 350Mhz and can handle 1Gbit. 1000Base-T runs over Cat5e, and it is indeed copper.
The Attacks on GRC.COM.
Jason.
Well, specifically x86 -- as in, Intel architecture. It's pretty much taken for granted that i386 == x86 == Intel architecture.
Jason.