Maybe I should clarify, for Timothy's sake: the links goes to http://www.theinquirer.net/?article=8879, but you say it goes to the Register. Might want to fix that real quick.
Yeah, that's exactly what I was expecting after I'd read the headline, before I finished off the body. It could even be a client instead, if for instance you had it contact your local toilet paper supplier and order more when it's running low, or something like that. But this is just window dressing.
And don't forget the recent case involving (I think) MS SQL Server, where upon another company's winning a licensing/patent case against Microsoft, they issued a press release specifically pointing out that MS's having told its customers and developer partners that they didn't need to worry about this did not fulfill their obligation to consult legal counsel to avoid triple damages from the suit. There's a great case of MS's legal team being less than stellar. Sounds like MS was pretty nearly guaranteeing that the customers didn't need to fear using the relevant bits.
Depending on the organizations needs they can more than likely block all outgoing UDP.
Hmm, how'd you like your DNS to keep working? Easy enough to make one exception for port 53, of course. But then the next version of the worm uses port 53 as the source port and can still get away with 1434 as the destination, or something like that. Alternatively, you have your own recursing (is that a word?) DNS server, not a bad idea anyway for efficiency. But then you have to put it in the DMZ and on the internal.... You get the picture. There's always a "but".
Actually, the 376 byte part was just the payload; with the usual UDP & IP headers, it was 404. Add in a bit more for encapsulation depending on your transmission medium.
But, more significantly: 24,449,400 B/min =~ 3.26 Mb/s (decimal M), a far cry from 54Mb/s.
Also for comparison, I was only getting about 1 such packet per minute on my measly 1 IP address throughout the first 5 or 6 hours. It was rather bursty, just in the way that random events are, so sometimes I'd get 3 or 4 in a minute, followed by 5 minutes of nothing, and such. It could be a matter of the actions of our upstream providers, or perhaps something on your network was infected and not limited by the WAN bottleneck when hitting your own addresses.
I think it's unrealistic and counter to the overall goal to interoperability of the internet to have so many implementations,...
Just to (over)simplify a bit for you...
interoperability != intercommunication
Something to keep in mind. Interoperability may not be the goal you think it is.
*smacks AC across the knuckles with a ruler* Pay attention!
While the honeypot approach might be effective against other worms and such, it wouldn't have made a whit of difference here. The infected hosts only needed to send a single packet to each target, this being UDP, and didn't even bother waiting for a reply of any kind. Wouldn't have slowed this one down a bit.
I've been DROPping, and I also get only one attempt per host. It's the nature of the beast, nothing to do with whether it gets an ICMP-*-unreachable or not. That's part of what makes it so efficient, being UDP, it doesn't waste time waiting for any kind of reply at all, just moves right along to the next target address. Lather, rinse, repeat.
Well, based on the number of packets I've gotten, and guessing they might have made it intelligent enough not to try any IP higher than 224.255.255.255 (anyone know one way or the other?), my estimate is it's accounted for about 400 TB so far. Don't know what that amounts to monetarily, but it's certainly a BIG chunk of bandwidth!
Since when does a document ending in.htm, and containing <html>, <head>, and <body> tags (though no </body> or </html>, oddly) count as "text format"? Even if it is in a <pre> tag (also unclosed)(and a <DOC> tag??). I suppose it's more text than PDF is, but that still isn't what I would call "text format.
Be more specific, if you're going to critique. I would like to know your opinion regarding this matter, and what about 299,792,458m/s do I apparently not know.
Remember, it takes 4 minutes for light from our closest neighboring star to reach earth, traveling at, well, the speed of light. In all probability, this CHIPS will be using radio frequencies which are much, much slower. (I could be wrong, but I would be surprised if they had hacked some type of interstellar laser guidance system... )
I think he's just referring to the fact that it takes about 8 1/3 minutes for light to travel from the Sun to the Earth, that's all.
And, more generally speaking, I think that just because it's called a "Cosmic Hot Interstellar Plasma Spectrometer", doesn't mean it's going to be sent out INTO the interstellar plasma. That's the difference between the 'S' standing for 'Spectrometer' and 'Sampler'.;) It doesn't have to actually leave Earth orbit to detect what they want to know. Therefore, no week-long RTT's.
Hmm, are you referring to the fact that no packet after the first on port 21 can get through, or the fact that port 20 can't get through at all? Oh well, there's always passive.;)
Personally, I think the much bigger problem would be that eth0 interface. That's gonna be a helluva long CAT-5, especially since it'll be wrapped around the Earth repeatedly (unless they moor it at one of the poles?).
Remember what the first 'D' in 'DDoS' stands for? We'll need a few more of these first, and I imagine the first one will be subject to plenty of attacks to weed out the weaknesses. Hopefully by the time we have enough of these up there to warrant calling it 'distributed', they'll be able to eliminate the 'DoS' part.
/* Increase the timeout each time we retransmit. Note that * we do not increase the rtt estimate. rto is initialized * from rtt, but increases here. Jacobson (SIGCOMM 88) suggests * that doubling rto each time is the least we can get away with. * In KA9Q, Karn uses this for the first few times, and then * goes to quadratic. netBSD doubles, but only goes up to *64, * and clamps at 1 to 64 sec afterwards. Note that 120 sec is * defined in the protocol as the maximum possible RTT. I guess * we'll have to use something other than TCP to talk to the * University of Mars. * * PAWS allows us longer timeouts and large windows, so once * implemented ftp to mars will work nicely. We will have to fix * the 120 second clamps though! */
No, that would be one of Arthur C. Clarke's Tales from the White Hart. It's been a while, so I don't specifically remember the advertising angle, but I definitely remember the tone-deaf assistant saving the day (kind of).
Ugh. I actually read that story. I think I just might feel more ill than the first time I clicked on a goatse.cx link.:p And yet he seems to take such pride in his work....
If you RTFA, you'll see that they never mention the "efficiency and speed", that's just the submitter's paraphrasing. And we all know what that's worth, right?
OK, before we all jump on that "ocean 100 miles deep" claim (as I was about to do), here's the actual quote from the article:
Other bacteria, frozen into chunks of ice in a Washington laboratory, have thrived inside a high-pressure container and went right on reproducing after they were exposed to pressures equivalent to life at the bottom of an ocean 100 miles deep.
So they aren't really claiming to have found oceans 100 miles deep.
Slashdot Mirror
Maybe I should clarify, for Timothy's sake: the links goes to http://www.theinquirer.net/?article=8879, but you say it goes to the Register. Might want to fix that real quick.
Inquirer, or Register?!?
Yeah, that's exactly what I was expecting after I'd read the headline, before I finished off the body. It could even be a client instead, if for instance you had it contact your local toilet paper supplier and order more when it's running low, or something like that. But this is just window dressing.
And don't forget the recent case involving (I think) MS SQL Server, where upon another company's winning a licensing/patent case against Microsoft, they issued a press release specifically pointing out that MS's having told its customers and developer partners that they didn't need to worry about this did not fulfill their obligation to consult legal counsel to avoid triple damages from the suit. There's a great case of MS's legal team being less than stellar. Sounds like MS was pretty nearly guaranteeing that the customers didn't need to fear using the relevant bits.
Depending on the organizations needs they can more than likely block all outgoing UDP.
Hmm, how'd you like your DNS to keep working? Easy enough to make one exception for port 53, of course. But then the next version of the worm uses port 53 as the source port and can still get away with 1434 as the destination, or something like that. Alternatively, you have your own recursing (is that a word?) DNS server, not a bad idea anyway for efficiency. But then you have to put it in the DMZ and on the internal.... You get the picture. There's always a "but".
Actually, the 376 byte part was just the payload; with the usual UDP & IP headers, it was 404. Add in a bit more for encapsulation depending on your transmission medium.
But, more significantly: 24,449,400 B/min =~ 3.26 Mb/s (decimal M), a far cry from 54Mb/s.
Also for comparison, I was only getting about 1 such packet per minute on my measly 1 IP address throughout the first 5 or 6 hours. It was rather bursty, just in the way that random events are, so sometimes I'd get 3 or 4 in a minute, followed by 5 minutes of nothing, and such. It could be a matter of the actions of our upstream providers, or perhaps something on your network was infected and not limited by the WAN bottleneck when hitting your own addresses.
I think it's unrealistic and counter to the overall goal to interoperability of the internet to have so many implementations,...
Just to (over)simplify a bit for you...
interoperability != intercommunication
Something to keep in mind. Interoperability may not be the goal you think it is.
*smacks AC across the knuckles with a ruler* Pay attention!
While the honeypot approach might be effective against other worms and such, it wouldn't have made a whit of difference here. The infected hosts only needed to send a single packet to each target, this being UDP, and didn't even bother waiting for a reply of any kind. Wouldn't have slowed this one down a bit.
I've been DROPping, and I also get only one attempt per host. It's the nature of the beast, nothing to do with whether it gets an ICMP-*-unreachable or not. That's part of what makes it so efficient, being UDP, it doesn't waste time waiting for any kind of reply at all, just moves right along to the next target address. Lather, rinse, repeat.
Well, based on the number of packets I've gotten, and guessing they might have made it intelligent enough not to try any IP higher than 224.255.255.255 (anyone know one way or the other?), my estimate is it's accounted for about 400 TB so far. Don't know what that amounts to monetarily, but it's certainly a BIG chunk of bandwidth!
Since when does a document ending in .htm, and containing <html>, <head>, and <body> tags (though no </body> or </html>, oddly) count as "text format"? Even if it is in a <pre> tag (also unclosed)(and a <DOC> tag??). I suppose it's more text than PDF is, but that still isn't what I would call "text format.
Be more specific, if you're going to critique. I would like to know your opinion regarding this matter, and what about 299,792,458m/s do I apparently not know.
Remember, it takes 4 minutes for light from our closest neighboring star to reach earth, traveling at, well, the speed of light. In all probability, this CHIPS will be using radio frequencies which are much, much slower. (I could be wrong, but I would be surprised if they had hacked some type of interstellar laser guidance system... )
I think he's just referring to the fact that it takes about 8 1/3 minutes for light to travel from the Sun to the Earth, that's all. ;) It doesn't have to actually leave Earth orbit to detect what they want to know. Therefore, no week-long RTT's.
And, more generally speaking, I think that just because it's called a "Cosmic Hot Interstellar Plasma Spectrometer", doesn't mean it's going to be sent out INTO the interstellar plasma. That's the difference between the 'S' standing for 'Spectrometer' and 'Sampler'.
Hmm, are you referring to the fact that no packet after the first on port 21 can get through, or the fact that port 20 can't get through at all? Oh well, there's always passive. ;)
Personally, I think the much bigger problem would be that eth0 interface. That's gonna be a helluva long CAT-5, especially since it'll be wrapped around the Earth repeatedly (unless they moor it at one of the poles?).
Remember what the first 'D' in 'DDoS' stands for? We'll need a few more of these first, and I imagine the first one will be subject to plenty of attacks to weed out the weaknesses. Hopefully by the time we have enough of these up there to warrant calling it 'distributed', they'll be able to eliminate the 'DoS' part.
Remember this infamous bit of commenting?
in linux/net/ipv4/tcp_timer.cHmm, I see they've already been over it pretty thoroughly there, yep. But no one had pointed out the obligatory Star Trek angle there yet! ;)
Gee, you mean the Pope talks like Data?
No, that would be one of Arthur C. Clarke's Tales from the White Hart. It's been a while, so I don't specifically remember the advertising angle, but I definitely remember the tone-deaf assistant saving the day (kind of).
No, it can't be, we've always got tripe here. ;)
Ugh. I actually read that story. I think I just might feel more ill than the first time I clicked on a goatse.cx link.:p And yet he seems to take such pride in his work....
If you RTFA, you'll see that they never mention the "efficiency and speed", that's just the submitter's paraphrasing. And we all know what that's worth, right?
Heck with the "Movies" icon, what I want to know is, why the heck is it listed as a "Science" article?!? That's even less obvious.
OK, before we all jump on that "ocean 100 miles deep" claim (as I was about to do), here's the actual quote from the article:
Other bacteria, frozen into chunks of ice in a Washington laboratory, have thrived inside a high-pressure container and went right on reproducing after they were exposed to pressures equivalent to life at the bottom of an ocean 100 miles deep.
So they aren't really claiming to have found oceans 100 miles deep.
Well, see, that's the difference between saying "you mean like algae", and saying "you mean algae". ;)
Bring on the carbon dioxide eating genetically engineered microbes.
What? You mean like algae?