It doesn't expand because there is nothing to expand on unless you're filtering all packets rather than only those that have been identified as potentially spurious traffic.
Huh? Presumably by "potentially spurious traffic" you mean any SYN+ACK packets coming from the server that is being attacked? How are you going to identify which of those are legit and which aren't? You _do_ need to expand on this because frankly it is not clear how you would do this, given the problems I have already explained.
Yes, you block potentially legitimate SYN+ACK packets but considering this is a web host we're talking about.. when is the server going to be initiating connections?
The server is unlikely to be initiating connections. However, that is irrelevant since blocking SYN+ACK packets that the server sent would stop it *accepting* connections, not making them (and is exactly what the ISPs have been doing which you are complaining about!)
The point is, it is still blocking all the unwanted traffic through that link while still allowing people to access the site.
No... no it isn't - your choice is to either block *all* the SYN+ACK packets (and hence prevent anyone from connecting to the server) or somehow identify which are the legitimate ones and block everything else. The latter "solution" is something that you seem to think is easy but have failed to expand on how it could reasonably be done. All you have done is a bit of handwaving and stated that there is "nothing to expand" upon.
Issues about asymmetric routing are more applicable to the proxy approach
Wrong. The only way you are going to work out which SYN+ACK packets are legitimate is by watching the SYN packets leaving your network and then somehow distributing that information across all the routers that the SYN+ACK packets might take to enter your network. This is easy where you have symmetric routing since no distribution needs to be done, but in the case of asymmetric routing it is a hard problem.
Both of the above methods also suffer from the exact same problem that SYN cookies were invented to prevent - namely, there is a device on the network which has to remember the status of all the pending connections which may have been started by spoofed packets. Sure, your firewall is protecting the real server from seeing these spoofed packets, but the firewall itself will collapse under the load of tracking millions of half-open connections from an attacker.
Geez, you think hardware is the limiting factor?
Actually, yes. At the bandwidths you're talking about, you have to track a very large number of connections and look them up at extremely high speeds.
I'm just barely a layperson in these matters
It certainly shows. I'm a professional freelance network security consultant and software developer.
I don't mean to be disrespectful, but you appear to have seen someone saying "this is a solution" and accepted it more or less at face value rather than thinking it through to the logical conclusions and seeing why it is flawed and largely unworkable. This may be because you haven't had a lot of experience about how large networks, and the internet at large, work - I don't know.
You were doing so great until this bit. Or I hadn't realised that one of the biggest ISPs in the USA lacked the capability to do something as simple as filtering out unwanted ACKs.
That discussion appears to address 2 separate problems, both in infeasible ways:
1. Rejecting unsolicited ACKs - "SYN+ACK -> (check if your network requested it) -> (if yes) -> then -> ALLOW -> else (REJECT)": It doesn't really expand on a method of doing this, but usually you would use connection tracking, whereby you remember the state of all connections running through the router. This is a pretty resource intensive setup and is nigh on unworkable in networks with asymmetric or non-deterministic routing. I.e. it isn't something that I would expect an ISP as big as AT&T to be able to implement, especially at the drop of a hat. Sure, it's easy enough to do on your home network, but it just ain't going to work at the ISP level without some *serious* effort.
2. Prevention of SYN floods by proxying the connection initialisation: The method described here will lead to you being able to connect to *any* server, even if it isn't accepting connections. Only once the connection is fully established will the real server be contacted, whereupon you may well discover that the server doesn't accept connections on that port, or doesn't even exist. If my ISP pulled that kind of stunt, I'd be finding a new ISP as soon as possible and I would be advising my customers to do the same because messing with network traffic like that is going to cause all sorts of "weird shit" problems, cause software to use incorrect error messages when reporting failures and generally make debugging network issues absolute hell.
Both of the above methods also suffer from the exact same problem that SYN cookies were invented to prevent - namely, there is a device on the network which has to remember the status of all the pending connections which may have been started by spoofed packets. Sure, your firewall is protecting the real server from seeing these spoofed packets, but the firewall itself will collapse under the load of tracking millions of half-open connections from an attacker.
Or so DRM advocates would have you believe. Copyright law just doesn't read that way.
[Citation Needed] When I go into a shop and buy a book, I do not sign a licence agreement, I go to the cashier and say "I want to buy this book" and they accept some money in return. That constitutes purchasing the *book*, not a licence to the contents of the book. I did not purchase the copyright to the contents, so copyright law dictates that I can't make copies of the contents (except in certain explicitly allowed ways) but that doesn't detract from the fact that I purchased the actual book and can do whatever I like with it within the confines of the law - this includes reselling it, burning it or using it as cat litter.
Conversely, when you buy an eBook from Amazon, or a DRMed song from iTunes, you are purchasing a licence to use the content, not the content itself. The licence you are agreeing to contains many restrictions over and above what you would have if you had actually purchased the item instead of a licence, such as prohibiting reselling and allowing the licence to be revoked in the future.
It's more practical for them to do this than for them to burn customer copies of real books they sold, but it's no different in terms of copyrigh tlaw.
I'm pretty sure that if Amazon broke into my house, removed a book I had purchased and burned it then they would be guilty of breaking and entering, criminal damage and probably a number of other laws, whether or not they refunded my money.
I would go as far to say that the *majority* or websites don't need an SSL certificate. And for those that do £50 is hardly a great expenditure.
The majority of websites don't use SSL so your argument seems to be bunk anyway. Of those that do, a reasonable number are interested in encryption but uninterested in paying for a certificate, thus they use self signed certs, which do the job for free.
Security on the internet should be an inherent part of the system, not down to whether a five year old understands how a website can compromise the computer they are using.
In my opinion if you have to ask about a security cert then you should "just say no".
But really if the certificate doesn't add up, the site should be cut off at the router level.
You're going to cut off big chunks of the internet by that attitude - hobbiests, quite rightly, don't want to pay CAs for certificates for the websites they operate.
The Windows approach (as evident in UAC, warning dialogs, wizards, overly verbose messages, etc.) is geared toward the dumb user (and equally dumb admins as those same approaches are used in the "enterprise" offerings).
The Windows approach is geared towards absolving the vendor of responsibility. They don't need to make things secure because if they just pop up a warning every 5 seconds and thus train the user to just "ok" everything that pops up it is suddenly the user's fault for ignoring the warning rather than the vendor's fault for not making stuff work relatively securely by default.
I agree that there is nothing wrong with self-signed certificates but if you don't want to confuse users then you can get an SSL certificate for about £50 per year, hardly a huge outlay for a business.
And there lies your bad assumption, that all websites are run by businesses. I would go so far to say that the *majority* of websites that I find useful are not run by businesses.
What use is encryption if you don't know who's on the other end?
Because setting up a MITM attack is quite a lot harder than just eavesdropping. Encryption stops the latter, authentication stops the former.
There are times when you need both (I'm not going to log into my bank if they haven't authenticated themselves to me), but for many uses encryption is Good Enough. Sure, it would be nice to have both, but this involves paying lots of money to a CA, which most people aren't going to do when they don't absolutely need authentication.
Well that makes no sense. AT&T should be taking no action unless somebody from 4chan calls them up and asks them to block the perceived source of the DDoS..
Sounds like you don't understand what's going on - please educate yourself.
4chan is being SYN flooded, various ISPs were getting a lot of collateral traffic from the resulting ACKs going back to spoofed IPs. Since those ISPs had nothing to do with either the attacker or 4chan, there was nothing they could do but pull the plug on the source of the collateral ACKs (4chan). i.e. the ISPs who blocked 4chan weren't trying to protect 4chan from an attack, they were protecting their own networks from the fallout.
Sadly, like you, the vast majority of users are clueless and won't investigate to see what is only going on. I'm sure there will be a kneejerk reaction against AT&T and the other ISPs who tried to protect themselves and everyone will make out that they are the bad guys.
Because with the introduction of HDTV we now have standards for both 50fps and 60fps that are both actively deployed in the same area, so the issue is now one that's on user-by-user basis, not a country-by-country basis. People who know each other and regularly play on each other's hardware are seeing differences now, not just people who travel from country to country.
Sounds like this comes down to people complaining that "this works better on my friends shiny new hardware - I want the same results without having to upgrade my 10 year old hardware". Clearly an utterly stupid complaint.
Certainly agree here. I've never understood why you would want more than this. Films run at 23.976fps, and you don't get many people complaining that the action is jittery. Most of us can't tell.
Well, I can certainly see the low frame rate of films compared to TV, particularly on panning shots. (No, 50 fields per second is not the same as 25 frames per second - in normal interlaced TV you do not get a single frame which takes 2 fields to display, each field usually comes from a separate distinct frame). But I can't seriously see many people being able to tell the difference between 50Hz and 60Hz, other than possibly the inherent flicker rather than the frame rate itself.
I fail to see, therefore, why games should need to run at any higher frame rate -- except for issues of poor design where stuff is only calculated once per frame that may need to actually be calculated more frequently than that.
Yes, I've long been astounded at gamers complaining that they can only run their game at 190FPS when their friend can get 200FPS - if your display is only running at 72Hz then who cares?
SD widescreen sets are still 720x576. All SD sets will then stretch the image to get the correct aspect ratio. A 4:3 set stretches 720x576 => 768x576; whilst a widescreen set stretches 720x576 => 1024x576.
Well not quite. There is no hard limit to the horizontal resolution of an analogue TV - the horizontal dimension isn't divided up into pixels, it is simply a continuously varying signal. If you're driving the TV off RF or composite then the horizontal resolution is restricted by the modulation (high horizontal frequencies will bleed into the chroma carrier, so the modulators will usually need to filter them out). SVideo, RGB and component shouldn't be affected by these limits, so you can drive your TV at pretty much whatever horizontal resolution you like - you're now limited by the internal components of the TV. (This applies in both 4:3 and anamorphic 16:9 resolutions, although it obviously makes sense to have square pixels if your TV can cope with being driven at that kind of resolution).
Of course, if you are using an inherently digital TV, such as LCD, DLP, etc. then the TV will sample the received signal into individual pixels, and depending on the TV it might have a fixed horizontal sample frequency, no matter what aspect ratio it is displaying.
I call bunkum. CRT PAL televisions have 625 lines of pixels regardless of their size.
No they don't. PAL gives you 576 interlaced lines of picture - the rest are in the vertical blanking interval and thus not displayable (generally used to send stuff like teletext, subtitles, etc).
Also, you'll find that, in order to make the resolution not seem quite as rubbish as it really is, different models of TVs will apply different amounts of blurring. This is why SD displayed on an HDTV can often look far worse than SD displayed on an SDTV.
Plus, the chromanance has a resolution far below that - PAL works by averaging lines together, so you get a chromanance resolution of somewhere in the 288 lines ballpark.
But what happens when the day comes that they have to distribute some GPL software with Windows?
Then they can do that. The GPL doesn't prevent them from doing this - what they can't do is link with GPLed binaries or use GPLed source code as part of a non-GPLed piece of software. Bundling stand-alone GPLed software with non-GPLed software is allowed.
That wouldn't be a problem. In my experience most users seem to turn on the "advanced" mode in software, even though they are totally incapable of using it.
I've never seen why so many people give them a bad time, after all they get you from A to B and are on time 90% of the time.
On the few occasions I've had to use the train, it has generally cost me in the order of £100 to do a journey that would cost me around £15 in the car. Needless to say, I use my car wherever possible.
At least by me, a telephone company can disconnect your line logically, but the line must ALWAYS be active for 911 (emergency) calls.
Not true in the UK. If you drop your phone subscription then your line will be _physically_ disconnected if they want to reuse that part of the exchange. It's is common enough that I am surprised when I find a disused phone line that hasn't been physically disconnected.
Actually it sounds like the UK is very much like the US.
I'm afraid you're wrong.
In most of the UK you can get a POTS line from BT. There are *many* ISPs that provide ADSL connections over BT POTS lines.
ADSL over BT lines is generally done in one of three ways:
IPStream: Basically, BT supplies the local loop, DSLAM and a backhaul to the ISP's datacentre. This generally works pretty well, although there are sometimes a few political problems when things go wrong (the usual blamestorming you expect when there are several companies involved with providing a service) and you're limited by the equipment BT have installed (generally 8Mbps down, 0.8Mbps up, plain old ADSL).
Datastream: more or less the same as IPStream except BT doesn't provide the backhaul (that's up to the ISP).
Local loop unbundling: BT provides nothing except the local loop - the ISP installs their own equipment and backhauls into the exchange. This means you're not limited to BT's ADSL equipment - ISPs can provide SDSL, ADSL2, etc.
In populated areas, you can often get services from NTL, who do telephone, cable TV and internet (usually cable modem, although sometimes ADSL/ADSL2).
Hull is a bit of an oddity because they don't have BT or NTL, they have a monopoly telco with their own ISP. I think they are governed by the same unbundling regulations as BT but in reality the market in Hull is too small for a national ISP to bother.
Like most people you didn't read up on Nuclear power before you posted.
Seems you didn't either...
Nuclear power isn't available in abundance. The TOTAL amount of Nuclear fuel on this world can sustain the current energy hunger for about 3-5 years.
Utter bullshit. The currently known reserves of U235 are enough to last around 80 years at current rates of consumption. Reprocessing the waste can greatly extend that, and those figures ignore reserves which haven't yet been discovered.
Those figures also ignore U238, which can be bred into Pu239. Known reserves of U238 are enough to last us tens of thousands of years.
Problem with this is that mining and processing the stuff actually cost lots of energy (and creates greenhouse gases).
Like most other power generation technologies. Did you think that mining coal took no energy?
In the short term this is a problem for most technologies. In the long term, much of the energy used for mining can come from nuclear power itself.
So a big part of the fuel will actualy cost more than it produces
Complete rubbish.
Combined with the massive amount of energy needed for building a Nuclear power station is neither green or any sort of real alternative.
Compare it to the amount of energy needed to build thousands of wind turbines, or enormous hydroelectric projects. Pretty much any large scale power generation project uses vast amounts of energy for construction - if you're going to damn nuclear on these grounds then you can damn pretty much everything else too and we'll all go back to living in caves.
It is not without reasen the government needs to put in massive amounts of money for a Nuclear station it cannot compete on costs.
Finally, a point with some truth. Yes, nuclear can't currently compete with the cost of fossil fuels. So the choice is that we either keep burning fossil fuels (potentially trashing the environment until they run out and then we'll have no choice anyway) or bite the bullet and decide that we can no longer afford to keep plugging away at the cheapest option.
(so it probably neither can on energy efficiency compared to fossil fuels)
I don't even know what you mean by this point. Efficiency of what exactly?
Microsoft is a big enough company that if they really felt that GPL was a problem, they could easily get 1 or 2 of their 50,000 odd developers to recode the little driver that was GPL'd.
Obviously they were fully aware of the implications of using it, and decided to instead of recoding the one driver, to publically release the entire thing under the GPL. That's hardly an "ulterior motive"
I'm not sure it's that simple. AIUI they had already released the driver under a combined licence, so were already infringing copyright. IANAL, but I'm not entirely sure that they could just cease distributing the code since it is already "out there" now - they probably _had_ to relicence the code they had already distributed to be legally in the clear.
So in the end Microsoft should write their own code and refrain from stealing open source code
They didn't steal anything, they violated copyright.
There really isn't any difference between the GPL and any other distribution licence in this regard - if you want to use someone else's work then you need to agree to the licence they provide which allows you to do so. The only real difference between open source licences and "commercial" licences in this regard is that you generally don't even get to see the source code before agreeing to a "commercial" licence so there is less scope for people to just use the code without agreeing to the licence.
Unlike Red Hat, Sun, Novel, IBM, etc which are just contributing to Linux and other open source through pure altruism!
True, but these companies generally collaborate with each other (these days) in a reasonably friendly way, whereas collaborating with MS has usually given a good chance of finding a knife sticking our of your back.
For the purposes of these discussions, where the preferences and behavior of millions of users are the topic, the terms "all" and "overwhelming majority" are equivalent and interchangeable.
Except they aren't equivalent at all, no matter how much statisticians and governments might want that to be true.
to the detriment of both readers and the serious contributors.
Debatable.
The photographers' ability to use Wikipedia for self-promotion is not contrary to any of the Wikipedia's stated purposes either.
Correct. And I never said it was contrary - it simply isn't part of Wikipedia's stated purpose, so expecting Wikipedia to change the rules so that it can be used for something that is nothing to do with the stated purpose is silly. I may as well demand that Wikipedia changes all the text on the site to purple because I want to promote the colour purple - it isn't one of the aims of Wikipedia and I would be stupid to expect them to commit to such a change.
If the "price" of getting higher quality illustrations is accepting images marked "Wikipedia only", then the illustrations are still free, and ought to be accepted.
You seem to be confused by the difference between Free (as in speech) and free (as in beer). A "Wikipedia only" licence is by no means Free, even if the content is provided gratis.
And that represents the vastly overwhelming majority of readers, who use the site for a quick reference and can't be bothered to check the permissions on the illustrations, much less to have an opinion on that...
In the words of Wikipedia, [citation needed].
In any case, even if it were true, why should Wikipedia care? You might suggest that a lot of Linux users don't care about Free software and therefore making the kernel non-Free would be fine - clearly a lot of people would find this utterly unacceptable (for very good reasons). Just because many (even a majority) don't care about something doesn't mean it's a good idea to throw it away.
You keep talking about how the majority must be catered for and the minority must be ignored. I sincerely hope you are never in charge of anything significant - that's a really slippery slope to making massively unsatisfactory concessions in order to cater to the lowest common denominator. Similar parallels can be drawn against technologies such as DRM (the majority of people don't care, so the minority that have serious concerns over such technologies must be ignored) and religion (the majority of people are of religion A, so the minority who are of religion B must be ignored).
(not that any of them ever would, mind you)
Wikipedia articles and images are re-used all over the place - you're deluding yourself if you think they aren't.
Please do not be under the illusion that your views universally apply to every Wikipedia reader, for they do not.
Well, you are under that illusion all day — why can't I be?
Where have I said that my views apply to every Wikipedia reader? In fact, I have fairly explicitly said that they do not. They apply to *me* (and many other Wikipedia readers, but certainly not all).
Slashdot Mirror
It doesn't expand because there is nothing to expand on unless you're filtering all packets rather than only those that have been identified as potentially spurious traffic.
Huh? Presumably by "potentially spurious traffic" you mean any SYN+ACK packets coming from the server that is being attacked? How are you going to identify which of those are legit and which aren't? You _do_ need to expand on this because frankly it is not clear how you would do this, given the problems I have already explained.
Yes, you block potentially legitimate SYN+ACK packets but considering this is a web host we're talking about.. when is the server going to be initiating connections?
The server is unlikely to be initiating connections. However, that is irrelevant since blocking SYN+ACK packets that the server sent would stop it *accepting* connections, not making them (and is exactly what the ISPs have been doing which you are complaining about!)
The point is, it is still blocking all the unwanted traffic through that link while still allowing people to access the site.
No... no it isn't - your choice is to either block *all* the SYN+ACK packets (and hence prevent anyone from connecting to the server) or somehow identify which are the legitimate ones and block everything else. The latter "solution" is something that you seem to think is easy but have failed to expand on how it could reasonably be done. All you have done is a bit of handwaving and stated that there is "nothing to expand" upon.
Issues about asymmetric routing are more applicable to the proxy approach
Wrong. The only way you are going to work out which SYN+ACK packets are legitimate is by watching the SYN packets leaving your network and then somehow distributing that information across all the routers that the SYN+ACK packets might take to enter your network. This is easy where you have symmetric routing since no distribution needs to be done, but in the case of asymmetric routing it is a hard problem.
Both of the above methods also suffer from the exact same problem that SYN cookies were invented to prevent - namely, there is a device on the network which has to remember the status of all the pending connections which may have been started by spoofed packets. Sure, your firewall is protecting the real server from seeing these spoofed packets, but the firewall itself will collapse under the load of tracking millions of half-open connections from an attacker.
Geez, you think hardware is the limiting factor?
Actually, yes. At the bandwidths you're talking about, you have to track a very large number of connections and look them up at extremely high speeds.
I'm just barely a layperson in these matters
It certainly shows. I'm a professional freelance network security consultant and software developer.
I don't mean to be disrespectful, but you appear to have seen someone saying "this is a solution" and accepted it more or less at face value rather than thinking it through to the logical conclusions and seeing why it is flawed and largely unworkable. This may be because you haven't had a lot of experience about how large networks, and the internet at large, work - I don't know.
You were doing so great until this bit. Or I hadn't realised that one of the biggest ISPs in the USA lacked the capability to do something as simple as filtering out unwanted ACKs.
That discussion appears to address 2 separate problems, both in infeasible ways:
1. Rejecting unsolicited ACKs - "SYN+ACK -> (check if your network requested it) -> (if yes) -> then -> ALLOW -> else (REJECT)":
It doesn't really expand on a method of doing this, but usually you would use connection tracking, whereby you remember the state of all connections running through the router. This is a pretty resource intensive setup and is nigh on unworkable in networks with asymmetric or non-deterministic routing. I.e. it isn't something that I would expect an ISP as big as AT&T to be able to implement, especially at the drop of a hat. Sure, it's easy enough to do on your home network, but it just ain't going to work at the ISP level without some *serious* effort.
2. Prevention of SYN floods by proxying the connection initialisation:
The method described here will lead to you being able to connect to *any* server, even if it isn't accepting connections. Only once the connection is fully established will the real server be contacted, whereupon you may well discover that the server doesn't accept connections on that port, or doesn't even exist. If my ISP pulled that kind of stunt, I'd be finding a new ISP as soon as possible and I would be advising my customers to do the same because messing with network traffic like that is going to cause all sorts of "weird shit" problems, cause software to use incorrect error messages when reporting failures and generally make debugging network issues absolute hell.
Both of the above methods also suffer from the exact same problem that SYN cookies were invented to prevent - namely, there is a device on the network which has to remember the status of all the pending connections which may have been started by spoofed packets. Sure, your firewall is protecting the real server from seeing these spoofed packets, but the firewall itself will collapse under the load of tracking millions of half-open connections from an attacker.
Or so DRM advocates would have you believe. Copyright law just doesn't read that way.
[Citation Needed] When I go into a shop and buy a book, I do not sign a licence agreement, I go to the cashier and say "I want to buy this book" and they accept some money in return. That constitutes purchasing the *book*, not a licence to the contents of the book. I did not purchase the copyright to the contents, so copyright law dictates that I can't make copies of the contents (except in certain explicitly allowed ways) but that doesn't detract from the fact that I purchased the actual book and can do whatever I like with it within the confines of the law - this includes reselling it, burning it or using it as cat litter.
Conversely, when you buy an eBook from Amazon, or a DRMed song from iTunes, you are purchasing a licence to use the content, not the content itself. The licence you are agreeing to contains many restrictions over and above what you would have if you had actually purchased the item instead of a licence, such as prohibiting reselling and allowing the licence to be revoked in the future.
It's more practical for them to do this than for them to burn customer copies of real books they sold, but it's no different in terms of copyrigh tlaw.
I'm pretty sure that if Amazon broke into my house, removed a book I had purchased and burned it then they would be guilty of breaking and entering, criminal damage and probably a number of other laws, whether or not they refunded my money.
I would go as far to say that the *majority* or websites don't need an SSL certificate. And for those that do £50 is hardly a great expenditure.
The majority of websites don't use SSL so your argument seems to be bunk anyway. Of those that do, a reasonable number are interested in encryption but uninterested in paying for a certificate, thus they use self signed certs, which do the job for free.
Why should people have to understand computers?
Security on the internet should be an inherent part of the system, not down to whether a five year old understands how a website can compromise the computer they are using.
In my opinion if you have to ask about a security cert then you should "just say no".
But really if the certificate doesn't add up, the site should be cut off at the router level.
You're going to cut off big chunks of the internet by that attitude - hobbiests, quite rightly, don't want to pay CAs for certificates for the websites they operate.
The Windows approach (as evident in UAC, warning dialogs, wizards, overly verbose messages, etc.) is geared toward the dumb user (and equally dumb admins as those same approaches are used in the "enterprise" offerings).
The Windows approach is geared towards absolving the vendor of responsibility. They don't need to make things secure because if they just pop up a warning every 5 seconds and thus train the user to just "ok" everything that pops up it is suddenly the user's fault for ignoring the warning rather than the vendor's fault for not making stuff work relatively securely by default.
I agree that there is nothing wrong with self-signed certificates but if you don't want to confuse users then you can get an SSL certificate for about £50 per year, hardly a huge outlay for a business.
And there lies your bad assumption, that all websites are run by businesses. I would go so far to say that the *majority* of websites that I find useful are not run by businesses.
What use is encryption if you don't know who's on the other end?
Because setting up a MITM attack is quite a lot harder than just eavesdropping. Encryption stops the latter, authentication stops the former.
There are times when you need both (I'm not going to log into my bank if they haven't authenticated themselves to me), but for many uses encryption is Good Enough. Sure, it would be nice to have both, but this involves paying lots of money to a CA, which most people aren't going to do when they don't absolutely need authentication.
BTW nice ham-fisted attempt to stem the tide of a DDoS botnet, dumbasses.
What would _you_ have done if you were in charge of AT&T's network?
Well that makes no sense. AT&T should be taking no action unless somebody from 4chan calls them up and asks them to block the perceived source of the DDoS..
Sounds like you don't understand what's going on - please educate yourself.
4chan is being SYN flooded, various ISPs were getting a lot of collateral traffic from the resulting ACKs going back to spoofed IPs. Since those ISPs had nothing to do with either the attacker or 4chan, there was nothing they could do but pull the plug on the source of the collateral ACKs (4chan). i.e. the ISPs who blocked 4chan weren't trying to protect 4chan from an attack, they were protecting their own networks from the fallout.
Sadly, like you, the vast majority of users are clueless and won't investigate to see what is only going on. I'm sure there will be a kneejerk reaction against AT&T and the other ISPs who tried to protect themselves and everyone will make out that they are the bad guys.
Because with the introduction of HDTV we now have standards for both 50fps and 60fps that are both actively deployed in the same area, so the issue is now one that's on user-by-user basis, not a country-by-country basis. People who know each other and regularly play on each other's hardware are seeing differences now, not just people who travel from country to country.
Sounds like this comes down to people complaining that "this works better on my friends shiny new hardware - I want the same results without having to upgrade my 10 year old hardware". Clearly an utterly stupid complaint.
Certainly agree here. I've never understood why you would want more than this. Films run at 23.976fps, and you don't get many people complaining that the action is jittery. Most of us can't tell.
Well, I can certainly see the low frame rate of films compared to TV, particularly on panning shots. (No, 50 fields per second is not the same as 25 frames per second - in normal interlaced TV you do not get a single frame which takes 2 fields to display, each field usually comes from a separate distinct frame). But I can't seriously see many people being able to tell the difference between 50Hz and 60Hz, other than possibly the inherent flicker rather than the frame rate itself.
I fail to see, therefore, why games should need to run at any higher frame rate -- except for issues of poor design where stuff is only calculated once per frame that may need to actually be calculated more frequently than that.
Yes, I've long been astounded at gamers complaining that they can only run their game at 190FPS when their friend can get 200FPS - if your display is only running at 72Hz then who cares?
SD widescreen sets are still 720x576. All SD sets will then stretch the image to get the correct aspect ratio. A 4:3 set stretches 720x576 => 768x576; whilst a widescreen set stretches 720x576 => 1024x576.
Well not quite. There is no hard limit to the horizontal resolution of an analogue TV - the horizontal dimension isn't divided up into pixels, it is simply a continuously varying signal. If you're driving the TV off RF or composite then the horizontal resolution is restricted by the modulation (high horizontal frequencies will bleed into the chroma carrier, so the modulators will usually need to filter them out). SVideo, RGB and component shouldn't be affected by these limits, so you can drive your TV at pretty much whatever horizontal resolution you like - you're now limited by the internal components of the TV. (This applies in both 4:3 and anamorphic 16:9 resolutions, although it obviously makes sense to have square pixels if your TV can cope with being driven at that kind of resolution).
Of course, if you are using an inherently digital TV, such as LCD, DLP, etc. then the TV will sample the received signal into individual pixels, and depending on the TV it might have a fixed horizontal sample frequency, no matter what aspect ratio it is displaying.
I call bunkum. CRT PAL televisions have 625 lines of pixels regardless of their size.
No they don't. PAL gives you 576 interlaced lines of picture - the rest are in the vertical blanking interval and thus not displayable (generally used to send stuff like teletext, subtitles, etc).
Also, you'll find that, in order to make the resolution not seem quite as rubbish as it really is, different models of TVs will apply different amounts of blurring. This is why SD displayed on an HDTV can often look far worse than SD displayed on an SDTV.
Plus, the chromanance has a resolution far below that - PAL works by averaging lines together, so you get a chromanance resolution of somewhere in the 288 lines ballpark.
People still have phonelines?
Yes, it's the thing that carries my ADSL.
But what happens when the day comes that they have to distribute some GPL software with Windows?
Then they can do that. The GPL doesn't prevent them from doing this - what they can't do is link with GPLed binaries or use GPLed source code as part of a non-GPLed piece of software. Bundling stand-alone GPLed software with non-GPLed software is allowed.
That wouldn't be a problem. In my experience most users seem to turn on the "advanced" mode in software, even though they are totally incapable of using it.
I've never seen why so many people give them a bad time, after all they get you from A to B and are on time 90% of the time.
On the few occasions I've had to use the train, it has generally cost me in the order of £100 to do a journey that would cost me around £15 in the car. Needless to say, I use my car wherever possible.
At least by me, a telephone company can disconnect your line logically, but the line must ALWAYS be active for 911 (emergency) calls.
Not true in the UK. If you drop your phone subscription then your line will be _physically_ disconnected if they want to reuse that part of the exchange. It's is common enough that I am surprised when I find a disused phone line that hasn't been physically disconnected.
The UK is the size of one US state. It's minuscule.
The whole area is tiny with lots of people crammed in. That's why trains work so well in Europe, lots of points of interests within a small area.
Anyone claiming the trains work in the UK clearly hasn't been here since they were privatised all those years ago...
Actually it sounds like the UK is very much like the US.
I'm afraid you're wrong.
In most of the UK you can get a POTS line from BT. There are *many* ISPs that provide ADSL connections over BT POTS lines.
ADSL over BT lines is generally done in one of three ways:
IPStream: Basically, BT supplies the local loop, DSLAM and a backhaul to the ISP's datacentre. This generally works pretty well, although there are sometimes a few political problems when things go wrong (the usual blamestorming you expect when there are several companies involved with providing a service) and you're limited by the equipment BT have installed (generally 8Mbps down, 0.8Mbps up, plain old ADSL).
Datastream: more or less the same as IPStream except BT doesn't provide the backhaul (that's up to the ISP).
Local loop unbundling: BT provides nothing except the local loop - the ISP installs their own equipment and backhauls into the exchange. This means you're not limited to BT's ADSL equipment - ISPs can provide SDSL, ADSL2, etc.
In populated areas, you can often get services from NTL, who do telephone, cable TV and internet (usually cable modem, although sometimes ADSL/ADSL2).
Hull is a bit of an oddity because they don't have BT or NTL, they have a monopoly telco with their own ISP. I think they are governed by the same unbundling regulations as BT but in reality the market in Hull is too small for a national ISP to bother.
Like most people you didn't read up on Nuclear power before you posted.
Seems you didn't either...
Nuclear power isn't available in abundance.
The TOTAL amount of Nuclear fuel on this world can sustain the current energy hunger for about 3-5 years.
Utter bullshit. The currently known reserves of U235 are enough to last around 80 years at current rates of consumption. Reprocessing the waste can greatly extend that, and those figures ignore reserves which haven't yet been discovered.
Those figures also ignore U238, which can be bred into Pu239. Known reserves of U238 are enough to last us tens of thousands of years.
Problem with this is that mining and processing the stuff actually cost lots of energy (and creates greenhouse gases).
Like most other power generation technologies. Did you think that mining coal took no energy?
In the short term this is a problem for most technologies. In the long term, much of the energy used for mining can come from nuclear power itself.
So a big part of the fuel will actualy cost more than it produces
Complete rubbish.
Combined with the massive amount of energy needed for building a Nuclear power station is neither green or any sort of real alternative.
Compare it to the amount of energy needed to build thousands of wind turbines, or enormous hydroelectric projects. Pretty much any large scale power generation project uses vast amounts of energy for construction - if you're going to damn nuclear on these grounds then you can damn pretty much everything else too and we'll all go back to living in caves.
It is not without reasen the government needs to put in massive amounts of money for a Nuclear station it cannot compete on costs.
Finally, a point with some truth. Yes, nuclear can't currently compete with the cost of fossil fuels. So the choice is that we either keep burning fossil fuels (potentially trashing the environment until they run out and then we'll have no choice anyway) or bite the bullet and decide that we can no longer afford to keep plugging away at the cheapest option.
(so it probably neither can on energy efficiency compared to fossil fuels)
I don't even know what you mean by this point. Efficiency of what exactly?
Microsoft is a big enough company that if they really felt that GPL was a problem, they could easily get 1 or 2 of their 50,000 odd developers to recode the little driver that was GPL'd.
Obviously they were fully aware of the implications of using it, and decided to instead of recoding the one driver, to publically release the entire thing under the GPL. That's hardly an "ulterior motive"
I'm not sure it's that simple. AIUI they had already released the driver under a combined licence, so were already infringing copyright. IANAL, but I'm not entirely sure that they could just cease distributing the code since it is already "out there" now - they probably _had_ to relicence the code they had already distributed to be legally in the clear.
So in the end Microsoft should write their own code and refrain from stealing open source code
They didn't steal anything, they violated copyright.
There really isn't any difference between the GPL and any other distribution licence in this regard - if you want to use someone else's work then you need to agree to the licence they provide which allows you to do so. The only real difference between open source licences and "commercial" licences in this regard is that you generally don't even get to see the source code before agreeing to a "commercial" licence so there is less scope for people to just use the code without agreeing to the licence.
Unlike Red Hat, Sun, Novel, IBM, etc which are just contributing to Linux and other open source through pure altruism!
True, but these companies generally collaborate with each other (these days) in a reasonably friendly way, whereas collaborating with MS has usually given a good chance of finding a knife sticking our of your back.
For the purposes of these discussions, where the preferences and behavior of millions of users are the topic, the terms "all" and "overwhelming majority" are equivalent and interchangeable.
Except they aren't equivalent at all, no matter how much statisticians and governments might want that to be true.
to the detriment of both readers and the serious contributors.
Debatable.
The photographers' ability to use Wikipedia for self-promotion is not contrary to any of the Wikipedia's stated purposes either.
Correct. And I never said it was contrary - it simply isn't part of Wikipedia's stated purpose, so expecting Wikipedia to change the rules so that it can be used for something that is nothing to do with the stated purpose is silly. I may as well demand that Wikipedia changes all the text on the site to purple because I want to promote the colour purple - it isn't one of the aims of Wikipedia and I would be stupid to expect them to commit to such a change.
If the "price" of getting higher quality illustrations is accepting images marked "Wikipedia only", then the illustrations are still free, and ought to be accepted.
You seem to be confused by the difference between Free (as in speech) and free (as in beer). A "Wikipedia only" licence is by no means Free, even if the content is provided gratis.
And that represents the vastly overwhelming majority of readers, who use the site for a quick reference and can't be bothered to check the permissions on the illustrations, much less to have an opinion on that...
In the words of Wikipedia, [citation needed].
In any case, even if it were true, why should Wikipedia care? You might suggest that a lot of Linux users don't care about Free software and therefore making the kernel non-Free would be fine - clearly a lot of people would find this utterly unacceptable (for very good reasons). Just because many (even a majority) don't care about something doesn't mean it's a good idea to throw it away.
You keep talking about how the majority must be catered for and the minority must be ignored. I sincerely hope you are never in charge of anything significant - that's a really slippery slope to making massively unsatisfactory concessions in order to cater to the lowest common denominator. Similar parallels can be drawn against technologies such as DRM (the majority of people don't care, so the minority that have serious concerns over such technologies must be ignored) and religion (the majority of people are of religion A, so the minority who are of religion B must be ignored).
(not that any of them ever would, mind you)
Wikipedia articles and images are re-used all over the place - you're deluding yourself if you think they aren't.
Please do not be under the illusion that your views universally apply to every Wikipedia reader, for they do not.
Well, you are under that illusion all day — why can't I be?
Where have I said that my views apply to every Wikipedia reader? In fact, I have fairly explicitly said that they do not. They apply to *me* (and many other Wikipedia readers, but certainly not all).