Be careful about the Slashdot story. It does not say what you might imagine it says. Below are quotes from a video of a CBS newscast, CBS Panel's Conclusions:
"The story wasn't ready." "The panel did not conclude the documents were forgeries." "We didn't find any actual [political] bias." "Mary Mapes said she still believes the documents were well corroborated."
NOTE: CBS has recently begun offering videos of its most important newscasts online, mostly without commercials. The videos display only in Internet Explorer, not the latest versions of Mozilla or Firefox. CBS uses Javascript in poor ways, there are problems with its video servers, and some videos have been edited incorrectly for transmission. I get different results at different times. I complained to CBS about this about two weeks ago in connection with another story, and did not receive a reply. They seem to be working on the problems, since delivery has changed and improved in the last two weeks. Ignore messages that say, "Could not connect to remote server." I could not play the videos with the latest version of Opera, which is quite compatible with IE-specific coding, but that may have been because of my specific installation.
Note that the quotes from the CBS newscast don't say that CBS has decided the story was false. CBS only fully accepts its responsibility for sloppiness in the preparation of the story.
Also, the CBS focus was misleading. The real story was that George W. Bush disappeared from Air National Guard records in exactly the same month that the ANG instituted drug testing.
Lt. Bush's reported behavior was consistent with the known behavior of alcoholics, and Bush has admitted to being an alcoholic. Alcoholics often use other drugs to heighten the desired effects of alcohol and to try to diminish the undesired effects.
I served in the U.S. Air Force in the years around the time that Lt. Bush served, and I was stationed at a base that had the aircraft he flew. The CBS documents were consistent with the operation of the Air Force at that time, which was remarkably tolerant of alcoholism. The entire U.S. culture at the time was tolerant of alcoholism, but the USAF as I experienced it was even more so.
I have specific, detailed knowledge that the Air Force was far more corrupt than has been reported in stories I've seen. For example, F-106 aircraft, the successors to the F-102 aircraft that Lt. Bush flew, had severe defects in their inertial guidance systems that meant that F-106s were often not available to perform their mission. This was not a conscious conspiracy; they could not get the systems to work properly, and apparently all USAF departments tended to cover up failures rather than report them sufficiently. Remember that this was a time when people had far less technical knowledge than people generally have today.
At the time, no one would have found it remarkable that a pilot was an alcoholic, or that someone received special treatment because of political pressure. That was just the way things worked. This is so important that maybe I should repeat it: That's just the way things worked back then. Back then few adults had parents who had attended college. The accepted educational level was far less in a way that cannot be measured by the number of college years someone had.
I know about the failure in F-106s because I fixed the problem. I found that some of the amplifiers used in the inertial guidance system had parasitic oscillations because of solder joints of amazingly poor quality. At the time, I was familiar with all base operations that involved electronics repair, and I very much doubt there was anyone else on base who had enough technical knowledge to know what parasitic oscillations were. Mostly they just kept replacing things until they found that the symptom of the problem had gone away. We Slashdot readers take technical knowledge for granted, but widespread te
The fundamental issue here is not about map data, but whether we should allow ourselves to have less freedom because we fear terrorists.
Regarding this, it is valuable to educate ourselves about what we are fearing. Regarding that, it is valuable to know more about the activities of the U.S. government. Only a small percentage of U.S. citizens understand much about the involvement of the U.S. government with other countries. There is plenty of reliable information available, but learning more takes so much time most people haven't done it. Here is a small overview that I put together: History surrounding the U.S. war with Iraq: Four short stories. There may be other articles and books that are far more valuable to you, that article is just a contribution of mine.
Most U.S. citizens believe that the terrorists attacked without provocation. That is not true. The terrorists attacked after many decades of experiencing U.S. government violence. (Violence does not justify more violence, of course, but most people don't believe that, including the leaders of the U.S. Defense Department, and the terrorists.)
Am I saying that the U.S. government is a net evil force in the world? No. What has happened is that the government decided two things several decades ago. I'm sure those in power then did not understand that their decisions would eventually corrupt the entire government. At the time, the decisions seemed logical.
First, the government decided that it could act in other countries in secret. Second, the U.S. government decided it could act in secret to protect U.S. businesses in other countries.
What probably no one realized then was how much that would come to be a corrupting influence on the government. What no one realized then was how much additional profit there was to be made by arranging, in secret, for U.S. taxpayers to pay for the security
arrangements needed by U.S. multinational businesses.
Soon huge businesses were arguing that the U.S. government should subvert democratically elected leaders, as the government did in Iran. Soon U.S. businesses would arrange unfair contracts with corrupt leaders, and when there was a protest, call for U.S. government intervention in the name of patriotism.
That's partly how we got to the present situation, where two men, whose family and business associates and friends have extensive investments in global oil businesses, are president and vice-president of the entire U.S. government, even though there is conflict of interest in such an arrangement.
Part Two -- Apple lawyers: "Why can't Apple be like the U.S.
government? The U.S. government spends half of its discretionary money on
"defense", meaning a lot of people die. Why can't we be like Bruce Willis in
those movies, where he is always justified in doing damage? We are tired of
staying inside writing EULAs. We want to attack someone."
"But who should we attack? It has to be someone weaker than us, and we
are sniveling dorks. Our wives don't even like us."
If you understand social breakdowns like this, you understand that
they never happen unless they are supported by other groups that also want the
same thing, for other reasons:
Angry manager who didn't get a raise: "How do you destroy a social
movement as strong as those who love Macs? Attack the biggest enthusiasts,
that's how. Attack the biggest enthusiasts in a highly public way. If you can,
get the entire story on Slashdot. Hah! I'll sell Apple stock short and make a
bundle destroying the company from within."
Note from me to Apple managers: Please no more of this. I'm running
out of creative ways to imagine how you can be so self-destructive.
It is not a case of being smart. It is a case of being so mono-cultural that they cannot accept anything else. Japanese even have difficulty accepting ethnic Japanese who have lived in the U.S. for two years.
Gai-jin are people who are not like them, and the word has very negative connotations.
Microsoft has often done this. They don't want customers to run beta software forever. They want the customer to realize that he or she must get the latest version.
It's easy to guess how the lawsuit happened. Some Apple marketing person wanted to create a buzz about a new product, so he or she gave the information to someone sure to publish it.
Then, some Apple managers said to themselves, "This is our chance to act like Arnold Schwarzenegger! We will pretend that it's the end of the world, and only we can save it. May we'll even get on Slashdot, for free! We secretly believe that open source hardware is better anyway, so let's sink the company. We can always get jobs somewhere else, because we can say we worked for Apple!"
And, Apple lawyers agreed with this, for their own reasons. They said, "We're tired of writing those license agreements no one reads. We want to go outdoors! We want to kill, kill, kill, and be just like Arnold Schwarzenegger in those movies!"
The biggest friends of big business are the managers. The biggest enemies of big business are... the managers.
The alternative theory is whoever got the information got it from many difficult hours of sneaking around Apple headquarters. Yeah, right.
NOTE: Anyone wanting a secure VPN should pay attention to number 4 above. FVS328s ignore the WAN addresses specified during configuration, apparently, or there is some other bug.
The firmware is the latest. Maybe Netgear made some defective units.
However, if so, units of different models made at different times and from
different suppliers have the same problem.
My experience with Netgear technical support is that they are somewhat
friendly, but almost useless. They haven't been given training in Netgear
products, as far as I can tell. For example, second level technical support
cannot interpret VPN logs. They just try things for an hour, then they say
they can't do more. Eight of those, and that's their work day.
It's been a miserable, miserable experience, dealing with Netgear.
Linksys seems to be the best, right now.
I think it possible that if someone set up a VPN and left it running,
they would have no troubles.
However, I have found many, many small bugs in Netgear firmware, so I
presume that there are more big ones to be found.
Theory of the origin of sloppy software: There is a type of
management of programming in which the programmers are not trusted. The
manager doesn't really understand what the programmers are doing, and just
manages by hassling. It goes like this:
Can we ship it?
No.
Why not?
Because of [some technical reason the manager does not understand].
It looks like it works, lets ship it!
No, it is not finished.
Okay, you have until Thursday, then we ship it.
That's my theory how we get the Microsofts and Symantecs and Netgears
of the world.
Amazing! Thanks. Any advice about how to install OpenVPN on the WRT54G?
Which package would you
recommend? Do the OpenWrt packages have an adminstration console? I don't see
any mention of that. It looks complicated, since I read that there is no Wi-Fi
Protected Access (WPA) until installed.
Also, I note that OpenVPN will NOT work on
Windows XP SP2 unless the pre-release version 2.0 is used. I suppose you don't care if you are using a WRT54G at both
ends of the VPN. I'm not knowledgeable about this, but I guess that running VPN software on a WRT54G would be more secure than running it on a PC.
I note that Sveasoft provides firmware with PPTP VPN software, but there seems to be some question about whether PPTP is sufficiently secure.
Just guessing, but this seems to be a considerable job to configure. I wish there were a commercial release
with the OpenVPN built in.
Movie theaters have become unbelievably abusive. They show commercials. They have extremely poor quality refreshments at very high prices. Any loss from a few people pirating movies is far, far less than the loss from abusing customers.
Moderators: Please moderate this up. In this situation, a little redundancy is not a bad thing. In this discussion, we are trying to build a consensus.
OpenVPN seems to be the winner of the comments so far. However, I'd like to see other hardware VPN solutions, too.
From the Slashdot question: "Are there any other options I should be looking at other than using SSH port forwarding?"
It would be interesting to know more about experiences with SSH, too.
Netgear FVS328 and FVS318 routers with VPN
on
Low Cost VPN Solutions?
·
· Score: 2, Informative
This may be helpful to someone:
We have extensive experience with the Netgear FVS328 and FVS318 routers with VPN. We have had many many problems with them.
Note that the FVS318 does NOT have secure login for remote maintenance. The password is sent in the clear.
Netgear apparently has no technical support representatives that work for the company. They apparently all work for contractors in India and the United States. We have found them to have very, very little information about these Netgear products.
Here are a few of our extensive notes about the problems:
We establish an IKE and VPN policy, and start a VPN. It works fine the first time, but, after we disconnect we cannot connect later, even though no changes have been made to the policies.
1) There is general agreement among Netgear technical support people that there is a problem.
Netgear technical support people have standard IKE and VPN policy setups they like to use, which they say are proven to work. The most common one, however, is slow and drops a lot of pings. More sophisticated IKE and VPN settings are faster, even though better encryption is used. We have no idea why this is so.
2) Turning the router power off and restarting sometimes cures the problem with not being able to re-establish a VPN. We have seen cases where the menu choice reboot did not cure a problem, but turning the power off and on did cure it.
3) Something hidden seems to time out after several hours. Sometimes VPN connection problems fix themselves after a day or so.
4) When establishing a VPN Auto Policy, the help says:
Remote VPN Endpoint Select the desired option (IP address or Domain Name) and enter the address of the remote VPN Gateway/Server or client you wish to connect to. Note: The remote VPN endpoint must have this VPN Gateway's address entered as it's "Remote VPN Endpoint".
However, we had a case where the address of one of the routers had changed from that given in the "Remote VPN Endpoint", but the VPN was re-established. The impression is given that specifying the address increases security. Apparently this is not so. Again, something seems to be keeping information for several hours, and then timing out.
5) We have seen a case where deleting all the policies and starting over cured a persistent problem with not being able to re-establish a VPN.
6) We have seen cases which seem to indicate browser dependence. For example, there may be Javascript that works perfectly only in Microsoft Internet Explorer, but sometimes fails in other browsers.
7) We have seen cases where choosing "Log Out" does not actually log out. Netgear technical support people say they've seen this also.
It seems to help if we exit from the browser completely. However, if the browser is Firefox (or Mozilla), and there are several Firefox windows open, exiting from Firefox means exiting from all the windows and tabs, which means that work opening those windows is lost. (Firefox and Mozilla do not have multiple instances; all windows come from the same instance.)
Logging out sometimes seems to leave something in the router which gets confused, and prevents re-establishing the VPN.
Version tested -- We have not tested the FVS328 firmware beta version. This report is about the FVS328 firmware Version 1.0 Release 09.
Slashdot comments cannot be considered to be rigorous discussions of all possibilities. Certainly you and I know that it is possible to make very finely designed rules for a firewall or proxy server.
But, most people don't know that. I was writing for them. The point was that Skype gets through when you think it might not. It's a minor hassle to open ports in my firewalls, even though I own them, and I prefer not to open ports, anyway. I appreciated not having to do that.
It amazes me how unhappy people are in the United States! Look at the comments to any story and count the percentage of people who are adversarial or hostile in some way. Often when someone knows something someone else doesn't, it is considered an acceptable time to act out anger.
Yes, 10 times in amplitude, far more in energy, but in this case it is the amplitude that counts.
It was easy for anyone connected with earthquake science to know that there was a devastating tsunami. They could just check with populated areas near where the earthquake occurred, such as Aceh Province. There is an Airport near there with a phone. English is the standard language in aviation.
Knowing that there was a significant tsunami, it was easy to know that other areas, still an hour or more away, would have huge waves also.
To me, it's shocking that no one in the government did anything effectual to warn people.
Be careful about the Slashdot story. It does not say what you might imagine it says. Below are quotes from a video of a CBS newscast, CBS Panel's Conclusions:
"The story wasn't ready." "The panel did not conclude the documents were forgeries." "We didn't find any actual [political] bias." "Mary Mapes said she still believes the documents were well corroborated."
NOTE: CBS has recently begun offering videos of its most important newscasts online, mostly without commercials. The videos display only in Internet Explorer, not the latest versions of Mozilla or Firefox. CBS uses Javascript in poor ways, there are problems with its video servers, and some videos have been edited incorrectly for transmission. I get different results at different times. I complained to CBS about this about two weeks ago in connection with another story, and did not receive a reply. They seem to be working on the problems, since delivery has changed and improved in the last two weeks. Ignore messages that say, "Could not connect to remote server." I could not play the videos with the latest version of Opera, which is quite compatible with IE-specific coding, but that may have been because of my specific installation.
Note that the quotes from the CBS newscast don't say that CBS has decided the story was false. CBS only fully accepts its responsibility for sloppiness in the preparation of the story.
Also, the CBS focus was misleading. The real story was that George W. Bush disappeared from Air National Guard records in exactly the same month that the ANG instituted drug testing.
Lt. Bush's reported behavior was consistent with the known behavior of alcoholics, and Bush has admitted to being an alcoholic. Alcoholics often use other drugs to heighten the desired effects of alcohol and to try to diminish the undesired effects.
I served in the U.S. Air Force in the years around the time that Lt. Bush served, and I was stationed at a base that had the aircraft he flew. The CBS documents were consistent with the operation of the Air Force at that time, which was remarkably tolerant of alcoholism. The entire U.S. culture at the time was tolerant of alcoholism, but the USAF as I experienced it was even more so.
I have specific, detailed knowledge that the Air Force was far more corrupt than has been reported in stories I've seen. For example, F-106 aircraft, the successors to the F-102 aircraft that Lt. Bush flew, had severe defects in their inertial guidance systems that meant that F-106s were often not available to perform their mission. This was not a conscious conspiracy; they could not get the systems to work properly, and apparently all USAF departments tended to cover up failures rather than report them sufficiently. Remember that this was a time when people had far less technical knowledge than people generally have today.
At the time, no one would have found it remarkable that a pilot was an alcoholic, or that someone received special treatment because of political pressure. That was just the way things worked. This is so important that maybe I should repeat it: That's just the way things worked back then. Back then few adults had parents who had attended college. The accepted educational level was far less in a way that cannot be measured by the number of college years someone had.
I know about the failure in F-106s because I fixed the problem. I found that some of the amplifiers used in the inertial guidance system had parasitic oscillations because of solder joints of amazingly poor quality. At the time, I was familiar with all base operations that involved electronics repair, and I very much doubt there was anyone else on base who had enough technical knowledge to know what parasitic oscillations were. Mostly they just kept replacing things until they found that the symptom of the problem had gone away. We Slashdot readers take technical knowledge for granted, but widespread te
Moderate up. It's funny. Off topic, but funny. We can't always be serious.
The fundamental issue here is not about map data, but whether we should allow ourselves to have less freedom because we fear terrorists.
Regarding this, it is valuable to educate ourselves about what we are fearing. Regarding that, it is valuable to know more about the activities of the U.S. government. Only a small percentage of U.S. citizens understand much about the involvement of the U.S. government with other countries. There is plenty of reliable information available, but learning more takes so much time most people haven't done it. Here is a small overview that I put together: History surrounding the U.S. war with Iraq: Four short stories. There may be other articles and books that are far more valuable to you, that article is just a contribution of mine.
Most U.S. citizens believe that the terrorists attacked without provocation. That is not true. The terrorists attacked after many decades of experiencing U.S. government violence. (Violence does not justify more violence, of course, but most people don't believe that, including the leaders of the U.S. Defense Department, and the terrorists.)
Am I saying that the U.S. government is a net evil force in the world? No. What has happened is that the government decided two things several decades ago. I'm sure those in power then did not understand that their decisions would eventually corrupt the entire government. At the time, the decisions seemed logical.
First, the government decided that it could act in other countries in secret. Second, the U.S. government decided it could act in secret to protect U.S. businesses in other countries.
What probably no one realized then was how much that would come to be a corrupting influence on the government. What no one realized then was how much additional profit there was to be made by arranging, in secret, for U.S. taxpayers to pay for the security arrangements needed by U.S. multinational businesses.
Soon huge businesses were arguing that the U.S. government should subvert democratically elected leaders, as the government did in Iran. Soon U.S. businesses would arrange unfair contracts with corrupt leaders, and when there was a protest, call for U.S. government intervention in the name of patriotism.
That's partly how we got to the present situation, where two men, whose family and business associates and friends have extensive investments in global oil businesses, are president and vice-president of the entire U.S. government, even though there is conflict of interest in such an arrangement.
Part One: My theory: How it all happened.
Part Two -- Apple lawyers: "Why can't Apple be like the U.S. government? The U.S. government spends half of its discretionary money on "defense", meaning a lot of people die. Why can't we be like Bruce Willis in those movies, where he is always justified in doing damage? We are tired of staying inside writing EULAs. We want to attack someone."
"But who should we attack? It has to be someone weaker than us, and we are sniveling dorks. Our wives don't even like us."
If you understand social breakdowns like this, you understand that they never happen unless they are supported by other groups that also want the same thing, for other reasons:
Angry manager who didn't get a raise: "How do you destroy a social movement as strong as those who love Macs? Attack the biggest enthusiasts, that's how. Attack the biggest enthusiasts in a highly public way. If you can, get the entire story on Slashdot. Hah! I'll sell Apple stock short and make a bundle destroying the company from within."
Note from me to Apple managers: Please no more of this. I'm running out of creative ways to imagine how you can be so self-destructive.
Mexifornia and Frurkey.
It is not a case of being smart. It is a case of being so mono-cultural that they cannot accept anything else. Japanese even have difficulty accepting ethnic Japanese who have lived in the U.S. for two years.
Gai-jin are people who are not like them, and the word has very negative connotations.
The world already has robots, unfortunately they are human.
Something in the Chinese culture produces people who are too willing to accept this.
Oh, please. If he can imagine a Butlerian Jihad, you can imagine not dying!
LOL.
I agree with this. There are hundreds or thousands of people who could have done the leaking.
Microsoft has often done this. They don't want customers to run beta software forever. They want the customer to realize that he or she must get the latest version.
It's easy to guess how the lawsuit happened. Some Apple marketing person wanted to create a buzz about a new product, so he or she gave the information to someone sure to publish it.
Then, some Apple managers said to themselves, "This is our chance to act like Arnold Schwarzenegger! We will pretend that it's the end of the world, and only we can save it. May we'll even get on Slashdot, for free! We secretly believe that open source hardware is better anyway, so let's sink the company. We can always get jobs somewhere else, because we can say we worked for Apple!"
And, Apple lawyers agreed with this, for their own reasons. They said, "We're tired of writing those license agreements no one reads. We want to go outdoors! We want to kill, kill, kill, and be just like Arnold Schwarzenegger in those movies!"
The biggest friends of big business are the managers. The biggest enemies of big business are... the managers.
The alternative theory is whoever got the information got it from many difficult hours of sneaking around Apple headquarters. Yeah, right.
NOTE: Anyone wanting a secure VPN should pay attention to number 4 above. FVS328s ignore the WAN addresses specified during configuration, apparently, or there is some other bug.
Funny, and definitely heavily connected with the truth.
Someday I would like to see a well-run technology business. (Besides Google, maybe.)
The firmware is the latest. Maybe Netgear made some defective units. However, if so, units of different models made at different times and from different suppliers have the same problem.
My experience with Netgear technical support is that they are somewhat friendly, but almost useless. They haven't been given training in Netgear products, as far as I can tell. For example, second level technical support cannot interpret VPN logs. They just try things for an hour, then they say they can't do more. Eight of those, and that's their work day.
It's been a miserable, miserable experience, dealing with Netgear. Linksys seems to be the best, right now.
I think it possible that if someone set up a VPN and left it running, they would have no troubles.
However, I have found many, many small bugs in Netgear firmware, so I presume that there are more big ones to be found.
Theory of the origin of sloppy software: There is a type of management of programming in which the programmers are not trusted. The manager doesn't really understand what the programmers are doing, and just manages by hassling. It goes like this:
Can we ship it?
No.
Why not?
Because of [some technical reason the manager does not understand].
It looks like it works, lets ship it!
No, it is not finished.
Okay, you have until Thursday, then we ship it.
That's my theory how we get the Microsofts and Symantecs and Netgears of the world.
Looks to me as though SSL Explorer is worth a look. It's impressive.
It amazes me how easily Americans accept a corrupt government that keeps secrets from them.
Amazing! Thanks. Any advice about how to install OpenVPN on the WRT54G? Which package would you recommend? Do the OpenWrt packages have an adminstration console? I don't see any mention of that. It looks complicated, since I read that there is no Wi-Fi Protected Access (WPA) until installed.
Also, I note that OpenVPN will NOT work on Windows XP SP2 unless the pre-release version 2.0 is used. I suppose you don't care if you are using a WRT54G at both ends of the VPN. I'm not knowledgeable about this, but I guess that running VPN software on a WRT54G would be more secure than running it on a PC.
I note that Sveasoft provides firmware with PPTP VPN software, but there seems to be some question about whether PPTP is sufficiently secure.
Just guessing, but this seems to be a considerable job to configure. I wish there were a commercial release with the OpenVPN built in.
OpenWrt.
Linksys WRT54G Wireless-G Broadband Router.
Linksys WRT54GS Wireless-G Broadband Router with SpeedBooster.
WRT54GS has updated chipset.
WRT54GS Under $70.
Both Linksys products have GPL'd firmware.
There is intense interest in the WRT54G and WRT54GS. One company, Sveasoft, provides upgraded firmware.
Movie theaters have become unbelievably abusive. They show commercials. They have extremely poor quality refreshments at very high prices. Any loss from a few people pirating movies is far, far less than the loss from abusing customers.
Moderators: Please moderate this up. In this situation, a little redundancy is not a bad thing. In this discussion, we are trying to build a consensus.
Is there a version of OpenVPN that runs on the WRT54G? If there is, that sounds like an excellent option.
Did you see this from the OpenVPN first page? "Can OpenVPN tunnel over a TCP connection? Yes, starting with version 1.5."
OpenVPN seems to be the winner of the comments so far. However, I'd like to see other hardware VPN solutions, too.
From the Slashdot question: "Are there any other options I should be looking at other than using SSH port forwarding?"
It would be interesting to know more about experiences with SSH, too.
This may be helpful to someone:
We have extensive experience with the Netgear FVS328 and FVS318 routers with VPN. We have had many many problems with them.
Note that the FVS318 does NOT have secure login for remote maintenance. The password is sent in the clear.
Netgear apparently has no technical support representatives that work for the company. They apparently all work for contractors in India and the United States. We have found them to have very, very little information about these Netgear products.
Here are a few of our extensive notes about the problems:
We establish an IKE and VPN policy, and start a VPN. It works fine the first time, but, after we disconnect we cannot connect later, even though no changes have been made to the policies.
1) There is general agreement among Netgear technical support people that there is a problem.
Netgear technical support people have standard IKE and VPN policy setups they like to use, which they say are proven to work. The most common one, however, is slow and drops a lot of pings. More sophisticated IKE and VPN settings are faster, even though better encryption is used. We have no idea why this is so.
2) Turning the router power off and restarting sometimes cures the problem with not being able to re-establish a VPN. We have seen cases where the menu choice reboot did not cure a problem, but turning the power off and on did cure it.
3) Something hidden seems to time out after several hours. Sometimes VPN connection problems fix themselves after a day or so.
4) When establishing a VPN Auto Policy, the help says:
Remote VPN Endpoint Select the desired option (IP address or Domain Name) and enter the address of the remote VPN Gateway/Server or client you wish to connect to. Note: The remote VPN endpoint must have this VPN Gateway's address entered as it's "Remote VPN Endpoint".
However, we had a case where the address of one of the routers had changed from that given in the "Remote VPN Endpoint", but the VPN was re-established. The impression is given that specifying the address increases security. Apparently this is not so. Again, something seems to be keeping information for several hours, and then timing out.
5) We have seen a case where deleting all the policies and starting over cured a persistent problem with not being able to re-establish a VPN.
6) We have seen cases which seem to indicate browser dependence. For example, there may be Javascript that works perfectly only in Microsoft Internet Explorer, but sometimes fails in other browsers.
7) We have seen cases where choosing "Log Out" does not actually log out. Netgear technical support people say they've seen this also.
It seems to help if we exit from the browser completely. However, if the browser is Firefox (or Mozilla), and there are several Firefox windows open, exiting from Firefox means exiting from all the windows and tabs, which means that work opening those windows is lost. (Firefox and Mozilla do not have multiple instances; all windows come from the same instance.)
Logging out sometimes seems to leave something in the router which gets confused, and prevents re-establishing the VPN.
Version tested -- We have not tested the FVS328 firmware beta version. This report is about the FVS328 firmware Version 1.0 Release 09.
Slashdot comments cannot be considered to be rigorous discussions of all possibilities. Certainly you and I know that it is possible to make very finely designed rules for a firewall or proxy server.
But, most people don't know that. I was writing for them. The point was that Skype gets through when you think it might not. It's a minor hassle to open ports in my firewalls, even though I own them, and I prefer not to open ports, anyway. I appreciated not having to do that.
It amazes me how unhappy people are in the United States! Look at the comments to any story and count the percentage of people who are adversarial or hostile in some way. Often when someone knows something someone else doesn't, it is considered an acceptable time to act out anger.
Yes, 10 times in amplitude, far more in energy, but in this case it is the amplitude that counts.
It was easy for anyone connected with earthquake science to know that there was a devastating tsunami. They could just check with populated areas near where the earthquake occurred, such as Aceh Province. There is an Airport near there with a phone. English is the standard language in aviation.
Knowing that there was a significant tsunami, it was easy to know that other areas, still an hour or more away, would have huge waves also.
To me, it's shocking that no one in the government did anything effectual to warn people.