I wish there were more things that couldn't be in any contract.
Have you seen some of the things in a credit card contract.
-Changing the terms of the agreement as long as they notify you. You're only choice is to cancel the card and pay the balance in full. Instead of okay pay us back (on the original terms) but don't make new purchases. (Otherwise the new terms apply to those new purchases)
-Changing the cost of the agreed upon APR if you make a simple human mistake. Instead of just charging you more for new purchases it applies to your old purchases too.
-Putting things in such a legaleze language that it takes being a lawyer to really understand.
These things and more just shouldn't be done but they are, and with alot more then just credit card agreements. Things no sane person would really agree too. But really how enforceable is that crap if we banded together and fought back?
I know many will say that it's not your money. Which is why I put in the provision "any new purchases".
You're not getting it. If ALL the traffic is going through the middle man the middle man can fake everything! Including the cert.
The only way is to get something around the middle man; this may mean giving your public key in person to the other person you want to talk to. Only than can you know that the middle man is there. Since your keys wouldn't match at that point.
The cert is there to make it unreasonably hard to do a man in the middle attack with ssl. It won't do anything with a perfectly executed attack.
Everything I have talked about is possible but extremely unlikely. With the resources used to do such an attack it may be easier to just break down the users door who is using the encryption and torture them for the password.
Don't be fooled into thinking the system is perfect it isn't.
Don't really need a fake tracker. Just a way of intercepting the traffic.
If I can get the trackers traffic and clients traffic to be redirected to me first then any traffic after that can be altered and appear to be from the two hosts. If I replace the keys with my own then my host will look like the host the two hosts are expecting but using my public key instead.
What you're assuming is the secure connection was brought up in a secure way. If it isn't then you can't really be sure the connection is secure.
The internet is in an insecure network. How does anyone know if they have a secure connection? Sure they can know this once a private/public key pair has been exchanged. But how do we know that the public key given to us is good if there is man in the middle to intercept the keys between the "trusted groups"
I should have been more descriptive. Without physically exchanging the keys with the other parties there isn't a way for an automated system to know; Without testing, but then the middle man can make it so those tests pass. (A smart human could check)
You're assumption of there being a secure path over an unsecure network is what's wrong. If the keys/certificates can be exchanged in a way of knowing that they havn't been (all) intercepted and then altered Then the encryption would work.
But since there is so much information traversing the network all that I just talked about is theoretical and isn't very probable. Encryption is hairy stuff, since you have to cover all points of possible exploitation.
Do you see what I see? Back to my original point we need our isp's to take on true common carrier status.
He was talking about using a man in the middle attack. Both parties think they are talking to eachother.
It doesn't matter if the tracker sends us a SSL key for us if a man in the middle attack can be used. The only way to be sure the key isn't altered is to get that key directly from the source. How you do that is up to you.
There isn't much that is open about "OpenDNS". OpenDNS is a bad solution for a non-issue problem. Please stop advertising for them.
What we should be fighting for is for isp's to be common carriers. Then there really isn't a market for this type of monitoring hardware. Other then for some company firewall.
HFCS is only less expensive because of the sugar tariffs place on the importing of sugar.
The problem is political.
Corn farmers are getting tax incentives to grow corn.
Then creative people need to figure ways to use all this corn.
It's hard to find something in the usa that isn't made with corn. It's not the healthiest thing. Farmers could be growing crops that are much healthier.
It's not C&H's fault that there is a sugar tariff.
VirtualPC was bought way before apple started to use x86.
VirtualPC was more likely bought to port to the xbox360 (at least parts of it) to emulate the old xbox so that the xbox 360 could claim being backword compatible. Which the xbox360 uses PowerPC, the same ISA that VirtualPC was originally coded for. Now how much code they used is another question.
They also bought it since it was ported to windows. Which just so happens to be on x86. While I am sure they could use this code on the x86 version of osx it wasn't really planned since apple didn't announce that yet.
It wasn't really a direct attack on apple. Microsoft still released it for the mac. It just became part of the office suite.
Now when apple went with x86, other developers found they would use visualization instead of emulation which is what virtualpc does
Note that jkdefrag will try to optimize the placement of files. Which is fine for the first few defrags. It places the largest files (disk hogs) at the end of the disk.
I recommend moving the biggest files off your disk before any defraging then moving them back and defraging regularly. Then moving the few files that the defrag won't seem to defrag off and then back on. (This may harm the acl's/permissions on those files)
Then there is a utility from Microsoft to defrag the windows swap file on boot. (a single reboot)
Jkdefrag has alot of nice features. Such as optimizing the disk and using the windows api. I run mine as a screen saver using optimization 2 which will just defrag the disk without doing any file optimization.
Read up on it, it's good stuff. But with whatever defrag I have used, it's always a multistep process to get full defragmented.
I would suggest to the original poster to use chromium instead of chrome. Chromium doesn't send what's typed in the address bar till enter is hit.
I would suggest that anyone that's wanting to protect things being sent to Google should totally disable any search from the search bar. In any browser.
OK explain how you are going to make a batch file work to open a port on their NAT router? Unless the router has upnp you're out of luck.
But VNC does have a reverse connection. Thing going for it. But that still requires him to open ports on his side if the supporter has nat going on as well.
The parent may find that useful.
The internet is supposed to be peer to peer. Peer to peer has it's advantages. Better pings in games, less bandwidth used up since triangle routing does not have to be used. There is plenty of advantages.
But not in the traditional sense. Clients benefit a lot from having a publicly routable ipv6 address.
Many applications are peer to peer. Bittorrent, the xbox, msn for file transfer/webcam, skype. But instead they have to use a host that isn't behind a nat box. Or even do nat punching.
This is called triangle routing, it uses up bandwidth and takes a lot more time to do. Nat punching isn't much better either.
Imagine how much faster I could be matched up with other players if I could be directly routed to their console. Instead of trying a few tricks then failing.
The hosts will make their own address's based on what the router is advertising. But really with zeroconf all you need to know is the hosts name then use hostname.local that's easier then numbers. If your needs are to access that machine remotely then assign it a domain name. Most users won't need that.
ipv6 isn't really that complicated, in a lot of places it's simpler then ipv4 just seems complicated because it's different something people aren't used to.
The dns trick you show is interesting, but really apache solved that problem with virtual hosts. I like the port numbers being standard, instead of spread all over.
I have read over your posts most of your complaints are about "I don't like how big it is." or "I like my nat firewall" Then keep running a statefull firewall and the long ipv6 address is really not that big of an issue.
ipv6 is so large that scanning the net for computers is extremely impractical. I know security through obscurity.
There is also the consideration that most routers will still be setup to only connections to be initiated from the inside.
NAT is a horrible way of getting computers on the internet. It breaks more things then it fixes.
If you live in the usa. Try to find something without corn in it. It's almost impossible.
The Corn industry is subsidized by the government. Then there are tariff's on sugar imported into the usa.
So really how are we supposed to eat healthy when that's not really the focus?
A car is still drivable if the power steering pump breaks. It's harder but not impossible. It's there to make it easier for the driver to turn the wheel. I have been on the freeway when my power steer pump broke.
Rack and pinion is a tried and true technology. Not much has gone wrong with it. The very basics of it aren't going to exploding or have a dramatic failure at 80mph. Rack and pinion is very simple, not complex.
People have the generalization that mechanical things don't break (unexpectedly) because they can see the parts work. If there is something wrong they can see/hear it and get it fixed. While with a chip you can't see the electrons moving about. (I know most people don't look at more then just the belts or what they can see move)
Mesh networks are interesting, but a wireless one that would be required would have way too many hops. Then the congestion on each hop would be high too.
The reason that Microsoft has such a stronghold in certain markets is they have vendor lock in.
Office formats in the past weren't easily usable with other office suites. Exchange server doesn't work with other email clients without a plug in. (this is for the extra stuff such as calender in outlook) MSN messenger would not be easy to bring over to the jabber platform for the simple reason that Microsoft decided it would be a good idea to use users email addresses as users login names. Try explaining to a user why they need another @example ontop of their login. End user confusing yes.
The live services. Is one of the most confusing branding methods. Is it for the xbox is it a messaging platform? It's more of a umbrella brand that includes everything.
Windows mobile, I don't know how they got that on so many mobiles other then at the time people wanted features that other operating systems didn't offer (Palm, Symbian.) Hopefully there will be more choice once Android hits (which I really like, it does things right for a mobile platform)
So will Microsoft go away as soon as we would like. Well no unfortunately but the options of replacement have been good and are eating away at Microsoft's once empire. This discussion could go on for a long time as to what is vendor locked in or why people keep going with a broken methodology.
They (the people) don't know better, and Microsoft takes advantage of that. That's what I attribute most of it too.
You are always moving. Most likely the phone is in your pocket moving with you.
Have you seen those ever lasting flashlights. Which use a magnet, a coil and a capacitor. The same concept could be used here. It might not keep the phone charged for heavy users but it could be a nice supplement to the charger.
Maybe if they really got creative they could reuse the coil and magnet as the vibrator. OH and I didn't read the article. These are both interesting idea's but how much power can we really extract.
Slashdot Mirror
What does iron do that the chromium builds don't?
I wish there were more things that couldn't be in any contract.
Have you seen some of the things in a credit card contract.
-Changing the terms of the agreement as long as they notify you. You're only choice is to cancel the card and pay the balance in full. Instead of okay pay us back (on the original terms) but don't make new purchases. (Otherwise the new terms apply to those new purchases)
-Changing the cost of the agreed upon APR if you make a simple human mistake. Instead of just charging you more for new purchases it applies to your old purchases too.
-Putting things in such a legaleze language that it takes being a lawyer to really understand.
These things and more just shouldn't be done but they are, and with alot more then just credit card agreements. Things no sane person would really agree too. But really how enforceable is that crap if we banded together and fought back?
I know many will say that it's not your money. Which is why I put in the provision "any new purchases".
You're not getting it. If ALL the traffic is going through the middle man the middle man can fake everything! Including the cert.
The only way is to get something around the middle man; this may mean giving your public key in person to the other person you want to talk to. Only than can you know that the middle man is there. Since your keys wouldn't match at that point.
The cert is there to make it unreasonably hard to do a man in the middle attack with ssl. It won't do anything with a perfectly executed attack.
Everything I have talked about is possible but extremely unlikely. With the resources used to do such an attack it may be easier to just break down the users door who is using the encryption and torture them for the password.
Don't be fooled into thinking the system is perfect it isn't.
If all the traffic is going through the man in the middle then another cert can be inserted.
It's possible but not probable. The reason being that since packets will go to their destinations taking different paths.
So yes if the client already has the cert. But if it has to traverse a compromised network then the cert can be man in the middled too.
This is assuming a perfect setup for doing this man in the middle.
Don't really need a fake tracker. Just a way of intercepting the traffic.
If I can get the trackers traffic and clients traffic to be redirected to me first then any traffic after that can be altered and appear to be from the two hosts. If I replace the keys with my own then my host will look like the host the two hosts are expecting but using my public key instead.
What you're assuming is the secure connection was brought up in a secure way. If it isn't then you can't really be sure the connection is secure.
It's funny you just proved my point.
The internet is in an insecure network. How does anyone know if they have a secure connection? Sure they can know this once a private/public key pair has been exchanged. But how do we know that the public key given to us is good if there is man in the middle to intercept the keys between the "trusted groups"
I should have been more descriptive. Without physically exchanging the keys with the other parties there isn't a way for an automated system to know; Without testing, but then the middle man can make it so those tests pass. (A smart human could check)
You're assumption of there being a secure path over an unsecure network is what's wrong. If the keys/certificates can be exchanged in a way of knowing that they havn't been (all) intercepted and then altered Then the encryption would work.
But since there is so much information traversing the network all that I just talked about is theoretical and isn't very probable. Encryption is hairy stuff, since you have to cover all points of possible exploitation.
Do you see what I see? Back to my original point we need our isp's to take on true common carrier status.
He was talking about using a man in the middle attack. Both parties think they are talking to eachother.
It doesn't matter if the tracker sends us a SSL key for us if a man in the middle attack can be used. The only way to be sure the key isn't altered is to get that key directly from the source. How you do that is up to you.
There isn't much that is open about "OpenDNS". OpenDNS is a bad solution for a non-issue problem. Please stop advertising for them.
What we should be fighting for is for isp's to be common carriers. Then there really isn't a market for this type of monitoring hardware. Other then for some company firewall.
The game consoles are all doing PPC in some form. The xbox360 ps3 and wii.
Then there is all the network gear that uses arm and ppc
ppc is far from dead.
HFCS is only less expensive because of the sugar tariffs place on the importing of sugar.
The problem is political.
Corn farmers are getting tax incentives to grow corn.
Then creative people need to figure ways to use all this corn.
It's hard to find something in the usa that isn't made with corn. It's not the healthiest thing. Farmers could be growing crops that are much healthier.
It's not C&H's fault that there is a sugar tariff.
where would one buy a openvpn vpn. I have just setup my own using User Mode Linux. Or now I would do a xen setup.
I know solutions to do that. I would just have to find a host in the country I want an ip from.
VirtualPC was bought way before apple started to use x86.
VirtualPC was more likely bought to port to the xbox360 (at least parts of it) to emulate the old xbox so that the xbox 360 could claim being backword compatible. Which the xbox360 uses PowerPC, the same ISA that VirtualPC was originally coded for. Now how much code they used is another question.
They also bought it since it was ported to windows. Which just so happens to be on x86. While I am sure they could use this code on the x86 version of osx it wasn't really planned since apple didn't announce that yet.
It wasn't really a direct attack on apple. Microsoft still released it for the mac. It just became part of the office suite.
Now when apple went with x86, other developers found they would use visualization instead of emulation which is what virtualpc does
Note that jkdefrag will try to optimize the placement of files. Which is fine for the first few defrags. It places the largest files (disk hogs) at the end of the disk.
I recommend moving the biggest files off your disk before any defraging then moving them back and defraging regularly. Then moving the few files that the defrag won't seem to defrag off and then back on. (This may harm the acl's/permissions on those files)
Then there is a utility from Microsoft to defrag the windows swap file on boot. (a single reboot)
Jkdefrag has alot of nice features. Such as optimizing the disk and using the windows api. I run mine as a screen saver using optimization 2 which will just defrag the disk without doing any file optimization.
Read up on it, it's good stuff. But with whatever defrag I have used, it's always a multistep process to get full defragmented.
I would suggest to the original poster to use chromium instead of chrome. Chromium doesn't send what's typed in the address bar till enter is hit.
I would suggest that anyone that's wanting to protect things being sent to Google should totally disable any search from the search bar. In any browser.
OK explain how you are going to make a batch file work to open a port on their NAT router? Unless the router has upnp you're out of luck.
But VNC does have a reverse connection. Thing going for it. But that still requires him to open ports on his side if the supporter has nat going on as well.
The parent may find that useful.
The internet is supposed to be peer to peer. Peer to peer has it's advantages. Better pings in games, less bandwidth used up since triangle routing does not have to be used. There is plenty of advantages.
Could always block the persons 64bit prefix. Or whatever will happen to get allocated.
Bans shouldn't be for too long. kiddies get bored and will leave
Clients end up being servers all the time.
But not in the traditional sense. Clients benefit a lot from having a publicly routable ipv6 address.
Many applications are peer to peer. Bittorrent, the xbox, msn for file transfer/webcam, skype. But instead they have to use a host that isn't behind a nat box. Or even do nat punching.
This is called triangle routing, it uses up bandwidth and takes a lot more time to do. Nat punching isn't much better either.
Imagine how much faster I could be matched up with other players if I could be directly routed to their console. Instead of trying a few tricks then failing.
The hosts will make their own address's based on what the router is advertising. But really with zeroconf all you need to know is the hosts name then use hostname.local that's easier then numbers. If your needs are to access that machine remotely then assign it a domain name. Most users won't need that.
ipv6 isn't really that complicated, in a lot of places it's simpler then ipv4 just seems complicated because it's different something people aren't used to.
The dns trick you show is interesting, but really apache solved that problem with virtual hosts. I like the port numbers being standard, instead of spread all over.
I have read over your posts most of your complaints are about "I don't like how big it is." or "I like my nat firewall" Then keep running a statefull firewall and the long ipv6 address is really not that big of an issue.
ipv6 is so large that scanning the net for computers is extremely impractical. I know security through obscurity. There is also the consideration that most routers will still be setup to only connections to be initiated from the inside. NAT is a horrible way of getting computers on the internet. It breaks more things then it fixes.
If you live in the usa. Try to find something without corn in it. It's almost impossible. The Corn industry is subsidized by the government. Then there are tariff's on sugar imported into the usa. So really how are we supposed to eat healthy when that's not really the focus?
A car is still drivable if the power steering pump breaks. It's harder but not impossible. It's there to make it easier for the driver to turn the wheel. I have been on the freeway when my power steer pump broke.
Rack and pinion is a tried and true technology. Not much has gone wrong with it. The very basics of it aren't going to exploding or have a dramatic failure at 80mph. Rack and pinion is very simple, not complex.
People have the generalization that mechanical things don't break (unexpectedly) because they can see the parts work. If there is something wrong they can see/hear it and get it fixed. While with a chip you can't see the electrons moving about. (I know most people don't look at more then just the belts or what they can see move)
Looking at your nickname.
I imagine Devils would do just as well.
Mesh networks are interesting, but a wireless one that would be required would have way too many hops. Then the congestion on each hop would be high too.
Ping rates would go down the tubes.
The reason that Microsoft has such a stronghold in certain markets is they have vendor lock in.
Office formats in the past weren't easily usable with other office suites.
Exchange server doesn't work with other email clients without a plug in. (this is for the extra stuff such as calender in outlook)
MSN messenger would not be easy to bring over to the jabber platform for the simple reason that Microsoft decided it would be a good idea to use users email addresses as users login names. Try explaining to a user why they need another @example ontop of their login. End user confusing yes.
The live services. Is one of the most confusing branding methods. Is it for the xbox is it a messaging platform? It's more of a umbrella brand that includes everything.
Windows mobile, I don't know how they got that on so many mobiles other then at the time people wanted features that other operating systems didn't offer (Palm, Symbian.) Hopefully there will be more choice once Android hits (which I really like, it does things right for a mobile platform)
So will Microsoft go away as soon as we would like. Well no unfortunately but the options of replacement have been good and are eating away at Microsoft's once empire. This discussion could go on for a long time as to what is vendor locked in or why people keep going with a broken methodology.
They (the people) don't know better, and Microsoft takes advantage of that. That's what I attribute most of it too.
There are not many aol users anymore.(dialup)
But that does not mean aol went away. They do own this http://www.atdn.net/
3. Upgrade the network to support the new uses, and get out of the business of spying on people.
Maybe that option is too realistic or perhaps creating proxy servers that avoid att's network.
You are always moving. Most likely the phone is in your pocket moving with you.
Have you seen those ever lasting flashlights. Which use a magnet, a coil and a capacitor. The same concept could be used here. It might not keep the phone charged for heavy users but it could be a nice supplement to the charger.
Maybe if they really got creative they could reuse the coil and magnet as the vibrator.
OH and I didn't read the article. These are both interesting idea's but how much power can we really extract.