Yeah, Im sure a team of qualified and certified researchers from teh biggest software company in the world, getting paid to do this stuff for years, have no idea what they are talking about, especially compared to one arrogant individual.
BT is relatively new, I am sure within a few years some serious inadequacies will be found which will make this research from Microsoft more significant.
Id say one of the significant reasons for Google doing this is for payments to and from adsense publishers and adwords advertisers.
Currently they just send cheques in the post every month to publishers, which is crazy for overseas publishers and must increase their costs a fair bit. They don't use services such as Paypal due to the fees.
It would also help in obtaining money from advertisers for adwords.
Google deals with a lot of (sometimes small individual units of) money from publishers and advertisers, and their current system would be far better off if it were handled online through themselves.
They get to the top through link spamming, 302 hijacks, "scaping" content from other sites, search engine optimisation etc etc etc.
They are sites "made for adsense" as its called, whereby they exist for the sole purpose to be highly ranked in google and get ad clicks from people looking for something else. Effectively 'doorway' pages, which make a shitload of money, as people that land on such pages don't find what they really want, so click through on the ads in hopes of finding it there instead.
The crap of the internet, many hundreds of thousands of such sites run by only a hanful of thousand very rich people.
Thatd be well and good if Yahoo didn't rape this feature out of its services (.com addresses). its gone. thanks guys. If you had told me this was a possiblity when I signed up you can be sure I never would have.
And that is because of the centralisation, remove that, and you become like other p2p apps, the lack of speed will come as well.
Why can't people see that. Too many people seem to think that because BT is fast, if you then go and make it trackerless/distributed it will remain fast.
Yep sure is. BT is great for legitimate content as it doesnt have the overhead of being distributed.
Unfortuantly, these kids see these speeds and think 'gee thatd be great for warez, much faster than eMule', then they think 'hang on, this centralisation sucks, lets make it distributed, that way we can have the speed of BT, but the advantages of being distributed'... sorry, but it doesnt cut both ways.
Personnally, I cant wait till they do this. It will silence those knuckleheads who don't realise the tradeoffs of being a distributed protocol, and will hopefully ditch BT for warez and leave it for the legitimate content using trackers. And actually wake up to the fact that eMule is already what they are looking for, the lack of speed is just a necessary tradeoff.
You can already do this by having your client host the tracker. This is basically what this 'trackerless' thing is anyway, or at least as far as sharing files with friends like that there wont be much of a difference between running the tracker yourself, or using this 'trackerless' protocol. Frankly youd be better off just using eMule.
There is already free trackers out there that will host your torrents, as long as they are legal. Just post it to them and host the file on your own client, then add the link to your page. Hosting the file yourself will be required for this trackerless method anyway.
The advantage of BT *is* the centralisation and tracker. Otherwise it is just eMule. Sure the advantage over http is still there, but there is no advanatage over other p2p apps if you take out the tracker.
I think its mostly important when rolling out updates to thousands of machines or automated installations etc, where the whole process is a lot smoother the less reboots that are required.
Basically what Im saying is there is x amount of bandwidth to go around, regardless of the network.
If you start using networks and protocols which don't encourage seeding (ie trackerless, decentralised etc), it really doesnt matter what you use, they would all end up basically like ed2k. A bunch of clients sharing x content, with y bandwidth, all trying to take as much as they can without giving anything in return. The overhead of emule isnt that huge, and given the size of files being transferred these days, using a more efficent protocol isn't going to buy you much, it just ends up segregating the network.
How is eMule any better? It certainly doesn't protect your anonymity. The eMule server acts in much the same role as the BT server, except the speeds are better on BT. Remove the tracker, and you got a "flash mob" of peers. Each dumpsite could just point to one member of the swarm, making it ten or a hundred targets instead of one lone tracker. BT has always been about security in numbers, except the users have been many and the sites many, but the tracker only one.
eMule eliminates this need for a 'dumpsite', it also has support for 'flash mobbing' or swarming. Basically, each peer is the tracker. The need for a 'dumpsite' is the biggest problem with BT as far as warezing is concerned - it is the weak point in the chain, and makes it more difficult for anyone to upload content.
For everything they are trying to do, it can just as easily be achieved by starting a seperate eDonkey network which limits the number of files you can share. But, 'oh no, what about people that connect to servers which allow more files' etc. This is going to be a problem with any p2p app, as bandwidth is shared between networks as hybrid clients emerge.
Basicaly, they don't realise it, but they are coming full circle, and the outcome is just going to be a another eDonkey network. Which means, why not just use the existing one.
Which you have to ask, why not just use emule/edonkey network?
Before you say 'wah wah bit torrent is faster', etc, it is only like that because it is centralised and so a tracker can make sure everyone is seeding, there are statistics which encourage people to seed, and most importantly, there are far less files, and so the bandwidth isnt spread out as thinly.
The more these guys work on decentralising BT, the closer you get to just being a less efficient and less established clone of emule. Whats the point?
As far as 'warezing' is concerned (99% of traffic), BT is a terrible protocol. The trouble is, these kids see the speed of BT and think thats the way to go. They realise the centralisation is a problem, and so try to fix that. Without realising they are just reinventing the wheel. They think they are going to get the best of both worlds, because they are just warezing kids and don't know any better.
why not do neither? If its not a good movie, why encourage them to produce even more crap?
By buying the DVD you are most certainly succembing to mob think, in that you are still only watching it because everyone else is, and not because its actually good and worth the money.
Yeah, it will still be able to do that. But given the connection limit as well, it won't be able to sweep scan ranges of addresses very effectively - causing the slow down of worms which propogate by tring thousands of (moslty invalid) IP's a minute. And it won't be able to send out fake packets and therefore can be filtered and tracked down as being the source.
and when wine fails to run the dumb shareware games she tries to install. I'd be like "They must not have programmed them very well, I can't make them work
Why don't you just say that when things like shitty ICQ fail to run correctly? Afterall, in this case it actually *is* the fault of the programmers of the application, unlike the 'shareware windows games running under Linux' case you described.
This 'fix' was only just introduced in SP2. Most of those attacks are likely to be from infected machines that aren't patched up - and therefore aren't running SP2. So you cannot really draw the conclusion that its not helping.
Actually, yes it does. By not spoofing the source of the attacks, you are able to filter the traffic and track where it is coming from. DDoS style attacks will still be possible initially, but these machines will be singled out soon enough as they can no longer hide.
Except installing a driver is not that easy, and is usually accompanied by a confirmation dialog and can only be done by admin. Saying trojans can install such drivers is kind of similar to saying a trojan can just install Linux. Sure it can be done, but its difficult, and the user is likely to notice and it can be removed or prevented. A driver is effectively an addon to the OS, and the OS asks permission from the user to insall it, otherwise it will not do it.
Or perhaps if you are going to write apps that require such low level network access, you should be using a packet driver (or whatever the mechanism is in windows) to do that.
The same can be said for any access to hardware that could be considered unnecessary for typical applications or 'harmful' to the hardware (harmful in the sense that it is 'harmful' to the network and your connection).
I think what MS has done is quite acceptable, given the number of trojans uot there that are DoS'ing and spamming like crazy. Trojans that are on the systems often because of user stupidity rather than an insecure OS. As long as it is possible to actually write such a 'driver' (I think there is a different name for it, but I can't remmeber).
What you are talking about is COM. And it is most certainly a standard, and solves all those things you are talking about. ActiveX is just a standard set of interfaces that a COM object should expose for web use. COM is also the reason why OLE and clipboard support is far superior under Windows than any other OS, and always will be. Regardless of anything any other OS does to try solve this problem, they will always have to retain compatibility with apps that dont have this support, so it will always be a mess.
It is quite easy to add 'scripting' (you mean automation) support to any app. It is well supported under Visual Studio. An MFC app typically supports OLE 'by default' also. It wouldnt make sense to have automation default to enabled for all apps - it would just mean a lot of work required to write any application under VS, 90% of which wouldnt need it.
Clearly, there is something that you are trying to do, but you are incapable, so you are having a rant at Microsoft, just because you can't manage to do it.
sort of:) The only episode I ever watched was an episode where the presented a vulnerability I discovered in Microsoft's help center which got overhyped. It was the hcp://windows/* delete file type exploit. Pretty cool.
Slashdot Mirror
Yeah, Im sure a team of qualified and certified researchers from teh biggest software company in the world, getting paid to do this stuff for years, have no idea what they are talking about, especially compared to one arrogant individual.
BT is relatively new, I am sure within a few years some serious inadequacies will be found which will make this research from Microsoft more significant.
Id say one of the significant reasons for Google doing this is for payments to and from adsense publishers and adwords advertisers.
Currently they just send cheques in the post every month to publishers, which is crazy for overseas publishers and must increase their costs a fair bit. They don't use services such as Paypal due to the fees.
It would also help in obtaining money from advertisers for adwords.
Google deals with a lot of (sometimes small individual units of) money from publishers and advertisers, and their current system would be far better off if it were handled online through themselves.
one
They are scaper sites.
They get to the top through link spamming, 302 hijacks, "scaping" content from other sites, search engine optimisation etc etc etc.
They are sites "made for adsense" as its called, whereby they exist for the sole purpose to be highly ranked in google and get ad clicks from people looking for something else. Effectively 'doorway' pages, which make a shitload of money, as people that land on such pages don't find what they really want, so click through on the ads in hopes of finding it there instead.
The crap of the internet, many hundreds of thousands of such sites run by only a hanful of thousand very rich people.
Thatd be well and good if Yahoo didn't rape this feature out of its services (.com addresses). its gone. thanks guys. If you had told me this was a possiblity when I signed up you can be sure I never would have.
Be that as it may, Ballmer didn't say might, he said "may".
And that is because of the centralisation, remove that, and you become like other p2p apps, the lack of speed will come as well.
Why can't people see that. Too many people seem to think that because BT is fast, if you then go and make it trackerless/distributed it will remain fast.
Yep sure is. BT is great for legitimate content as it doesnt have the overhead of being distributed.
Unfortuantly, these kids see these speeds and think 'gee thatd be great for warez, much faster than eMule', then they think 'hang on, this centralisation sucks, lets make it distributed, that way we can have the speed of BT, but the advantages of being distributed'... sorry, but it doesnt cut both ways.
Personnally, I cant wait till they do this. It will silence those knuckleheads who don't realise the tradeoffs of being a distributed protocol, and will hopefully ditch BT for warez and leave it for the legitimate content using trackers. And actually wake up to the fact that eMule is already what they are looking for, the lack of speed is just a necessary tradeoff.
You can already do this by having your client host the tracker. This is basically what this 'trackerless' thing is anyway, or at least as far as sharing files with friends like that there wont be much of a difference between running the tracker yourself, or using this 'trackerless' protocol. Frankly youd be better off just using eMule.
There is already free trackers out there that will host your torrents, as long as they are legal. Just post it to them and host the file on your own client, then add the link to your page. Hosting the file yourself will be required for this trackerless method anyway.
So exactly like eMule.
The advantage of BT *is* the centralisation and tracker. Otherwise it is just eMule. Sure the advantage over http is still there, but there is no advanatage over other p2p apps if you take out the tracker.
heh, just kidding.
I think its mostly important when rolling out updates to thousands of machines or automated installations etc, where the whole process is a lot smoother the less reboots that are required.
Basically what Im saying is there is x amount of bandwidth to go around, regardless of the network.
If you start using networks and protocols which don't encourage seeding (ie trackerless, decentralised etc), it really doesnt matter what you use, they would all end up basically like ed2k. A bunch of clients sharing x content, with y bandwidth, all trying to take as much as they can without giving anything in return. The overhead of emule isnt that huge, and given the size of files being transferred these days, using a more efficent protocol isn't going to buy you much, it just ends up segregating the network.
How is eMule any better? It certainly doesn't protect your anonymity. The eMule server acts in much the same role as the BT server, except the speeds are better on BT. Remove the tracker, and you got a "flash mob" of peers. Each dumpsite could just point to one member of the swarm, making it ten or a hundred targets instead of one lone tracker. BT has always been about security in numbers, except the users have been many and the sites many, but the tracker only one.
eMule eliminates this need for a 'dumpsite', it also has support for 'flash mobbing' or swarming. Basically, each peer is the tracker. The need for a 'dumpsite' is the biggest problem with BT as far as warezing is concerned - it is the weak point in the chain, and makes it more difficult for anyone to upload content.
For everything they are trying to do, it can just as easily be achieved by starting a seperate eDonkey network which limits the number of files you can share. But, 'oh no, what about people that connect to servers which allow more files' etc. This is going to be a problem with any p2p app, as bandwidth is shared between networks as hybrid clients emerge.
Basicaly, they don't realise it, but they are coming full circle, and the outcome is just going to be a another eDonkey network. Which means, why not just use the existing one.
Which you have to ask, why not just use emule/edonkey network?
Before you say 'wah wah bit torrent is faster', etc, it is only like that because it is centralised and so a tracker can make sure everyone is seeding, there are statistics which encourage people to seed, and most importantly, there are far less files, and so the bandwidth isnt spread out as thinly.
The more these guys work on decentralising BT, the closer you get to just being a less efficient and less established clone of emule. Whats the point?
As far as 'warezing' is concerned (99% of traffic), BT is a terrible protocol. The trouble is, these kids see the speed of BT and think thats the way to go. They realise the centralisation is a problem, and so try to fix that. Without realising they are just reinventing the wheel. They think they are going to get the best of both worlds, because they are just warezing kids and don't know any better.
why not do neither? If its not a good movie, why encourage them to produce even more crap?
By buying the DVD you are most certainly succembing to mob think, in that you are still only watching it because everyone else is, and not because its actually good and worth the money.
Yeah, it will still be able to do that. But given the connection limit as well, it won't be able to sweep scan ranges of addresses very effectively - causing the slow down of worms which propogate by tring thousands of (moslty invalid) IP's a minute. And it won't be able to send out fake packets and therefore can be filtered and tracked down as being the source.
and when wine fails to run the dumb shareware games she tries to install. I'd be like "They must not have programmed them very well, I can't make them work
Why don't you just say that when things like shitty ICQ fail to run correctly? Afterall, in this case it actually *is* the fault of the programmers of the application, unlike the 'shareware windows games running under Linux' case you described.
This 'fix' was only just introduced in SP2. Most of those attacks are likely to be from infected machines that aren't patched up - and therefore aren't running SP2. So you cannot really draw the conclusion that its not helping.
Actually, yes it does. By not spoofing the source of the attacks, you are able to filter the traffic and track where it is coming from. DDoS style attacks will still be possible initially, but these machines will be singled out soon enough as they can no longer hide.
Except installing a driver is not that easy, and is usually accompanied by a confirmation dialog and can only be done by admin. Saying trojans can install such drivers is kind of similar to saying a trojan can just install Linux. Sure it can be done, but its difficult, and the user is likely to notice and it can be removed or prevented. A driver is effectively an addon to the OS, and the OS asks permission from the user to insall it, otherwise it will not do it.
Or perhaps if you are going to write apps that require such low level network access, you should be using a packet driver (or whatever the mechanism is in windows) to do that.
The same can be said for any access to hardware that could be considered unnecessary for typical applications or 'harmful' to the hardware (harmful in the sense that it is 'harmful' to the network and your connection).
I think what MS has done is quite acceptable, given the number of trojans uot there that are DoS'ing and spamming like crazy. Trojans that are on the systems often because of user stupidity rather than an insecure OS. As long as it is possible to actually write such a 'driver' (I think there is a different name for it, but I can't remmeber).
What you are talking about is COM. And it is most certainly a standard, and solves all those things you are talking about. ActiveX is just a standard set of interfaces that a COM object should expose for web use. COM is also the reason why OLE and clipboard support is far superior under Windows than any other OS, and always will be. Regardless of anything any other OS does to try solve this problem, they will always have to retain compatibility with apps that dont have this support, so it will always be a mess.
It is quite easy to add 'scripting' (you mean automation) support to any app. It is well supported under Visual Studio. An MFC app typically supports OLE 'by default' also. It wouldnt make sense to have automation default to enabled for all apps - it would just mean a lot of work required to write any application under VS, 90% of which wouldnt need it.
Clearly, there is something that you are trying to do, but you are incapable, so you are having a rant at Microsoft, just because you can't manage to do it.
sort of :) The only episode I ever watched was an episode where the presented a vulnerability I discovered in Microsoft's help center which got overhyped. It was the hcp://windows/* delete file type exploit. Pretty cool.