Unless you're downloading games regularly, watching high def videos online, or torrenting stuff, data caps should never be a problem.
The trouble is a lot of people are now doing most of the above. People who aren't don't care about caps, since they'll never get close to 100gb a month without those three.
The problem is that the hogs of today are examples of what the average customer could be doing 10 years from now.
10 years ago, 3 Mbps down/384 kbps up DSL was widespread. Streaming video was uncommon. There was no YouTube, and Facebook was exclusive to Harvard. Windows XP SP2 was not yet released. Perhaps a 10GB cap would have been reasonable, and data hogs would pay exorbitant prices for cable.
Now, "selfie" is a thing. My chattering devices are constantly looking to communicate with Google (Android), Apple (iOS and MacOS), and Microsoft (Windows Update). I probably go right past 50GB regularly, and I don't do Netflix. This has been enabled by the relentless falling prices of Internet transit. (Historical trends) Games, Netflix, and BitTorrent aren't the only things pushing bandwidth usage up.
So, it's alarming to see a Comcast exec, proposing in 5 years to limit the Internet to the Internet of today. He wants to stop progress. It's especially galling because he's already double-dipping. He's trying to triple-dip. He's charging consumers for the cable Internet connection, he's charging Netflix for access to those consumers, and now he wants to charge again to use that connection that 2 parties have already paid for.
You wanted to watch Youtube vids, so you run Google Chrome, which has even more liberal implementation of this DRM.
You didn't boycott Youtube.
I feel no inconsistency.
I've been using computers a long time. In the old days, you would use the Gopher program to access Gopher services, you would use the FTP program to transfer files using FTP, you would use RealPlayer to listen to RealAudio streams. I think of Google Chrome as an insanely capable access client for Google services. Mozilla thinks I should be using Firefox for every web site? They're being morons.
Google's web properties are broken, like we think of IE6-ActiveX web sites as being broken. No, Youtube's HTML5 doesn't always work. Just usually doesn't cut it.
As for what Google gets from me, I use Adblock Plus, and run most of my sessions in short-lived Incognito windows. They're going to have to work for their keep.
Brendan Eich may have had some opinions that people don't like, but at least he stuck to his morals. Now that he's gone, the new CTO, this Andreas Gal, seems more likely to compromise. DRM is evil, but Dr. Gal thinks he's clever, and is trying to wrap it in an open-source sandbox. Let the exploits come.
Oh well, now I do have an actual reason to boycott Firefox.
Your other points are wrong and flamebait, so I won't respond, but this one is interesting.
It's your own servileness that's holding you back.
If you want people to support the goals of the FSF, perhaps it would be a good idea to NOT insult them with terms like "servile"
If you want people to make a change that causes short-term discomfort, you don't tell them, "Everything's fine. You're fine. By the way, you should totally change your life." That's the type of thing you tell them when you want them to indulge. For example, religion. The strong ones are the ones going, "You're a sinner; find salvation here." They actually get stuff done, for peculiar definitions of "stuff." The weak religions go, "Everything's fine. You're fine. Please donate."
In the same way, I'm pointing out a character flaw, which practically everyone has in some way. Everybody is lazy, everybody lusts, and everybody has some servility to false idols. Many people in the computer industry use that natural servility to create the idol of the Sovereign Vendor. The Free Software movement is about tearing down that false idol, and bringing freedom to computer users. Tearing down the idol is going to be uncomfortable. You're more likely to put yourself through the discomfort if you realize that you're in a state of sin. However, St. IGNUcius is an atheist, and he doesn't believe in confession and penance. Just reform your life and live in peace.
RMS: Pay with coding skills or money to free a tablet.
Why? I have an avenue for getting the stuff I want RIGHT NOW. If free software/hardware is superior, why does it not already exist to do the same thing as I can get with non-free software/hardware?
You cannot argue superiority of free when it doesn't accomplish what people are used to doing with non-free.
Hence why RMS needs to keep saying the same thing over and over again.
Why free a tablet? Because freedom is better than bondage. RMS doesn't claim that freedom leads to higher-quality software. That's ESR. RMS claims that freedom is better for society, so we should simply reject non-free software, no matter how inconvenient it is.
Why doesn't free hardware exist? Free hardware doesn't exist for the same reason why so few software companies produce free software: The socio-economic system favors exploitative producer-consumer relationships. RMS's message is ultimately a social message, not a technological message.
As for streaming, there are free technologies, but they are not widely installed and therefore little used. That's probably one reason why RMS still considers Gnash to be so important.
Mandatory Access Control, or "application censorship" as Stallman calls it, is just a refinement of earlier security practices. His own GNU system enforces Unix's user/group access controls. A process running on a user's behalf is not allowed to interfere with other users in the same system. It turns out that programs can do undesirable things to the user's own stuff (mostly from accidental security vulnerabilities), so it's helpful to limit what a program can do. The only alternatives are for you, the user, to limit yourself to running programs that you can study and verify that they simply do not do bad stuff, or to disconnect yourself as Stallman has done. Ain't nobody got time for that.
tablet user: I use it to watch netflix and play games
RMS: You shouldn't use ti for that because it requires non-free software.
tablet user: but if I don't, how can I watch movies and play games.
RMS: you should use a free tablet
tablet: where can I get one and can I use netflix and play angry birds.on it
RMS: Pay with coding skills or money to free a tablet.
Also, these activities don't require non-free software. Download DRM-free videos with Transmission and play them in VLC. Play (and improve!) Angry Tux. It's your own servileness that's holding you back.
Verizon requires you to have a data plan to even use (e.g.) an iPhone. Even if you never use the data service. If Verizon considers your phone a "Smart Phone", they require you to have and pay for a data plan to use it. My understanding is that the other carriers have the same policy. The people that are buying these phones are paying these monthly fees.
The environment is more complicated since the last time you looked into cell phone plans. I don't blame you, because you have better things to do, but you might be able to save money with a smartphone, now.
There's decent activity in Mobile Virtual Network Operators (MVNO), companies that rent capacity on the carriers' networks. Most of them have conventional plans that work with any phone from that carrier. If your usage falls into particular patterns, those plans can be cheaper than the carriers' own plans. But with a smartphone, a company can offer radically different plans:
Republic Wireless has plans starting at $10, or $5 if you have good WiFi and don't need to do calls away from your home/work/car hotspot, ever. Their cheapest phone is only $149, so it doesn't take long to start saving money compared to a typical carrier. Republic Wireless is what I use.
FreedomPop has plans starting at $0, as long as you don't use more than 200 minutes a month, or $10.99 for unlimited voice and texts. Their cheapest phone is $99. I'm not confident in their service quality, and I don't like their overage-based business model, but it doesn't get any cheaper than free.
Actually, it's possible to remove all errors and imperfections, if you would be satisfied with being boring.
No. Software for which you can guarantee that no error exist is not only boring: it is useless.
To prevent the next Heartbleed, it's more productive to donate to LibreSSL.
You do not get my point. You may succeed in rendering it less probable. But you cannot prevent it.
I do get your point, and I disagree. Perhaps my point is not so clear, so I'll rephrase it: For a protocol as complicated as SSL, it's difficult to guarantee that a program is free of bugs, but it is possible to create a program free of exploits. With sufficient discipline in specific domains, it's also possible to create bug-free specifications. Computer programs are just math, and a lot of math can be proved. The key is to decompose programs into pieces that humans can reason about. That's what Crockford means by "error-resistant" programming.
I see that you're a Ruby programmer. It's difficult to create the Heartbleed vulnerability in Ruby. I guess you could do it if you did all your processing in a custom IO object "for performance reasons," like OpenSSL's custom malloc. That sort of silliness is all over the OpenSSL project, and that's what the LibreSSL project is eliminating. Now, the Ruby runtime itself is a complicated program and not bug-free, but every fix in the runtime eliminates a bunch of bugs in many Ruby programs.
Similarly, the OpenBSD project has a bunch of practices and programs to eliminate or mitigate the severity of exploits. At this point, I trust them more than I trust OpenSSL. So, we should support LibreSSL.
We cannot write complex bug-free software. PERIOD. OpenSSL is not windows. Headlines about OpenSSL bugs are not such a common occurrence. One bug happened at the wrong time, wrong place. This could have happened even if the world had opted for a proprietary library for this critical role. The only difference is that there would have been somebody to sue. Big consolation.
New theories come out of IT faculties around the world at regular intervals, that promise, if strictly followed, the holy grail of bug-free software. All of them eventually prove non-effective.
The only concrete effect of all these tactics is that the job of the programmer becomes more tedious, less interesting. One thing I can tell you from direct experience is that, the lowest the level of interest of the programmer, the higher the possibility will be that bugs may slip into his or her code.
Actually, it's possible to remove all errors and imperfections, if you would be satisfied with being boring. That's one thing I got from Douglas Crockford's Programming Style and Your Brain. Sometimes, especially for security-related software, "boring" is exactly what you want.
Unfortunately, SSL is anything but boring. It's barely standardized, and it's prone to getting new features. But just because the standard is exciting, doesn't mean the code has to be exciting. The OpenSSL developers may have received $2,000 in donations last year, but they make money by consulting on OpenSSL. They have a perverse incentive to keep OpenSSL confusing and buggy. The efforts for the LibreSSL project show just how needlessly exciting the OpenSSL code base is.
To prevent the next Heartbleed, it's more productive to donate to LibreSSL.
How many kids have the chance to sit down in front of a computer and learn that the reason a ball goes across the screen comes down to something as simple as x=x+1? Schools won't teach them that until the end of primary.
Ugh. Wow. I hope primary schools never teach x=x+1.
In the computer industry, we've probably been set back by years or even decades by BASIC and imperative programming. Imperative programming makes intuitive sense because computers process things step by step, and that's what's exposed in imperative languages, but concurrency will be the downfall of imperative programming.
Personally, I think BASIC helped me in primary school maths, but it drove me away from being a programmer. It's challenging enough to do things in BASIC, but the step-by-step flow is clearly there. Then I looked at C and C++, and the pages of keywords and data types, and the need to buy a compiler to get anything to work, and it was no fun. And then I looked at event-based systems, like the Macintosh, and Where is the first step? How does defining a function just make things happen? Why is this nothing like the C/C++ books? It's so confusing and I quit. I only got back into programming because I took a music class from David Cope, and he taught LISP, and I was like, Woah, there's an entirely different way of programming, and it's more like math.
So, it's thoroughly discouraging to see Codeacademy, and the first thing they're doing is sequential, imperative programming, with output via console.log() and blocking function calls to alert() and prompt(), and I'm internally screaming. This is so wrong. This is not how we're going to train programmers for concurrent systems.
Why not fund openSSL developers to do the same with the OpenSSL code, but including much of the cross platform options that has made it so ubiquitous. And without the silly name,
Because all those cross-platform hacks directly contribute to its bugginess. The Heartbleed bug was facilitated by a cross-platform reimplementation of malloc that was written for speed rather than security.
And also because the OpenSSL developers have been demonstrated to sit on patches for years instead of fixing bugs.
For a morbidly good time, go look at OpenSSL Valhalla Rampage, a blog highlighting some of the insanity that the OpenBSD devs are encountering as they rewrite OpenSSL into LibreSSL. It becomes clear that Theo de Raadt was right, and the OpenSSL devs are not responsible people.
What you need to do is to look at the available routers, and find which ones have supported chipsets and adequate flash storage and stuff.
In the 802.11n dual-band generation, the best seemed to be the Atheros AR7161 routers, such as the Netgear WNDR3800. I bought that specifically because it has robust open-source drivers for both radios, so it works smoothly with OpenWRT. It's not the fanciest, but I used 802.11g for years without problem, so it can't be that bad.
For the 802.11ac generation, I'd guess that devices with version 2 of the Qualcomm Atheros QCA-9880 might work best, such as version 2.0 of the TP-Link Archer C7, but I haven't been following it since I don't need an upgrade, yet.
I agree about the Model M. Mine was built in 1991, and I've had it since 2003.
I use it with my Mac, through a USB adapter. Interestingly, when I set the keyboard preferences to treat the Alt key as Command, it still treats the right Alt key as Option. I don't know if it's something specific to the Model M, or if it's something weird with my generic Holtek-based adapter. I use all 4 modifiers, so that was a bit of a bonus.
USB adapters are a lemon market. So far, I've tried buying 3 adapters. The Holtek one works well with keyboards, but not mice. The second one works well with mice but not keyboards. The third one doesn't work at all. They're all too cheap to bother returning. This is one way that Amazon, with its incredibly generous return policy, is increasing its retail dominance.
Honestly, looking at the design of that thing, I am not so sure it had a viable market. There were few wireless networks set up in 2000 it wasn't a given that every home had one. Cell data was expensive and slow. The device seems unwieldy and large and the controls don't look like they would be particularly easy to use. Also, what OS does it run, can it do anything but surf the web? Was the web on its own interesting enough in 2000 to make this a killer device? No streaming movies and TV shows, Spotify or any of those interesting services.
Were you around in 2000? I was. It was not a wasteland.
WiFi was already starting to become popular. Apple introduced the Airport in 1999. By 2001, I had my own WiFi network, and my school had a (very poorly functioning) network. It wasn't a "given," but it was available to the savvy people who would buy that thing.
The Web was already pretty interesting. There was streaming media, in the forms of RealPlayer, QuickTime, and Windows Media. Yahoo and Microsoft had webmail. Slashdot had fewer idiot editors. Amazon had shopping. And who knows what that device could have turned into, if it had more development.
The Nokia M510 could very well have been a flop. Sony's eVilla was a disaster. Steve Jobs refused to release the iPad until it was sufficiently "magical" in 2010. But I think this had more to do with design discipline and marketing than what was technically possible back then. After all, Palm was pretty big back then.
Efficiency in private sector is defined to be maximizing the return on investment. Private sector efficiency is NOT delivering goods and services at the least cost to most people. If that is the *only* way to maximize the return on investment, they will do it. It happens on simple products like cereal, bread, milk etc.
It doesn't even work entirely for those. Civic duty used to be an important part of American education. Now we have mega-banks that capture markets and suck the value out of everything they can.
There was an article I read with an evocative image of grain rotting in rail cars while crises erupt in the Middle East, but I can't find that article right now.
Civilizations have rarely ended in abrupt catastrophes. The most analyzed ending of a civilization is probably the Fall of the Roman Empire, and that ended over hundreds of years of debauchery and neglect. It takes a while for a major civilization to collapse.
Modern Western Civilization could end faster. A nuclear power plant dies much more quickly than a Roman aqueduct, and fluctuations in the market for crops in America have destabilizing effects on governments in the Middle East. On the other hand, the widespread travel and communication among nations' elites seems to be making them less likely to disrupt the channels of commerce.
In general, survivalists are ready for civilization to end suddenly. They are not prepared for civilization to continue.
Most Internet communications are carried in packets with unique source address and unique destination address. Conceptually, it doesn't matter whether those packets are encoded with Point-to-Point Protocol on a serial cable, or whether they go through a bunch of routers first. A more pedantic term is unicast. So, the actual counterexample would be multicast, and despite best efforts, there's very little of that on the Internet.
The real exception to point-to-point communications is WAN acceleration, but I'm guessing that its effects are minor across the Internet.
I'd really like it if Intel could introduce an 'x86-2' instruction set that dumped all the legacy stuff but kept the same basic architecture. It'd need software to be recompiled, but not rewritten. It'd be expensive, but if they can coax just a few percent extra out of the hardware by dumping legacy then it'd still sell to the HPC and server markets. Recompiling linux and packages is a small price to pay.
Recompiling Linux and packages. That has worked out so well for ARM servers, so far.
I think that's a terrible idea. I don't think the 20-bit real mode, etc., are actually used except for the BIOS, which is in the process of being replaced by UEFI, and I'm not sure all of those instructions actually still work.
But the big thing about Intel is the idea that you can just take whatever x86 software and run it. Maybe recompile if you have something that can take advantage of the SIMD instructions, but it doesn't need to be recompiled to run great. The commentaries I've been reading say that the x86 instruction decoder is basically free, anyway, so it's a competitive advantage without significant penalty.
Rather misleading article and slant there. It implies that the NSA deliberately took action to make TCP/IP insecure. However, in reality, the NSA merely didn't contribute their classified work towards the specification of TCP/IP.
Yes, Slashdot is rather sad these days.
But the NSA isn't just about withholding classified information. The NSA is about weakening encryption standards. Vint Cerf said he would have used encryption if he had the opportunity to do it over again. The Internet community had such an opportunity, IPv6 with IPsec, and the NSA bungled it up.
IPsec doesn't involve the routers, because that would kill performance. IPsec is designed to handle different algorithms, so you don't need to support the same broken algorithms indefinitely. But the IPsec spec is a horrible design that in practice has made it very little used outside of very professional environments with very full-time engineers to keep it running.
Believe it or not, there are also some instances where cryptography is not needed, such as for purely publicly accessible information that can benefit from being cached, etc.
I don't think there is any instance where cryptography would not be useful, as long as privacy is an option. Most Internet communications are point-to-point, so caching should not be done in between. From an opsec point of view, it's less risky to use encryption for confidential information if you also use encryption for everything else, too.
Even for publicly cached data, you could use cryptography for authenticity instead of confidentiality. For example, DNSSEC is about proving the authenticity of DNS information, so your name resolver doesn't get fooled by DNS hijacking. Authenticity turns out to be useful even for completely mundane stuff.
I run a small lab of computers, and I decided to try upgrading them to 128GB SSDs. The fast computers with Windows 8 became even faster. The slow computers with Windows Vista did not improve dramatically.
Especially the small desktop with the 1.6GHz Core Duo. A lot of time is spent on hard disk access, but get slow enough and a huge amount of time is actually waiting on the CPU. Chrome opens pretty quickly, but Firefox still takes several times as long to launch. LibreOffice still takes a long time to install or open, though appreciably less time than on HDD.
It all depends on the use. No storage upgrade is going to make your Internet connection faster, or allow your computer to play 1080p video if it doesn't have the GPU decoder or CPU power for it. If you upgrade to an SSD, you'll see some improvement, but you'll get the most benefit if your other hardware is still adequate and you're mostly waiting on the HDD. To determine whether that's so, you really should be doing measurements.
I think that is a grave mistake on Microsoft's part. It makes people think that they can still run Windows XP securely, just intercepting viruses that match the signatures, instead of patching the underlying vulnerabilities.
I also think continuing to let OEMs install Windows XP until Windows 7 was also a grave mistake. In the short term, it slowed people from fleeing to Linux, especially for the early-model netbooks. In the long term, it has delayed the end of Windows XP by years, making it more painful when people do finally upgrade.
Slashdot Mirror
Unless you're downloading games regularly, watching high def videos online, or torrenting stuff, data caps should never be a problem.
The trouble is a lot of people are now doing most of the above. People who aren't don't care about caps, since they'll never get close to 100gb a month without those three.
The problem is that the hogs of today are examples of what the average customer could be doing 10 years from now.
10 years ago, 3 Mbps down/384 kbps up DSL was widespread. Streaming video was uncommon. There was no YouTube, and Facebook was exclusive to Harvard. Windows XP SP2 was not yet released. Perhaps a 10GB cap would have been reasonable, and data hogs would pay exorbitant prices for cable.
Now, "selfie" is a thing. My chattering devices are constantly looking to communicate with Google (Android), Apple (iOS and MacOS), and Microsoft (Windows Update). I probably go right past 50GB regularly, and I don't do Netflix. This has been enabled by the relentless falling prices of Internet transit. (Historical trends) Games, Netflix, and BitTorrent aren't the only things pushing bandwidth usage up.
So, it's alarming to see a Comcast exec, proposing in 5 years to limit the Internet to the Internet of today. He wants to stop progress. It's especially galling because he's already double-dipping. He's trying to triple-dip. He's charging consumers for the cable Internet connection, he's charging Netflix for access to those consumers, and now he wants to charge again to use that connection that 2 parties have already paid for.
http://slashdot.org/comments.p...
Well, here you are standing on principles. :)
You wanted to watch Youtube vids, so you run Google Chrome, which has even more liberal implementation of this DRM.
You didn't boycott Youtube.
I feel no inconsistency.
I've been using computers a long time. In the old days, you would use the Gopher program to access Gopher services, you would use the FTP program to transfer files using FTP, you would use RealPlayer to listen to RealAudio streams. I think of Google Chrome as an insanely capable access client for Google services. Mozilla thinks I should be using Firefox for every web site? They're being morons.
Google's web properties are broken, like we think of IE6-ActiveX web sites as being broken. No, Youtube's HTML5 doesn't always work. Just usually doesn't cut it.
As for what Google gets from me, I use Adblock Plus, and run most of my sessions in short-lived Incognito windows. They're going to have to work for their keep.
Brendan Eich may have had some opinions that people don't like, but at least he stuck to his morals. Now that he's gone, the new CTO, this Andreas Gal, seems more likely to compromise. DRM is evil, but Dr. Gal thinks he's clever, and is trying to wrap it in an open-source sandbox. Let the exploits come.
Oh well, now I do have an actual reason to boycott Firefox.
Your other points are wrong and flamebait, so I won't respond, but this one is interesting.
It's your own servileness that's holding you back.
If you want people to support the goals of the FSF, perhaps it would be a good idea to NOT insult them with terms like "servile"
If you want people to make a change that causes short-term discomfort, you don't tell them, "Everything's fine. You're fine. By the way, you should totally change your life." That's the type of thing you tell them when you want them to indulge. For example, religion. The strong ones are the ones going, "You're a sinner; find salvation here." They actually get stuff done, for peculiar definitions of "stuff." The weak religions go, "Everything's fine. You're fine. Please donate."
In the same way, I'm pointing out a character flaw, which practically everyone has in some way. Everybody is lazy, everybody lusts, and everybody has some servility to false idols. Many people in the computer industry use that natural servility to create the idol of the Sovereign Vendor. The Free Software movement is about tearing down that false idol, and bringing freedom to computer users. Tearing down the idol is going to be uncomfortable. You're more likely to put yourself through the discomfort if you realize that you're in a state of sin. However, St. IGNUcius is an atheist, and he doesn't believe in confession and penance. Just reform your life and live in peace.
Why? I have an avenue for getting the stuff I want RIGHT NOW. If free software/hardware is superior, why does it not already exist to do the same thing as I can get with non-free software/hardware?
You cannot argue superiority of free when it doesn't accomplish what people are used to doing with non-free.
Hence why RMS needs to keep saying the same thing over and over again.
Why free a tablet? Because freedom is better than bondage. RMS doesn't claim that freedom leads to higher-quality software. That's ESR. RMS claims that freedom is better for society, so we should simply reject non-free software, no matter how inconvenient it is.
Why doesn't free hardware exist? Free hardware doesn't exist for the same reason why so few software companies produce free software: The socio-economic system favors exploitative producer-consumer relationships. RMS's message is ultimately a social message, not a technological message.
As for streaming, there are free technologies, but they are not widely installed and therefore little used. That's probably one reason why RMS still considers Gnash to be so important.
Mandatory Access Control, or "application censorship" as Stallman calls it, is just a refinement of earlier security practices. His own GNU system enforces Unix's user/group access controls. A process running on a user's behalf is not allowed to interfere with other users in the same system. It turns out that programs can do undesirable things to the user's own stuff (mostly from accidental security vulnerabilities), so it's helpful to limit what a program can do. The only alternatives are for you, the user, to limit yourself to running programs that you can study and verify that they simply do not do bad stuff, or to disconnect yourself as Stallman has done. Ain't nobody got time for that.
tablet user: I use it to watch netflix and play games
RMS: You shouldn't use ti for that because it requires non-free software.
tablet user: but if I don't, how can I watch movies and play games.
RMS: you should use a free tablet
tablet: where can I get one and can I use netflix and play angry birds.on it
RMS: Pay with coding skills or money to free a tablet.
Also, these activities don't require non-free software. Download DRM-free videos with Transmission and play them in VLC. Play (and improve!) Angry Tux. It's your own servileness that's holding you back.
Verizon requires you to have a data plan to even use (e.g.) an iPhone. Even if you never use the data service. If Verizon considers your phone a "Smart Phone", they require you to have and pay for a data plan to use it. My understanding is that the other carriers have the same policy. The people that are buying these phones are paying these monthly fees.
The environment is more complicated since the last time you looked into cell phone plans. I don't blame you, because you have better things to do, but you might be able to save money with a smartphone, now.
There's decent activity in Mobile Virtual Network Operators (MVNO), companies that rent capacity on the carriers' networks. Most of them have conventional plans that work with any phone from that carrier. If your usage falls into particular patterns, those plans can be cheaper than the carriers' own plans. But with a smartphone, a company can offer radically different plans:
Republic Wireless has plans starting at $10, or $5 if you have good WiFi and don't need to do calls away from your home/work/car hotspot, ever. Their cheapest phone is only $149, so it doesn't take long to start saving money compared to a typical carrier. Republic Wireless is what I use.
FreedomPop has plans starting at $0, as long as you don't use more than 200 minutes a month, or $10.99 for unlimited voice and texts. Their cheapest phone is $99. I'm not confident in their service quality, and I don't like their overage-based business model, but it doesn't get any cheaper than free.
No. Software for which you can guarantee that no error exist is not only boring: it is useless.
You do not get my point. You may succeed in rendering it less probable. But you cannot prevent it.
I do get your point, and I disagree. Perhaps my point is not so clear, so I'll rephrase it: For a protocol as complicated as SSL, it's difficult to guarantee that a program is free of bugs, but it is possible to create a program free of exploits. With sufficient discipline in specific domains, it's also possible to create bug-free specifications. Computer programs are just math, and a lot of math can be proved. The key is to decompose programs into pieces that humans can reason about. That's what Crockford means by "error-resistant" programming.
I see that you're a Ruby programmer. It's difficult to create the Heartbleed vulnerability in Ruby. I guess you could do it if you did all your processing in a custom IO object "for performance reasons," like OpenSSL's custom malloc. That sort of silliness is all over the OpenSSL project, and that's what the LibreSSL project is eliminating. Now, the Ruby runtime itself is a complicated program and not bug-free, but every fix in the runtime eliminates a bunch of bugs in many Ruby programs.
Similarly, the OpenBSD project has a bunch of practices and programs to eliminate or mitigate the severity of exploits. At this point, I trust them more than I trust OpenSSL. So, we should support LibreSSL.
We cannot write complex bug-free software. PERIOD. OpenSSL is not windows. Headlines about OpenSSL bugs are not such a common occurrence. One bug happened at the wrong time, wrong place. This could have happened even if the world had opted for a proprietary library for this critical role. The only difference is that there would have been somebody to sue. Big consolation.
New theories come out of IT faculties around the world at regular intervals, that promise, if strictly followed, the holy grail of bug-free software. All of them eventually prove non-effective.
The only concrete effect of all these tactics is that the job of the programmer becomes more tedious, less interesting. One thing I can tell you from direct experience is that, the lowest the level of interest of the programmer, the higher the possibility will be that bugs may slip into his or her code.
Actually, it's possible to remove all errors and imperfections, if you would be satisfied with being boring. That's one thing I got from Douglas Crockford's Programming Style and Your Brain. Sometimes, especially for security-related software, "boring" is exactly what you want.
Unfortunately, SSL is anything but boring. It's barely standardized, and it's prone to getting new features. But just because the standard is exciting, doesn't mean the code has to be exciting. The OpenSSL developers may have received $2,000 in donations last year, but they make money by consulting on OpenSSL. They have a perverse incentive to keep OpenSSL confusing and buggy. The efforts for the LibreSSL project show just how needlessly exciting the OpenSSL code base is.
To prevent the next Heartbleed, it's more productive to donate to LibreSSL.
How many kids have the chance to sit down in front of a computer and learn that the reason a ball goes across the screen comes down to something as simple as x=x+1? Schools won't teach them that until the end of primary.
Ugh. Wow. I hope primary schools never teach x=x+1.
In the computer industry, we've probably been set back by years or even decades by BASIC and imperative programming. Imperative programming makes intuitive sense because computers process things step by step, and that's what's exposed in imperative languages, but concurrency will be the downfall of imperative programming.
Personally, I think BASIC helped me in primary school maths, but it drove me away from being a programmer. It's challenging enough to do things in BASIC, but the step-by-step flow is clearly there. Then I looked at C and C++, and the pages of keywords and data types, and the need to buy a compiler to get anything to work, and it was no fun. And then I looked at event-based systems, like the Macintosh, and Where is the first step? How does defining a function just make things happen? Why is this nothing like the C/C++ books? It's so confusing and I quit. I only got back into programming because I took a music class from David Cope, and he taught LISP, and I was like, Woah, there's an entirely different way of programming, and it's more like math.
So, it's thoroughly discouraging to see Codeacademy, and the first thing they're doing is sequential, imperative programming, with output via console.log() and blocking function calls to alert() and prompt(), and I'm internally screaming. This is so wrong. This is not how we're going to train programmers for concurrent systems.
Why not fund openSSL developers to do the same with the OpenSSL code, but including much of the cross platform options that has made it so ubiquitous. And without the silly name,
Because all those cross-platform hacks directly contribute to its bugginess. The Heartbleed bug was facilitated by a cross-platform reimplementation of malloc that was written for speed rather than security.
And also because the OpenSSL developers have been demonstrated to sit on patches for years instead of fixing bugs.
For a morbidly good time, go look at OpenSSL Valhalla Rampage, a blog highlighting some of the insanity that the OpenBSD devs are encountering as they rewrite OpenSSL into LibreSSL. It becomes clear that Theo de Raadt was right, and the OpenSSL devs are not responsible people.
What you need to do is to look at the available routers, and find which ones have supported chipsets and adequate flash storage and stuff.
In the 802.11n dual-band generation, the best seemed to be the Atheros AR7161 routers, such as the Netgear WNDR3800. I bought that specifically because it has robust open-source drivers for both radios, so it works smoothly with OpenWRT. It's not the fanciest, but I used 802.11g for years without problem, so it can't be that bad.
For the 802.11ac generation, I'd guess that devices with version 2 of the Qualcomm Atheros QCA-9880 might work best, such as version 2.0 of the TP-Link Archer C7, but I haven't been following it since I don't need an upgrade, yet.
I agree about the Model M. Mine was built in 1991, and I've had it since 2003.
I use it with my Mac, through a USB adapter. Interestingly, when I set the keyboard preferences to treat the Alt key as Command, it still treats the right Alt key as Option. I don't know if it's something specific to the Model M, or if it's something weird with my generic Holtek-based adapter. I use all 4 modifiers, so that was a bit of a bonus.
USB adapters are a lemon market. So far, I've tried buying 3 adapters. The Holtek one works well with keyboards, but not mice. The second one works well with mice but not keyboards. The third one doesn't work at all. They're all too cheap to bother returning. This is one way that Amazon, with its incredibly generous return policy, is increasing its retail dominance.
Honestly, looking at the design of that thing, I am not so sure it had a viable market. There were few wireless networks set up in 2000 it wasn't a given that every home had one. Cell data was expensive and slow. The device seems unwieldy and large and the controls don't look like they would be particularly easy to use. Also, what OS does it run, can it do anything but surf the web? Was the web on its own interesting enough in 2000 to make this a killer device? No streaming movies and TV shows, Spotify or any of those interesting services.
Were you around in 2000? I was. It was not a wasteland.
WiFi was already starting to become popular. Apple introduced the Airport in 1999. By 2001, I had my own WiFi network, and my school had a (very poorly functioning) network. It wasn't a "given," but it was available to the savvy people who would buy that thing.
The Web was already pretty interesting. There was streaming media, in the forms of RealPlayer, QuickTime, and Windows Media. Yahoo and Microsoft had webmail. Slashdot had fewer idiot editors. Amazon had shopping. And who knows what that device could have turned into, if it had more development.
The Nokia M510 could very well have been a flop. Sony's eVilla was a disaster. Steve Jobs refused to release the iPad until it was sufficiently "magical" in 2010. But I think this had more to do with design discipline and marketing than what was technically possible back then. After all, Palm was pretty big back then.
Efficiency in private sector is defined to be maximizing the return on investment. Private sector efficiency is NOT delivering goods and services at the least cost to most people. If that is the *only* way to maximize the return on investment, they will do it. It happens on simple products like cereal, bread, milk etc.
It doesn't even work entirely for those. Civic duty used to be an important part of American education. Now we have mega-banks that capture markets and suck the value out of everything they can.
Commodities Speculation: A Cause of Food Crises? A Crime Against Humanity?
How Morgan Stanley Has Raked in Billions by Manipulating the Prices of Everyday Commodities
Sasha Breger: How Commodities Hoarding Distorts Food Prices
There was an article I read with an evocative image of grain rotting in rail cars while crises erupt in the Middle East, but I can't find that article right now.
Civilizations have rarely ended in abrupt catastrophes. The most analyzed ending of a civilization is probably the Fall of the Roman Empire, and that ended over hundreds of years of debauchery and neglect. It takes a while for a major civilization to collapse.
Modern Western Civilization could end faster. A nuclear power plant dies much more quickly than a Roman aqueduct, and fluctuations in the market for crops in America have destabilizing effects on governments in the Middle East. On the other hand, the widespread travel and communication among nations' elites seems to be making them less likely to disrupt the channels of commerce.
In general, survivalists are ready for civilization to end suddenly. They are not prepared for civilization to continue.
NO connection is point-to-point.
Most Internet communications are carried in packets with unique source address and unique destination address. Conceptually, it doesn't matter whether those packets are encoded with Point-to-Point Protocol on a serial cable, or whether they go through a bunch of routers first. A more pedantic term is unicast. So, the actual counterexample would be multicast, and despite best efforts, there's very little of that on the Internet.
The real exception to point-to-point communications is WAN acceleration, but I'm guessing that its effects are minor across the Internet.
I'd really like it if Intel could introduce an 'x86-2' instruction set that dumped all the legacy stuff but kept the same basic architecture. It'd need software to be recompiled, but not rewritten. It'd be expensive, but if they can coax just a few percent extra out of the hardware by dumping legacy then it'd still sell to the HPC and server markets. Recompiling linux and packages is a small price to pay.
Recompiling Linux and packages. That has worked out so well for ARM servers, so far.
I think that's a terrible idea. I don't think the 20-bit real mode, etc., are actually used except for the BIOS, which is in the process of being replaced by UEFI, and I'm not sure all of those instructions actually still work.
But the big thing about Intel is the idea that you can just take whatever x86 software and run it. Maybe recompile if you have something that can take advantage of the SIMD instructions, but it doesn't need to be recompiled to run great. The commentaries I've been reading say that the x86 instruction decoder is basically free, anyway, so it's a competitive advantage without significant penalty.
Rather misleading article and slant there. It implies that the NSA deliberately took action to make TCP/IP insecure. However, in reality, the NSA merely didn't contribute their classified work towards the specification of TCP/IP.
Yes, Slashdot is rather sad these days.
But the NSA isn't just about withholding classified information. The NSA is about weakening encryption standards. Vint Cerf said he would have used encryption if he had the opportunity to do it over again. The Internet community had such an opportunity, IPv6 with IPsec, and the NSA bungled it up.
IPsec doesn't involve the routers, because that would kill performance. IPsec is designed to handle different algorithms, so you don't need to support the same broken algorithms indefinitely. But the IPsec spec is a horrible design that in practice has made it very little used outside of very professional environments with very full-time engineers to keep it running.
Believe it or not, there are also some instances where cryptography is not needed, such as for purely publicly accessible information that can benefit from being cached, etc.
I don't think there is any instance where cryptography would not be useful, as long as privacy is an option. Most Internet communications are point-to-point, so caching should not be done in between. From an opsec point of view, it's less risky to use encryption for confidential information if you also use encryption for everything else, too.
Even for publicly cached data, you could use cryptography for authenticity instead of confidentiality. For example, DNSSEC is about proving the authenticity of DNS information, so your name resolver doesn't get fooled by DNS hijacking. Authenticity turns out to be useful even for completely mundane stuff.
As always, it's a matter of tradeoffs.
I run a small lab of computers, and I decided to try upgrading them to 128GB SSDs. The fast computers with Windows 8 became even faster. The slow computers with Windows Vista did not improve dramatically.
Especially the small desktop with the 1.6GHz Core Duo. A lot of time is spent on hard disk access, but get slow enough and a huge amount of time is actually waiting on the CPU. Chrome opens pretty quickly, but Firefox still takes several times as long to launch. LibreOffice still takes a long time to install or open, though appreciably less time than on HDD.
It all depends on the use. No storage upgrade is going to make your Internet connection faster, or allow your computer to play 1080p video if it doesn't have the GPU decoder or CPU power for it. If you upgrade to an SSD, you'll see some improvement, but you'll get the most benefit if your other hardware is still adequate and you're mostly waiting on the HDD. To determine whether that's so, you really should be doing measurements.
2014: ~~Quake~~ "Let's get the hell outta here! At least snow ain't fall over and kill ya."
ORLY
MSE will have definitions for a year after the EOL: http://blogs.technet.com/b/mmp...
I think that is a grave mistake on Microsoft's part. It makes people think that they can still run Windows XP securely, just intercepting viruses that match the signatures, instead of patching the underlying vulnerabilities.
I also think continuing to let OEMs install Windows XP until Windows 7 was also a grave mistake. In the short term, it slowed people from fleeing to Linux, especially for the early-model netbooks. In the long term, it has delayed the end of Windows XP by years, making it more painful when people do finally upgrade.
As the evil Soviet Union rises again, they're back to their old form, rejecting stylish devices from the USA and adopting clunky copycat devices.