+1 Interesting? Only if you're not a programmer...
A system like that is going to find bugs that are only slightly less obvious than the ones that would trigger an error by the compiler. Imagine this code:
x=GetX();
y=GetY();
if(x>y)
DoSometing();
There's a bug in that code: you need to DoSomething() when x==y, not only >y. But how do you know that? x and y get their values from some mystery function, and DoSomething does who knows what. That code may be in a header file, library, or who knows what.
Any bugs that could be caught by examining 30 lines of source code with zero context are far more likely to be caught by the preprocessor, compiler, linker, lint, etc. than by J. Random Programmer, even if they're the second coming of Alan Turing.
You really don't think something like that would be noticed?
Let's imagine a *really* slowly reproducing virus: one that attempts to infect just a single computer a day. Now, you *could* go even slower, but 1 a day is pretty slow, wouldn't you agree?
Now, on day 1, there might be only a single packet sent by a single computer. I don't think anyone is going to notice that. But at some point, a large-enough collection of computers will send out these requests, and it will get noticed.
The question is, how many infected computers do you need before your attack is detected? If it's something like Code Red, a few thousand will get noticed: they spew out too many requests. One a day? It's harder to say. Will someone notice when there are 100,000 attacks a day? 1,000,000? But how long will it take to *get* to 100,000 infected computers? How many attacks will fail? Odds are, most of them will fail: not every IP has an attackable computer...
In other words, you could easily create a silent attack that doesn't kill anyone. Or a very noisy attack that also kills no one because it's stopped in time. Can you create a somewhat silent attack that infects a large number of people before they find out? Very tricky. It's an almost impossible balance: crash too soon and it doesn't really do anything, wait too long and it'll get caught.
To me, the better attack would be a *lightning* quick attack. Something like Slammer. According to this, Slammer was able to attack every vulnerable computer available in 20 minutes. I'm not sure how much I believe this, but I've heard that 15 Million computers were infected in that same 20 minutes. Is 15 Million dead computers enough for you?
Create a virus that spreads for an hour. Infect 15 million computers. Kill them. Good luck stopping that. The best part is, if you do your job correctly, either build a virus that only remains in memory or have it destroy the local copy of the virus in the process of killing the computer. Not only will the computers be dead, but it'll be *real* hard to figure out what hit you...
Can I ask why you're suffering with a 10-year-old Pentium? In my area, there are people like these that sell good computers cheap. For about $100, you can get a 600MHz Pentium III, and if you get it locally, you won't have to pay shipping.
I do realize that $100 is still $100, but if you saved 50 cents a day, you'd have it in less than a year. Maybe I'm spoiled beyond belief, but 50 cents a day for a year (or $2 a week: even less) doesn't seem that bad for a 3-6 times performance improvement... And when you buy it in a year, you'll probably get something around 1GHz, even!
The movie is Quiz Show. Good movie. That scandal basically killed large-money game shows until Millionaire.
Of course, Millionaire faced some of the same criticizm that 21 did. And now that Jeopardy has lifed the 5-game limit, I have a feeling that the same will happen here.
In the end, you have to remember: it's television, not reality. I assume *everything* on TV has been manipulated for my "benefit"...
I've never played xtanks, but I believe the game you're referring to is Scorched Earth, and old VGA (and VESA) DOS game. There's now an Internet-enabled version called Scorched Earth 2000 and a 3D version called Scorched Earth 3D, which even my 1GHz Pentium M notebook can't play!:)
Re:Sure but does it require new equipment
on
IEEE Approves 802.11i
·
· Score: 5, Insightful
According to this article, the speed of encryping 128 bits of data with a 128-bit AES key is 730 cycles on a 32-bit MIPS processor. To keep it consistent with your numbers, that's actually >45 cycles/byte. At approximately 5 Million bytes/sec (54Mbit wireless), and 45 cycles/byte, that's 225 Million cycles per second right there. IIRC, the processor that's embedded in the router has a single pipeline at 200MHz, or, at best, 200 MIPS.
In other words, assuming *zero* processing overhead, we're 25 MIPS short for wire-speed encryption.
These are very rough numbers, but think of it this way: do you think Cisco (or whoever) spec'ed a processor substantially faster than what they needed? From my peronal experience, embedded processors do not usually have more than a few percent more performance than they need: rarely do they have even 30% more performance than they need. Even if they design a system with a way-fast processor, one of two things happen: their code bloats to use that speed (or they quit optimizing because they don't need to), or they end up buying a lower-cost, slower processor for production!
In short, it's highly unlikely that the Wrt54g will have anywhere near the CPU power to do wire(less)-speed AES at 54Mbit. Half that? Maybe, but not all of it.
Re:Sure but does it require new equipment
on
IEEE Approves 802.11i
·
· Score: 4, Insightful
Three things:
1) It's not likely that the 200MHz CPU in that thing is going to handle 54Mbit worth of traffic. AES is not the easiest to calculate...
2) Even so, it's highly likely that a firmware update could *possibly* add this. Will Cisco? My guess is no: they are not incented to make your current device more useful. They'd rather sell a new device.
I was just involved with a company who built a new office for themselves. 50-so people. They built a reasonably attractive building in a city, not a reservation. I believe it was about 10,000 sq. ft. Total cost? Under $800,000.
So that leaves $2 Million. Are we agreed that you could buy 40 extremely nice PC's for under $50,000? Let's add another $50,000 for a server, switches, printers, etc. $100,000 for the setup of 40 systems? I'd do it in a *heartbeat*.
Now, bandwidth. Let's assume a frac-T3, say, 4Mbit. $50,000 for interface hardware. Maybe $50,000 for UPS's, proxy server, DNS, etc. Monthly costs of what? $6,000 a month for a 4Mbit T3? You could do it with 4 nice, redundant T1's for under $3,000 a month!
Now, wireless. Let's assume that you want to put up 100 access points. And let's say that you pay $1000 per access point. $1k is going to get you a *kick-butt* AP, wouldn't you agree? And 100 AP's? That's some pretty good coverage, right? Cost: $100,000.
OK, so let's total this up:
Building: $800,000
Techology for center: $100,000
Back-end configuration: $100,000 TEN YEARS of bandwidth @$6000/month: under $800,000
100-AP wireless network: $100,000
Total: $1.9 Million
That leaves $900,000 (!).
I know that I would do the entire job (without the building) for $2 Million. I would spend $1 Million to do it, and live off of the interest on the other Million!:)
That's only half right. Unimodem/V or Unimodem/5 are software API's. Just like NDIS is an API for network cards. Just because a network card has NDIS drivers, does not mean that the hardware interface is documented. The same is true for modems, video cards or anything else. The *driver* implements a documented standard (NDIS, Unimodem, VESA, etc.). The hardware can implement whatever magic interface they see fit: that's the whole point of drivers!
That's the problem here. Under Linux, you can't use vendor-supplied Windows Unimodem drivers. There needs to be a Linux equivilent. Just like you can't use your Windows NDIS drivers (weird software hacks excluded) to talk to a network card, or your Windows video driver for X.
While there *is* a clearly documented AT-style standard for voice, it is half-duplex. While there are *many* full-duplex-capable modems (mostly softmodems), their hardware interfaces are not documented. They don't need to be: the Windows driver does that for you. What few softmodems *are* supported by Linux are supported for data only. There is no support for voice.
That's why you need dedicated hardware for Asterisk. Having said all of that, an X100P is little different than a typical softmodem. It's just documented and supported. If you wanted to, you are free to write an Asterisk driver for a Lucent chipset. You would have a hard time, though, because there's no documentation...
Apples and oranges. If we're talking NoCat (or other such access control to relatively open systems), isn't it highly likely that we will be talking more than one AP?
Which is easier? To put out a series of small, silent, reliable, power-efficient AP's connected to a single back-end computer, or a bunch of large, noisy, power-hungry and failure-prone (if used) or expensive (if new) computers to *act* as AP's, all to save a *single* back-end computer in a nice, controlled, convenient location?
Now, if you're talking about a single AP, integrating the capabilities of the back-end system with the AP *might* be theoretically cheaper (though I still disagree: you're still talking about bulky hardware in inconvenient places). But if we *are* talking a single AP, *why* do you need NoCat, exactly? I have a feeling that the number of users who need a NoCat solution and can get by with a single AP are very, very small. If you think your solution is superior for that application, so be it. I'll stick with the solution better for 99.9% of the people.
Oh, and don't forget: you are doing all of this so that you can save a grand total of $40 on the router. Still think your argument makes sense? Short of 15-year-old kids who don't want to spend their allowance, when does saving that $40 for a pieced-together solution over a proven, stable and warrantied solution make sense?
Again, what do we gain by using a computer instead of an AP? At most, $40. And, of course, "flexibility". But why does the flexibility have to be on the router, exactly? Who cares if the flexibility is one hop upstream? I can only come up with tiny "abuses" by using a standard router without NoCat on them: users could talk to each other across the same AP. Big freaking deal: I doubt that such use is really going to hurt you... Even then, there are routers that allow more controlled configurations to block even that.
If you're talking at home, go crazy. But in the real world, building a business with seat-of-your-pants designs to save at most $40 is not exactly smart.
$40 wirelss router. A single computer on the back end running NoCat/Squid/Etc. to handle authentication/filtering/etc.
Which is better? Saving $10 to use an 8-year-old computer with an 8-year-old power supply that consumes 10x the power and takes 5+ times the space, or a small, silent, cool device that is UNDER WARRANTY and has no moving parts?
And in case you missed the "but I can't redirect the initial connect to a different page!", I can do exactly that ON THE BACK END! Why would I put that page on 100 different access points where a single change has to be made 100 times? YOU PUT IT ON THE BACK END!!!
Jeez. Soon you'll be telling me that I shouldn't pay $75 for a print server, I should drag out an old 486 and pay a penny an hour for the electricity to make my own print server that takes up twice the room of the printer itself?
Do you mean talking in the idea of voice chat over a data connection? If so, that's not what I was talking about. In that case, you don't need a modem as anything more than a data transport: no different than Ethernet, wireless, etc.
But if you're talking about talking to a person using a plain old telephone, then the information above is correct.
For more information, check out the Asterisk mailing list archives.
I do not claim to know the intimate history of the Tormenta boards, their evolution into the Wildcard, etc. I do know, however, that the 4-port T1 or E1 cards that you're talking about are now several versions old. In fact, they've been completely replaced with new busmastering PCI cards. Details here (Warning: PDF).
Also, the Wildcard X100P is totally unrelated to the Tormenta cards you mention.
Finally, without the Asterisk software, most definitely written in vast majority by Digium, those Wildcards don't exactly do much...
1) The AT standard for voice is half-duplex: it can't listen and play at the same time. That won't work for a PBX.
2) There are plenty of softmodems that can do full-duplex voice. However, their API's are not documented, and therefore are not supported.
An X100P or an FXO module for the TDM400P, in fact, are little different than a normal softmodem: they just have documented API's for dealing with voice. And, of course, buying the products from Digium helps support the people who make all of this possible...
1) Buying the Asterisk-compatible card does not help out the company who has done 95% of the development, both hardware and software, that makes that board do something: Digium.
2) Digium has announced an FXO module for the TDM400 board that replaces the X100P. In other words, you can add up to 12 FXO (talks to telco) or FXS (talks to telephones) interfaces in the same computer, instead of just a couple.
There's nothing immoral about buying the off-brand X100P's, but it doesn't help you to get the next version of the X100P developed, or the software to make it work...
Sometimes the computer misses a keyup event, or it gets "misdelivered". For example, you hold down the control key, switch windows and let go. Sometimes the up message gets lost and the keyboard acts like the left control is stuck down. It's not, the computer just missed the up message.
By pressing, and more importantly, releasing, all of the "sticky keys" (both CTRL's, ALT's and SHIFT's), you re-send the up message and the computer gets back on track.
This usually happens when you're using remote control software: pcAnywhere, MS Terminal Services, even terminal sessions or other such things.
I'm not trying to troll, but your biggest mistake was buying an eMachines in the first place.
I've seen dozens of them, and all of them have numerous shortcuts: like too few and too small cooling fans...
You obviously had the budget for a better computer: you upgraded to 1GB of RAM! I would suggest in the future contemplating a better machine.
I know this sounds like a troll or flamebait. Check my posts: it's not what I do. I just hope that others do not make a similar mistake. The $50 you save getting the eMachines is not worth it.
Slashdot Mirror
A system like that is going to find bugs that are only slightly less obvious than the ones that would trigger an error by the compiler. Imagine this code:
x=GetX();
y=GetY();
if(x>y)
DoSometing();
There's a bug in that code: you need to DoSomething() when x==y, not only >y. But how do you know that? x and y get their values from some mystery function, and DoSomething does who knows what. That code may be in a header file, library, or who knows what. Any bugs that could be caught by examining 30 lines of source code with zero context are far more likely to be caught by the preprocessor, compiler, linker, lint, etc. than by J. Random Programmer, even if they're the second coming of Alan Turing.
Let's imagine a *really* slowly reproducing virus: one that attempts to infect just a single computer a day. Now, you *could* go even slower, but 1 a day is pretty slow, wouldn't you agree?
Now, on day 1, there might be only a single packet sent by a single computer. I don't think anyone is going to notice that. But at some point, a large-enough collection of computers will send out these requests, and it will get noticed.
The question is, how many infected computers do you need before your attack is detected? If it's something like Code Red, a few thousand will get noticed: they spew out too many requests. One a day? It's harder to say. Will someone notice when there are 100,000 attacks a day? 1,000,000? But how long will it take to *get* to 100,000 infected computers? How many attacks will fail? Odds are, most of them will fail: not every IP has an attackable computer...
In other words, you could easily create a silent attack that doesn't kill anyone. Or a very noisy attack that also kills no one because it's stopped in time. Can you create a somewhat silent attack that infects a large number of people before they find out? Very tricky. It's an almost impossible balance: crash too soon and it doesn't really do anything, wait too long and it'll get caught.
To me, the better attack would be a *lightning* quick attack. Something like Slammer. According to this, Slammer was able to attack every vulnerable computer available in 20 minutes. I'm not sure how much I believe this, but I've heard that 15 Million computers were infected in that same 20 minutes. Is 15 Million dead computers enough for you?
Create a virus that spreads for an hour. Infect 15 million computers. Kill them. Good luck stopping that. The best part is, if you do your job correctly, either build a virus that only remains in memory or have it destroy the local copy of the virus in the process of killing the computer. Not only will the computers be dead, but it'll be *real* hard to figure out what hit you...
Now that I write that, that is a little scary...
I do realize that $100 is still $100, but if you saved 50 cents a day, you'd have it in less than a year. Maybe I'm spoiled beyond belief, but 50 cents a day for a year (or $2 a week: even less) doesn't seem that bad for a 3-6 times performance improvement... And when you buy it in a year, you'll probably get something around 1GHz, even!
Of course, Millionaire faced some of the same criticizm that 21 did. And now that Jeopardy has lifed the 5-game limit, I have a feeling that the same will happen here.
In the end, you have to remember: it's television, not reality. I assume *everything* on TV has been manipulated for my "benefit"...
The irony of this, juxtaposed with your sig... /. at it's best.
In other words, assuming *zero* processing overhead, we're 25 MIPS short for wire-speed encryption.
These are very rough numbers, but think of it this way: do you think Cisco (or whoever) spec'ed a processor substantially faster than what they needed? From my peronal experience, embedded processors do not usually have more than a few percent more performance than they need: rarely do they have even 30% more performance than they need. Even if they design a system with a way-fast processor, one of two things happen: their code bloats to use that speed (or they quit optimizing because they don't need to), or they end up buying a lower-cost, slower processor for production!
In short, it's highly unlikely that the Wrt54g will have anywhere near the CPU power to do wire(less)-speed AES at 54Mbit. Half that? Maybe, but not all of it.
1) It's not likely that the 200MHz CPU in that thing is going to handle 54Mbit worth of traffic. AES is not the easiest to calculate...
2) Even so, it's highly likely that a firmware update could *possibly* add this. Will Cisco? My guess is no: they are not incented to make your current device more useful. They'd rather sell a new device.
3) The beauty of OpenSource is that you can add whatever features you want...
Excuse me, may I go to the bathroom?
</VOICE>
One of my favorite movies...
do() || do_not(); //try();
In your way, there is a not-try() option. In my way, there is no try. At least, when it's compiled! :)
Can't wait to see *this* one get modded... Don't ask me why I'm doing this logged in...
So that leaves $2 Million. Are we agreed that you could buy 40 extremely nice PC's for under $50,000? Let's add another $50,000 for a server, switches, printers, etc. $100,000 for the setup of 40 systems? I'd do it in a *heartbeat*.
Now, bandwidth. Let's assume a frac-T3, say, 4Mbit. $50,000 for interface hardware. Maybe $50,000 for UPS's, proxy server, DNS, etc. Monthly costs of what? $6,000 a month for a 4Mbit T3? You could do it with 4 nice, redundant T1's for under $3,000 a month!
Now, wireless. Let's assume that you want to put up 100 access points. And let's say that you pay $1000 per access point. $1k is going to get you a *kick-butt* AP, wouldn't you agree? And 100 AP's? That's some pretty good coverage, right? Cost: $100,000.
OK, so let's total this up:
Building: $800,000
Techology for center: $100,000
Back-end configuration: $100,000
TEN YEARS of bandwidth @$6000/month: under $800,000
100-AP wireless network: $100,000
Total: $1.9 Million
That leaves $900,000 (!).
I know that I would do the entire job (without the building) for $2 Million. I would spend $1 Million to do it, and live off of the interest on the other Million! :)
That seems like enough for a *heck* of a buildout and, what? 10 years of expenses? How can I get a piece? :)
That's the problem here. Under Linux, you can't use vendor-supplied Windows Unimodem drivers. There needs to be a Linux equivilent. Just like you can't use your Windows NDIS drivers (weird software hacks excluded) to talk to a network card, or your Windows video driver for X.
While there *is* a clearly documented AT-style standard for voice, it is half-duplex. While there are *many* full-duplex-capable modems (mostly softmodems), their hardware interfaces are not documented. They don't need to be: the Windows driver does that for you. What few softmodems *are* supported by Linux are supported for data only. There is no support for voice.
That's why you need dedicated hardware for Asterisk. Having said all of that, an X100P is little different than a typical softmodem. It's just documented and supported. If you wanted to, you are free to write an Asterisk driver for a Lucent chipset. You would have a hard time, though, because there's no documentation...
Apples and oranges. If we're talking NoCat (or other such access control to relatively open systems), isn't it highly likely that we will be talking more than one AP?
Which is easier? To put out a series of small, silent, reliable, power-efficient AP's connected to a single back-end computer, or a bunch of large, noisy, power-hungry and failure-prone (if used) or expensive (if new) computers to *act* as AP's, all to save a *single* back-end computer in a nice, controlled, convenient location?
Now, if you're talking about a single AP, integrating the capabilities of the back-end system with the AP *might* be theoretically cheaper (though I still disagree: you're still talking about bulky hardware in inconvenient places). But if we *are* talking a single AP, *why* do you need NoCat, exactly? I have a feeling that the number of users who need a NoCat solution and can get by with a single AP are very, very small. If you think your solution is superior for that application, so be it. I'll stick with the solution better for 99.9% of the people.
Oh, and don't forget: you are doing all of this so that you can save a grand total of $40 on the router. Still think your argument makes sense? Short of 15-year-old kids who don't want to spend their allowance, when does saving that $40 for a pieced-together solution over a proven, stable and warrantied solution make sense?
Again, what do we gain by using a computer instead of an AP? At most, $40. And, of course, "flexibility". But why does the flexibility have to be on the router, exactly? Who cares if the flexibility is one hop upstream? I can only come up with tiny "abuses" by using a standard router without NoCat on them: users could talk to each other across the same AP. Big freaking deal: I doubt that such use is really going to hurt you... Even then, there are routers that allow more controlled configurations to block even that.
If you're talking at home, go crazy. But in the real world, building a business with seat-of-your-pants designs to save at most $40 is not exactly smart.
$40 wirelss router. A single computer on the back end running NoCat/Squid/Etc. to handle authentication/filtering/etc.
Which is better? Saving $10 to use an 8-year-old computer with an 8-year-old power supply that consumes 10x the power and takes 5+ times the space, or a small, silent, cool device that is UNDER WARRANTY and has no moving parts?
And in case you missed the "but I can't redirect the initial connect to a different page!", I can do exactly that ON THE BACK END! Why would I put that page on 100 different access points where a single change has to be made 100 times? YOU PUT IT ON THE BACK END!!!
Jeez. Soon you'll be telling me that I shouldn't pay $75 for a print server, I should drag out an old 486 and pay a penny an hour for the electricity to make my own print server that takes up twice the room of the printer itself?
But if you're talking about talking to a person using a plain old telephone, then the information above is correct.
For more information, check out the Asterisk mailing list archives.
Also, the Wildcard X100P is totally unrelated to the Tormenta cards you mention.
Finally, without the Asterisk software, most definitely written in vast majority by Digium, those Wildcards don't exactly do much...
1) The AT standard for voice is half-duplex: it can't listen and play at the same time. That won't work for a PBX.
2) There are plenty of softmodems that can do full-duplex voice. However, their API's are not documented, and therefore are not supported.
An X100P or an FXO module for the TDM400P, in fact, are little different than a normal softmodem: they just have documented API's for dealing with voice. And, of course, buying the products from Digium helps support the people who make all of this possible...
1) Buying the Asterisk-compatible card does not help out the company who has done 95% of the development, both hardware and software, that makes that board do something: Digium.
2) Digium has announced an FXO module for the TDM400 board that replaces the X100P. In other words, you can add up to 12 FXO (talks to telco) or FXS (talks to telephones) interfaces in the same computer, instead of just a couple.
There's nothing immoral about buying the off-brand X100P's, but it doesn't help you to get the next version of the X100P developed, or the software to make it work...
By pressing, and more importantly, releasing, all of the "sticky keys" (both CTRL's, ALT's and SHIFT's), you re-send the up message and the computer gets back on track.
This usually happens when you're using remote control software: pcAnywhere, MS Terminal Services, even terminal sessions or other such things.
I've seen dozens of them, and all of them have numerous shortcuts: like too few and too small cooling fans...
You obviously had the budget for a better computer: you upgraded to 1GB of RAM! I would suggest in the future contemplating a better machine.
I know this sounds like a troll or flamebait. Check my posts: it's not what I do. I just hope that others do not make a similar mistake. The $50 you save getting the eMachines is not worth it.
It also *equalizes* prosperity. And seeing as Americans are at the tip top of the wealth pyramid, where do you think we'll go?
I'm not saying that such equalization is not appropriate. But no matter what, it will be painful.
To me, 95*23 is 100*23 - 23 5's. 23 5's is 1/2 23*10. 230/2=115. 2300-115 = 2185.
Why would I want to work with 5 23's when I can work with 23 5's? :)