The TTL (Time To Live) field of the IP packet header contains the maximum number of routers which the packet may pass before it has to be dropped (to avoid loops). It is required that every router decreases the TTL and that a router which sees a TTL of 1 or less must not pass the packet to another system. A firewall or NAT router is typically acting like a router concerning the TTL field handling. Your provider knows the number of hops to the customer's system. If he sets the TTL of packets originating from the ISP's systems to just that number of hops, packets don't travel past the NAT-device. Circumvention is easy: Either patch/set your NAT-device to not respect the RFCs or install proxies for all protocols which you use to communicate with your provider's systems. If the provider doesn't use this trick all the time, all he has to do is turn it on for DNS every now and then and wait for the service calls complaining about disfunctional DNS (or he could look for the respective ICMP messages).
Bugtraq is also doing the r&d for script kiddies. Same argument. Most of the possible ways of detecting NAT have already been discussed and are well known or very easy to find. This discussion however may wake up people who until now thought they can not be detected. It could also lead to someone developing a stealth-NAT distribution or implementing such an option in a popular firewall/router distribution.
Did a little searching and found another hint: The NATting device acts as a router and as such usually decreases the TTL field of packets passing through it. That creates unusual TTL values on the first hop to the ISP.
NAT leaves some traces in the datastream. Especially the high port numbers of a Linux system doing masquerading with the default settings could ring a bell. Other options are operating system fingerprinting. If you see a Linux system using the ip but other traffic carries Windows characteristics, that may be a hint.
All the advances in chip design and manufacturing make computing hardware a big player game. One thing I'd really like to see is a technology which enables hobbyists to create microchips on a small scale. There are a few open source hardware projects around, but when it comes to manufacturing, only high numbers can be produced at reasonable costs. This advancement, promising no two chips will be the same, sounds a lot like what I want.
You turned a perfectly valid observation into an anti-RIAA rant. I'll ignore the last three paragraphs and comment on the economic promises and reality of the web:
Some expected the web to turn the whole "old" economy upside down. That is and was the BS which has been proclaimed dead now. You can't copy a coke and you can't download it either. Therefore the internet could not change that part of how we live.
The internet is about information, about making it available, storing it, searching through it. What does that mean to our everyday life? We can now learn about products which were not available to us before because the market wasn't big enough to make offering them to us profitable. We can now find people with similar ideas who where to distant and spread out before for us to know about them. We can now learn about different views on the world, from all around the world, which were filtered by a few media executives before. If information is a relevant part of an activity or a product, the internet has either changed that aspect of our lives or it most likely will in the near future. It is only the relevance one assigns to information which makes people think the internet hasn't changed a lot or turned everything upside down.
To cut a story of medium length even shorter: We get born, live and die. We could do that without electricity, sewers, money or the departure from hunting and collecting food. Nobody would claim these things haven't changed a lot though. Sometime the frame of reference is a little too big to notice the relevant changes.
Re:At least he's holding his convictions
on
The End of Cyber BS
·
· Score: 2, Insightful
I think it isn't far-fetched to say that "The Revolution" has met with some resistance because it is changing our lives. The web has failed mostly in the economical sense (and even there is starting to fill some niches: Amazon...). No, we aren't in Utopia yet, but we certainly have left the unconnected times behind.
The last paragraph is true, but you should take into account what the related costs are if you go for that Sony product. Quite often, you pay the difference or more for media, adapters and lost functionality when used in combination with other vendors' products. This is what people mean when they warn others not to buy Sony products. It is a generally applicable concept, though. Think printers and ink-prices.
What's worst is when big business manages to keep the balance, stopping the general public from using their fair rights without causing much of an outcry. It helps if they overshoot, this way people realize what is taken away from them and how they are milked by separating the world into regions for consumers while opening it for the big players.
Especially the second link shows that the Slashdot effect can look very much like a DDoS attack. The severance depends on the story, probably on the time of day and of course on the link and hardware powering the/.ed site.
If you pay by the gigabyte for your webtraffic (who doesn't), the/. effect can be a financial DoS attack much more than a technical DoS.
Everybody who can find the solution to the computer science puzzle by using personal connections or by paying someone else to solve it, will be invited to hold a one-hour Powerpoint presentation about the solution. Scholarships will be awarded based on 80% presentation, 20% cost of finding the solution and 5% correctness of solution.
After the initial install with the SRAM card the access point can be upgraded over the network.
Does that mean the vendors of access points do not write protect the operating system on the hardware level? Or are future modifications only possible when the jumper remains in the upgrade position? If the jumper becomes meaningless after the upgrade, its implementation is a serious design flaw and an undetected rooting waiting to happen.
Even better. The good ones (you know, the ones who could actually make p2p work) will be hired by big business and subsequently forget why they got into the game in the first place.
It's really time to get rid of central authority technically, because it has been proven to be impossible to achieve freedom of expression by economic and political means. He who owns the press has freedom of the press. After September 11th everyone who even thinks about not swimming in the political mainstream is marked as potential terrorist.
Google tries to use what works best. Every website owner already has the option to include keywords in their webpages by utilizing the "meta" tag with name="description" and name="keywords". Since not everyone is using this option and others are trying to cheat with it, the best way seems to use a mix of keywords and page content.
It is the exact opposite of the internet bubble bursting which reduces the value of domain names. With more and more small businesses entering the web, the domain namespace just isn't as identifying as it used to be. The authors example of viatech hints at the problem: The more companies and individuals share similar names, the less likely are you going to find a specific one by guessing the domainname. Since there isn't much room in the domain name system for additional identifying information, a search engine is better suited to aid you in finding. If you know the address, that's a completely different story.
Direct upstream bandwith isn't the problem here, it's the volume. The 622 MBit pipe can carry about 200 TB per month (or 100 TB if you count only the day and not the night), but the price for that connection is paid depending on the volume transmitted. Unlimited use costs twice as much as using it only up to 12.5 TB a month. Giving the rest of the available bandwith to low-priority protocols won't solve the problem, because the connection would still be overused.
To make things more difficult there are of course political problems to watch out for, if you decide to selectively slow down filesharing. Should you succeed, why shouldn't someone from the various Associations ask network administrators to use that power and prevent copyright violations alltogether? Treating network traffic as opaque, either because it is encrypted or because you don't have the necessary hardware to treat it differently, could keep the Universities out of a lot of trouble.
There is some shaping going on here, but it affects all traffic depending on source, not protocols. If you were to implement selective traffic shaping as the only measure against net-hogs, they would probably "hide" their traffic inside other protocols. Remember that in an uncapped situation usually only a few users spoil the fun for everyone by drastically overusing their priviledge.
I think you understood the difference between the two types of "being a consumer", but I'll try to clarify for those who didn't: There's nothing wrong with paying for what you use, but students should be given the opportunity to participate in communication on equal terms, instead of being forced to consume what others offer, which would be the result of reducing their computers to webclients.
Right now, universities are trying to stop the filesharing by crippling the network in a way that degrades students' machines to clients. They put students into a consumer role which I think is the direct opposite of educating them.
The first step is slowing or blocking known filesharing ports and protocols. Users will find a way around this (they'll download the next generation of filesharing tools). So then inbound connections will be blocked. That removes all peer to peer capability, at least for connection based protocols.
Encrypted channels below the TCP level remove the ability to filter based on content or protocols, because attributes like port numbers and protocol headers are hidden inside the encrypted stream. In the long run, if you want to have separate limitations for filesharing and other traffic, you will have to disallow encryption, or at least stop inbound connections, which, depending on the tunnel protocol, can be impossible without completely blocking that protocol.
When the point is reached that filesharing is "impossible", the network will be web only. The bad thing about that is the message: The internet is the web, the web is what bigger entities serve and you consume. (All peer to peer had to be removed to stop filesharing, but that's known only to historians.)
Is there a better way? I think so. Don't cripple the network technologically, but involve students in the economics of the net.
Category 15 is a 622 MBit connection with a volume cap of 50000 GB/month. The price per year is 741373 Euro. That is down to 1.24 Euro (about 1,10 US-$) a GB.
At that price, most students would be happy to pay for the used bandwith, if that meant no more "you can't do this, you can't do that". Offer 1 or 2 GB per week free, charge for anything exceeding that and offer some means by which the user can monitor and limit his/her bandwith usage and everyone but the most hardcore filesharers will be happy.
You are thinking of connection based protocols which allow the distinction of incomming and outgoing connections. That isn't necessarily true for tunnel protocols.
I frown upon the current trend (which is to try and limit students' systems to "consumers" and remove all "server" capability) because this means removing most of the appeal of the internet, which is the ability to distribute information not only top-down but also sideways.
The point I was trying to explain was that it will be impossible to limit or block certain protocols while at the same time giving more bandwith to other protocols. All it takes to remove protocol-based filtering from the list of possible interventions is encryption right above IP. After that, no information about the protocols or contents of the channel is visible to anyone but the two endpoints. The protocols are available, they just don't get used much. If the connection is good enough for webbrowsing, it's good enough for filesharing.
Overall volume restrictions seem to be the trend in Germany, too. My connection is limited to 2 GB total a week. There's a warning if you exceed the soft limit and if you exceed 2.5 GB, say bye-bye to external connections for the rest of the month.
Slashdot Mirror
The TTL (Time To Live) field of the IP packet header contains the maximum number of routers which the packet may pass before it has to be dropped (to avoid loops). It is required that every router decreases the TTL and that a router which sees a TTL of 1 or less must not pass the packet to another system. A firewall or NAT router is typically acting like a router concerning the TTL field handling. Your provider knows the number of hops to the customer's system. If he sets the TTL of packets originating from the ISP's systems to just that number of hops, packets don't travel past the NAT-device. Circumvention is easy: Either patch/set your NAT-device to not respect the RFCs or install proxies for all protocols which you use to communicate with your provider's systems. If the provider doesn't use this trick all the time, all he has to do is turn it on for DNS every now and then and wait for the service calls complaining about disfunctional DNS (or he could look for the respective ICMP messages).
Bugtraq is also doing the r&d for script kiddies. Same argument. Most of the possible ways of detecting NAT have already been discussed and are well known or very easy to find. This discussion however may wake up people who until now thought they can not be detected. It could also lead to someone developing a stealth-NAT distribution or implementing such an option in a popular firewall/router distribution.
ip_forward.c: /*
if (iph->ttl =1)
goto too_many_hops;
*/ ... /*
ip_decrease_ttl(iph);
*/
Kids, don't try this at home. Violating RFCs is a bad thing.
Did a little searching and found another hint: The NATting device acts as a router and as such usually decreases the TTL field of packets passing through it. That creates unusual TTL values on the first hop to the ISP.
NAT leaves some traces in the datastream. Especially the high port numbers of a Linux system doing masquerading with the default settings could ring a bell. Other options are operating system fingerprinting. If you see a Linux system using the ip but other traffic carries Windows characteristics, that may be a hint.
All the advances in chip design and manufacturing make computing hardware a big player game. One thing I'd really like to see is a technology which enables hobbyists to create microchips on a small scale. There are a few open source hardware projects around, but when it comes to manufacturing, only high numbers can be produced at reasonable costs. This advancement, promising no two chips will be the same, sounds a lot like what I want.
You turned a perfectly valid observation into an anti-RIAA rant. I'll ignore the last three paragraphs and comment on the economic promises and reality of the web:
Some expected the web to turn the whole "old" economy upside down. That is and was the BS which has been proclaimed dead now. You can't copy a coke and you can't download it either. Therefore the internet could not change that part of how we live.
The internet is about information, about making it available, storing it, searching through it. What does that mean to our everyday life? We can now learn about products which were not available to us before because the market wasn't big enough to make offering them to us profitable. We can now find people with similar ideas who where to distant and spread out before for us to know about them. We can now learn about different views on the world, from all around the world, which were filtered by a few media executives before. If information is a relevant part of an activity or a product, the internet has either changed that aspect of our lives or it most likely will in the near future. It is only the relevance one assigns to information which makes people think the internet hasn't changed a lot or turned everything upside down.
To cut a story of medium length even shorter: We get born, live and die. We could do that without electricity, sewers, money or the departure from hunting and collecting food. Nobody would claim these things haven't changed a lot though. Sometime the frame of reference is a little too big to notice the relevant changes.
I think it isn't far-fetched to say that "The Revolution" has met with some resistance because it is changing our lives. The web has failed mostly in the economical sense (and even there is starting to fill some niches: Amazon...). No, we aren't in Utopia yet, but we certainly have left the unconnected times behind.
The last paragraph is true, but you should take into account what the related costs are if you go for that Sony product. Quite often, you pay the difference or more for media, adapters and lost functionality when used in combination with other vendors' products. This is what people mean when they warn others not to buy Sony products. It is a generally applicable concept, though. Think printers and ink-prices.
What's worst is when big business manages to keep the balance, stopping the general public from using their fair rights without causing much of an outcry. It helps if they overshoot, this way people realize what is taken away from them and how they are milked by separating the world into regions for consumers while opening it for the big players.
The slashdot effect has been analyzed:
Traffic increase from slashdot effect
Increase in hits and bandwith requirements of a Linux related story being featured on Slashdot
Analysis of several stories making it to the frontpage of Slashdot and other newslogs.
Especially the second link shows that the Slashdot effect can look very much like a DDoS attack. The severance depends on the story, probably on the time of day and of course on the link and hardware powering the /.ed site.
If you pay by the gigabyte for your webtraffic (who doesn't), the /. effect can be a financial DoS attack much more than a technical DoS.
You forgot to link to the business major puzzle:
Everybody who can find the solution to the computer science puzzle by using personal connections or by paying someone else to solve it, will be invited to hold a one-hour Powerpoint presentation about the solution. Scholarships will be awarded based on 80% presentation, 20% cost of finding the solution and 5% correctness of solution.
1.: From the review:
You can chose from two types of display while the song is playing (status or spectrographic display)
2.: CF costs way more per megabyte than HDs or CDs. Its advantages are size, robustness and weight.
After the initial install with the SRAM card the access point can be upgraded over the network.
Does that mean the vendors of access points do not write protect the operating system on the hardware level? Or are future modifications only possible when the jumper remains in the upgrade position? If the jumper becomes meaningless after the upgrade, its implementation is a serious design flaw and an undetected rooting waiting to happen.
Even better. The good ones (you know, the ones who could actually make p2p work) will be hired by big business and subsequently forget why they got into the game in the first place.
It's really time to get rid of central authority technically, because it has been proven to be impossible to achieve freedom of expression by economic and political means. He who owns the press has freedom of the press. After September 11th everyone who even thinks about not swimming in the political mainstream is marked as potential terrorist.
Google tries to use what works best. Every website owner already has the option to include keywords in their webpages by utilizing the "meta" tag with name="description" and name="keywords". Since not everyone is using this option and others are trying to cheat with it, the best way seems to use a mix of keywords and page content.
It is the exact opposite of the internet bubble bursting which reduces the value of domain names. With more and more small businesses entering the web, the domain namespace just isn't as identifying as it used to be. The authors example of viatech hints at the problem: The more companies and individuals share similar names, the less likely are you going to find a specific one by guessing the domainname. Since there isn't much room in the domain name system for additional identifying information, a search engine is better suited to aid you in finding. If you know the address, that's a completely different story.
Never underestimate the appeal of a nice email-address. You don't want to print a google search url onto your business card, do you?
Direct upstream bandwith isn't the problem here, it's the volume. The 622 MBit pipe can carry about 200 TB per month (or 100 TB if you count only the day and not the night), but the price for that connection is paid depending on the volume transmitted. Unlimited use costs twice as much as using it only up to 12.5 TB a month. Giving the rest of the available bandwith to low-priority protocols won't solve the problem, because the connection would still be overused.
To make things more difficult there are of course political problems to watch out for, if you decide to selectively slow down filesharing. Should you succeed, why shouldn't someone from the various Associations ask network administrators to use that power and prevent copyright violations alltogether? Treating network traffic as opaque, either because it is encrypted or because you don't have the necessary hardware to treat it differently, could keep the Universities out of a lot of trouble.
There is some shaping going on here, but it affects all traffic depending on source, not protocols. If you were to implement selective traffic shaping as the only measure against net-hogs, they would probably "hide" their traffic inside other protocols. Remember that in an uncapped situation usually only a few users spoil the fun for everyone by drastically overusing their priviledge.
I think you understood the difference between the two types of "being a consumer", but I'll try to clarify for those who didn't: There's nothing wrong with paying for what you use, but students should be given the opportunity to participate in communication on equal terms, instead of being forced to consume what others offer, which would be the result of reducing their computers to webclients.
Right now, universities are trying to stop the filesharing by crippling the network in a way that degrades students' machines to clients. They put students into a consumer role which I think is the direct opposite of educating them.
The first step is slowing or blocking known filesharing ports and protocols. Users will find a way around this (they'll download the next generation of filesharing tools). So then inbound connections will be blocked. That removes all peer to peer capability, at least for connection based protocols.
Encrypted channels below the TCP level remove the ability to filter based on content or protocols, because attributes like port numbers and protocol headers are hidden inside the encrypted stream. In the long run, if you want to have separate limitations for filesharing and other traffic, you will have to disallow encryption, or at least stop inbound connections, which, depending on the tunnel protocol, can be impossible without completely blocking that protocol.
When the point is reached that filesharing is "impossible", the network will be web only. The bad thing about that is the message: The internet is the web, the web is what bigger entities serve and you consume. (All peer to peer had to be removed to stop filesharing, but that's known only to historians.)
Is there a better way? I think so. Don't cripple the network technologically, but involve students in the economics of the net.
Take a look at the DFN pricelist.
Category 15 is a 622 MBit connection with a volume cap of 50000 GB/month. The price per year is 741373 Euro. That is down to 1.24 Euro (about 1,10 US-$) a GB.
At that price, most students would be happy to pay for the used bandwith, if that meant no more "you can't do this, you can't do that". Offer 1 or 2 GB per week free, charge for anything exceeding that and offer some means by which the user can monitor and limit his/her bandwith usage and everyone but the most hardcore filesharers will be happy.
You are thinking of connection based protocols which allow the distinction of incomming and outgoing connections. That isn't necessarily true for tunnel protocols.
I frown upon the current trend (which is to try and limit students' systems to "consumers" and remove all "server" capability) because this means removing most of the appeal of the internet, which is the ability to distribute information not only top-down but also sideways.
The point I was trying to explain was that it will be impossible to limit or block certain protocols while at the same time giving more bandwith to other protocols. All it takes to remove protocol-based filtering from the list of possible interventions is encryption right above IP. After that, no information about the protocols or contents of the channel is visible to anyone but the two endpoints. The protocols are available, they just don't get used much. If the connection is good enough for webbrowsing, it's good enough for filesharing.
Overall volume restrictions seem to be the trend in Germany, too. My connection is limited to 2 GB total a week. There's a warning if you exceed the soft limit and if you exceed 2.5 GB, say bye-bye to external connections for the rest of the month.