They will never recommend the use of something they don't understand as they will have to retrain and/or find themselves looking for another job.
There's a lot of the "better the devil you know" element to it - if they opt to throw away Windows in favor of a new system that none of the staff know and it goes tits-up they will be for the high jump. Everyone knows Windows is a heap of crap and accepts it. If you put in a new system which turns out "worse", then you're in trouble from everyone who has to use it. (Where "worse" may simply be "doesn't run application X").
It is my belief that teaching 'The Windows way' is harmful to my children's education, they would be much better served by learning software that conforms to true standards and that fosters a real understanding of the principles involved in IT rather than simple button clicking.
I'd agree with that. I've seen too many people take one look at a machine running Gnome and walk away without even trying to use it, even if they only wanted to browse the web or something, and even if there are plenty of people around to show them how to use it. These days, everyone is learning Windows by rote and as a result is never gaining the simple problem solving abilities needed to transfer their skills to another system, no matter how similar the systems are. And of course, these skill transferrance abilities are fairly important, not least because even the interfaces on Windows and common applications change drastically between versions.
Back when I was at school we used Acorns - originally BBC's and then RiscOS machines. At the time I really didn't see the point in learning a system that I would never need in the real world. However, many years on my view point has changed significantly and I can see that learning one system and then having to adapt to another helps you learn how to transfer skills to a different platform.
IMHO, the national curriculum should dictate that schools teach IT across several platforms - e.g. Windows, OS X, Linux, so that pupils learn how to deal with things that don't work _exactly_ as they had previously learnt, and broadens their awareness of more than one OS. Unfortunately, without an injection of cash there's no way the schools could afford the equipment, sysadmins and training for the teachers.
The really sad thing is that people look at the special educational pricing that MS provide and see it as nothing but a good thing because after all, it's helping the education of the kids. Very few people see the danger of letting a single company dictate what children are taught.
I imagine the supported broadcast resolution is quite open-ended, since you can pretty much define any resolution you want using MPEG2.
But it takes more CPU to decode higher resolution videos - if your HDTV doesn't have the decoding horsepower, it's not going to be able to decode and downscale a higher resolution video unless you do some magic to split the data up so it doesn't have to know or care about the extra resolution.
If you could use a more advanced encoding scheme, or change over to.h264, you could almost certainly move up in resolution - but I doubt standards will change anytime soon. I'd say expect the next big change in 30-40 years.
Here in the UK, all the HDTV channels have used H.264 since day 1. However, we don't have terrestrial HDTV (unless you count the BBC trial that's been going on in London) - all the HDTV channels are delivered using DVB-S, DVB-S2 or propriatory cable TV networks (NTL, Telewest). Frankly, I think that delivering HDTV terrestrially is a crazy idea because we just don't have the bandwidth, and really the only people who need terrestrial TV are people on portable TVs (who needs a 1080p 15" telly?) since almost everyone else has the option to point a small dish at Astra 2.
Of course, my Athlon XP 2100+ is nowhere near powerful enough to decode the BBC's H.264 stream in real time - I have to transcode it before watching.
Who wants to predict howlong it will take for those old fashion 1080P sets to become outdated
I would be interested to know if there is any provision for HDTVs handling higher resolution/bandwidth signals. I.e. is it possible for the broadcasters to transmit 2160p signals and for all the current (1080 and 720) systems to be able to receive it and down-scale? I imagine this isn't possible (decoding 1080p H.264+ takes enough CPU already, I dread to think how much CPU it takes to decode 2160p), but when broadcasters eventually want to go beyond 1080p it seems like an awful waste of bandwidth to transmit both versions independently. Maybe there is some scope for transmitting 1080p signals and then just transmitting some extra data in a separate stream which can be mathematically combined to produce the extra resolution?
Basically, you cannot seek accurately on an audio CD - you can ask to seek to a specific frame and the player will land you somewhere in that frame, but not necessarily at the beginning. So 2 rips of the same track may be absolutely identical except for the fact that one starts a few samples earlier than the other. To compare them you would have to align the tracks against each other and trim them to the same length.
You can't just buy an add-on device for HDCP, it has to be right inside the monitor, because the data stream must be encrypted right until it reaches the pixels.
You may be shocked to realize that Firefox plugins and extensions don't run in any sandbox at all. They in fact have access to any resource Firefox has, which on a Windows machine is usually administrator capabilities.
You don't need to sandbox the plugin itself - you need to sandbox any code the plugin downloads and executes. For example, a Java VM plugin is not in a sandbox, however *it* sandboxes the bytecode itself - the VM restricts what the code can do. On the other hand, ActiveX failed to do this since it provided functions to access every aspect of the host environment.
So this isn't anything to do with insecurities in the browser, this is down to insecurities in the plugin. Any firefox plugin that allows anything downloaded from the web to execute arbitrary commands on the host would be considered similarly insecure.
to think that Acer and others have not been doing this for years?
I was recently setting up my dad's brand new Dell desktop and was absolutely stunned at the amount of complete shit that was preloaded onto the machine (how is it a good customer experience when the first thing you see when turning on a brand new machines are a truck-load of popups asking you to register this, try that, pay for the other?).
A quick look at netstat showed an awful lot of the preloaded software was phoning home (e.g. there was some stuff continually telling some servers at Dell that the machine was connected to the Internet).
Added to this was when NTL told him he needed to use their installation CD in order to use the cable modem (he didn't need to do this at all - he could've just plugged in and powercycled the cable modem) which installed a crap load of software he didn't need, which then went on to break spectacularly as soon as Microsoft pushed IE7 out.
Oh, and I was also amused at McAffee complaining about using SSL to send and receive email because it can't virus scan it. It recommended using unencrypted connections - what kind of security software _advises_ people to send all their authentication details in the clear over an untrusted network?
Because the "damage" they cause is very small, and virtual in nature (an annoyance at most.)
This is untrue - botnets can and do cause real financial damage to organisations when they DDoS servers.
I'd also like to add another group of people who should be held responsible: ISPs. No, it's not the ISP's fault that someone got compromised so they shouldn't be held liable for that, but they should be held liable for completely ignoring abuse reports lodged against one of their customers. Most ISPs completely ignore any abuse report (and often make it quite hard to even report the abuse in the first place) - instead, they should be dropping a customer's whole Internet connection until the customer sorts their system out.
It wouldn't be especially hard for ISPs to automatically examine traffic patterns, identify malware signatures and drop all traffic for any users who are infected. And it's easy enough to redirect all their web requests at a web page providing the tools they need to use to clean up their computer.
Note: I'm not a Windows expert - I try my level best to avoid touching Windows.
I believe that many of them are services the machine itself needs. However, that sort of stuff does not need to be network reachable so really should be bound to the loopback interface only.
My website is protected by a firewall but it still receives millions of hits and several hundred thousand pageviews. It's safe to say its quite visible and I wish it to remain so.
I have to ask the question - why do you think you need a firewall on a machine that is only running internet-visible services? A firewall adds a layer of protection against cockups (e.g. accidentally starting a service that shouldn't be running, etc) but if there's a service listening on a port which you have blocked through the firewall you really need to be asking yourself _why_ you have that service listening.
Last time I looked at XP Home, it had a scary amount of stuff listening for connections from anywhere by default - there's really no reason for this. If a service is required for the machine itself (i.e. no one else on the network) it should be bound to the loopback interface instead of binding to all interfaces.
The Manchester Computing super-computing centre is located under a little terraced area with a pond in the middle, and someone (jokingly, I hope) told me this was so that a fire would cause a load of water to be emptied on to the source.
Water is commonly used for fire suppression in data centres these days (although it won't come from a pond). When a fire is detected, automatically kill the power and douse the area with a fine mist of deionised water. It's very effective, generally doesn't damage equipment and (unlike halon) is safe for any people who are in the area and is environmentally friendly.
this is a pretty obvious efect of masquerading NAT. anything with a callback does not work, transparently.
Why do you not consider this a problem?
most protocols that do require a callback, allow the users to configure the outward ip.
So in an effort to keep things simple for the ISP's clueless netadmins, the ISP is making things more complex for their customers - now instead of things Just Working the user has to do some custom configuration of each piece of software. Setting a specific external address will also break anything *not* going through the NAT, so you better be sure you NAT everything, even if it's staying within the ISP's network.
Not to mention the nasty tweaks that need to be done to DNS to ensure that all A RRs resolve to the correct address (outside the ISP the A RRs need to resolve to the global scope address, inside the ISP they need to resolve to the RFC1918 address). Also a similar arrangement needs to be made for PTR RRs to ensure the addresses resolve to the same name.
i dont know what problems you have had in the past, but for a small ISP NAT can be a real lifesaver.
You can guarantee that I wouldn't remain a customer of an ISP that forces me through a NAT and I would strongly advise all my customers to avoid using such an ISP. NAT causes a *lot* of problems and frankly I don't have time to sort out applications that either don't work or require custom configuration just because of the ISP cutting corners.
it's nothing bad to use NAT when the company cannot afford ip space.
I don't know what sort of joke of an ISP can't afford IP space. That's more or less equivalent to a baker who can't afford flour. Any ISP employing NAT in this way is going to spend more on customer support staff to deal with the problems it creates than they would've spent on the IP space in the first place.
Seriously - if you think that it's easier to set up a network that employs NAT on it's edge instead of running a fully routed transparent network you need to investigate automated routing protocols such as OSPF.
You keep claiming that using NAT saves a large amount of IP network space, but I honestly can't see how it creates a significant saving if you're going to provide 1:1 mapping between all your RFC1918 addresses and the global scope addresses.
You also need to take steps to ensure that no RFC1918 addresses are leaked and this will undoubtedly cause significant problems with any network diagnostics since the usual tools such as traceroute, ping, etc will likely produce erroneous, incomplete and confusing output.
that is technically wrong. there is nothing that NAT breaks. i think you might be confusing masquerading with NAT. nat is just network address translation
However you use it, NAT rewrites the addresses on packets - this _does_ cause problems for anything that relies on the packets getting to the other end unchanged.
If the source address of the packet has been rewritten and the recipient of that packet expects to be able to contact the sender on that address, it will not work unless the NAT has specific knowledge about the protocol and can therefore apply the appropriate translations to the packets it receives.
Similarly, if the protocol contains IP addressing information encapsulated within the payload (examples of this include SIP, ESP, AH, FTP) that information may be invalid if the address's scope is restricted unless the NAT has enough knowledge of the protocol to rewrite the payload as well as the IP header (this is not possible in the case of ESP and AH since it would need knowledge of the private keys).
This applies to *any* form of NAT.
NAT is highly useful in large ISPs where blocks or single IP addresses can easily be maintained without loosing slack IP addresses as part of a CIDR block where excess was originally allocated.
of course if you think it's better to over allocate and loose IP addresses because you want a full, traditionally routed network then that's up to you.
The above sentences do not make sense. In fact, they still don't make sense if I assume you mean "lose" rather than "loose".
There is no loss of IP addresses involved in allocating small subnets and no requirement to over allocate (other than the usual BGP routing filters which will prevent routes smaller than/20 being propagated).
much of the internet community only use web and email. i would say 10% might use other things too that require a public IP address to communicate
That 10% is set to increase with the growth of peer to peer technologies. It is not the ISP's job to restrict the technologies their customers choose to use.
in these cases it's easy to do 1:1 NAT (BINAT, S/DNAT etc) to achieve this, whilst letting the customer continue with a private IP address.
And this will _still_ cause problems for a lot of protocols since your local IP address will never match the address you present to the rest of the internet. Even worse: depending on how the ISP has set up the routing you may be presenting one IP address to other customers of the ISP and a completely different IP address to everyone else.
This makes life incredibly easy for the network infrastructure people.
This makes life incredibly difficult for the end users. If the network administrators can't deal with setting up a network without the need for NAT then they need to be fired and replaced by people who know how to use the well established tools that automatically sort out stuff like routing for you - it's really not that hard.
Having installed and maintained a lot of large IP networks over many years, I've dealt with both networks that employ NAT extensively and completely NAT-free networks. In my experience, NAT causes a lot more problems than it solves and I would opt for the NAT-free option every time, given a choice. The only exception to this is for certain load sharing and fail-over situations where NAT can prove useful so long as it's use has been well thought out.
this is a good thing as it's easier for the ISP to organise their own network infrastructure space.
I'm sorry but NAT is never a good thing since it breaks the peer-to-peer design of the internet, rendering peer-to-peer applications such as VoIP, bittorrent, etc. difficult or impossible to use.
Additionally, RFC1918 addresses are of site-local scope - i.e. they are reserved for use on a LAN. Using them on a WAN is bad since it leads to addressing conflicts with people who are using the networks in their intended scope. There is no good reason to abuse RFC1918 networks in this way - global scope IPv4 addresses are not that scarce yet.
I too find it ironic that the English bitch so much about the US being a dominant super power when Great Britain used to be a much more dominating and way more savage super power than the US is.
The key words there are "used to be".
The US is reacting to terrorism in a frighteningly similar manner to the way the Brits reacted to the struggle by nationalists in Ireland.
The US seem to be assuming that *everyone* is a criminal. This is very different to screening a specific group of people.
Also, the IRA situation was handled very differently to the way both the UK and the US are handling the current threat - in the IRA days everyone was determined not to let the terrorists dictate how we live our lives but these days terrorist threats are hyped up in order to push a government agenda which a large chunk of the electorate do not want.
I like to quote Bill Hicks in saying that all Governments are liars and murderers.
Absolutely. The UK is almost as bad as the US in these matters (I have lived all my life in the UK). Joining the US in conquering a sovereign state in contravention of international law was pretty much the worst thing the UK government could do - the UK people didn't want the war and aligning ourselves with the US has made the UK a target for "terrorists" (I use scare-quotes because I don't believe what terrorists do is fundamentally any different to what the US and UK have done in Iraq).
I would be very surprised if Labour are reelected next time around after repeatedly disregarding public opinion and breaking election promises. Unfortunately, the Conservatives aren't much better and there's no way the Lib Dems will get elected whilst the electorate play at tactical voting instead of voting for who they actually want.
In reality, democracy is such a flawed system, I don't see what right anyone has to force it upon another country, yet Western governments keep meddling in everyone else's affairs in an effort to propagate it.
A landline phone uses less electricity (so costs less to run)
This very much depends on your landline phone. I'd be surprised if there was much difference in power usage between a DECT phone and an 802.11 SIP phone.
A landline phone has a guaranteed quality of service
Dependent on your service provider. If you have the right equipment an IP phone provides similar QoS.
A landline phone is very cheap to buy.
Also dependent on the type of phone you buy - you can get POTS phones from anywhere around £5 up to £250 or more. At the low cost end you're probably right - you can't get an IP phone for much less than £40, but at the top end there's not much difference.
A landline phone can have free calls depending on package
I'm not sure how this is at all different to any other type of phone - be it IP, GSM, ISDN, etc.
An IP phone uses more power.
We already covered this one (above).
An IP phone can be hacked.
Presumably you mean "cracked"? An 802.11 phone with WPA turned on is far less open to cracking than a DECT phone. Also, have you never heard of POTS wire tapping? it's quite easy to do with a pair of wire cutters and an earphone...
An IP phone doesn't have guaranteed QOS nor does it have a guaranteed working emergency number.
Again, we covered this above - if you're using the right equipment and a good service provider then you can guarantee the same level of QoS as any POTS phone.
So geek boy with your business poser phone , those are my pros and cons , lets hear yours.
IP phones are used in many office buildings since they reduce the amount of wiring required (you only require a single cat5e network rather than a separate set of twisted pairs for the phone system).
Also, people who travel a lot quite like IP phones since they can make calls from the hotel network without having to pay the high telephone charges that hotels like to charge.
Most electronic power supplies, at least those sold in the USA, have terrible power factors.
European laws require devices to have power factor correction circuits, so this is less of a problem in the EU. (It's slightly crazy to sell something as "energy saving" if it has a bad power factor doncha think?).
Although I still wonder why they'd even make a plastic "ground" prong.
Cost, I imagine. It's cheaper to mould a plastic pin onto the plug rather than have a metal pin which has been left unconnected. British plugs require a pin for "earth", even if it isn't connected, since the earth pin opens the shutters on the live/neutral connections.
I've seen a lot of American posts claiming that the shutters are a very bad idea since they always get stuck and result in the dangerous action of poking something into the socket to open them manually. I'd have to say that this is a completely bogus argument - the shutters are a very good idea to keep the live pin from being exposed and I've never had any problem with them becoming stuck (I've lived in the UK my whole life). The only time I've poked anything into the earth connection to open the shutters is when plugging european plugs into UK sockets (they do fit, but have no earth pin and you probably shouldn't draw large currents since they are round pins rather than rectangular).
Mathematically, too, you can actually map all of the Real numbers, 1:1, in the space between 0.0 through 1.0
How does that work then? Sure, you can map all real numbers _between predefined values_ - i.e. I can map all real numbers between 0-5 to 0-1 by dividing by 5. However, the continuum of real numbers extends from -infinity to +infinity - dividing by any finite value is still going to result in a continuum of real numbers between -inf and +inf.
My mozilla from a year-or-so ago has this setting where it ask you about each cookie being set. it can then remember the setting for this website. Maybe you should learn about or change your browser.
For some crazy reason, FireFox 2 has now removed this option - I had to go poking around in about:config to turn it back on.:(
What Microsoft doesn't (and can't short of reverse engineering) write drivers for are pieces of proprietary hardware.
Maybe MS should join the FOSS developers in pushing hardware manufacturers into providing open hardware specs. Admittedly they probably don't want to be stuck writing drivers for every little piece of hardware, but on the other hand they are getting royally stuffed in terms of stability by all the crumby half-arsed drivers being produced by hardware manufacturers. (And this is exactly why the Free software community doesn't like binary drivers - they cause all sorts of random stability problems and the manufacturers don't care).
Slashdot Mirror
They will never recommend the use of something they don't understand as they will have to retrain and/or find themselves looking for another job.
There's a lot of the "better the devil you know" element to it - if they opt to throw away Windows in favor of a new system that none of the staff know and it goes tits-up they will be for the high jump. Everyone knows Windows is a heap of crap and accepts it. If you put in a new system which turns out "worse", then you're in trouble from everyone who has to use it. (Where "worse" may simply be "doesn't run application X").
It is my belief that teaching 'The Windows way' is harmful to my children's education, they would be much better served by learning software that conforms to true standards and that fosters a real understanding of the principles involved in IT rather than simple button clicking.
I'd agree with that. I've seen too many people take one look at a machine running Gnome and walk away without even trying to use it, even if they only wanted to browse the web or something, and even if there are plenty of people around to show them how to use it. These days, everyone is learning Windows by rote and as a result is never gaining the simple problem solving abilities needed to transfer their skills to another system, no matter how similar the systems are. And of course, these skill transferrance abilities are fairly important, not least because even the interfaces on Windows and common applications change drastically between versions.
Back when I was at school we used Acorns - originally BBC's and then RiscOS machines. At the time I really didn't see the point in learning a system that I would never need in the real world. However, many years on my view point has changed significantly and I can see that learning one system and then having to adapt to another helps you learn how to transfer skills to a different platform.
IMHO, the national curriculum should dictate that schools teach IT across several platforms - e.g. Windows, OS X, Linux, so that pupils learn how to deal with things that don't work _exactly_ as they had previously learnt, and broadens their awareness of more than one OS. Unfortunately, without an injection of cash there's no way the schools could afford the equipment, sysadmins and training for the teachers.
The really sad thing is that people look at the special educational pricing that MS provide and see it as nothing but a good thing because after all, it's helping the education of the kids. Very few people see the danger of letting a single company dictate what children are taught.
Don't they all come preloaded with OS X? Not exactly a blank slate...
I imagine the supported broadcast resolution is quite open-ended, since you can pretty much define any resolution you want using MPEG2.
.h264, you could almost certainly move up in resolution - but I doubt standards will change anytime soon. I'd say expect the next big change in 30-40 years.
But it takes more CPU to decode higher resolution videos - if your HDTV doesn't have the decoding horsepower, it's not going to be able to decode and downscale a higher resolution video unless you do some magic to split the data up so it doesn't have to know or care about the extra resolution.
If you could use a more advanced encoding scheme, or change over to
Here in the UK, all the HDTV channels have used H.264 since day 1. However, we don't have terrestrial HDTV (unless you count the BBC trial that's been going on in London) - all the HDTV channels are delivered using DVB-S, DVB-S2 or propriatory cable TV networks (NTL, Telewest). Frankly, I think that delivering HDTV terrestrially is a crazy idea because we just don't have the bandwidth, and really the only people who need terrestrial TV are people on portable TVs (who needs a 1080p 15" telly?) since almost everyone else has the option to point a small dish at Astra 2.
Of course, my Athlon XP 2100+ is nowhere near powerful enough to decode the BBC's H.264 stream in real time - I have to transcode it before watching.
Who wants to predict howlong it will take for those old fashion 1080P sets to become outdated
I would be interested to know if there is any provision for HDTVs handling higher resolution/bandwidth signals. I.e. is it possible for the broadcasters to transmit 2160p signals and for all the current (1080 and 720) systems to be able to receive it and down-scale? I imagine this isn't possible (decoding 1080p H.264+ takes enough CPU already, I dread to think how much CPU it takes to decode 2160p), but when broadcasters eventually want to go beyond 1080p it seems like an awful waste of bandwidth to transmit both versions independently. Maybe there is some scope for transmitting 1080p signals and then just transmitting some extra data in a separate stream which can be mathematically combined to produce the extra resolution?
I've ripped audio tracks via the two different DVD drives in my PC, and they came out very slightly differently.
The CDParanoia FAQ explains this.
Basically, you cannot seek accurately on an audio CD - you can ask to seek to a specific frame and the player will land you somewhere in that frame, but not necessarily at the beginning. So 2 rips of the same track may be absolutely identical except for the fact that one starts a few samples earlier than the other. To compare them you would have to align the tracks against each other and trim them to the same length.
You can't just buy an add-on device for HDCP, it has to be right inside the monitor, because the data stream must be encrypted right until it reaches the pixels.
That's what they want you to think. In reality it's untrue - flaws were discovered with HDCP's encryption in 2001 (http://en.wikipedia.org/wiki/HDCP#Cryptanalysis) and you can buy devices that strip the encryption and give you a plain HDMI/DVI output.
You may be shocked to realize that Firefox plugins and extensions don't run in any sandbox at all. They in fact have access to any resource Firefox has, which on a Windows machine is usually administrator capabilities.
You don't need to sandbox the plugin itself - you need to sandbox any code the plugin downloads and executes. For example, a Java VM plugin is not in a sandbox, however *it* sandboxes the bytecode itself - the VM restricts what the code can do. On the other hand, ActiveX failed to do this since it provided functions to access every aspect of the host environment.
So this isn't anything to do with insecurities in the browser, this is down to insecurities in the plugin. Any firefox plugin that allows anything downloaded from the web to execute arbitrary commands on the host would be considered similarly insecure.
to think that Acer and others have not been doing this for years?
I was recently setting up my dad's brand new Dell desktop and was absolutely stunned at the amount of complete shit that was preloaded onto the machine (how is it a good customer experience when the first thing you see when turning on a brand new machines are a truck-load of popups asking you to register this, try that, pay for the other?).
A quick look at netstat showed an awful lot of the preloaded software was phoning home (e.g. there was some stuff continually telling some servers at Dell that the machine was connected to the Internet).
Added to this was when NTL told him he needed to use their installation CD in order to use the cable modem (he didn't need to do this at all - he could've just plugged in and powercycled the cable modem) which installed a crap load of software he didn't need, which then went on to break spectacularly as soon as Microsoft pushed IE7 out.
Oh, and I was also amused at McAffee complaining about using SSL to send and receive email because it can't virus scan it. It recommended using unencrypted connections - what kind of security software _advises_ people to send all their authentication details in the clear over an untrusted network?
Because the "damage" they cause is very small, and virtual in nature (an annoyance at most.)
This is untrue - botnets can and do cause real financial damage to organisations when they DDoS servers.
I'd also like to add another group of people who should be held responsible: ISPs. No, it's not the ISP's fault that someone got compromised so they shouldn't be held liable for that, but they should be held liable for completely ignoring abuse reports lodged against one of their customers. Most ISPs completely ignore any abuse report (and often make it quite hard to even report the abuse in the first place) - instead, they should be dropping a customer's whole Internet connection until the customer sorts their system out.
It wouldn't be especially hard for ISPs to automatically examine traffic patterns, identify malware signatures and drop all traffic for any users who are infected. And it's easy enough to redirect all their web requests at a web page providing the tools they need to use to clean up their computer.
Why, then, does MS persist in leaving them open?
Note: I'm not a Windows expert - I try my level best to avoid touching Windows.
I believe that many of them are services the machine itself needs. However, that sort of stuff does not need to be network reachable so really should be bound to the loopback interface only.
My website is protected by a firewall but it still receives millions of hits and several hundred thousand pageviews. It's safe to say its quite visible and I wish it to remain so.
I have to ask the question - why do you think you need a firewall on a machine that is only running internet-visible services? A firewall adds a layer of protection against cockups (e.g. accidentally starting a service that shouldn't be running, etc) but if there's a service listening on a port which you have blocked through the firewall you really need to be asking yourself _why_ you have that service listening.
Last time I looked at XP Home, it had a scary amount of stuff listening for connections from anywhere by default - there's really no reason for this. If a service is required for the machine itself (i.e. no one else on the network) it should be bound to the loopback interface instead of binding to all interfaces.
The Manchester Computing super-computing centre is located under a little terraced area with a pond in the middle, and someone (jokingly, I hope) told me this was so that a fire would cause a load of water to be emptied on to the source.
Water is commonly used for fire suppression in data centres these days (although it won't come from a pond). When a fire is detected, automatically kill the power and douse the area with a fine mist of deionised water. It's very effective, generally doesn't damage equipment and (unlike halon) is safe for any people who are in the area and is environmentally friendly.
Lots of us are loaded with dimmers, so you can now get Dimmable CFL!
:(
Philips have done dimmable CFLs in the US for a while now. Sadly I haven't found any available in the UK.
this is a pretty obvious efect of masquerading NAT. anything with a callback does not work, transparently.
Why do you not consider this a problem?
most protocols that do require a callback, allow the users to configure the outward ip.
So in an effort to keep things simple for the ISP's clueless netadmins, the ISP is making things more complex for their customers - now instead of things Just Working the user has to do some custom configuration of each piece of software. Setting a specific external address will also break anything *not* going through the NAT, so you better be sure you NAT everything, even if it's staying within the ISP's network.
Not to mention the nasty tweaks that need to be done to DNS to ensure that all A RRs resolve to the correct address (outside the ISP the A RRs need to resolve to the global scope address, inside the ISP they need to resolve to the RFC1918 address). Also a similar arrangement needs to be made for PTR RRs to ensure the addresses resolve to the same name.
i dont know what problems you have had in the past, but for a small ISP NAT can be a real lifesaver.
You can guarantee that I wouldn't remain a customer of an ISP that forces me through a NAT and I would strongly advise all my customers to avoid using such an ISP. NAT causes a *lot* of problems and frankly I don't have time to sort out applications that either don't work or require custom configuration just because of the ISP cutting corners.
it's nothing bad to use NAT when the company cannot afford ip space.
I don't know what sort of joke of an ISP can't afford IP space. That's more or less equivalent to a baker who can't afford flour. Any ISP employing NAT in this way is going to spend more on customer support staff to deal with the problems it creates than they would've spent on the IP space in the first place.
Seriously - if you think that it's easier to set up a network that employs NAT on it's edge instead of running a fully routed transparent network you need to investigate automated routing protocols such as OSPF.
You keep claiming that using NAT saves a large amount of IP network space, but I honestly can't see how it creates a significant saving if you're going to provide 1:1 mapping between all your RFC1918 addresses and the global scope addresses.
You also need to take steps to ensure that no RFC1918 addresses are leaked and this will undoubtedly cause significant problems with any network diagnostics since the usual tools such as traceroute, ping, etc will likely produce erroneous, incomplete and confusing output.
that is technically wrong. there is nothing that NAT breaks. i think you might be confusing masquerading with NAT. nat is just network address translation
/20 being propagated).
However you use it, NAT rewrites the addresses on packets - this _does_ cause problems for anything that relies on the packets getting to the other end unchanged.
If the source address of the packet has been rewritten and the recipient of that packet expects to be able to contact the sender on that address, it will not work unless the NAT has specific knowledge about the protocol and can therefore apply the appropriate translations to the packets it receives.
Similarly, if the protocol contains IP addressing information encapsulated within the payload (examples of this include SIP, ESP, AH, FTP) that information may be invalid if the address's scope is restricted unless the NAT has enough knowledge of the protocol to rewrite the payload as well as the IP header (this is not possible in the case of ESP and AH since it would need knowledge of the private keys).
This applies to *any* form of NAT.
NAT is highly useful in large ISPs where blocks or single IP addresses can easily be maintained without loosing slack IP addresses as part of a CIDR block where excess was originally allocated.
of course if you think it's better to over allocate and loose IP addresses because you want a full, traditionally routed network then that's up to you.
The above sentences do not make sense. In fact, they still don't make sense if I assume you mean "lose" rather than "loose".
There is no loss of IP addresses involved in allocating small subnets and no requirement to over allocate (other than the usual BGP routing filters which will prevent routes smaller than
much of the internet community only use web and email. i would say 10% might use other things too that require a public IP address to communicate
That 10% is set to increase with the growth of peer to peer technologies. It is not the ISP's job to restrict the technologies their customers choose to use.
in these cases it's easy to do 1:1 NAT (BINAT, S/DNAT etc) to achieve this, whilst letting the customer continue with a private IP address.
And this will _still_ cause problems for a lot of protocols since your local IP address will never match the address you present to the rest of the internet. Even worse: depending on how the ISP has set up the routing you may be presenting one IP address to other customers of the ISP and a completely different IP address to everyone else.
This makes life incredibly easy for the network infrastructure people.
This makes life incredibly difficult for the end users. If the network administrators can't deal with setting up a network without the need for NAT then they need to be fired and replaced by people who know how to use the well established tools that automatically sort out stuff like routing for you - it's really not that hard.
Having installed and maintained a lot of large IP networks over many years, I've dealt with both networks that employ NAT extensively and completely NAT-free networks. In my experience, NAT causes a lot more problems than it solves and I would opt for the NAT-free option every time, given a choice. The only exception to this is for certain load sharing and fail-over situations where NAT can prove useful so long as it's use has been well thought out.
this is a good thing as it's easier for the ISP to organise their own network infrastructure space.
I'm sorry but NAT is never a good thing since it breaks the peer-to-peer design of the internet, rendering peer-to-peer applications such as VoIP, bittorrent, etc. difficult or impossible to use.
Additionally, RFC1918 addresses are of site-local scope - i.e. they are reserved for use on a LAN. Using them on a WAN is bad since it leads to addressing conflicts with people who are using the networks in their intended scope. There is no good reason to abuse RFC1918 networks in this way - global scope IPv4 addresses are not that scarce yet.
I too find it ironic that the English bitch so much about the US being a dominant super power when Great Britain used to be a much more dominating and way more savage super power than the US is.
The key words there are "used to be".
The US is reacting to terrorism in a frighteningly similar manner to the way the Brits reacted to the struggle by nationalists in Ireland.
The US seem to be assuming that *everyone* is a criminal. This is very different to screening a specific group of people.
Also, the IRA situation was handled very differently to the way both the UK and the US are handling the current threat - in the IRA days everyone was determined not to let the terrorists dictate how we live our lives but these days terrorist threats are hyped up in order to push a government agenda which a large chunk of the electorate do not want.
I like to quote Bill Hicks in saying that all Governments are liars and murderers.
Absolutely. The UK is almost as bad as the US in these matters (I have lived all my life in the UK). Joining the US in conquering a sovereign state in contravention of international law was pretty much the worst thing the UK government could do - the UK people didn't want the war and aligning ourselves with the US has made the UK a target for "terrorists" (I use scare-quotes because I don't believe what terrorists do is fundamentally any different to what the US and UK have done in Iraq).
I would be very surprised if Labour are reelected next time around after repeatedly disregarding public opinion and breaking election promises. Unfortunately, the Conservatives aren't much better and there's no way the Lib Dems will get elected whilst the electorate play at tactical voting instead of voting for who they actually want.
In reality, democracy is such a flawed system, I don't see what right anyone has to force it upon another country, yet Western governments keep meddling in everyone else's affairs in an effort to propagate it.
A landline phone uses less electricity (so costs less to run)
This very much depends on your landline phone. I'd be surprised if there was much difference in power usage between a DECT phone and an 802.11 SIP phone.
A landline phone has a guaranteed quality of service
Dependent on your service provider. If you have the right equipment an IP phone provides similar QoS.
A landline phone is very cheap to buy.
Also dependent on the type of phone you buy - you can get POTS phones from anywhere around £5 up to £250 or more. At the low cost end you're probably right - you can't get an IP phone for much less than £40, but at the top end there's not much difference.
A landline phone can have free calls depending on package
I'm not sure how this is at all different to any other type of phone - be it IP, GSM, ISDN, etc.
An IP phone uses more power.
We already covered this one (above).
An IP phone can be hacked.
Presumably you mean "cracked"? An 802.11 phone with WPA turned on is far less open to cracking than a DECT phone. Also, have you never heard of POTS wire tapping? it's quite easy to do with a pair of wire cutters and an earphone...
An IP phone doesn't have guaranteed QOS nor does it have a guaranteed working emergency number.
Again, we covered this above - if you're using the right equipment and a good service provider then you can guarantee the same level of QoS as any POTS phone.
So geek boy with your business poser phone , those are my pros and cons , lets hear yours.
IP phones are used in many office buildings since they reduce the amount of wiring required (you only require a single cat5e network rather than a separate set of twisted pairs for the phone system).
Also, people who travel a lot quite like IP phones since they can make calls from the hotel network without having to pay the high telephone charges that hotels like to charge.
Most electronic power supplies, at least those sold in the USA, have terrible power factors.
European laws require devices to have power factor correction circuits, so this is less of a problem in the EU. (It's slightly crazy to sell something as "energy saving" if it has a bad power factor doncha think?).
Although I still wonder why they'd even make a plastic "ground" prong.
Cost, I imagine. It's cheaper to mould a plastic pin onto the plug rather than have a metal pin which has been left unconnected. British plugs require a pin for "earth", even if it isn't connected, since the earth pin opens the shutters on the live/neutral connections.
I've seen a lot of American posts claiming that the shutters are a very bad idea since they always get stuck and result in the dangerous action of poking something into the socket to open them manually. I'd have to say that this is a completely bogus argument - the shutters are a very good idea to keep the live pin from being exposed and I've never had any problem with them becoming stuck (I've lived in the UK my whole life). The only time I've poked anything into the earth connection to open the shutters is when plugging european plugs into UK sockets (they do fit, but have no earth pin and you probably shouldn't draw large currents since they are round pins rather than rectangular).
Also, that's really the whole point of a corporation, the concept of "limited liability".
Corporations have limited liability in financial matters, but is that still the case when a criminal offence is committed (as is the case here)?
Mathematically, too, you can actually map all of the Real numbers, 1:1, in the space between 0.0 through 1.0
How does that work then? Sure, you can map all real numbers _between predefined values_ - i.e. I can map all real numbers between 0-5 to 0-1 by dividing by 5. However, the continuum of real numbers extends from -infinity to +infinity - dividing by any finite value is still going to result in a continuum of real numbers between -inf and +inf.
If the industry had their way, rap music would have never happened
I don't understand... your post seems to imply this is a Bad Thing?
My mozilla from a year-or-so ago has this setting where it ask you about each cookie being set. it can then remember the setting for this website.
:(
Maybe you should learn about or change your browser.
For some crazy reason, FireFox 2 has now removed this option - I had to go poking around in about:config to turn it back on.
What Microsoft doesn't (and can't short of reverse engineering) write drivers for are pieces of proprietary hardware.
Maybe MS should join the FOSS developers in pushing hardware manufacturers into providing open hardware specs. Admittedly they probably don't want to be stuck writing drivers for every little piece of hardware, but on the other hand they are getting royally stuffed in terms of stability by all the crumby half-arsed drivers being produced by hardware manufacturers. (And this is exactly why the Free software community doesn't like binary drivers - they cause all sorts of random stability problems and the manufacturers don't care).