Sprint currently does this with their AirCard service. In fact, even if you try to query a specific DNS server, it hijacks your request and redirects your packets to its own. I discovered this after wondering WTF my DNS server was not operating correctly-- it turns it that my new DNS record had not propagated to Sprint's DNS. Since I run our company's DNS, this is a major PITA to me. Oh yeah, they appear to mess with DNS record TTLs as well.
I'd gladly post examples but I'm at work and my AirCard is at home at the moment.
I would gladly switch to another ISP, but I'm locked-in to a 2-year contract. Unless I can argue that their DNS hijacking violates the TOS, but I doubt it.
I'm a little shaky on what the n2n people mean when they say "layer 2 VPN"-- I think this means that they run a tunneled virtual data link layer on top of UDP-- but they also mention the requirement of supernodes (ala Skype) to allow NAT traversal to happen. I'd have to know a little bit more about how the protocol works to know for sure, but I am a bit more skeptical about security when you allow that to happen. Perhaps they built it as a virtual layer 2 so that you could ensure that your upper-level end-to-end encryption happened despite your traffic being routed through upper-level intermediaries? Also-- what kind of protocol overhead are you getting when you have [physical]-[data link]-[network]-[transport (UDP)]-[application]-[data link]-[network]-[transport]-[application]? Seems like a neat app, so it would be nice if someone who knew a little more about it could answer my questions.
Paying for software that comes with guarantees (uptime other SLAs) also ensures that an IT department can pass the buck when the thing stops working. This is a big factor in IT purchasing decisions, and the reason why lots of IT folks pay the exorbitant costs for support contracts, when most of the time, you really could just stock the parts or run the thing yourself, often at a considerable discount.
That's trivially true, of course, but the premise of a make-believe world is that is it different from 'real life' in some important way. Isn't this why people participate in them? But if this person's experience turns out to hold for other make-believe environments, maybe the answer is more complex than that.
Because SSNs are supposed to be unique identifiers. Identifiers only. The problem is that they're also being used as the shared secret! There's nothing secret about an SSN, people, and there shouldn't be. I think at this point, the government needs to simply legislate the correct behavior, because companies like Comcast (who asked me for my SSN for 'security reasons' just the other day) just don't get it. Of course, getting the government to know the 'correct behavior' is yet another battle...
Well, the interesting thing, from the point of view of a social scientist is not that people are angry-- it's that they carry their real life behaviors into a fantasy world. That, despite the ground rules laid by the game designers, there's an additional set of rules defined by the players. Why is this the case? Where did they come from? Being able to create fantasy environments and watch these behaviors emerge is exactly the kind of thing that scientists have been unable to do in the past. At the very least, this article draws attention to a new way to study people.
And speaking of fantasy land... Firefox's spellchecker is now telling me that behavior is spelled behaviour. Pshaw.
Speaking as someone who is about to marry an optometrist: I, too, hope you have a long life, but that your eyesight makes a long, slow decline which requires lots of treatment;^)
Really, though, just kidding. I have a small collection of eye problems that are easily manageable because of modern medicine. Macular degeneration is pretty devastating for people, especially those people who are dealing with other diabetes-related problems (that said: kids, put down the sugar drinks-- diabetes is a horrible disease). Here's to hoping that these results are reproducible, and more important, actually helpful.
Determining if a program is a virus is equivalent to the Halting Problem. Given that, antivirus apps use heuristics instead, which unlike algorithms proven to be correct, sometimes give the wrong answer, but in general can decide with an acceptable degree of certainty.
It's hard to find figures for this (so, to the pedants out there, yes, I am pulling this out of my ass), but I suspect the rate at which malicious software is being written is increasing, because there are real financial incentives for virus-writers now. So the time cost in determining whether a given heuristic will give false positives or not is going through the roof. It's not surprising that AV vendors cut corners, or just don't do it right. How many possible variations of Windows XP SP3 do you think there are?
I personally think that AV is in a losing battle. While many here have pointed out that an end-user can be "gamed" into installing malicious software in a theoretically secure system (a problem that will probably never be solved), it doesn't change the fact that Windows is particularly easy to write viruses for. My personal choice is: don't run Windows. There are some security precautions I must take with Linux and OpenBSD, but in general, I mostly need to worry about whether I am an idiot—not whether my computer is failing me behind my back.
A basic premise of the relational model is that there is no relationship between rows. So it isn't surprising that SQL can't see any. Maybe you need to organize that data differently? You can solve a lot of problems in SQL using triggers, temporary tables, and the built-in aggregate and sorting functions.
And to expand on that a little, I think each part of the MVC idiom has it's own domain-specific language because those languages are well-suited to those applications. An imperative language with an emphasis on objects (e.g., Java) just doesn't do the same thing that a declarative set-theoretical language (SQL) does. Well, it can, but doing so is a royal pain in the ass. That same imperative language is also total overkill for defining a layout. HTML does that job beautifully and simply.
There are certainly common CS themes running between all three. We have three languages not because people haven't thought about those things, but because they make our lives easier.
Whenever I hear people bitching about 'doing away' with SQL, I always wonder what they think is wrong with it. SQL certainly has some limitations, don't get me wrong, but it is a great language for the vast, vast majority of cases. If your application is so specialized that SQL isn't appropriate, well, bravo, but that does not mean that the relational database concept is flawed. Personally, I think if people spent a few moments doing some formal analysis before they built their databases (imagine that, thinking before doing?!), they would find that SQL is a beautiful thing. If your implementation of SQL doesn't cut the mustard, maybe you just need a better query optimizer?
How do you defend yourself from such an audit? Driving on private roads doesn't exactly leave a paper trail. I know we're probably talking about 1% of 1% of people with this need here, but in a country with 3x10^8 people, it's worth thinking about ahead of time.
It depends on where you live. If, e.g., you live in Massachusetts, you're right, almost all driving is on public roads (except Worcester... but that's a different story). But if you live in Maine, the majority of your driving might be on private roads. Some of those private roads, like the ones in the North Maine Woods, you're already paying the logging company to use.
I think that per-mile taxes are the way to go. It more accurately represents usage, which is what you really want to tax in order to keep the system operating. But there are some gotchas like the one mentioned above that need to be worked out first. I'm not really sure how you could keep the system fair without tracking where someone is.
On some level, there isn't much difference between an application and a protocol. In fact, if you ever take a networking theory course, you'll see that each protocol layer in the network stack is, in fact a "protocol machine" (i.e., an application), which does the little protocol dance that makes functions at that layer happen.
But I digress. What the user is running into here is a fundamental problem with TCP over lossy networks. It really was not designed with really lossy networks in mind. E.g., the congestion control mechanism in TCP ("exponential backoff") makes the assumption that there is a wire sitting there and that certain parameters (like bandwidth) are not going to change. If you need certain QoS guarantees on a wireless link, TCP may be hard-pressed to deliver, because TCP's [limited] QoS mechanisms may make the problem worse. There is a HUGE amount of overhead on 802.11 networks to make sure that TCP doesn't suck.
I don't know how this person's microwave link is configured, but they might be better served by thinking about the QoS guarantees in the various layers in their network stack. I know a previous poster was joking when they said UDP might be a good option, but look, part of the problem on wireless is TCP's retransmission mechanism. With UDP it is up to the user/application to ask for a retransmit. Bittorrent works exactly like this, so something like Bittorrent, where each small file chunk gets its own hash, and those hashes are checked upon receipt, might not be a bad idea. I like rsync as well (because it has a rolling checksum feature), but again, you have TCP in the mix, and if I recall correctly, rsync will not retry automatically on failures, which is what you want.
Any group of people that rejects verifiable evidence is not a scientist, no matter what they call themselves. Being able to reject your assumptions or incorrect information in light of new information is fundamentally what science is about. That a few people don't get it doesn't invalidate the rest of science.
It's also important to note the difference between someone being "dogmatic" and someone saying "your evidence doesn't meet our standards for scientific inquiry". E.g., anecdotal evidence is not scientific evidence.
Since Satya Harvey is listed as the "SF Astrology Examiner" I think it is likely that she is serious. She also posted a follow up.
In her follow-up, she explains that she does not think that science is the only way that knowledge is revealed to people. She is entitled to her opinion, of course, but that does not mean that we have to agree with or respect it. The beauty of science is that it is something of an amorphous blob. If it turns out that astrology does reveal things about the universe that current science cannot observe, science will hungrily scoop it up and make it a part of itself.
The backend, for the vast majority of their customers, is up to the customer to decide. I had the pleasure of taking a grad CS course with an Akamai engineer, and I specifically asked him about Apple, which is one of the customers he works with. He said Apple provides their own backend.
As someone who works for a textbook publisher, I can say without a doubt that this issue is not as simple as it seems. It seems like a good idea, a big cost-savings win for the state. But you also need to consider:
The longevity of a paper textbook. You can pass this down for at least a decade. A $100 textbook amortized out 10 years essentially becomes a $10 textbook.
You can't pass down electronic textbooks, unless the state has some really great dealbrokers. There's just NO WAY any of the publishers I know will allow this-- in fact, they're all drooling at the idea of e-books (while simultaneously dreading it-- go figure) because it eliminates the used book market.
Maybe CA negotiates a site-license kind of deal, so that they can redistribute books as they see fit. Also seems like it might work, but in our experience, this is still a huge profit center for the publishers-- look at journals like Nature. IIRC, Nature charges something like $10K annually for their electronic subscription. This is NOT cheaper than the paper copy! But it *is* more flexible, because you don't have to worry about where to store those paper copies, while simultaneously making them available to an entire campus, and that's the reason libraries do it. Not because it's cheaper.
If you can't get the rights to pass down books over the years, do you roll your own textbooks? California probably has enough talented people, and worldwide there are probably enough talented people to do this, but at the moment, there isn't a lot of high-quality free information out there. Wikipedia is wonderful, but it is not teaching-quality material. You have to PAY people to produce stuff like that, and it takes time. Having the state commission free works is a great idea, but the publishers will crank up their campaign contributions to stop it, I can assure you.
Who buys the e-readers for the students? If you expect everyone to have one, you need to expect the state to buy it. Is this REALLY cheaper? I'd like to see some real figures, because I am extremely doubtful.
My first impression from this is: Arnold is passing off a pro-industry decision as a pro-California one. I am skeptical.
"anti-european". Please. As if pointing out that Europeans and Americans have philosophical differences is "anti-european". The European view on liberty-- and this is reflected in European law and popular culture-- is weighted on the side of the common good. American law and culture, for better or for worse, is weighted on the side of personal freedom, individualism. Both approaches have their merits and disadvantages-- I don't think I need to enumerate them here-- but the upshot is that European policy tends to be socially progressive and fiscally conservative. American policy is exactly the opposite.
Maybe it was callous of the poster to point this out with regard to the issue of control of the plane. Maybe the one thing had nothing to do with the other. But if it did, it wouldn't surprise me, because Europeans and Americans are different as Europeans are so fucking fond of pointing out.
No, I just like to point out that anti-Americanism is as useful and pigheaded a sentiment as pro-Americanism. Maybe if I point that out in a completely offensive way, it'll stick. I used to take the high road, but... life's too short. Sometimes you just need to rub a dog's nose in its own shit and get it over with.
Slashdot Mirror
I think you're supposed to say Geldautomat. Unfortunately, the last time I used one, it gave me stupid paper. Not gold :(
Sounds like the same strategy we'll have to use to get to their slashdotted DNS opt-out page. I kinda wonder if they did that on purpose.
Sprint currently does this with their AirCard service. In fact, even if you try to query a specific DNS server, it hijacks your request and redirects your packets to its own. I discovered this after wondering WTF my DNS server was not operating correctly-- it turns it that my new DNS record had not propagated to Sprint's DNS. Since I run our company's DNS, this is a major PITA to me. Oh yeah, they appear to mess with DNS record TTLs as well.
I'd gladly post examples but I'm at work and my AirCard is at home at the moment.
I would gladly switch to another ISP, but I'm locked-in to a 2-year contract. Unless I can argue that their DNS hijacking violates the TOS, but I doubt it.
I'm a little shaky on what the n2n people mean when they say "layer 2 VPN"-- I think this means that they run a tunneled virtual data link layer on top of UDP-- but they also mention the requirement of supernodes (ala Skype) to allow NAT traversal to happen. I'd have to know a little bit more about how the protocol works to know for sure, but I am a bit more skeptical about security when you allow that to happen. Perhaps they built it as a virtual layer 2 so that you could ensure that your upper-level end-to-end encryption happened despite your traffic being routed through upper-level intermediaries? Also-- what kind of protocol overhead are you getting when you have [physical]-[data link]-[network]-[transport (UDP)]-[application]-[data link]-[network]-[transport]-[application]? Seems like a neat app, so it would be nice if someone who knew a little more about it could answer my questions.
Paying for software that comes with guarantees (uptime other SLAs) also ensures that an IT department can pass the buck when the thing stops working. This is a big factor in IT purchasing decisions, and the reason why lots of IT folks pay the exorbitant costs for support contracts, when most of the time, you really could just stock the parts or run the thing yourself, often at a considerable discount.
That's trivially true, of course, but the premise of a make-believe world is that is it different from 'real life' in some important way. Isn't this why people participate in them? But if this person's experience turns out to hold for other make-believe environments, maybe the answer is more complex than that.
Because out of all of the data centers in the world, there were problems at five? Riiiiight. Good reporting, Slashdot.
Can I sign up for broken water main notices here, too, or do I need to go to another website?
Because SSNs are supposed to be unique identifiers. Identifiers only. The problem is that they're also being used as the shared secret! There's nothing secret about an SSN, people, and there shouldn't be. I think at this point, the government needs to simply legislate the correct behavior, because companies like Comcast (who asked me for my SSN for 'security reasons' just the other day) just don't get it. Of course, getting the government to know the 'correct behavior' is yet another battle...
That doesn't mesh with my understanding of type 2 diabetes. Here's my citation. Where's yours?
Well, the interesting thing, from the point of view of a social scientist is not that people are angry-- it's that they carry their real life behaviors into a fantasy world. That, despite the ground rules laid by the game designers, there's an additional set of rules defined by the players. Why is this the case? Where did they come from? Being able to create fantasy environments and watch these behaviors emerge is exactly the kind of thing that scientists have been unable to do in the past. At the very least, this article draws attention to a new way to study people.
And speaking of fantasy land... Firefox's spellchecker is now telling me that behavior is spelled behaviour. Pshaw.
Speaking as someone who is about to marry an optometrist: I, too, hope you have a long life, but that your eyesight makes a long, slow decline which requires lots of treatment ;^)
Really, though, just kidding. I have a small collection of eye problems that are easily manageable because of modern medicine. Macular degeneration is pretty devastating for people, especially those people who are dealing with other diabetes-related problems (that said: kids, put down the sugar drinks-- diabetes is a horrible disease). Here's to hoping that these results are reproducible, and more important, actually helpful.
I personally think that AV is in a losing battle. While many here have pointed out that an end-user can be "gamed" into installing malicious software in a theoretically secure system (a problem that will probably never be solved), it doesn't change the fact that Windows is particularly easy to write viruses for. My personal choice is: don't run Windows. There are some security precautions I must take with Linux and OpenBSD, but in general, I mostly need to worry about whether I am an idiot—not whether my computer is failing me behind my back.
A basic premise of the relational model is that there is no relationship between rows. So it isn't surprising that SQL can't see any. Maybe you need to organize that data differently? You can solve a lot of problems in SQL using triggers, temporary tables, and the built-in aggregate and sorting functions.
And to expand on that a little, I think each part of the MVC idiom has it's own domain-specific language because those languages are well-suited to those applications. An imperative language with an emphasis on objects (e.g., Java) just doesn't do the same thing that a declarative set-theoretical language (SQL) does. Well, it can, but doing so is a royal pain in the ass. That same imperative language is also total overkill for defining a layout. HTML does that job beautifully and simply.
There are certainly common CS themes running between all three. We have three languages not because people haven't thought about those things, but because they make our lives easier.
Whenever I hear people bitching about 'doing away' with SQL, I always wonder what they think is wrong with it. SQL certainly has some limitations, don't get me wrong, but it is a great language for the vast, vast majority of cases. If your application is so specialized that SQL isn't appropriate, well, bravo, but that does not mean that the relational database concept is flawed. Personally, I think if people spent a few moments doing some formal analysis before they built their databases (imagine that, thinking before doing?!), they would find that SQL is a beautiful thing. If your implementation of SQL doesn't cut the mustard, maybe you just need a better query optimizer?
How do you defend yourself from such an audit? Driving on private roads doesn't exactly leave a paper trail. I know we're probably talking about 1% of 1% of people with this need here, but in a country with 3x10^8 people, it's worth thinking about ahead of time.
It depends on where you live. If, e.g., you live in Massachusetts, you're right, almost all driving is on public roads (except Worcester... but that's a different story). But if you live in Maine, the majority of your driving might be on private roads. Some of those private roads, like the ones in the North Maine Woods, you're already paying the logging company to use.
I think that per-mile taxes are the way to go. It more accurately represents usage, which is what you really want to tax in order to keep the system operating. But there are some gotchas like the one mentioned above that need to be worked out first. I'm not really sure how you could keep the system fair without tracking where someone is.
That is exactly the kind of answer that makes me smack my forehead. Duh! Good thought!
On some level, there isn't much difference between an application and a protocol. In fact, if you ever take a networking theory course, you'll see that each protocol layer in the network stack is, in fact a "protocol machine" (i.e., an application), which does the little protocol dance that makes functions at that layer happen.
But I digress. What the user is running into here is a fundamental problem with TCP over lossy networks. It really was not designed with really lossy networks in mind. E.g., the congestion control mechanism in TCP ("exponential backoff") makes the assumption that there is a wire sitting there and that certain parameters (like bandwidth) are not going to change. If you need certain QoS guarantees on a wireless link, TCP may be hard-pressed to deliver, because TCP's [limited] QoS mechanisms may make the problem worse. There is a HUGE amount of overhead on 802.11 networks to make sure that TCP doesn't suck.
I don't know how this person's microwave link is configured, but they might be better served by thinking about the QoS guarantees in the various layers in their network stack. I know a previous poster was joking when they said UDP might be a good option, but look, part of the problem on wireless is TCP's retransmission mechanism. With UDP it is up to the user/application to ask for a retransmit. Bittorrent works exactly like this, so something like Bittorrent, where each small file chunk gets its own hash, and those hashes are checked upon receipt, might not be a bad idea. I like rsync as well (because it has a rolling checksum feature), but again, you have TCP in the mix, and if I recall correctly, rsync will not retry automatically on failures, which is what you want.
Because airspace is not private property. Carriers have to play by the federal government's rules if they want to use a public resource.
Any group of people that rejects verifiable evidence is not a scientist, no matter what they call themselves. Being able to reject your assumptions or incorrect information in light of new information is fundamentally what science is about. That a few people don't get it doesn't invalidate the rest of science.
It's also important to note the difference between someone being "dogmatic" and someone saying "your evidence doesn't meet our standards for scientific inquiry". E.g., anecdotal evidence is not scientific evidence.
Since Satya Harvey is listed as the "SF Astrology Examiner" I think it is likely that she is serious. She also posted a follow up.
In her follow-up, she explains that she does not think that science is the only way that knowledge is revealed to people. She is entitled to her opinion, of course, but that does not mean that we have to agree with or respect it. The beauty of science is that it is something of an amorphous blob. If it turns out that astrology does reveal things about the universe that current science cannot observe, science will hungrily scoop it up and make it a part of itself.
The backend, for the vast majority of their customers, is up to the customer to decide. I had the pleasure of taking a grad CS course with an Akamai engineer, and I specifically asked him about Apple, which is one of the customers he works with. He said Apple provides their own backend.
My first impression from this is: Arnold is passing off a pro-industry decision as a pro-California one. I am skeptical.
"anti-european". Please. As if pointing out that Europeans and Americans have philosophical differences is "anti-european". The European view on liberty-- and this is reflected in European law and popular culture-- is weighted on the side of the common good. American law and culture, for better or for worse, is weighted on the side of personal freedom, individualism. Both approaches have their merits and disadvantages-- I don't think I need to enumerate them here-- but the upshot is that European policy tends to be socially progressive and fiscally conservative. American policy is exactly the opposite.
Maybe it was callous of the poster to point this out with regard to the issue of control of the plane. Maybe the one thing had nothing to do with the other. But if it did, it wouldn't surprise me, because Europeans and Americans are different as Europeans are so fucking fond of pointing out.
No, I just like to point out that anti-Americanism is as useful and pigheaded a sentiment as pro-Americanism. Maybe if I point that out in a completely offensive way, it'll stick. I used to take the high road, but... life's too short. Sometimes you just need to rub a dog's nose in its own shit and get it over with.