There is no difference, and no regulation proposed on either. The regulation only applies when you add the ability to dial to and/or receive calls from the PSTN.
Sure, but if you're interpretting a long/complex message, you typically need to write it down. That still means the ham radio operator needs to stop during message transmission/reciept.
More importantly, this was telegraph vs SMS.
If you want to pull out a ham radio, then give me a full sized keyboard and we'll see who can send a message faster.
I can type almost twice as fast, using predictive text.
I'm simply familiar with the words it comes up with (good vs home are the same key strokes -- I know which is first, and how many times to hit 0 for "next word")
Consider: the cell phone text message delivery time included the amount of time it took for the network to deliver the message (as well as the typing)
Let's try another test; let's send the same message to each of five different recipients randomly selected out of a possible thousand recipients, then travel to a randomly selected location within two city blocks and send a new message to those five people again.
Anybody want to bet that by the time the telegraph operator gets his system reconnected to send to the second recipient, the phone user will have finished walking to the randomly selected location (sending the first batch of five messages while walking?)
Sure, and anybody watching bugtraq (and other similar lists) knows that regardless of OS and/or installed base, anything you have which is internet facing needs to be patched.
Well you've heard of it now. My only real experience with linux ended with the box getting owned before I had time to secure it.
These days I trust that linux is likely secure enough out of the box. OTOH, I've had a WinXPsp2 (slipstreamed CD) running after install and activation but nothing else running for over a month without any hardware firewall and it hasn't been compromised yet either.
The XP install is running under Virtual PC and has a NIC connected straight to the net, no firewall or anything else. The rest of my network is behind a couple BSD-based firewalls.
However there is a catch: OEM licenses are not transferable between machines.
If you're the type of person who buys a new system every 6-12 months, you'll get your moneys worth out of a full version since you can move it between PCs, whereas you'd have to repurchase an OEM license each time.
Nothing stops you from doing just that -- But what does it cost Microsoft to issue you a license?
Lets face it, you're already using Windows anyway, without paying Microsoft. How are they further damaged if they give you a key (and hope you stay legit)?
On the other hand, for the innocent user who thought they purchased a legitimate copy, they're coming across as the good guy.
So it's a win/win for Microsoft AND nobody else gets hurt in the process.
This program is aimed at the legitimate end users who think they have a legitimate copy, but found out otherwise due to Microsoft's recent attempts at validation.
You generate a random amount of excess data, then Alice reveals to Bob which data is excess (in a "bits 2, 5, 9, 10, 11, 19... are excess" format). We'll call the non-excess data the key.
Next, Bob reads half the excess data back to Alice and Alice reads the other half to Bob.
This transmission would not need to be encrypted at all since there are two possibilities, either it's identical on both sides and therefore was not intercepted and is now useless OR the data doesn't match, and both the excess AND key data gets thrown out.
If the excess bits match, you now know that only the two parties have the key and you can proceed to encrypt the data using the key.
It depends on what type of "security through obscurity" you're talking about.
In essense all passwords are simply security through obscurity. This isn't a bad thing.
However, if you're talking about running a mail server with a known exploit, and instead of patching the exploit you simply hide the mail server's product name/version in the greeting string, then it's a very bad thing.
The problem with #4 is that it could get compromised just as easily as the "main" password.
However, if #4 still requires the real password too and you only get one chance to use the unlock password in concert with the main password then you might have a good idea.
Most SOHO gear has a "DMZ IP" -- Anything which hits the external IP and doesn't match a state entry or an explicit NAT rule gets routed to the DMZ IP. This is a perversion of the original concept of a DMZ.
The idea behind a DMZ is that it's a seperate interface on the firewall which is not totally exposed to the internet (the firewall still plays a role), but doesn't have full access to your local LAN either.
You'd put machines that need direct internet access into your DMZ (Mail servers, web servers, etc), but you'd build the firewall under the concept that the DMZ'd servers are hostile (or at least will become compromised at some point in the future) and should not have unrestricted access to your local network.
It can help though -- My CPU fan spins at 3000rpm and only manages to keep my CPU around 35C.
Cooling my case is much easier, I have a 120cm fan in my power supply and a couple 80cm fans elsewhere, all spinning at 800rpm, making substantially less noise.
Keep in mind that 100% of the CPU's output, plus the heat from all the other components is dumped into the case, and from there my case fans dump the heat into my office.
Spreading out the heat from one single core vs multiple cores and make the cooling problem much simpler if the goal is simply to remove the heat from the system and into the environment.
Since the majority of the year I'm running a furnace to heat my house I have trouble getting upset over the amount of heat my computer puts out as it gets released into my house anyway.
It's not as efficient as natural gas, but it's not like the heat energy is wasted either.
Slashdot Mirror
If the letter said to appear in court for an ass reaming, no.
If the letter said "Please stop downloading music", I'd consider stopping.
Then the next time I bought some blank CDs, didn't use them for music, but still payed the CD levy, I'd go back to downloading.
Exactly -- Same price, some noise, less work.
That's a major benefit.
There is no difference, and no regulation proposed on either. The regulation only applies when you add the ability to dial to and/or receive calls from the PSTN.
The internet traffic is not being regulated, only where the VoIP system interfaces with the PSTN.
In other words, if you create a PC to PC pure-VoIP system (or an ATA to ATA VoIP system and use analog phones on both ends), no regulation applies.
However, as soon as you want to interface with the PSTN system and get NANP numbers assigned, you have to agree to regulation.
Sure, but if you're interpretting a long/complex message, you typically need to write it down. That still means the ham radio operator needs to stop during message transmission/reciept.
More importantly, this was telegraph vs SMS.
If you want to pull out a ham radio, then give me a full sized keyboard and we'll see who can send a message faster.
I can type almost twice as fast, using predictive text.
I'm simply familiar with the words it comes up with (good vs home are the same key strokes -- I know which is first, and how many times to hit 0 for "next word")
True... I always send text messages when it's permitted to talk, but I simply don't feel the need to let anybody else hear the conversation.
Consider: the cell phone text message delivery time included the amount of time it took for the network to deliver the message (as well as the typing)
Let's try another test; let's send the same message to each of five different recipients randomly selected out of a possible thousand recipients, then travel to a randomly selected location within two city blocks and send a new message to those five people again.
Anybody want to bet that by the time the telegraph operator gets his system reconnected to send to the second recipient, the phone user will have finished walking to the randomly selected location (sending the first batch of five messages while walking?)
11 years of research and it didn't occur to him to make a backup?
I bet he won't do that again.
Sure, and anybody watching bugtraq (and other similar lists) knows that regardless of OS and/or installed base, anything you have which is internet facing needs to be patched.
That's life.
Well you've heard of it now. My only real experience with linux ended with the box getting owned before I had time to secure it.
These days I trust that linux is likely secure enough out of the box. OTOH, I've had a WinXPsp2 (slipstreamed CD) running after install and activation but nothing else running for over a month without any hardware firewall and it hasn't been compromised yet either.
The XP install is running under Virtual PC and has a NIC connected straight to the net, no firewall or anything else. The rest of my network is behind a couple BSD-based firewalls.
I don't see removable media as a security risk on a server -- By the time someone has enough access to touch the server, they've already won.
However there is a catch: OEM licenses are not transferable between machines.
If you're the type of person who buys a new system every 6-12 months, you'll get your moneys worth out of a full version since you can move it between PCs, whereas you'd have to repurchase an OEM license each time.
If it takes you 30 minutes to activate, you need to learn Engrish (or whatever langauge the activation folks speak this week)
I've reactivated half a dozen times in the past few months (each machine got reinstalled once) and no call has lasted longer then 10 minutes.
Nothing stops you from doing just that -- But what does it cost Microsoft to issue you a license?
Lets face it, you're already using Windows anyway, without paying Microsoft. How are they further damaged if they give you a key (and hope you stay legit)?
On the other hand, for the innocent user who thought they purchased a legitimate copy, they're coming across as the good guy.
So it's a win/win for Microsoft AND nobody else gets hurt in the process.
Weird.
This program is aimed at the legitimate end users who think they have a legitimate copy, but found out otherwise due to Microsoft's recent attempts at validation.
What part of "in the United States" don't you understand?
This is easily solveable.
You generate a random amount of excess data, then Alice reveals to Bob which data is excess (in a "bits 2, 5, 9, 10, 11, 19... are excess" format). We'll call the non-excess data the key.
Next, Bob reads half the excess data back to Alice and Alice reads the other half to Bob.
This transmission would not need to be encrypted at all since there are two possibilities, either it's identical on both sides and therefore was not intercepted and is now useless OR the data doesn't match, and both the excess AND key data gets thrown out.
If the excess bits match, you now know that only the two parties have the key and you can proceed to encrypt the data using the key.
It depends on what type of "security through obscurity" you're talking about.
In essense all passwords are simply security through obscurity. This isn't a bad thing.
However, if you're talking about running a mail server with a known exploit, and instead of patching the exploit you simply hide the mail server's product name/version in the greeting string, then it's a very bad thing.
The problem with #4 is that it could get compromised just as easily as the "main" password.
However, if #4 still requires the real password too and you only get one chance to use the unlock password in concert with the main password then you might have a good idea.
Why would you change AND expire passwords?
Simply expiring the password and notifying the user of the reason should do the trick.
Most SOHO gear has a "DMZ IP" -- Anything which hits the external IP and doesn't match a state entry or an explicit NAT rule gets routed to the DMZ IP. This is a perversion of the original concept of a DMZ.
The idea behind a DMZ is that it's a seperate interface on the firewall which is not totally exposed to the internet (the firewall still plays a role), but doesn't have full access to your local LAN either.
You'd put machines that need direct internet access into your DMZ (Mail servers, web servers, etc), but you'd build the firewall under the concept that the DMZ'd servers are hostile (or at least will become compromised at some point in the future) and should not have unrestricted access to your local network.
It can help though -- My CPU fan spins at 3000rpm and only manages to keep my CPU around 35C.
Cooling my case is much easier, I have a 120cm fan in my power supply and a couple 80cm fans elsewhere, all spinning at 800rpm, making substantially less noise.
Keep in mind that 100% of the CPU's output, plus the heat from all the other components is dumped into the case, and from there my case fans dump the heat into my office.
Spreading out the heat from one single core vs multiple cores and make the cooling problem much simpler if the goal is simply to remove the heat from the system and into the environment.
Since the majority of the year I'm running a furnace to heat my house I have trouble getting upset over the amount of heat my computer puts out as it gets released into my house anyway.
It's not as efficient as natural gas, but it's not like the heat energy is wasted either.
Sure, and that's important if you're writing to the DB much.
This isn't always the case if the DB is being read constantly but updates infrequently.
You've heard of usenet? -- Usenet is already approaching 150Mb/s, plus you're not just writing, you're reading too.
Exceeding 150Mb/s isn't difficult.