Sigh. One word. Cloud. Or, to tie it a little closer to Microsoft's home, Azure. This is a Big Data play people. Big Data requires Big Compute, and Big Storage. This is likely because Microsoft wants to make R work better on its cloud offering than any other vendors. We will have to see if that means locking other cloud vendors out or not, but I'm hoping that with the new direction (open sourcing.NET anyone?) they will not try that tactic again. Only time will tell. I'm not suggesting that we let our guard down, but at the same time let's not jump to conclusions.
Where is Perl in the relative rankings of programming language usage today? I'm not suggesting any correlation, let alone causation, but it is interesting to ponder the question.
A successful DDOS attack makes actual, valid, requests to the victim host. If it is a web browser, then it makes actual HTTP requests, possibly to the home page, possibly taking a random URL off that home page, in the same domain, and crawling the web site. Simply replying with an Ack isn't going to do squat. There are services out there that can scrub the requests for you. I'm not going to mention the name of the company, but you can research it if you want. Basically, once you sign up traffic normally goes to your site. However, if you are attacked they can use BGP to make your traffic go through their systems, and they scrub the traffic using proprietary methods, and only send clean non-DDOS traffic to your site. There are other things you can do also, if you have the right gear. You can inject a HTTP cookie if you get more than x requests from a particular IP address within y seconds, and then any future requests may get dropped (if you have a complying web browser or HTTP stack on the other end). Or, you can just keep a list of IP's that appear to be infected and drop the traffic if it is from those IP addresses. That's what is behind Cisco's and TippingPoint's, and just about any other decent IPS vendor's "reputation services" or whatever they brand it as. There is a lot you can attempt to do about DDOS, but "simply replying with an Ack" isn't a good one.
I'd say it is more of a problem of incorrectly configured QoS, or hardware with insufficient QoS capabilities, rather than large buffers. Obviously they are not using WRED or other methods, or the thresholds per queue are set too high to activate WRED or other packet drop mechanisms. This results in the buffers always being near 100% full, during periods of congestion. There are a slew of QoS capabilities on different hardware from different manufacturers, and even from the same manufacturer. Cisco, for example, has different QoS capabilities on almost every different piece of hardware they sell. So, you have to be fairly diligent that you are configuring QoS correctly on each individual piece of equipment, many of which will have very different capabilities, to be able to ensure an overall QoS strategy for the whole network.
However, this proper functioning of QoS is, as anyone who really knows QoS, dependent on the proper configuration on every node in the network. If you are talking VoIP, for instance, just one improperly configured node, or even a single link on a node, can break QoS on the entire network (or at least flows going through that node/link). Since most cheap home equipment does not have configurable QoS settings, or at least not to the extend that Internet infrastructure devices do, they may well be part of the problem.
However, as far as the Internet infrastructure devices, if Comcast, or any other ISP, is suffering from "buffer-bloat" on their equipment I'd blame them for not configuring QoS appropriately.
You don't really know what you are talking about, do you?
Tail bits? That's going to get you around egress filtering? Also, as pointed out by others, ISP's do ingress filtering, not egress. Egress filtering is what companies that have their own firewalls and/or routers are encouraged to do, but the ISP should be doing ingress filtering also.
Absolutely correct. One of my brothers reached his lifetime limit, and can no longer work in nuclear power plants. It doesn't matter that he could request to avoid "hot" jobs, he just plain simply can't work in an areas where radiation is known to be present.
Oh come on. Not speaking for anyone else or any particular comment, I'd guess 90% of the snotty responses are in jest. One thing we do know, is that snotty responses get the attention of MS, and upset them. So, even if MS does something worthy of praise, the amount of praise would likely never exceed 10-30% of total comments, just because we like poking MS.
There is also the "once bitten twice shy" syndrome. MS has such a horrible past that even when they do something worth of praise it is very difficult to trust that there is not some hidden scheme with ulterior motives. So please understand forgive if us/. snots continue to have fun at the expense of MS.
With the usual caveat of IANAL, I don't believe the voicemail is the property of Buckyballs. They left the voice mail, but they left it on someone else's voice mail system. The recording is owned by the receiver of the message, not the sender. Now if the message were recorded on a tape, CD, or some other device, and the device was sent to the recipient, I suppose an argument could be made that the original recording is copyright Buckyballs, but not a traditional voice mail. There is probably relevant case law on the matter, but again IANAL.
As far as the images, that all depends on where they were obtained from. Many, if not most, social networking sites, which I'm assuming these were grabbed from, explicitly state in their terms that you give up copyright on anything that you post. So even the images may, in fact, be non-infringing.
So, there are really two issues here. One issue is the original complain in the voice mail, which I don't believe BuckyBalls has a leg to stand on in court. The second issue is the use of copyrighted material (the voice mail and the images of the BuckBalls guy acting like an idiot), which BuckyBalls may or may not have a valid claim on.
Don't confuse the comparison of the products with the DCMA take down notice.
Cheers!
If you are funded by the US government, then I would say no, don't waste any more of your time our our money on this. If you are privately funded, then sure, go ahead.
Sigh. Understand the protocol before commenting, or at least RTFA. There IS an individual key per user. But, there is also a shared key used for broadcast traffic. The problem is that the shared key is not authenticated, so a user who knows the shared key (i.e., anyone with access to the wireless network), can use the shared key to spoof the AP and send messages to other users, and force them to give up or change their unique per-user keys. A "fix" would be getting rid of the shared key for broadcast, but that would require the AP to send a separate "broadcast" packet to each user individually, using their unique per-user key, instead of just one packet.
There is an out-of-band key exchange. It is called a trusted certificate. You know, just like how HTTPS works. This is for WPA2 Enterprise, of which there are many different EAP methods possible, but for which most do include an out of band key exchange (i.e., certificates, or EAP-FAST PAK). In any case, there's also the old DH key exchange, which worked fine for IPsec for years.
The amazing thing is, if we allowed ocean drilling much closer to shore we wouldn't have these problems. One, the depth would not be so great that the pressure created these methane and ice / sludge pockets. Two, a leak, if one were to occur, would be much easier to contain. You could actually send someone down to fix the problem if it were close enough to the shore. You are not sending someone down under 5000 feet of water... So, ironically, it is the wacko environmentalists that are to blame for this situation. Their answer? Either don't drill at all, or if you do, drill even further out, where the problems are even greater. Yea, that makes a lot of sense...
I think you are confusing the effort by some states to require companies to collect the use tax, and the requirement to pay the use tax in the first place. As far as I know, it is pretty clear that individual citizens are required to pay use taxes for items they purchase out of state. It has generally been up to the individual citizen to report and pay the use tax. States have recently attempted to get companies to collect and pay the use tax for citizens, because there is so much fraud when it comes to the use tax (people just don't voluntarily pay it, when is the last time you did, or know anyone who did?).
I may be mistaken. My understanding is that a use tax would be unconstitutional. States are not supposed to have import/export taxes for trade with other states. That is what the inter-state commerce clause is all about, not the twisted definition that the SCOTUS dreamed up many years ago. Rather, it is to make trade "regular" (occurring normally and without impediment of additional taxes or levies imposed by states).
Yes, but you convienantly left out that the testimony that I linked to was in May, 2006, well after 1971 and 1979. The guy testifying is the:
Henry Salvatori Professor of Law & Community Service
Chapman University School of Law
Director, The Claremont Institute
Center for Constitutional Jurisprudence
You have it wrong. It's not being shoved to the right, it is being shoved more towards total government, rather than anarchy. This type of information can be used for ill by either the left or the right. The radical left may, in fact, want more data than the right. I could see them wanting a full genome in an effort to take care of the people by discovering who has what predisposition to what ailments, and beginning proactive treatment. As far as the right, I see the extremist on that end wanting pretty much was asked for here, a way to positively identify each citizen to be able to link them to crimes and such. Of course they could also use it to frame someone pretty easily (it's easy to get people's DNA, just take one garbage bag and you'd have enough to plant in any crime scene).
So the window is being shoved, but it's not being shoved left or right, it's being shoved towards a more totalitarian government.
Testimony before the U.S. House of Representatives Permanent Select Committee on Intelligence, contending that Section 798 of the Espionage Act, prohibiting the publication of classified information regarding U.S. communications capabilities, can constitutionally be applied to the media, for several reasons: 1) A majority of the Justices in the Pentagon Papers case recognized that prior restraints on publication of highly sensitive, classified information regarding ongoing military and communications operations would be permissible; 2) The prospect of post-publication liability for violating the Espionage Act was also recognized by a majority of the Justices; and 3) The Freedom of Press Clause of the First Amendment is equally applicable to citizens and the institutional media.
Proxies are supposed to embed the actual IP address of the end-client in the HTTP headers, so that load balancing can work properly. While there may be some that don't, most transparent proxies do. You do know that there are ISPs that have transparent proxies to cache the data and reduce their Internet exchange bandwidth, right? That's what happened in that story where people were getting into each others Facebook accounts on their cell phones - the cell phone company proxy was screwed up.
I agree. A lot of people throw around the word right too, well, liberally. There are very few rights in this world. The right to view content without ads is non-existent. If there were such a right, and the people creating content didn't want to, or couldn't afford to, what would you do? Would you force them to create content? Would you enslave them, making them toil away at creating content for no pay? Of course not.
At the same time, the content creators have no right to ad revenue. If people don't want to view their sites with ads, then you can't force them to. Well, I suppose you can turn your web pages into one large dynamically created JPEG per page, with the ads embedded. But you can't force people to view your web site at all, let alone force them to run intrusive JavaScript and untrusted code from third party ad servers.
The content providers certainly have a right to say what they want, and to try and find an alternate business model that works for them. The content viewers, or consumers, have the right to choose what content they consume, or whether to consume any at all.
If the model that the providers use is not acceptable to the consumers, then the providers will just have to find something else to do, and the consumers will have to find a different provider. That's called the free market, which doesn't have anything to do with whether the content is free or not.
Actually, it is my understanding that the law removes special exemptions that certain people had that allowed them to basically work for one company full-time, for very long periods, but still claim they were a contractor. You can't have it both ways. Either you are a contractor and do a bunch of short term jobs for a bunch of different companies, or you are a permanent employee of one company. See the other Slashdot article. It's just a scam.
The parent is marked 5: Funny, but honestly this is the first thing I thought of. If he is a night-guard, he should be doing his job and paying attention to whatever he is supposed to be guarding. It may be a plain looking warehouse door, and nothing exciting. They are not paying him for exciting work, nor are they paying him to read books and do other work while on the job. They are paying him to pay attention to what he is supposed to be guarding, and to be ready if he must take action. Personally, it kind of ticks me off that people with a "boring" job like that are getting paid, however small the pay is, while not doing their job. If I had his fingerprints I'd report him and have them dock his pay.
Re:Can someone who understands the IRS explain?
on
Our Low-Tech Tax Code
·
· Score: 1
I'm no expert on this, but I suppose you can look at it like this. A "real" contractor is not just doing work for a company 9-5 for long periods of time (many months or years). Part of what a "real" contract has to do, by definition, is invest some capital into the whole self-owned business. They have to do a certain amount of sales work. They don't get paid for that. When they land a contract, the business is getting paid to do a specific job. They take their "salary" out of the price for that contract, and the rest goes to cover the business costs (home-office, work computers, sales, etc). It can reasonably be viewed that any leftover dollars after paying for the business is viewed as capital gains over what it cost to fund the business itself. I think that is reasonable.
Now, I work for a large engineering consulting company. It is not a one-man show for me, but the concepts are the same. Some may argue that it does take one-man show independently owned consultants many months or years to work on large projects, but I agree with other comments that the only honest jobs that take that long are huge jobs that a larger consulting company would engage in, not a lone engineer / programmer. One guy working at a company for two years doing 9-5 work, whether programming or some other consulting work, is I believe just a way for both the business and "consultant" to cheat the system. If a company were to hire many one-man consulting firms to fill a need for a "team" of independent consultants over the long term, it becomes even more transparent that they are just trying to cheat the system.
I think the guy was nuts, and was by definition a terrorist.
Slashdot Mirror
Sigh. One word. Cloud. Or, to tie it a little closer to Microsoft's home, Azure. This is a Big Data play people. Big Data requires Big Compute, and Big Storage. This is likely because Microsoft wants to make R work better on its cloud offering than any other vendors. We will have to see if that means locking other cloud vendors out or not, but I'm hoping that with the new direction (open sourcing .NET anyone?) they will not try that tactic again. Only time will tell. I'm not suggesting that we let our guard down, but at the same time let's not jump to conclusions.
Where is Perl in the relative rankings of programming language usage today? I'm not suggesting any correlation, let alone causation, but it is interesting to ponder the question.
Visual R is already a product called RStudio.
A successful DDOS attack makes actual, valid, requests to the victim host. If it is a web browser, then it makes actual HTTP requests, possibly to the home page, possibly taking a random URL off that home page, in the same domain, and crawling the web site. Simply replying with an Ack isn't going to do squat. There are services out there that can scrub the requests for you. I'm not going to mention the name of the company, but you can research it if you want. Basically, once you sign up traffic normally goes to your site. However, if you are attacked they can use BGP to make your traffic go through their systems, and they scrub the traffic using proprietary methods, and only send clean non-DDOS traffic to your site. There are other things you can do also, if you have the right gear. You can inject a HTTP cookie if you get more than x requests from a particular IP address within y seconds, and then any future requests may get dropped (if you have a complying web browser or HTTP stack on the other end). Or, you can just keep a list of IP's that appear to be infected and drop the traffic if it is from those IP addresses. That's what is behind Cisco's and TippingPoint's, and just about any other decent IPS vendor's "reputation services" or whatever they brand it as. There is a lot you can attempt to do about DDOS, but "simply replying with an Ack" isn't a good one.
I'd say it is more of a problem of incorrectly configured QoS, or hardware with insufficient QoS capabilities, rather than large buffers. Obviously they are not using WRED or other methods, or the thresholds per queue are set too high to activate WRED or other packet drop mechanisms. This results in the buffers always being near 100% full, during periods of congestion. There are a slew of QoS capabilities on different hardware from different manufacturers, and even from the same manufacturer. Cisco, for example, has different QoS capabilities on almost every different piece of hardware they sell. So, you have to be fairly diligent that you are configuring QoS correctly on each individual piece of equipment, many of which will have very different capabilities, to be able to ensure an overall QoS strategy for the whole network.
However, this proper functioning of QoS is, as anyone who really knows QoS, dependent on the proper configuration on every node in the network. If you are talking VoIP, for instance, just one improperly configured node, or even a single link on a node, can break QoS on the entire network (or at least flows going through that node/link). Since most cheap home equipment does not have configurable QoS settings, or at least not to the extend that Internet infrastructure devices do, they may well be part of the problem.
However, as far as the Internet infrastructure devices, if Comcast, or any other ISP, is suffering from "buffer-bloat" on their equipment I'd blame them for not configuring QoS appropriately.
You don't really know what you are talking about, do you? Tail bits? That's going to get you around egress filtering? Also, as pointed out by others, ISP's do ingress filtering, not egress. Egress filtering is what companies that have their own firewalls and/or routers are encouraged to do, but the ISP should be doing ingress filtering also.
Absolutely correct. One of my brothers reached his lifetime limit, and can no longer work in nuclear power plants. It doesn't matter that he could request to avoid "hot" jobs, he just plain simply can't work in an areas where radiation is known to be present.
Oh come on. Not speaking for anyone else or any particular comment, I'd guess 90% of the snotty responses are in jest. One thing we do know, is that snotty responses get the attention of MS, and upset them. So, even if MS does something worthy of praise, the amount of praise would likely never exceed 10-30% of total comments, just because we like poking MS.
/. snots continue to have fun at the expense of MS.
There is also the "once bitten twice shy" syndrome. MS has such a horrible past that even when they do something worth of praise it is very difficult to trust that there is not some hidden scheme with ulterior motives. So please understand forgive if us
With the usual caveat of IANAL, I don't believe the voicemail is the property of Buckyballs. They left the voice mail, but they left it on someone else's voice mail system. The recording is owned by the receiver of the message, not the sender. Now if the message were recorded on a tape, CD, or some other device, and the device was sent to the recipient, I suppose an argument could be made that the original recording is copyright Buckyballs, but not a traditional voice mail. There is probably relevant case law on the matter, but again IANAL. As far as the images, that all depends on where they were obtained from. Many, if not most, social networking sites, which I'm assuming these were grabbed from, explicitly state in their terms that you give up copyright on anything that you post. So even the images may, in fact, be non-infringing. So, there are really two issues here. One issue is the original complain in the voice mail, which I don't believe BuckyBalls has a leg to stand on in court. The second issue is the use of copyrighted material (the voice mail and the images of the BuckBalls guy acting like an idiot), which BuckyBalls may or may not have a valid claim on. Don't confuse the comparison of the products with the DCMA take down notice. Cheers!
Yes, he's entitled to the money he makes. Others are not. Speaking of a warped sense of entitlement!
If you are funded by the US government, then I would say no, don't waste any more of your time our our money on this. If you are privately funded, then sure, go ahead.
Sigh. Understand the protocol before commenting, or at least RTFA. There IS an individual key per user. But, there is also a shared key used for broadcast traffic. The problem is that the shared key is not authenticated, so a user who knows the shared key (i.e., anyone with access to the wireless network), can use the shared key to spoof the AP and send messages to other users, and force them to give up or change their unique per-user keys. A "fix" would be getting rid of the shared key for broadcast, but that would require the AP to send a separate "broadcast" packet to each user individually, using their unique per-user key, instead of just one packet.
There is an out-of-band key exchange. It is called a trusted certificate. You know, just like how HTTPS works. This is for WPA2 Enterprise, of which there are many different EAP methods possible, but for which most do include an out of band key exchange (i.e., certificates, or EAP-FAST PAK). In any case, there's also the old DH key exchange, which worked fine for IPsec for years.
You obviously missed the article way back about the sapphire monitors...
The amazing thing is, if we allowed ocean drilling much closer to shore we wouldn't have these problems. One, the depth would not be so great that the pressure created these methane and ice / sludge pockets. Two, a leak, if one were to occur, would be much easier to contain. You could actually send someone down to fix the problem if it were close enough to the shore. You are not sending someone down under 5000 feet of water... So, ironically, it is the wacko environmentalists that are to blame for this situation. Their answer? Either don't drill at all, or if you do, drill even further out, where the problems are even greater. Yea, that makes a lot of sense...
I think you are confusing the effort by some states to require companies to collect the use tax, and the requirement to pay the use tax in the first place. As far as I know, it is pretty clear that individual citizens are required to pay use taxes for items they purchase out of state. It has generally been up to the individual citizen to report and pay the use tax. States have recently attempted to get companies to collect and pay the use tax for citizens, because there is so much fraud when it comes to the use tax (people just don't voluntarily pay it, when is the last time you did, or know anyone who did?). I may be mistaken. My understanding is that a use tax would be unconstitutional. States are not supposed to have import/export taxes for trade with other states. That is what the inter-state commerce clause is all about, not the twisted definition that the SCOTUS dreamed up many years ago. Rather, it is to make trade "regular" (occurring normally and without impediment of additional taxes or levies imposed by states).
I refuse to continue reading any article that uses the term Interweb
Yes, but you convienantly left out that the testimony that I linked to was in May, 2006, well after 1971 and 1979. The guy testifying is the:
Henry Salvatori Professor of Law & Community Service Chapman University School of Law Director, The Claremont Institute Center for Constitutional Jurisprudence
You have it wrong. It's not being shoved to the right, it is being shoved more towards total government, rather than anarchy. This type of information can be used for ill by either the left or the right. The radical left may, in fact, want more data than the right. I could see them wanting a full genome in an effort to take care of the people by discovering who has what predisposition to what ailments, and beginning proactive treatment. As far as the right, I see the extremist on that end wanting pretty much was asked for here, a way to positively identify each citizen to be able to link them to crimes and such. Of course they could also use it to frame someone pretty easily (it's easy to get people's DNA, just take one garbage bag and you'd have enough to plant in any crime scene).
So the window is being shoved, but it's not being shoved left or right, it's being shoved towards a more totalitarian government.
Link
Proxies are supposed to embed the actual IP address of the end-client in the HTTP headers, so that load balancing can work properly. While there may be some that don't, most transparent proxies do. You do know that there are ISPs that have transparent proxies to cache the data and reduce their Internet exchange bandwidth, right? That's what happened in that story where people were getting into each others Facebook accounts on their cell phones - the cell phone company proxy was screwed up.
I agree. A lot of people throw around the word right too, well, liberally. There are very few rights in this world. The right to view content without ads is non-existent. If there were such a right, and the people creating content didn't want to, or couldn't afford to, what would you do? Would you force them to create content? Would you enslave them, making them toil away at creating content for no pay? Of course not.
At the same time, the content creators have no right to ad revenue. If people don't want to view their sites with ads, then you can't force them to. Well, I suppose you can turn your web pages into one large dynamically created JPEG per page, with the ads embedded. But you can't force people to view your web site at all, let alone force them to run intrusive JavaScript and untrusted code from third party ad servers.
The content providers certainly have a right to say what they want, and to try and find an alternate business model that works for them. The content viewers, or consumers, have the right to choose what content they consume, or whether to consume any at all.
If the model that the providers use is not acceptable to the consumers, then the providers will just have to find something else to do, and the consumers will have to find a different provider. That's called the free market, which doesn't have anything to do with whether the content is free or not.
Actually, it is my understanding that the law removes special exemptions that certain people had that allowed them to basically work for one company full-time, for very long periods, but still claim they were a contractor. You can't have it both ways. Either you are a contractor and do a bunch of short term jobs for a bunch of different companies, or you are a permanent employee of one company. See the other Slashdot article. It's just a scam.
The parent is marked 5: Funny, but honestly this is the first thing I thought of. If he is a night-guard, he should be doing his job and paying attention to whatever he is supposed to be guarding. It may be a plain looking warehouse door, and nothing exciting. They are not paying him for exciting work, nor are they paying him to read books and do other work while on the job. They are paying him to pay attention to what he is supposed to be guarding, and to be ready if he must take action. Personally, it kind of ticks me off that people with a "boring" job like that are getting paid, however small the pay is, while not doing their job. If I had his fingerprints I'd report him and have them dock his pay.
I'm no expert on this, but I suppose you can look at it like this. A "real" contractor is not just doing work for a company 9-5 for long periods of time (many months or years). Part of what a "real" contract has to do, by definition, is invest some capital into the whole self-owned business. They have to do a certain amount of sales work. They don't get paid for that. When they land a contract, the business is getting paid to do a specific job. They take their "salary" out of the price for that contract, and the rest goes to cover the business costs (home-office, work computers, sales, etc). It can reasonably be viewed that any leftover dollars after paying for the business is viewed as capital gains over what it cost to fund the business itself. I think that is reasonable. Now, I work for a large engineering consulting company. It is not a one-man show for me, but the concepts are the same. Some may argue that it does take one-man show independently owned consultants many months or years to work on large projects, but I agree with other comments that the only honest jobs that take that long are huge jobs that a larger consulting company would engage in, not a lone engineer / programmer. One guy working at a company for two years doing 9-5 work, whether programming or some other consulting work, is I believe just a way for both the business and "consultant" to cheat the system. If a company were to hire many one-man consulting firms to fill a need for a "team" of independent consultants over the long term, it becomes even more transparent that they are just trying to cheat the system. I think the guy was nuts, and was by definition a terrorist.