While the DoD is implementing IPv6, Slashdot readers announce that they will begin researching the implementation of a dictionary for day-to-day communication.
"Dept. of Defense IPv6 Interoperabilty Test Begins"
Although not everyone can afford a dictionary, we hope that they will become more widespread in the workplace and in educational facilities. Dictionary.com is just too many letters to type.
IPv6 should eliminate NATs. The people who enjoy the false security (prevention of inbound connections) that NAT provides will keep using them.
However, I see no reason for most people to use them. With this many IP addresses, there's no reason why every connection can't be given 255 (or more) IPs. For example, I connect with my cable modem. Where's the hurt in giving me 255 IPs to use? If this is the standard, filtering shouldn't be any problem. And say I've got 10 computers on a LAN. Rather than use a NAT, I can simply assign every machine their own IP.
Every machine can now create incoming and outgoing connections on all ports, as they (and TCP/IP) were designed to do in the first place. This will be a wonderful thing for many home users who simply won't pay for more IPs, and for businesses who will no longer have to pay as much for many IPs.
IP address space is currently scarce. Limited supply with increase in demand = increase in price. IPv6 will dramatically increase the supply, decreasing the price, and making (most) everybody happy.
Okay, so they don't deserve to be on your whitelist. How is that their problem?
If you don't want them calling you, it's YOUR responsibility to setup your own filter (somehow). Don't blame them just because they've figured it out and you haven't.
They're not going to bitch if you filter their calls. It's a problem for YOU to fix!
When is the last time you've gotten spam from hotmail.com, yahoo.com, or any other popular free service like this?
I've gotten plenty forged email headers that show hotmail.com and yahoo.com, but I've never gotten a spam message from either. Why? Because if 1 (ok, maybe 2) people report the account as spamming, it gets canned.
Accepting mail from these services will not pose a serious spam threat. At least until spammers can create a script to create the accounts and send the spam. Sites like Yahoo and Hotmail are actively trying to prevent these (to get their ads through to the real customers, if nothing else).
Of course this is the case! Are you more likely to give the guy that knocks on your door 30 seconds of your time or the guy who spammed you?
You get thousands of spam messages, and very few (at least for me) people knocking on your door. You're more likely to take care of (give time to) whichever stack is shorter.
Horsepower is important, but not the only thing to consider. A "200hp engine" means that the maximum horsepower is 200. The power of an internal combustion engine varies greatly with rpm. So, at some specific rpm, the engine outputs 200hp.
The power of an electric motor (not sure what kind is in the car), does not vary as much with rpm. It's maximum is still 200hp, but it is also able to produce more power than the internal combustion engine throughout most of the operating range.
So the electric motor produces more power than the internal combustion engine throughout most of the operating range, allowing it to do more work in the same amount of time.
Umm, you know all that money in an artist's contract? Yeah...it's gotta come from somewhere. Even if there are people in the middle yanking 99% of what you pay, the artists are still getting paid by the CD buyers.
It's revolutionary because people are paying for the music and receiving it very quickly. You're either buying CDs (I doubt it) or downloading the music. If everyone downloaded the music, and had your little stereo hookup, how do you plan on compensating the artists?
I wondered years ago what happened to my wonderful park.com command in DOS. Apparently, when harddrive technology improved, some higher-up (Microsoft) decided that no one would ever want (or need?) to park their harddrive again.
This is just ridiculous. Just because I don't NEED to park my harddrive when I take my desktop in the car, doesn't mean I don't WANT to park my harddrive when I ship it internationally!
Maybe the standard harddrive can't be parked anymore (less expensive), which makes a lot of sense. But if it still has the physical capability, why not let me control that?
Tracing often leads to open relays in China, which those servers would now be blocked with this list.
Blocked by whom? These open relays are already blocked by Open Relay Databases. How will it be any different?
Sorry, not true. That is the problem. There are open relays everywhere, and SMTP with Auth allow you to send from anywhere. This is just an oversimplification.
Anyone who runs an open relay isn't going to switch to authenticated SMTP. You're going to end up developing a database just like the ORDB to block these.
The bottom line is this. SMTP servers should ONLY send messages that originate from TRACEABLE sources (that can be held accountable). It makes NO difference whether the source of this accountability is a RESPONSIBLE (e.g. trusted or owned by the sysadmin of the SMTP) IP address, or a RESPONSIBLE username/password.
Ok, so I'm an ISP and I'm running a mailserver. Say, for example, I own 10.10.10.xxx (e.g. they're my customers). I do NOT need to authenticate anyone from these IPs because I CAN FIGURE OUT who it is. If the machine is compromised, we have many other, more important, things to worry about.
If I let users from some other netblock send messages without authenticating, then I'm just a moron and will soon be ORDB'd by many Open Relay Databases anyway.
>Setting up an authenticated SMTP server is not hard, and the cost -- compared to the costs that ISPs are forced to incur to deliver spam, would be small.
So ISPs will no longer have to deliver spam? Please. I doubt it will even make a dent in the number of unsolicited bulk messages.
>For you? Just go into your Outlook (or whatever) preferences and edit the outgoing server. Big deal.
What about for companies and schools that need to update 2,000 Outlooks? Sure they've got scripts to do it...but it's time and money. Not to mention more overhead everytime an SMTP connection is made.
>As for spammers getting round it, sure they can forge their mail as if it were from someone else at the same domain. But the admins of that domain will have their server logs and will know who to go after.
This is just ridiculous. When I send mail to abuse@ they have logs and know who to go after too. How would they suddenly be able to identify spam themselves if it were authenticated? They would have nothing more than they do now. Tracing an IP/time to a username is a very minimal amount of time.
>And the fact that the spammer will only be able to post from a domain he (any "she" spammers out there feeling hard done by, do speak up) controls will greatly reduce the number of bounces you and I get from spam that pretends to be from us.
Assuming you're not on the one of many ISPs that is known for spammers (giving out trial accounts, etc). But okay, this probably helps MOST of us.
>So, overall, while SPF won't stop spam, it will help, and it will introduce a lot more accountability into the email process -- which can only be a good thing.
NO. SMTP servers now only allow IPs from within their controlled subnet to send messages. If the sysadmins OWN YOUR IP, then it makes NO difference whether or not they have your USERNAME, because they can look it up in NO TIME.
This is a BAD idea. What happens when I have 3 different email accounts that I use for different things, and I want to send mail from each of them from my home ISP? Sure, each email provider can provide a secure SMTP for me to log into, but this sounds like a lot of work.
This is going to make a LOT of people's lives worse, and spammers will get around it anyway. After all...they can still send from another username@theirisp.com. The accounts they're sent from are garbage anyway, because many people notify the proper abuse@ based on the headers (as they should) and not the From address. Forging the from doesn't provide any cover for spammers anyway.
After seeing benchmarks for the G5, I'm actually considering switching to Mac, which I once thought to be a mortal sin (or is it still?).
I certainly can't think of a better desktop machine that the majority of people are familiar with and yet kicks out that kind of performance. Then again, why should I care if anyone else can figure out how to use my machine?
How are you going to regulate P2P? Sure, the RIAA can develop software that corresponds with them (e-mail, whatever). This server can provide a key for a given P2P server after the software logs in, kind of like Kerberos I guess. BUT, this isn't going to work very well with peers running the servers...after all, none of the P2P servers can really be trusted by the RIAA.
It seems that within days (or hours), some sort of Kazaa Lite will be released that allows you to login to the P2P system without any correspondence with the RIAA. I guess they could require the servers to verify keys with the RIAA server too, and when someone running the lite version runs a server, sue them as they are now.
The bottom line is this. They can't stop everyone from stealing music. Their goal should be to stop the majority. Based on the current RIAA business model, I really don't see this happening anytime soon (or maybe ever).
It appears that the www.ataconnect.org machine is still on the Internet but not responding properly to http requests.
It's still responding to pings (although not very well) and also gives back some SYN/ACK packets. If it's a bandwidth problem, they've probably taken it down on purpose until the traffic stops. Why they didn't just unplug the machine though is beyond me.
I think it's great that NASA can recover so quickly from such a tragic incident. I think it's very important that they launch another shuttle to show the public they're still hanging around.
However, I think the CAIB Report released in August raises some very interesting points that need to be addressed (if they haven't already been). It mostly discusses long-term issues that will only be solved over the long term.
The last thing NASA wants to do is jump into anything to quickly. Let's face it: one more accident resulting in injury/death will destroy NASA's reputions for many, many years to come. Maybe they should elect to take some years off now, watching out for their own future? Let's just hope they've got 100 people thinking about this...and everyone else actually listening to them this time...
This is definitely not anything new. Every one of us used 56k modems for years...and if anyone had my experience, it never transferred over about 40k. I'm not even talking about the fine print that says it will only download at 56k...but it won't even do that!
Does Yahoo just have so much credibility that they run a story so everyone automatically pays attention to it?
I guess it's a good point, but can someone also point out that most 100mbit Ethernet cards don't transfer at 100mbit?
Most of these networks have DHCP servers that rely on MAC addresses. Basically, if you change your MAC address, the DHCP server won't give you an Internet IP, they'll give you 10.x.x.x, allowing you to communicate only with a webserver that takes your University login/pass.
After you sign up, it ties your University ID to your MAC address. I'd imagine they're not going to allow you to register a new MAC address if you're currently suspended.
On the other hand, if you don't use DHCP, and define everything (e.g. get the DNS servers and gateway from your roommate, and pick an IP in the same netblock) then there's no stopping you until you get an IP conflict (at which time you choose a new one).
Eventually somebody gets pissed of, traces it to a specific port on the switch, your room, etc. And the Department of Public Safety knocks on your door...
The RIAA are the ones that need to implement some kind of system like this. It needs to be inexpensive and very easy to use (like, easier than P2P). Until then, they won't be able to curb the use of P2P for copyright violations.
"if someone comes up with better system that can boot my Linux system as fast as my XP system boots, I'm game."
The real strength of open source is that you can choose to use the new init, I can choose to use the old one, and Joe Blow can write his own.
If someone designed a "more efficient" init for Windows XP, everyone would be stuck with the decision made at M$. With efficiency being relative in almost everything, the freedom of choice is unbeatable.
Slashdot Mirror
While the DoD is implementing IPv6, Slashdot readers announce that they will begin researching the implementation of a dictionary for day-to-day communication.
"Dept. of Defense IPv6 Interoperabilty Test Begins"
Although not everyone can afford a dictionary, we hope that they will become more widespread in the workplace and in educational facilities. Dictionary.com is just too many letters to type.
IPv6 should eliminate NATs. The people who enjoy the false security (prevention of inbound connections) that NAT provides will keep using them.
However, I see no reason for most people to use them. With this many IP addresses, there's no reason why every connection can't be given 255 (or more) IPs. For example, I connect with my cable modem. Where's the hurt in giving me 255 IPs to use? If this is the standard, filtering shouldn't be any problem. And say I've got 10 computers on a LAN. Rather than use a NAT, I can simply assign every machine their own IP.
Every machine can now create incoming and outgoing connections on all ports, as they (and TCP/IP) were designed to do in the first place. This will be a wonderful thing for many home users who simply won't pay for more IPs, and for businesses who will no longer have to pay as much for many IPs.
IP address space is currently scarce. Limited supply with increase in demand = increase in price. IPv6 will dramatically increase the supply, decreasing the price, and making (most) everybody happy.
Okay, so they don't deserve to be on your whitelist. How is that their problem?
If you don't want them calling you, it's YOUR responsibility to setup your own filter (somehow). Don't blame them just because they've figured it out and you haven't.
They're not going to bitch if you filter their calls. It's a problem for YOU to fix!
When is the last time you've gotten spam from hotmail.com, yahoo.com, or any other popular free service like this?
I've gotten plenty forged email headers that show hotmail.com and yahoo.com, but I've never gotten a spam message from either. Why? Because if 1 (ok, maybe 2) people report the account as spamming, it gets canned.
Accepting mail from these services will not pose a serious spam threat. At least until spammers can create a script to create the accounts and send the spam. Sites like Yahoo and Hotmail are actively trying to prevent these (to get their ads through to the real customers, if nothing else).
Of course this is the case! Are you more likely to give the guy that knocks on your door 30 seconds of your time or the guy who spammed you?
You get thousands of spam messages, and very few (at least for me) people knocking on your door. You're more likely to take care of (give time to) whichever stack is shorter.
Horsepower is important, but not the only thing to consider. A "200hp engine" means that the maximum horsepower is 200. The power of an internal combustion engine varies greatly with rpm. So, at some specific rpm, the engine outputs 200hp.
The power of an electric motor (not sure what kind is in the car), does not vary as much with rpm. It's maximum is still 200hp, but it is also able to produce more power than the internal combustion engine throughout most of the operating range.
So the electric motor produces more power than the internal combustion engine throughout most of the operating range, allowing it to do more work in the same amount of time.
Umm, you know all that money in an artist's contract? Yeah...it's gotta come from somewhere. Even if there are people in the middle yanking 99% of what you pay, the artists are still getting paid by the CD buyers.
It's revolutionary because people are paying for the music and receiving it very quickly. You're either buying CDs (I doubt it) or downloading the music. If everyone downloaded the music, and had your little stereo hookup, how do you plan on compensating the artists?
I wondered years ago what happened to my wonderful park.com command in DOS. Apparently, when harddrive technology improved, some higher-up (Microsoft) decided that no one would ever want (or need?) to park their harddrive again.
This is just ridiculous. Just because I don't NEED to park my harddrive when I take my desktop in the car, doesn't mean I don't WANT to park my harddrive when I ship it internationally!
Maybe the standard harddrive can't be parked anymore (less expensive), which makes a lot of sense. But if it still has the physical capability, why not let me control that?
Tracing often leads to open relays in China, which those servers would now be blocked with this list.
Blocked by whom? These open relays are already blocked by Open Relay Databases. How will it be any different?
Sorry, not true. That is the problem. There are open relays everywhere, and SMTP with Auth allow you to send from anywhere. This is just an oversimplification.
Anyone who runs an open relay isn't going to switch to authenticated SMTP. You're going to end up developing a database just like the ORDB to block these.
The bottom line is this. SMTP servers should ONLY send messages that originate from TRACEABLE sources (that can be held accountable). It makes NO difference whether the source of this accountability is a RESPONSIBLE (e.g. trusted or owned by the sysadmin of the SMTP) IP address, or a RESPONSIBLE username/password.
Ok, so I'm an ISP and I'm running a mailserver. Say, for example, I own 10.10.10.xxx (e.g. they're my customers). I do NOT need to authenticate anyone from these IPs because I CAN FIGURE OUT who it is. If the machine is compromised, we have many other, more important, things to worry about. If I let users from some other netblock send messages without authenticating, then I'm just a moron and will soon be ORDB'd by many Open Relay Databases anyway.
I have to disagree.
>Setting up an authenticated SMTP server is not hard, and the cost -- compared to the costs that ISPs are forced to incur to deliver spam, would be small.
So ISPs will no longer have to deliver spam? Please. I doubt it will even make a dent in the number of unsolicited bulk messages.
>For you? Just go into your Outlook (or whatever) preferences and edit the outgoing server. Big deal.
What about for companies and schools that need to update 2,000 Outlooks? Sure they've got scripts to do it...but it's time and money. Not to mention more overhead everytime an SMTP connection is made.
>As for spammers getting round it, sure they can forge their mail as if it were from someone else at the same domain. But the admins of that domain will have their server logs and will know who to go after.
This is just ridiculous. When I send mail to abuse@ they have logs and know who to go after too. How would they suddenly be able to identify spam themselves if it were authenticated? They would have nothing more than they do now. Tracing an IP/time to a username is a very minimal amount of time.
>And the fact that the spammer will only be able to post from a domain he (any "she" spammers out there feeling hard done by, do speak up) controls will greatly reduce the number of bounces you and I get from spam that pretends to be from us.
Assuming you're not on the one of many ISPs that is known for spammers (giving out trial accounts, etc). But okay, this probably helps MOST of us.
>So, overall, while SPF won't stop spam, it will help, and it will introduce a lot more accountability into the email process -- which can only be a good thing.
NO. SMTP servers now only allow IPs from within their controlled subnet to send messages. If the sysadmins OWN YOUR IP, then it makes NO difference whether or not they have your USERNAME, because they can look it up in NO TIME.
This is a BAD idea. What happens when I have 3 different email accounts that I use for different things, and I want to send mail from each of them from my home ISP? Sure, each email provider can provide a secure SMTP for me to log into, but this sounds like a lot of work.
This is going to make a LOT of people's lives worse, and spammers will get around it anyway. After all...they can still send from another username@theirisp.com. The accounts they're sent from are garbage anyway, because many people notify the proper abuse@ based on the headers (as they should) and not the From address. Forging the from doesn't provide any cover for spammers anyway.
After seeing benchmarks for the G5, I'm actually considering switching to Mac, which I once thought to be a mortal sin (or is it still?).
I certainly can't think of a better desktop machine that the majority of people are familiar with and yet kicks out that kind of performance. Then again, why should I care if anyone else can figure out how to use my machine?
And it's MUCH better now.
----www.ataconnect.org PING Statistics----
11 packets transmitted, 11 packets received, 0% packet loss
round-trip (ms) min/avg/max = 137/147/158
How are you going to regulate P2P? Sure, the RIAA can develop software that corresponds with them (e-mail, whatever). This server can provide a key for a given P2P server after the software logs in, kind of like Kerberos I guess. BUT, this isn't going to work very well with peers running the servers...after all, none of the P2P servers can really be trusted by the RIAA.
It seems that within days (or hours), some sort of Kazaa Lite will be released that allows you to login to the P2P system without any correspondence with the RIAA. I guess they could require the servers to verify keys with the RIAA server too, and when someone running the lite version runs a server, sue them as they are now.
The bottom line is this. They can't stop everyone from stealing music. Their goal should be to stop the majority. Based on the current RIAA business model, I really don't see this happening anytime soon (or maybe ever).
It appears that the www.ataconnect.org machine is still on the Internet but not responding properly to http requests.
It's still responding to pings (although not very well) and also gives back some SYN/ACK packets. If it's a bandwidth problem, they've probably taken it down on purpose until the traffic stops. Why they didn't just unplug the machine though is beyond me.
----www.ataconnect.org PING Statistics----
17 packets transmitted, 17 packets received, 0% packet loss
round-trip (ms) min/avg/max = 108/801/4445
I think it's great that NASA can recover so quickly from such a tragic incident. I think it's very important that they launch another shuttle to show the public they're still hanging around.
However, I think the CAIB Report released in August raises some very interesting points that need to be addressed (if they haven't already been). It mostly discusses long-term issues that will only be solved over the long term.
The last thing NASA wants to do is jump into anything to quickly. Let's face it: one more accident resulting in injury/death will destroy NASA's reputions for many, many years to come. Maybe they should elect to take some years off now, watching out for their own future? Let's just hope they've got 100 people thinking about this...and everyone else actually listening to them this time...
This is definitely not anything new. Every one of us used 56k modems for years...and if anyone had my experience, it never transferred over about 40k. I'm not even talking about the fine print that says it will only download at 56k...but it won't even do that!
Does Yahoo just have so much credibility that they run a story so everyone automatically pays attention to it?
I guess it's a good point, but can someone also point out that most 100mbit Ethernet cards don't transfer at 100mbit?
It's all good until that air intake sucks some water and it dies as one of those babies is about to come crashing down on top of you...
Oh, not to mention the httpd log with all of our IPs :)
"If you build it, he will come."
Who wouldn't want to see that?
Most of these networks have DHCP servers that rely on MAC addresses. Basically, if you change your MAC address, the DHCP server won't give you an Internet IP, they'll give you 10.x.x.x, allowing you to communicate only with a webserver that takes your University login/pass.
After you sign up, it ties your University ID to your MAC address. I'd imagine they're not going to allow you to register a new MAC address if you're currently suspended.
On the other hand, if you don't use DHCP, and define everything (e.g. get the DNS servers and gateway from your roommate, and pick an IP in the same netblock) then there's no stopping you until you get an IP conflict (at which time you choose a new one).
Eventually somebody gets pissed of, traces it to a specific port on the switch, your room, etc. And the Department of Public Safety knocks on your door...
The RIAA are the ones that need to implement some kind of system like this.
It needs to be inexpensive and very easy to use (like, easier than P2P).
Until then, they won't be able to curb the use of P2P for copyright violations.
"if someone comes up with better system that can boot my Linux system as fast as my XP system boots, I'm game."
The real strength of open source is that you can choose to use the new init, I can choose to use the old one, and Joe Blow can write his own.
If someone designed a "more efficient" init for Windows XP, everyone would be stuck with the decision made at M$. With efficiency being relative in almost everything, the freedom of choice is unbeatable.
Agreed. I'd rather here it 3 times fast than o-n-e t-i-m-e slooooooooooow. And that kid who got left behind?
As long as he doesn't give up on it, he'll catch it the 2nd or 3rd time.