Will the War on Terrorism end terrorism? No matter how much money you throw at it no matter how much technology no matter how many rights and liberties you abridge or discard both drugs and terrorism will be with us.
At least Ronald Regan knew he was kidding when he "The Soviet Union has been outlawed. The bombing will begin in 5 minutes".
Throughout history we've many directors of homeland security: Robespierre, Himler, Lavrenti Beria, Vichy France, Cromwell, the Staasi. Not a good plan for us either.
That was established to investigate Echelon. Here's how it works: Most skimming is automatic eg. filters pull out email and other transmissions, unpack them and make an educated guess as to the contents. Keyword ident works on recogniazable text. So unless you have a human being staring at the fax image and they happen to understand the language you're writing in there is no automatic electronic ability to decode a handwritten fax message. And even with that it would typically have to be transmitted between two phone numbers someone cares enough about to monitor.
So next time think about what you write before you write it or someone will accuse you of the most stupidist thing they've ever heard.
Plus you have a bunch of airlines who after 20 years of gouging customers, selling crappy service and poor maintenance, weak security and high prices finally have an oligopoly that is so awful the fear is that ridership will drop off a cliff. So they go to the big bad gubmint and ask for a handout of between 15-24 Billion dollars. They cut service in half and use it as an excuse to cry poverty, say they can't provide security at any price to be borne by them.
The only diference between arlines and cigarettes is airlines have better PR.
You can figure that by this time next year there will be two US airines left and it will cost 1500 to fly from NYC to Miami and it will take 6 hrs to board the plane and we'll be told to be damn thankful.
In 1776 it was the right to bear arms. In 2001 it's the right to control access to and distribution of your INFORMATION. Why is it that the folks in favor of no gun laws are carping for unhindered givernment access to broken crypto. They are the same damn thing separated by a hundred years. Weak crypto won't protect us against terrorists any more the erasure of gun control laws.
Many of the laws that abut privacy and public saftey and policy are from a time where the infrastructure was built owned and operated by the government. Think roads, bridges, canals. Think the early days of the net. Flash forward and much of the infrastructure is private like the phone systems, the internet now, private databases, ariline ticket systems, weblogs and so on. So the question you have to ask yourself is just exactly who does the expansion of these government privileges to search and monitor help? Does it help them, does it help WalMArt, does it help WorldCom, does it help you? Sometimes those are tricky questions. Now certainly there is some merit to changing the wiretapping law to follow a PERSON insead of a FIXED NUMBER but what is the new context for requesting a wiretap at all? Suspicion? Someone else's vague reference to what might be you, online? The movement of your car tracked by Onstar? A cell phone call sent or received somewhere in the vicinity of your home? Those are tough questions. And partially the answer has to do with how will such and such actually help.
I still maintain that you have to follow the money. Is there not some direct benefit to be gained in breaking open international banking secrecy laws so that Swiss, Cayman, Panamanian banks can't launder the money used to kill people. And is not that benefit at least as great as the benefit to be gained by applying open ended survellience on large segments of a profiled population?
On the one hand we are supposed to force Israel to stop defeding itself against terrorism and other hand the US now believes it is its holy fucking manifest destiny to wage war on the whole world in general and no one in particular.
I'm suprised it took you wingnuts only a week to blame an attack by Arabs on the US, on the Jews. Why don't pull your antisemitic heads out of your asses and read what OBL has to say which is to punish moderate Islamic states like Saudi Arabia for allowing the infidel US on it's soil. He can't go after the Sauds directly because it would mean the destruction of his own family so he goes after the US who trained and armed him.
Why can't they just use those metal and leather thongs with the metal bras and fur trim and big ass spears, spike heel thigh high boots. The men can dress like gladiators. At least that's how it is in the movies.
I'm with Katz. Show support - sure. Have all of Congress hold a sing along for the cameras, that's just lame. Show endless carnage on TV followed by feel-good warnings about "What to tell the children..." What is this make-news about?
What's this national prayer coverage, with Senators going on at great length about Jeremiah? I'm pretty sure everyone believes God is on their side and that they're justified.
Really- the media channels decided that whether they had anything to say or not they are going to stay on the air 24-7. Did they forget that they are in the business of news? I for one am tiring of being told just exactly how and when I have to experience some cathartic reaction.
They haven't even done a good job of getting their own facts straight in a foaming effort scoop one another. It's been an endless stream of interruptions to their interruptions followed by corrections and counterclaims.
And now the first polls are out. 90% of people want immediate violent force applied pretty much anywhere. That's kind of like asking a rape victim's father the day after if he wants to kill the rapists whole family.
A chorus of talking heads screaming "Nuke the ragheads!!!" "Crush terrorism everywhere!!!"
Everywhere? Gee I really can't see O'Reilly advocating we carpet bomb Belfast or assassinate the IRA leadership.
So in the end it's NOT eradicate terrorism everywhere. It's eradicate terrorism OVER THERE. and even that it's eradicate terrorism over there if they don't sell oil to us, have a really big mechanized army or have missiles or a strong cultural bond with people over here.
Let's get through this paroxym and work toward keeping our citizens and the citizens of our allies safe.
0) The most common way to run Linux 390 is to run it as a guest under VM. Not natively and not in an LPAR. There continue to be some problems with the Kernel vis a vis task scheduling and interrupts where the kernel expects to have uninterrupted access to the HW. This is what limits the use of complex firewall rules running in gated if you try to run virtual routers/firewalls. So the work tuning Linux on 390 isn't done yet.
1) Nobody has a 10MB mailbox. We have corp dictat to keep them under 250MB and most people complain about that. So you have to use some realistic number. You also have to consider that email/groupware is the poor man's ftp in the corp so you have to be able to bulk move all kinds of very large attachments.
2) The support costs for Linux 390 or essentially the same as for any other kind of Linux because IT IS Linux. 99% of a sysadmins job would never touch VM even if running as a guest of VM.
3) Do you really want to manage all the security problems, viruses and macro hacks for 50,000 Exchange users?
There is a piece about this in Ha'aretz
on
More WTC News
·
· Score: 4, Interesting
In the English language edition of Ha'Aretz today there is a short piece from an engineer who talks about the contruction of Israeli tall buildings. Basically concrete is more fire resistant and cheaper than steel. The downside is that it takes twice as long to build compared to steel.
Also as anyone who has ever been to the top of the WTC towers knows - the towers would sway up to a foot in high winds, twisting actually. I'm dubious one could make a concrete structure that could sway w/o breaking. The other problem with very tall buildings which WTC attempted to solve is the problem of elevators. Queueing theory and engineers at Otis Elevator will tell that buildings that tall get consumed by elevator shafts which makes the building a financial mistake. WTC had an open floor design with each floor of nearly an acre of unobstructed space ~200x200 feet. That is why the buildings were held up by their outside walls and why there were express elevators and elevators that started at high floors.
Politics is the entertainment wing of industry. You don't need to 'buy' a country. All you need to do is buy the people who sit in key organizational, policy and operational roles in government. Those are called elections.
How much computing power do you need to brute force solve every 128 bit encrypted data stream in the world, every day in near real time? How much computing power do you need to pattern match and keyword search every data stream in the world every day in near real time? And oh yeah - do it in a hundred languages including all the DBCS.
Outlook client - wowie. Be still my heart.
802.11b - so you can wander around your office using the Outlook client to:
1) Get windows media files and play them back. Obviously that feature has ZERO utility on a WAN link.
2) Get your mail - function limited by bandwidth
3) Play some games
4) Some vaguely enhanced security? WTF is that a built in SECUREID card? Don't think so Did MS secretly fix the man in the middle attack or develop a new encryption for WEP? Don't think so. Maybe its a poweron password or something equally exotic.
5) Anything else or do you have enough sunshine up your ass?
Gee that's a very tough problem. I'm sure I could say something meaningful about but I can't cover it in the allotted time or using the money you're paying me to do it.
Why does quality suck? Why does performance suck? What kind of quality are you talking about? Functional, aethetic (I guess you mean elegant though), fixable, manageable? Those are all different axes of quality that represent different things, having different values and are achieved through different means and methods. The reasons they fail are myriad:
1 Management doesn't have a clue
2 Programmers don't have the skill
3 No one cares if it's shit
4 The customer is insane
5 The customer is cheap
6 There are too many changes
7 There is no difference between success and failure
8 The technology is crap
9 Poor program/project management
10 Cult of the hero
11 A preference for predictable mediocrity over accidental brilliance
12 The arrogance to believe that what you do is art but what everyone else does is 'engineering'
13 No accountability for problems
14 No time for design
15 Thinking a packaged solution can be installed as-is
16 Inability to create useful requirements
17 Scope creep
18 No test plans
19 No QA
20 Poor cost and time estimates
Nor does it have ESCON adapters or OSA's or virtual routers or WLS or RACF all of which if they were functionally implemented on PC would tend to eat it alive. The point is that while the CEC itself maynot execute more 'ticks' than a Pentium the system architecture is designed to provide efficient performance.
The actual benchmark machine for 'Charlie' was a rather low end machine, probably 1 million total cost. With 40,000 images that's 25 bucks a server. Let's say that in practice that's off by a factor of 20. That's right let's say the benchmark understates the actual cost by 95%. That ends up $500 bucks a server. Still too much?
Isn't that the final irony that the biggest wealthiest and some would say most sophisticated companies will be the biggest consumers of NT-2K-XP while everyone else just gets by with fast good reliable stable safe open source. Fortune 500 firms will be able to afford all the convolutions of Windows code and will smugly assume that they're getting the best bang for the buck. They're not that sensitive to support costs so they'll be fat dumb and happy. Smaller firms, nonprofits and the like will use anything but Windows code.
But the biggest irony of all will be that MS will finally be an enterprise provider not because their stuff is any good but because large companies can afford it.
Happy now? Ya killed off online music. Well thank fucking god that all the starving artists will get to ride around in limo hottubs filled with Crystal and getting head from bootie Ho's. Wasn't that the argument?
I hope all you toadies and buttsuckers for the record industry are satisfied with lower volume sales and buyer apathy. All hail the muthafuckin RIAA !
Anyone? One has to wonder just WTF they do over there, no? This is starting to sound like the detox/rehab/wife beating world of family court. I mean there is what, a daily incident or problem where MS says - um yeah that's messed up too.
Name me another company that has this many security problems.
There are two Linux distros that run on IBM mainframes. One of them is SuSE the other is TurboLinux. Everything else is still in development and not officially sanctioned. IBM props up SuSE if no other reason, that one. For $45 million dollars they protect their investment in being able to run thousands of Linux images profitably in the CoLo business.
Actually I come from the mainframe world, the AS/400 where 6 minutes of unplanned downtime a year are the exception. Lots of hardware is highly reliable and better yet coming down the pike with improved self monitoring.
It's the software that's a problem. A kernel panic on one of 12 NT servers is less of a problem than a kernel panic on 1 of 1 NT servers. A problematic security hole caused by yet another ubiquitous IIS or Active Server glitch is more of a problem from a change control perspective if all your users are on box. A big box that still uses NetBIOS over TCP and blasts a ton a crud thorough port 139 is probably easier to manage from a firewall perspective if what you want is to filter traffic from-to by address but attempting to mount a network IDS on the box will present correlation engine problems in the shear volume of false positives that an NT based solution will generate.
It's a server. A big server. And hosting customers will DEMAND we move them from a large number of SMP boxes to one giant 64 bit server. Collapse a bunch of boxes down. OK so far so good. Reduce labor costs by reducing the number of servers though most of our metrics are based on the ratio of end users or accounts to boxes not the number of boxes. So lets say that Siebel rewrites their application for 64 bits and we run it. Let's say customer X now runs one giant instance of a DB on it or one GIANT authentication server/LDAP machine. All I've got to say is
Holy single fucking point of failure Batman!
An Intel box as big as a huge ass Sun or a RS/6k-S80 will cost at least as much to support and twice as much to harden for security.
Not a critcism just a fact - we'll have to reshape all of our SLAs to reflect the unreliability inherent with consolidation.
Who's shown to be giving quarter to the Taliban. Do we nuke them? Can they nuke us back?
Will the War on Terrorism end terrorism? No matter how much money you throw at it no matter how much technology no matter how many rights and liberties you abridge or discard both drugs and terrorism will be with us.
At least Ronald Regan knew he was kidding when he "The Soviet Union has been outlawed. The bombing will begin in 5 minutes".
Throughout history we've many directors of homeland security: Robespierre, Himler, Lavrenti Beria, Vichy France, Cromwell, the Staasi. Not a good plan for us either.
That was established to investigate Echelon. Here's how it works: Most skimming is automatic eg. filters pull out email and other transmissions, unpack them and make an educated guess as to the contents. Keyword ident works on recogniazable text. So unless you have a human being staring at the fax image and they happen to understand the language you're writing in there is no automatic electronic ability to decode a handwritten fax message. And even with that it would typically have to be transmitted between two phone numbers someone cares enough about to monitor.
So next time think about what you write before you write it or someone will accuse you of the most stupidist thing they've ever heard.
The existance of encryption is irrelevant. In fact one of the most secure forms of electronic information is a handwritten fax.
Plus you have a bunch of airlines who after 20 years of gouging customers, selling crappy service and poor maintenance, weak security and high prices finally have an oligopoly that is so awful the fear is that ridership will drop off a cliff. So they go to the big bad gubmint and ask for a handout of between 15-24 Billion dollars. They cut service in half and use it as an excuse to cry poverty, say they can't provide security at any price to be borne by them.
The only diference between arlines and cigarettes is airlines have better PR.
You can figure that by this time next year there will be two US airines left and it will cost 1500 to fly from NYC to Miami and it will take 6 hrs to board the plane and we'll be told to be damn thankful.
In 1776 it was the right to bear arms. In 2001 it's the right to control access to and distribution of your INFORMATION. Why is it that the folks in favor of no gun laws are carping for unhindered givernment access to broken crypto. They are the same damn thing separated by a hundred years. Weak crypto won't protect us against terrorists any more the erasure of gun control laws.
Many of the laws that abut privacy and public saftey and policy are from a time where the infrastructure was built owned and operated by the government. Think roads, bridges, canals. Think the early days of the net. Flash forward and much of the infrastructure is private like the phone systems, the internet now, private databases, ariline ticket systems, weblogs and so on. So the question you have to ask yourself is just exactly who does the expansion of these government privileges to search and monitor help? Does it help them, does it help WalMArt, does it help WorldCom, does it help you? Sometimes those are tricky questions. Now certainly there is some merit to changing the wiretapping law to follow a PERSON insead of a FIXED NUMBER but what is the new context for requesting a wiretap at all? Suspicion? Someone else's vague reference to what might be you, online? The movement of your car tracked by Onstar? A cell phone call sent or received somewhere in the vicinity of your home? Those are tough questions. And partially the answer has to do with how will such and such actually help.
I still maintain that you have to follow the money. Is there not some direct benefit to be gained in breaking open international banking secrecy laws so that Swiss, Cayman, Panamanian banks can't launder the money used to kill people. And is not that benefit at least as great as the benefit to be gained by applying open ended survellience on large segments of a profiled population?
On the one hand we are supposed to force Israel to stop defeding itself against terrorism and other hand the US now believes it is its holy fucking manifest destiny to wage war on the whole world in general and no one in particular.
I'm suprised it took you wingnuts only a week to blame an attack by Arabs on the US, on the Jews. Why don't pull your antisemitic heads out of your asses and read what OBL has to say which is to punish moderate Islamic states like Saudi Arabia for allowing the infidel US on it's soil. He can't go after the Sauds directly because it would mean the destruction of his own family so he goes after the US who trained and armed him.
But please continue, go back to blaming the Jews.
Why can't they just use those metal and leather thongs with the metal bras and fur trim and big ass spears, spike heel thigh high boots. The men can dress like gladiators. At least that's how it is in the movies.
I'm with Katz. Show support - sure. Have all of Congress hold a sing along for the cameras, that's just lame. Show endless carnage on TV followed by feel-good warnings about "What to tell the children..." What is this make-news about?
What's this national prayer coverage, with Senators going on at great length about Jeremiah? I'm pretty sure everyone believes God is on their side and that they're justified.
Really- the media channels decided that whether they had anything to say or not they are going to stay on the air 24-7. Did they forget that they are in the business of news? I for one am tiring of being told just exactly how and when I have to experience some cathartic reaction.
They haven't even done a good job of getting their own facts straight in a foaming effort scoop one another. It's been an endless stream of interruptions to their interruptions followed by corrections and counterclaims.
And now the first polls are out. 90% of people want immediate violent force applied pretty much anywhere. That's kind of like asking a rape victim's father the day after if he wants to kill the rapists whole family.
A chorus of talking heads screaming "Nuke the ragheads!!!" "Crush terrorism everywhere!!!"
Everywhere? Gee I really can't see O'Reilly advocating we carpet bomb Belfast or assassinate the IRA leadership.
So in the end it's NOT eradicate terrorism everywhere. It's eradicate terrorism OVER THERE. and even that it's eradicate terrorism over there if they don't sell oil to us, have a really big mechanized army or have missiles or a strong cultural bond with people over here.
Let's get through this paroxym and work toward keeping our citizens and the citizens of our allies safe.
0) The most common way to run Linux 390 is to run it as a guest under VM. Not natively and not in an LPAR. There continue to be some problems with the Kernel vis a vis task scheduling and interrupts where the kernel expects to have uninterrupted access to the HW. This is what limits the use of complex firewall rules running in gated if you try to run virtual routers/firewalls. So the work tuning Linux on 390 isn't done yet.
1) Nobody has a 10MB mailbox. We have corp dictat to keep them under 250MB and most people complain about that. So you have to use some realistic number. You also have to consider that email/groupware is the poor man's ftp in the corp so you have to be able to bulk move all kinds of very large attachments.
2) The support costs for Linux 390 or essentially the same as for any other kind of Linux because IT IS Linux. 99% of a sysadmins job would never touch VM even if running as a guest of VM.
3) Do you really want to manage all the security problems, viruses and macro hacks for 50,000 Exchange users?
In the English language edition of Ha'Aretz today there is a short piece from an engineer who talks about the contruction of Israeli tall buildings. Basically concrete is more fire resistant and cheaper than steel. The downside is that it takes twice as long to build compared to steel.
Also as anyone who has ever been to the top of the WTC towers knows - the towers would sway up to a foot in high winds, twisting actually. I'm dubious one could make a concrete structure that could sway w/o breaking. The other problem with very tall buildings which WTC attempted to solve is the problem of elevators. Queueing theory and engineers at Otis Elevator will tell that buildings that tall get consumed by elevator shafts which makes the building a financial mistake. WTC had an open floor design with each floor of nearly an acre of unobstructed space ~200x200 feet. That is why the buildings were held up by their outside walls and why there were express elevators and elevators that started at high floors.
Politics is the entertainment wing of industry. You don't need to 'buy' a country. All you need to do is buy the people who sit in key organizational, policy and operational roles in government. Those are called elections.
How much computing power do you need to brute force solve every 128 bit encrypted data stream in the world, every day in near real time? How much computing power do you need to pattern match and keyword search every data stream in the world every day in near real time? And oh yeah - do it in a hundred languages including all the DBCS.
Outlook client - wowie. Be still my heart.
802.11b - so you can wander around your office using the Outlook client to:
1) Get windows media files and play them back. Obviously that feature has ZERO utility on a WAN link.
2) Get your mail - function limited by bandwidth
3) Play some games
4) Some vaguely enhanced security? WTF is that a built in SECUREID card? Don't think so Did MS secretly fix the man in the middle attack or develop a new encryption for WEP? Don't think so. Maybe its a poweron password or something equally exotic.
5) Anything else or do you have enough sunshine up your ass?
Gee that's a very tough problem. I'm sure I could say something meaningful about but I can't cover it in the allotted time or using the money you're paying me to do it.
Why does quality suck? Why does performance suck? What kind of quality are you talking about? Functional, aethetic (I guess you mean elegant though), fixable, manageable? Those are all different axes of quality that represent different things, having different values and are achieved through different means and methods. The reasons they fail are myriad:
1 Management doesn't have a clue
2 Programmers don't have the skill
3 No one cares if it's shit
4 The customer is insane
5 The customer is cheap
6 There are too many changes
7 There is no difference between success and failure
8 The technology is crap
9 Poor program/project management
10 Cult of the hero
11 A preference for predictable mediocrity over accidental brilliance
12 The arrogance to believe that what you do is art but what everyone else does is 'engineering'
13 No accountability for problems
14 No time for design
15 Thinking a packaged solution can be installed as-is
16 Inability to create useful requirements
17 Scope creep
18 No test plans
19 No QA
20 Poor cost and time estimates
Those are just the ones I saw today.
I could have anyone in the world kidnapped and brought to my secret Caribbean base while coffee colored lesbians peel me grapes and fan me.
Nor does it have ESCON adapters or OSA's or virtual routers or WLS or RACF all of which if they were functionally implemented on PC would tend to eat it alive. The point is that while the CEC itself maynot execute more 'ticks' than a Pentium the system architecture is designed to provide efficient performance.
The actual benchmark machine for 'Charlie' was a rather low end machine, probably 1 million total cost. With 40,000 images that's 25 bucks a server. Let's say that in practice that's off by a factor of 20. That's right let's say the benchmark understates the actual cost by 95%. That ends up $500 bucks a server. Still too much?
Isn't that the final irony that the biggest wealthiest and some would say most sophisticated companies will be the biggest consumers of NT-2K-XP while everyone else just gets by with fast good reliable stable safe open source. Fortune 500 firms will be able to afford all the convolutions of Windows code and will smugly assume that they're getting the best bang for the buck. They're not that sensitive to support costs so they'll be fat dumb and happy. Smaller firms, nonprofits and the like will use anything but Windows code.
But the biggest irony of all will be that MS will finally be an enterprise provider not because their stuff is any good but because large companies can afford it.
Happy now? Ya killed off online music. Well thank fucking god that all the starving artists will get to ride around in limo hottubs filled with Crystal and getting head from bootie Ho's. Wasn't that the argument?
I hope all you toadies and buttsuckers for the record industry are satisfied with lower volume sales and buyer apathy. All hail the muthafuckin RIAA !
Anyone? One has to wonder just WTF they do over there, no? This is starting to sound like the detox/rehab/wife beating world of family court. I mean there is what, a daily incident or problem where MS says - um yeah that's messed up too.
Name me another company that has this many security problems.
There are two Linux distros that run on IBM mainframes. One of them is SuSE the other is TurboLinux. Everything else is still in development and not officially sanctioned. IBM props up SuSE if no other reason, that one. For $45 million dollars they protect their investment in being able to run thousands of Linux images profitably in the CoLo business.
Actually I come from the mainframe world, the AS/400 where 6 minutes of unplanned downtime a year are the exception. Lots of hardware is highly reliable and better yet coming down the pike with improved self monitoring.
It's the software that's a problem. A kernel panic on one of 12 NT servers is less of a problem than a kernel panic on 1 of 1 NT servers. A problematic security hole caused by yet another ubiquitous IIS or Active Server glitch is more of a problem from a change control perspective if all your users are on box. A big box that still uses NetBIOS over TCP and blasts a ton a crud thorough port 139 is probably easier to manage from a firewall perspective if what you want is to filter traffic from-to by address but attempting to mount a network IDS on the box will present correlation engine problems in the shear volume of false positives that an NT based solution will generate.
And so on.
It's a server. A big server. And hosting customers will DEMAND we move them from a large number of SMP boxes to one giant 64 bit server. Collapse a bunch of boxes down. OK so far so good. Reduce labor costs by reducing the number of servers though most of our metrics are based on the ratio of end users or accounts to boxes not the number of boxes. So lets say that Siebel rewrites their application for 64 bits and we run it. Let's say customer X now runs one giant instance of a DB on it or one GIANT authentication server/LDAP machine. All I've got to say is
Holy single fucking point of failure Batman!
An Intel box as big as a huge ass Sun or a RS/6k-S80 will cost at least as much to support and twice as much to harden for security.
Not a critcism just a fact - we'll have to reshape all of our SLAs to reflect the unreliability inherent with consolidation.