The time-based stripes look like a botnet being triggered. It's possible the increases in traffic from certain places after the stripe pattern commenced might be due to distribution in infections by a botnet client.
To make any real judgement on that, it would probably be necessary to see more like 6 months worth of data all at the same time.
I suspect Bill Cheswick and Steven Bellovin might have some interesting comment to make on this; I chat with Steve occasionally; I'll point him at the thread. (For those not playing the home game; they wrote the Wily Hacker book, and used to run AT&T's corporate firewall.)
The session holding time/timeout is quite different in iDen backbone traffic than it is in "hot potato route it to the PSTN from the MTSO".
I have always been a Tampa/St Pete market customer; we're something like DMA14.
If they can't make it run right here -- and the 9 clients of mine who've dumped them over the last decade for call phones, customers whose use patterns were *right* in their wheelhouse, say they can't -- then they can't make it run *at all* anymore.
My perfect DC call rate is about 40%; my perfect voice call rate no higher than 80%. I expect better for a service *specifically aimed* at business users.
Robert Heinlein was quoted years ago -- in the person of Lazarus Long in the Notebooks, I think -- as questioning: someone has to drive. Should that not be the best driver?
I concur in the opinion noted elsewhere in this thread that the elitism is *directly* responsible for the overall high quality of the Linux kernel?
Is it perfect code? Of course not.
Does the elitism have side effects? Of course?
is the price worth paying? Well, that's a question of externalities, and difficult to answer: it's worth it to *me* that *potential kernel developers* have to pay that price, yes.:-)
I didn't suggest it was. But it's equally true of Nagios, WebGUI, Firefox, Zimbra, and damned near every other sizable FOSS project I've ever been near.
Design intake is a *massive* job for a potential new coder with a *specific target* (as opposed to someone who just wanders in, likes the hobby horse, and wants to help).
I'd rather have acceptable code implementing a really well thought out design, than lightning-fast really tiny code that implements an unmaintainable, unsupportable abortion of a design.
Designers really do count for something, and some of us aren't first-class coders. We don't have to be; there are people who eat and breath code.
But the one thing commercial software development has over *most* FOSS projects is that it has ways of evaulating designers, and then *placing them in charge of design*.
Ask Fred Brooks about this, if you like; I'm sure he could tell you a few things about how important software system architecture is.
Oddly, there was a webcast on this topic from Verizon *an hour ago*. I missed it too, but no, they're starting their Block C rollout this year; my city's pretty high up the list.
FWIW, though, this is true of *all* large codebases: if you're not willing to get married to the entire 400KLOC, then if can be hard becoming a contributor just because there's often a "right" place and way add functionality, and it won't be obvious to a newbie; I'm having the problem myself with Asterisk and the associate FreePBX project just now.
And just imagine trying to get things done with Firefox.
And let's note Jon knows whereof he speaks; he's not just the Editor/Publisher of the almost-10 year old LWN, he's also a fairly well-respected device driver author.
Nextel's network was *necessarily* built from the ground up, because *it is not Cellular*. It's not licensed as cellular by the FCC. It's on frequencies completely disparate from cellular.
Nextel was created and expanded by buying out Specialized Mobile Radio licensees in the mid 80s, and using their freqs to build what is, effectively, a digital trunking radio system (iDen) with autopatch capabilities.
> Sure, they are in more places, but that's because they snatched up all the "going under" real estate from failing telco's before they went away.
That? Just didn't happen. Nor anything that remotely resembles it.
> Both companies ultimately benefited from the merger, but it was and is a long and expensive road for them both.
And they're not done walking it. While I disagree with you on the technical points of how they came to be, it is in fact the case that they out-expanded themselves, growing their footprint without expanding their backbone to match.
At least, that's my diagnosis, and until someone with facts steps up to contradict me, I'll continue to tell people that.
On reflection, I guess I'm saying they have to take *even more* of the blame for their current state -- and it's not just me; I have 8 customers who've ditched Nextel in the last 10 years; big ones; some 25 radios -- than your "cobbled together from people's leavings" assertion would justify.
And I find I want to clarify, in case there are any Nextel engineers reading this (and understand, I'm diagnosing as someone whose done it for TCP networks for 15 years)..
The problem isn't *RF Coverage*; I have good signal almost everywhere.
But that doesn't keep me from dropping calls to "Service Conflict" or "Out of Dispatch Coverage", or just plain not being able to hold a conversation because the backbone gets confused; I can talk to my partner, but he can't talk to me because I'm "busy in DC".
Yup. Talking to him.
And don't even get me started on "The Nextel subscriber you're trying to reach is being located."
And this isn't my phone; it's happened to me on my present 8350i, but also the 7100i, i730, i95, and i1000plus that it replaced, in various guises.
As good as Sprint's CS has gotten, I cannot *wait* for Verizontal to deploy 700LTE, and for RIM to make a (PTT capable, preferably PTToC) handset for it. Or, for HTC to make a Nexus One with a PTT button, and decent high-audio.
Wait; what? You mean all that "Those people in Operation Chokehold are just blowing blue smoke out their ass; we're just as good as the other guys" press releasing was just *posturing*?
Say it ain't *so*, Joe!
In fact, while Nextel's *coverage* sucks in the Tampa market, their customer service has come *way* up, and I say that having been a customer 10 years now.
Most of the piece, clearly, isn't specific to this attack... but I think that's actually his point here: he didn't *have to* write a fresh piece for this, since the problem hasn't really changed, *just* because this particular guy wore Semtex boxers on a plane.
The problem is what it always is, and Security Theatre isn't going to change it.
*I* tend to think that what Bruce ought to do is to write one or more general circulation pieces on the issue, explaining the underlying background even more deeply than he generally does, and sell them to Popular Mechanics. And GQ. And Playboy. And The Atlantic. Etc....
I especially liked the comment on Bruce's blog where someone notes that they don't mind having to fly wearing only a hospital johnny as long as they get the seat next to the cute redhead.
Fire codes in many areas prohibit in-rack UPSs, as they won' t be tripped off by the Big Orange Switch, and will a) continue to pour current into your box when it shorts out -- starting the fire and b) electrocute the firefighters who *think* they'd shut off all the power in the room with that Big Orange Switch.
As a very *very* rough estimate based on 20 years of doing this: your runtime support load is going to be proportional to the number of operating system installs you have to deal with.
If you have 100 people running 100 copies of Windows on 100 PCs, you're going to have a lot more work than if you have 100 people running 1 copy of Windows on a virtualized server.
The leverage is made even higher by the "just swap the box" and "sit down anywhere" factors.
Slashdot Mirror
Heh. Well, if they need voice talent (and they *do* need voice talent, let me tell you), I'm available.
Yeah, I meant to say that it's also difficult to tell what's going on because you conflated all destination protocols and ports together.
here yet. :-)
Though I did like the Guitar Hero riff..
The time-based stripes look like a botnet being triggered. It's possible the increases in traffic from certain places after the stripe pattern commenced might be due to distribution in infections by a botnet client.
To make any real judgement on that, it would probably be necessary to see more like 6 months worth of data all at the same time.
I suspect Bill Cheswick and Steven Bellovin might have some interesting comment to make on this; I chat with Steve occasionally; I'll point him at the thread. (For those not playing the home game; they wrote the Wily Hacker book, and used to run AT&T's corporate firewall.)
Did you hear me say "Nextel"?
The session holding time/timeout is quite different in iDen backbone traffic than it is in "hot potato route it to the PSTN from the MTSO".
I have always been a Tampa/St Pete market customer; we're something like DMA14.
If they can't make it run right here -- and the 9 clients of mine who've dumped them over the last decade for call phones, customers whose use patterns were *right* in their wheelhouse, say they can't -- then they can't make it run *at all* anymore.
My perfect DC call rate is about 40%; my perfect voice call rate no higher than 80%. I expect better for a service *specifically aimed* at business users.
Not all elitists are jerks.
Robert Heinlein was quoted years ago -- in the person of Lazarus Long in the Notebooks, I think -- as questioning: someone has to drive. Should that not be the best driver?
I concur in the opinion noted elsewhere in this thread that the elitism is *directly* responsible for the overall high quality of the Linux kernel?
Is it perfect code? Of course not.
Does the elitism have side effects? Of course?
is the price worth paying? Well, that's a question of externalities, and difficult to answer: it's worth it to *me* that *potential kernel developers* have to pay that price, yes. :-)
quit this now?
I didn't suggest it was. But it's equally true of Nagios, WebGUI, Firefox, Zimbra, and damned near every other sizable FOSS project I've ever been near.
Design intake is a *massive* job for a potential new coder with a *specific target* (as opposed to someone who just wanders in, likes the hobby horse, and wants to help).
I'd rather have acceptable code implementing a really well thought out design, than lightning-fast really tiny code that implements an unmaintainable, unsupportable abortion of a design.
Designers really do count for something, and some of us aren't first-class coders. We don't have to be; there are people who eat and breath code.
But the one thing commercial software development has over *most* FOSS projects is that it has ways of evaulating designers, and then *placing them in charge of design*.
Ask Fred Brooks about this, if you like; I'm sure he could tell you a few things about how important software system architecture is.
Oh, wait; he already has.
I pay $99 a month for my Nextel Blackberry, and everything is included except *international* LD.
MMS, DC, airtime, CONUS LD. You name it.
But when LTE700 shows up, it will probably be $60 or 70 a month flat.
Oddly, there was a webcast on this topic from Verizon *an hour ago*. I missed it too, but no, they're starting their Block C rollout this year; my city's pretty high up the list.
FWIW, though, this is true of *all* large codebases: if you're not willing to get married to the entire 400KLOC, then if can be hard becoming a contributor just because there's often a "right" place and way add functionality, and it won't be obvious to a newbie; I'm having the problem myself with Asterisk and the associate FreePBX project just now.
And just imagine trying to get things done with Firefox.
hard to break into.
There, fixed that for ya.
And let's note Jon knows whereof he speaks; he's not just the Editor/Publisher of the almost-10 year old LWN, he's also a fairly well-respected device driver author.
No, let me clarify here.
Nextel's network was *necessarily* built from the ground up, because *it is not Cellular*. It's not licensed as cellular by the FCC. It's on frequencies completely disparate from cellular.
Nextel was created and expanded by buying out Specialized Mobile Radio licensees in the mid 80s, and using their freqs to build what is, effectively, a digital trunking radio system (iDen) with autopatch capabilities.
> Sure, they are in more places, but that's because they snatched up all the "going under" real estate from failing telco's before they went away.
That? Just didn't happen. Nor anything that remotely resembles it.
> Both companies ultimately benefited from the merger, but it was and is a long and expensive road for them both.
And they're not done walking it. While I disagree with you on the technical points of how they came to be, it is in fact the case that they out-expanded themselves, growing their footprint without expanding their backbone to match.
At least, that's my diagnosis, and until someone with facts steps up to contradict me, I'll continue to tell people that.
On reflection, I guess I'm saying they have to take *even more* of the blame for their current state -- and it's not just me; I have 8 customers who've ditched Nextel in the last 10 years; big ones; some 25 radios -- than your "cobbled together from people's leavings" assertion would justify.
And I find I want to clarify, in case there are any Nextel engineers reading this (and understand, I'm diagnosing as someone whose done it for TCP networks for 15 years)..
The problem isn't *RF Coverage*; I have good signal almost everywhere.
But that doesn't keep me from dropping calls to "Service Conflict" or "Out of Dispatch Coverage", or just plain not being able to hold a conversation because the backbone gets confused; I can talk to my partner, but he can't talk to me because I'm "busy in DC".
Yup. Talking to him.
And don't even get me started on "The Nextel subscriber you're trying to reach is being located."
And this isn't my phone; it's happened to me on my present 8350i, but also the 7100i, i730, i95, and i1000plus that it replaced, in various guises.
As good as Sprint's CS has gotten, I cannot *wait* for Verizontal to deploy 700LTE, and for RIM to make a (PTT capable, preferably PTToC) handset for it. Or, for HTC to make a Nexus One with a PTT button, and decent high-audio.
I do my best. And yes, I've been doing it for a while...
> I've figured out what's wrong with life--other people.
Sartre fanboi.
Wait; what? You mean all that "Those people in Operation Chokehold are just blowing blue smoke out their ass; we're just as good as the other guys" press releasing was just *posturing*?
Say it ain't *so*, Joe!
In fact, while Nextel's *coverage* sucks in the Tampa market, their customer service has come *way* up, and I say that having been a customer 10 years now.
Interesting.
What's your source for that? ;-)
The best sourced version I've been able to find, which makes important points that version does not, is
"They that would sacrifice essential liberty for a little temporary security deserve neither."
"a rewrite of an older article of [his]".
Most of the piece, clearly, isn't specific to this attack... but I think that's actually his point here: he didn't *have to* write a fresh piece for this, since the problem hasn't really changed, *just* because this particular guy wore Semtex boxers on a plane.
The problem is what it always is, and Security Theatre isn't going to change it.
*I* tend to think that what Bruce ought to do is to write one or more general circulation pieces on the issue, explaining the underlying background even more deeply than he generally does, and sell them to Popular Mechanics. And GQ. And Playboy. And The Atlantic. Etc....
Yup, it's a lesson: they're profiling... in reverse.
I especially liked the comment on Bruce's blog where someone notes that they don't mind having to fly wearing only a hospital johnny as long as they get the seat next to the cute redhead.
Glad to hear it. :-)
I was hoping *someone* would pick Bruce up on this; I'm well pleased it's CNN.
Well, maybe not so much.
Fire codes in many areas prohibit in-rack UPSs, as they won' t be tripped off by the Big Orange Switch, and will a) continue to pour current into your box when it shorts out -- starting the fire and b) electrocute the firefighters who *think* they'd shut off all the power in the room with that Big Orange Switch.
As a very *very* rough estimate based on 20 years of doing this: your runtime support load is going to be proportional to the number of operating system installs you have to deal with.
If you have 100 people running 100 copies of Windows on 100 PCs, you're going to have a lot more work than if you have 100 people running 1 copy of Windows on a virtualized server.
The leverage is made even higher by the "just swap the box" and "sit down anywhere" factors.