Another part of the answer...take back the class A allotments that were given to companies/organizations early on.
Why does this myth persist? Modded Interesting, even. This proves that education is the major barrier to IPv6 adoption.
We can't "take back" the class A allotments because there is no "back" to take it to. Those were given by Jon Postel before IANA existed, and IANA does not claim any more legal authority to those addresses than anybody else. It's an unwise investment of limited resources to challenge those companies' legal departments.
Also, with the rate that IPv4 addresses were being allocated, and the acceleration of the rate before 2011, those addresses would have postponed IPv4 exhaustion by months at best. It's surely not worth the expense to force all those companies to release their class A networks just so we could collectively fail to do our jobs, that is, switch to IPv6.
Startup speed is simply not an issue anymore. Your typical server is supposed to be up most of the time, your typical desktop or mobile device is sleeping or suspended when it's not running, and your embedded device only has very few services that it needs to start, to the point where even SysV init is overkill and you're better off with rc.conf or something similar.
That's incorrect.
The big excitement in servers is Elastic Compute. There, you do want servers that can boot up and shut down as quickly as possible, to handle varying demands. It seems that even Linux is considered to take too long, so some Linux kernel maintainers are making their own cloud OS that boots up even faster.
Desktops and mobiles do reboot sometimes. Fast booting was a major selling point for Unix during the age of The UNIX-HATERS Handbook. A bigger benefit for modern PCs is how systemd uses sockets and cgroups to control program state. And I thought the thread was about embedded.
There is more than one type of embedded device. In particular, I am annoyed at how home routers have progressed from, for example, the Netgear WGT624 which took about 15 seconds to boot, to now the Netgear R6300 which takes over a minute to respond to PING, and I'm not sure how much longer until it's fully functional. Sure, once it's configured and running, it's nice, but a typical setup could take several reboots and cause a lot of wasted time.
The R6300 has 128MB of flash and at least 128MB of RAM. That's a lot. Surely it can hold systemd.
It's actually a drain on embedded systems to do so much through shell scripting, having all those processes running scripts in an interpreted language.
This is a fallacy. A shell script running on a non-bloated shell (e.g. Busybox ash) consumes less than 50k of dirty pages per instance. It would take at least 20-30 such scripts running to even come close to rivaling systemd's memory usage, and that's not even counting other resources systemd is consuming.
Memory isn't the only resource. (And if you're using Linux, you're already using a ton of memory.) Systemd brings standardized, concurrent, event-driven startup, so it takes less time to start up, both CPU time and wall clock time. For example, systemd's declarative unit files have much less boilerplate and take less effort to parse than SysV-style init scripts.
At this point, systemd has also been concentrating on correctness and functionality. They aren't even optimizing for speed and memory consumption, yet. It would be interesting if Busybox added a systemd-style init.
Computer code is not bricks. It's completely different. So, your analogy based on bricks is not valid.
There was a better analogy I read somewhere. Programming is like building only if you're in some insane universe where you make one little slip-up and the entire structure turns into a black hole. But I don't remember who wrote that.
Paul Vixie can pontificate on the Unevenly Distributed Intelligence at Dice that has resulted in this abomination known as Beta Slashdot...
I don't think so. Beta Slashdot is a consequence of the idiot staff that Dice has hired to run Slashdot, considering that the headline and summary have nothing to do with Paul Vixie's argument. The quotes are taken from the article, but in a stupid way, like CowboyRobot is some sort of robot...
The article is actually about the need for the addition of minimal state to stateless protocols in order to thwart DDOS amplification techniques.
Come to think of it, besides being the titular guy in charge of it, how do we know that Nadella understands enterprise?
I'm just being too lazy to look, but shouldn't there be signs that he's not just a figurehead? You know, memos, presentations, letters to the public or to the staff. Anything?
No. The TSA exists because we don't know whom we can shoot to make it go away.
Actually, I think the real reason the TSA exists is so the military-industrial complex segment of society could claim the power to detain and harass ordinary Americans, and train the people into thinking that it's right and proper.
We hold the purse strings? No, that's Congress. We hold the votes? I voted against everybody who is in power. I hold myself blameless for this mess.
The logic is indeed baffling. If you have old device A and new device B at home, then the new device would connect with the faster protocols by default and normally never use the old protocol, correct?... Thus, it's either stupidity or greed (force purchases of replacement gizmos). Or are we missing a subtle 3rd option because we didn't carefully RTFA?
The problem is that legacy support makes the newer protocols less efficient. The "450 Mbps" of a modern 802.11n network is only a burst speed, and the rest of the time the router is busy sending 1 Mbps preambles and beacons. If we can drop support for the older standards, then the router can dedicate more of its time to high-speed data transfers.
Cheapest 5GHz router is still 3x more expensive than cheapest 2.4GHz router.
The cheapest 2.4GHz router is less than $15, and the cheapest 5GHz router is $40, according to the latest listings from NewEgg. It may be 3x as expensive in relative terms, but in absolute terms the difference is less than the cost of 5 Big Mac meals. I certainly would rather buy a 5GHz wireless router than a Big Mac.
It is true that Google is quite evil. But Google is not monolithic. Google includes DoubleClick, Chrome, and Google+. All very annoying, and turning out to be harmful to the Internet.
Google also includes Internet evangelism, under Vint Cerf, one of the inventors of the Internet. Google still has one of the best search engines in the world, which you can use for free. Now Google also includes some of the fastest and most affordable home Internet in the United States.
Frankly, all of the options for Internet access that I have are evil to some extent. Google at least is working to make high-speed Internet available to me.
Besides, why "stream" things as Google advertises? Streaming is stupid technology...
Not everything can or should be downloaded in advance. One thing I hate about our Internet is that we have almost no upload bandwidth. VoIP is stuttery. Complete off-site backups via the Internet are impractical. HD video calls are an unattainable dream.
It even has OpSec implications. I want to host a Tor exit node, so I can generate plausible deniability. I can't afford the upload bandwidth.
I hate the traditional carriers, and I can't wait for the Google vision for the Internet to be realized.
On the one hand, I think it would be neat to make money by self-pleasure. On the other hand, I feel that sperm donation is a bit icky.
On a genetic level, it's little different than offering your kid for adoption. Actually, it's about half your kid. If you have fashionable features, it's a good way to spread your genes to the next generation.
On a social level, it's basically making babies without parental responsibility, and without the fun of sex or the possibility of venereal disease. I don't see how you could in good conscience make babies with the intent of selling them off. Furthermore, fashionable sperm donors sometimes become the genetic fathers of many, many children. Sometimes the children start dating without knowing that they're genetic half-siblings.
Increasingly, medicine is benefiting from family history tracking. Education benefits from parental involvement. A sperm donor would be depriving the children of those useful resources.
This isn't for the special occasion, nice, weekend meals; this is for the every-day-grind food.
So go to McDonald's every day and order a McSoylent, instead of the daily Big Mac and friesr?:)
Given McDonald's corporate history, I wouldn't count on it to provide a healthy McSoylent, instead of the over-flavored slop that they usually sell. Soylent is supposed to be the convenience without the coronary heart disease.
The protesters are part of a group that are upset about gentrification. -- it's when people with significant wealth and/or income move into an area of people with less wealth/income and thereby drive up real estate prices beyond what the established population can potentially afford.
And real estate prices wouldn't go up if the people who owned the properties refused to sell them at higher prices. And prices wouldn't go up if people weren't willing and able to pay the higher prices, which are exacerbated by China's pathetic retirement savings options and rampant corruption. I hear many complaints that whenever a property goes on sale, it's snapped up by some Chinese person with millions of dollars in cash. Since we don't outlaw capitalism, the best alternative would be to allow more living units to be constructed in the San Francisco Bay Area.
Incidentally, due to Proposition 13, property taxes go up very slowly as long as you don't sell your house or do major construction to it. And due to rent control, rental prices in San Francisco go up very slowly. You get a fun combination of super-cheap housing from the 1970's, and super-expensive housing for new people.
In a side note, this winter we got a lot less rain than average, and I'm starting to worry about our water supply. Building more housing units is a matter of public policy, but having enough water to keep them livable is currently outside human control. It would be funny if these tech giants would invest in desalination and water purification, not for third-world countries, but for their own homes around San Francisco Bay.
Does San Francisco not run buses on the same lines? If not, the problem is with the city, not Google.
The problem is with the entire region. San Francisco buses can only run in San Francisco, with limited service to a couple recreational areas a few miles away. The rest of the region doesn't want to get caught up in San Francisco's myriad governance issues, so they operate their own transit systems. There are only a couple systems that cross the entire region: BART and Caltrain.
So, to get from my home to Google via existing transit lines, I'd have to take a bus to Caltrain, then take Caltrain to Mountain View, and then take a bus to Google. The pretty good regional trip planner says that it would take me 4 buses, 2 hours, and $13 to get from my home in San Francisco to Google, even with rush hour express service. It's cheaper if I get monthly passes and take my bike onto Caltrain, but it still takes a lot of time.
Before 2006 (and well in to 2007 in many cases) there were a lot of businesses running on the belief that most cell phone users would never buy an $850 MSRP cellphone and that the "real" market is the carriers to include a phone with service plans.
Apple's made a whale of a profit out of proving those assumptions wrong.
To be fair, the cell phones of the time would not have been popular if they weren't cheap. I certainly wouldn't have paid $850 for a cell phone before Apple showed how cell phones should work.
Even now, people wouldn't pay so much money for Windows Phone. Microsoft is taking a loss on every Lumia, just to get them to sell. The profit is in the carriers' service plans.
I had been using Chrome in Metro mode, because I wanted to have experience in Metro, and I had to go back to desktop with this release.
The new Metro mode doesn't integrate well with the rest of Windows 8. It doesn't resize with Snap View, so you have to keep it full-screen. It adds an app switcher bar, but the bar only switches between Chrome apps, which I generally don't use. It has an app launcher button, but if you use a mouse then the Windows Start button appears and overlaps it.
Furthermore, the latest version of Chrome crashes more. So, I not only have to be in desktop, but I have to be in Firefox. Sometimes I wonder if the Chrome team runs their own product on Windows.
Of course, this particular computer is not going to be powerful enough to perform encryption/decryption but it is an interesting direction.
Why is it not powerful enough?
Well, of course, it can't keep up the demand for high-bandwidth encryption. For that, you need encryption built into the storage drive, or in the CPU like Intel started doing in the Westmere generation (2010).
But it can be used for less demanding encryption. Public key cryptography was devised in the 1970's on computers far less capable than a modern smart watch. I think a computer like this could be intriguing for communicating session keys, like a Hardware Security Module, but with open-source software.
Of course, this particular device has major weaknesses. It doesn't seem to have a way to resist tampering, so it's vulnerable to side-channel attacks, timer attacks, and probably replay attacks. Just off the top of my head. But regarding its computing power, it's capable.
Depending on your level of trust/paranoia, you should consider the security boundary to be your app and the libraries statically linked into it. By the time it gets anywhere close to the NIC, it is out of your control.
Not necessarily. If you can't trust your computer, then as soon as you touch it, your information is out of your control.
Your home intranet isn't likely to contain much (if any) data that isn't going to the public Internet, and assuming your switches are working properly, it should not be possible for your router to see non-broadcast traffic directed towards a different device anyway. Obviously, that reasoning fails if your switch is a managed device that can be potentially reprogrammed to change the switching behavior, but that's atypical for home networks, which I thought was the main point of discussion in this thread.
Well, my home intranet has plenty of data that aren't going on the Internet.
But back to the original problem. My $50 home router does indeed have a built-in managed switch, and can be reprogramming to do port mirroring. My home router can be reprogrammed to do a lot. But that doesn't even matter. You can tell a lot from a network by using broadcast packets, such as Microsoft NetBIOS and Apple Bonjour.
The point is that a router is not just a hardware device. They're general-purpose computers. I'm in control of my router, like I'm in control of my computer. Most people aren't. The OP asked, Can Commercial Hardware Routers Be Trusted? The answer is No, and it was naive to assume otherwise.
Mossberg's editorial point of view is of the average consumer, and I don't think most people care about computer games. I don't.
He wrote for readers of the WSJ. The kind of people who never lose sight of the numbers.
Exactly. They're busy looking at the numbers. They don't want to be bogged down with useless technical information about which game has the best visuals, or which game is the most innovative. They just want the numbers. Do you think the bosses of EA actually play the games that they publish?
But even dirty capitalists need to have some down time, and Mossberg was there to help them find the easiest devices to use.
So you think a low market share device that effectively failed to achieve significant penetration on launch in 1993 is responsible for the success of an embedded low power processor that's been around since the early '80s? http://en.wikipedia.org/wiki/ARM_architecture
You're looking at the wrong Wikipedia page. I didn't say that Apple invented ARM. I said, "It launched ARM into the low-energy device market," which Apple did by founding ARM Holdings in 1990, along with Acorn and VLSI. After the Newton introduced the ARM architecture to an international audience, then DEC, etc. started licensing it. Apple reaped the rewards, by selling their ARM stock for hundreds of millions of dollars in the late-90's, when they were digging out of a crisis.
ARM was not the overwhelmingly obvious choice for a 32-bit handheld system at the time. MIPS was in several designs, and the PalmPilot used a DragonBall processor. Even making a personal CPU architecture was still an option, though not an especially viable one.
There is no such thing. A device that moves data from one location to another, using some policies to examine and transform it, is not just a "hardware" device.
That's completely immaterial. A hardware router is distinguished from a software router by whether it is or is not a general-purpose computer. Hardware routers range from that little D-Link all the way up to Cisco boxes. In the most extreme designs, the hardware provides a dedicated I/O processor that performs the actual routing functions, allowing it to route data considerably faster than a general-purpose computer can.
A hardware router is distinguished from a software router by the fact that a software router is capable of executing general-purpose instructions. In theory, you can make a hardware router that is only ever able to execute routing functions, and I think many routers do have portions of TCP/IP hard-wired into the silicon, but I'm not aware of routers where that's the only thing they do. In practice, the highest-level hardware routing that I know is the MAC caching in unmanaged switches.
Home routers are especially bad. Only a few of them use hardware for the routing, and all of them have general-purpose processor cores. The 802.11n router that I got for $50 this year has 128MB of RAM, 32MB of storage, and a 680MHz MIPS 24K processor. Except for the storage and floating point, that's far more computing power than I had in my desktop 15 years ago. I could install X Window libraries and run graphical programs from my router. If I wanted to, I could even attach USB storage and display adapter, and use it as my desktop.
I think you missed my point, which was that yes, you could do exactly what you're suggesting, but it would be just as easy to do that at any router along your data's path to its destination. As soon as the data leaves your intranet, it's like sending a postcard.
But your router is an integral part of your intranet. With a little more paranoia, I can imagine a router doing vulnerability scans, or proxying a device with more memory that can do the vulnerability scans, and giving some third-party access to your computing devices. Systems are often set up to share a lot on the local network, for convenience and because the intranet is considered to be "safe." If you don't want to be in a position to trust your router, then you really should consider your security boundary to be your computer, and distrust anything that leaves or enters your NIC.
Slashdot Mirror
Another part of the answer...take back the class A allotments that were given to companies/organizations early on.
Why does this myth persist? Modded Interesting, even. This proves that education is the major barrier to IPv6 adoption.
We can't "take back" the class A allotments because there is no "back" to take it to. Those were given by Jon Postel before IANA existed, and IANA does not claim any more legal authority to those addresses than anybody else. It's an unwise investment of limited resources to challenge those companies' legal departments.
Also, with the rate that IPv4 addresses were being allocated, and the acceleration of the rate before 2011, those addresses would have postponed IPv4 exhaustion by months at best. It's surely not worth the expense to force all those companies to release their class A networks just so we could collectively fail to do our jobs, that is, switch to IPv6.
Startup speed is simply not an issue anymore. Your typical server is supposed to be up most of the time, your typical desktop or mobile device is sleeping or suspended when it's not running, and your embedded device only has very few services that it needs to start, to the point where even SysV init is overkill and you're better off with rc.conf or something similar.
That's incorrect.
The big excitement in servers is Elastic Compute. There, you do want servers that can boot up and shut down as quickly as possible, to handle varying demands. It seems that even Linux is considered to take too long, so some Linux kernel maintainers are making their own cloud OS that boots up even faster.
Desktops and mobiles do reboot sometimes. Fast booting was a major selling point for Unix during the age of The UNIX-HATERS Handbook. A bigger benefit for modern PCs is how systemd uses sockets and cgroups to control program state. And I thought the thread was about embedded.
There is more than one type of embedded device. In particular, I am annoyed at how home routers have progressed from, for example, the Netgear WGT624 which took about 15 seconds to boot, to now the Netgear R6300 which takes over a minute to respond to PING, and I'm not sure how much longer until it's fully functional. Sure, once it's configured and running, it's nice, but a typical setup could take several reboots and cause a lot of wasted time.
The R6300 has 128MB of flash and at least 128MB of RAM. That's a lot. Surely it can hold systemd.
It's actually a drain on embedded systems to do so much through shell scripting, having all those processes running scripts in an interpreted language.
This is a fallacy. A shell script running on a non-bloated shell (e.g. Busybox ash) consumes less than 50k of dirty pages per instance. It would take at least 20-30 such scripts running to even come close to rivaling systemd's memory usage, and that's not even counting other resources systemd is consuming.
Memory isn't the only resource. (And if you're using Linux, you're already using a ton of memory.) Systemd brings standardized, concurrent, event-driven startup, so it takes less time to start up, both CPU time and wall clock time. For example, systemd's declarative unit files have much less boilerplate and take less effort to parse than SysV-style init scripts.
At this point, systemd has also been concentrating on correctness and functionality. They aren't even optimizing for speed and memory consumption, yet. It would be interesting if Busybox added a systemd-style init.
On the cruelty of really teaching computing science (EWD 1036)
Computer code is not bricks. It's completely different. So, your analogy based on bricks is not valid.
There was a better analogy I read somewhere. Programming is like building only if you're in some insane universe where you make one little slip-up and the entire structure turns into a black hole. But I don't remember who wrote that.
Paul Vixie can pontificate on the Unevenly Distributed Intelligence at Dice that has resulted in this abomination known as Beta Slashdot...
I don't think so. Beta Slashdot is a consequence of the idiot staff that Dice has hired to run Slashdot, considering that the headline and summary have nothing to do with Paul Vixie's argument. The quotes are taken from the article, but in a stupid way, like CowboyRobot is some sort of robot...
The article is actually about the need for the addition of minimal state to stateless protocols in order to thwart DDOS amplification techniques.
Come to think of it, besides being the titular guy in charge of it, how do we know that Nadella understands enterprise?
I'm just being too lazy to look, but shouldn't there be signs that he's not just a figurehead? You know, memos, presentations, letters to the public or to the staff. Anything?
The TSA exists because Americans tolerate it.
It's that simple.
We hold the purse strings AND the votes.
No. The TSA exists because we don't know whom we can shoot to make it go away.
Actually, I think the real reason the TSA exists is so the military-industrial complex segment of society could claim the power to detain and harass ordinary Americans, and train the people into thinking that it's right and proper.
We hold the purse strings? No, that's Congress. We hold the votes? I voted against everybody who is in power. I hold myself blameless for this mess.
The logic is indeed baffling. If you have old device A and new device B at home, then the new device would connect with the faster protocols by default and normally never use the old protocol, correct? ... Thus, it's either stupidity or greed (force purchases of replacement gizmos). Or are we missing a subtle 3rd option because we didn't carefully RTFA?
The problem is that legacy support makes the newer protocols less efficient. The "450 Mbps" of a modern 802.11n network is only a burst speed, and the rest of the time the router is busy sending 1 Mbps preambles and beacons. If we can drop support for the older standards, then the router can dedicate more of its time to high-speed data transfers.
Cheapest 5GHz router is still 3x more expensive than cheapest 2.4GHz router.
The cheapest 2.4GHz router is less than $15, and the cheapest 5GHz router is $40, according to the latest listings from NewEgg. It may be 3x as expensive in relative terms, but in absolute terms the difference is less than the cost of 5 Big Mac meals. I certainly would rather buy a 5GHz wireless router than a Big Mac.
It is true that Google is quite evil. But Google is not monolithic. Google includes DoubleClick, Chrome, and Google+. All very annoying, and turning out to be harmful to the Internet.
Google also includes Internet evangelism, under Vint Cerf, one of the inventors of the Internet. Google still has one of the best search engines in the world, which you can use for free. Now Google also includes some of the fastest and most affordable home Internet in the United States.
Frankly, all of the options for Internet access that I have are evil to some extent. Google at least is working to make high-speed Internet available to me.
Besides, why "stream" things as Google advertises? Streaming is stupid technology...
Not everything can or should be downloaded in advance. One thing I hate about our Internet is that we have almost no upload bandwidth. VoIP is stuttery. Complete off-site backups via the Internet are impractical. HD video calls are an unattainable dream.
It even has OpSec implications. I want to host a Tor exit node, so I can generate plausible deniability. I can't afford the upload bandwidth.
I hate the traditional carriers, and I can't wait for the Google vision for the Internet to be realized.
On the one hand, I think it would be neat to make money by self-pleasure. On the other hand, I feel that sperm donation is a bit icky.
On a genetic level, it's little different than offering your kid for adoption. Actually, it's about half your kid. If you have fashionable features, it's a good way to spread your genes to the next generation.
On a social level, it's basically making babies without parental responsibility, and without the fun of sex or the possibility of venereal disease. I don't see how you could in good conscience make babies with the intent of selling them off. Furthermore, fashionable sperm donors sometimes become the genetic fathers of many, many children. Sometimes the children start dating without knowing that they're genetic half-siblings.
Increasingly, medicine is benefiting from family history tracking. Education benefits from parental involvement. A sperm donor would be depriving the children of those useful resources.
This isn't for the special occasion, nice, weekend meals; this is for the every-day-grind food.
So go to McDonald's every day and order a McSoylent, instead of the daily Big Mac and friesr? :)
Given McDonald's corporate history, I wouldn't count on it to provide a healthy McSoylent, instead of the over-flavored slop that they usually sell. Soylent is supposed to be the convenience without the coronary heart disease.
The protesters are part of a group that are upset about gentrification. -- it's when people with significant wealth and/or income move into an area of people with less wealth/income and thereby drive up real estate prices beyond what the established population can potentially afford.
And real estate prices wouldn't go up if the people who owned the properties refused to sell them at higher prices. And prices wouldn't go up if people weren't willing and able to pay the higher prices, which are exacerbated by China's pathetic retirement savings options and rampant corruption. I hear many complaints that whenever a property goes on sale, it's snapped up by some Chinese person with millions of dollars in cash. Since we don't outlaw capitalism, the best alternative would be to allow more living units to be constructed in the San Francisco Bay Area.
Incidentally, due to Proposition 13, property taxes go up very slowly as long as you don't sell your house or do major construction to it. And due to rent control, rental prices in San Francisco go up very slowly. You get a fun combination of super-cheap housing from the 1970's, and super-expensive housing for new people.
In a side note, this winter we got a lot less rain than average, and I'm starting to worry about our water supply. Building more housing units is a matter of public policy, but having enough water to keep them livable is currently outside human control. It would be funny if these tech giants would invest in desalination and water purification, not for third-world countries, but for their own homes around San Francisco Bay.
Does San Francisco not run buses on the same lines? If not, the problem is with the city, not Google.
The problem is with the entire region. San Francisco buses can only run in San Francisco, with limited service to a couple recreational areas a few miles away. The rest of the region doesn't want to get caught up in San Francisco's myriad governance issues, so they operate their own transit systems. There are only a couple systems that cross the entire region: BART and Caltrain.
So, to get from my home to Google via existing transit lines, I'd have to take a bus to Caltrain, then take Caltrain to Mountain View, and then take a bus to Google. The pretty good regional trip planner says that it would take me 4 buses, 2 hours, and $13 to get from my home in San Francisco to Google, even with rush hour express service. It's cheaper if I get monthly passes and take my bike onto Caltrain, but it still takes a lot of time.
Maybe I'm becoming jaded, but I don't think the United States is a good place to hold a security conference. I know, this year the TrustyCon organizers have to accommodate previous arrangements, but next time they should hold the conference in a place less likely to arrest security researchers and harass pioneers whose work is featured in every computer on every desk and in every smartphone.
Before 2006 (and well in to 2007 in many cases) there were a lot of businesses running on the belief that most cell phone users would never buy an $850 MSRP cellphone and that the "real" market is the carriers to include a phone with service plans.
Apple's made a whale of a profit out of proving those assumptions wrong.
To be fair, the cell phones of the time would not have been popular if they weren't cheap. I certainly wouldn't have paid $850 for a cell phone before Apple showed how cell phones should work.
Even now, people wouldn't pay so much money for Windows Phone. Microsoft is taking a loss on every Lumia, just to get them to sell. The profit is in the carriers' service plans.
I had been using Chrome in Metro mode, because I wanted to have experience in Metro, and I had to go back to desktop with this release.
The new Metro mode doesn't integrate well with the rest of Windows 8. It doesn't resize with Snap View, so you have to keep it full-screen. It adds an app switcher bar, but the bar only switches between Chrome apps, which I generally don't use. It has an app launcher button, but if you use a mouse then the Windows Start button appears and overlaps it.
Furthermore, the latest version of Chrome crashes more. So, I not only have to be in desktop, but I have to be in Firefox. Sometimes I wonder if the Chrome team runs their own product on Windows.
Of course, this particular computer is not going to be powerful enough to perform encryption/decryption but it is an interesting direction.
Why is it not powerful enough?
Well, of course, it can't keep up the demand for high-bandwidth encryption. For that, you need encryption built into the storage drive, or in the CPU like Intel started doing in the Westmere generation (2010).
But it can be used for less demanding encryption. Public key cryptography was devised in the 1970's on computers far less capable than a modern smart watch. I think a computer like this could be intriguing for communicating session keys, like a Hardware Security Module, but with open-source software.
Of course, this particular device has major weaknesses. It doesn't seem to have a way to resist tampering, so it's vulnerable to side-channel attacks, timer attacks, and probably replay attacks. Just off the top of my head. But regarding its computing power, it's capable.
Depending on your level of trust/paranoia, you should consider the security boundary to be your app and the libraries statically linked into it. By the time it gets anywhere close to the NIC, it is out of your control.
Not necessarily. If you can't trust your computer, then as soon as you touch it, your information is out of your control.
Your home intranet isn't likely to contain much (if any) data that isn't going to the public Internet, and assuming your switches are working properly, it should not be possible for your router to see non-broadcast traffic directed towards a different device anyway. Obviously, that reasoning fails if your switch is a managed device that can be potentially reprogrammed to change the switching behavior, but that's atypical for home networks, which I thought was the main point of discussion in this thread.
Well, my home intranet has plenty of data that aren't going on the Internet.
But back to the original problem. My $50 home router does indeed have a built-in managed switch, and can be reprogramming to do port mirroring. My home router can be reprogrammed to do a lot. But that doesn't even matter. You can tell a lot from a network by using broadcast packets, such as Microsoft NetBIOS and Apple Bonjour.
The point is that a router is not just a hardware device. They're general-purpose computers. I'm in control of my router, like I'm in control of my computer. Most people aren't. The OP asked, Can Commercial Hardware Routers Be Trusted? The answer is No, and it was naive to assume otherwise.
Mossberg's editorial point of view is of the average consumer, and I don't think most people care about computer games. I don't.
He wrote for readers of the WSJ. The kind of people who never lose sight of the numbers.
Exactly. They're busy looking at the numbers. They don't want to be bogged down with useless technical information about which game has the best visuals, or which game is the most innovative. They just want the numbers. Do you think the bosses of EA actually play the games that they publish?
But even dirty capitalists need to have some down time, and Mossberg was there to help them find the easiest devices to use.
So you think a low market share device that effectively failed to achieve significant penetration on launch in 1993 is responsible for the success of an embedded low power processor that's been around since the early '80s? http://en.wikipedia.org/wiki/ARM_architecture
You're looking at the wrong Wikipedia page. I didn't say that Apple invented ARM. I said, "It launched ARM into the low-energy device market," which Apple did by founding ARM Holdings in 1990, along with Acorn and VLSI. After the Newton introduced the ARM architecture to an international audience, then DEC, etc. started licensing it. Apple reaped the rewards, by selling their ARM stock for hundreds of millions of dollars in the late-90's, when they were digging out of a crisis.
ARM was not the overwhelmingly obvious choice for a 32-bit handheld system at the time. MIPS was in several designs, and the PalmPilot used a DragonBall processor. Even making a personal CPU architecture was still an option, though not an especially viable one.
That's completely immaterial. A hardware router is distinguished from a software router by whether it is or is not a general-purpose computer. Hardware routers range from that little D-Link all the way up to Cisco boxes. In the most extreme designs, the hardware provides a dedicated I/O processor that performs the actual routing functions, allowing it to route data considerably faster than a general-purpose computer can.
A hardware router is distinguished from a software router by the fact that a software router is capable of executing general-purpose instructions. In theory, you can make a hardware router that is only ever able to execute routing functions, and I think many routers do have portions of TCP/IP hard-wired into the silicon, but I'm not aware of routers where that's the only thing they do. In practice, the highest-level hardware routing that I know is the MAC caching in unmanaged switches.
Home routers are especially bad. Only a few of them use hardware for the routing, and all of them have general-purpose processor cores. The 802.11n router that I got for $50 this year has 128MB of RAM, 32MB of storage, and a 680MHz MIPS 24K processor. Except for the storage and floating point, that's far more computing power than I had in my desktop 15 years ago. I could install X Window libraries and run graphical programs from my router. If I wanted to, I could even attach USB storage and display adapter, and use it as my desktop.
I think you missed my point, which was that yes, you could do exactly what you're suggesting, but it would be just as easy to do that at any router along your data's path to its destination. As soon as the data leaves your intranet, it's like sending a postcard.
But your router is an integral part of your intranet. With a little more paranoia, I can imagine a router doing vulnerability scans, or proxying a device with more memory that can do the vulnerability scans, and giving some third-party access to your computing devices. Systems are often set up to share a lot on the local network, for convenience and because the intranet is considered to be "safe." If you don't want to be in a position to trust your router, then you really should consider your security boundary to be your computer, and distrust anything that leaves or enters your NIC.
Which really is not that bad of an idea. "Hard and crunchy on the outside; soft and chewy on the inside" is how some people describe networks where they trust the firewall. Now that sort of attitude is especially useful for an environment with BYOD and APT; most recently, Google is famously structuring their network so they don't have to trust their intranets.
Just because there are many threats, doesn't mean you should bring untrustworthy devices onto your own premises. You should do defense in depth.
My iMac G4 begs to differ. It's stuck on 10.4.
And that's why I like Linux. When Apple discontinues support for that old machine, Linux is there for you.