Since this system has no overall control agent, the cars are like a distributed computing network. Since most traffic is caused by faulty driving I welcome this kind of thing without hesitation.
How do you stop someone from fixing their car to constantly broadcast "DANGER: MOOSE AHEAD" or "EMERGENCY VEHICLE APPROACHING" so they can use it to get through traffic faster?
I think the abuse potential of these technologies need to be carefully studied. If there's a way that any system can be used to create even the most minuscule advantage in traffic, or simply be used to cause mayhem, people will do it in spades.
You don't need sophisticated sensors for this; in most situations, your vision alone is enough to give you 60 seconds of forewarning, or close to it, if you choose to drive "intelligently."
However, most people don't. They'll accelerate when they know there's a red light or stopped traffic in front of them, even though it just means they need to brake harder (and probably come to a complete stop, which they might have avoided by slowing down sooner); people follow too closely on highways and have to use their brakes, which really shouldn't be used for anything except emergencies (and the flashing of which screws up traffic behind them, because people think there's a problem); people mash down on the gas when they're just going to have to stop again in another 100 feet... the capability for "intelligence" is there, but people choose not to do it.
Perhaps when gas costs more, people will choose to drive more efficiently.
What I don't get is the "bonds together four cable lines" bit. Does that mean you need to lay 3 more wires alongside the current one, or can this be done with the same physical cable that we already have? If it requires burying more cables, then it would be foolish to not bury a fiber optic cable.
They really meant "channels" not physical cables; apparently you can take the equivalent of 4 analog TV channels and assign them for data use, and bond them together to make one much-faster connection. However, the single, fast connection is still shared by everyone connecting to the same node, though.
For the foreseeable future it's much cheaper to lay down cable than fiber. Many, many areas still don't have access to fiber due to restrictions (distance to teleco, local laws, etc). However, cable is abundant. In my area, for example, we're STILL waiting on Verizon FIOS due to local laws. Cable companies would be happy to lay down more wire to my house on the cheap (and I'd be cool with paying for that).
Remember, don't think of things from technical advantages only. Think about it as a business (which it is). Why, for example, is DSL still successful in markets where FIOS/cable provide better speeds? Cost. If cable companies could lay down wire and give you the exact same speed as fiber (for half the cost), would you go for it? Even if you knew fiber would be likely to surpass it? I might. My neighbor definitely would.
That doesn't make a whole lot of sense. If you don't have fiber, it's probably because of regulatory/legal hurdles involved in negotiating the right-of-way, because Verizon might not have anything on the poles right now (where I am, they don't -- the POTS lines are the local telco, and then there's the cable co's coax and the power lines).
But the cable company already has stuff out there on the poles. If they're going to spend all the labor involved in stringing a new set of wires up there, they might as well use fiber instead of copper-conductor coaxial. It's not really that much harder to do, and there aren't any legal/regulatory hurdles that would stop them. AFAIK they already have fiber running to the nodes for backhaul, so it would really just be an expansion of their existing system.
They don't do it, because the labor involved in stringing cables is really expensive, and frankly they haven't really hit the saturation point of the coax they have out there yet. The phone companies have -- because they've pretty much maxed what you can do on TWP wiring with DSL -- but through skillful manipulation of the available bandwidth (eliminating analog channels and pushing more of it to heavily-compressed MPEG-2/4) the cable companies have at least another 5-10 years out of their coax that runs to the curb. When that gets saturated, the next step will be fiber, not doubling up the amount of coax.
(WTF was Roosevelt sabre-rattling about in 1899, anyway? The Spanish-American War?)
Well, in the speech he was obviously referencing the Civil War, but I think it's real point was calling out the Republican leadership at the time for their isolationism and (arguable) complacency and smugness in victory over Spain in the recently-concluded Spanish-American War (and in which he was a hero). The speech is usually referred to as the "Strenuous Life" speech; if you Google it you'll turn up the text and much analysis. But I think it's generally understood as a call for the United States to take up a more active, aggressive foreign policy, particularly versus the declining European empires.
Ironically, the speech didn't go over too well with the conservative leadership, and depending on who you believe, may have cost Roosevelt -- then the Governor of NY -- a lot of his support within his party. (The fact that he was generally rocking the boat and upsetting the well-oiled machine of NY politics probably didn't help, either.) They pretty much forced him to take the nomination for Vice President to incumbent McKinley, a weak position (compared to governorship of NY) which might have been the end of his political career, except that President McKinley got himself assassinated... and we all know the rest.
Less profitable if they can breed.
on
The Human Mutation
·
· Score: 4, Insightful
What if we can reproduce with them? (shudder) Cause if we can, someone will.
I can only see bad coming out of something like this and really not much potential good.
Well if Monsanto, or any of the other big firms into genetic research produce them, you can be sure that they'll be sterile. They wouldn't want anyone breeding their own after delivery; they'd want you to go back to the source for another fresh batch of clones.
Fascinating. Still not sure I'm going to try that one at home, but good to know.
(Incidentally, my grandmother taught me the trick that's described in the WP article as a way of telling if a pan is too hot to put oil into, without putting the oil in and waiting to see if it smokes. If water skitters across it, it's probably above the smoke point of [olive] oil, and you should let it cool for a second or two before pouring it in. I had never known the name of the effect, though.)
"If in 1861 the men who loved the Union had believed that peace was the end of all things, and war and strife the worst of all things, and had acted up to their belief, we would have saved hundreds of thousands of lives, we would have saved hundreds of millions of dollars. Moreover, besides saving all the blood and treasure we then lavished, we would have prevented the heartbreak of many women, the dissolution of many homes, and we would have spared the country those months of gloom and shame when it seemed as if our armies marched only to defeat. We could have avoided all this suffering simply by shrinking from strife. And if we had thus avoided it, we would have shown that we were weaklings, and that we were unfit to stand among the great nations of the earth." Theodore Roosevelt (1858-1919). Speech before the Hamilton Club, Chicago, April 10, 1899.
It's been used many times since then, usually to refer to the cost of a war on those prosecuting it. Cumulatively, "blood and treasure" are the sum cost of a war; the human cost and the material costs.
I specifically didn't use the word "money," because I didn't mean money; I was speaking more generally about the total material cost of a war, which is not just the cost in hard currency, but also in equipment and material, training dollars, missed opportunities, diverted resources, inflated goods prices due to trade disruption, and everything else.
But however, I think you have a point in that it may be becoming clichéd. I'll have to get more creative in the future.
I didn't get this for a while either, but they're using "preview" in the sense of "showing the whole movie, before it's officially released," which is quite distinct from those advertisements/teasers that get shown before other movies, and are properly called "trailers."
I don't know if calling 'trailers' 'previews' is an Americanism, but I found the whole thing pretty confusing.
The DOD get a little cash for *every* GPS reciver sold. You can't just build these things. You need to get a "licence". Also there is a thing called selective avaliblity.
Perhaps in the U.S. (although I've never heard of any license fees for building GPS receivers); I doubt that those license agreements would be enforceable outside the U.S. anyway, and I'm pretty certain that it wouldn't be hard to go to Taiwan or China and have a bunch of receivers made without paying. It's not like the DoD is going to degrade service for that.
Now, if you start using your bootlegged GPS receivers to pilot cruise missiles with, and you happen to not be in good odor with the U.S. at the moment, I can see how that might get you on the Selective Availability shitlist, but even then you'd have to be pretty egregious. The U.S. has more to lose by disabling parts of the GPS system than anyone else -- there are a lot of U.S. business interests that depend on GPS in various ways, and would be pretty pissed if something happened to it.
Even during the height of the war in Iraq, the DoD never degraded or interrupted civilian GPS service, because the U.S. had more to lose by interrupting service than the Iraqis did (due to the unavailability of military GPS receivers, a lot of soldiers were using civilian ones; more than one person has said that the modern U.S. Army runs almost as much on AA batteries as it does on diesel or food).
Selective Availability is a "nuclear option." Most of the scenarios that would invoke its use, would probably also invoke the use of anti-satellite weapons to disable a competing navigational system. It's not something that just gets tossed around at random, because the consequences for using it on U.S. assets (both military and civilian) would be dire. You'd have planes crashing, tankers running aground, farms not being harvested -- it would be a mess. (Sure, all planes and ships are supposed to have backup navigational systems, but I'm not sure I'd trust anyone to know how to use them for normal operations anymore; things would still get FUBAR pretty fast.)
Well, actually, I think the EU is really just the Germans and the French finally figuring out how to do jointly what they've been trying unsuccessfully to do independently for the last 300-odd years -- conquer the rest of Europe.
Seriously: they have a waiting list to get in. How slick is that? You've got countries falling over themselves, remaking themselves in your image, in order to be part of your empire. Not too shabby.
I said "no easy way," not that it's completely impossible. You can do it, but traversing multiple SIP connections over NAT with a single public-facing IP address is almost stupidly complex and/or requires specialized SIP-aware NAT hardware, and it's far beyond what most people are capable of doing, just for the static case. I don't even want to think about the case of roaming wireless SIP clients, which is really the goal.
IPv4 is going to die, and NAT along with it, it's just going to take a very, very long time. The main problem with IPv6 has nothing to do with its core functionality, the problem is that it had a serious case of featureitis (e.g. IPSec); if the IETF cut out the crap and just let people implement the long addresses without the rest of the stuff better left to the application layer, it would probably get implemented a lot faster.
Robots really are replaceable - you can have empathy for a robot doing a hard task, but the next one off the assembly line really is the same thing as the previous one. Robots are not unique little snowflakes, compared to the valuable human beings they protect by proxy.
The danger is, of course, when cheap, highly replaceable robotics replace enough of the work of war, that the perceived cost of war itself becomes less and less. We're in little danger of that occurring now, and I'd gladly see any human life saved by our current efforts, but I do worry about the possible increased use of war once a poor village could be suppressed entirely with mobile automated turrets with a few controllers hidden in a safe zone.
Well, the real reason for the development of robots, is that it closes one of the gaps inherent in our current wars, which generally involve a group of people who put a very high value on their lives, fighting a group of people who put a very low value on their own lives. It's one possible answer to "how do you fight people who don't care if they die?"
The American public -- and most other Western nations -- is willing to spend a lot of money, and a lot of resources, but isn't willing to spill a whole lot of (their own) blood before they pull the plug on a military operation. If you can create machines that perform the same tasks as people, and get blown up instead of people, then you can hopefully reduce friendly casualties. In short, you trade treasure for blood.
You don't see Al Qaeda researching killer robots, because they have the opposite problem -- lots of blood to spill, not a whole lot of treasure to use developing expensive new weapons systems. Hence why they think a person is an effective ordnance-delivery system.
The question is really whether all this technology can keep any particular war asymmetrical enough to defeat a heavy-on-blood/light-on-treasure enemy, before the public gets fed up with losing its young people and stops supporting it. If you look just at casualty figures, Western armies are some of the most effective military organizations ever created, in terms of inflicting damage and death on an 'enemy' without really absorbing any. Depending on which figure you believe, the "enemy" dead in Iraq are somewhere north of 100,000 (although it's certainly debatable whether most of them were really 'enemy' or just 'wrong place, wrong time,' although most figures that I've seen including civilians are up around 600k), with only 3378 U.S. dead in the same period -- if true that's about 30:1. However, by most measures we're still losing the war, and will soon pull out without any clear victory, because even at that 30:1 ratio, it's still too high a rate of friendly casualties for the American public to bear for the perceived gain. (And admittedly, the perceived gain is basically nothing, as far as most people can see, I think. Killing Saddam was a goal that people found supportable, bringing democracy to a country that seems positively uninterested in it doesn't seem to be.)
So I think it's with this idea in mind, that leaders in the military are pushing high technology and robots to replace soldiers wherever possible, in the hopes that perhaps by increasing that ratio even further, that they can be effective in their mission (however inadvisable that mission may be) without losing the support of the public that's required to accomplish it.
Am I the only one here who thinks that is totally fsck'ed up? What exactly are theser robots for again? Or is this another case of "Don't Ask, Don't Tell" ?;)
Not really that surprising; almost all aircraft are also named after women. E.g. the "Enola Gay" was named after the pilot's mother, IIRC, although most of them had slightly more risque origins. (I'm sure Freud would have had a field day with the Enola Gay.)
Seriously, though, perhaps it'd be beneficial to equip robots with sensors and constraints which would let them feel "pain". Kind of like how if you try to overextend your arm you'll feel pain in the shoulder. It could become a self-limiting mechanism.
I guess this may just become an argument of semantics, but I think you could say that we already do. I think most robots, or at least some of them, have various kinds of integrated strain sensors and are programmed to not exceed their design limits. I assume all of those big industrial robots are -- you wouldn't want the $75,000 robot arm to try and pick up an engine block, only to not realize that it's bolted to the floor, and rip itself off of its mountings and destroy itself in the process.
Whether you can describe the output from a strain gauge that gets fed into a microcontroller as "pain" or not is arguable; the difference between a robot and a human is that a robot can be trivially reprogrammed to ignore the input coming from a sensor, while pain is difficult for a person to ignore once it reaches a certain level (although this can be conditioned -- I know people who can reach into boiling water with their bare hands, if they do it quickly, because they've learned to overcome the reaction to pull their hand back; still, I doubt they'd be able to do the same thing with molten lead or glass), unless they're on drugs or the pain is being artificially blocked.
I'm pretty sure that they don't have feelings for a floor jack, or won't until it can move on its own. Now is the time for people to think about and begin establishing 'rights' for machines... WTF?
I wouldn't count on that. I worked in a big warehouse once, and some of the guys got pretty attached to their pallet jacks; they'd each have their own and god forbid you tried to drive it. Several of them had names.
People are funny that way. It's not a 'robot thing,' it's a 'complicated machine' thing. When a device gets complicated enough that it develops "quirks" (problems that are difficult to diagnose and/or transient), there's a tendency to anthropomorphize them. But the tendency to do it decreases with the more knowledge you have about how it works. E.g., the people who give names to their cars are generally not auto mechanics; likewise I suspect the designers of the de-mining robot would probably have not had as much of a problem testing it to pieces (or rather, their objection would probably have been "I don't want to watch six months of work get blown up," not "that's inhumane to the robot"), because they know what goes into it.
People do the same things to computers; I've dealt with lots of people who will say their computer is "tired," when it's really RAM starved -- after using it for a while, it'll run out of memory and start thrashing the disks, slowing it down. To someone who doesn't understand that, they just understand that after a certain amount of time, the computer appears to get 'fatigued.' Since they don't know any better, they try to understand the mysterious behavior using the closest analog to it that they do understand, which is themselves / other people.
You wouldn't need to. IPv6 has the capability of having temporary addresses, where the client machine basically generates the last few bits (actually quite a few) of the address randomly. You can swap these addresses as frequently as you'd like (well, it will probably do Bad Things to the upstream routers if you change them too quickly, and it might be considered abusive at some point) in order to retain a level of anonymity that's greater than or equal to what you have with IPv4+NAT right now. (It's still not true anonymity, and isn't a replacement for systems like Tor, but it would make it close to impossible to figure out which device on your LAN the traffic is coming from, without compromising your LAN's router itself.)
You might want to read this document from the IETF regarding privacy and IPv6. Ensuring privacy, or at least not eliminating it, was a major concern of theirs during the design of v6, and I think you'll find that your privacy is protected just as well or better than it is under IPv4 (which is to say, not really all that well, but if it gives you a warm fuzzy feeling to think so, enjoy). http://playground.sun.com/ipv6/specs/ipv6-address- privacy.html
Therefore, in the future IPv6-based Internet, we expect many devices to have two kinds of IP addresses:
* Unique, stable addresses, assigned in any of several possible ways (e.g., by manual configuration, by an address server like DHCP, or by auto-configuration using embedded, factory-assigned LAN addresses), for the purpose of being a target, and for use when initiating communication to other, trusted targets, such as targets within the same home or enterprise.
* Temporary, transient addresses, such as those containing a random number in place of a factory-assigned serial number, for use when initiating communication to less trusted targets, such as public web servers.
The choice of which kind of address to use when initiating communication is somewhat analogous to the choice that must be made when placing a telephone call in the presence of the "Caller ID" feature, i.e., whether or not to reveal the calling party's number to the called party. IPv6 addresses offer both choices.
I think the idea is to have more permissive firewalls since with that many IP addresses available in IPv6 the odds someone will be RANDOMLY scanning and hitting something for someone is so remote that it is almost a guarantee that they're specifically looking for you.
No. I don't know of any non-clueless person who is pushing IPv6 and claiming that the address space, in and of itself, is a security enhancement. That's just wrong and bad.
Just think -- every time you go to a website, that server has your IPv6 address. If you're depending on the address for security, an attacker could just harvest the addresses from various websites and then use them to start attacking. (And if they got into the logs of a popular web site they'd have millions or billions of probably-valid addresses to work with.)
That's not security, and it's not why IPv6 is a good idea. IPv6 lets you have many more public addresses -- which are not secret -- and define good security policies based on them, so that you don't have to have a one-size-fits-all, lowest-common-security-denominator-wins policy for your entire LAN. (Which is pretty much how most home networks are now -- if you have a few insecure Windows boxes on the LAN, you need to tighten up the whole thing, since you can't really create multiple subnets with different security policies when you only have one outside-facing IP.) This way you can have hardened devices either out in public or with very permissive firewalls, and insecure devices behind tougher firewalls, without compromising each other.
No reasonable person would ever depend on the length of the address field as a security method. All security policies have to be based on the assumption that the attacker will know the address of the machine he wants to attack and what services it is running, and IPv6 allows for this easily.
Right now, most people haven't run into it, but there's no easy way to have multiple SIP VoIP "lines"* into your house, when you only have one IP address.
* I mean "lines" in the POTS sense, of independent full-duplex telephone circuits, each with their own numbers. And yeah, I know you can get this if you use protocols other than SIP, but they have their own problems.
When people talk about using NAT, 99% of the time they don't mean a 1:1 NAT, but a NAPT as found in home routers and configurable in many midsize routers and PC operating systems.
Such a NAPT does offer security because it disallows all uninvited incoming connections and thus shields "services" running on systems inside of the NAPT from access from the Internet.
Sure. But what they're really describing isn't NAT, but rather the stateful firewall that's inherent in all non-trivial implementations of NAT.
Since you can take just the stateful firewall part, and use it with IPv6, there's no security disadvantage there. All you lose is the kludgy NAT parts, and in trade you gain the ability to do much more complex and useful routing -- creating various subnets with different security levels, etc. It's nothing that hasn't been going on with big corporate networks for years (those companies that have Class A blocks and can afford to give every workstation a 'real' IP still have firewalls and security policies), but now home users can have the same flexibility, if they want it.
I'm a little confused about how someone would be able to go about building a DMZ using IPv6 - just connect it through a different switch and don't allow traffic to go from it to your "internal" machines?
Basically, it's just like an Ethernet VLAN, except it would be as part of a router, not a switch, because you're one level higher on the OSI model. (Ethernet is Layer 2, IP is Layer 3.) But fundamentally it's a similar idea; a subnet is really just a Layer 3 VLAN. (In actuality, I think on most networks there is a 1:1 relationship between Ethernet MACs and IPv6 addresses, so the difference between routers and switches will probably become even more nuanced.) But it's not hard to set up, it's just a matter of configuring the firewall-box's routing table appropriately. (Which in a consumer appliance would be set up already, probably with a clearly marked plug on the back for them to attach their VoIP ATA into.)
Basically you could just tell your home-router to route all traffic destined (based on the IPv6 address) for your VoIP box directly to its destination, unfiltered, but also to not treat traffic coming from that VoIP box any differently from traffic coming from anywhere else on the net. It would effectively be walled off in its own logical network. Someone who compromised it would still be able to use your WAN connection to send out viagra spam, but they wouldn't have any access to the rest of your network, any more than they already do from the outside.
This isn't about NAT, it's about firewalling (blocking ports). You can have a firewall without NAT, but apparently allowing firewalls allows NAT too. Since NAT is bad design, and as you say unnecessary, we'd like to disallow it at the protocol level. However if you do that, you can't have a firewall which is a problem for some people. IMO, firewalls are bad design too. Close the ports you don't need, and use ACLs to limit access to the ports you do.
Sort of. By definition, a stateful firewall probably has the capability of performing NAT, but there's no reason why you'd want to, if you have enough external addresses for everything on your network.
I don't think that NAT is "disallowed at the protocol level," as much as just rendered unnecessary. You could still build an IPv6 NAT box, if you really wanted to, but it would be a bit stupid. It's like building a box that hides two Ethernet cards behind one MAC address -- sure, you could do it, but since they both already have unique identifiers, why would you want to? There's no shortage. (Okay, that may not be the best comparison in the world, but you get the idea.)
NAT is driven by a shortage of routable IP addresses. With v6, there's no longer a shortage. However, people are still going to want the security offered by stateful firewalls (NAT, in its most trivial 1:1 implementations, doesn't offer any security -- it's all in the firewall anyway), which if configured incorrectly or overzealously, could create almost as many problems themselves as NAT does currently.
However, I still think that IPv6 is a big improvement. Why? Because with v6, you have the option of not using the stateful firewall, on devices that are hindered by it, while still retaining the ability to use one and mimic IPv4 security behavior. With IPv4, unless you are wealthy enough to afford a static IP for everything in your house, you don't even have the option of exposing more than one device (per port) to the public Internet.
To me, this demonstrates that there's really no downside (besides the obvious implementation cost) to IPv6. People who just want nothing to change, can basically have nothing change. Their IPv6+Firewall network will behave just like an IPv4 one, but people who want to use the capabilities of IPv6 (for example, VoIP using SIP) will be able to, by reconfiguring their firewalls to be a bit smarter about incoming traffic.
I really don't think the problem is as big as it's being made out to be.
The advantage to IPv6 is that you can have more fully routable addresses, to the point where there wouldn't be any NAT anymore -- you might still have dynamically assigned addresses, but they'd still be fully routable across the entire network. This makes firewalling a lot simpler, because you can have more than one DMZed device.
Devices which are known to be relatively secure and are designed to sit out in full view of the public -- for instance, maybe a VoIP appliance that by definition has to accept incoming traffic, but rejects everything else (but which needs lots of ports and can't tolerate NAT or much 'dumb' firewalling), could be easily put into its own DMZ without compromising the rest of your LAN. Right now, with IPv4 and only one shared IP address per household, this is fairly difficult -- all firewall rules need to be port-based. With IPv6, you can also do more complex address-based routing.
So, let's say you have a network consisting of four devices and an IPv6 firewall; you have two highly insecure Windows boxes (for whatever reason) which aren't designed to and consequently cannot safely be exposed to the world, plus a hardened BSD machine which can have certain ports exposed (say, for email and SSH), and an VoIP appliance which needs to be able to make whatever connections it wants. You configure the firewall (which all traffic passes through) to not perform any packet filtering on the VoIP appliance's address, effectively leaving it outside the perimeter. (Hopefully the manufacturer of the appliance knows what they're doing. But, to be safe, you could set it up so that traffic from it doesn't get let in to the firewalled zone, so someone couldn't compromise it and use it to get in to the rest of your network.) The BSD machine's address gets only the necessary ports opened, with everything else to it automatically rejected. And the Windows boxes are totally firewalled, with all incoming connections rejected unless a port is specifically requested open.
The firewall required to do this isn't any less complex than a current NAT/stateful-firewall, but it provides several advantages. Rather than having only one externally-facing address for the entire LAN, and routing traffic based on the port or TCP connection, you can just route based on the IPv6 address, and create all sorts of (in)flexible rules based on how much trust you have in the destination device, which can include creating further subnets that are isolated from each other, for security purposes.
IPv6 isn't "insecure," in fact I think its wide adoption will greatly enhance end-user security, once people start figuring out how to work with it, and the Linksys and Netgear-type manufacturers start building inexpensive boxes to do the job.
The main difference between v4 and v6 is that with v4, there's a clear demarcation between "LAN" and "WAN." With IPv6, this isn't quite as true; rather than thinking of security in terms of castle walls, you need to use a more fluid metaphor. Everything in your house is part of the "WAN," in terms of addressing, but parts of it may be more secure than others.
See, I think at least with that, when you attend that school you know what you're getting into. I think those kids are missing out on a lot of fun times that they could be having if they didn't have their head so far up God's ass and if they went to a normal university, but that's their own choice to make. I can see one of those schools being within the bounds of their authority to withhold a degree from someone caught drinking alcohol.
I agree. While personally, the idea of going to such a place holds about as much appeal to me as does being put in a burlap sack and beaten with a piece of rebar for several years, if that's what someone really wants to do, more power to 'em. (That goes for both activities -- hanging out with a bunch of crazy Christers or getting beaten with rebar.)
However, the problem that occurs is when people like that, who have spent their lives doing their religious thing, decide that nobody else should have any fun, either, and begin trying to impress their value system on society as a whole. Now, I'm not saying that all religious people do that, but a sizable percentage of them seem to, and that's just not acceptable.
Slashdot Mirror
Since this system has no overall control agent, the cars are like a distributed computing network. Since most traffic is caused by faulty driving I welcome this kind of thing without hesitation.
How do you stop someone from fixing their car to constantly broadcast "DANGER: MOOSE AHEAD" or "EMERGENCY VEHICLE APPROACHING" so they can use it to get through traffic faster?
I think the abuse potential of these technologies need to be carefully studied. If there's a way that any system can be used to create even the most minuscule advantage in traffic, or simply be used to cause mayhem, people will do it in spades.
You don't need sophisticated sensors for this; in most situations, your vision alone is enough to give you 60 seconds of forewarning, or close to it, if you choose to drive "intelligently."
... the capability for "intelligence" is there, but people choose not to do it.
However, most people don't. They'll accelerate when they know there's a red light or stopped traffic in front of them, even though it just means they need to brake harder (and probably come to a complete stop, which they might have avoided by slowing down sooner); people follow too closely on highways and have to use their brakes, which really shouldn't be used for anything except emergencies (and the flashing of which screws up traffic behind them, because people think there's a problem); people mash down on the gas when they're just going to have to stop again in another 100 feet
Perhaps when gas costs more, people will choose to drive more efficiently.
For the foreseeable future it's much cheaper to lay down cable than fiber. Many, many areas still don't have access to fiber due to restrictions (distance to teleco, local laws, etc). However, cable is abundant. In my area, for example, we're STILL waiting on Verizon FIOS due to local laws. Cable companies would be happy to lay down more wire to my house on the cheap (and I'd be cool with paying for that).
Remember, don't think of things from technical advantages only. Think about it as a business (which it is). Why, for example, is DSL still successful in markets where FIOS/cable provide better speeds? Cost. If cable companies could lay down wire and give you the exact same speed as fiber (for half the cost), would you go for it? Even if you knew fiber would be likely to surpass it? I might. My neighbor definitely would.
That doesn't make a whole lot of sense. If you don't have fiber, it's probably because of regulatory/legal hurdles involved in negotiating the right-of-way, because Verizon might not have anything on the poles right now (where I am, they don't -- the POTS lines are the local telco, and then there's the cable co's coax and the power lines).
But the cable company already has stuff out there on the poles. If they're going to spend all the labor involved in stringing a new set of wires up there, they might as well use fiber instead of copper-conductor coaxial. It's not really that much harder to do, and there aren't any legal/regulatory hurdles that would stop them. AFAIK they already have fiber running to the nodes for backhaul, so it would really just be an expansion of their existing system.
They don't do it, because the labor involved in stringing cables is really expensive, and frankly they haven't really hit the saturation point of the coax they have out there yet. The phone companies have -- because they've pretty much maxed what you can do on TWP wiring with DSL -- but through skillful manipulation of the available bandwidth (eliminating analog channels and pushing more of it to heavily-compressed MPEG-2/4) the cable companies have at least another 5-10 years out of their coax that runs to the curb. When that gets saturated, the next step will be fiber, not doubling up the amount of coax.
(WTF was Roosevelt sabre-rattling about in 1899, anyway? The Spanish-American War?)
Well, in the speech he was obviously referencing the Civil War, but I think it's real point was calling out the Republican leadership at the time for their isolationism and (arguable) complacency and smugness in victory over Spain in the recently-concluded Spanish-American War (and in which he was a hero). The speech is usually referred to as the "Strenuous Life" speech; if you Google it you'll turn up the text and much analysis. But I think it's generally understood as a call for the United States to take up a more active, aggressive foreign policy, particularly versus the declining European empires.
Ironically, the speech didn't go over too well with the conservative leadership, and depending on who you believe, may have cost Roosevelt -- then the Governor of NY -- a lot of his support within his party. (The fact that he was generally rocking the boat and upsetting the well-oiled machine of NY politics probably didn't help, either.) They pretty much forced him to take the nomination for Vice President to incumbent McKinley, a weak position (compared to governorship of NY) which might have been the end of his political career, except that President McKinley got himself assassinated... and we all know the rest.
What if we can reproduce with them? (shudder) Cause if we can, someone will.
I can only see bad coming out of something like this and really not much potential good.
Well if Monsanto, or any of the other big firms into genetic research produce them, you can be sure that they'll be sterile. They wouldn't want anyone breeding their own after delivery; they'd want you to go back to the source for another fresh batch of clones.
You'd have to have been in a comma the last 7 years to not realize that Homeland Security doesn't give a fuck what you think.
Well, being in a comma for seven years certainly would do some odd things to your head, I have to give you that...
Fascinating. Still not sure I'm going to try that one at home, but good to know.
(Incidentally, my grandmother taught me the trick that's described in the WP article as a way of telling if a pan is too hot to put oil into, without putting the oil in and waiting to see if it smokes. If water skitters across it, it's probably above the smoke point of [olive] oil, and you should let it cool for a second or two before pouring it in. I had never known the name of the effect, though.)
It's derived from a Theodore Roosevelt quote.It's been used many times since then, usually to refer to the cost of a war on those prosecuting it. Cumulatively, "blood and treasure" are the sum cost of a war; the human cost and the material costs.
I specifically didn't use the word "money," because I didn't mean money; I was speaking more generally about the total material cost of a war, which is not just the cost in hard currency, but also in equipment and material, training dollars, missed opportunities, diverted resources, inflated goods prices due to trade disruption, and everything else.
But however, I think you have a point in that it may be becoming clichéd. I'll have to get more creative in the future.
I didn't get this for a while either, but they're using "preview" in the sense of "showing the whole movie, before it's officially released," which is quite distinct from those advertisements/teasers that get shown before other movies, and are properly called "trailers."
I don't know if calling 'trailers' 'previews' is an Americanism, but I found the whole thing pretty confusing.
The DOD get a little cash for *every* GPS reciver sold. You can't just build these things. You need to get a "licence". Also there is a thing called selective avaliblity.
Perhaps in the U.S. (although I've never heard of any license fees for building GPS receivers); I doubt that those license agreements would be enforceable outside the U.S. anyway, and I'm pretty certain that it wouldn't be hard to go to Taiwan or China and have a bunch of receivers made without paying. It's not like the DoD is going to degrade service for that.
Now, if you start using your bootlegged GPS receivers to pilot cruise missiles with, and you happen to not be in good odor with the U.S. at the moment, I can see how that might get you on the Selective Availability shitlist, but even then you'd have to be pretty egregious. The U.S. has more to lose by disabling parts of the GPS system than anyone else -- there are a lot of U.S. business interests that depend on GPS in various ways, and would be pretty pissed if something happened to it.
Even during the height of the war in Iraq, the DoD never degraded or interrupted civilian GPS service, because the U.S. had more to lose by interrupting service than the Iraqis did (due to the unavailability of military GPS receivers, a lot of soldiers were using civilian ones; more than one person has said that the modern U.S. Army runs almost as much on AA batteries as it does on diesel or food).
Selective Availability is a "nuclear option." Most of the scenarios that would invoke its use, would probably also invoke the use of anti-satellite weapons to disable a competing navigational system. It's not something that just gets tossed around at random, because the consequences for using it on U.S. assets (both military and civilian) would be dire. You'd have planes crashing, tankers running aground, farms not being harvested -- it would be a mess. (Sure, all planes and ships are supposed to have backup navigational systems, but I'm not sure I'd trust anyone to know how to use them for normal operations anymore; things would still get FUBAR pretty fast.)
Well, actually, I think the EU is really just the Germans and the French finally figuring out how to do jointly what they've been trying unsuccessfully to do independently for the last 300-odd years -- conquer the rest of Europe.
Seriously: they have a waiting list to get in. How slick is that? You've got countries falling over themselves, remaking themselves in your image, in order to be part of your empire. Not too shabby.
I said "no easy way," not that it's completely impossible. You can do it, but traversing multiple SIP connections over NAT with a single public-facing IP address is almost stupidly complex and/or requires specialized SIP-aware NAT hardware, and it's far beyond what most people are capable of doing, just for the static case. I don't even want to think about the case of roaming wireless SIP clients, which is really the goal.
IPv4 is going to die, and NAT along with it, it's just going to take a very, very long time. The main problem with IPv6 has nothing to do with its core functionality, the problem is that it had a serious case of featureitis (e.g. IPSec); if the IETF cut out the crap and just let people implement the long addresses without the rest of the stuff better left to the application layer, it would probably get implemented a lot faster.
Robots really are replaceable - you can have empathy for a robot doing a hard task, but the next one off the assembly line really is the same thing as the previous one. Robots are not unique little snowflakes, compared to the valuable human beings they protect by proxy.
The danger is, of course, when cheap, highly replaceable robotics replace enough of the work of war, that the perceived cost of war itself becomes less and less. We're in little danger of that occurring now, and I'd gladly see any human life saved by our current efforts, but I do worry about the possible increased use of war once a poor village could be suppressed entirely with mobile automated turrets with a few controllers hidden in a safe zone.
Well, the real reason for the development of robots, is that it closes one of the gaps inherent in our current wars, which generally involve a group of people who put a very high value on their lives, fighting a group of people who put a very low value on their own lives. It's one possible answer to "how do you fight people who don't care if they die?"
The American public -- and most other Western nations -- is willing to spend a lot of money, and a lot of resources, but isn't willing to spill a whole lot of (their own) blood before they pull the plug on a military operation. If you can create machines that perform the same tasks as people, and get blown up instead of people, then you can hopefully reduce friendly casualties. In short, you trade treasure for blood.
You don't see Al Qaeda researching killer robots, because they have the opposite problem -- lots of blood to spill, not a whole lot of treasure to use developing expensive new weapons systems. Hence why they think a person is an effective ordnance-delivery system.
The question is really whether all this technology can keep any particular war asymmetrical enough to defeat a heavy-on-blood/light-on-treasure enemy, before the public gets fed up with losing its young people and stops supporting it. If you look just at casualty figures, Western armies are some of the most effective military organizations ever created, in terms of inflicting damage and death on an 'enemy' without really absorbing any. Depending on which figure you believe, the "enemy" dead in Iraq are somewhere north of 100,000 (although it's certainly debatable whether most of them were really 'enemy' or just 'wrong place, wrong time,' although most figures that I've seen including civilians are up around 600k), with only 3378 U.S. dead in the same period -- if true that's about 30:1. However, by most measures we're still losing the war, and will soon pull out without any clear victory, because even at that 30:1 ratio, it's still too high a rate of friendly casualties for the American public to bear for the perceived gain. (And admittedly, the perceived gain is basically nothing, as far as most people can see, I think. Killing Saddam was a goal that people found supportable, bringing democracy to a country that seems positively uninterested in it doesn't seem to be.)
So I think it's with this idea in mind, that leaders in the military are pushing high technology and robots to replace soldiers wherever possible, in the hopes that perhaps by increasing that ratio even further, that they can be effective in their mission (however inadvisable that mission may be) without losing the support of the public that's required to accomplish it.
Am I the only one here who thinks that is totally fsck'ed up? What exactly are theser robots for again? Or is this another case of "Don't Ask, Don't Tell" ? ;)
Not really that surprising; almost all aircraft are also named after women. E.g. the "Enola Gay" was named after the pilot's mother, IIRC, although most of them had slightly more risque origins. (I'm sure Freud would have had a field day with the Enola Gay.)
Seriously, though, perhaps it'd be beneficial to equip robots with sensors and constraints which would let them feel "pain". Kind of like how if you try to overextend your arm you'll feel pain in the shoulder. It could become a self-limiting mechanism.
I guess this may just become an argument of semantics, but I think you could say that we already do. I think most robots, or at least some of them, have various kinds of integrated strain sensors and are programmed to not exceed their design limits. I assume all of those big industrial robots are -- you wouldn't want the $75,000 robot arm to try and pick up an engine block, only to not realize that it's bolted to the floor, and rip itself off of its mountings and destroy itself in the process.
Whether you can describe the output from a strain gauge that gets fed into a microcontroller as "pain" or not is arguable; the difference between a robot and a human is that a robot can be trivially reprogrammed to ignore the input coming from a sensor, while pain is difficult for a person to ignore once it reaches a certain level (although this can be conditioned -- I know people who can reach into boiling water with their bare hands, if they do it quickly, because they've learned to overcome the reaction to pull their hand back; still, I doubt they'd be able to do the same thing with molten lead or glass), unless they're on drugs or the pain is being artificially blocked.
I'm pretty sure that they don't have feelings for a floor jack, or won't until it can move on its own. Now is the time for people to think about and begin establishing 'rights' for machines... WTF?
I wouldn't count on that. I worked in a big warehouse once, and some of the guys got pretty attached to their pallet jacks; they'd each have their own and god forbid you tried to drive it. Several of them had names.
People are funny that way. It's not a 'robot thing,' it's a 'complicated machine' thing. When a device gets complicated enough that it develops "quirks" (problems that are difficult to diagnose and/or transient), there's a tendency to anthropomorphize them. But the tendency to do it decreases with the more knowledge you have about how it works. E.g., the people who give names to their cars are generally not auto mechanics; likewise I suspect the designers of the de-mining robot would probably have not had as much of a problem testing it to pieces (or rather, their objection would probably have been "I don't want to watch six months of work get blown up," not "that's inhumane to the robot"), because they know what goes into it.
People do the same things to computers; I've dealt with lots of people who will say their computer is "tired," when it's really RAM starved -- after using it for a while, it'll run out of memory and start thrashing the disks, slowing it down. To someone who doesn't understand that, they just understand that after a certain amount of time, the computer appears to get 'fatigued.' Since they don't know any better, they try to understand the mysterious behavior using the closest analog to it that they do understand, which is themselves / other people.
You might want to read this document from the IETF regarding privacy and IPv6. Ensuring privacy, or at least not eliminating it, was a major concern of theirs during the design of v6, and I think you'll find that your privacy is protected just as well or better than it is under IPv4 (which is to say, not really all that well, but if it gives you a warm fuzzy feeling to think so, enjoy).
http://playground.sun.com/ipv6/specs/ipv6-address
I think the idea is to have more permissive firewalls since with that many IP addresses available in IPv6 the odds someone will be RANDOMLY scanning and hitting something for someone is so remote that it is almost a guarantee that they're specifically looking for you.
No. I don't know of any non-clueless person who is pushing IPv6 and claiming that the address space, in and of itself, is a security enhancement. That's just wrong and bad.
Just think -- every time you go to a website, that server has your IPv6 address. If you're depending on the address for security, an attacker could just harvest the addresses from various websites and then use them to start attacking. (And if they got into the logs of a popular web site they'd have millions or billions of probably-valid addresses to work with.)
That's not security, and it's not why IPv6 is a good idea. IPv6 lets you have many more public addresses -- which are not secret -- and define good security policies based on them, so that you don't have to have a one-size-fits-all, lowest-common-security-denominator-wins policy for your entire LAN. (Which is pretty much how most home networks are now -- if you have a few insecure Windows boxes on the LAN, you need to tighten up the whole thing, since you can't really create multiple subnets with different security policies when you only have one outside-facing IP.) This way you can have hardened devices either out in public or with very permissive firewalls, and insecure devices behind tougher firewalls, without compromising each other.
No reasonable person would ever depend on the length of the address field as a security method. All security policies have to be based on the assumption that the attacker will know the address of the machine he wants to attack and what services it is running, and IPv6 allows for this easily.
What'sdriving it now that wasn't driving it five years ago?
SIP.
Right now, most people haven't run into it, but there's no easy way to have multiple SIP VoIP "lines"* into your house, when you only have one IP address.
* I mean "lines" in the POTS sense, of independent full-duplex telephone circuits, each with their own numbers. And yeah, I know you can get this if you use protocols other than SIP, but they have their own problems.
When people talk about using NAT, 99% of the time they don't mean a 1:1 NAT, but a NAPT as found in home routers and configurable in many midsize routers and PC operating systems.
Such a NAPT does offer security because it disallows all uninvited incoming connections and thus shields "services" running on systems inside of the NAPT from access from the Internet.
Sure. But what they're really describing isn't NAT, but rather the stateful firewall that's inherent in all non-trivial implementations of NAT.
Since you can take just the stateful firewall part, and use it with IPv6, there's no security disadvantage there. All you lose is the kludgy NAT parts, and in trade you gain the ability to do much more complex and useful routing -- creating various subnets with different security levels, etc. It's nothing that hasn't been going on with big corporate networks for years (those companies that have Class A blocks and can afford to give every workstation a 'real' IP still have firewalls and security policies), but now home users can have the same flexibility, if they want it.
I'm a little confused about how someone would be able to go about building a DMZ using IPv6 - just connect it through a different switch and don't allow traffic to go from it to your "internal" machines?
Basically, it's just like an Ethernet VLAN, except it would be as part of a router, not a switch, because you're one level higher on the OSI model. (Ethernet is Layer 2, IP is Layer 3.) But fundamentally it's a similar idea; a subnet is really just a Layer 3 VLAN. (In actuality, I think on most networks there is a 1:1 relationship between Ethernet MACs and IPv6 addresses, so the difference between routers and switches will probably become even more nuanced.) But it's not hard to set up, it's just a matter of configuring the firewall-box's routing table appropriately. (Which in a consumer appliance would be set up already, probably with a clearly marked plug on the back for them to attach their VoIP ATA into.)
Basically you could just tell your home-router to route all traffic destined (based on the IPv6 address) for your VoIP box directly to its destination, unfiltered, but also to not treat traffic coming from that VoIP box any differently from traffic coming from anywhere else on the net. It would effectively be walled off in its own logical network. Someone who compromised it would still be able to use your WAN connection to send out viagra spam, but they wouldn't have any access to the rest of your network, any more than they already do from the outside.
This isn't about NAT, it's about firewalling (blocking ports). You can have a firewall without NAT, but apparently allowing firewalls allows NAT too. Since NAT is bad design, and as you say unnecessary, we'd like to disallow it at the protocol level. However if you do that, you can't have a firewall which is a problem for some people. IMO, firewalls are bad design too. Close the ports you don't need, and use ACLs to limit access to the ports you do.
Sort of. By definition, a stateful firewall probably has the capability of performing NAT, but there's no reason why you'd want to, if you have enough external addresses for everything on your network.
I don't think that NAT is "disallowed at the protocol level," as much as just rendered unnecessary. You could still build an IPv6 NAT box, if you really wanted to, but it would be a bit stupid. It's like building a box that hides two Ethernet cards behind one MAC address -- sure, you could do it, but since they both already have unique identifiers, why would you want to? There's no shortage. (Okay, that may not be the best comparison in the world, but you get the idea.)
NAT is driven by a shortage of routable IP addresses. With v6, there's no longer a shortage. However, people are still going to want the security offered by stateful firewalls (NAT, in its most trivial 1:1 implementations, doesn't offer any security -- it's all in the firewall anyway), which if configured incorrectly or overzealously, could create almost as many problems themselves as NAT does currently.
However, I still think that IPv6 is a big improvement. Why? Because with v6, you have the option of not using the stateful firewall, on devices that are hindered by it, while still retaining the ability to use one and mimic IPv4 security behavior. With IPv4, unless you are wealthy enough to afford a static IP for everything in your house, you don't even have the option of exposing more than one device (per port) to the public Internet.
To me, this demonstrates that there's really no downside (besides the obvious implementation cost) to IPv6. People who just want nothing to change, can basically have nothing change. Their IPv6+Firewall network will behave just like an IPv4 one, but people who want to use the capabilities of IPv6 (for example, VoIP using SIP) will be able to, by reconfiguring their firewalls to be a bit smarter about incoming traffic.
I really don't think the problem is as big as it's being made out to be.
The advantage to IPv6 is that you can have more fully routable addresses, to the point where there wouldn't be any NAT anymore -- you might still have dynamically assigned addresses, but they'd still be fully routable across the entire network. This makes firewalling a lot simpler, because you can have more than one DMZed device.
Devices which are known to be relatively secure and are designed to sit out in full view of the public -- for instance, maybe a VoIP appliance that by definition has to accept incoming traffic, but rejects everything else (but which needs lots of ports and can't tolerate NAT or much 'dumb' firewalling), could be easily put into its own DMZ without compromising the rest of your LAN. Right now, with IPv4 and only one shared IP address per household, this is fairly difficult -- all firewall rules need to be port-based. With IPv6, you can also do more complex address-based routing.
So, let's say you have a network consisting of four devices and an IPv6 firewall; you have two highly insecure Windows boxes (for whatever reason) which aren't designed to and consequently cannot safely be exposed to the world, plus a hardened BSD machine which can have certain ports exposed (say, for email and SSH), and an VoIP appliance which needs to be able to make whatever connections it wants. You configure the firewall (which all traffic passes through) to not perform any packet filtering on the VoIP appliance's address, effectively leaving it outside the perimeter. (Hopefully the manufacturer of the appliance knows what they're doing. But, to be safe, you could set it up so that traffic from it doesn't get let in to the firewalled zone, so someone couldn't compromise it and use it to get in to the rest of your network.) The BSD machine's address gets only the necessary ports opened, with everything else to it automatically rejected. And the Windows boxes are totally firewalled, with all incoming connections rejected unless a port is specifically requested open.
The firewall required to do this isn't any less complex than a current NAT/stateful-firewall, but it provides several advantages. Rather than having only one externally-facing address for the entire LAN, and routing traffic based on the port or TCP connection, you can just route based on the IPv6 address, and create all sorts of (in)flexible rules based on how much trust you have in the destination device, which can include creating further subnets that are isolated from each other, for security purposes.
IPv6 isn't "insecure," in fact I think its wide adoption will greatly enhance end-user security, once people start figuring out how to work with it, and the Linksys and Netgear-type manufacturers start building inexpensive boxes to do the job.
The main difference between v4 and v6 is that with v4, there's a clear demarcation between "LAN" and "WAN." With IPv6, this isn't quite as true; rather than thinking of security in terms of castle walls, you need to use a more fluid metaphor. Everything in your house is part of the "WAN," in terms of addressing, but parts of it may be more secure than others.
See, I think at least with that, when you attend that school you know what you're getting into.
I think those kids are missing out on a lot of fun times that they could be having if they didn't have their head so far up God's ass and if they went to a normal university, but that's their own choice to make. I can see one of those schools being within the bounds of their authority to withhold a degree from someone caught drinking alcohol.
I agree. While personally, the idea of going to such a place holds about as much appeal to me as does being put in a burlap sack and beaten with a piece of rebar for several years, if that's what someone really wants to do, more power to 'em. (That goes for both activities -- hanging out with a bunch of crazy Christers or getting beaten with rebar.)
However, the problem that occurs is when people like that, who have spent their lives doing their religious thing, decide that nobody else should have any fun, either, and begin trying to impress their value system on society as a whole. Now, I'm not saying that all religious people do that, but a sizable percentage of them seem to, and that's just not acceptable.