Whose word are you going by? The same guys who cry for Jihad when Taco Bell screws up their order?
There have been MANY reports of Iraq shooting at pilots in the no-fly zone. I don't really doubt that, since it was also well known that Iraq refused to acknowledge the no-fly zone at all.
I'm going to start the first zero-grav peepshow! That's really a much more relevant idea than military in space, competition and research to find new ways to shuttle up rich perverts is a lot more promising than waiting for govt development. Besides, who knows how long it'll take for a war to be provoked in space? OTOH, Net-porn users are always interested in a new kink.
Hmm.. how about.. ANY other registrar? NetSol operates on legacy, they don't have any built-in features or special performance that justifies their $35, except that it's a bitch to transfer domains.
I use Register.com, because it includes DNS controls. GoDaddy.com is well known as a cheap, no-bullshit service, and there are many more in between.
Yes, but this isn't regarding all 404 errors. It's a lot better to know that the entire site doesn't exist rather than just not having the page you're looking for.
Again, web traffic does not encompass all internet facilities. It may not matter to you why you can't reach some site, but it definitely matters to other systems that don't expect to be redirected.
I think you'd need the biggest DDOS in history to have any effect. The root servers are designed for a heck of a lot of redundancy and they sit in the biggest peering points in the world. I'm sure it'd be nothing for them to add in a few more distributed SiteFinder servers and be just as untouchable.
This is hardly an 'innovation'. Register.com got spanked for putting up a welcome page on registered domains without a specified website. Verisign should get some serious lumps for doing it to unregistered domains that they don't even have any specific rights to.
CCTLDs can kind of get away with their redirects because they're usually managed by a single registrar. Claiming the entire.com and.net TLDs is robbing all the other registrars that are supposed to be equal.
I hope GoDaddy's lawsuit totally ownzors Verisign. I mean like, literally... ICANN should threaten to completely revoke stewardship of the root nameservers for bullshit like this. Network Solutions was a disaster, and it's only getting worse now that it has to share. What do you do with a 2-year old that can't share? Take his toys away and stand him in the corner.
How does DRM have *anything* to do with viruses? And it's already illegal, evidenced by the feds busting the guy who thought he'd be cool for releasing a Blaster variant.
I think putting some pain back in virus infection would be an excellent teaching tool. Look at how much agony Blaster caused, and that was only slowdown and rebooting cycles! I don't think it needs to be taken so far as self-destructing an infected host, but doing something so patently annoying that users LEARN from it is great.
If they don't want to learn, fine. That's what the IT department is paid for, right? They aren't completely blameless in this picture either. If The Boss finds out his IT slackers failed to protect the users from a simple threat, it'll be their ass. As it should be.
No way is Best Buy going to print a unique barcode for every single CD on their shelf. So CDs will never be tracked. I'd imagine something similar would happen with watermarking. Either it'd be too much trouble for the source to customize each download, too hard to track a billion individual codes, or too easy for some bright young warez'er to make a 500kb program to blank out the file ID.
With the damnation promised me by high school teachers for not citing references in a paper, this can't be right. Now, that was more concerned with acknowledging sources and not copying, but even acknowledging sources would make the SCO/Linux tussle an open-and-shut case.
SCO: Hey! You're copying our source! Dev: Hey, you're right. Let me fix that, just give me 5 minutes, and I'll clean up the syntax a bit too. SCO: No, wait! We want to sue you! Punitive damages! Now your product is better than ours! Arrrg!
It isn't always like that. Philips did a nice little slap in the face for BMG last year when the last wave of copy-protection schemes came out:
The Reg
Although with the kindergaten-level approach they're trying here, hushed whispers of conspiracy and technical mastery are hardly needed. Does it break the DMCA if you duplicate a DRM disc without even knowing that you shouldn't be able to?
This is a nice proposal, but it depends heavily on spammers using their own servers. Anyone blindly running mail through an insecure formmail or open relay wouldn't be bothered by tarpits.
But I don't know the current habits of spammers, are they still using unwitting relays often?
Now, I loved Opera. I loved Netscape 4.x too, more recent versions don't seem so hot. But guess what browsers have trouble displaying a lot of sites?
And guess what browser works universally, despite underhanded 'features' and 'standards'?
I have no love for IE, but I use it, because the alternatives just don't work as well. If Opera would fix its Java support, I'd even go so far as to pay for a copy. Until then, IE will always be my browser of reluctant choice.
This is exactly why Adobe came up with eBooks. I'm reading electronic copies of books more frequently now, and aside from bad OCR scans, it's not such a big difference from paper. Just crank up the monitor resolution, grab a wireless mouse and lean back in a comfy chair.
Is it the same? No. But don't forget there's also the instant availability of electronic media, and also of handy links to reviews, interpretations, translations, alternate storylines, and porn fanfiction of the same material you want to read.
How about something as basic as filtering a whois list with the same primary nameserver? Or maybe the webserver has each client on a sequential IP?
Even an unhappy ex-employee is a rich source of information. I remember plenty of client names from a year back. I didn't sneak out a list or even bother committing it to memory, I just remember who I've dealt with before.
Especially since there was a peace offering given with the monitors. You tried to mitigate the load and still provide information that would be useful in continuing their services. They refused it and continued abusing. Now they get nothing.
I think a notice to customers explaining the issue would put them at ease and they'd quickly ignore the scam. Providing similar tools directly to customers would be a good idea if you haven't already, just as a good faith offering. They probably don't want or even need monitoring, but it'll help show that you're not trying to hide anything.
And so what if they did? Is it such a crime to not be able to handle a sudden freakish overload? Especially for the bargain-basement services, you can't bitch about non-dedicated bandwidth. You get what you pay for.
I've worked in the ISP biz, and this is SOP everywhere because it's the only way to make any profit. You figure out how much traffic normally passes in peak hours, allow for maybe 50% more, and that's that. The only real variable is the margin of allowance, but I guarantee that nobody in their right mind builds 100% capacity unless they truly experience 100% utilization. That's exceedingly rare unless the customer has good traffic priority controls, it usually means they're experiencing slowdowns at peak when they need it most and salesmen are pestering them to upgrade.
1- Look up the IP under ARIN to see who it's been assigned to at the class C level. 2- Curse creatively as the IP turns up to be from APNIC, and thus has no contact information you can act on. 3- Beer.
Why? Why does there "need to be some form of ability to track someone"? You're not trackable in your car
That's almost a good comparison, but take it a little further. When you're driving along, nobody cares what your license plate is, but if you pull a hit-and-run, it's there as a way to track you down. On the net it's a little different because you do have the ability to protect yourself, but through security is beyond the ability of average users.
I'm not sure if a blind address allocation is a good idea or not. Sure, it'll be highly desirable as a hacking source, but how much of a threat would that really amount to? Given the nature of how people act when they think they're anonymous, it'd be a disaster, but it's hard to tell for sure. With anonymity also comes the threat of retaliation, so they might behave a little better. You'd definitely want to have heightened security for such a network, at the very least a clear warning that the network is not intended for casual users.
DOS attacks would still call for ISP intervention, but that could be as simple as a flood-detecting firewall that reclaims the abuser's IP and locks their connection for a few hours. Just because there's no logging doesn't mean they can't keep track of the current IP assignments.
This is flat-out stupid. Not to mention the legal problems with enforcing, but this would totally screw up the current net structure. I'm perfectly happy the way things are now, where the punishment IS the multitude of viruses trashing an insecure user. If traffic volume is the concern, go after spam first.
Anyone have stats on how much bandwith goes through the various Mae West peering points in a single hour? And you want to scan that UNGODLY amount of traffic for viruses? It's flat-out impossible for someone like UUnet to sort, assemble and scan every traffic stream just to see if it might have a virus. The amount of RAM needed for that buffer doesn't even exist in a geek's wet dream. So ISPs could never police each other, let alone filter infected traffic that's coming from a peer.
Okay, so the part about determining fines is pretty silly, how about the ISP controlling its users? Gonna need some major high-dollar router/firewall units or servers to handle this traffic in near real-time. Better throw in one for each datacenter, so you don't have to backtrack traffic just to get it scanned. Hmm, looks like we'll need some more techies, viruses spread fast and fixes might not be as simple as a firmware update. Oh yeah, and those highly trained techs will need to be on-call so we can raise them any time there's an outbreak alert, and they can't be contractors since they'll be busy trying to fix filtering devices for a lot of other companies all at once. Whew, good thing we went to all this expense so we don't get fined, but it looks like we'll have to recover costs by... oh wait, there's no positive incentive for us.
NO FUCKING WAY am I gonna pay more for access, deal with longer latency, and have 99% of foreign networks inaccessible.
But it's nice that he threw in a plug for his own data security company in the middle of the proposal.
Not to mention the difficulty of defining a reasonable amount of self-protection. If someone creative roots me through an unknown exploit, am I at fault? What about an exploit that's been made public but no fix is available yet? What if a fix is available, but it hasn't been picked up by my weekly auto-update yet? What if I'm using Windows95, and there's a fix, but it requires hours of searching because the OS is no longer supported?
Why you don't want let India-Indian in your country now?
Excuse me sir, your words seem to have accidentally fallen into my mouth. Nobody said they don't want Indians around. Ever. In the entire thread so far, not even an AC. We're sick of having unqualified and/or unneeded immigrants coming under the pretense that we need more middle-class labor. Read the article.
Slashdot Mirror
Whose word are you going by? The same guys who cry for Jihad when Taco Bell screws up their order?
There have been MANY reports of Iraq shooting at pilots in the no-fly zone. I don't really doubt that, since it was also well known that Iraq refused to acknowledge the no-fly zone at all.
I'm going to start the first zero-grav peepshow! That's really a much more relevant idea than military in space, competition and research to find new ways to shuttle up rich perverts is a lot more promising than waiting for govt development. Besides, who knows how long it'll take for a war to be provoked in space? OTOH, Net-porn users are always interested in a new kink.
Hmm.. how about.. ANY other registrar? NetSol operates on legacy, they don't have any built-in features or special performance that justifies their $35, except that it's a bitch to transfer domains.
I use Register.com, because it includes DNS controls. GoDaddy.com is well known as a cheap, no-bullshit service, and there are many more in between.
Yes, but this isn't regarding all 404 errors. It's a lot better to know that the entire site doesn't exist rather than just not having the page you're looking for.
Again, web traffic does not encompass all internet facilities. It may not matter to you why you can't reach some site, but it definitely matters to other systems that don't expect to be redirected.
I think you'd need the biggest DDOS in history to have any effect. The root servers are designed for a heck of a lot of redundancy and they sit in the biggest peering points in the world. I'm sure it'd be nothing for them to add in a few more distributed SiteFinder servers and be just as untouchable.
This is hardly an 'innovation'. Register.com got spanked for putting up a welcome page on registered domains without a specified website. Verisign should get some serious lumps for doing it to unregistered domains that they don't even have any specific rights to.
.com and .net TLDs is robbing all the other registrars that are supposed to be equal.
CCTLDs can kind of get away with their redirects because they're usually managed by a single registrar. Claiming the entire
I hope GoDaddy's lawsuit totally ownzors Verisign. I mean like, literally... ICANN should threaten to completely revoke stewardship of the root nameservers for bullshit like this. Network Solutions was a disaster, and it's only getting worse now that it has to share. What do you do with a 2-year old that can't share? Take his toys away and stand him in the corner.
How does DRM have *anything* to do with viruses? And it's already illegal, evidenced by the feds busting the guy who thought he'd be cool for releasing a Blaster variant.
I think putting some pain back in virus infection would be an excellent teaching tool. Look at how much agony Blaster caused, and that was only slowdown and rebooting cycles! I don't think it needs to be taken so far as self-destructing an infected host, but doing something so patently annoying that users LEARN from it is great.
If they don't want to learn, fine. That's what the IT department is paid for, right? They aren't completely blameless in this picture either. If The Boss finds out his IT slackers failed to protect the users from a simple threat, it'll be their ass. As it should be.
No way is Best Buy going to print a unique barcode for every single CD on their shelf. So CDs will never be tracked. I'd imagine something similar would happen with watermarking. Either it'd be too much trouble for the source to customize each download, too hard to track a billion individual codes, or too easy for some bright young warez'er to make a 500kb program to blank out the file ID.
With the damnation promised me by high school teachers for not citing references in a paper, this can't be right. Now, that was more concerned with acknowledging sources and not copying, but even acknowledging sources would make the SCO/Linux tussle an open-and-shut case.
SCO: Hey! You're copying our source!
Dev: Hey, you're right. Let me fix that, just give me 5 minutes, and I'll clean up the syntax a bit too.
SCO: No, wait! We want to sue you! Punitive damages! Now your product is better than ours! Arrrg!
It isn't always like that. Philips did a nice little slap in the face for BMG last year when the last wave of copy-protection schemes came out: The Reg
Although with the kindergaten-level approach they're trying here, hushed whispers of conspiracy and technical mastery are hardly needed. Does it break the DMCA if you duplicate a DRM disc without even knowing that you shouldn't be able to?
Excellent idea. I hear them-there spammers on the dang ol' webbernet ALWAYS use valid reply-to addresses.
This is a nice proposal, but it depends heavily on spammers using their own servers. Anyone blindly running mail through an insecure formmail or open relay wouldn't be bothered by tarpits.
But I don't know the current habits of spammers, are they still using unwitting relays often?
Now, I loved Opera. I loved Netscape 4.x too, more recent versions don't seem so hot. But guess what browsers have trouble displaying a lot of sites?
And guess what browser works universally, despite underhanded 'features' and 'standards'?
I have no love for IE, but I use it, because the alternatives just don't work as well. If Opera would fix its Java support, I'd even go so far as to pay for a copy. Until then, IE will always be my browser of reluctant choice.
When someone is explaining to you about a 400-ton truck, does it really matter if that refers to the weight or the capacity?
This is exactly why Adobe came up with eBooks.
I'm reading electronic copies of books more frequently now, and aside from bad OCR scans, it's not such a big difference from paper. Just crank up the monitor resolution, grab a wireless mouse and lean back in a comfy chair.
Is it the same? No. But don't forget there's also the instant availability of electronic media, and also of handy links to reviews, interpretations, translations, alternate storylines, and porn fanfiction of the same material you want to read.
How about something as basic as filtering a whois list with the same primary nameserver? Or maybe the webserver has each client on a sequential IP?
Even an unhappy ex-employee is a rich source of information. I remember plenty of client names from a year back. I didn't sneak out a list or even bother committing it to memory, I just remember who I've dealt with before.
Especially since there was a peace offering given with the monitors. You tried to mitigate the load and still provide information that would be useful in continuing their services. They refused it and continued abusing. Now they get nothing.
I think a notice to customers explaining the issue would put them at ease and they'd quickly ignore the scam. Providing similar tools directly to customers would be a good idea if you haven't already, just as a good faith offering. They probably don't want or even need monitoring, but it'll help show that you're not trying to hide anything.
And so what if they did? Is it such a crime to not be able to handle a sudden freakish overload? Especially for the bargain-basement services, you can't bitch about non-dedicated bandwidth. You get what you pay for.
I've worked in the ISP biz, and this is SOP everywhere because it's the only way to make any profit. You figure out how much traffic normally passes in peak hours, allow for maybe 50% more, and that's that. The only real variable is the margin of allowance, but I guarantee that nobody in their right mind builds 100% capacity unless they truly experience 100% utilization. That's exceedingly rare unless the customer has good traffic priority controls, it usually means they're experiencing slowdowns at peak when they need it most and salesmen are pestering them to upgrade.
There is such a place.
1- Look up the IP under ARIN to see who it's been assigned to at the class C level.
2- Curse creatively as the IP turns up to be from APNIC, and thus has no contact information you can act on.
3- Beer.
Why? Why does there "need to be some form of ability to track someone"? You're not trackable in your car
That's almost a good comparison, but take it a little further. When you're driving along, nobody cares what your license plate is, but if you pull a hit-and-run, it's there as a way to track you down. On the net it's a little different because you do have the ability to protect yourself, but through security is beyond the ability of average users.
I'm not sure if a blind address allocation is a good idea or not. Sure, it'll be highly desirable as a hacking source, but how much of a threat would that really amount to? Given the nature of how people act when they think they're anonymous, it'd be a disaster, but it's hard to tell for sure. With anonymity also comes the threat of retaliation, so they might behave a little better. You'd definitely want to have heightened security for such a network, at the very least a clear warning that the network is not intended for casual users.
DOS attacks would still call for ISP intervention, but that could be as simple as a flood-detecting firewall that reclaims the abuser's IP and locks their connection for a few hours. Just because there's no logging doesn't mean they can't keep track of the current IP assignments.
This is flat-out stupid. Not to mention the legal problems with enforcing, but this would totally screw up the current net structure. I'm perfectly happy the way things are now, where the punishment IS the multitude of viruses trashing an insecure user. If traffic volume is the concern, go after spam first.
Anyone have stats on how much bandwith goes through the various Mae West peering points in a single hour? And you want to scan that UNGODLY amount of traffic for viruses? It's flat-out impossible for someone like UUnet to sort, assemble and scan every traffic stream just to see if it might have a virus. The amount of RAM needed for that buffer doesn't even exist in a geek's wet dream. So ISPs could never police each other, let alone filter infected traffic that's coming from a peer.
Okay, so the part about determining fines is pretty silly, how about the ISP controlling its users? Gonna need some major high-dollar router/firewall units or servers to handle this traffic in near real-time. Better throw in one for each datacenter, so you don't have to backtrack traffic just to get it scanned. Hmm, looks like we'll need some more techies, viruses spread fast and fixes might not be as simple as a firmware update. Oh yeah, and those highly trained techs will need to be on-call so we can raise them any time there's an outbreak alert, and they can't be contractors since they'll be busy trying to fix filtering devices for a lot of other companies all at once. Whew, good thing we went to all this expense so we don't get fined, but it looks like we'll have to recover costs by... oh wait, there's no positive incentive for us.
NO FUCKING WAY am I gonna pay more for access, deal with longer latency, and have 99% of foreign networks inaccessible.
But it's nice that he threw in a plug for his own data security company in the middle of the proposal.
Not to mention the difficulty of defining a reasonable amount of self-protection. If someone creative roots me through an unknown exploit, am I at fault? What about an exploit that's been made public but no fix is available yet? What if a fix is available, but it hasn't been picked up by my weekly auto-update yet? What if I'm using Windows95, and there's a fix, but it requires hours of searching because the OS is no longer supported?
It's not that simple. How many times has Microsoft gone screaming until it's blue in the face that you shouldn't open e-mail attachments?
If your car has a flaw that causes it to blow up when you park it on top of a roaring campfire, is the manufacturer still to blame?
Why you don't want let India-Indian in your country now?
Excuse me sir, your words seem to have accidentally fallen into my mouth. Nobody said they don't want Indians around. Ever. In the entire thread so far, not even an AC. We're sick of having unqualified and/or unneeded immigrants coming under the pretense that we need more middle-class labor. Read the article.
Oh, how gauche! Use a coaster, even if it is in the holder. Savage.