Actually what became the Internet already existed. ARPAnet existed, and I seem to recall it celebrating it's 30th birthday in the last couple of years.
What the BBS provided, respective to the Internet, was a bunch of people who had some experience administering equipment that connected computers over the telco PSTN. Many of these people started their own ISPs or went to work for new ISPs when it became obvious that the internet was the way of the future.
Running a BBS gave you experience with user accounts, privledges, various chat and application options, modems, and in some cases even billing. In many cases it also provided you with a crash course in customer relations or even what has become known as Customer Relationship Management, as you usually were the tech support for your BBS.
If you did not back end your BBS with a network of some sort, other than fidoNet or RHYME, you probably did not have experience with routers, or file servers. The vast majority of BBSs were single systems with 1-4 modems attached. If you wanted more than four modems you would have to buy special cards that would allow 8, 16 or even 32 serial ports per card. These cards may have been expensive, but in most cases they were less expensive than the added computer, network equipment, etc to add more phone lines.
If you participated in one of the back end file and message passing services, and there was not a local hookup with another BBS, you almost always ended up paying monthly $100+ phone bills.
Is the binary for Linux large enough that if the bits were mapped to an image, it would work as a background image? No real need for compression, you would just link to the actual binary, with a header to make it look like a bitmap.
There are two basic ATM types. IP connected, and bisync/sdlc connected.
IP connected use routers with frame and dedicated circuit connections. Some may be using VPNs with ISPs, but none that I have worked with do.
Biysnc/sdlc connected atms may use a link converter to become effectively IP connected ATMs. As new ATMs come out, those connected via link converters are being replaced.
Those atms that are not connected via a link converter and ip based network use one of three types of connection. Point to point, point to multi-point, and dial. Point to point and point to multi-point may use either analog or digital leased lines.
Dial up atms use a "modem" that acts as a remote front end for the back end system.
Encryption of the data on the line is handled by the end points. Links between the banks that allow information about your account to be retrieved, or approval for debits and deposits to happen at the atm are also encrypted at several points. Both end point computers encrypt their transactions, the lines themselves use encryptors as well.
There are some variations to these designs. Each ATM provider uses their own design, and may use a variety of methods to implement ATMs in a particular region, simply to prevent one problem taking down all of the ATMs in an area.
I have seen atms implemented using CDPD for temporary instalations.
Satelite connected installations are extreamly rare. The current network infrastructure via sattelite is either extreamly expensive with low latency, as for example Iridium, or reasonable cost with high latency, via geo-stationary sats. 30Mm adds a 10th of a second in each direction just for speed of light. In a polled environment (bisync/sdlc) a half second delay for each polled device would make atm responsiveness extreamly unpleasent. A bisync line supports up to 32 devices. With Geosync sats, that means that there would be a built in 16 second delay between polls. SDLC supports up to 255 devices, or over 2 minutes. With the existing latency in the back end, getting that kind of a delay in your transactions would be extreamly unpleasent.
The situation may change if prices improve for GlobalStar, but I wouldn't expect it to be used any time soon.
As has been mentioned elsewhere, breaking into an atm remotely would be pretty much useless. You can not interact with the device over such a connection, no telnet, ftp or http servers, nor a command prompt interact with this line. So you will not be able to install data capture tools, or tell the atm to watch for your card and multiply your request authorizations.
As the article points out, you could spoof a withdrawl, but spoofing a deposit will be voided by no deposit in the atm.
I could be wrong however. Just remember that attempting a man in the middle attack for any connection across a telco connection constitutes wire fraud.
The reason SyBase is not having this problem is that the code that is encumbered by the pattent is not the code required to run the database, it is the code Microsoft licenced to allow developers to develop applications on top of the database.
As an example, the tools required to build a web store front end that interfaces with the SQL back end is covered by the pattent, the back end itself is not.
CD's recycle very well as coasters, microwave testers and christmass tree decorations. They also make a very nice emergency signaling mirror. Lots of uses.
The first step would be recording directly to CD, or directly to hard disk.
Someone will monitor and insert the appropriate track breaks.
Once the original CD tracks are lain down, distribute those tracks to 10 PCs across a 100mbps network, from a server with a 1Gbps connected server should take less than 4 min. Now burn at 52x.
A 74 min CD at 52x will take less than five minutes to burn, with an additional two to five minutes to lay down the TOC. The first ten CDs will take about 15 min to produce, with another 10 every ten min there after. (though while the first ten are burning, you could have another ten systems getting tracks and starting their burns as well)
Considering how long it takes to get out of a concert, pick out T-shirts, look over older recordings, etc. The CDs will probably be ready at about the same time as the concert attendees are ready to buy them.
[Labels will start appearing before the last song is completed if the track time is not included.]
Then again, that's just my opinion. Someone else may have another oppinion.
don't forget Frauhoffer scattering. Richard Feynman in his book QED the Strange Theory of Light and Matter describes it, it is the cause of the prismatic effect you see when looking at a CD. See also http://www.physics.yorku.ca/undergrad_programme/hi ghsch/Feynm2.html
The security of SQL Server should never have become an issue. Not because of the fact that MS had a patch for it, or not. Nor even the fact that someone who installed a patch may have inadvertantly uninstalled that patch by installing another patch.
Microsoft should be lambasted for not encouraging users of SQL Server to keep those boxes behind a firewall.
There is only one marginally excusable reason to have an SQL server visiable on the net. That would be if the web server at a web host needed to communciate with the Company's SQL server at the company. Even that should be done over a secure link.
In all other cases, an SQL server should be behind some sort of firewall, and not directly visable to the Internet.
The fact that there were enough copies of SQL server visable on the Internet to allow SQL-Slammer to cause enough bandwidth to be used to be a problem for other network users is not an indication of a security problem with SQL Server. It is an indictment of the awarenes of security issues being provided to users and administrators.
I realize that with all the possible security issues that exist, some people will get glazed eyes and so on. Sorry, it happens that security will be a cost that has to be addressed.
Of course that is just my feeling, and I could be wrong.
It would depend upon the inaccuracy of the randomness algorithm. If the algorithm is efficient, randomly selecting each of the computers before re-selecting any that have been hit before, then inaccuracies will go away.
If there is a subset of computers that only consult each other, and never any of the other computers, and none of the other computers consult these, then there is a much greater probability of drift for that set of computers.
I think he was asking how many people use the Ximian Desktop environment vs how many people use the (also Ximian) PIM. I suspect that there are only a small percentage of Evolution users who also use the Ximian Desktop Environment.
Most pc's come with a recovery CD. Only backup across the net stuff that isn't on the recovery CD. (globally attrib everything as backed up when the PC is installed, and do incrimental backups.)
An alternative for home built PCs, burn two CD-RW backup sets on alternate weeks, storing the previous week's collection at a buddies home, or in a safe depostit box, or some other secure location, do daily incremental backups online, with a discard option for any backup over two weeks old.
One option with the collection of CD-RW's would be if you keep them with whomever provides your storage online, the CD-RW's could be put online to download across a broadband connection. This would be faster than overnight delivery, but not as fast as a courier across town.
Frankly I don't give a toot if it exists as something Gentoo can do or not. From the perspective of the Rant this chain is built on, Gentoo is just another installer/compiler tool. I honestly don't want to have compilers on user systems. Developer systems sure. Having a compiler on a system that the only reason for the compiler is to install an application is like having a factory in my back yard to install a car in my garage.
Furthermore with the realities of security mindedness that I, and a large population other people, expect of Joe Public User, I think having a compiler on a users workstation is more likely to be a hazard to general network security than a help.
I realize that pre-compiling code for a large variety of platforms is not an optimal solution for any one user, but just because you can install via Gentoo doesn't mean that everyone _Should_ install that way.
Somehow Hillary seems to believe that Kazza and other Free P2P sites are profiting in the millions of dollars:
Meanwhile, Kazaa and Morpheus claim tens of millions of registered users who download a wide variety of tracks for free.
Rosen hailed a recent U.S. court decision which ruled that Kazaa, operated by Australian-based technology firm Sharman Networks, could be sued in the United States, as an important legal step to halting the activities of file-sharing services.
"It's clear to me these companies are profiting to the tune of millions and millions of dollars. They must be held accountable," Rosen said.
Excuse me Mrs. Rosen, how is a company that does not charge it's customer base to use it's services profiting in the millions of dollars?
I've always wished for a system like RSA'a SecurID cards. They give you a password that changes every 60 seconds, and you carry around a token that shows the latest password for you. Unfortunately, such technology is priced out of the range of individuals like me.
Sorry, I can't buy the argument that this is "...priced out of the range of individuals...". There are free and low cost systems available that provide this type of security.
All a SecureID card is is a one way hash of the date and time along with the serial number of the SecureID card.
The back end is a Kerberose style system that validates the authenticity of the card, verifies that it belongs to you, and lets the system you are logging into know what rights you have at this time.
This can be done with PAM and plugins that provide the appropriate features, as well as authentication module that works off of a similar function.
As a result of the fact that two clocks rarely maintain syncronicity over long periods of time, the back end authentication system generates hashes for one or two minutes around the current minute. (hashing down to the second would be useless as most of these systems require manual entry of the hash value.) If matches are regularly found to be offset by one or two minutes over some period of time the back end starts adjusting the time tossed into the hash tree to reflect the drift relative to the mobile card.
Building a software based system for this would be fairly simple, and in-expensive. Building hardware based versions would not be particularly difficult either, and if you are going to build them in bulk would be very inexpensive as well.
Of course even with this level of security you will want to use passwords and or passphrases in some combination to deal with the prospect of someone walking off with your MobilKey.
... with states that mandate Creation education in public schools?
I personally think the idea is good, but when states can mandate that schools use science books that teach Creationism, then either the database will be required to conform (very bad), the schools will not be able to use the database (bad), or the students will have the fun of laughing at their state legislators who mandated that the schools teach bad science (best possible result).
Then again, I could be wrong. God may smite me with a bolt of lightning today and call me to task for my words. I don't expect it, but then I wouldn't would I?
...what the Stay that was vacated actually restricted or allowed. Other reports I have read indicate a bit more strongly that the only thing it prevented was posting DeCSS code to his web site.
From this report it sounds more like the Stay was against the California Supream Court's decion that there was no case against Pavlovich as he was not subject to the laws of California.
I seem to recall that this case is a Trade Secrets case, under California Law. As a result if the business or ornanization in question, claiming the trade secret, does not have representation in the states where the various defendents live, or those states do not have equivalent relavent laws protecting trade secrets, I don't think there is any way to take the various people to task for Trade Secret violation.
IANAL, but I would also suspect that if the people in question are not earning money as a result of making avaialable information on CSS, they may not be subject to trade secret violations any way. The understanding of Trade Secrets that I have is that unless you are legally involved with the company holding the trade secret, (via NDA, Employment history, or other direct involvement) the fact that you are publicising what that company considers to be a trade secret is an indication that it is not a secret in any sense of the word.
As an example if Evian takes a truck up to a glacier, fills it with ice, takes the truck back to their plant, and melts the ice down to fill bottles with water to sell, that may very well be a trade secret. If you happen to live on the road they use to go to the glacier and back, and you say "Hey, Evian drives trucks to a glacier and back several times a day." and you don't happen to work for Evian or have other legaly binding agreements with them, you are not disclosing a secret, any one else, including reporters, or even corporate spys could discern the same thing.
In the case of CSS, if the defendents have no participation in the industry, which may include ownership of a dvd player if there is a licence agreement on the outside of the box it came in, then the fact that the DVD-CSS consortium considers what they are publicising to have been secret information is not worth the paper they filed the suit against the defendents with.
Then again, I could be wrong, and the California Laws may be written so that independently comming up with the same method that someone else considers to be a trade secret, very well may be an actionable event.
-Rusty
Re:Logitech leaving out us Lefties!
on
Hardware Bytes
·
· Score: 2
Yes they neeed new dies, however the cad program that is used to generate the dies they use today can just as easily generate dies for both left and right hands.
Sounds to me a bit like the response given to one OS/2 user when he asked for support. "Our analysis shows no demand for the product in question, and we wish all you people would stop bothering us about it!"
Slashdot Mirror
Actually what became the Internet already existed. ARPAnet existed, and I seem to recall it celebrating it's 30th birthday in the last couple of years.
What the BBS provided, respective to the Internet, was a bunch of people who had some experience administering equipment that connected computers over the telco PSTN. Many of these people started their own ISPs or went to work for new ISPs when it became obvious that the internet was the way of the future.
Running a BBS gave you experience with user accounts, privledges, various chat and application options, modems, and in some cases even billing. In many cases it also provided you with a crash course in customer relations or even what has become known as Customer Relationship Management, as you usually were the tech support for your BBS.
If you did not back end your BBS with a network of some sort, other than fidoNet or RHYME, you probably did not have experience with routers, or file servers. The vast majority of BBSs were single systems with 1-4 modems attached. If you wanted more than four modems you would have to buy special cards that would allow 8, 16 or even 32 serial ports per card. These cards may have been expensive, but in most cases they were less expensive than the added computer, network equipment, etc to add more phone lines.
If you participated in one of the back end file and message passing services, and there was not a local hookup with another BBS, you almost always ended up paying monthly $100+ phone bills.
-Rusty
Is the binary for Linux large enough that if the bits were mapped to an image, it would work as a background image? No real need for compression, you would just link to the actual binary, with a header to make it look like a bitmap.
There are several different methods used.
There are two basic ATM types. IP connected, and bisync/sdlc connected.
IP connected use routers with frame and dedicated circuit connections. Some may be using VPNs with ISPs, but none that I have worked with do.
Biysnc/sdlc connected atms may use a link converter to become effectively IP connected ATMs. As new ATMs come out, those connected via link converters are being replaced.
Those atms that are not connected via a link converter and ip based network use one of three types of connection. Point to point, point to multi-point, and dial. Point to point and point to multi-point may use either analog or digital leased lines.
Dial up atms use a "modem" that acts as a remote front end for the back end system.
Encryption of the data on the line is handled by the end points. Links between the banks that allow information about your account to be retrieved, or approval for debits and deposits to happen at the atm are also encrypted at several points. Both end point computers encrypt their transactions, the lines themselves use encryptors as well.
There are some variations to these designs. Each ATM provider uses their own design, and may use a variety of methods to implement ATMs in a particular region, simply to prevent one problem taking down all of the ATMs in an area.
I have seen atms implemented using CDPD for temporary instalations.
Satelite connected installations are extreamly rare. The current network infrastructure via sattelite is either extreamly expensive with low latency, as for example Iridium, or reasonable cost with high latency, via geo-stationary sats. 30Mm adds a 10th of a second in each direction just for speed of light. In a polled environment (bisync/sdlc) a half second delay for each polled device would make atm responsiveness extreamly unpleasent. A bisync line supports up to 32 devices. With Geosync sats, that means that there would be a built in 16 second delay between polls. SDLC supports up to 255 devices, or over 2 minutes. With the existing latency in the back end, getting that kind of a delay in your transactions would be extreamly unpleasent.
The situation may change if prices improve for GlobalStar, but I wouldn't expect it to be used any time soon.
As has been mentioned elsewhere, breaking into an atm remotely would be pretty much useless. You can not interact with the device over such a connection, no telnet, ftp or http servers, nor a command prompt interact with this line. So you will not be able to install data capture tools, or tell the atm to watch for your card and multiply your request authorizations.
As the article points out, you could spoof a withdrawl, but spoofing a deposit will be voided by no deposit in the atm.
I could be wrong however. Just remember that attempting a man in the middle attack for any connection across a telco connection constitutes wire fraud.
-Rusty
The reason SyBase is not having this problem is that the code that is encumbered by the pattent is not the code required to run the database, it is the code Microsoft licenced to allow developers to develop applications on top of the database.
As an example, the tools required to build a web store front end that interfaces with the SQL back end is covered by the pattent, the back end itself is not.
-Rusty
CD's recycle very well as coasters, microwave testers and christmass tree decorations. They also make a very nice emergency signaling mirror. Lots of uses.
-Rusty
... who were using the planned obsolecence features.
-Rusty
The first step would be recording directly to CD, or directly to hard disk.
Someone will monitor and insert the appropriate track breaks.
Once the original CD tracks are lain down, distribute those tracks to 10 PCs across a 100mbps network, from a server with a 1Gbps connected server should take less than 4 min.
Now burn at 52x.
A 74 min CD at 52x will take less than five minutes to burn, with an additional two to five minutes to lay down the TOC. The first ten CDs will take about 15 min to produce, with another 10 every ten min there after. (though while the first ten are burning, you could have another ten systems getting tracks and starting their burns as well)
Considering how long it takes to get out of a concert, pick out T-shirts, look over older recordings, etc. The CDs will probably be ready at about the same time as the concert attendees are ready to buy them.
[Labels will start appearing before the last song is completed if the track time is not included.]
Then again, that's just my opinion. Someone else may have another oppinion.
-Rusty
don't forget Frauhoffer scattering. Richard Feynman in his book QED the Strange Theory of Light and Matter describes it, it is the cause of the prismatic effect you see when looking at a CD. See also http://www.physics.yorku.ca/undergrad_programme/hi ghsch/Feynm2.html
-Rusty
Redundent. As if awareness of the problem doesn't need to be pounded into the heads of users everywhere.
Also don't seem to recall any notes previous to this that covered the same teritory for this story.
-Rusty
...the wrong reasons.
The security of SQL Server should never have become an issue. Not because of the fact that MS had a patch for it, or not. Nor even the fact that someone who installed a patch may have inadvertantly uninstalled that patch by installing another patch.
Microsoft should be lambasted for not encouraging users of SQL Server to keep those boxes behind a firewall.
There is only one marginally excusable reason to have an SQL server visiable on the net. That would be if the web server at a web host needed to communciate with the Company's SQL server at the company. Even that should be done over a secure link.
In all other cases, an SQL server should be behind some sort of firewall, and not directly visable to the Internet.
The fact that there were enough copies of SQL server visable on the Internet to allow SQL-Slammer to cause enough bandwidth to be used to be a problem for other network users is not an indication of a security problem with SQL Server. It is an indictment of the awarenes of security issues being provided to users and administrators.
I realize that with all the possible security issues that exist, some people will get glazed eyes and so on. Sorry, it happens that security will be a cost that has to be addressed.
Of course that is just my feeling, and I could be wrong.
-Rusty
It would depend upon the inaccuracy of the randomness algorithm. If the algorithm is efficient, randomly selecting each of the computers before re-selecting any that have been hit before, then inaccuracies will go away.
If there is a subset of computers that only consult each other, and never any of the other computers, and none of the other computers consult these, then there is a much greater probability of drift for that set of computers.
Just my interpretation, I could be wrong.
-Rusty
I think he was asking how many people use the Ximian Desktop environment vs how many people use the (also Ximian) PIM. I suspect that there are only a small percentage of Evolution users who also use the Ximian Desktop Environment.
Most pc's come with a recovery CD. Only backup across the net stuff that isn't on the recovery CD. (globally attrib everything as backed up when the PC is installed, and do incrimental backups.)
An alternative for home built PCs, burn two CD-RW backup sets on alternate weeks, storing the previous week's collection at a buddies home, or in a safe depostit box, or some other secure location, do daily incremental backups online, with a discard option for any backup over two weeks old.
One option with the collection of CD-RW's would be if you keep them with whomever provides your storage online, the CD-RW's could be put online to download across a broadband connection. This would be faster than overnight delivery, but not as fast as a courier across town.
Just some idea's.
-Rusty
somehow I think that they would probably complain that it was shareware....
With or without the Flux capacitor, or the underseat accessory packages?
Frankly I don't give a toot if it exists as something Gentoo can do or not. From the perspective of the Rant this chain is built on, Gentoo is just another installer/compiler tool. I honestly don't want to have compilers on user systems. Developer systems sure. Having a compiler on a system that the only reason for the compiler is to install an application is like having a factory in my back yard to install a car in my garage.
Furthermore with the realities of security mindedness that I, and a large population other people, expect of Joe Public User, I think having a compiler on a users workstation is more likely to be a hazard to general network security than a help.
I realize that pre-compiling code for a large variety of platforms is not an optimal solution for any one user, but just because you can install via Gentoo doesn't mean that everyone _Should_ install that way.
But that's just my opinion.
-Rusty
A reward, yes. "millions and millions of dollars" I doubt that.
-Rusty
...the expected attendance is 600 people. Max.
-Rusty
Somehow Hillary seems to believe that Kazza and other Free P2P sites are profiting in the millions of dollars:
Meanwhile, Kazaa and Morpheus claim tens of millions of registered users who download a wide variety of tracks for free.
Rosen hailed a recent U.S. court decision which ruled that Kazaa, operated by Australian-based technology firm Sharman Networks, could be sued in the United States, as an important legal step to halting the activities of file-sharing services.
"It's clear to me these companies are profiting to the tune of millions and millions of dollars. They must be held accountable," Rosen said.
Excuse me Mrs. Rosen, how is a company that does not charge it's customer base to use it's services profiting in the millions of dollars?
Perhaps I am missing something here.
-Rusty
I've always wished for a system like RSA'a SecurID cards. They give you a password that changes every 60 seconds, and you carry around a token that shows the latest password for you. Unfortunately, such technology is priced out of the range of individuals like me.
Sorry, I can't buy the argument that this is "...priced out of the range of individuals...". There are free and low cost systems available that provide this type of security.
All a SecureID card is is a one way hash of the date and time along with the serial number of the SecureID card.
The back end is a Kerberose style system that validates the authenticity of the card, verifies that it belongs to you, and lets the system you are logging into know what rights you have at this time.
This can be done with PAM and plugins that provide the appropriate features, as well as authentication module that works off of a similar function.
As a result of the fact that two clocks rarely maintain syncronicity over long periods of time, the back end authentication system generates hashes for one or two minutes around the current minute. (hashing down to the second would be useless as most of these systems require manual entry of the hash value.) If matches are regularly found to be offset by one or two minutes over some period of time the back end starts adjusting the time tossed into the hash tree to reflect the drift relative to the mobile card.
Building a software based system for this would be fairly simple, and in-expensive. Building hardware based versions would not be particularly difficult either, and if you are going to build them in bulk would be very inexpensive as well.
Of course even with this level of security you will want to use passwords and or passphrases in some combination to deal with the prospect of someone walking off with your MobilKey.
Good luck.
-Rusty
nope
... with states that mandate Creation education in public schools?
I personally think the idea is good, but when states can mandate that schools use science books that teach Creationism, then either the database will be required to conform (very bad), the schools will not be able to use the database (bad), or the students will have the fun of laughing at their state legislators who mandated that the schools teach bad science (best possible result).
Then again, I could be wrong. God may smite me with a bolt of lightning today and call me to task for my words. I don't expect it, but then I wouldn't would I?
-Rusty
...what the Stay that was vacated actually restricted or allowed. Other reports I have read indicate a bit more strongly that the only thing it prevented was posting DeCSS code to his web site.
From this report it sounds more like the Stay was against the California Supream Court's decion that there was no case against Pavlovich as he was not subject to the laws of California.
I seem to recall that this case is a Trade Secrets case, under California Law. As a result if the business or ornanization in question, claiming the trade secret, does not have representation in the states where the various defendents live, or those states do not have equivalent relavent laws protecting trade secrets, I don't think there is any way to take the various people to task for Trade Secret violation.
IANAL, but I would also suspect that if the people in question are not earning money as a result of making avaialable information on CSS, they may not be subject to trade secret violations any way. The understanding of Trade Secrets that I have is that unless you are legally involved with the company holding the trade secret, (via NDA, Employment history, or other direct involvement) the fact that you are publicising what that company considers to be a trade secret is an indication that it is not a secret in any sense of the word.
As an example if Evian takes a truck up to a glacier, fills it with ice, takes the truck back to their plant, and melts the ice down to fill bottles with water to sell, that may very well be a trade secret. If you happen to live on the road they use to go to the glacier and back, and you say "Hey, Evian drives trucks to a glacier and back several times a day." and you don't happen to work for Evian or have other legaly binding agreements with them, you are not disclosing a secret, any one else, including reporters, or even corporate spys could discern the same thing.
In the case of CSS, if the defendents have no participation in the industry, which may include ownership of a dvd player if there is a licence agreement on the outside of the box it came in, then the fact that the DVD-CSS consortium considers what they are publicising to have been secret information is not worth the paper they filed the suit against the defendents with.
Then again, I could be wrong, and the California Laws may be written so that independently comming up with the same method that someone else considers to be a trade secret, very well may be an actionable event.
-Rusty
Yes they neeed new dies, however the cad program that is used to generate the dies they use today can just as easily generate dies for both left and right hands.
Sounds to me a bit like the response given to one OS/2 user when he asked for support. "Our analysis shows no demand for the product in question, and we wish all you people would stop bothering us about it!"
I would think that using LEDs to communicate would generate more heat than a copper trace. I could be wrong.
-Rusty