My understanding is that it was a classic example of the use of submarine patents. Basically, Rambus participated in JEDEC, a memory technology conference
standards organization
whose purpose was to standardize SDRAM, while at the same time neglecting to mention that they, in fact, held patents or had patents pending on that very technology. They then attempted to elicit licensing fees for those technologies once it was firmly entrenched in the industry.
I've seen articles claiming they did BOTH: Submitted their patent-pending tech AND amended their patent applications (and/or started new ones) to include stuff they'd heard about in the committee from others, generally within days of the relevant meeting.
"...enterprises have to install security patches very rapidly, deal with outages caused by secondary problems with these patches, and deploy additional layers of security technology."
I see one bad thing and two good things here...anyone else with me? I mean, shouldn't we work our best to keep our environments 1) current
Of course not!
Upgrading is a cost. If your system is capable of doing the job adequately and efficiently without upgrading, there's no gain from the upgrade. You should only need to upgrade if the benefits from doing so exceed the cost - by a sufficient margin to also cover the opportunity cost from having your time taken up with the upgrade when you could have been doing something more profitable.
Also: Sometimes upgrades break things that were working just fine and that risk is an additional cost. (As is, of course, the cost of NOT upgrading in the face of security risks.)
and 2) as secure as we can afford to?
Again no.
You need it to be secure enough to reach the point of diminishing returns between cost of damange * probability of compromise vs. cost of security to prevent it.
(Which amounts ALMOST to what you said with Windows systems, since both the probability of compromise that can produce a high-cost damage is extremely high. B-) )
Marking data memory "no execute" doesn't fix things. It just makes it a bit harder to exploit.
Currently a typical buffer overflow exploit consists of a long record with executable code which also overwrites the return address in the subroutine which read the record so that it jumps into the code upon return. Making the stack no-execute means this approach results in a trap when the return is made. This kills the process that was attacked, rather than subverting it.
There are several reasons that this is not a "fix".
First: The basic problem is the buffer overflow. And an overflowed buffer will STILL break things, by damaging the state of other variables of the subroutine (as well as breaking the return address and possibly overwriting stack variables of several layers of calling routines as well).
Second: The exploit doesn't have to wait for the victim subroutine's return. It overwrote other variables than the return location, and the subroutine obviously read the record in order to do some processing on it. So by judiciously manipulating the stack the exploit has lots of opportunities to subvert the routines that read it to do work it specifies.
Third: The exploit doesn't have to specify a return location within itself. It can rewrite the return location to be any spot in any code for which the address is known - and rewrite the variables on the stack to provide the desired environment for the target code. (A simple exploit would be to hit something that's about to call "exec", with arguments on the stack that look like a shell script. Unix starts the user tasks with a hand-crafted "exec init". A virus can start its exploit tasks the same way.)
The real problem is that the buffer overflow is there in the first place, and the real fix is to eliminate those.
But that's no reason NOT to raise the bar on exploits by activating the no execute feature.
A reason you might NOT want to raise the bar that way is that some tasks NEED to execute code they generate in their data space. Examples are language interpreters using incremental compilation, or other systems that accellerate some processing by generating and executing data-dependent tweaked instruction sequences. Turning it on breaks them. Making it controllable but on by default ALSO breaks them (though it lets you upgrade them to work again) and just gives the exploit something extra to do at the top of its faked-up stack.
Problem is, people (particularly Windows users) buy features before they buy security.
IMHO that's because Windows users have given up on getting security. B-)
With a choice of an insecure platform with fewer features or an insecure platform with more, of course they'll pick the one with more. Just think: They might actually be able to get something done between crashes, infections, and reinstalls.
I figure the real reasons they use NNs are much simpler. Firstly, its really easy to implement NNs that predict numeric values instead of classes and even more importantly they work. Research usually involves trying everything under the sun and reporting/patenting/exploiting whatever worked best.
I figure the true answer is even simpler: Nonlinear Neural Networks were the first thing they tried that worked, and worked well, after they'd tried a bunch of other stuff which didn't.
Maybe some of the other techniques mentioned in this thread will do a significantly better job in less crunch and space. If all three are met (or the first two or maybe even just the first, if the improvement is sufficient) they might replace the neural net solution. But the NNNs' factor-of-two speed increase is a big deal right now.
Regardless of what they settle on, it will be interesting to see whether packet-size tuning also gives significnat throughput improvements if the underlying link uses really robust forward error correction, such as turbo or low-density parity codes.
It will also be interesting to see whether the improvement is actually pointing up an opportunity for improvement over the bandwidth-selection mechanisms of the Wi-Fi standard.
Perhaps moving the NNNs (or whatever) to the bandwidth selection layer of a link with more robust error correction could vitrually eliminate the need for retransmissions - by taking advantage of the extra information about link quality from the corrected errors and keeping the link's payload bandwidth tuned so the forward error correction virtually always succeeds.
Re:Cone of Silence - misnomer.
on
Directed Sound
·
· Score: 1, Informative
I find it interesting that after all these years the Cone of Silence, the useless security divice from the spy spoof Get Smart, still needs no introduction.
It's doubly funny since the term actually predates Get Smart - and refers to something else entirely.
The "Cone of Silence" is the area directly over a vertically-polarized radio antenna (i.e. off the end of the dipole) where there is little or no signal.
In WW II, aircraft did a lot of navigation using radio beacons. The easy way to do this is to fly to, and over, a beacon, perhaps setting a course that went from beacon to beacon, rather than navigating by obtaining bearings from multiple beacons (although the latter was also done).
As you approach a beacon the signal strength increases. But as you fly over it, through the "cone of silence", it suddenaly drops out - then reappears behind you. Then you know that you just went right over it - and thus exactly where you are - and that it's time to set your course for the next waypoint.
With so many bomber crews (and stories about them) the term "cone of silence" became publically known. But with few people other than navigators and radiomen familiar enough with it to know exactly what was meant, it became a buzzword with the implication of having something to do with wartime and security.
Which gave the writers of Get Smart an opportunity to use a rotten pun for a couple air minutes of slapstick by redefining it. B-)
Secondly, I think people should use what works for them. If windows works for you then use windows.
Unfortunately, Windows is causing major problems for people OTHER than its users, on the net and elsewhere, due to its poor design.
First: The poor security of windows results in repeated bursts of traffic clogging the net for days at a time, as the latest security vulnerabilities are exploited by viruses and worms. Microsoft has shown little competence at fixing these issues, which are becoming more rather than less of a problem with time as the malware authors improve their designs faster than Microsoft can fix their systems. There is no sign that this trend will reverse.
Arguments that the wider deployment of Microsoft products makes them a bigger target are disproved by the web server counterexample: Apache is far more widely used than Microsoft's IIS, yet IIS gets virtually all the exploits.
But with actual industries based on malware exploiting Windows security bugs, malware authors are polishing destructive payloads. With every passing year this increases the threat from malware ports to other more secure (though imperfect) systems, once windows is finally on its way out. It's much like the way large reservoir of disease increases the risk of plagues to currently uninfested areas.
Second: Microsoft's IP stacks "cheat" when setting the Quality of Service (QoS) bits, demanding higher service levels than the applications actually need or request. This once gave them improved performance over their competition. But it puts their low-priority traffic (like file transfers) in the way of streaming applications (like VoIP or videoconferencing).
This has impeded deployment of QoS sensitive applications, as well as proper deployment of QoS support and QoS-dependent services in both the enterprise and the network core. Currently they're supported by hacks - such as putting the VoIP phones on a separate virtual LAN that is given higher priority, VoIP phones with an "extension" outlet for the workstation which rewrite the QoS bits on the workstation's packets, and other router/switch/bridge/firewall/edge-router hacks that downgrade or selectively downgrade the QoS settings on customer packets.
This rewriting of QoS bits means that streaming applications running on Windows workstations can't get the service levels they need, and thus don't run as well as they should on workstations (which is part of why you see separate IP phone hardware, and why VoIP applications are so flakey). So it finally bit Microsoft, too. They now have an incentive to fix it. But projects to do so are delayed behind their frantic attempts to patch their security bugs. And even once they DO fix it there would be the problem of getting the fixes deployed, and onto legacy systems as well.
Meanwhile, OTHER OSes which DON'T cheat also have to deal with an internet where QoS isn't properly implemented, and where in some cases their packets get the same QoS-rewriting penalizations as are necessary to defend servers against Microsoftware's misbehavior.
The Microsoft shepherd cried "Wolf!" repeatedly (and still does). So now the townsfolk won't respond when ANY shepherd cries "Wolf!"
Third: Microsoft has deliberately deployed proprietary data and interface formats that don't interoperate with the products of other vendors, and has "embraced/extended (i.e. broken)/extinguished" even some proprietary standards. This results in things like email, web sites, and documents that won't work with - or even break - other people's tools, locking their customers into Microsoft products and impeding communication, not just between them and other internet users, but also among other internet users (as, for instance, clueless web designers write sites that assume Microsoft's browser).
This has placed an extra load on application designers, as they must reverse-engineer and support Microsoft proprietary formats so their users can communicate with the people still stuc
Actually, some people that live long enough do get a third set of teeth naturally.
And some people also have the third set show up earlier in life. (Like one kid I knew in high school who had to have 'em pulled.)
A third set is not all sweetness and light, however. There tend to be a lot of problems from the second set not getting out of the way, or its accumulated maloclusions, tooth-losses, and other screwups keeping the new ones from erupting properly.
What would make a lot of sense evolutionarily is for the jaw to produce a replacement tooth if the predecessor is lost. That way the new tooth could come in before the neighbors drift out of place. But apparently that's not in the cards for mammals - especially in OUR lifetimes - without deliberate hacking.
One of the articles points out that the new tooth bud emits growth factors that recruit blood vessels and nerve cells, ending up innervated and plumbed just like a normal tooth.
(I wonder if it might actually emit the nerve as part of its own differentiation. Many structures seem to start with a nerve bundle and then grow other tissues as directed by growth and differentiation factors secreted by nerve cells, rather than the other way around. So I'd expect the tooth bud to include its own proto-nerve cells, ready to "plug themselves in" to the rest of the nervous system, rather than recruiting nerve cells from their surroundings. Blood vessels seem to be recruited, however - which makes sense since they need a connection to the blood supply for their own nurishment, and many tissues need essentially the same plumbing.)
Fetal stem cell research is almost irrelevant. The Australians have extracted stem cells from [other tissues in post-birth people] Fetus's are not the only source of stem cells, they are just one of the first sources discovered.
There are lots of different stem cell lines at different stages of the organism's development. Stem cells extracted later in life may have partially differentiated and thus have less plasticity than those extracted early. They'll also be closer to the Hayflick Limt, with shorter telomeres, limiting the amount of tissue they can produce and accellerating its aging, and be more likely to have accumulated genetic damage, making them more likely to become cancerous.
Stem cells extracted from the already-born are almost certain to be useful for most tissue-replacement purposes, once the science has been done to understand the mechanisms. But to do that science with ONLY the information from the differentiated cell lines, blinding the researchers to the more pristine early-stage genome, is enormously more difficult.
And that's the stage we're at now.
By blocking foetal stem cell research the US policymakers are delaying the availability of new treatments. This increases human suffering and death - with no reduction in the number of aborted foetuses, or any other mitigation of harm, to show for it.
Doing the basic research on foetal tissue from abortions performed for other purposes is still somewhat more difficult than doing it on foetuses created for the purpose. But not a lot more so. And such a ban WOULD prevent the creation of foetuses just to be killed for research.
Once the basic research is done, treatments can be designed to use stem cell lines harvested post-birth (preferably from the individual being treated, which solves rejection problems as well). A ban on using foetal cells for TREATMENTS can prevent the foetus-farm scenario at a relatively minor cost in human suffering and death from untreated conditions.
No more brushing my teeth and all the Coke I can drink!
Take that, Mother, with all your dire predictions about my teeth rotting out.
You know, back when I was a kid in late elementary school I was an avid reader of science fiction. I remember thinking that by the time my adult teeth were starting to wear out or become dinged or decayed the technology would be in place to grow replacements.
Of course that was back in the late '50s. I didn't imagine something like the FDA and the Thalidomide parinoia putting the skids under medical technology development.
It's about TIME they got around to it!
(Fortunately, dental hygene isn't just about keeping 'em from rotting, or I'd probably be weraing dentures by now.)
Is there a reason there isn't a standardized procedure with the phone company whereby the cops say "there was a bomb threat made at 1pm to this number" and the phone company says "these were the incoming calls and where they came from"?
Yes there is. It involves search warrants. And that means asking for the right stuff. Getting call trace information is an invasion of privacy, not just of the caller but of others who might have called at around the same time. So you need an overriding reason to perform such a search. And you need probable cause that a specific crime has been committed and evidence will likely be obtained by perfroming the search, to get the warrant allowing the search.
It's the job of the police and prosecutors to know how to do this, not of the telephone companies to teach them.
I'm sure that once you think about it in terms of some policeman who doesn't like your looks tracing all your calls and harassing all your friends, on the basis of an anonymous tip (phoned in by his buddy at the next desk), you'll appreciate why safeguards are in place.
What I find particularly disturbing is why the TelCo people weren't more involved. I mean:
What happened: Officer: I need this TelCo: Searching... Nothing.. Try Again...
Instead of what should have happened: Officer: We need to catch this haxor TelCo: Ok,..., there it is!
I, on the other hand, am glad that the telephone company is not being randomly helpful, but insisting that the police go through proper channels before handing out call trace information.
Perhaps they could have told him what to ask for. But I prefer that they err on the side of citizen privacy and let the police learn to do their job through their own methods (as this officer did), rather than spending their resources (and raising customer bills) leading every nosy cop through the procedure by hand, thus encouraging its constant use for ever smaller issues and possibly giving them incorrect legal advice in the process.
I'd have to say that it's good we can show a clear example of a "good hacker"... and what's best is this is a local effort. Good will for white-hats will be best done at the grassroots level.
The concept of Mitnick as a "white hat" will probably have a significant number of white hats foaming at the mouth.
If Mitnick is truly reforming, kudos to him. But his hat WAS a darker shade in the past.
Perhaps "bleached hats" would be appropriate for reformed black hats. With the implication that they might come out white, grey, or dingy yellow - which seems appropriate.
Reformed criminals come in at least three flavors - those who truly reform by internalizing the intent to do the right thing even when it's inconvenient and to make up for any wrong they had done previously, those who put on an appearance of reforming while continuing their activities in hiding, playing both sides of the fence, and those who would go back to the dark side in a flash but for fear of being caught again.
As long as we are the freest nation in the world (with shit like the PA being passed that won't be too long) we will also be the most violent, the most dangerous, and the most open to attack by individual nuts.
Actually we AREN'T the most violent, most dangerous. Risk of death from violent crime among every major racial/ethnic group in the US is typically lower than it is for the same ethnic group in their country of origin. Lower for whites of English descent than in England, for blacks of African descent than in Africa, for people of Japanese descent than in Japan, and so on, for people of Spanish-Indian descent than in South and Central America, and so on.
We have a higher average violent crime rate than some other countries mainly because we have allowed and encouraged (and even sometimes forced B-( ) immigration of large numbers of members of violent cultures, but haven't forced them to completely abandon their cultures. Crime tends to be mainly within each group rather than between members of the groups. But crime goes down as the members of the groups assimilate and/or acquire means of self-defense. (Risk - of victimization or crime commission - for a black US citizen of African descent but middle-class or higher income and status is no different that that for a white of European descent.)
Add in the risk of death and injury from acts of war and there's just no comparison. Most of the rest of the world gets into major tribal warfare and rounds of genocide about once per generation (although this has been cooling out a bit since the invention of the Atom Bomb). The US hasn't had a major civil war since the mid 1800s, and most of its casualties come from bailing out the rest of the world.
And there's plenty of evidence now that the solution to the remaining "problem" is more freedom - specifically more gun-toting. Not only is violent crime highest where guns are most restricted, lowest where they're most prevalent. But now we know that it's BECAUSE they're restricted that crime is high, rather than the other way around. CCW has been legalized in progressively more of the US over the last decade or so, and within a couple years of legalization in each area - about the time people actually the the paperwork done and you start having a significant number of gun-toters - crime in the area drops like a rock.
I agree that the way that the 2nd amendment is ignored or distorted is unconscionable. In spite of this, I'll gladly support a group that defends 95% of my enumerated rights, and work on the other 5% through different channels and organizations.
I would do the same, if they merely ignored the other 5%.
Unfortunately, they actively work against the other 5% - a 5% I take very seriously. It goes far beyond such trivialities as printing up posters of the Bill of Rights with the 2nd deleted.
For instance: When a crook in New York City cracked a safe and stole a gun, then used it in a crime and shot somebody, they provided lawyers for the shooting victim to sue the gunowner whose gun had been stolen.
Sorry. But now that they've done stuff like that, they'll have to do an explicit turnaround, rather than just (maybe - how could you tell?) dropping back to benign neglect, before I can support them regardless of how much good work they do on other issues.
If men are to be precluded from defending thmselves from violent oppression, mere speech is of no use to us; The right to keep and bear arms may be taken away, and unable to do more than bleat we may be dragged like sheep to the slaughter.
extra 1 to 3 years tacked onto a felony conviction is nothing
Oh yes it is, while you go in thinking it's nothing usualy because it's served concurrently with the primary sentence; I can guarentee that the Parole board will look at it differently.
Huh? WHAT parole board? This is a federal offense, prosecuted in a federal court.
I was under the impression that all this stuff was strictly a state thing, and that the Fed had no parole, no time-off for good behavior, no concurrent sentencing, etc. That when you got convicted in the Federal system you really rotted away for the full sentence in some rockpile unless you somehow managed to get pardoned or get your convecion reversed on appeal. (That's why "a federal offense" is such a big deal.)
Am I mistaken?
(Not being a lawyer OR a criminal I don't have direct experience to go on. B-) )
Yeah, you keep singing, and don't forgot to pay your tax on every CD-R or MP3 storage device that you buy... nevermind that that probably far exceeds losses by piracy
Which brings up a question:
Has anybody tried the defense that they already PAID to make the copy by paying a tax on the medium, so the RIAA is double-dipping?
That might make them think twice about both the tax and the suits. B-)
Couldn't the same be said for people who didn't do it? A lot of people take guilty pleas who were innocent rather than running the risk of receiving a full sentence, especially if the plea is for $3000. It would cost more than $3000 just for a retainer to get a lawyer.
Quite.
In fact, that is one of the biggest arguments against the death penalty in criminal cases. It seems a significant number of people who are completely innocent of the murder for which they're accused plead to reduced charges (like second-degree) and do long prison time rather than risking death.
Ditto plea barganing on other crimes with less than the death penalty, but still with major penalties. Plea barganing plus other sentence-lightening factors ("good behavior", overcrowding releases, judges giving light sentences, parolle, "mitigating circumstances", etc.) ended up with bad guys getting miniscule sentences (the "revolving door"). So legislatures inflated the penalties to compensate. But somebody who actually fights typically gets the inflated penalty - and praolle boards don't release people who refuse to "admit responsibility and show remorse", meaning they serve it all unless they continue the lie that they did the crime. And the penalty inflation feeds back into the plea-barganing success rate and feeds the convict-making factory.
This is the legacy of over a century of "drug war". Back in the '60 people thought that civil disobediance would overload the system and they'd have to throw in the towel. The system responded with first the plea-barganing mechanism to unload the courts. Then it created RICO to fund the whole machine (by siezing the assets of the accused), create an incentive for MORE accusations AND stripping the accused of the resources needed to hire a defense.
Thus the criminal justice system has been complelely corrupted by this mechanism.
Why should we expect anything else from the civil side of the law, where large institutions with large resources, such as RIAA, can pull the same self-funding extortionist hack on thousands of little guys?
= = = =
The first bright side I can see is that the initial assault on dual-use technologies (such as peer-to-peer file sharing) is being blunted. So the RIAA is finally moving toward the model they SHOULD have started with: Going after the actual offenders.
Now comes another step: Forcing them to back off from the wholesale extortion approach and stick to provable violations with substantial evidence.
A third step will be to settle the fair-use issues and get them backed off from harassing the fair-users. At that point they might actually have some claim to a moral high ground, going after only real copyright scofflaws. With a legal system that protects the falsely accused, the non-violators can start to breathe easier.
Finally (and not necessarily in that order) will be dealing with the insane extension of copyright terms.
If we succeed on all four steps we can finally reach a reasonable copyright law and enforcement regime.
It the classic, "I don't know the answer, but I'll talk to my people and we'll get back to you" technique, which is followed up by vast amounts of never getting back to you.
And he DID follow through, and his people DID get back to us:
[Rich Taylor, a spokesman for the MPAA, later pointed to one company, Intervideo, that has a license to sell GNU/Linux DVD software, [...]
And from their side it appears that either the issue is closed or the ball is back in our court. In the absense of a response from us (specifically, from Weinstein or the others at Tech), they have good reason to believe it's closed. (And to feed the same story to anybody ELSE who raises the point later.)
But from our side it's NOT closed, because:
although the company does not actually sell a product that Linux users can purchase.
Taylor thinks even if we can't get it, the problem is still no longer theirs, because we WILL get it if we push vendors.
Linux users who want to watch DVDs should "perhaps buy a DVD player instead," Taylor said, or "write to Intervideo and others, encourage them that they're the market," he said. Will Linux users ever be able to view DVDs on their computers without breaking the law? "I'm sure that day is not far away," Taylor said.
But in fact he's directed us to somebody who never intended to make the system available. The one license for Linux platforms was obtained for embedded systems, not for making it available to the general Linux users:
A spokesman for Intervideo, Andy Marken, said the company's product is only for embedded systems and that Intervideo has no plans to release a software player for end users.]
So (if they haven't already), Weinstein and/or Tech can hit the ball back into the RIAA's court by:
- Telling Taylor (who was tasked by Valenti with handling this issue) that there is STILL no sign of a licensed player for Linux on the horizon.
- Raising our other questions, which Valenti seems to have missed. Things like "When did the first sale doctrine go away?", "CSS is not protecting against copying, it's restraining trade", and the other points we've brought up here.
We have an opportunity, people. But it has to go thorugh MIT. Are we hitting the ball back again? Or are we letting it pass by and losing the point?
Let's collect our questions and arguments and (if the MIT folks are willing) feed them back through the Tech/Weinstein -> Taylor/Valenti connection.
I'd post a URL to the demo but the Mac I'm on has inadequate mousing abilities.
[...] the one buttoned mouse has gotten the better of this poor soul.
I thought the Mac had a many-virtual-buttoned mouse, with the behavior modulated by shift keys (shift, ctrl, alt{?}, {a fourth one I don't recall}, and all binary combinations of them.)
It sounds like he can't figure out how to cut-and-paste between windows. I KNOW that's there (though it's been maybe a decade since I used a Mac so I don't recall exactly where.)
I have an undergraduate degree in physics, with significant work in nuclear physics and radiochemistry. The parent looks like complete technobabble to me.
In that case, could you please explain the physics behind the requirement for an ejected particle in nuclear fusion reactions in a NON-technobabble fashion?
The cold fusion pseudoscientists have to imagine some nonsense where the 24 MeV of energy is magically spread over the lattice. Never mind that the lifetime of the 24 MeV excited 4He nucleus is so short that this is impossible (there simply aren't enough atoms with delta t * c of the nucleus.)
But what's the lifetime of a 24-delta MeV excited nucleus?
You don't have to dump ALL the energy into the surrounding lattice at once. You only need to dump enough that the resulting extremely excited nucleus doesn't have QUITE ENOUGH energy to come apart again. They you've got a LONG time - like somewhere between nanoseconds and geological - to dump the rest.
Get rid of even a tiny delta (through some mechanism such as coupling to the surrounding material achieved through your deuterons' quantum-mechanical spreading over the regular crystal matrix) and you no longer need the recoil particle that you'd need in a vacuum/plasma/liquid situation (where nothing other than the nucleons themselves are close enough to the reaction site to carry off any energy).
Smearing the deuterons' wave functions out among many equivalent sites in a crystal would put additional candidate energy-thieves WITHIN the hydrogen nuclei. At that point delta t * c is out the window (or changes meaning to something more related to the overlap of the wave functions of the smeared-out deuterons with the crystal atoms). B-)
A nuclear process that produces that much excess energy should also produce enough neutrons to kill everyone in the building where it is being tested.
As I understand it, the reason plasma-based fusion reactions tend to produce neutrons is that you need to dump the excess energy from the reaction product for the fused neucleus to "settle down" in the lower-energy bound state, and that means you need to spit out an additionl particle to dump the energy as momentum. Thus D+D -> T+n, or D+T -> He+n.
In "cold fusion" the reaction is taking place in a dense metal matrix - at a deuterium density far too low for the "normal" two-particle fusion rate to be significant. This implies that, if there is significant fusion going on, it's because of some interaction with the surrounding metal, or with other hydrogen neuclei. This implies that some of the normal D+D->He->D+D might stop at He by dumping the excess energy as a recoil off another D or the surrounding matrix of electrons and metal neuclei.
I want to see this experiment retried:
- In a large single-crystal.
- In a large single-crystal with a tiny trace of impurities.
- In a polycrystal of a very few, very large crystals (in case the reaction occurs at crystal boundaries and is enhanced by the size of the crystal).
- With the magnetic field tightly controlled - and varied in both strengh and directon with respect to the crystal lattice.
- With the electric field similarly controlled.
- With controlled electric currents through the metal in various directions.
- With sudden strong pulses of electric and/or magnetic fields once the metal has been "loaded" with deuterium.
- With small bombardments of various charged particles at assorted energies (in case some component of bacground or cosmic radiation is a trigger of a short chain-reaction).
When thinking about hypothetical cold-fusion mechanisms I'm constantly bothered by the similarity of the system to early point-contact diodes, and how quickly the junction transistor, and then the rest of semiconductor technology, fell out of the development of a physical model for the long-range, room-temperature, quanum-mechanical phenomena underlying electrical conduction within a highly-ordered, slightly impure crystal.
Pumping deuterons into a dense and potentially crystaline metal by electrical pressure seems to me to be just begging for the deuterons' wave functions to be stretched out and overlapped in a similar way to those of the electrons, resulting in lots of potential for interactions that would not be observed in the disordered environment of a plasma or liquid.
It doesn't work on mobile right now so your spinning your wheels arguing against it.
Yes, it doesn't work that way. But the government will probably be trying to force it to work SOME way. And they can mandate all sorts of stuff and force the ISPs to implement it - and to pass the charge on to the consumers.
Personally I think any network-based location identifier is a bad idea - because it directly attacks anonymity. But governments would LOVE to identify who and where each Internet user of interest to them happens to be. So don't be surprised if they use VoIP 911 service, and the arguments I posted previously, (plus the threat of terrorism) as an excuse to force ISPs to provide address data - and not just on VoIP connections.
You can also drop the condescending attitude. You aren't holier than thou.
Didn't mean to sound that way. Sorry. I was just trying to list the factors I see as applicable to the issue.
My understanding is that it was a classic example of the use of submarine patents. Basically, Rambus participated in JEDEC, a memory technology conference
standards organization
whose purpose was to standardize SDRAM, while at the same time neglecting to mention that they, in fact, held patents or had patents pending on that very technology. They then attempted to elicit licensing fees for those technologies once it was firmly entrenched in the industry.
I've seen articles claiming they did BOTH: Submitted their patent-pending tech AND amended their patent applications (and/or started new ones) to include stuff they'd heard about in the committee from others, generally within days of the relevant meeting.
"...enterprises have to install security patches very rapidly, deal with outages caused by secondary problems with these patches, and deploy additional layers of security technology."
I see one bad thing and two good things here...anyone else with me? I mean, shouldn't we work our best to keep our environments 1) current
Of course not!
Upgrading is a cost. If your system is capable of doing the job adequately and efficiently without upgrading, there's no gain from the upgrade. You should only need to upgrade if the benefits from doing so exceed the cost - by a sufficient margin to also cover the opportunity cost from having your time taken up with the upgrade when you could have been doing something more profitable.
Also: Sometimes upgrades break things that were working just fine and that risk is an additional cost. (As is, of course, the cost of NOT upgrading in the face of security risks.)
and 2) as secure as we can afford to?
Again no.
You need it to be secure enough to reach the point of diminishing returns between cost of damange * probability of compromise vs. cost of security to prevent it.
(Which amounts ALMOST to what you said with Windows systems, since both the probability of compromise that can produce a high-cost damage is extremely high. B-) )
Marking data memory "no execute" doesn't fix things. It just makes it a bit harder to exploit.
Currently a typical buffer overflow exploit consists of a long record with executable code which also overwrites the return address in the subroutine which read the record so that it jumps into the code upon return. Making the stack no-execute means this approach results in a trap when the return is made. This kills the process that was attacked, rather than subverting it.
There are several reasons that this is not a "fix".
First: The basic problem is the buffer overflow. And an overflowed buffer will STILL break things, by damaging the state of other variables of the subroutine (as well as breaking the return address and possibly overwriting stack variables of several layers of calling routines as well).
Second: The exploit doesn't have to wait for the victim subroutine's return. It overwrote other variables than the return location, and the subroutine obviously read the record in order to do some processing on it. So by judiciously manipulating the stack the exploit has lots of opportunities to subvert the routines that read it to do work it specifies.
Third: The exploit doesn't have to specify a return location within itself. It can rewrite the return location to be any spot in any code for which the address is known - and rewrite the variables on the stack to provide the desired environment for the target code. (A simple exploit would be to hit something that's about to call "exec", with arguments on the stack that look like a shell script. Unix starts the user tasks with a hand-crafted "exec init". A virus can start its exploit tasks the same way.)
The real problem is that the buffer overflow is there in the first place, and the real fix is to eliminate those.
But that's no reason NOT to raise the bar on exploits by activating the no execute feature.
A reason you might NOT want to raise the bar that way is that some tasks NEED to execute code they generate in their data space. Examples are language interpreters using incremental compilation, or other systems that accellerate some processing by generating and executing data-dependent tweaked instruction sequences. Turning it on breaks them. Making it controllable but on by default ALSO breaks them (though it lets you upgrade them to work again) and just gives the exploit something extra to do at the top of its faked-up stack.
Problem is, people (particularly Windows users) buy features before they buy security.
IMHO that's because Windows users have given up on getting security. B-)
With a choice of an insecure platform with fewer features or an insecure platform with more, of course they'll pick the one with more. Just think: They might actually be able to get something done between crashes, infections, and reinstalls.
I figure the real reasons they use NNs are much simpler. Firstly, its really easy to implement NNs that predict numeric values instead of classes and even more importantly they work. Research usually involves trying everything under the sun and reporting/patenting/exploiting whatever worked best.
I figure the true answer is even simpler: Nonlinear Neural Networks were the first thing they tried that worked, and worked well, after they'd tried a bunch of other stuff which didn't.
Maybe some of the other techniques mentioned in this thread will do a significantly better job in less crunch and space. If all three are met (or the first two or maybe even just the first, if the improvement is sufficient) they might replace the neural net solution. But the NNNs' factor-of-two speed increase is a big deal right now.
Regardless of what they settle on, it will be interesting to see whether packet-size tuning also gives significnat throughput improvements if the underlying link uses really robust forward error correction, such as turbo or low-density parity codes.
It will also be interesting to see whether the improvement is actually pointing up an opportunity for improvement over the bandwidth-selection mechanisms of the Wi-Fi standard.
Perhaps moving the NNNs (or whatever) to the bandwidth selection layer of a link with more robust error correction could vitrually eliminate the need for retransmissions - by taking advantage of the extra information about link quality from the corrected errors and keeping the link's payload bandwidth tuned so the forward error correction virtually always succeeds.
I find it interesting that after all these years the Cone of Silence, the useless security divice from the spy spoof Get Smart, still needs no introduction.
It's doubly funny since the term actually predates Get Smart - and refers to something else entirely.
The "Cone of Silence" is the area directly over a vertically-polarized radio antenna (i.e. off the end of the dipole) where there is little or no signal.
In WW II, aircraft did a lot of navigation using radio beacons. The easy way to do this is to fly to, and over, a beacon, perhaps setting a course that went from beacon to beacon, rather than navigating by obtaining bearings from multiple beacons (although the latter was also done).
As you approach a beacon the signal strength increases. But as you fly over it, through the "cone of silence", it suddenaly drops out - then reappears behind you. Then you know that you just went right over it - and thus exactly where you are - and that it's time to set your course for the next waypoint.
With so many bomber crews (and stories about them) the term "cone of silence" became publically known. But with few people other than navigators and radiomen familiar enough with it to know exactly what was meant, it became a buzzword with the implication of having something to do with wartime and security.
Which gave the writers of Get Smart an opportunity to use a rotten pun for a couple air minutes of slapstick by redefining it. B-)
Secondly, I think people should use what works for them. If windows works for you then use windows.
Unfortunately, Windows is causing major problems for people OTHER than its users, on the net and elsewhere, due to its poor design.
First: The poor security of windows results in repeated bursts of traffic clogging the net for days at a time, as the latest security vulnerabilities are exploited by viruses and worms. Microsoft has shown little competence at fixing these issues, which are becoming more rather than less of a problem with time as the malware authors improve their designs faster than Microsoft can fix their systems. There is no sign that this trend will reverse.
Arguments that the wider deployment of Microsoft products makes them a bigger target are disproved by the web server counterexample: Apache is far more widely used than Microsoft's IIS, yet IIS gets virtually all the exploits.
But with actual industries based on malware exploiting Windows security bugs, malware authors are polishing destructive payloads. With every passing year this increases the threat from malware ports to other more secure (though imperfect) systems, once windows is finally on its way out. It's much like the way large reservoir of disease increases the risk of plagues to currently uninfested areas.
Second: Microsoft's IP stacks "cheat" when setting the Quality of Service (QoS) bits, demanding higher service levels than the applications actually need or request. This once gave them improved performance over their competition. But it puts their low-priority traffic (like file transfers) in the way of streaming applications (like VoIP or videoconferencing).
This has impeded deployment of QoS sensitive applications, as well as proper deployment of QoS support and QoS-dependent services in both the enterprise and the network core. Currently they're supported by hacks - such as putting the VoIP phones on a separate virtual LAN that is given higher priority, VoIP phones with an "extension" outlet for the workstation which rewrite the QoS bits on the workstation's packets, and other router/switch/bridge/firewall/edge-router hacks that downgrade or selectively downgrade the QoS settings on customer packets.
This rewriting of QoS bits means that streaming applications running on Windows workstations can't get the service levels they need, and thus don't run as well as they should on workstations (which is part of why you see separate IP phone hardware, and why VoIP applications are so flakey). So it finally bit Microsoft, too. They now have an incentive to fix it. But projects to do so are delayed behind their frantic attempts to patch their security bugs. And even once they DO fix it there would be the problem of getting the fixes deployed, and onto legacy systems as well.
Meanwhile, OTHER OSes which DON'T cheat also have to deal with an internet where QoS isn't properly implemented, and where in some cases their packets get the same QoS-rewriting penalizations as are necessary to defend servers against Microsoftware's misbehavior.
The Microsoft shepherd cried "Wolf!" repeatedly (and still does). So now the townsfolk won't respond when ANY shepherd cries "Wolf!"
Third: Microsoft has deliberately deployed proprietary data and interface formats that don't interoperate with the products of other vendors, and has "embraced/extended (i.e. broken)/extinguished" even some proprietary standards. This results in things like email, web sites, and documents that won't work with - or even break - other people's tools, locking their customers into Microsoft products and impeding communication, not just between them and other internet users, but also among other internet users (as, for instance, clueless web designers write sites that assume Microsoft's browser).
This has placed an extra load on application designers, as they must reverse-engineer and support Microsoft proprietary formats so their users can communicate with the people still stuc
Actually, some people that live long enough do get a third set of teeth naturally.
And some people also have the third set show up earlier in life. (Like one kid I knew in high school who had to have 'em pulled.)
A third set is not all sweetness and light, however. There tend to be a lot of problems from the second set not getting out of the way, or its accumulated maloclusions, tooth-losses, and other screwups keeping the new ones from erupting properly.
What would make a lot of sense evolutionarily is for the jaw to produce a replacement tooth if the predecessor is lost. That way the new tooth could come in before the neighbors drift out of place. But apparently that's not in the cards for mammals - especially in OUR lifetimes - without deliberate hacking.
One of the articles points out that the new tooth bud emits growth factors that recruit blood vessels and nerve cells, ending up innervated and plumbed just like a normal tooth.
(I wonder if it might actually emit the nerve as part of its own differentiation. Many structures seem to start with a nerve bundle and then grow other tissues as directed by growth and differentiation factors secreted by nerve cells, rather than the other way around. So I'd expect the tooth bud to include its own proto-nerve cells, ready to "plug themselves in" to the rest of the nervous system, rather than recruiting nerve cells from their surroundings. Blood vessels seem to be recruited, however - which makes sense since they need a connection to the blood supply for their own nurishment, and many tissues need essentially the same plumbing.)
Fetal stem cell research is almost irrelevant. The Australians have extracted stem cells from [other tissues in post-birth people] Fetus's are not the only source of stem cells, they are just one of the first sources discovered.
There are lots of different stem cell lines at different stages of the organism's development. Stem cells extracted later in life may have partially differentiated and thus have less plasticity than those extracted early. They'll also be closer to the Hayflick Limt, with shorter telomeres, limiting the amount of tissue they can produce and accellerating its aging, and be more likely to have accumulated genetic damage, making them more likely to become cancerous.
Stem cells extracted from the already-born are almost certain to be useful for most tissue-replacement purposes, once the science has been done to understand the mechanisms. But to do that science with ONLY the information from the differentiated cell lines, blinding the researchers to the more pristine early-stage genome, is enormously more difficult.
And that's the stage we're at now.
By blocking foetal stem cell research the US policymakers are delaying the availability of new treatments. This increases human suffering and death - with no reduction in the number of aborted foetuses, or any other mitigation of harm, to show for it.
Doing the basic research on foetal tissue from abortions performed for other purposes is still somewhat more difficult than doing it on foetuses created for the purpose. But not a lot more so. And such a ban WOULD prevent the creation of foetuses just to be killed for research.
Once the basic research is done, treatments can be designed to use stem cell lines harvested post-birth (preferably from the individual being treated, which solves rejection problems as well). A ban on using foetal cells for TREATMENTS can prevent the foetus-farm scenario at a relatively minor cost in human suffering and death from untreated conditions.
No more brushing my teeth and all the Coke I can drink!
Take that, Mother, with all your dire predictions about my teeth rotting out.
You know, back when I was a kid in late elementary school I was an avid reader of science fiction. I remember thinking that by the time my adult teeth were starting to wear out or become dinged or decayed the technology would be in place to grow replacements.
Of course that was back in the late '50s. I didn't imagine something like the FDA and the Thalidomide parinoia putting the skids under medical technology development.
It's about TIME they got around to it!
(Fortunately, dental hygene isn't just about keeping 'em from rotting, or I'd probably be weraing dentures by now.)
Is there a reason there isn't a standardized procedure with the phone company whereby the cops say "there was a bomb threat made at 1pm to this number" and the phone company says "these were the incoming calls and where they came from"?
Yes there is. It involves search warrants. And that means asking for the right stuff. Getting call trace information is an invasion of privacy, not just of the caller but of others who might have called at around the same time. So you need an overriding reason to perform such a search. And you need probable cause that a specific crime has been committed and evidence will likely be obtained by perfroming the search, to get the warrant allowing the search.
It's the job of the police and prosecutors to know how to do this, not of the telephone companies to teach them.
I'm sure that once you think about it in terms of some policeman who doesn't like your looks tracing all your calls and harassing all your friends, on the basis of an anonymous tip (phoned in by his buddy at the next desk), you'll appreciate why safeguards are in place.
What I find particularly disturbing is why the TelCo people weren't more involved. I mean:
..., there it is!
What happened: Officer: I need this TelCo: Searching... Nothing.. Try Again...
Instead of what should have happened: Officer: We need to catch this haxor TelCo: Ok,
I, on the other hand, am glad that the telephone company is not being randomly helpful, but insisting that the police go through proper channels before handing out call trace information.
Perhaps they could have told him what to ask for. But I prefer that they err on the side of citizen privacy and let the police learn to do their job through their own methods (as this officer did), rather than spending their resources (and raising customer bills) leading every nosy cop through the procedure by hand, thus encouraging its constant use for ever smaller issues and possibly giving them incorrect legal advice in the process.
I'd have to say that it's good we can show a clear example of a "good hacker"... and what's best is this is a local effort. Good will for white-hats will be best done at the grassroots level.
The concept of Mitnick as a "white hat" will probably have a significant number of white hats foaming at the mouth.
If Mitnick is truly reforming, kudos to him. But his hat WAS a darker shade in the past.
Perhaps "bleached hats" would be appropriate for reformed black hats. With the implication that they might come out white, grey, or dingy yellow - which seems appropriate.
Reformed criminals come in at least three flavors - those who truly reform by internalizing the intent to do the right thing even when it's inconvenient and to make up for any wrong they had done previously, those who put on an appearance of reforming while continuing their activities in hiding, playing both sides of the fence, and those who would go back to the dark side in a flash but for fear of being caught again.
As long as we are the freest nation in the world (with shit like the PA being passed that won't be too long) we will also be the most violent, the most dangerous, and the most open to attack by individual nuts.
Actually we AREN'T the most violent, most dangerous. Risk of death from violent crime among every major racial/ethnic group in the US is typically lower than it is for the same ethnic group in their country of origin. Lower for whites of English descent than in England, for blacks of African descent than in Africa, for people of Japanese descent than in Japan, and so on, for people of Spanish-Indian descent than in South and Central America, and so on.
We have a higher average violent crime rate than some other countries mainly because we have allowed and encouraged (and even sometimes forced B-( ) immigration of large numbers of members of violent cultures, but haven't forced them to completely abandon their cultures. Crime tends to be mainly within each group rather than between members of the groups. But crime goes down as the members of the groups assimilate and/or acquire means of self-defense. (Risk - of victimization or crime commission - for a black US citizen of African descent but middle-class or higher income and status is no different that that for a white of European descent.)
Add in the risk of death and injury from acts of war and there's just no comparison. Most of the rest of the world gets into major tribal warfare and rounds of genocide about once per generation (although this has been cooling out a bit since the invention of the Atom Bomb). The US hasn't had a major civil war since the mid 1800s, and most of its casualties come from bailing out the rest of the world.
And there's plenty of evidence now that the solution to the remaining "problem" is more freedom - specifically more gun-toting. Not only is violent crime highest where guns are most restricted, lowest where they're most prevalent. But now we know that it's BECAUSE they're restricted that crime is high, rather than the other way around. CCW has been legalized in progressively more of the US over the last decade or so, and within a couple years of legalization in each area - about the time people actually the the paperwork done and you start having a significant number of gun-toters - crime in the area drops like a rock.
I agree that the way that the 2nd amendment is ignored or distorted is unconscionable. In spite of this, I'll gladly support a group that defends 95% of my enumerated rights, and work on the other 5% through different channels and organizations.
I would do the same, if they merely ignored the other 5%.
Unfortunately, they actively work against the other 5% - a 5% I take very seriously. It goes far beyond such trivialities as printing up posters of the Bill of Rights with the 2nd deleted.
For instance: When a crook in New York City cracked a safe and stole a gun, then used it in a crime and shot somebody, they provided lawyers for the shooting victim to sue the gunowner whose gun had been stolen.
Sorry. But now that they've done stuff like that, they'll have to do an explicit turnaround, rather than just (maybe - how could you tell?) dropping back to benign neglect, before I can support them regardless of how much good work they do on other issues.
If men are to be precluded from defending thmselves from violent oppression, mere speech is of no use to us; The right to keep and bear arms may be taken away, and unable to do more than bleat we may be dragged like sheep to the slaughter.
extra 1 to 3 years tacked onto a felony conviction is nothing
Oh yes it is, while you go in thinking it's nothing usualy because it's served concurrently with the primary sentence; I can guarentee that the Parole board will look at it differently.
Huh? WHAT parole board? This is a federal offense, prosecuted in a federal court.
I was under the impression that all this stuff was strictly a state thing, and that the Fed had no parole, no time-off for good behavior, no concurrent sentencing, etc. That when you got convicted in the Federal system you really rotted away for the full sentence in some rockpile unless you somehow managed to get pardoned or get your convecion reversed on appeal. (That's why "a federal offense" is such a big deal.)
Am I mistaken?
(Not being a lawyer OR a criminal I don't have direct experience to go on. B-) )
Yeah, you keep singing, and don't forgot to pay your tax on every CD-R or MP3 storage device that you buy... nevermind that that probably far exceeds losses by piracy
Which brings up a question:
Has anybody tried the defense that they already PAID to make the copy by paying a tax on the medium, so the RIAA is double-dipping?
That might make them think twice about both the tax and the suits. B-)
Couldn't the same be said for people who didn't do it? A lot of people take guilty pleas who were innocent rather than running the risk of receiving a full sentence, especially if the plea is for $3000. It would cost more than $3000 just for a retainer to get a lawyer.
Quite.
In fact, that is one of the biggest arguments against the death penalty in criminal cases. It seems a significant number of people who are completely innocent of the murder for which they're accused plead to reduced charges (like second-degree) and do long prison time rather than risking death.
Ditto plea barganing on other crimes with less than the death penalty, but still with major penalties. Plea barganing plus other sentence-lightening factors ("good behavior", overcrowding releases, judges giving light sentences, parolle, "mitigating circumstances", etc.) ended up with bad guys getting miniscule sentences (the "revolving door"). So legislatures inflated the penalties to compensate. But somebody who actually fights typically gets the inflated penalty - and praolle boards don't release people who refuse to "admit responsibility and show remorse", meaning they serve it all unless they continue the lie that they did the crime. And the penalty inflation feeds back into the plea-barganing success rate and feeds the convict-making factory.
This is the legacy of over a century of "drug war". Back in the '60 people thought that civil disobediance would overload the system and they'd have to throw in the towel. The system responded with first the plea-barganing mechanism to unload the courts. Then it created RICO to fund the whole machine (by siezing the assets of the accused), create an incentive for MORE accusations AND stripping the accused of the resources needed to hire a defense.
Thus the criminal justice system has been complelely corrupted by this mechanism.
Why should we expect anything else from the civil side of the law, where large institutions with large resources, such as RIAA, can pull the same self-funding extortionist hack on thousands of little guys?
= = = =
The first bright side I can see is that the initial assault on dual-use technologies (such as peer-to-peer file sharing) is being blunted. So the RIAA is finally moving toward the model they SHOULD have started with: Going after the actual offenders.
Now comes another step: Forcing them to back off from the wholesale extortion approach and stick to provable violations with substantial evidence.
A third step will be to settle the fair-use issues and get them backed off from harassing the fair-users. At that point they might actually have some claim to a moral high ground, going after only real copyright scofflaws. With a legal system that protects the falsely accused, the non-violators can start to breathe easier.
Finally (and not necessarily in that order) will be dealing with the insane extension of copyright terms.
If we succeed on all four steps we can finally reach a reasonable copyright law and enforcement regime.
It the classic, "I don't know the answer, but I'll talk to my people and we'll get back to you" technique, which is followed up by vast amounts of never getting back to you.
And he DID follow through, and his people DID get back to us:
[Rich Taylor, a spokesman for the MPAA, later pointed to one company, Intervideo, that has a license to sell GNU/Linux DVD software, [...]
And from their side it appears that either the issue is closed or the ball is back in our court. In the absense of a response from us (specifically, from Weinstein or the others at Tech), they have good reason to believe it's closed. (And to feed the same story to anybody ELSE who raises the point later.)
But from our side it's NOT closed, because:
although the company does not actually sell a product that Linux users can purchase.
Taylor thinks even if we can't get it, the problem is still no longer theirs, because we WILL get it if we push vendors.
Linux users who want to watch DVDs should "perhaps buy a DVD player instead," Taylor said, or "write to Intervideo and others, encourage them that they're the market," he said. Will Linux users ever be able to view DVDs on their computers
without breaking the law? "I'm sure that day is not far away," Taylor said.
But in fact he's directed us to somebody who never intended to make the system available. The one license for Linux platforms was obtained for embedded systems, not for making it available to the general Linux users:
A spokesman for Intervideo, Andy Marken, said the company's product is only for embedded systems and that Intervideo has no plans to release a software player for end users.]
So (if they haven't already), Weinstein and/or Tech can hit the ball back into the RIAA's court by:
- Telling Taylor (who was tasked by Valenti with handling this issue) that there is STILL no sign of a licensed player for Linux on the horizon.
- Raising our other questions, which Valenti seems to have missed. Things like "When did the first sale doctrine go away?", "CSS is not protecting against copying, it's restraining trade", and the other points we've brought up here.
We have an opportunity, people. But it has to go thorugh MIT. Are we hitting the ball back again? Or are we letting it pass by and losing the point?
Let's collect our questions and arguments and (if the MIT folks are willing) feed them back through the Tech/Weinstein -> Taylor/Valenti connection.
I'd post a URL to the demo but the Mac I'm on has inadequate mousing abilities.
[...] the one buttoned mouse has gotten the better of this poor soul.
I thought the Mac had a many-virtual-buttoned mouse, with the behavior modulated by shift keys (shift, ctrl, alt{?}, {a fourth one I don't recall}, and all binary combinations of them.)
It sounds like he can't figure out how to cut-and-paste between windows. I KNOW that's there (though it's been maybe a decade since I used a Mac so I don't recall exactly where.)
I have an undergraduate degree in physics, with significant work in nuclear physics and radiochemistry. The parent looks like complete technobabble to me.
In that case, could you please explain the physics behind the requirement for an ejected particle in nuclear fusion reactions in a NON-technobabble fashion?
The cold fusion pseudoscientists have to imagine some nonsense where the 24 MeV of energy is magically spread over the lattice. Never mind that the lifetime of the 24 MeV excited 4He nucleus is so short that this is impossible (there simply aren't enough atoms with delta t * c of the nucleus.)
But what's the lifetime of a 24-delta MeV excited nucleus?
You don't have to dump ALL the energy into the surrounding lattice at once. You only need to dump enough that the resulting extremely excited nucleus doesn't have QUITE ENOUGH energy to come apart again. They you've got a LONG time - like somewhere between nanoseconds and geological - to dump the rest.
Get rid of even a tiny delta (through some mechanism such as coupling to the surrounding material achieved through your deuterons' quantum-mechanical spreading over the regular crystal matrix) and you no longer need the recoil particle that you'd need in a vacuum/plasma/liquid situation (where nothing other than the nucleons themselves are close enough to the reaction site to carry off any energy).
Smearing the deuterons' wave functions out among many equivalent sites in a crystal would put additional candidate energy-thieves WITHIN the hydrogen nuclei. At that point delta t * c is out the window (or changes meaning to something more related to the overlap of the wave functions of the smeared-out deuterons with the crystal atoms). B-)
A nuclear process that produces that much excess energy should also produce enough neutrons to kill everyone in the building where it is being tested.
As I understand it, the reason plasma-based fusion reactions tend to produce neutrons is that you need to dump the excess energy from the reaction product for the fused neucleus to "settle down" in the lower-energy bound state, and that means you need to spit out an additionl particle to dump the energy as momentum. Thus D+D -> T+n, or D+T -> He+n.
In "cold fusion" the reaction is taking place in a dense metal matrix - at a deuterium density far too low for the "normal" two-particle fusion rate to be significant. This implies that, if there is significant fusion going on, it's because of some interaction with the surrounding metal, or with other hydrogen neuclei. This implies that some of the normal D+D->He->D+D might stop at He by dumping the excess energy as a recoil off another D or the surrounding matrix of electrons and metal neuclei.
I want to see this experiment retried:
- In a large single-crystal.
- In a large single-crystal with a tiny trace of impurities.
- In a polycrystal of a very few, very large crystals (in case the reaction occurs at crystal boundaries and is enhanced by the size of the crystal).
- With the magnetic field tightly controlled - and varied in both strengh and directon with respect to the crystal lattice.
- With the electric field similarly controlled.
- With controlled electric currents through the metal in various directions.
- With sudden strong pulses of electric and/or magnetic fields once the metal has been "loaded" with deuterium.
- With small bombardments of various charged particles at assorted energies (in case some component of bacground or cosmic radiation is a trigger of a short chain-reaction).
When thinking about hypothetical cold-fusion mechanisms I'm constantly bothered by the similarity of the system to early point-contact diodes, and how quickly the junction transistor, and then the rest of semiconductor technology, fell out of the development of a physical model for the long-range, room-temperature, quanum-mechanical phenomena underlying electrical conduction within a highly-ordered, slightly impure crystal.
Pumping deuterons into a dense and potentially crystaline metal by electrical pressure seems to me to be just begging for the deuterons' wave functions to be stretched out and overlapped in a similar way to those of the electrons, resulting in lots of potential for interactions that would not be observed in the disordered environment of a plasma or liquid.
It doesn't work on mobile right now so your spinning your wheels arguing against it.
Yes, it doesn't work that way. But the government will probably be trying to force it to work SOME way. And they can mandate all sorts of stuff and force the ISPs to implement it - and to pass the charge on to the consumers.
Personally I think any network-based location identifier is a bad idea - because it directly attacks anonymity. But governments would LOVE to identify who and where each Internet user of interest to them happens to be. So don't be surprised if they use VoIP 911 service, and the arguments I posted previously, (plus the threat of terrorism) as an excuse to force ISPs to provide address data - and not just on VoIP connections.
You can also drop the condescending attitude. You aren't holier than thou.
Didn't mean to sound that way. Sorry. I was just trying to list the factors I see as applicable to the issue.