A device leaking 2W consumes 17.532 kWh per year. (2 * 24 * 365.25)
Multiply by 103 million: 1.8 TWh (terawatt-hours) total annually. At any given time, the rate of consumption is 103 million * 2W = 2.06 MW.
1.8 TWh represents 6.5 petajoules (10^15 joules) of energy. One gallon of gas contains 132 megajoules of energy, so worldwide that's about 50 million gallons of gas a year. That sounds like a lot, but consider: if everyone in the US (just the US, mind) used one less gallon of gas a year (and that's just the people who have cars or use gas-powered public transit), it would make up for this "huge" amount of wasted energy with enough left over for all those PS/2 users to play a few extra games into the bargain.
In other words, if you want something to worry about, "all those PS/2's wasting energy" should be pretty far down on your list.
I think the parent to your post was referring more to situations where political considerations are allowed to override technical realities. For example: ordinary users' accounts should never be Administrator/root-level on their workstations. This is a fundamental principle of security and it gets violated all over the place. At my own workplace, a fairly large university where I divide my time between two departments, one of the two has directed that all permanent staff shall have admin power on their PCs, despite the fact that over the years this policy has cost us untold hours of IT time repairing damage and slowness from adware/spyware. Apparently some years ago they tried to fix this and the faculty practically revolted because they couldn't install things like screensavers downloaded from the Internet any more.
By contrast the other department not only keeps Admin power in the IT department, but enforces some judiciously-chosen group policies to keep machines healthy. We have far fewer problems there, and most of those are misconfigured user settings or hardware failures.
Does anybody else remember how McAfee (the original founder of the company that bears his name) came to prominence doomsaying the Michaelangelo virus? He was predicting $60 million dollars of loss and fifty thousand to five million infections (in 1992, an era when most people had never heard of "The Internet"). Come March 6, 1992, very little happened and even his lower bound was several times higher than actual reported infections.
Google Earth Premium exists and the features for it are included in the free Google Earth client. Remember, "Google Earth" and the Google Maps Satellite view are direct results of Google's acquisition of Keyhole, and the Google Earth client similarly is a lineal descendant of the Keyhole client software. Keyhole was already selling subscriptions -- all Google's really done is make the basic subscription free, and tie the software in to other services like Google web search. There are even still references to Keyhole in the Google Earth client software and online help.
Crichton's descriptions only look realistic to someone with at most a superficial grasp of what he's describing. A pilot I know online has a great rant about some of the "realistic" ATC chatter in one of his books.
Ah. I hear similar things about recycling here in the US. In places like Northern Virginia where recycling is mandated, I've heard that recycled material is so cheap (because there's a glut on the market due to mandatory recycling) that it literally costs money to sell it -- you can't sell it for enough to make back the cost of collection and transport. So supplies have (allegedly) been "tightened" by, essentially, dumping the excess in the landfill.
And of course everyone I know has a story at second or third hand about office cleaning staff dumping the blue recycling bins in with the regular trash.
I suppose it's a question of line-drawing. It is impossible to possess child porn (in the sense of "images of actual children engaged in actual sex or prurient nudity") without an illegal act having been committed (whether or not you yourself committed it), so bona-fide child porn is never "unrelated to any actual abuse of a child". Generally US law recognizes that the valuable product of an illegal act is illegal to possess if you have knowledge that it was in fact produced illegally, which is why you can be prosecuted for knowingly receiving stolen property, and you can also I believe be separately prosecuted as an accessory to the original theft, or some similar idea, for providing financial support related to the commission of an illegal act.
Of course when the item in question is a stolen car stereo, you can argue that you didn't know it was stolen, and escape prosecution unless the state can show otherwise (but you still lose the stereo). Child porn is much much harder to make that argument on in most cases -- you can argue whether a person who looks 16 is really 15, 16 or even 21, but an 8-year-old kid is generally clearly young enough to be off-limits in every jurisdiction I'm familiar with.
The "edge cases" in kiddie porn are simulation, paste-ups (young head/older body), and debates over what constitutes looking or being too young or (in the case of simple nudity) what's "sexual" vs. "artistic". But in most cases none of those come into play, and it's immediately obvious the images are the product of an illegal act without which they could not exist.
That's true, but there's far too much of this "we must mandate impossible things to make sure no child anywhere could ever be exposed to anything immoral, illegal or fattening!" mindset going about. Outlawing child porn is one thing, and outside of extremist NAMBLA members I can't think of anybody who would oppose that. Using the most tenuous child porn connection imaginable as a lever to attempt to extract billions from a successful company and gain attention, is quite another.
By the lawsuit's logic, Microsoft is even guiltier than Google because its software does not attempt to stop the production and distribution of child porn on Microsoft operating systems. It's all there in Windows XP and Office -- just take pics with your digital camera, connect it to your PC, and Windows XP will offer to pull those images off and help you work with them. Then you use Office and FrontPage to upload them to a slick-looking website.
My personal opinions on Microsoft and their business practices aside, it's seriously stretching credibility to assert that Microsoft is complicit in and knowingly profiting from the creation and distribution of kiddie porn, and even more so to level the same charges at Google.
Apparently some degree of attention was paid to recycling. A comment on treehugger refers to an assertion by the company that developed it that the cans have been awarded the Grune Punkt, which appears to have something to do with recycling in the EU.
Since I originally submitted it under Science/Toys (nothing else seemed to fit as well), I can only assume it's under IT/Bug because the estimable CowboyNeal changed it when he posted it. I admit I didn't notice "Bug" when I submitted it or I probably would have submitted as Science/Bug. (I pondered briefly submitting under the topic "Java", especially given that topic's icon, but decided against.)
As for why I hope it's patched, partly that was just a lame excuse for a pun. But I'd also like to see a version of this become more mass-market. The volume occupied by the chemical reactants may seem excessive, but that may be something that can be worked out through testing (which probably won't happen unless the market demonstrates a demand for self-heating beverages in the first place). Somebody else mentioned the non-customizability, but really, I don't see what's to stop them from producing a user-customizable version with a removable/replaceable cap.
That "take tax money from all for the benefit of a subset of taxpayers" is the very definition of Public Policy. The only form of taxation which wouldn't follow that rule would be some incredibly pedantic (and probably unworkable) implementation of Communism. Can you cite an example where tax money (or even non-tax money, for that matter) is spent in a way which does not benefit one sub-group over another?
On a national level, defense, the Interstate system (which was funded as a defense project), basic science research, the list goes on. These don't benefit everyone directly but they do at least benefit everyone indirectly. Municipal wi-fi benefits a relatively wealthy segment of the population (those who can afford laptops and, to a lesser extent, those who can afford computers generally) at the disproportionate expense of those who cannot afford those fancy toys, and who don't derive indirect benefits either (so far no one's proposed a believable way in which municipal wi-fi benefits the poor, it's just a neat toy for Slashdotters and business people).
More to the point (and I meant to put this in my previous post) it's not even really needed most places. As I drive around DC or Baltimore, I can pick up any number of wireless access points that are open for use (deliberately, although there are at least as many that are just left unsecured). Even in my small town in suburban Maryland, I know of at least two places with public wireless Internet and those are just the ones I've been to that have it posted on the door. The market pressure to put wireless access in is pretty strong where it makes sense to do so, and it tends to avalanche -- one business does it, and others follow to keep up and not lose their customers (who, in fact, tend to be the ones with disposable income as noted above, and are thus valuable customers worth keeping around).
WiFi is unregulated spectrum. You have no guarantee, and no right to demand, that anyone else reserve any portion of that spectrum for your usage.
That's true, but that's exactly why municipal wireless access drives free-market access away. There are no guarantees in a market without a government network, but that applies equally to everyone. If a competitor stomps on your channel, you at least know it affects their revenue in the same way it does yours and can usually come to a mutually beneficial agreement. A government network doesn't have to make accommodation with its competitors, though -- it's funded by tax money, so it's going to be there regardless. You end up with a municipal wireless network and nothing else (not even private free APs, because why pay for bandwidth of your own if you can just use what's already there?)
And it doesn't need to be expensive, or necessarily impacting on scarch spectrum. Many muncipal network projects aim, for example, to lay pennies-per-meter fiber along side thousands-of-dollars-per-foot water and sewer lines (utilizing the same rights-of-way) which need to be run into every home anyway. The legislation many Carriers are proposing would make that particular economic efficiency illegal.
That's still a tough call. Universal network access is a lot harder to derive universal benefit from than it looks -- Blacksburg, VA made a lot of noise about becoming the first "electronic village" around 1994 or so, and the whole idea went nowhere according to friends of mine who lived there at the time (although the BEV website is still around). Who owns that fiber network, and for what purpose? Is the municipality going to provide telephone or network service over it? Is the fact that they've laid their own going to mean rather than let a telco lay fiber, they'll mandate that the telco use and pay for the municipal fiber? Without knowing more about a specifical municipal setup we can't know if it's equitable for everyone or not, and even then our definitions of "equitable" may differ.
For example in Batavia IL, millions of dollars were spent on a smear campaign to defeat a grassroots effort to build a fast municipality owned fiber network. Millions of dollars that could have been spent providing better services to consumers instead of buying politicians. How unAmerican is that? Blocking someone like me from rolling up my sleeves and doing it myself?!
Um. No, that's not what blocking municipal networks is about. No law says that you, Joe Anonymous Coward, cannot provide your neighbors a free or nonprofit wireless Internet service. What has been blocked in many places is municipal-owned communications service. And there's an argument to be made there, which is: it would take tax money from all for the benefit of a subset of taxpayers. In most places it'd take a lot of tax money and benefit a tiny set of consumers. That sounds fine if you're one of the ones who benefits, but that benefit to you is subsidized by the taxes of those who cannot take advantage of it. And if you were to somehow limit the tax increase to those who benefit from it, you've just provided a market service. The free market already knows how to do that and usually knows how to do it better than governments.
There's precedent for such schemes, but a) it's usually on a much larger scale, and b) it usually has significant indirect benefits to everyone taxed whether they benefit directly or not. You can look at projects like the DC Metro (often cost-justified by claiming it saves area drivers a significant amount of traffic-induced gas consumption, but I have no idea if that's actually true), or the Rural Electrification project started during the FDR administration (bringing power and phones to rural farms enables them to serve their customers -- i.e. the entire country -- better and cheaper, at least in theory).
A major problem with all these idealistic free-wireless-everywhere projects is that it doesn't scale very well. There's a limited number of channels -- most site surveys assume you can get reliable service only with a five-channel separation between access points. That typically means using channels 1, 6 and 11 (in the US), with 3 or 4 and 8 or 9 as backup if those are too congested. So a municipal WiFi scheme amounts to the municipality saying "We are going to impose ourselves on this chunk of spectrum, making it less reliable for others to use besides ourselves." This makes wireless less attractive to the free market, because who knows when some municipality will step in and try to steal your spectrum out from under you? It reduces one incentive for the free market to provide a service, which means you can end up at the mercy of a municipal network with no incentive to provide a reliable service at all.
Then on the other hand, you've got them pushing to tear down any and all regulation that are pro-consumer. IE - the removal of network neutrality provisions that allow you and me to innovate and compete on a *fair and level* playing field.
Let's be clear. Currently, no such provisions exist that apply to the Internet. The telcos/etc. are trying to block them from being imposed in the first place.
I checked out http://www.fone-me.com/ and it did redirect to https://www.fone-me.com/, but that doesn't really prove anything. What's another SSL-enabled virtual host on the same IP? That will be the real test.
so why can't the virtual host just be sent along with the HTP data in the encrypted SSL stream?
As I understand it, SSL certificates are tied to the name and IP of a secure server (this is to prevent man-in-the-middle attacks). So if you give every one of your secure virtual hosts its own routable IP, yes, you can virtual-host over SSL -- but you're not name-based-virtual-hosting any more. Otherwise your users are going to get warnings about the certificate not matching the server.
I don't know if it's possible to get umpteen certificates for servers with different names but the same IP. Does SSL certificate verification involve any kind of checks on reverse-resolved DNS data?
If you don't get a notification about a message not going through, it is because somewhere along the line, a server accepted it for delivery and something outside the SMTP chain caused that message to disappear. Maybe a rogue admin about to resign his job zapped the entire mailspool. Maybe just before the message got written out of the cache to the spool file on the disk, the server crashed. My point is that no matter how well designed a protocol is, there is always the possibility that things happen outside its ability to deal with.
The alternative is to default to having acknowledgement on delivery, and assuming a lack of acknowledgement is affirmative evidence that the message was not delivered, but then you a) increase the traffic without providing a real benefit in most cases and b) still have false negatives where you get no acknowledgement (because of an act-of-God issue that prevents you from getting it) even though the message itself actually was delivered. I don't see how Thunderbird (or any other mail client or any mail server or protocol) is supposed to deal with issues like those that exist under its OSI communications layer.
SMTP has mechanisms to inform the sender about message rejection or failed delivery. They are pretty robust and I can't remember the last time I genuinely failed to receive a message that the sender just didn't get a bounce notice for. It's always been either I got it but overlooked it, they got a bounce but overlooked it, the sender didn't get the bounce because they misconfigured their e-mail client with an incorrect sender address, or I got it and fibbed to the sender.
You're trying to make a store-and-forward protocol do things a store-and-forward protocol just can't do. You'd have to make a point-to-point connection to every single recipient for every e-mail session to do what you want to do. (We have that, actually -- it's called VOIP, or any number of other client-to-client chat/messaging protocols.)
1. None of these is true. Encrypted SMTP, POP and IMAP all exist and we've been using encrypted POP/IMAP where I work for over two years now.
In the article it is clearly stated, that you may encrypt the traffic between the client machine and the server, but once there, the traffic between SMTP hosts is not encrypted.
Unless you use SMTP hosts that support encryption. But really, the idea that SMTP hosts need to do that is a non-starter. If people need to send each other encrypted e-mail, they can do it themselves using GPG or whatever public-key method they choose. SMTP is and only ever should be about flinging raw bits around in something like a reliable fashion.
Besides that, he makes a flat statement as his summary that is just wrong and only half-heartedly retracts it at the end. If he'd said "Most" or some similar qualifier up front, I wouldn't have an issue with it.
2. Considering that this guy is, judging from the content of his post, very Microsoft-centered, for him to not know what Kerberos is suggests he is not even close to any kind of expertise in the field.
Kerberos is not M$ invention. Actually they put a lot of efforts to modify it, so it can not easily interop with the other implementations.
I'm well aware of that, having been around when the original kerfuffle about MS' broken implementatiuon of kerberos for Active Directory was going on. However, even though I knew absolutely nothing about AD then, I still knew that Kerberos was something to do with authentication. The author may be attempting to troll or be funny, but what he's accomplishing is to make himself look like a dilettante to a lot of people who know a lot about his subject.
3. Such as? How could IMAP be better?...
He says that IMAP has limitations. The whole article is about the limitations in the e-mail system, and the result should be a better collaboration system, without these limitations. It was never meant to suggest improvement in IMAP, etc.
If he's going to write an article about the limitations of e-mail, he needs to do better than handwave the specifics. What he perceives as "limitations in IMAP" might be no more than limitations in how it is implemented in his mail client of choice. For example, many people here where I work use Outlook for IMAP. Unfortunately Outlook is a horrible, horrible IMAP client and consequently those users get the idea that IMAP is a non-user-friendly way to access your e-mail. The few I've managed to set up with Thunderbird from time to time, on the other hand, actively resist moving to Outlook because everything runs smoothly for them.
4. Yes there is, because (say it with me!) E-MAIL IS NOT PRONE TO VIRUSES. E-MAIL CLIENTS ARE.
This is only part of the problem. With the limited (if any widely used) ability to really authenticate the sender (say with me: EMAIL SPOOF), you can easily mislead the recipient to open a malicious file.
E-mail sender authentication is not an issue. No, it's not. I promise. The issue is that people have this deep-seated tendency to trust whatever they're told. A guy calls me on the phone and says he's from my bank and he needs my social security number to verify my account: I don't care who he says he is, I hang up. People need to get used to the idea that just because it's on the screen doesn't mean it's real.
Besides that, strong mechanisms exist to verify the sender's identity. People could use them right now, but they don't, because they're too cumbersome -- and they're not even really that cumbersome if you look at how they work. Public-key cryptography is pretty slick when it's done right.
Thunderbird would spread like wildfire if it could do secure, guaranteed (to arrive, or notification if not) email.
It can. For many people, it does. Also, you're confusing a client issue (secure content) and an only partially client issue (secure delivery) with pure server issues (guaranteed delivery) which the client should not and in fact cannot address. And that issue is solved anyway, in SMTP, for what, 30-some years now?
The article starts off strong, but it has a couple of glaring issues that makle me question how qualified the author is to actually be talking authoritatively:
1. "If you are using SMTP (the universal pipe, remember?), you need to know that it doesn't encrypt data/messages. If you are using POP or IMAP, you need to know that they both require you to send unencrypted authentication (username/password)."
None of these is true. Encrypted SMTP, POP and IMAP all exist and we've been using encrypted POP/IMAP where I work for over two years now.
2. In the discussion of encrypted e-mail, he jumps straight into certificates with no acknowledgement or apparently even clue that PGP/etc. exist and are a lot simpler to set up and use (even in Outlook, or even manually if you have to).
3. "Eudora Security Flashback: I still don't know what the hell Kerberos is and what it has to do with a dog much less my email?"
Considering that this guy is, judging from the content of his post, very Microsoft-centered, for him to not know what Kerberos is suggests he is not even close to any kind of expertise in the field.
4. "Most companies spend a fortune locking down their IT infrastructure. This results in either Total Lockdown, also known as Paralysis whereby no one can do anything without a password, passkey, keycard, signature and sign-in sheet; or in No Lockdown, also known as Free-Love-Utopia whereby everyone is equal because everyone is an Administrator."
Um... no? He says "This results" as though these alternatives are the only two possible. This is probably just sloppy writing, but it still sticks out at me.
5. "If everyone used Outlook (70% of Central Desktop users use Outlook), then the ability to assign priority to each message would actually work. But we don't live in a Microsoft world (in spite of what many of you might think) and instead, we usually measure and weigh the importance of an email message by the number of people included in the carbon copy. This is highly subjective and fails to address the need to order and sort messages and task by importance."
I know from personal experience that Eudora among others had the capability to set and recognize a Priority or read-receipt header as long as 10 years ago. Priority fell out of favor because of abuse by spammers, but it does exist. And that was valid for any message sent to or from anyone on the Internet. Can we trust Outlook's read-receipt and priority flags to be as portable?
6. "Its still challenging for multiple people to share business email accounts (i.e. support, bugs and sales messages). IMAP sort of works, but presents its fair-share of limitations."
Such as? How could IMAP be better? Given the inherent needs and limits of sharing what is essentially a file folder, I think IMAP is designed about as well as it can be. There could be improvements, but nothing I can think of that would make me go "wow! It's a whole different IMAP!"
7. "Email is Prone to Viruses - There is no need to elaborate here."
Yes there is, because (say it with me!) E-MAIL IS NOT PRONE TO VIRUSES. E-MAIL CLIENTS ARE.
There are some good points in this article, but you have to filter them out from the sophistry.
Which is the more heartless thing to do: pay someone market rate for a relatively safe job they can do, or refuse to pay them and force them to take up hazardous, degrading or illegal work?
When those leftist leaders give the finger to the "capitalist exploiters" and the money that used to come into their countries dries up, where will that leave their people?
I'm just pointing out that any scheme that depends on items not getting sold because of special colors or markings is doomed to have a hard impact with reality. It would be better to assume they will get sold in the black market and try to make that infeasible for some reason other than "the color tells me not to."
Slashdot Mirror
A device leaking 2W consumes 17.532 kWh per year. (2 * 24 * 365.25)
Multiply by 103 million: 1.8 TWh (terawatt-hours) total annually. At any given time, the rate of consumption is 103 million * 2W = 2.06 MW.
1.8 TWh represents 6.5 petajoules (10^15 joules) of energy. One gallon of gas contains 132 megajoules of energy, so worldwide that's about 50 million gallons of gas a year. That sounds like a lot, but consider: if everyone in the US (just the US, mind) used one less gallon of gas a year (and that's just the people who have cars or use gas-powered public transit), it would make up for this "huge" amount of wasted energy with enough left over for all those PS/2 users to play a few extra games into the bargain.
In other words, if you want something to worry about, "all those PS/2's wasting energy" should be pretty far down on your list.
By contrast the other department not only keeps Admin power in the IT department, but enforces some judiciously-chosen group policies to keep machines healthy. We have far fewer problems there, and most of those are misconfigured user settings or hardware failures.
This "scandal" is nothing new.
Google Earth Premium exists and the features for it are included in the free Google Earth client. Remember, "Google Earth" and the Google Maps Satellite view are direct results of Google's acquisition of Keyhole, and the Google Earth client similarly is a lineal descendant of the Keyhole client software. Keyhole was already selling subscriptions -- all Google's really done is make the basic subscription free, and tie the software in to other services like Google web search. There are even still references to Keyhole in the Google Earth client software and online help.
Crichton's descriptions only look realistic to someone with at most a superficial grasp of what he's describing. A pilot I know online has a great rant about some of the "realistic" ATC chatter in one of his books.
Look, native Hawaiians *still* respect Pele...
Pele's not a static pile of stuff. Occasionally she comes knocking at your door.
How remarkable that you think just because I hear these stories, that I make no effort to recycle. Good, clear thinking there.
And of course everyone I know has a story at second or third hand about office cleaning staff dumping the blue recycling bins in with the regular trash.
It doesn't? Can you provide details?
Of course when the item in question is a stolen car stereo, you can argue that you didn't know it was stolen, and escape prosecution unless the state can show otherwise (but you still lose the stereo). Child porn is much much harder to make that argument on in most cases -- you can argue whether a person who looks 16 is really 15, 16 or even 21, but an 8-year-old kid is generally clearly young enough to be off-limits in every jurisdiction I'm familiar with.
The "edge cases" in kiddie porn are simulation, paste-ups (young head/older body), and debates over what constitutes looking or being too young or (in the case of simple nudity) what's "sexual" vs. "artistic". But in most cases none of those come into play, and it's immediately obvious the images are the product of an illegal act without which they could not exist.
By the lawsuit's logic, Microsoft is even guiltier than Google because its software does not attempt to stop the production and distribution of child porn on Microsoft operating systems. It's all there in Windows XP and Office -- just take pics with your digital camera, connect it to your PC, and Windows XP will offer to pull those images off and help you work with them. Then you use Office and FrontPage to upload them to a slick-looking website.
My personal opinions on Microsoft and their business practices aside, it's seriously stretching credibility to assert that Microsoft is complicit in and knowingly profiting from the creation and distribution of kiddie porn, and even more so to level the same charges at Google.
I wish these people would quit trying to protect everyone else's children and stick to worrying about their own.
Apparently some painkillers are prescribed to be taken rectally in Japan.
Apparently some degree of attention was paid to recycling. A comment on treehugger refers to an assertion by the company that developed it that the cans have been awarded the Grune Punkt, which appears to have something to do with recycling in the EU.
As for why I hope it's patched, partly that was just a lame excuse for a pun. But I'd also like to see a version of this become more mass-market. The volume occupied by the chemical reactants may seem excessive, but that may be something that can be worked out through testing (which probably won't happen unless the market demonstrates a demand for self-heating beverages in the first place). Somebody else mentioned the non-customizability, but really, I don't see what's to stop them from producing a user-customizable version with a removable/replaceable cap.
That "take tax money from all for the benefit of a subset of taxpayers" is the very definition of Public Policy. The only form of taxation which wouldn't follow that rule would be some incredibly pedantic (and probably unworkable) implementation of Communism. Can you cite an example where tax money (or even non-tax money, for that matter) is spent in a way which does not benefit one sub-group over another?
On a national level, defense, the Interstate system (which was funded as a defense project), basic science research, the list goes on. These don't benefit everyone directly but they do at least benefit everyone indirectly. Municipal wi-fi benefits a relatively wealthy segment of the population (those who can afford laptops and, to a lesser extent, those who can afford computers generally) at the disproportionate expense of those who cannot afford those fancy toys, and who don't derive indirect benefits either (so far no one's proposed a believable way in which municipal wi-fi benefits the poor, it's just a neat toy for Slashdotters and business people).
More to the point (and I meant to put this in my previous post) it's not even really needed most places. As I drive around DC or Baltimore, I can pick up any number of wireless access points that are open for use (deliberately, although there are at least as many that are just left unsecured). Even in my small town in suburban Maryland, I know of at least two places with public wireless Internet and those are just the ones I've been to that have it posted on the door. The market pressure to put wireless access in is pretty strong where it makes sense to do so, and it tends to avalanche -- one business does it, and others follow to keep up and not lose their customers (who, in fact, tend to be the ones with disposable income as noted above, and are thus valuable customers worth keeping around).
WiFi is unregulated spectrum. You have no guarantee, and no right to demand, that anyone else reserve any portion of that spectrum for your usage.
That's true, but that's exactly why municipal wireless access drives free-market access away. There are no guarantees in a market without a government network, but that applies equally to everyone. If a competitor stomps on your channel, you at least know it affects their revenue in the same way it does yours and can usually come to a mutually beneficial agreement. A government network doesn't have to make accommodation with its competitors, though -- it's funded by tax money, so it's going to be there regardless. You end up with a municipal wireless network and nothing else (not even private free APs, because why pay for bandwidth of your own if you can just use what's already there?)
And it doesn't need to be expensive, or necessarily impacting on scarch spectrum. Many muncipal network projects aim, for example, to lay pennies-per-meter fiber along side thousands-of-dollars-per-foot water and sewer lines (utilizing the same rights-of-way) which need to be run into every home anyway. The legislation many Carriers are proposing would make that particular economic efficiency illegal.
That's still a tough call. Universal network access is a lot harder to derive universal benefit from than it looks -- Blacksburg, VA made a lot of noise about becoming the first "electronic village" around 1994 or so, and the whole idea went nowhere according to friends of mine who lived there at the time (although the BEV website is still around). Who owns that fiber network, and for what purpose? Is the municipality going to provide telephone or network service over it? Is the fact that they've laid their own going to mean rather than let a telco lay fiber, they'll mandate that the telco use and pay for the municipal fiber? Without knowing more about a specifical municipal setup we can't know if it's equitable for everyone or not, and even then our definitions of "equitable" may differ.
For example in Batavia IL, millions of dollars were spent on a smear campaign to defeat a grassroots effort to build a fast municipality owned fiber network. Millions of dollars that could have been spent providing better services to consumers instead of buying politicians. How unAmerican is that? Blocking someone like me from rolling up my sleeves and doing it myself?!
Um. No, that's not what blocking municipal networks is about. No law says that you, Joe Anonymous Coward, cannot provide your neighbors a free or nonprofit wireless Internet service. What has been blocked in many places is municipal-owned communications service. And there's an argument to be made there, which is: it would take tax money from all for the benefit of a subset of taxpayers. In most places it'd take a lot of tax money and benefit a tiny set of consumers. That sounds fine if you're one of the ones who benefits, but that benefit to you is subsidized by the taxes of those who cannot take advantage of it. And if you were to somehow limit the tax increase to those who benefit from it, you've just provided a market service. The free market already knows how to do that and usually knows how to do it better than governments.
There's precedent for such schemes, but a) it's usually on a much larger scale, and b) it usually has significant indirect benefits to everyone taxed whether they benefit directly or not. You can look at projects like the DC Metro (often cost-justified by claiming it saves area drivers a significant amount of traffic-induced gas consumption, but I have no idea if that's actually true), or the Rural Electrification project started during the FDR administration (bringing power and phones to rural farms enables them to serve their customers -- i.e. the entire country -- better and cheaper, at least in theory).
A major problem with all these idealistic free-wireless-everywhere projects is that it doesn't scale very well. There's a limited number of channels -- most site surveys assume you can get reliable service only with a five-channel separation between access points. That typically means using channels 1, 6 and 11 (in the US), with 3 or 4 and 8 or 9 as backup if those are too congested. So a municipal WiFi scheme amounts to the municipality saying "We are going to impose ourselves on this chunk of spectrum, making it less reliable for others to use besides ourselves." This makes wireless less attractive to the free market, because who knows when some municipality will step in and try to steal your spectrum out from under you? It reduces one incentive for the free market to provide a service, which means you can end up at the mercy of a municipal network with no incentive to provide a reliable service at all.
Then on the other hand, you've got them pushing to tear down any and all regulation that are pro-consumer. IE - the removal of network neutrality provisions that allow you and me to innovate and compete on a *fair and level* playing field.
Let's be clear. Currently, no such provisions exist that apply to the Internet. The telcos/etc. are trying to block them from being imposed in the first place.
I checked out http://www.fone-me.com/ and it did redirect to https://www.fone-me.com/, but that doesn't really prove anything. What's another SSL-enabled virtual host on the same IP? That will be the real test.
As I understand it, SSL certificates are tied to the name and IP of a secure server (this is to prevent man-in-the-middle attacks). So if you give every one of your secure virtual hosts its own routable IP, yes, you can virtual-host over SSL -- but you're not name-based-virtual-hosting any more. Otherwise your users are going to get warnings about the certificate not matching the server.
I don't know if it's possible to get umpteen certificates for servers with different names but the same IP. Does SSL certificate verification involve any kind of checks on reverse-resolved DNS data?
The alternative is to default to having acknowledgement on delivery, and assuming a lack of acknowledgement is affirmative evidence that the message was not delivered, but then you a) increase the traffic without providing a real benefit in most cases and b) still have false negatives where you get no acknowledgement (because of an act-of-God issue that prevents you from getting it) even though the message itself actually was delivered. I don't see how Thunderbird (or any other mail client or any mail server or protocol) is supposed to deal with issues like those that exist under its OSI communications layer.
SMTP has mechanisms to inform the sender about message rejection or failed delivery. They are pretty robust and I can't remember the last time I genuinely failed to receive a message that the sender just didn't get a bounce notice for. It's always been either I got it but overlooked it, they got a bounce but overlooked it, the sender didn't get the bounce because they misconfigured their e-mail client with an incorrect sender address, or I got it and fibbed to the sender.
You're trying to make a store-and-forward protocol do things a store-and-forward protocol just can't do. You'd have to make a point-to-point connection to every single recipient for every e-mail session to do what you want to do. (We have that, actually -- it's called VOIP, or any number of other client-to-client chat/messaging protocols.)
In the article it is clearly stated, that you may encrypt the traffic between the client machine and the server, but once there, the traffic between SMTP hosts is not encrypted.
Unless you use SMTP hosts that support encryption. But really, the idea that SMTP hosts need to do that is a non-starter. If people need to send each other encrypted e-mail, they can do it themselves using GPG or whatever public-key method they choose. SMTP is and only ever should be about flinging raw bits around in something like a reliable fashion.
Besides that, he makes a flat statement as his summary that is just wrong and only half-heartedly retracts it at the end. If he'd said "Most" or some similar qualifier up front, I wouldn't have an issue with it.
2. Considering that this guy is, judging from the content of his post, very Microsoft-centered, for him to not know what Kerberos is suggests he is not even close to any kind of expertise in the field.
Kerberos is not M$ invention. Actually they put a lot of efforts to modify it, so it can not easily interop with the other implementations.
I'm well aware of that, having been around when the original kerfuffle about MS' broken implementatiuon of kerberos for Active Directory was going on. However, even though I knew absolutely nothing about AD then, I still knew that Kerberos was something to do with authentication. The author may be attempting to troll or be funny, but what he's accomplishing is to make himself look like a dilettante to a lot of people who know a lot about his subject.
3. Such as? How could IMAP be better?...
He says that IMAP has limitations. The whole article is about the limitations in the e-mail system, and the result should be a better collaboration system, without these limitations. It was never meant to suggest improvement in IMAP, etc.
If he's going to write an article about the limitations of e-mail, he needs to do better than handwave the specifics. What he perceives as "limitations in IMAP" might be no more than limitations in how it is implemented in his mail client of choice. For example, many people here where I work use Outlook for IMAP. Unfortunately Outlook is a horrible, horrible IMAP client and consequently those users get the idea that IMAP is a non-user-friendly way to access your e-mail. The few I've managed to set up with Thunderbird from time to time, on the other hand, actively resist moving to Outlook because everything runs smoothly for them.
4. Yes there is, because (say it with me!) E-MAIL IS NOT PRONE TO VIRUSES. E-MAIL CLIENTS ARE.
This is only part of the problem. With the limited (if any widely used) ability to really authenticate the sender (say with me: EMAIL SPOOF), you can easily mislead the recipient to open a malicious file.
E-mail sender authentication is not an issue. No, it's not. I promise. The issue is that people have this deep-seated tendency to trust whatever they're told. A guy calls me on the phone and says he's from my bank and he needs my social security number to verify my account: I don't care who he says he is, I hang up. People need to get used to the idea that just because it's on the screen doesn't mean it's real.
Besides that, strong mechanisms exist to verify the sender's identity. People could use them right now, but they don't, because they're too cumbersome -- and they're not even really that cumbersome if you look at how they work. Public-key cryptography is pretty slick when it's done right.
Thunderbird would spread like wildfire if it could do secure, guaranteed (to arrive, or notification if not) email.
It can. For many people, it does. Also, you're confusing a client issue (secure content) and an only partially client issue (secure delivery) with pure server issues (guaranteed delivery) which the client should not and in fact cannot address. And that issue is solved anyway, in SMTP, for what, 30-some years now?
1. "If you are using SMTP (the universal pipe, remember?), you need to know that it doesn't encrypt data/messages. If you are using POP or IMAP, you need to know that they both require you to send unencrypted authentication (username/password)."
None of these is true. Encrypted SMTP, POP and IMAP all exist and we've been using encrypted POP/IMAP where I work for over two years now.
2. In the discussion of encrypted e-mail, he jumps straight into certificates with no acknowledgement or apparently even clue that PGP/etc. exist and are a lot simpler to set up and use (even in Outlook, or even manually if you have to).
3. "Eudora Security Flashback: I still don't know what the hell Kerberos is and what it has to do with a dog much less my email?"
Considering that this guy is, judging from the content of his post, very Microsoft-centered, for him to not know what Kerberos is suggests he is not even close to any kind of expertise in the field.
4. "Most companies spend a fortune locking down their IT infrastructure. This results in either Total Lockdown, also known as Paralysis whereby no one can do anything without a password, passkey, keycard, signature and sign-in sheet; or in No Lockdown, also known as Free-Love-Utopia whereby everyone is equal because everyone is an Administrator."
Um... no? He says "This results" as though these alternatives are the only two possible. This is probably just sloppy writing, but it still sticks out at me.
5. "If everyone used Outlook (70% of Central Desktop users use Outlook), then the ability to assign priority to each message would actually work. But we don't live in a Microsoft world (in spite of what many of you might think) and instead, we usually measure and weigh the importance of an email message by the number of people included in the carbon copy. This is highly subjective and fails to address the need to order and sort messages and task by importance."
I know from personal experience that Eudora among others had the capability to set and recognize a Priority or read-receipt header as long as 10 years ago. Priority fell out of favor because of abuse by spammers, but it does exist. And that was valid for any message sent to or from anyone on the Internet. Can we trust Outlook's read-receipt and priority flags to be as portable?
6. "Its still challenging for multiple people to share business email accounts (i.e. support, bugs and sales messages). IMAP sort of works, but presents its fair-share of limitations."
Such as? How could IMAP be better? Given the inherent needs and limits of sharing what is essentially a file folder, I think IMAP is designed about as well as it can be. There could be improvements, but nothing I can think of that would make me go "wow! It's a whole different IMAP!"
7. "Email is Prone to Viruses - There is no need to elaborate here."
Yes there is, because (say it with me!) E-MAIL IS NOT PRONE TO VIRUSES. E-MAIL CLIENTS ARE.
There are some good points in this article, but you have to filter them out from the sophistry.
When those leftist leaders give the finger to the "capitalist exploiters" and the money that used to come into their countries dries up, where will that leave their people?
I'm just pointing out that any scheme that depends on items not getting sold because of special colors or markings is doomed to have a hard impact with reality. It would be better to assume they will get sold in the black market and try to make that infeasible for some reason other than "the color tells me not to."