That makes the general populace idiots, but it doesn't put Gator on the wrong side of the law. They DO give the user a chance to say no...
Yes, the general populace are idiots. But Gator (and others) installation process is a separate issue from what they do to the desktop. This isn't about whether the installation process was legal, it's about whether or not a third party usurping other people's ad space is legal.
No, they paid for the right to have their ad code delivered to the user. If they were guaranteed that a pair of human eyes would see their ad for each and every pageview, then (insert site here)'s Ad Sales department needs a clue.
A "right" (privilige, really) that the third party AdWare effectively blocks. Worse, since the AdWare can be specifically targeted it can replace it with a competitor's ad without the knowledge of the advertiser, the site they are paying, or the end user who's seeing the ad.
Personally, I loathe popups, popunders, banners, what have you. But these legal battles over who and what can mess with people's desktops can't be good for the end users. These things are almost as bad as SPAM. Worse, in some ways, since they can be far more intrusive.
Sure you can, and a lot of us do. The issue is not quite the same. Most Gator installations are done without the knowledge of the person who has it altering their desktop. (Remember, the general populace will click YES to anything) The people advertising on the (insert site here) site paid for that space. The adware effectivelly -steals- the space the rival paid for.
It's like having something on your TV that replaces Pepsi with Coke in every Pepsi commercial you see. Pepsi would have every right to be annoyed and probably sue since they - not the adaware client - paid for the timeslot.
Mixed bag? I think not. It's like a web cookie, easily spoofed, but just as easily verfied. I don't try to believe that a given MAC address is authentic, but I do assume it's unique for that session, and/or matched the MAC number that requested an address from the DHCP server.
I think we're saying more or less the same thing here. "Mixed bag" == Easily spoofed, yet also easy to detect (and prevent) said spoofing.
Your verification program fills the same role as my clueful network admin: one of several ways to make sure the MAC's on the air are who they say they are. I'm sure we could come up with a dozen ways to verify a connection to make sure it wasn't spoofed.
But as you say, it's a pain to keep signing in all the time, which increases user effort and support headaches, which means you'll only implement it for certain situations where the effort is worth it. (Like another place to bill from...)
It's sites with MAC filtering but no authentication where it's easy to spoof and get on the air. Of course, how many sites actually use MAC filtering? I'd guess even fewer than use WEP.
Using AirSnort takes time and patience. For a "large" site where you can get a lot of traffic, or where you're trying to crack your next door neighbor's network where you can get a lot of traffic over time, it's practical.
At a conference, it's unlikely that people will even bother setting up WEP since key management isn't worth the effort.
MAC address filtering is a mixed bag. Yes, it's trivial to alter your own MAC address to impersonate another machine, but the usefulness depends on your environment. A big site probably won't bother with filtering. Too many addresses to track. A small site running MAC filtering may well have a clueful network admin who'll notice homeboy.haxornet.lan's MAC on the air when he -knows- he left that box at the office.
The point was the insecure protocols used over the wireless links. Web, POP, IMAP, telnet, etc., passwords sent in the clear are trivial to sniff in that environment.
As some have already pointed out SSL will cure that issue for quite a number of applications. Using SSH to reach your mail server is another simple "fix" to what is essentially NOT a wireless networking problem.
Re:Concerns - answered in follow up to article
on
RFID Explained
·
· Score: 1
Point taken. Though I suppose it depends on which end of the spectrum you're coming from. From the "They can track a specific target under certain conditions more easily and at longer range than they are saying" standpoint, we're on the same page. Science and technology agree.
At the extremes: "It can't be done at all, ever, no one can track anyone" is over-simplifying it and ignoring the reality, where there are tradeoffs between range and 'volume'. Saying "They can track anyone anywhere anytime at any range" is abject paranoia and beyond the scope of physics, let alone technology.
To mis-quote: "You can track some of the people all of the time, and all of the people some of the time. But you can't track all the people all the time."
Fair enough assessment?
Re:Concerns - answered in follow up to article
on
RFID Explained
·
· Score: 1
*chuckles* It's possible to do lots of things, but whether it's practical is the point. Don't confuse the ability to gather a discrete signal at long range with the ability to track a LOT of discrete signals all moving around at long range.
Remember, I said he was over-simplifying the issue.
As I said, there isn't enough space to go into it, and I don't feel like writing a paper on Radio. If the NSA (or anyone with a really gnarly antenna resonant on the righ freq) wants to read the RFID's of every object in my house from a mile away, they could. If they wanted to do it to my moving car dodging through traffic amungst a crapload of over rfid tagged cars, good bloody luck.
High gain antennas are big. You can't get around that. THAT is the point I was trying to get across. Long range requires high gain. Practically, the commercial systems WANT to limit their range because they don't want to get swamped with more signals than they can read. The longer the range, the more devices that will respond. The more that respond, the more their individual signals drown each other out, and the more trouble you have isolating the signal you want. Etc.
While rfid could be (read: is being) used for tracking people and things, it's not as long ranged as some people would have us believe. If the (insert nefarious organization here) wants to "watch me from a mile away" by my RFID tags, they could achieve the same affect by having a cute agent wander around in my general area. I'm more likely to notice the agent, but she'll be a LOT less obvious than a rack of high gain antennas mounted on the side of a truck and she'll have a better chance of not losing me in the background noise.
Re:Concerns - answered in follow up to article
on
RFID Explained
·
· Score: 1
If your experience is as you claim it, I can only conclude that you are intentionally lying. There is no inherent, physics based limitation of "a few feet" to how far these tags can be read: to read the tags from further away, all one needs is a better receiver. Your statement assumes that a newer, better receiver will never be invented or brought to market. Doesn't the NSA do quite a bit of work already on picking up radio signals at a distance?!?
Actually there are "Physics based limitations" to these devices. They're RF devices and as such have to deal with the limitations of radio wavelengths. The amount of data they hold isn't the issue - the amount of RF energy going back and forth is.
The antennas on every RFID tag I've ever seen has been some kind of omni, since thier orientation to the reader is random. (rotating if it was in a tyre - we won't go into the moving ground plane issues) The reader can get quite a bit of benefit from using directional antennas (FastPass, anyone?), but they sacrifice broad coverage for improved range in a specific direction.
That's physics. He may have over-simplified, but he wasn't wrong or lieing. There's not enough space here to go over the practical limitations, but there ARE practical limitations. Some of them are almost certainly surmountable (number of reads per second, for example) but the RF energy issues aren't going to be "beaten" by some fancy new chip.
As for the NSA - yes, they have some very fancy systems for reading tiny signals at range. (as do the FCC, the military, and quite a few skilled amatures) They are highly directional and if they're not pointed in the right direction, they get nothing. You could read the rfid chip 400 feet in front of you, and completely MISS it's cousin 12 degrees to the left.
While I can't deny the possibility of this being abused, I still find it very unlikely. As you point out, there could be a network of readers strewn across any area. But the fact remains that they would still be range limited and easily blocked.
If you're curious about range, just think about the typical ranges experienced by Wireless Network users. Your wireless NIC runs miniscule power, but it's still vastly more power than an RFID chip will ever generate. You can make up for a lot with sensitive directional antennas on the reader, but then you sacrifice range and broadness of coverage.
And who's really going to pay for an RFID reader in every dustbin? I'm not going to hide my head in the sand and say it'll never happen. Technologically it -can- (even if it's unlikely ever to) but I'm not going to be alarmist.
I'll just keep an itty bitty little transmitter on me that drowns out any RFID chips I happen to be wearing....
While the potential invasion of privacy is fairly scary, the likelyhood of these things turning into massive invasion is small. With active RFID systems, the power output will be tiny if they're going to have a shelf life of more than a few hours, which means range will be short. VERY short. While I can get a fair range with low power on the VHF bands, these things are TINY, with corespondingly tiny antennas and tiny power outputs. With a zillion of them transmitting at once, they will have a useful range of a few meters, not a few miles.
The passive tags are even worse, since they require an "activation" signal from another source - taking the radio energy from another transmitter and using it to power their own reponse. A range of 40 feet is probably optimistic. After all, the more of these things within range of the reader, the more will respond to the activating pulse and send their "I'm ID number nnnnnn!" reply. The more that respond, the smarter the reader needs to be to isolate the signals and ID's it's interested in.
The more intelligence you build into the chip ("Only respond to queries in 'this' range") the more expensive they become. The larger the antenna, the more expensive they become. The more frequencies you build them for, the more expensive they become. Etc. At less than a penny a pop, the chips are almost certainly as dumb as a stump, which makes them less invasive.
Blocking these things should be relatively easy. While I haven't intestigated what frequencies they operate in, it should be relatively trivial to shield them, jam them, spoof them, or otherwise inconvenience the reader.
True, but they didn't say peak infection rate. They said the peak rate of scanning was 3 billion systems per hour. That's why I made my initial comment. While it seems like a huge number, it's not that outragous if you're just counting the level of traffic.
Incidently, I was a CIRT responder for a "small hardware manufacturer in the Valley" during the event. Having seen first hand how hard Slammer hit our firewalls, I don't doubt the claimed traffic level here.
Don't confuse rate of scan with number of systems. As mentioned it was spewing it's exploit in a single UDP packet. The worm didn't care whether other worms had already spewed the packet at a given IP, it was just tossing it out there. Whether the number itself is valid, it's being calculated (probably, at least) by multipying the average bandwidth available to an infected host, times the number of infected hosts. X infected hosts spewing Y packets an hour is Z total packets per hour.
Perhaps not especially useful, but it does give an idea of the sheer scope of that beast.
Comments about "why are we living in deserts anyway?" aside, it should be fairly easy to adapt this sort of technology to use in a "Low water waste" environment. Adding a vacuum system to sop up the water and concrete slury and centerfuge out the concrete bits would add cost, but should be a fairly simple fix. The water would be back in the tank before it could evaporate. The filtered water could be fed back to the machine on site, cutting the water usage substantially.
Not saying it WILL happen, but it's certainly doable.
Re:Where Sun Excells
on
Sun's Last Stand
·
· Score: 3, Informative
Overall I think you're right here. Solaris is hard to beat in a server environment. Having worked extensively in a mixed *NIX (Solaris, HP-UX, Linux, *BSD, a bit of OS/X) I'd give the higher end Sun machines the edge without hesitation for servers. Higher end being E450 and above, including the SunFires. (Not counting the SunBlade and small V series pizza boxen)
For pure workstations though, Solaris loses the edge to the higher flexibility (and lower cost) of the Linux boxen. There's simply more 'stuff' available for Linux at this point. To my observation, *BSD falls in the middle. Not quite as good as Solaris as a server, but better than Linux. Not quite as good on the desktop as Linux, but better than Solaris.
As for the hardware, you're dead on. It's hard to beat the Customer Relation you get with Sun. Sure, Dell has good warranty service, but the Sun guys are a tough act to follow. We won't even try and compare the high end gear. You simply can't. There's nothing in the Lintel space that can compare with one of the big Sun machines.
However, you're a little off on the kernel update issue. The n_Recommended patch clusters from Sun always require a reboot - and they are by far the easiest way to patch the Sun boxen, taking care of all dependencies automatically. Yes, you can apply a lot of patches individually without a reboot, but the same applies to *BSD and Linux. Also, in some instances, it's possible to rebuild kernel modules without requiring a reboot under Linux.
Yes. Wireless doesn't have the bandwidth to provide service everywhere everytime for everyone. Assuming the hardware was in place, there would be limits to how much traffic each node could pass and the aggregate bandwidth betweem all the nodes wouldn't be as great as that provided by fibre links.
Political problems?
ILECs, CLECs, Cable Co's, Govenments, etc., take your pick. It's an idyllic concept but too many people will want their piece of their pie.
Economic problems?
The system (were it technically workable) would require a large installed base before it would work AT ALL. Who's going to go out and buy new gear in the hopes the system will reach critical mass and become viable? Let's not forget the incumbants lobying the above point to keep from losing out on this point.
While the concept is certainly interesting, and could probably work on limited scales (p2p locally, then into a Supernode for long distance. I seem to remember Ricochet used something similar, with data hopping across subscriber nodes to reach the main towers) there's no way it'll work in the current social, economic, political, or technical climate.
I'm not sure how this is any different from "normal" law enforcement practice, where investigators may put a suspect under survelyance without their knowledge. From what I gathered reading the article, they're not talking about hacking into suspected spammers boxen - they are talking about what constitutes more or less normal police investigative work.
Considering the fact that (SPAMMER bullshit excuses aside) SPAM amounts to Theft of Service, it strikes me as appropriate for the FTC to treat it as an illegal act and use appropriate Law Enforcement techniques.
With proper oversite (important in ANY situation where The Man is watching someone) this is almost certainly more of a Good Thing (tm) than Big Brother in Action.
The "Like a book" license has appeared in other places too. As I remember, Poser has the same thing - though it's a bit longer. Personally, I like the concept. Under that license I can install a piece of software on several machines that I use at different locations (Home, laptop, possibly work) and be able to use it without violating any sort of EULA.
The concept of an End Vendors agreement is wonderful, but a little impractical. Though it -might- be plausable to have a hard copy version that you use when you buy something that states "If the EULA in this piece of software is untennable, you agree to refund my money on the prompt return of the software." That would effectively get around the "You can't read the EULA until you open it, but we won't take it back if you open it."
I agree - way too many people are killed on the roads. But the solution is better training and higher qualifications for drivers rather than automatic reporting of "bad behavior." The vast majority of problems on the road are caused by unskilled or distracted drivers. How many near misses have you had with some prat yammering on their cell phone?
The onboard machine will report 52 in a 45 zone as a violation regardless of whether it's done during rush hour with kids around (dangerous) or at 0145 when the nearest car or pedestrian is 2 miles away (where 45 is considerably SLOWER than "safe for the conditions" speed) That's enforcing a revenue stream, not improving public safety. As you say, not something people are going to accept.
Sorry, there are too many variables involved to arbitrarily set "enforced by automation" speed limits in vehicles operated by a reasonably skilled driver. There are numerous cases where NOT being able to accelerate past some arbitrarily low speed is a hazard.
The Minority Report reference was to the fully automated cars more than the heavily intrusive "Scan everything that moves" society. That, ultimately, is where the vehicle technology will probably lead. Not in our lifetimes maybe, but eventually. Let's hope the Scan Everything in Sight mindset doesn't go with it.
As for the police remote shutdown devices, there are countless vehicles that are completely immune - including the vintage BMW I keep in my garage. A CPU scrambler might knock out the Kenwood in the dash, but it won't do jack to the Carburated, Points ignition, engine. Same goes for most diesels.
And we're not talking about arresting people and putting them in jail as invasion of personal privacy. We're talking about an organization, in this case the government, knowing where I go, when I go there, how I got there, etc. Sorry, Big Brother doesn't need to know what route I take to go to lunch, or when I go.
The "Innocent people have nothing to worry about" bit doesn't fly. Sorry. If you (generic "you" here of course) don't think I'm guilty of something, why the futz are you watching everything I do? If you DO think I'm guilty of something, then bloody well charge me with it and prove your case.
Watching poeple 24x7 hoping they make a mistake, no matter how minor (3 over the limit, anyone?), then busting them when they do, is ethically wrong. THAT is what I'm getting at here.
Want to "solve the vehicle problem?" Simple. Make Public transportation useful (Note public, not mass) so people don't have to drive. Increase the requirements for driver skill, training, and testing, so there are fewer dangerouly unskilled drivers on the road (Sorry, mom). Stop treating vehicles as a revenue stream, and start treating traffic enforcement as a public safety issue.
Public transit sucks in a lot of places because the municipality makes too damn much money off parking revenue and traffic fines. Check your local numbers some time, you'll be surprised just how much money a medium/large city makes from people's cars.
Note London deployed the cameras to help enforce their Congestion tax...
Please tell me you're kidding here. Why stop with a system that automatically records your "bad behavior" and reports it? Why not take the next logical step and integrate controls that PREVENT the bad behavior in the first place?
Oh, wait, having the car prevent "bad behavior" would interfear with some municipality's revenue stream.
If they're going to go to that length, why not take the next few steps and go with the fully automated vehicles of Minority Report?
Go a couple more steps, and have the car automatically drive you to the local police department if you did something illegal. Have a warrent issued for your arrest? No problem! The new Toyota Orwell 2003 will drive you right to the local pokey!
As for this English system, it's a mixed blessing. A step in the right direction for tracking vehicles and dealing with some of the MANY problems surrounding personal transportation. But it's a step in the wrong direction in the way of personal freedom and privacy. Admitedly, it's not as bad as taking pictures of the driver - it's just the plates - but there are so many ways to spoof it it's not funny.
Anyone remember the rotating plates on Bond's Astin Martin?
I remember quite a number of years back seeing a similar device that looked vaguely like the upper surface of two bowling balls with finger holes. You used it my placing you hands on the 'body' and dropping your fingers into the holes. Keystrokes were simply combinations of fingers moves back and forth. Very little motion involved, and very fast with practice.
I don't remember the device having mouse capability, but I do recal the price was right up there with this OrbiTouch.
Neat concept. Unfortunately, I think I'd get canned for asking my boss to let me have a $700 pair of plastic breasts on my desk...
Yeah. And for some reason it keeps looking me back to the survey - which loops back if I fill it out. May be a client side issue on my end *shrugs* but I still can't seem to get my hands on it.
Using triangulation is relatively trivial. Combining war-driving with GPS and FoxHunting techniques can yield fairly accurate positions for AP's and the client cards. It gets difficult when there's a lot of them on the air, but it's still doable.
It's technically possible to combine simple RDF (using phase descriminators) with a base station to get a directional vector. Two RDF equipped bases would give you a point rather than a line, so it should also be possible to location limit access. Not that I've ever seen an implementation. Note it would take more than just a driver, since the antenna setup on most base stations is ill suited to use in RDF applications. We're talking specialy build AP's here.
Unfortunately, the AirTraf download site seems to be a tad 'dumb' - redirecting me back to the Survey page repeatedly - so I haven't been able to play with it and see what it's capable of.
If you buy a can opener and it breaks, do you expect to get another can opener for free (ignoring warranties, assume it's been 3 years since you bought the can opener)?
Different animals. When you buy a 'device' you are buying the DEVICE. When you buy a DVD (Or CD or VHS Tape or Phillips Cassette or Vinyl record) you are buying a License to play the media and experience whatever is on it. The media itself is secondary to the License.
Since the price of the Media is pennies, I would say YES. If you (an industry) are going to charge me 50 times what the media costs because I am buying a license, not a media, I would expect you to replace the media at cost - if not free. Remember, the License didn't expire when the record got a scratch. (We won't go into the Recording Industry and their holdover "Breakage" clause - where they skim money off the top for losses due to the ancient phenolyte disks cracking in shipping. Something that hasn't been an issue since the vast majority of us/.ers were alive.)
Likewise, when the "product" is released on a new media format (without change in the performance - EG. LP to Tape versions) I shouldn't have to pay full price -again- for a "product" I already have the license for. My license didn't expire. Why am I being charged for one again?
I doubt I'm explaining it well, but we can certainly hope we have a clueful judge here. The DMCA is one of the worst pieces of legislature to come down the pike in decades. If this case starts swinging the balance back in favor of the Public, then we have something to look forward to. To me, the DMCA, more than anything else, shows how much the Media controls our lives, our government, and our perceptions.
People don't make Legislators or Laws. The Media bundle them up and sell them to us.
...Tell me again why a faster CPU and more memory won't make these spreadsheets run faster?
I didn't say extra performance wouldn't help. Obviously, more memory and more CPU power will help these things run faster. But the point is most of the MS Office applicaitons are bloated beyond belief (a flight sim and a Doom engine, as easter eggs in an office productivity suite?) and in some cases - like your example - encourage people to use poor implementation practices and use the wrong tool for the job.
I still have nightmares about early versions of MS Access running on 486 hardware.
As for the Business vs Consumer, I can't really see Microsoft not trying to extend the architecture to the home user environment. Can you? Of course, in a business environment, it's even more likely they'll embed the "rent a license" technology. Look where they're trying to take XP already.
Slashdot Mirror
That makes the general populace idiots, but it doesn't put Gator on the wrong side of the law. They DO give the user a chance to say no...
Yes, the general populace are idiots. But Gator (and others) installation process is a separate issue from what they do to the desktop. This isn't about whether the installation process was legal, it's about whether or not a third party usurping other people's ad space is legal.
No, they paid for the right to have their ad code delivered to the user. If they were guaranteed that a pair of human eyes would see their ad for each and every pageview, then (insert site here)'s Ad Sales department needs a clue.
A "right" (privilige, really) that the third party AdWare effectively blocks. Worse, since the AdWare can be specifically targeted it can replace it with a competitor's ad without the knowledge of the advertiser, the site they are paying, or the end user who's seeing the ad.
Personally, I loathe popups, popunders, banners, what have you. But these legal battles over who and what can mess with people's desktops can't be good for the end users. These things are almost as bad as SPAM. Worse, in some ways, since they can be far more intrusive.
Sure you can, and a lot of us do. The issue is not quite the same. Most Gator installations are done without the knowledge of the person who has it altering their desktop. (Remember, the general populace will click YES to anything) The people advertising on the (insert site here) site paid for that space. The adware effectivelly -steals- the space the rival paid for.
It's like having something on your TV that replaces Pepsi with Coke in every Pepsi commercial you see. Pepsi would have every right to be annoyed and probably sue since they - not the adaware client - paid for the timeslot.
Mixed bag? I think not. It's like a web cookie, easily spoofed, but just as easily verfied. I don't try to believe that a given MAC address is authentic, but I do assume it's unique for that session, and/or matched the MAC number that requested an address from the DHCP server.
I think we're saying more or less the same thing here. "Mixed bag" == Easily spoofed, yet also easy to detect (and prevent) said spoofing.
Your verification program fills the same role as my clueful network admin: one of several ways to make sure the MAC's on the air are who they say they are. I'm sure we could come up with a dozen ways to verify a connection to make sure it wasn't spoofed.
But as you say, it's a pain to keep signing in all the time, which increases user effort and support headaches, which means you'll only implement it for certain situations where the effort is worth it. (Like another place to bill from...)
It's sites with MAC filtering but no authentication where it's easy to spoof and get on the air. Of course, how many sites actually use MAC filtering? I'd guess even fewer than use WEP.
Using AirSnort takes time and patience. For a "large" site where you can get a lot of traffic, or where you're trying to crack your next door neighbor's network where you can get a lot of traffic over time, it's practical.
At a conference, it's unlikely that people will even bother setting up WEP since key management isn't worth the effort.
MAC address filtering is a mixed bag. Yes, it's trivial to alter your own MAC address to impersonate another machine, but the usefulness depends on your environment. A big site probably won't bother with filtering. Too many addresses to track. A small site running MAC filtering may well have a clueful network admin who'll notice homeboy.haxornet.lan's MAC on the air when he -knows- he left that box at the office.
The point was the insecure protocols used over the wireless links. Web, POP, IMAP, telnet, etc., passwords sent in the clear are trivial to sniff in that environment.
As some have already pointed out SSL will cure that issue for quite a number of applications. Using SSH to reach your mail server is another simple "fix" to what is essentially NOT a wireless networking problem.
Point taken. Though I suppose it depends on which end of the spectrum you're coming from. From the "They can track a specific target under certain conditions more easily and at longer range than they are saying" standpoint, we're on the same page. Science and technology agree.
At the extremes: "It can't be done at all, ever, no one can track anyone" is over-simplifying it and ignoring the reality, where there are tradeoffs between range and 'volume'. Saying "They can track anyone anywhere anytime at any range" is abject paranoia and beyond the scope of physics, let alone technology.
To mis-quote: "You can track some of the people all of the time, and all of the people some of the time. But you can't track all the people all the time."
Fair enough assessment?
*chuckles* It's possible to do lots of things, but whether it's practical is the point. Don't confuse the ability to gather a discrete signal at long range with the ability to track a LOT of discrete signals all moving around at long range.
Remember, I said he was over-simplifying the issue.
As I said, there isn't enough space to go into it, and I don't feel like writing a paper on Radio. If the NSA (or anyone with a really gnarly antenna resonant on the righ freq) wants to read the RFID's of every object in my house from a mile away, they could. If they wanted to do it to my moving car dodging through traffic amungst a crapload of over rfid tagged cars, good bloody luck.
High gain antennas are big. You can't get around that. THAT is the point I was trying to get across. Long range requires high gain. Practically, the commercial systems WANT to limit their range because they don't want to get swamped with more signals than they can read. The longer the range, the more devices that will respond. The more that respond, the more their individual signals drown each other out, and the more trouble you have isolating the signal you want. Etc.
While rfid could be (read: is being) used for tracking people and things, it's not as long ranged as some people would have us believe. If the (insert nefarious organization here) wants to "watch me from a mile away" by my RFID tags, they could achieve the same affect by having a cute agent wander around in my general area. I'm more likely to notice the agent, but she'll be a LOT less obvious than a rack of high gain antennas mounted on the side of a truck and she'll have a better chance of not losing me in the background noise.
If your experience is as you claim it, I can only conclude that you are intentionally lying. There is no inherent, physics based limitation of "a few feet" to how far these tags can be read: to read the tags from further away, all one needs is a better receiver. Your statement assumes that a newer, better receiver will never be invented or brought to market. Doesn't the NSA do quite a bit of work already on picking up radio signals at a distance?!?
Actually there are "Physics based limitations" to these devices. They're RF devices and as such have to deal with the limitations of radio wavelengths. The amount of data they hold isn't the issue - the amount of RF energy going back and forth is.
The antennas on every RFID tag I've ever seen has been some kind of omni, since thier orientation to the reader is random. (rotating if it was in a tyre - we won't go into the moving ground plane issues) The reader can get quite a bit of benefit from using directional antennas (FastPass, anyone?), but they sacrifice broad coverage for improved range in a specific direction.
That's physics. He may have over-simplified, but he wasn't wrong or lieing. There's not enough space here to go over the practical limitations, but there ARE practical limitations. Some of them are almost certainly surmountable (number of reads per second, for example) but the RF energy issues aren't going to be "beaten" by some fancy new chip.
As for the NSA - yes, they have some very fancy systems for reading tiny signals at range. (as do the FCC, the military, and quite a few skilled amatures) They are highly directional and if they're not pointed in the right direction, they get nothing. You could read the rfid chip 400 feet in front of you, and completely MISS it's cousin 12 degrees to the left.
Why is the pic on the Linare PC page a Mac?
http://www.linare.com/linpc.htm
While I can't deny the possibility of this being abused, I still find it very unlikely. As you point out, there could be a network of readers strewn across any area. But the fact remains that they would still be range limited and easily blocked.
If you're curious about range, just think about the typical ranges experienced by Wireless Network users. Your wireless NIC runs miniscule power, but it's still vastly more power than an RFID chip will ever generate. You can make up for a lot with sensitive directional antennas on the reader, but then you sacrifice range and broadness of coverage.
And who's really going to pay for an RFID reader in every dustbin? I'm not going to hide my head in the sand and say it'll never happen. Technologically it -can- (even if it's unlikely ever to) but I'm not going to be alarmist.
I'll just keep an itty bitty little transmitter on me that drowns out any RFID chips I happen to be wearing....
While the potential invasion of privacy is fairly scary, the likelyhood of these things turning into massive invasion is small. With active RFID systems, the power output will be tiny if they're going to have a shelf life of more than a few hours, which means range will be short. VERY short. While I can get a fair range with low power on the VHF bands, these things are TINY, with corespondingly tiny antennas and tiny power outputs. With a zillion of them transmitting at once, they will have a useful range of a few meters, not a few miles.
The passive tags are even worse, since they require an "activation" signal from another source - taking the radio energy from another transmitter and using it to power their own reponse. A range of 40 feet is probably optimistic. After all, the more of these things within range of the reader, the more will respond to the activating pulse and send their "I'm ID number nnnnnn!" reply. The more that respond, the smarter the reader needs to be to isolate the signals and ID's it's interested in.
The more intelligence you build into the chip ("Only respond to queries in 'this' range") the more expensive they become. The larger the antenna, the more expensive they become. The more frequencies you build them for, the more expensive they become. Etc. At less than a penny a pop, the chips are almost certainly as dumb as a stump, which makes them less invasive.
Blocking these things should be relatively easy. While I haven't intestigated what frequencies they operate in, it should be relatively trivial to shield them, jam them, spoof them, or otherwise inconvenience the reader.
I don't like them, but they don't frighten me.
True, but they didn't say peak infection rate. They said the peak rate of scanning was 3 billion systems per hour. That's why I made my initial comment. While it seems like a huge number, it's not that outragous if you're just counting the level of traffic.
Incidently, I was a CIRT responder for a "small hardware manufacturer in the Valley" during the event. Having seen first hand how hard Slammer hit our firewalls, I don't doubt the claimed traffic level here.
Don't confuse rate of scan with number of systems. As mentioned it was spewing it's exploit in a single UDP packet. The worm didn't care whether other worms had already spewed the packet at a given IP, it was just tossing it out there. Whether the number itself is valid, it's being calculated (probably, at least) by multipying the average bandwidth available to an infected host, times the number of infected hosts. X infected hosts spewing Y packets an hour is Z total packets per hour.
Perhaps not especially useful, but it does give an idea of the sheer scope of that beast.
Comments about "why are we living in deserts anyway?" aside, it should be fairly easy to adapt this sort of technology to use in a "Low water waste" environment. Adding a vacuum system to sop up the water and concrete slury and centerfuge out the concrete bits would add cost, but should be a fairly simple fix. The water would be back in the tank before it could evaporate. The filtered water could be fed back to the machine on site, cutting the water usage substantially.
Not saying it WILL happen, but it's certainly doable.
Overall I think you're right here. Solaris is hard to beat in a server environment. Having worked extensively in a mixed *NIX (Solaris, HP-UX, Linux, *BSD, a bit of OS/X) I'd give the higher end Sun machines the edge without hesitation for servers. Higher end being E450 and above, including the SunFires. (Not counting the SunBlade and small V series pizza boxen)
For pure workstations though, Solaris loses the edge to the higher flexibility (and lower cost) of the Linux boxen. There's simply more 'stuff' available for Linux at this point. To my observation, *BSD falls in the middle. Not quite as good as Solaris as a server, but better than Linux. Not quite as good on the desktop as Linux, but better than Solaris.
As for the hardware, you're dead on. It's hard to beat the Customer Relation you get with Sun. Sure, Dell has good warranty service, but the Sun guys are a tough act to follow. We won't even try and compare the high end gear. You simply can't. There's nothing in the Lintel space that can compare with one of the big Sun machines.
However, you're a little off on the kernel update issue. The n_Recommended patch clusters from Sun always require a reboot - and they are by far the easiest way to patch the Sun boxen, taking care of all dependencies automatically. Yes, you can apply a lot of patches individually without a reboot, but the same applies to *BSD and Linux. Also, in some instances, it's possible to rebuild kernel modules without requiring a reboot under Linux.
Technical problems?
Yes. Wireless doesn't have the bandwidth to provide service everywhere everytime for everyone. Assuming the hardware was in place, there would be limits to how much traffic each node could pass and the aggregate bandwidth betweem all the nodes wouldn't be as great as that provided by fibre links.
Political problems?
ILECs, CLECs, Cable Co's, Govenments, etc., take your pick. It's an idyllic concept but too many people will want their piece of their pie.
Economic problems?
The system (were it technically workable) would require a large installed base before it would work AT ALL. Who's going to go out and buy new gear in the hopes the system will reach critical mass and become viable? Let's not forget the incumbants lobying the above point to keep from losing out on this point.
While the concept is certainly interesting, and could probably work on limited scales (p2p locally, then into a Supernode for long distance. I seem to remember Ricochet used something similar, with data hopping across subscriber nodes to reach the main towers) there's no way it'll work in the current social, economic, political, or technical climate.
I'm not sure how this is any different from "normal" law enforcement practice, where investigators may put a suspect under survelyance without their knowledge. From what I gathered reading the article, they're not talking about hacking into suspected spammers boxen - they are talking about what constitutes more or less normal police investigative work.
Considering the fact that (SPAMMER bullshit excuses aside) SPAM amounts to Theft of Service, it strikes me as appropriate for the FTC to treat it as an illegal act and use appropriate Law Enforcement techniques.
With proper oversite (important in ANY situation where The Man is watching someone) this is almost certainly more of a Good Thing (tm) than Big Brother in Action.
The "Like a book" license has appeared in other places too. As I remember, Poser has the same thing - though it's a bit longer. Personally, I like the concept. Under that license I can install a piece of software on several machines that I use at different locations (Home, laptop, possibly work) and be able to use it without violating any sort of EULA.
The concept of an End Vendors agreement is wonderful, but a little impractical. Though it -might- be plausable to have a hard copy version that you use when you buy something that states "If the EULA in this piece of software is untennable, you agree to refund my money on the prompt return of the software." That would effectively get around the "You can't read the EULA until you open it, but we won't take it back if you open it."
One can only hope, right?
I agree - way too many people are killed on the roads. But the solution is better training and higher qualifications for drivers rather than automatic reporting of "bad behavior." The vast majority of problems on the road are caused by unskilled or distracted drivers. How many near misses have you had with some prat yammering on their cell phone?
The onboard machine will report 52 in a 45 zone as a violation regardless of whether it's done during rush hour with kids around (dangerous) or at 0145 when the nearest car or pedestrian is 2 miles away (where 45 is considerably SLOWER than "safe for the conditions" speed) That's enforcing a revenue stream, not improving public safety. As you say, not something people are going to accept.
Sorry, there are too many variables involved to arbitrarily set "enforced by automation" speed limits in vehicles operated by a reasonably skilled driver. There are numerous cases where NOT being able to accelerate past some arbitrarily low speed is a hazard.
The Minority Report reference was to the fully automated cars more than the heavily intrusive "Scan everything that moves" society. That, ultimately, is where the vehicle technology will probably lead. Not in our lifetimes maybe, but eventually. Let's hope the Scan Everything in Sight mindset doesn't go with it.
As for the police remote shutdown devices, there are countless vehicles that are completely immune - including the vintage BMW I keep in my garage. A CPU scrambler might knock out the Kenwood in the dash, but it won't do jack to the Carburated, Points ignition, engine. Same goes for most diesels.
And we're not talking about arresting people and putting them in jail as invasion of personal privacy. We're talking about an organization, in this case the government, knowing where I go, when I go there, how I got there, etc. Sorry, Big Brother doesn't need to know what route I take to go to lunch, or when I go.
The "Innocent people have nothing to worry about" bit doesn't fly. Sorry. If you (generic "you" here of course) don't think I'm guilty of something, why the futz are you watching everything I do? If you DO think I'm guilty of something, then bloody well charge me with it and prove your case.
Watching poeple 24x7 hoping they make a mistake, no matter how minor (3 over the limit, anyone?), then busting them when they do, is ethically wrong. THAT is what I'm getting at here.
Want to "solve the vehicle problem?" Simple. Make Public transportation useful (Note public, not mass) so people don't have to drive. Increase the requirements for driver skill, training, and testing, so there are fewer dangerouly unskilled drivers on the road (Sorry, mom). Stop treating vehicles as a revenue stream, and start treating traffic enforcement as a public safety issue.
Public transit sucks in a lot of places because the municipality makes too damn much money off parking revenue and traffic fines. Check your local numbers some time, you'll be surprised just how much money a medium/large city makes from people's cars.
Note London deployed the cameras to help enforce their Congestion tax...
Please tell me you're kidding here. Why stop with a system that automatically records your "bad behavior" and reports it? Why not take the next logical step and integrate controls that PREVENT the bad behavior in the first place?
Oh, wait, having the car prevent "bad behavior" would interfear with some municipality's revenue stream.
If they're going to go to that length, why not take the next few steps and go with the fully automated vehicles of Minority Report?
Go a couple more steps, and have the car automatically drive you to the local police department if you did something illegal. Have a warrent issued for your arrest? No problem! The new Toyota Orwell 2003 will drive you right to the local pokey!
As for this English system, it's a mixed blessing. A step in the right direction for tracking vehicles and dealing with some of the MANY problems surrounding personal transportation. But it's a step in the wrong direction in the way of personal freedom and privacy. Admitedly, it's not as bad as taking pictures of the driver - it's just the plates - but there are so many ways to spoof it it's not funny.
Anyone remember the rotating plates on Bond's Astin Martin?
I remember quite a number of years back seeing a similar device that looked vaguely like the upper surface of two bowling balls with finger holes. You used it my placing you hands on the 'body' and dropping your fingers into the holes. Keystrokes were simply combinations of fingers moves back and forth. Very little motion involved, and very fast with practice.
I don't remember the device having mouse capability, but I do recal the price was right up there with this OrbiTouch.
Neat concept. Unfortunately, I think I'd get canned for asking my boss to let me have a $700 pair of plastic breasts on my desk...
Perfect. Came right down.
Thanks, much appreciated!
Yeah. And for some reason it keeps looking me back to the survey - which loops back if I fill it out. May be a client side issue on my end *shrugs* but I still can't seem to get my hands on it.
Using triangulation is relatively trivial. Combining war-driving with GPS and FoxHunting techniques can yield fairly accurate positions for AP's and the client cards. It gets difficult when there's a lot of them on the air, but it's still doable.
It's technically possible to combine simple RDF (using phase descriminators) with a base station to get a directional vector. Two RDF equipped bases would give you a point rather than a line, so it should also be possible to location limit access. Not that I've ever seen an implementation. Note it would take more than just a driver, since the antenna setup on most base stations is ill suited to use in RDF applications. We're talking specialy build AP's here.
Unfortunately, the AirTraf download site seems to be a tad 'dumb' - redirecting me back to the Survey page repeatedly - so I haven't been able to play with it and see what it's capable of.
If you buy a can opener and it breaks, do you expect to get another can opener for free (ignoring warranties, assume it's been 3 years since you bought the can opener)?
/.ers were alive.)
Different animals. When you buy a 'device' you are buying the DEVICE. When you buy a DVD (Or CD or VHS Tape or Phillips Cassette or Vinyl record) you are buying a License to play the media and experience whatever is on it. The media itself is secondary to the License.
Since the price of the Media is pennies, I would say YES. If you (an industry) are going to charge me 50 times what the media costs because I am buying a license, not a media, I would expect you to replace the media at cost - if not free. Remember, the License didn't expire when the record got a scratch. (We won't go into the Recording Industry and their holdover "Breakage" clause - where they skim money off the top for losses due to the ancient phenolyte disks cracking in shipping. Something that hasn't been an issue since the vast majority of us
Likewise, when the "product" is released on a new media format (without change in the performance - EG. LP to Tape versions) I shouldn't have to pay full price -again- for a "product" I already have the license for. My license didn't expire. Why am I being charged for one again?
I doubt I'm explaining it well, but we can certainly hope we have a clueful judge here. The DMCA is one of the worst pieces of legislature to come down the pike in decades. If this case starts swinging the balance back in favor of the Public, then we have something to look forward to. To me, the DMCA, more than anything else, shows how much the Media controls our lives, our government, and our perceptions.
People don't make Legislators or Laws. The Media bundle them up and sell them to us.
...Tell me again why a faster CPU and more memory won't make these spreadsheets run faster?
I didn't say extra performance wouldn't help. Obviously, more memory and more CPU power will help these things run faster. But the point is most of the MS Office applicaitons are bloated beyond belief (a flight sim and a Doom engine, as easter eggs in an office productivity suite?) and in some cases - like your example - encourage people to use poor implementation practices and use the wrong tool for the job.
I still have nightmares about early versions of MS Access running on 486 hardware.
As for the Business vs Consumer, I can't really see Microsoft not trying to extend the architecture to the home user environment. Can you? Of course, in a business environment, it's even more likely they'll embed the "rent a license" technology. Look where they're trying to take XP already.