So you'd find it acceptable for a seven year old to be taught the explicit details of sex ? A 13 year old knows them, including a number of sexual practices beyond the basic "missionary position". It seems to me that you are suggesting that a seven year old can handle 13 year old plus violence, I think that also indicates that you think a seven year old can also be informed of 13 year old plus knowledge of sex. Is that the case ?
Parental responsiblity can only allow so much, after that, you have to start questing the ability of the parent to make a responsible and rational judgement. In my opinion, letting a seven year old see a movie that is rated at near or double the age of the child is the parent being irresponsible.
I don't have a huge amount of experience with Compaq hardware, however, when I was spec'ing Compaq servers back in 1998, I found their server oriented feature set to be another level higher than the alternative HP or IBM servers. The just seemed to be in another class. Operational Hour counters (the only other devices I've encountered them on is industrial earth moving equipment), remote management utilities to tell you model numbers, vacant RAM slots etc., and it was all very integrated. I'm not all that surprised that when HP took over Compaq they dumped their own server line, even thought the HP servers were quite good.
I'm also pretty happy with my Compaq Deskpro PC that I bought in 1999. I've got to the point were I don't want to build my own PCs anymore, and I wanted a well built machine that I could rely on. I had a trade account with a wholesaler, and bought a Compaq. Although I did pay a bit of a premium to buy an "enterprise" class machine for home, I haven't regretted it since.
Compaq probably stuffed up the DEC aquisition, although that may depend on why the did it in the first place. I seem to remember that Compaq wanted the DEC service organisation, and to get it, they also had to accept the DEC Unix / Alpha CPU business. Probably if they had an option they would have chosen not to aquire that side of the business. I'd think that letting the Unix / Alpha business "slide" over the years probably wasn't of great concern to the Compaq management, as much as it was unfortunate to have to do it to their customers.
I have sat with her and watched A New Hope, which she thoroughly enjoyed, but having seen Sith myself, I think the scene of Anakin's "disfigurement" was a wee bit much for a child of her age, and I don't know how mature this guy's seven year old is, but is ANY child of that age ready for something like that?
I'm amazed people are letting their extemely young children watch movies that are rated at least DOUBLE the age the child is. Are those same parents going to be the ones to complain they don't understand why when their child reaches adolescence and starts shooting other kids at school ?
I'm all for parents making appropriate choices for their children, and only getting guidence from things such as movie ratings. However, I think a parent is being extremely irresponsible taking a seven year old child to a movie that is rated 15+. Why would it be rated 15+ if the movie is suitable for seven year olds ? They are effectively claiming that their seven year old has the mental maturity of a 15 year old. If a parent went to a PTA meeting and started claiming their seven year old had the mental maturity of a 15 year old, how many other parents would take their claims seriously. I'd think none !
Maybe there is a chance the child is possibly that mature, it seems to me that the parent isn't !
He might be "complaining" about taking a salary cut (although I doubt he is actually complaining), however, he could have turned down the job if he didn't like his package. He's obviously quite happy with the situation, otherwise he would have left. I'm sure he could find another, higher paying job if he wanted or needed to.
Google wanted him to work for them, he sounds like he wanted to work for Google. An amicable deal was struck, which doesn't have to reflect the market value of his skills at all...
and he may have also received stock options, which can technically not be called "salary", as they may, although unlikely in Google's case, end up worthless (like my Worldcom Options).
I don't know that much detail about his work history, however, it seemed that he and Bill Cheswick had been at AT&T / Lucent / Bell Labs forever, working away on information security. I noticed he recently left, as had Bill, which, after staying with an organisation for 15 or more years, usually means something significant is happening.
Plextor may be doing a couple things. First and foremost, they're making sure no unauthorized Open Source projects spring up. They have no interest in supporting the software unless they wrote it. I can understand this motivation. We all remember the Mandrake Linux release that killed some CD RW drives, and Plextor is no doubt concerned about a similar problem for them.
Plextor would have nothing to fear if they've followed the ATAPI / MMC specifications correctly. Those drives that died (I had one) implemented something like a firmware flash (or "trash") command using the same opcode as the write cache flush command (or something similar, the details in my head are fading). On a CD-ROM drive, write cache flush obviously is unnecessary, however, that doesn't mean that the opcode can be grabbed to be used for something else. The CD-ROM manufacturer was the root cause of this problem.
From what I've read (I think in Bruce Schneier's "Secrets and Lies"), software was freely shared between mainframe users and manufacturers, even to the point where the source code for the OS was provided with the mainframe. I think RMS could only be credited with the idea of "free as in speech" software, not "free as in beer" software. Software in the public domain has been around for a lot longer than since the 80s.
because I want to run Linux on a PowerPC. I can get a open standard VoIP phone for Linux on Power PC fortunately, however, I then can't talk to Skype users. Maybe open standard VoIP would be better, to avoid Skype vendor lock-in.
Sure Skype is a closed source product, but so was my landline. Lesser (and cheaper) of two evils.
The main issue with Skype isn't whether it is closed source or not, it is that it uses proprietory protocols. You can't get a "skype phone" from anybody else other than skype. While a "skype phone" is free (as in beer), there must be a reason why they continue to use proprietory standards. You'll be paying somewhere else. Generally, it is likely to be Vendor lock-in, it is just not obvious yet how they're going to leverage their vendor lock-in once they have enough users locked-in. One day it will be obvious.
If you read the wikipedia article above, you might be wondering what the "switching costs" are when using skype. They are the cost in having the people you talk to change to a different (and hopefully open) VoIP system. If you and you're 5 friends are all using Skype, and you want to change to something else (you personally don't like the Skype interface for example, or want to run Linux on a PPC), yet still want to communicate with them, whether you can change or not depends on getting unanimous agreement from all you're 5 friends. Contrast that with existing telephone systems. If I want a new mobile phone, I just buy one - I don't have to "market" the idea successfully to the friends I talk to using the phone before I do it.
It's all about vendor lock-in. User friendly software isn't isolated to proprietory protocols.
Imagine "Proprietory batteries not included" on a the box a toy comes with. You might have a cupboard full of batteries, however, if you don't have the right proprietory one, the kid with the new toy on Christmas day won't be able to play with it.
Imagine having to buy a TV set for each channel you wanted to watch. Imagine having to buy manufacturer made petrol for each different car. Imagine having to only park in manufacturer made car parks. Imagine only being able to drive on manufacturer made roads....
However, NAT/NAPT is like being in a tent (no one can "see" me) vs. being in a bunker. Not a viable security model, IMHO.
Hiding from your enemy is a quite effective form of defence. It has been quite successful for many, many animals and insects, such as zebras, chameleons, cheetahs etc. Hiding in a tent is also a reasonable form of defence, as long as the tent is camouflaged. The world's Armies are quite happy with the "hiding" technique.
Are you stretching the meaning of "no security in obscurity" theorem ? Have a read of
Nothing wrong with obfuscation. People are blindly quoting the "no security in obscurity" without understanding that it was specifically referring to the security of cryptographic algorithms, rather than it just being a general security rule.
Hiding shouldn't be the only level of defense, as it usually isn't that strong, which is why animals that use it usually have other security mechanisms they can fall back on. However, it certainly can be useful.
P.S., have a look at my Slashdot ID - do you think I'd recommend NAT in any situation with an ID like that ?
Have you misunderstood my "NAT greather than Firwall" ? I was trying to convey that NAT is a combination of two functions, address space expansion via translation and a level of firewalling, although one mistake I've made is to use "NAT" when I really should have used NAPT or Network Address Port Translation, which is the commonly implemented form of NAT.
NAPT prevents inbound connections which I think is a reasonable, base level of security, and, compared to no security at all would be effective enough a preventing attacks that rely on uninitiated incoming connections succeeding.
and that is the mistake that the OP was making. NAT inherently provides a firewall function, in addition to address space expansion. Firewalling however is not a NAT exclusive feature - public address space with "conventional" firewalling is just as effective security-wise as NAT firewalling, and with IPv6, you don't need the address expansion function that NAT provides.
I agree with your argument about IPv6. The problem is that that is one of the main ways that the NAT hack is marketed. It is a furphy in both cases, so shouldn't be used in either. The real issue worth considering is what benefits does IPv6 give over IPv4 by itself, and IPv4 and NAT in combination. There are a number of them.
For example, NAT prevents the ability to easily move to new transport protocols, by forcing the user of the new transport protocol to have to upgrade all intermediary NAT devices between the transport protocol end-points.
A new UDP like transport protocol is comming, called DCCP or Datagram Congestion Control Protocol. One problem with UDP is that it an application using it can just send packets into the network, irrespective of the congestion state of the network. This means that if the network is overloaded, UDP won't adapt - it just keeps sending packets in at the same rate, irrespective of whether those packets get delivered or not. This not only is wasteful for the application using UDP, it also impacts other users of the network, such as applications using TCP. A UDP like protocol that adapts to the available capacity of the network would be useful - and that is what DCCP is. DCCP would be much better to use for VoIP because of this capability.
Since I don't use NAT, and as long as there aren't any NAT boxes between me and anybody I'd like to have a VoIP over DCCP converstation, to deploy DCCP all that is required is for me to upgrade my PC's local software, and for my VoIP recipient to upgrade theirs - no network devices (ie. routers) would have to be upgraded. If they did, I, nor my VoIP recipient have the ability to do that, as we don't own them. Yet we do have absolute control of our PCs, so we can upgrade them when ever we like.
Now, imaging if NAT was between one of us. There are now a number of problems trying upgrade to NAT. (a) If neither of us have administrative capabiliity on the NAT box, neither of us can upgrade it. (b) Even if we can upgrade the NAT box(es), DCCP support needs to be available within the NAT software, which only may be the case with some NAT devices, but not others. Imagine if there were two NAT devices, with one being able to be upgraded to DCCP capable, but one not because the manufacture doesn't release software for it any more, as they have end-of-lifed it.
Now, swap out NAT for plain IP router in the above, and you'll see that all these problems disappear. If I, and my VoIP call recipient want to use DCCP, all we have to do is upgrade our end-node software, and we can instantly use DCCP.
Slashdot Mirror
So you'd find it acceptable for a seven year old to be taught the explicit details of sex ? A 13 year old knows them, including a number of sexual practices beyond the basic "missionary position". It seems to me that you are suggesting that a seven year old can handle 13 year old plus violence, I think that also indicates that you think a seven year old can also be informed of 13 year old plus knowledge of sex. Is that the case ?
Here in AU, it is 15 years or older.
Parental responsiblity can only allow so much, after that, you have to start questing the ability of the parent to make a responsible and rational judgement. In my opinion, letting a seven year old see a movie that is rated at near or double the age of the child is the parent being irresponsible.
I don't have a huge amount of experience with Compaq hardware, however, when I was spec'ing Compaq servers back in 1998, I found their server oriented feature set to be another level higher than the alternative HP or IBM servers. The just seemed to be in another class. Operational Hour counters (the only other devices I've encountered them on is industrial earth moving equipment), remote management utilities to tell you model numbers, vacant RAM slots etc., and it was all very integrated. I'm not all that surprised that when HP took over Compaq they dumped their own server line, even thought the HP servers were quite good.
I'm also pretty happy with my Compaq Deskpro PC that I bought in 1999. I've got to the point were I don't want to build my own PCs anymore, and I wanted a well built machine that I could rely on. I had a trade account with a wholesaler, and bought a Compaq. Although I did pay a bit of a premium to buy an "enterprise" class machine for home, I haven't regretted it since.
Compaq probably stuffed up the DEC aquisition, although that may depend on why the did it in the first place. I seem to remember that Compaq wanted the DEC service organisation, and to get it, they also had to accept the DEC Unix / Alpha CPU business. Probably if they had an option they would have chosen not to aquire that side of the business. I'd think that letting the Unix / Alpha business "slide" over the years probably wasn't of great concern to the Compaq management, as much as it was unfortunate to have to do it to their customers.
I have sat with her and watched A New Hope, which she thoroughly enjoyed, but having seen Sith myself, I think the scene of Anakin's "disfigurement" was a wee bit much for a child of her age, and I don't know how mature this guy's seven year old is, but is ANY child of that age ready for something like that?
I'm amazed people are letting their extemely young children watch movies that are rated at least DOUBLE the age the child is. Are those same parents going to be the ones to complain they don't understand why when their child reaches adolescence and starts shooting other kids at school ?
I'm all for parents making appropriate choices for their children, and only getting guidence from things such as movie ratings. However, I think a parent is being extremely irresponsible taking a seven year old child to a movie that is rated 15+. Why would it be rated 15+ if the movie is suitable for seven year olds ? They are effectively claiming that their seven year old has the mental maturity of a 15 year old. If a parent went to a PTA meeting and started claiming their seven year old had the mental maturity of a 15 year old, how many other parents would take their claims seriously. I'd think none !
Maybe there is a chance the child is possibly that mature, it seems to me that the parent isn't !
Blind pigs would be better for truffle finding, as they wouldn't be visually distracted by sexy female pigs walking by ...
He might be "complaining" about taking a salary cut (although I doubt he is actually complaining), however, he could have turned down the job if he didn't like his package. He's obviously quite happy with the situation, otherwise he would have left. I'm sure he could find another, higher paying job if he wanted or needed to.
Google wanted him to work for them, he sounds like he wanted to work for Google. An amicable deal was struck, which doesn't have to reflect the market value of his skills at all ...
and he may have also received stock options, which can technically not be called "salary", as they may, although unlikely in Google's case, end up worthless (like my Worldcom Options).
I don't know that much detail about his work history, however, it seemed that he and Bill Cheswick had been at AT&T / Lucent / Bell Labs forever, working away on information security. I noticed he recently left, as had Bill, which, after staying with an organisation for 15 or more years, usually means something significant is happening.
Plextor may be doing a couple things. First and foremost, they're making sure no unauthorized Open Source projects spring up. They have no interest in supporting the software unless they wrote it. I can understand this motivation. We all remember the Mandrake Linux release that killed some CD RW drives, and Plextor is no doubt concerned about a similar problem for them.
Plextor would have nothing to fear if they've followed the ATAPI / MMC specifications correctly. Those drives that died (I had one) implemented something like a firmware flash (or "trash") command using the same opcode as the write cache flush command (or something similar, the details in my head are fading). On a CD-ROM drive, write cache flush obviously is unnecessary, however, that doesn't mean that the opcode can be grabbed to be used for something else. The CD-ROM manufacturer was the root cause of this problem.
The retarded poster's grammar is retarded. It should have been :
You're retarded.
Thanks for the link.
cause that was when they were born.
Pg 536.
From what I've read (I think in Bruce Schneier's "Secrets and Lies"), software was freely shared between mainframe users and manufacturers, even to the point where the source code for the OS was provided with the mainframe. I think RMS could only be credited with the idea of "free as in speech" software, not "free as in beer" software. Software in the public domain has been around for a lot longer than since the 80s.
There is some precedence with the spyware or malware allegations, so that does put a small amount of weight on the claims the parent poster made.
STUN - Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs)
because I want to run Linux on a PowerPC. I can get a open standard VoIP phone for Linux on Power PC fortunately, however, I then can't talk to Skype users. Maybe open standard VoIP would be better, to avoid Skype vendor lock-in.
Sure Skype is a closed source product, but so was my landline. Lesser (and cheaper) of two evils.
The main issue with Skype isn't whether it is closed source or not, it is that it uses proprietory protocols. You can't get a "skype phone" from anybody else other than skype. While a "skype phone" is free (as in beer), there must be a reason why they continue to use proprietory standards. You'll be paying somewhere else. Generally, it is likely to be Vendor lock-in, it is just not obvious yet how they're going to leverage their vendor lock-in once they have enough users locked-in. One day it will be obvious.
If you read the wikipedia article above, you might be wondering what the "switching costs" are when using skype. They are the cost in having the people you talk to change to a different (and hopefully open) VoIP system. If you and you're 5 friends are all using Skype, and you want to change to something else (you personally don't like the Skype interface for example, or want to run Linux on a PPC), yet still want to communicate with them, whether you can change or not depends on getting unanimous agreement from all you're 5 friends. Contrast that with existing telephone systems. If I want a new mobile phone, I just buy one - I don't have to "market" the idea successfully to the friends I talk to using the phone before I do it.
It's all about vendor lock-in. User friendly software isn't isolated to proprietory protocols.
Imagine "Proprietory batteries not included" on a the box a toy comes with. You might have a cupboard full of batteries, however, if you don't have the right proprietory one, the kid with the new toy on Christmas day won't be able to play with it.
Imagine having to buy a TV set for each channel you wanted to watch. Imagine having to buy manufacturer made petrol for each different car. Imagine having to only park in manufacturer made car parks. Imagine only being able to drive on manufacturer made roads. ...
There can be only three stuntaz. Don't hate... appreciate.
However, NAT/NAPT is like being in a tent (no one can "see" me) vs. being in a bunker. Not a viable security model, IMHO.
Hiding from your enemy is a quite effective form of defence. It has been quite successful for many, many animals and insects, such as zebras, chameleons, cheetahs etc. Hiding in a tent is also a reasonable form of defence, as long as the tent is camouflaged. The world's Armies are quite happy with the "hiding" technique.
Are you stretching the meaning of "no security in obscurity" theorem ? Have a read of Nothing wrong with obfuscation. People are blindly quoting the "no security in obscurity" without understanding that it was specifically referring to the security of cryptographic algorithms, rather than it just being a general security rule.
Hiding shouldn't be the only level of defense, as it usually isn't that strong, which is why animals that use it usually have other security mechanisms they can fall back on. However, it certainly can be useful.
P.S., have a look at my Slashdot ID - do you think I'd recommend NAT in any situation with an ID like that ?
I think the parent is referring to the IO ports (sometimes called registers) on the IO bus, not the CPU registers.
Have you misunderstood my "NAT greather than Firwall" ? I was trying to convey that NAT is a combination of two functions, address space expansion via translation and a level of firewalling, although one mistake I've made is to use "NAT" when I really should have used NAPT or Network Address Port Translation, which is the commonly implemented form of NAT.
NAPT prevents inbound connections which I think is a reasonable, base level of security, and, compared to no security at all would be effective enough a preventing attacks that rely on uninitiated incoming connections succeeding.
and that is the mistake that the OP was making. NAT inherently provides a firewall function, in addition to address space expansion. Firewalling however is not a NAT exclusive feature - public address space with "conventional" firewalling is just as effective security-wise as NAT firewalling, and with IPv6, you don't need the address expansion function that NAT provides.
I agree with your argument about IPv6. The problem is that that is one of the main ways that the NAT hack is marketed. It is a furphy in both cases, so shouldn't be used in either. The real issue worth considering is what benefits does IPv6 give over IPv4 by itself, and IPv4 and NAT in combination. There are a number of them.
For example, NAT prevents the ability to easily move to new transport protocols, by forcing the user of the new transport protocol to have to upgrade all intermediary NAT devices between the transport protocol end-points.
A new UDP like transport protocol is comming, called DCCP or Datagram Congestion Control Protocol. One problem with UDP is that it an application using it can just send packets into the network, irrespective of the congestion state of the network. This means that if the network is overloaded, UDP won't adapt - it just keeps sending packets in at the same rate, irrespective of whether those packets get delivered or not. This not only is wasteful for the application using UDP, it also impacts other users of the network, such as applications using TCP. A UDP like protocol that adapts to the available capacity of the network would be useful - and that is what DCCP is. DCCP would be much better to use for VoIP because of this capability.
Since I don't use NAT, and as long as there aren't any NAT boxes between me and anybody I'd like to have a VoIP over DCCP converstation, to deploy DCCP all that is required is for me to upgrade my PC's local software, and for my VoIP recipient to upgrade theirs - no network devices (ie. routers) would have to be upgraded. If they did, I, nor my VoIP recipient have the ability to do that, as we don't own them. Yet we do have absolute control of our PCs, so we can upgrade them when ever we like.
Now, imaging if NAT was between one of us. There are now a number of problems trying upgrade to NAT. (a) If neither of us have administrative capabiliity on the NAT box, neither of us can upgrade it. (b) Even if we can upgrade the NAT box(es), DCCP support needs to be available within the NAT software, which only may be the case with some NAT devices, but not others. Imagine if there were two NAT devices, with one being able to be upgraded to DCCP capable, but one not because the manufacture doesn't release software for it any more, as they have end-of-lifed it.
Now, swap out NAT for plain IP router in the above, and you'll see that all these problems disappear. If I, and my VoIP call recipient want to use DCCP, all we have to do is upgrade our end-node software, and we can instantly use DCCP.