I use an old 3640 trunked to a Cat 2924 at home. It's so stable and worth it that I've never even considered using some $39 "router" in place of real gear.
Lol...I used to have that setup too. I was slimming down on fan noise and power consumption by going with the 1721. Now the 3640 is in my office on a backup T1, still chugging along without a problem.
Have you ever been forced to program one of their routers? Gack. They must make all their money selling the courses.
As a WAN engineer who almost exclusively supports Cisco gear, 1.) I've never had to "program" one. I've only configured them. 2.) Never taken a Cisco course in my life, but I've managed to build several 50+ site partially meshed VPN networks with fully functional monitoring and security reporting, the largest of which is multinational and has been in production for over 4 years with minimal maintenance.
I have Linksys and Netgear wireless links - Netgear wins. Less trouble to set up securely, and doesn't randomly forget what it was doing.
Linksys and Netgear equipment is to a Cisco router what a beer guzzling slob cooking a greasy hamburger made out of grade C "but edible" ground beef on his gas grill is to a fully staffed commercial kitchen in a 5-start restaurant. People in my position just don't care. My "home edge network" is a Cisco 1721 with an ethernet WIC attached to whatever piece of crap cable modem Comcast gave me when I signed up. It sits in my attic next to the Cisco Aironet 350 in the 100+ degree heat of the summer and never gives me a problem.
Sounds good for offline, but you will get dumbass programmers storing your PIN in their database when you purchase online, just like they do now for the CVV codes.
Not necessarily. When properly implemented, the merchant never receives the PIN number. If you've every use Verified by Visa or MasterCard SecurePay, you'll notice that the PIN is entered in a pop-up box. That pop-up box is from the processor, not the merchant. The merchant only receives an ack/nack back.
The biggest problem with those two services is that, right now, not only does the card issue have to support them, but so does the MERCHANT. So if you have your card stolen, that extra protection only applies if someone tries to use it as a participating merchant. Pretty lame....but it's a critical mass/adoption problem right now.
The one thing about digital cameras that ensures that eventually none of them will work is the batteries.
I use a cable and beltpack for my digital bodies. Unless they stop making 6 volts, mine will work until the electronics give out, or I drop it in water, whichever comes first (the latter being quickly followed by the former, if it goes that way).
Always got to love/. and car stories. At least you have a clue. We may be the only two on here that do.
One of my favorites was my old piece of crap 1974 F-250 4x4 pickup. 300+ HP 360 V-8 with very, very low gearing. I could take just about anyting on the road from the line up to about 40 MPH. Really pissed off guys driving Corvettes and the like.
Too bad it ran out of gears at like 60 MPH and got about 4 MPG.
(or track down a wounded animal whatever it takes) makes me sick.
Kudos. There is my #1 problem with Internet hunting. It's irresponsible to be in a position where you can't track a wounded animal. Even the best shooters don't always get a takedown shot on the first try.
And my point is that, regardless of computer controls or not, the majority of accidents will still be during takeoff anf landing. Both "preventable" and "non preventable", as well as those attributed to "human error".
Your original post has a connotation that computer takeoff/landing controls will eliminate your statistical claim: that most accidents due to human error will STILL be during takeoff and landing, computer controls or not. I mean...you do realize that when the computer controls are engaged, it doesn't apply a straight jacket to the pilots. It also doesn't fix inattentive/sloppy ground crews, or manufacturing/maintenance errors and omissions. All of those are most definitely "human error".
Again...lies, damn lies, and statistics. It sounds like you got the Airbus/flight control manufacturer's association of America/Boeing sales pitch about how you HAVE TO HAVE THIS STUFF and were pretty convinced. Or maybe that was your friend (who worked at the DOT _AND_ the FAA at the same time?).
the majority of airline crashes were caused by human error during takeoff and landing
I believe that saying goes: there are lies, damn lies, and statistics.
That being said, did you ever stop to think that the majority of airline crashes, whether computerized or not, are duing takeoff and landing because TAKEOFF AND LANDING ARE THE HIGHEST RISK OPERATIONS?
No doubt. That's one of the misconceptions....biometrics aren't good enough for a large sample-base (yet). I'm sure the scanners and processing routines will get better, but they just aren't good enough now.
Man-in-the-middle is (obviously) not a biometrics problem...it's an "everything" problem that biometrics are no more succeptible to that basically any other authentication scheme.
Bottom line: No matter what you do, a determined attacker can get in. But biometics seem to be a reasonably cost effective way to raise the bar and make it more difficult. They really aren't popular enough for enough people to be trying to exploit them at this point. Once that happen, we'll see their real security.
Seriously, just true curiosity, but what would you say the 3rd thing is? I assume (perhaps improperly, and in no certain order): 1) Price 2) Misinformation 3) Development?
Most biometrics have a very low user acceptance rate. People don't like retinal scans. People don't like touching things (finger/hand vein scanning and/or fingerprint). Voice is about the best accepted. It's also been the most poorly implented it seems.
Another is that everything other than voice has a significant hardware and/or deployment cost associated with it. The only biometrics to use commonly available hardware are voice and facial rec. Voice, if done properly, can have a 2% EER or lower. Facial is right around 18-20%. Which basically makes it useless for access security (although it does have several other very valid applications...just not front-line authentication).
And, as you said, Minsinformation. Misinformation on how to properly deploy systems (down to the developers of said systems, who usually don't even understand it and have such tunnel vision that they think/try to build their [insert a biometric technology] to work for every situation all the time without ever even considering that it needs a backup biometric or other type of access method. Misinformation because people think that biometrics are "easy" to use. They are, but they still do require training. You can't speak however you want for voice (no shouting, no whispering, not wierd inflections...which most people tend to do when attempting to voice verify). You can't just slap your finger on a scanner for fingerprint or vein rec (if it's tuned for optimal FAR). Misinformation because people think it works like in the movies (read ealier "Sneakers" comment).
And then, not on the top 3 list, there's development. Development is hard. Especially when combining biometrics. Voice and face would seem to be a good match. But with a 10-fold variance in their EER's, it actually makes the net result LESS secure than voice alone. Scratch that idea. Other combinations have similar issues.
I'm not saying any of this can't be overcome. I'm pretty sure it will be. But that might take some time.
Proper biometric implementation have backup means of authenticating because of just this reason. Picking one biometric and requiring it to authenticate without other options is doomed to failure.
The lack of understanding of this simple fact is one of the top 3 things that has hampered widespread adoption of biometrics.
For voice, someone can tape record you and then play that back.
In 1992, yes, you could do that. In 2005, no. Any voice biometric engine worth considering includes sophisticated "liveness detection." And, yes, I'm biased because my company owns 2 of the only vioce biometric engines left on the market (read: that actually work and can't be fooled by tape recorders)
The whole paper is $1. Ask her to pay for each article and look for the one she wants and then decide to pay.05 or.25 or... she's already moved on folks.
You entire argument about micropayment not working is based on your own idea of the pricing model. What's to stop publishers from charing a $0.50 micropayment for access to not only one article, but the entire day's content. Or that article plus the current day's content.
You raise some valid points, but they are not really related to what I'm talking about...they are more related to poorly implemented micropayment pricing models.
Actually..I just didn't explain fully. I don't have anything against subscriptions. I waste time on/. daily, so of course I'd subscribe. But I read an NYT article about once a month if that....I don't want a subscription in that case, so I'd like the option for a micropayment (if I were forced to pay in some form for the content).
Name any other content provider that might be linked to in a forum post or mailing list....one that the bulk of the users may not necessarily use on a regular basis, but want to read this particular article/content. That's where a (near) universally accepted micropayment system really starts to make sense.
For something like a newspaper, you'd probably want a content aggregator
For nothing more than reading when you go to the site...sure. How about linked content in public/semipublic forums, etc? Which aggregator do you link to?
But when it comes to online news, they are happy to read it but loath to pay for it.
1). We're already used to it being free
2.) The payment barrier still sucks, i.e.: No valid micropayment system exists (STILL) and people who read their news ont he web generally don't want a subscription to every resource they use.
If there were a reasonable micropayment system in place, where content poroviders could charge you a few cents to read an article or access certian content, without hassle to the end-user, this type of thing could work.
How do you get a critical mass using a micropayment system? I'm not touching that one. If I had an answer, I'd already be at 5.) Profit!
I carry my iPod all over....but I rarely carry around a (proprietary) firewire and/or USB cable, so exactly how does this help me? I find it less of a pita to carry a bootable USB drive on my keychain.
Again, spoken like someone who's not been in the industry. Corporation after corporation has gone through this whitebox vs production machine, and very very few have found that whitboxes are valid way to go.
I don't really want to get into details of your post, as little of it merits response. But the most glaring error is stocking parth with your 30% initial purchase proce savings. #1, which parts do you stock? #2, what do you do when those parts are consumed and you can't get the same ones again, #3 Who services the machines...oh..that's right, internal staff or a paid repair firm. Either way, you're paying.
Corps don't like variable budget items. If you buy PCs for a 3-year lifecycle, and they are under warranty for that time, it's all pretty simple. Also, try to get a reliable leasing company to give you good terms on whiteboxes....it's just not going ot happen. And it's often necessary to lease machines with a $1 buyout at the end of the term for various financial reasons, most of which would be lost on the/. crowd.
Spoken like someone who's never worked in the repair industry (and serviced large corporate clients). You can't guarantee availability of the same parts form day to day for the build-your-own-whitebox game. Which makes for a bunch of one-offs. With possibly different driver, and possibly different management instrumentation (if any at all). It also makes for an RMA nightmare when you're sending warranty parts back to who? Oh..less then 6 months, the vendor...of more than 6 on this, more than 30 on that, back to the manufacturer, etc. etc. etc.
Let's not even get into compatibility testing on workstation class machines.
Sane corporations aren't trying to save %30 on initial purchase cost, just to pay it back again in spades in maintenance overhead.
And, guess what....I don't care if the chipset in the P4 2.0 gHz the secretary is using Word on really does justice to the processor, or just makes it run like a P4 1.6. It just doesn't matter for 90% of the machines out there.
Add printers and other preipherals and their maintenence/warranty fulfillment to the picture, and all of a sudden, dealing with one vendor really starts saving money, even if someone as clever as you can pick out where in an individual transaction you lose.
Slashdot Mirror
I use an old 3640 trunked to a Cat 2924 at home. It's so stable and worth it that I've never even considered using some $39 "router" in place of real gear.
Lol...I used to have that setup too. I was slimming down on fan noise and power consumption by going with the 1721. Now the 3640 is in my office on a backup T1, still chugging along without a problem.
Have you ever been forced to program one of their routers? Gack. They must make all their money selling the courses.
As a WAN engineer who almost exclusively supports Cisco gear, 1.) I've never had to "program" one. I've only configured them. 2.) Never taken a Cisco course in my life, but I've managed to build several 50+ site partially meshed VPN networks with fully functional monitoring and security reporting, the largest of which is multinational and has been in production for over 4 years with minimal maintenance.
I have Linksys and Netgear wireless links - Netgear wins. Less trouble to set up securely, and doesn't randomly forget what it was doing.
Linksys and Netgear equipment is to a Cisco router what a beer guzzling slob cooking a greasy hamburger made out of grade C "but edible" ground beef on his gas grill is to a fully staffed commercial kitchen in a 5-start restaurant. People in my position just don't care. My "home edge network" is a Cisco 1721 with an ethernet WIC attached to whatever piece of crap cable modem Comcast gave me when I signed up. It sits in my attic next to the Cisco Aironet 350 in the 100+ degree heat of the summer and never gives me a problem.
Sounds good for offline, but you will get dumbass programmers storing your PIN in their database when you purchase online, just like they do now for the CVV codes.
Not necessarily. When properly implemented, the merchant never receives the PIN number. If you've every use Verified by Visa or MasterCard SecurePay, you'll notice that the PIN is entered in a pop-up box. That pop-up box is from the processor, not the merchant. The merchant only receives an ack/nack back.
The biggest problem with those two services is that, right now, not only does the card issue have to support them, but so does the MERCHANT. So if you have your card stolen, that extra protection only applies if someone tries to use it as a participating merchant. Pretty lame....but it's a critical mass/adoption problem right now.
The one thing about digital cameras that ensures that eventually none of them will work is the batteries.
I use a cable and beltpack for my digital bodies. Unless they stop making 6 volts, mine will work until the electronics give out, or I drop it in water, whichever comes first (the latter being quickly followed by the former, if it goes that way).
[...]it could also be used to distinguish a Mac computer from a model made by Dell or any other Windows vendor.
Groan.
One does not imply the other.
/. and car stories. At least you have a clue. We may be the only two on here that do.
Always got to love
One of my favorites was my old piece of crap 1974 F-250 4x4 pickup. 300+ HP 360 V-8 with very, very low gearing. I could take just about anyting on the road from the line up to about 40 MPH. Really pissed off guys driving Corvettes and the like.
Too bad it ran out of gears at like 60 MPH and got about 4 MPG.
"650 MB ought to be enough for anyone."
- Anonymous source, possibly modified
(or track down a wounded animal whatever it takes) makes me sick.
Kudos. There is my #1 problem with Internet hunting. It's irresponsible to be in a position where you can't track a wounded animal. Even the best shooters don't always get a takedown shot on the first try.
And my point is that, regardless of computer controls or not, the majority of accidents will still be during takeoff anf landing. Both "preventable" and "non preventable", as well as those attributed to "human error".
Your original post has a connotation that computer takeoff/landing controls will eliminate your statistical claim: that most accidents due to human error will STILL be during takeoff and landing, computer controls or not. I mean...you do realize that when the computer controls are engaged, it doesn't apply a straight jacket to the pilots. It also doesn't fix inattentive/sloppy ground crews, or manufacturing/maintenance errors and omissions. All of those are most definitely "human error".
Again...lies, damn lies, and statistics. It sounds like you got the Airbus/flight control manufacturer's association of America/Boeing sales pitch about how you HAVE TO HAVE THIS STUFF and were pretty convinced. Or maybe that was your friend (who worked at the DOT _AND_ the FAA at the same time?).
the majority of airline crashes were caused by human error during takeoff and landing
I believe that saying goes: there are lies, damn lies, and statistics.
That being said, did you ever stop to think that the majority of airline crashes, whether computerized or not, are duing takeoff and landing because TAKEOFF AND LANDING ARE THE HIGHEST RISK OPERATIONS?
That is if you consider "biometric security" to be fingerprint and retinal, which is hardly comprehensive.
No doubt. That's one of the misconceptions....biometrics aren't good enough for a large sample-base (yet). I'm sure the scanners and processing routines will get better, but they just aren't good enough now.
Man-in-the-middle is (obviously) not a biometrics problem...it's an "everything" problem that biometrics are no more succeptible to that basically any other authentication scheme.
Bottom line: No matter what you do, a determined attacker can get in. But biometics seem to be a reasonably cost effective way to raise the bar and make it more difficult. They really aren't popular enough for enough people to be trying to exploit them at this point. Once that happen, we'll see their real security.
Seriously, just true curiosity, but what would you say the 3rd thing is? I assume (perhaps improperly, and in no certain order): 1) Price 2) Misinformation 3) Development?
Most biometrics have a very low user acceptance rate. People don't like retinal scans. People don't like touching things (finger/hand vein scanning and/or fingerprint). Voice is about the best accepted. It's also been the most poorly implented it seems.
Another is that everything other than voice has a significant hardware and/or deployment cost associated with it. The only biometrics to use commonly available hardware are voice and facial rec. Voice, if done properly, can have a 2% EER or lower. Facial is right around 18-20%. Which basically makes it useless for access security (although it does have several other very valid applications...just not front-line authentication).
And, as you said, Minsinformation. Misinformation on how to properly deploy systems (down to the developers of said systems, who usually don't even understand it and have such tunnel vision that they think/try to build their [insert a biometric technology] to work for every situation all the time without ever even considering that it needs a backup biometric or other type of access method. Misinformation because people think that biometrics are "easy" to use. They are, but they still do require training. You can't speak however you want for voice (no shouting, no whispering, not wierd inflections...which most people tend to do when attempting to voice verify). You can't just slap your finger on a scanner for fingerprint or vein rec (if it's tuned for optimal FAR). Misinformation because people think it works like in the movies (read ealier "Sneakers" comment).
And then, not on the top 3 list, there's development. Development is hard. Especially when combining biometrics. Voice and face would seem to be a good match. But with a 10-fold variance in their EER's, it actually makes the net result LESS secure than voice alone. Scratch that idea. Other combinations have similar issues.
I'm not saying any of this can't be overcome. I'm pretty sure it will be. But that might take some time.
Proper biometric implementation have backup means of authenticating because of just this reason. Picking one biometric and requiring it to authenticate without other options is doomed to failure.
The lack of understanding of this simple fact is one of the top 3 things that has hampered widespread adoption of biometrics.
For voice, someone can tape record you and then play that back.
In 1992, yes, you could do that. In 2005, no. Any voice biometric engine worth considering includes sophisticated "liveness detection." And, yes, I'm biased because my company owns 2 of the only vioce biometric engines left on the market (read: that actually work and can't be fooled by tape recorders)
All I need is a Photoshop extension and 2 jog/shuttle wheels and I can turn my Powerbook into an etch-a-sketch. Awesome. BRB..gotta go to the store.
Do you mean "there" was a mistake? I'm pretty sure you do.
We're very sorry for the inconvenience. Those reposnsible for the sacking have also been sacked.
The whole paper is $1. Ask her to pay for each article and look for the one she wants and then decide to pay .05 or .25 or... she's already moved on folks.
You entire argument about micropayment not working is based on your own idea of the pricing model. What's to stop publishers from charing a $0.50 micropayment for access to not only one article, but the entire day's content. Or that article plus the current day's content.
You raise some valid points, but they are not really related to what I'm talking about...they are more related to poorly implemented micropayment pricing models.
Actually..I just didn't explain fully. I don't have anything against subscriptions. I waste time on /. daily, so of course I'd subscribe. But I read an NYT article about once a month if that....I don't want a subscription in that case, so I'd like the option for a micropayment (if I were forced to pay in some form for the content).
Name any other content provider that might be linked to in a forum post or mailing list....one that the bulk of the users may not necessarily use on a regular basis, but want to read this particular article/content. That's where a (near) universally accepted micropayment system really starts to make sense.
For something like a newspaper, you'd probably want a content aggregator
For nothing more than reading when you go to the site...sure. How about linked content in public/semipublic forums, etc? Which aggregator do you link to?
But when it comes to online news, they are happy to read it but loath to pay for it.
1). We're already used to it being free
2.) The payment barrier still sucks, i.e.: No valid micropayment system exists (STILL) and people who read their news ont he web generally don't want a subscription to every resource they use. If there were a reasonable micropayment system in place, where content poroviders could charge you a few cents to read an article or access certian content, without hassle to the end-user, this type of thing could work.
How do you get a critical mass using a micropayment system? I'm not touching that one. If I had an answer, I'd already be at 5.) Profit!
Insightful? Come one, mods.
I carry my iPod all over....but I rarely carry around a (proprietary) firewire and/or USB cable, so exactly how does this help me? I find it less of a pita to carry a bootable USB drive on my keychain.
Again, spoken like someone who's not been in the industry. Corporation after corporation has gone through this whitebox vs production machine, and very very few have found that whitboxes are valid way to go.
/. crowd.
I don't really want to get into details of your post, as little of it merits response. But the most glaring error is stocking parth with your 30% initial purchase proce savings. #1, which parts do you stock? #2, what do you do when those parts are consumed and you can't get the same ones again, #3 Who services the machines...oh..that's right, internal staff or a paid repair firm. Either way, you're paying.
Corps don't like variable budget items. If you buy PCs for a 3-year lifecycle, and they are under warranty for that time, it's all pretty simple. Also, try to get a reliable leasing company to give you good terms on whiteboxes....it's just not going ot happen. And it's often necessary to lease machines with a $1 buyout at the end of the term for various financial reasons, most of which would be lost on the
..but the IDF is worried that the little velvet dice bags hanging off of their belts might get snagged on things and cause problems.
Spoken like someone who's never worked in the repair industry (and serviced large corporate clients). You can't guarantee availability of the same parts form day to day for the build-your-own-whitebox game. Which makes for a bunch of one-offs. With possibly different driver, and possibly different management instrumentation (if any at all). It also makes for an RMA nightmare when you're sending warranty parts back to who? Oh..less then 6 months, the vendor...of more than 6 on this, more than 30 on that, back to the manufacturer, etc. etc. etc.
Let's not even get into compatibility testing on workstation class machines.
Sane corporations aren't trying to save %30 on initial purchase cost, just to pay it back again in spades in maintenance overhead.
And, guess what....I don't care if the chipset in the P4 2.0 gHz the secretary is using Word on really does justice to the processor, or just makes it run like a P4 1.6. It just doesn't matter for 90% of the machines out there.
Add printers and other preipherals and their maintenence/warranty fulfillment to the picture, and all of a sudden, dealing with one vendor really starts saving money, even if someone as clever as you can pick out where in an individual transaction you lose.