I think your point is well taken, but I don't think anyone is necessarily that concerned with the absolute size of the U.S. manufacturing base. The problem is U.S. exports relative to imports, i.e. the trade or current-accounts deficit.
The U.S. achieved superpower status with a massive trade surplus throughout much of its history. Heck, the United States was a net exporter of oil during much of petroleum's rise to dominance as the universal energy source for the industrialized world.
The current trade deficit just doesn't seem like it can possibly be sustainable in the long term. It's only a handful of percent right now, and ironically it's helped by the weak dollar, but it could easily get worse rather than better if misguided "strong dollar" policies are put in place.
In many ways it seems as though the trade deficit -- and steps taken by the Fed and other policymakers to lessen or hide its effects from the U.S. public -- are at the heart of the current economic crisis.
Unless we can do something to fix the trade deficit, I can't see anything more than a long, slow economic decline being the best-case outcome for the U.S., while the worst-case (in which succeeding administrations go to greater and greater lengths to prop up a rotten economy addicted to foreign goods that it can ill afford, until it finally collapses) is far more precipitous.
I think what happens is that there are always ads in the national feed. They don't just transmit dead air or bluescreen for the local cablecos or broadcast stations to transmit on top of -- that would just be a waste.
So instead they have some ads in the national feed that aren't allowed to be overplayed. These cost seriously big bucks. Then there are other ads, which cost less, that still go out on the feed, but which the local operators can run local spots on top of, if they have them available.
These spots cost less, because not everyone sees them -- they only get seen if the local operator doesn't have any advertising to cover them with, or if you're watching the national feed directly somehow (via satellite).
This is why if you watch a show via a national satellite provider, you'll see the same number of ads, but they'll all be for national companies. If you watch the same show on a local broadcast affiliate, some of those national spots will be covered up by local ones.
The choice of which ones get covered over isn't, I think, totally random; I'm sure the national advertisers pay differently for "don't cover" and "may be covered" airtime.
> SSL to an untrusted host is just as bad as no ssl
Well, I'm not sure I'd go quite that far, although I understand the point you're making.
The whole purpose of having certificates from "Trusted Authorities" is that they're supposed to verify that the people applying for certificates actually control the domain that the cert is issued for.
For example, you or I shouldn't be able to go up to Verisign and get a certificate with a Common Name that includes "slashdot.org", since we're not in control of the domain. It's the responsibility -- actually the sole function -- of the Trusted Authorities to ensure this is the case.
We can argue how good a job they do of this; if they do a crappy job, then SSL and its whole certificate infrastructure is worse than useless.
However, although Verisign et al aren't that great, they're not quite to the point of letting anyone get any certificate they want, either. There's still a (weak) level of authorization checking. (Usually they send some sort of confirmation code to the Technical or Administrative contact for the domain in WHOIS, and require you enter that code to get the cert.)
The net effect of this is that, when you contact a site using SSL, as long as you don't disregard any warnings from the browser, your communications should be protected in transit between you and the site.
There's no real "trust" of the site at the other end of the line required, for security in transit. The person/entity you need to trust is the Certificate Authority backing up their SSL cert.
That's the weakness of SSL.
(Of course, if you're doing business, you need to trust the site at the other end of the line to protect the information you're sending them, once it arrives on their system. And I suppose you could argue that you need to trust them to not expose their private key to the world, letting anyone use it. But the key bit of trust you need as a user is of the CA, not the other host.)
> Doing man-in-the middle attacks on SSL connections is beyond the technical ability of ISPs
That seems like a rather dangerous assumption. Just a few years ago, doing wire-speed ad replacement was beyond the technical ability of ISPs. Now, it's clearly not.
There's nothing really that hard about MITMing SSL, if you take on premise that the user is stupid and will ignore certificate-mismatch warnings. The actual MITMing is fairly simple, and I'm sure there are lots of companies who would be more than happy to develop hardware to do it to many connections simultaneously, at the DSLAM level, if you tossed some cash in their direction. It's not really that much more difficult than current DPI, plus the addition of cryptographic offload engines to do the SSL on either side (and those are off-the-shelf hardware items).
If it's legal and profitable -- or even not expressly illegal and profitable -- someone will do put the pieces together and do it.
I can't speak for the GP, but I don't think that's how most people with home theaters are running the numbers, consciously or not.
I think most people decide, first of all, that they want a home theater. That is to say, they want that facility in their house.
Similarly, most people who are designing houses and have nice, big kitchens built, aren't building them because a cost/benefit analysis tells them that by having this big kitchen, they can make creme brulee, and therefore not go out to restaurants and save money over the course of 30 years. That's just not how most people make the decision. They decide, first, that they want a big kitchen, practically for its own sake.
Once that decision is made, whether it's a kitchen or a home-theater, the cost of the room and the equipment is basically sunk. It's there, you own it.
So from that point on, people start thinking about the "cost savings" of staying in versus going out to the movies. They're doing it with the cost of the room in their house already rationalized; it doesn't really enter into the equation.
I'm not really making a value judgment on this way of thinking one way or another, but I think it's common and applies as easily for big "professional" kitchens (or hot tubs, or a lot of other luxury addons in the home) as it does to home theaters. People make the decision that they want the capability, and pay for that capability, separately from paying for each 'use'.
I suspect, although I admittedly don't have much evidence aside from anecdotes, that a lot of home theaters and big kitchens were paid for using home-equity loans, furthering the process of separating the sunk-cost 'facilities' expense with the marginal 'watching a movie' expense. They don't come out of the same buckets of money: the facilities came from home equity, while movie-watching comes from real disposable income.
I am in agreement with you and wanted to point out something that I think furthers your point.
The Uniform Commercial Code (UCC), which has been adopted by all 50 states, discusses what is a valid signature in Article 1, Section 1-201(39):
"Signed" includes using any symbol executed or adopted with present intention to adopt or accept a writing.
(Writing is defined as "printing, typewriting, or any other intentional reduction to tangible form.")
While that doesn't rule out the possibility of states having other requirements for signatures, the "least common denominator" between all states -- the UCC -- is pretty format-agnostic.
I think it's also worth pointing out that some 48 states, according to one source, have put digital-signature laws in place that allow some form of non-physical, electronic signature. Some of them are pretty specific to PK crypto, while others are technology-agnostic. I find it a little hard to believe that any state that's gone to the trouble of crafting and passing a digital-signature law would still require faxed signatures.
What seems more likely to me is that private agreements between parties are the major driver for faxed signatures, because there are contracts forming standing arrangements between businesses that weren't written to take advantage of anything besides the dominant technology (POTS fax) at the time they were written. Therefore, you end up with change orders, POs, and other authorizations having to go by fax, because of some hoary old contract, even though some other form of signature would be theoretically acceptable.
> So, what would the appropriate response from the admin side be?
Rather than QoSing protocols and TCP ports, QoS your users (or at least, hosts on the network).
If a particular machine starts using an excessive amount of traffic, and particularly if they start to conceal what's probably Bulk-priority traffic in some other form to avoid QoS, just throttle their connection and send them a note.
You're right in realizing that there isn't a good unilateral, technical solution: as long as you're letting any traffic through unshaped, it's going to be possible to make P2P/bulk traffic look like that. Heck, there's no real reason you can't make P2P look like SIP packets, if you wanted to.
So the solution needs to come at least partially from the client side: users need to be "encouraged" to set reasonable limits in their P2P clients, so that it can be prioritized appropriately, relative to interactive services and telephony.
However, I think the best approaches are always ones that combine both the "carrot and the stick." The "stick" is obvious: if you consume an excessive amount of bandwidth and start impacting others' use of the network, you're going to get throttled. However, providing an incentive to P2P users is equally important -- as is realizing that P2P services are a legitimate use of data networks, when they're not used in an intentionally abusive manner. So it's important to let your users know that if they set their P2P clients to be good network citizens (rate and TCP-connection limit appropriately), you're not going to pursue them just for the hell of it.
Another option might be to set up per-user quotas that vary by TCP port and QoS level. E.g., every user gets 5GB/mo. of high priority traffic, or 250GB/mo. of best-effort. (Or any combination thereof, with high-priority being exchanged for best-effort at a ratio of 1:50.) If you let your Bittorrent client behave aggressively and push tons of traffic onto ports reserved for interactive services, that's fine, but you're just going to burn through your quota faster. And when you run out of bits, enjoy living life at 56kb/s. After a few months, people might find it's in their best interest to make their BT clients behave.
Bottom line: a lot of QoS issues are really social problems masquerading as technical ones. Solving the technical problem is a fool's errand if you don't address the social one.
On most consumer/home broadband routers, you can only put a single machine into the DMZ, and the effect is to cause all inbound traffic not associated with another device to be routed there.
It's not neccessarily "all ports open", true, but it is "all ports not otherwise in use or assigned open".
Cisco and other vendors of "real" networking equipment have a definition of DMZ that differs somewhat, but most people with broadband router/gateways are only familiar with the Linksys definition, where the DMZ acts as a sort of default route for incoming traffic without a known LAN destination.
I guess I can see how the title might have been interpreted that way, but I don't think it was an intentional mis-statement.
The title is "Open Source BIND Alternative Launches". You could interpret that in two ways -- one, that there's a new alternative to BIND that's open source, with the implication that it's the open-source-ness that differentiates it from BIND (and thus that BIND is not open source); two, that there's a new alternative to BIND, which happens to be open source, full stop. The latter interpretation doesn't say anything about BIND per se, and that's the way I think kdawson meant it. Particularly because BIND is such a well-known open-source package.
I find the contrast sad... when I recently flew into Amsterdam, I grabbed my bag, the guy stamped my passport, and I walked through a door out into the real world. No questions, no forms, no inspections, no going through my bags. And this while I'm coming from the "land of the free" to one of those wacky socialist European countries.
Well, to be fair, this is the exact same treatment I've had every time I've re-entered the U.S. (as a U.S. citizen). It's usually always via Boston Logan, and a few times when I arrived in the evening there weren't even any Customs officers working the Citizen's lane. You could have walked through there with a 2,000-pound bomb on a hand truck and I don't think anyone would have noticed. (Which was good, because I was pretty sure I was over my liquor quota...)
There usually is someone working Immigration (which is distinct from Customs -- Immigration is where you get your passport checked, Customs is the luggage business) but even that was just a bored, cursory lookover.
I'm not minimizing the seriousness of these inspections (I can't get my mind around how they're possibly constitutional, at least when applied to Citizens), but in practice I think you have to be doing something that attracts attention before you become a target. U.S. Customs is still largely a joke, at least if you make a modicum of effort to look like an upstanding citizen. Which is ironic, because I assume smugglers/terrorists would at least bother to do that.
> Have an FTP server? Run that in it's own image. Also have a syslog server? Yet another virtual machine.
Which as you have no doubt discovered, are sort of a PITA to administer because they're all in separate VMs. I suspect the next big thing in commodity server virtualization will be nice management interfaces and protocols that break down some of the management walls between VMs, while still leaving the more important parts of the virtual environment intact. And being able to change the hardware assigned to a VM on the fly will probably become more common, too. I'd give it 5 or 6 more years, and VMWare will probably have managed to reinvent the LPAR.
Gotta love how this stuff goes around in cycles. Anything cool today in microcomputers was probably boring people to tears 10 or 15 years ago on large systems. (Cf. multitasking, multiple users, parallel processing, network-oriented filesystems, virtualization, hypervisors...)
The US DoD has a system, called MOCAS ("MECHANIZATION OF CONTRACT ADMINISTRATION SERVICES") that was originally brought on-line in 1958.
I'm not too familiar with it, so I don't know if the code has ever been changed -- I suspect the hardware has been updated periodically, probably various IBM mainframes -- but based on my experience with government systems there is probably a fair bit of original code in there that nobody understands anymore, and thus doesn't touch.
I guess my natural inclination is to assume that this is the default state and that it only changes when I am informed otherwise. If I were to publish something on the web, I would assume anyone could use it for whatever purpose they wanted - if I didn't want that, I would put some license up with it. I think others have also explained this, but just to make crystal clear, at least in Berne Convention countries, this is totally dead wrong. Everything you create -- including your Slashdot posts, for instance -- fall under copyright protection automatically, without you having to do anything (post a copyright notice, register them with the Copyright Office, etc.). In the case of your Slashdot posts, or things on the Internet generally, your use of the medium involves giving other people permission to reproduce your 'work' in various situations (it has to be stored on the server, and it has to be copied when someone views it, and it gets temporarily cached in lots of intermediate systems), but you retain, by default, all other rights.
It takes explicit action to put something into the Public Domain (in fact I've seen some arguments that doing so is impossible, at least in an irreversible way), or to relinquish your rights to it.
There was a time when it was the other way around; when if you published a book, for instance, you had to register it with the Copyright Office in order to have any protection, and you had to renew it periodically in order to maintain that protection. Frankly I think that was really a better system in some ways (especially renewals), since it resulted in "orphan works" eventually making their way into the Public Domain. If you go onto Project Gutenberg, there are quite a few SF stories from pulp magazines in the 50s and 60s, mostly written by authors that never got famous, that never had their copyright renewed, and are now in the Public Domain. A book written today would be automatically under copyright for the life of the author plus 80 years (I think, whatever the Sonny Bono Act brought it up to) by default; there's no provision for orphan works.
In short, the Berne Convention dictates a policy of "default deny" rather than "default allow."
Interesting. That's a pretty darn good price for a 15Mb pipe; I'll have to look into that and see if it's available in our area... right now we're using DS1 service from Cavtel with a DSL backup and it's not particularly reliable.
It's been a long time since I've looked into it, but I think the majority of the cost for T-carrier service is the loop fee, and less so the port. It strikes me as odd that a fiber-based service would be cheaper than T, since T just uses two copper loops, which I always assumed the phone company had a lot of, but maybe that's not correct. Maybe the OC-based service is cheaper because they'd like to move people in that direction and off of copper?
There's a pretty fundamental difference between linking to somebody else's code, which makes it an essential part of the new work, and using a tool to produce something that stands alone.
It's that difference that lets TrollTech and Oracle/MySQL dictate licensing terms when you link to their libraries, but doesn't let the creator of an IDE (or, for that matter, a text editor) automatically have a copyright claim to anything you make with it.
However, this is all sort of an irrelevant point. The way FontStruct is going to enforce its restriction isn't just through copyright law, it's almost certainly going to be through simple contracts. If you want to use the tool, you'll need to agree to the terms, and one of the terms will be that you give permission to FontStruct to keep a copy of the finished product under a free license.
Independent of any copyright concerns I think that contract ought to stand just fine. Since it's not being presented after the time of sale, it avoids the 'clickthru' issue (where by the time you get to the agreement, you've already purchased and opened the software, meaning you can't return it), and there's pretty clear "consideration" involved: you agree to the terms, and you get to use the software as a result. None of that seems any more egregious than a lot of other contracts that are deemed enforceable every day.
> Even my cell phone plan only jumps from $0.125 to $0.35
Your cell phone does that today.
I don't know how long you've had a cellphone, but time was (back in the mid 90s, on AMPS), they'd kick over to rates that were over a dollar a minute if you went over your "plan".*
Today's cellphone plans are Ralph Nader's wet dream compared to what they were like back when they were run by the Baby Bells. That's what competition -- even the admittedly limited competition in cellphone coverage -- does to a market.
As long as there's only a couple of options for broadband, expect them to continue screwing the customer as hard as they possibly can, just like the early days of cellphones.
* My experience was with Bell Atlantic Mobile, later Bell Atlantic NYNEX Mobile, the Baby Bell incumbent carrier in Southern New England. I think when I first got a phone, non-plan minutes were about $1.25. I distinctly remember when they went down under $1/min. You really did not want to go over your plan...and the phones back then didn't really give you a good indication of how much you'd used. Fun times.
> If you think about that, it doesn't make sense: If they charge you less power, then you could just sell it to all your neighbors and you'd all come out ahead since you wouldn't have to pay the base higher rate (well, just one time).
You're right it doesn't; I think in areas where the rates do drop like that, it's a result of agreements between the power company and very high-consuming industrial customers. Basically they're getting a "bulk rate", even though there's no reason why they should -- it's not like electricity gets delivered in a dump truck. I suspect politics is involved at some point.
(I suppose maybe industrial customers who are buying high-voltage 3-phase power incur lower line losses, so maybe that justifies a certain discount, but nothing like what I've seen them actually get.)
But I've always thought the same thing when I've lived in an area where the electricity rates went down for large users: why don't neighborhoods get together and buy the power "in bulk" at the industrial rate? I wonder if apartment buildings do that.
You don't pay for a 6Mb pipe. You probably wouldn't want to pay for a 6Mb pipe, either.
A real 6Mb connection is a fraction DS3 with a SLA. Ballpark, you're talking about $3k a month for that kind of service, and that's assuming you live in a major metro area where the loop won't be exorbitant.
That is how much always-on, exclusively-yours bandwidth actually costs. So when you only pay $40 a month, it ought to be a sign that what you're going to get is a whole lot less.
In the case of Comcast, they are actually pretty up-front these days about speeds. (Bandwidth caps, not so much, but as TFA alludes to, they seem to be working on it.) That "6 megabits" is a burst speed. I don't like Comcast and as a result keep a pretty close eye on them, and they've never advertised it as anything but. If you---or anyone else---thought that you were actually buying a 6Mb constant (~2TB/mo. transfer) connection for $40/mo, you're laughably mistaken. Bandwidth just ain't that cheap.
Has Comcast engaged in some shady advertising in the past? Sure. Back when they called their service "unlimited" internet, they could rightly be taken to task for cutting people off. But they don't advertise that anymore and haven't in years. It's popular around here to sling mud at Comcast, and while there are lots of valid reasons for criticizing them, it's about time customers started wising up and started reading the fine (or not-so-fine) print about what they're signing up for. I have very little sympathy for anyone who takes asterisk-laden advertising copy on faith without question.
While it certainly sucks that residential broadband providers like Comcast oversubscribe their backbone capacity, most people wouldn't like the alternative: it would quickly price HSI out of reach of virtually all consumers.
Comcast is without a doubt pretty evil, and it's a crying shame that we don't have any real competition in most broadband markets, but people whining that they don't get fractional-DS3 service from their cable modem is tiring. In other news, my Volkswagen doesn't go as fast as a Ferrari.
Just wanted to say thanks for actually explaining the damn thing.
That makes a lot more sense; I had been imagining two totally separate, air-gapped networks (like the secure MilNets), and that just seemed like a giant pain in the ass for no real gain.
Laying extra backbone capacity for educational/research use doesn't seem like a bad idea. (Although what happened to all that dark fiber people were talking about a few years ago? Is it all in regular revenue use now? Or are they using some of that for projects like Internet2?)
Honestly I think calling it "Internet2" is just confusing; it gives people (myself included) the impression that it's more of a separate network than it really is. If your explanation is correct, it's not really a 'separate' network at all. (It's still using IANA/ICANN for address and domain name coordination, so it's not an entirely parallel system.)
Some Republicans present themselves as "the law'n'order party". However, you're making a mistake to treat all self-identified conservatives, or even all Republicans, as part of a uniform, monolithic entity. There are pretty deep schisms within the Republican party; actually it's pretty amazing that it keeps ticking along at all without imploding. (I have my doubts that it will survive with its current leadership intact if McCain loses.)
There's a wing of the Republican party that's borderline Libertarian (including being pro-choice), there's a large section that's pretty bluntly theocratic/authoritarian, and there's a substantial middle that's driven by financial and business concerns and is pragmatic when it comes to everything else.
I don't really care for them as an organization since the authoritarians seemingly took over, but I think you're dangerously oversimplifying. They do not "buil[d] [their] entire platform on God and Country and Traditional Values," one section of the party presents their platform to one (rather large) slice of voters that way. I can assure you the Rockefeller Republicans don't present the party to the NYC banking elite -- who are a major source of donations -- that way. Similarly, Democratic candidates courting votes in the Midwest aren't singing the same tune as Feinstein and other apparachiks do when they pass the hat around Hollywood.
The best way to understand the Republican party on the national level (and the Democratic party also) is not as a single entity, but as an agglomeration of smaller factions with wildly differing ideas about how government ought to work. They form a united front and attempt to create a plank out of self-interest and because they think that's the most effective way to promote their agendas, not true ideological agreement on many issues.
> they want everyone else to pay for the public good of a social safety net
Um, I'm pretty sure Libertarians are against the existence of a taxpayer-supported safety net in most cases, so I'm not sure how you think this translates into wanting "everyone else to pay for one." They don't want it to exist, period, meaning that they obviously don't want to pay for it. Whether they want other people to be able to pay for it (voluntarily, perhaps), or whether they're against it more fundamentally, is a bit more complex.
90% of political disagreements basically boil down to fundamental differences of opinion as to whether government is a good deal for what you pay. Socialists and leftists mostly feel that you get a good ROI for your tax dollar; supporting a larger government makes sense when taken from this premise. Libertarians and true conservatives don't feel that it's money well spent, and would cut government to the bare minimum on this basis. (Incidentally: 'progressive' tax policies that increase the marginal tax rate based on income pretty much guarantee that the wealthy will always be mostly conservative, since they'll end up paying more for basically the same services.)
One of the reasons political discourse in the U.S. is so unproductive (IMO, anyway) is because there's too much emotional rhetoric and very little discussion about the fundamental issue, which is whether or not most people are getting a good deal for what they're paying.
> I think the biggest reason 20-er's succeed is they do not understand the world wants them to fail (so they don't). Older folks are so much more cynical that they don't step out of the comfort zone.
I'm not sure this holds water. There's a perception that young entrepreneurs are successful, but it's basically a myth, perpetuated because of all the attention that a few (rare) successes bring.
The entire focus of the article is that most startups, and I'd be willing to wager most successful companies, aren't started by young people fresh out of college. They're somewhat unsurprisingly started by people with experience in the industry. But "several well-educated 40-somethings go to a bank, get a business loan, rent an office space, and start a new company by filling a niche they know there's a demand for" just doesn't make for as exciting reading as "two college kids in their dorm room risk it all and run up credit card debt pursuing their dreams".
Really it's just the real world turning out to be less romantic, you might say, than the media sometimes makes it out to be. No real surprise there.
Unfortunately not. The "obscenity" doctrine doesn't discriminate based on medium, it's just been applied more often towards photographs and motion-pictures than it has to text. But there's no reason why you can't ban books using the exact same reasoning.
Google "Red Rose Stories" if you want a current example; that was a textfiles site that got raided by the FBI. If the prosecution is successful -- as I see little reason to believe it won't be -- then you can look for other sexually explicit text websites to shut down, and from there it's not much of a jump to dead-tree media. They'll start with the more fringe material and work their way in from there.
Once we invented an exception to the First Amendment for "obscenity" (a word that's never used in the Constitution, by the way), the battle was effectively lost. I find it doubtful that today's Court is going to remedy that.
The last Supreme Court justice to have the balls to take a hard stand in favor of the First Amendment was Hugo Black ("no law means no law"), and I doubt we'll ever see someone like him confirmed again.
As Bogtha pointed out to a similar comment upthread, this is a shortsighted view. Just because the "end result looks good" today doesn't mean that it will look good tomorrow, or next year, or ten years from now.
Unless you enjoy refactoring crappy HTML every time a new browser version comes out, it's a whole lot more pleasant to just do it right and conform to standards the first time.
Browsers today may put up with their unencoded ampersands and other general laziness, but some browser in the future (maybe when they decide to use the ampersand for something special in HTML v15) may just spit out an error and stop rendering. Then they'll have to go through however-many million pages they have in their archives, fixing their mistakes.
Slashdot Mirror
I think your point is well taken, but I don't think anyone is necessarily that concerned with the absolute size of the U.S. manufacturing base. The problem is U.S. exports relative to imports, i.e. the trade or current-accounts deficit.
The U.S. achieved superpower status with a massive trade surplus throughout much of its history. Heck, the United States was a net exporter of oil during much of petroleum's rise to dominance as the universal energy source for the industrialized world.
The current trade deficit just doesn't seem like it can possibly be sustainable in the long term. It's only a handful of percent right now, and ironically it's helped by the weak dollar, but it could easily get worse rather than better if misguided "strong dollar" policies are put in place.
In many ways it seems as though the trade deficit -- and steps taken by the Fed and other policymakers to lessen or hide its effects from the U.S. public -- are at the heart of the current economic crisis.
Unless we can do something to fix the trade deficit, I can't see anything more than a long, slow economic decline being the best-case outcome for the U.S., while the worst-case (in which succeeding administrations go to greater and greater lengths to prop up a rotten economy addicted to foreign goods that it can ill afford, until it finally collapses) is far more precipitous.
I think what happens is that there are always ads in the national feed. They don't just transmit dead air or bluescreen for the local cablecos or broadcast stations to transmit on top of -- that would just be a waste.
So instead they have some ads in the national feed that aren't allowed to be overplayed. These cost seriously big bucks. Then there are other ads, which cost less, that still go out on the feed, but which the local operators can run local spots on top of, if they have them available.
These spots cost less, because not everyone sees them -- they only get seen if the local operator doesn't have any advertising to cover them with, or if you're watching the national feed directly somehow (via satellite).
This is why if you watch a show via a national satellite provider, you'll see the same number of ads, but they'll all be for national companies. If you watch the same show on a local broadcast affiliate, some of those national spots will be covered up by local ones.
The choice of which ones get covered over isn't, I think, totally random; I'm sure the national advertisers pay differently for "don't cover" and "may be covered" airtime.
> SSL to an untrusted host is just as bad as no ssl
Well, I'm not sure I'd go quite that far, although I understand the point you're making.
The whole purpose of having certificates from "Trusted Authorities" is that they're supposed to verify that the people applying for certificates actually control the domain that the cert is issued for.
For example, you or I shouldn't be able to go up to Verisign and get a certificate with a Common Name that includes "slashdot.org", since we're not in control of the domain. It's the responsibility -- actually the sole function -- of the Trusted Authorities to ensure this is the case.
We can argue how good a job they do of this; if they do a crappy job, then SSL and its whole certificate infrastructure is worse than useless.
However, although Verisign et al aren't that great, they're not quite to the point of letting anyone get any certificate they want, either. There's still a (weak) level of authorization checking. (Usually they send some sort of confirmation code to the Technical or Administrative contact for the domain in WHOIS, and require you enter that code to get the cert.)
The net effect of this is that, when you contact a site using SSL, as long as you don't disregard any warnings from the browser, your communications should be protected in transit between you and the site.
There's no real "trust" of the site at the other end of the line required, for security in transit. The person/entity you need to trust is the Certificate Authority backing up their SSL cert.
That's the weakness of SSL.
(Of course, if you're doing business, you need to trust the site at the other end of the line to protect the information you're sending them, once it arrives on their system. And I suppose you could argue that you need to trust them to not expose their private key to the world, letting anyone use it. But the key bit of trust you need as a user is of the CA, not the other host.)
> Doing man-in-the middle attacks on SSL connections is beyond the technical ability of ISPs
That seems like a rather dangerous assumption. Just a few years ago, doing wire-speed ad replacement was beyond the technical ability of ISPs. Now, it's clearly not.
There's nothing really that hard about MITMing SSL, if you take on premise that the user is stupid and will ignore certificate-mismatch warnings. The actual MITMing is fairly simple, and I'm sure there are lots of companies who would be more than happy to develop hardware to do it to many connections simultaneously, at the DSLAM level, if you tossed some cash in their direction. It's not really that much more difficult than current DPI, plus the addition of cryptographic offload engines to do the SSL on either side (and those are off-the-shelf hardware items).
If it's legal and profitable -- or even not expressly illegal and profitable -- someone will do put the pieces together and do it.
I can't speak for the GP, but I don't think that's how most people with home theaters are running the numbers, consciously or not.
I think most people decide, first of all, that they want a home theater. That is to say, they want that facility in their house.
Similarly, most people who are designing houses and have nice, big kitchens built, aren't building them because a cost/benefit analysis tells them that by having this big kitchen, they can make creme brulee, and therefore not go out to restaurants and save money over the course of 30 years. That's just not how most people make the decision. They decide, first, that they want a big kitchen, practically for its own sake.
Once that decision is made, whether it's a kitchen or a home-theater, the cost of the room and the equipment is basically sunk. It's there, you own it.
So from that point on, people start thinking about the "cost savings" of staying in versus going out to the movies. They're doing it with the cost of the room in their house already rationalized; it doesn't really enter into the equation.
I'm not really making a value judgment on this way of thinking one way or another, but I think it's common and applies as easily for big "professional" kitchens (or hot tubs, or a lot of other luxury addons in the home) as it does to home theaters. People make the decision that they want the capability, and pay for that capability, separately from paying for each 'use'.
I suspect, although I admittedly don't have much evidence aside from anecdotes, that a lot of home theaters and big kitchens were paid for using home-equity loans, furthering the process of separating the sunk-cost 'facilities' expense with the marginal 'watching a movie' expense. They don't come out of the same buckets of money: the facilities came from home equity, while movie-watching comes from real disposable income.
The Uniform Commercial Code (UCC), which has been adopted by all 50 states, discusses what is a valid signature in Article 1, Section 1-201(39):(Writing is defined as "printing, typewriting, or any other intentional reduction to tangible form.")
While that doesn't rule out the possibility of states having other requirements for signatures, the "least common denominator" between all states -- the UCC -- is pretty format-agnostic.
I think it's also worth pointing out that some 48 states, according to one source, have put digital-signature laws in place that allow some form of non-physical, electronic signature. Some of them are pretty specific to PK crypto, while others are technology-agnostic. I find it a little hard to believe that any state that's gone to the trouble of crafting and passing a digital-signature law would still require faxed signatures.
What seems more likely to me is that private agreements between parties are the major driver for faxed signatures, because there are contracts forming standing arrangements between businesses that weren't written to take advantage of anything besides the dominant technology (POTS fax) at the time they were written. Therefore, you end up with change orders, POs, and other authorizations having to go by fax, because of some hoary old contract, even though some other form of signature would be theoretically acceptable.
> So, what would the appropriate response from the admin side be?
Rather than QoSing protocols and TCP ports, QoS your users (or at least, hosts on the network).
If a particular machine starts using an excessive amount of traffic, and particularly if they start to conceal what's probably Bulk-priority traffic in some other form to avoid QoS, just throttle their connection and send them a note.
You're right in realizing that there isn't a good unilateral, technical solution: as long as you're letting any traffic through unshaped, it's going to be possible to make P2P/bulk traffic look like that. Heck, there's no real reason you can't make P2P look like SIP packets, if you wanted to.
So the solution needs to come at least partially from the client side: users need to be "encouraged" to set reasonable limits in their P2P clients, so that it can be prioritized appropriately, relative to interactive services and telephony.
However, I think the best approaches are always ones that combine both the "carrot and the stick." The "stick" is obvious: if you consume an excessive amount of bandwidth and start impacting others' use of the network, you're going to get throttled. However, providing an incentive to P2P users is equally important -- as is realizing that P2P services are a legitimate use of data networks, when they're not used in an intentionally abusive manner. So it's important to let your users know that if they set their P2P clients to be good network citizens (rate and TCP-connection limit appropriately), you're not going to pursue them just for the hell of it.
Another option might be to set up per-user quotas that vary by TCP port and QoS level. E.g., every user gets 5GB/mo. of high priority traffic, or 250GB/mo. of best-effort. (Or any combination thereof, with high-priority being exchanged for best-effort at a ratio of 1:50.) If you let your Bittorrent client behave aggressively and push tons of traffic onto ports reserved for interactive services, that's fine, but you're just going to burn through your quota faster. And when you run out of bits, enjoy living life at 56kb/s. After a few months, people might find it's in their best interest to make their BT clients behave.
Bottom line: a lot of QoS issues are really social problems masquerading as technical ones. Solving the technical problem is a fool's errand if you don't address the social one.
And if that doesn't work, you can always cap the user.
On most consumer/home broadband routers, you can only put a single machine into the DMZ, and the effect is to cause all inbound traffic not associated with another device to be routed there.
It's not neccessarily "all ports open", true, but it is "all ports not otherwise in use or assigned open".
Cisco and other vendors of "real" networking equipment have a definition of DMZ that differs somewhat, but most people with broadband router/gateways are only familiar with the Linksys definition, where the DMZ acts as a sort of default route for incoming traffic without a known LAN destination.
I guess I can see how the title might have been interpreted that way, but I don't think it was an intentional mis-statement.
The title is "Open Source BIND Alternative Launches". You could interpret that in two ways -- one, that there's a new alternative to BIND that's open source, with the implication that it's the open-source-ness that differentiates it from BIND (and thus that BIND is not open source); two, that there's a new alternative to BIND, which happens to be open source, full stop. The latter interpretation doesn't say anything about BIND per se, and that's the way I think kdawson meant it. Particularly because BIND is such a well-known open-source package.
Well, to be fair, this is the exact same treatment I've had every time I've re-entered the U.S. (as a U.S. citizen). It's usually always via Boston Logan, and a few times when I arrived in the evening there weren't even any Customs officers working the Citizen's lane. You could have walked through there with a 2,000-pound bomb on a hand truck and I don't think anyone would have noticed. (Which was good, because I was pretty sure I was over my liquor quota...)
There usually is someone working Immigration (which is distinct from Customs -- Immigration is where you get your passport checked, Customs is the luggage business) but even that was just a bored, cursory lookover.
I'm not minimizing the seriousness of these inspections (I can't get my mind around how they're possibly constitutional, at least when applied to Citizens), but in practice I think you have to be doing something that attracts attention before you become a target. U.S. Customs is still largely a joke, at least if you make a modicum of effort to look like an upstanding citizen. Which is ironic, because I assume smugglers/terrorists would at least bother to do that.
> Have an FTP server? Run that in it's own image. Also have a syslog server? Yet another virtual machine.
Which as you have no doubt discovered, are sort of a PITA to administer because they're all in separate VMs. I suspect the next big thing in commodity server virtualization will be nice management interfaces and protocols that break down some of the management walls between VMs, while still leaving the more important parts of the virtual environment intact. And being able to change the hardware assigned to a VM on the fly will probably become more common, too. I'd give it 5 or 6 more years, and VMWare will probably have managed to reinvent the LPAR.
Gotta love how this stuff goes around in cycles. Anything cool today in microcomputers was probably boring people to tears 10 or 15 years ago on large systems. (Cf. multitasking, multiple users, parallel processing, network-oriented filesystems, virtualization, hypervisors...)
The US DoD has a system, called MOCAS ("MECHANIZATION OF CONTRACT ADMINISTRATION SERVICES") that was originally brought on-line in 1958.
I'm not too familiar with it, so I don't know if the code has ever been changed -- I suspect the hardware has been updated periodically, probably various IBM mainframes -- but based on my experience with government systems there is probably a fair bit of original code in there that nobody understands anymore, and thus doesn't touch.
There is very little information about the system online; here is an Internet Archive page about it, that's as close to an 'official site' as I can find.
It takes explicit action to put something into the Public Domain (in fact I've seen some arguments that doing so is impossible, at least in an irreversible way), or to relinquish your rights to it.
There was a time when it was the other way around; when if you published a book, for instance, you had to register it with the Copyright Office in order to have any protection, and you had to renew it periodically in order to maintain that protection. Frankly I think that was really a better system in some ways (especially renewals), since it resulted in "orphan works" eventually making their way into the Public Domain. If you go onto Project Gutenberg, there are quite a few SF stories from pulp magazines in the 50s and 60s, mostly written by authors that never got famous, that never had their copyright renewed, and are now in the Public Domain. A book written today would be automatically under copyright for the life of the author plus 80 years (I think, whatever the Sonny Bono Act brought it up to) by default; there's no provision for orphan works.
In short, the Berne Convention dictates a policy of "default deny" rather than "default allow."
Interesting. That's a pretty darn good price for a 15Mb pipe; I'll have to look into that and see if it's available in our area ... right now we're using DS1 service from Cavtel with a DSL backup and it's not particularly reliable.
It's been a long time since I've looked into it, but I think the majority of the cost for T-carrier service is the loop fee, and less so the port. It strikes me as odd that a fiber-based service would be cheaper than T, since T just uses two copper loops, which I always assumed the phone company had a lot of, but maybe that's not correct. Maybe the OC-based service is cheaper because they'd like to move people in that direction and off of copper?
There's a pretty fundamental difference between linking to somebody else's code, which makes it an essential part of the new work, and using a tool to produce something that stands alone.
It's that difference that lets TrollTech and Oracle/MySQL dictate licensing terms when you link to their libraries, but doesn't let the creator of an IDE (or, for that matter, a text editor) automatically have a copyright claim to anything you make with it.
However, this is all sort of an irrelevant point. The way FontStruct is going to enforce its restriction isn't just through copyright law, it's almost certainly going to be through simple contracts. If you want to use the tool, you'll need to agree to the terms, and one of the terms will be that you give permission to FontStruct to keep a copy of the finished product under a free license.
Independent of any copyright concerns I think that contract ought to stand just fine. Since it's not being presented after the time of sale, it avoids the 'clickthru' issue (where by the time you get to the agreement, you've already purchased and opened the software, meaning you can't return it), and there's pretty clear "consideration" involved: you agree to the terms, and you get to use the software as a result. None of that seems any more egregious than a lot of other contracts that are deemed enforceable every day.
> Even my cell phone plan only jumps from $0.125 to $0.35
Your cell phone does that today.
I don't know how long you've had a cellphone, but time was (back in the mid 90s, on AMPS), they'd kick over to rates that were over a dollar a minute if you went over your "plan".*
Today's cellphone plans are Ralph Nader's wet dream compared to what they were like back when they were run by the Baby Bells. That's what competition -- even the admittedly limited competition in cellphone coverage -- does to a market.
As long as there's only a couple of options for broadband, expect them to continue screwing the customer as hard as they possibly can, just like the early days of cellphones.
* My experience was with Bell Atlantic Mobile, later Bell Atlantic NYNEX Mobile, the Baby Bell incumbent carrier in Southern New England. I think when I first got a phone, non-plan minutes were about $1.25. I distinctly remember when they went down under $1/min. You really did not want to go over your plan...and the phones back then didn't really give you a good indication of how much you'd used. Fun times.
> If you think about that, it doesn't make sense: If they charge you less power, then you could just sell it to all your neighbors and you'd all come out ahead since you wouldn't have to pay the base higher rate (well, just one time).
You're right it doesn't; I think in areas where the rates do drop like that, it's a result of agreements between the power company and very high-consuming industrial customers. Basically they're getting a "bulk rate", even though there's no reason why they should -- it's not like electricity gets delivered in a dump truck. I suspect politics is involved at some point.
(I suppose maybe industrial customers who are buying high-voltage 3-phase power incur lower line losses, so maybe that justifies a certain discount, but nothing like what I've seen them actually get.)
But I've always thought the same thing when I've lived in an area where the electricity rates went down for large users: why don't neighborhoods get together and buy the power "in bulk" at the industrial rate? I wonder if apartment buildings do that.
You don't pay for a 6Mb pipe. You probably wouldn't want to pay for a 6Mb pipe, either.
A real 6Mb connection is a fraction DS3 with a SLA. Ballpark, you're talking about $3k a month for that kind of service, and that's assuming you live in a major metro area where the loop won't be exorbitant.
That is how much always-on, exclusively-yours bandwidth actually costs. So when you only pay $40 a month, it ought to be a sign that what you're going to get is a whole lot less.
In the case of Comcast, they are actually pretty up-front these days about speeds. (Bandwidth caps, not so much, but as TFA alludes to, they seem to be working on it.) That "6 megabits" is a burst speed. I don't like Comcast and as a result keep a pretty close eye on them, and they've never advertised it as anything but. If you---or anyone else---thought that you were actually buying a 6Mb constant (~2TB/mo. transfer) connection for $40/mo, you're laughably mistaken. Bandwidth just ain't that cheap.
Has Comcast engaged in some shady advertising in the past? Sure. Back when they called their service "unlimited" internet, they could rightly be taken to task for cutting people off. But they don't advertise that anymore and haven't in years. It's popular around here to sling mud at Comcast, and while there are lots of valid reasons for criticizing them, it's about time customers started wising up and started reading the fine (or not-so-fine) print about what they're signing up for. I have very little sympathy for anyone who takes asterisk-laden advertising copy on faith without question.
While it certainly sucks that residential broadband providers like Comcast oversubscribe their backbone capacity, most people wouldn't like the alternative: it would quickly price HSI out of reach of virtually all consumers.
Comcast is without a doubt pretty evil, and it's a crying shame that we don't have any real competition in most broadband markets, but people whining that they don't get fractional-DS3 service from their cable modem is tiring. In other news, my Volkswagen doesn't go as fast as a Ferrari.
Just wanted to say thanks for actually explaining the damn thing.
That makes a lot more sense; I had been imagining two totally separate, air-gapped networks (like the secure MilNets), and that just seemed like a giant pain in the ass for no real gain.
Laying extra backbone capacity for educational/research use doesn't seem like a bad idea. (Although what happened to all that dark fiber people were talking about a few years ago? Is it all in regular revenue use now? Or are they using some of that for projects like Internet2?)
Honestly I think calling it "Internet2" is just confusing; it gives people (myself included) the impression that it's more of a separate network than it really is. If your explanation is correct, it's not really a 'separate' network at all. (It's still using IANA/ICANN for address and domain name coordination, so it's not an entirely parallel system.)
Some Republicans present themselves as "the law'n'order party". However, you're making a mistake to treat all self-identified conservatives, or even all Republicans, as part of a uniform, monolithic entity. There are pretty deep schisms within the Republican party; actually it's pretty amazing that it keeps ticking along at all without imploding. (I have my doubts that it will survive with its current leadership intact if McCain loses.)
There's a wing of the Republican party that's borderline Libertarian (including being pro-choice), there's a large section that's pretty bluntly theocratic/authoritarian, and there's a substantial middle that's driven by financial and business concerns and is pragmatic when it comes to everything else.
I don't really care for them as an organization since the authoritarians seemingly took over, but I think you're dangerously oversimplifying. They do not "buil[d] [their] entire platform on God and Country and Traditional Values," one section of the party presents their platform to one (rather large) slice of voters that way. I can assure you the Rockefeller Republicans don't present the party to the NYC banking elite -- who are a major source of donations -- that way. Similarly, Democratic candidates courting votes in the Midwest aren't singing the same tune as Feinstein and other apparachiks do when they pass the hat around Hollywood.
The best way to understand the Republican party on the national level (and the Democratic party also) is not as a single entity, but as an agglomeration of smaller factions with wildly differing ideas about how government ought to work. They form a united front and attempt to create a plank out of self-interest and because they think that's the most effective way to promote their agendas, not true ideological agreement on many issues.
> they want everyone else to pay for the public good of a social safety net
Um, I'm pretty sure Libertarians are against the existence of a taxpayer-supported safety net in most cases, so I'm not sure how you think this translates into wanting "everyone else to pay for one." They don't want it to exist, period, meaning that they obviously don't want to pay for it. Whether they want other people to be able to pay for it (voluntarily, perhaps), or whether they're against it more fundamentally, is a bit more complex.
90% of political disagreements basically boil down to fundamental differences of opinion as to whether government is a good deal for what you pay. Socialists and leftists mostly feel that you get a good ROI for your tax dollar; supporting a larger government makes sense when taken from this premise. Libertarians and true conservatives don't feel that it's money well spent, and would cut government to the bare minimum on this basis. (Incidentally: 'progressive' tax policies that increase the marginal tax rate based on income pretty much guarantee that the wealthy will always be mostly conservative, since they'll end up paying more for basically the same services.)
One of the reasons political discourse in the U.S. is so unproductive (IMO, anyway) is because there's too much emotional rhetoric and very little discussion about the fundamental issue, which is whether or not most people are getting a good deal for what they're paying.
> I think the biggest reason 20-er's succeed is they do not understand the world wants them to fail (so they don't). Older folks are so much more cynical that they don't step out of the comfort zone.
I'm not sure this holds water. There's a perception that young entrepreneurs are successful, but it's basically a myth, perpetuated because of all the attention that a few (rare) successes bring.
The entire focus of the article is that most startups, and I'd be willing to wager most successful companies, aren't started by young people fresh out of college. They're somewhat unsurprisingly started by people with experience in the industry. But "several well-educated 40-somethings go to a bank, get a business loan, rent an office space, and start a new company by filling a niche they know there's a demand for" just doesn't make for as exciting reading as "two college kids in their dorm room risk it all and run up credit card debt pursuing their dreams".
Really it's just the real world turning out to be less romantic, you might say, than the media sometimes makes it out to be. No real surprise there.
Unfortunately not. The "obscenity" doctrine doesn't discriminate based on medium, it's just been applied more often towards photographs and motion-pictures than it has to text. But there's no reason why you can't ban books using the exact same reasoning.
Google "Red Rose Stories" if you want a current example; that was a textfiles site that got raided by the FBI. If the prosecution is successful -- as I see little reason to believe it won't be -- then you can look for other sexually explicit text websites to shut down, and from there it's not much of a jump to dead-tree media. They'll start with the more fringe material and work their way in from there.
Once we invented an exception to the First Amendment for "obscenity" (a word that's never used in the Constitution, by the way), the battle was effectively lost. I find it doubtful that today's Court is going to remedy that.
The last Supreme Court justice to have the balls to take a hard stand in favor of the First Amendment was Hugo Black ("no law means no law"), and I doubt we'll ever see someone like him confirmed again.
As Bogtha pointed out to a similar comment upthread, this is a shortsighted view. Just because the "end result looks good" today doesn't mean that it will look good tomorrow, or next year, or ten years from now.
Unless you enjoy refactoring crappy HTML every time a new browser version comes out, it's a whole lot more pleasant to just do it right and conform to standards the first time.
Browsers today may put up with their unencoded ampersands and other general laziness, but some browser in the future (maybe when they decide to use the ampersand for something special in HTML v15) may just spit out an error and stop rendering. Then they'll have to go through however-many million pages they have in their archives, fixing their mistakes.