There's a big difference. The first public news of the Kaminsky DNS issue was with the release of Microsoft's Patch Tuesday DNS update, with simultaneous patches from ISC for BIND and the other affects nameservers. Dan organised all that with the help of CERT and the DNS server vendor/distributors, without leaks. Once the patches and a vague description was out, people put two and two together pretty quickly - IIRC from the BlackHat preso, the first correct solution Kaminsky received was within 48 hours - and shrewd guesses were being made within two weeks (followed by the unfortunate leak which broadly confirmed the guess.) It sounds like the cat is well and truly out of the bag here, already, and there are no patches yet. Apart from the people at the conference, there's enough detail in the sources the ZDNet blog links to to make it pretty clear which direction the shrewd guesses (and testing) will have started on.
Looking on the bright side, more browsers than nameservers auto-update themselves...
(Incidentally the reason the Internet wasn't destroyed by the Kaminsky bug was precisely because of all the prior coordination and then unequivocal "patch now" messages from multiple credible sources (CERT, Vixie, Microsoft, the other respected researchers Dan explained it to under NDA, etc.) And anyway you ARE still fucked in the long run, anyway, because DNS is still spoofable by a determined attacker (which probably means one who's going after a very high value target) in the absence of DNSSEC. Hence the (by Fed terms, frantic) haste with which the.gov root is being signed at last.
And on top of all the other excellent reason to migrate to IPv6, NAT is teh suxx0r. (I am a security person, and if I had a pound for everytime someone had said: "it can't get hacked, it's inside a NAT"... I'd be rich.
So that would be the biggest concentration of suck in the known universe; but hasn't this already been identified as being that Bill O'Reilly guy on Fox News?
Anyone who, at THIS point, decides who to vote for on the basis of the marketing crap on their websites about technology issues is a couple of sandwiches short of a picnic IMO. Aren't issues like the bankrupting of the American economy, the hornet's nest of anti-Americanism stirred up in the middle east, south Asia and Europe, and the imminent change of climate rendering everything west of the Rockies an arid sandy desert slightly more important than fucking network neutrality?!?
A colleague of mine who's surname begins with the letter "B" got management to accept that the complex web of SNMP traps, alerting, scrolling displays on web pages etc was a Unified Monitoring System. Naturally it was called B------'s Universal Monitoring System... BUMS.
I like my place of work, we can get away with shit like that and we still have a retarded enough sense of humour to find it really funny.
Oh, give me a fucking break. I'm a member / supporter of a number of civil lib type orgs here in the UK, and we certainly do have our share of stupid, counter-productive, illiberal and potentially-authoritarian laws. But, really, I assure you that (apart from the insane law about protesting within a half-mile of Parliament, and similar special cases), free speech is really not a problem over here. "questioning the effectiveness of the UK police state"?! You've obviously never read the British tabloid press; take away their right to ridicule the police and they'd be out of business overnight.
After the last ten days of financial and economic pandemic, and the slow-motion implosion of the US economy over the next couple of years, I don't think NMS will be that high on anyone's priority list. (And I write as someone about to start evaluating NMS at work. OpenNMS looks good so far:> )
And don't get me started with how Outlook is written in VB.
Er, citation please?
(Disclosure, I loathe Outlook and Exchange with a vengeance and will dance on their graves when MS finally gets borged by icanhascheezburger.com or whoever.) But I'm pretty certain Outlook's not written in VB.
Mozilla is quite understandably protective of its Firefox trademark, and doesn't want it applied to builds that have been patched or changed by distros.
Why should that apply to Firefox and not, say, Apache or BIND or Amarok or...?
Oval? Oooh, very clever. You've played this before haven't you? In that case, I feel no compunction in invoking Stovald's Second Rule... Euston (mainline.)
Uh-huh, so all those climatologists who say otherwise are either a bunch of halfwits for failing to notice this stupendous oversight in, well, the laws of physics (and the fundamental physics of greenhouse gases and climate are really very simple), or a bunch of evil bastards because they KNOW it's all nonsense, but are part of a giant conspiracy to keep quiet about it so long as the grants keep rolling in. Which of these absurd possibilities do you propound?
Incidentally, if you'd like your economy to stick to a fossil-fuel based, intensive energy basis, have fun when oil hits $500/barrel...
Oil may have turned the corner, but there are more fossil fuels than that. There are literally hundreds of years' worth of workable coal deposits. What worries me is that atmospheric pollution is a classic tragedy-of-the-commons. So long as there's a sufficiently industrialised civilisation to dig it up and burn it, we're going to be emitting fossil CO2 at, at best, mid-20th century levels for the foreseeable future. Look out Jurassic, here we come. (Oh yeah, and the water-vapour-cloud-seeding-ships idea fails at the first hurdle, namely that (even if it worked, which I seriously doubt as the clouds would be too low in the atmosphere) the whole thing stops working the day the ships do. Dirty coal does at least produce relatively long-lived and high sulphate aerosols. (Now if only there were a cheap simple way to capture the CO2 at the generator site, but still emit the sulphates...)
Over the past 20 years, my level of optimism for the future (vis a vis climate change) has followed a curve very similar to the NSIDC sea-ice extent for 2008 (except that my optimism only flat-lined at the point where I couldn't think things could get much worse.)
The GW money making machine is in full swing, ripping off as many taxpayers as possible. Great job, you con artists!
Speaking as a fully paid-up card carrying member of the bunny-loving, tree-hugging, knit-your-own-yoghurt brigade, and having paid an interest in global warming since Hansen et. al. (1988), I must say I'm sitting here on top of a big pile of money just cackling to myself whilst I light myself another Monte Cristo and finish of the last of the Montrachet '86. Thank-you so much to all those fools who cut down on their carbon emissions, thus ???, allowing me to profit! Muahahahahahaha.
Generally peering happens at an IX, where a bunch of service providers chip in together towards the cost of running the IX (which has it's own independent management structure.) Service providers with a presence at the IX pay for their own infrastructure (switches, routers, Xbox 360s...)
Slashdot Mirror
There's only one problem with your idea, which is that you don't OWN the IP addresses you've been allocated, and you can't sell them.
There's a big difference. The first public news of the Kaminsky DNS issue was with the release of Microsoft's Patch Tuesday DNS update, with simultaneous patches from ISC for BIND and the other affects nameservers. Dan organised all that with the help of CERT and the DNS server vendor/distributors, without leaks. Once the patches and a vague description was out, people put two and two together pretty quickly - IIRC from the BlackHat preso, the first correct solution Kaminsky received was within 48 hours - and shrewd guesses were being made within two weeks (followed by the unfortunate leak which broadly confirmed the guess.) It sounds like the cat is well and truly out of the bag here, already, and there are no patches yet. Apart from the people at the conference, there's enough detail in the sources the ZDNet blog links to to make it pretty clear which direction the shrewd guesses (and testing) will have started on.
Looking on the bright side, more browsers than nameservers auto-update themselves...
(Incidentally the reason the Internet wasn't destroyed by the Kaminsky bug was precisely because of all the prior coordination and then unequivocal "patch now" messages from multiple credible sources (CERT, Vixie, Microsoft, the other respected researchers Dan explained it to under NDA, etc.) And anyway you ARE still fucked in the long run, anyway, because DNS is still spoofable by a determined attacker (which probably means one who's going after a very high value target) in the absence of DNSSEC. Hence the (by Fed terms, frantic) haste with which the .gov root is being signed at last.
Have a great day!
"Insightful"?!? A shame the mods didn't notice your dripping sarcasm :(
And on top of all the other excellent reason to migrate to IPv6, NAT is teh suxx0r. (I am a security person, and if I had a pound for everytime someone had said: "it can't get hacked, it's inside a NAT"... I'd be rich.
So that would be the biggest concentration of suck in the known universe; but hasn't this already been identified as being that Bill O'Reilly guy on Fox News?
Well, I did, and it means what I thought it did; your point, however, remains obscure..?
Anyone who, at THIS point, decides who to vote for on the basis of the marketing crap on their websites about technology issues is a couple of sandwiches short of a picnic IMO. Aren't issues like the bankrupting of the American economy, the hornet's nest of anti-Americanism stirred up in the middle east, south Asia and Europe, and the imminent change of climate rendering everything west of the Rockies an arid sandy desert slightly more important than fucking network neutrality?!?
(Disclosure, I'm not a US cit.)
I like my place of work, we can get away with shit like that and we still have a retarded enough sense of humour to find it really funny.
Oh, give me a fucking break. I'm a member / supporter of a number of civil lib type orgs here in the UK, and we certainly do have our share of stupid, counter-productive, illiberal and potentially-authoritarian laws. But, really, I assure you that (apart from the insane law about protesting within a half-mile of Parliament, and similar special cases), free speech is really not a problem over here. "questioning the effectiveness of the UK police state"?! You've obviously never read the British tabloid press; take away their right to ridicule the police and they'd be out of business overnight.
After the last ten days of financial and economic pandemic, and the slow-motion implosion of the US economy over the next couple of years, I don't think NMS will be that high on anyone's priority list. (And I write as someone about to start evaluating NMS at work. OpenNMS looks good so far :> )
Jeff Lint for President!
And don't get me started with how Outlook is written in VB.
Er, citation please?
(Disclosure, I loathe Outlook and Exchange with a vengeance and will dance on their graves when MS finally gets borged by icanhascheezburger.com or whoever.) But I'm pretty certain Outlook's not written in VB.
Mozilla is quite understandably protective of its Firefox trademark, and doesn't want it applied to builds that have been patched or changed by distros.
Why should that apply to Firefox and not, say, Apache or BIND or Amarok or...?
Oval? Oooh, very clever. You've played this before haven't you? In that case, I feel no compunction in invoking Stovald's Second Rule... Euston (mainline.)
There's a term for that type of cognitive process; you will find it in the DSM-IV.
Not even the first successful mp3 player; Linux Journal had one on the cover (IIRC) a couple of years before the first iPod was launched.
Uh-huh, so all those climatologists who say otherwise are either a bunch of halfwits for failing to notice this stupendous oversight in, well, the laws of physics (and the fundamental physics of greenhouse gases and climate are really very simple), or a bunch of evil bastards because they KNOW it's all nonsense, but are part of a giant conspiracy to keep quiet about it so long as the grants keep rolling in. Which of these absurd possibilities do you propound?
Incidentally, if you'd like your economy to stick to a fossil-fuel based, intensive energy basis, have fun when oil hits $500/barrel...
So what you're saying is...human civilisation is doomed anyway, so in the meantime let me enjoy low taxation and an SUV? Right. That makes sense.
Oil may have turned the corner, but there are more fossil fuels than that. There are literally hundreds of years' worth of workable coal deposits. What worries me is that atmospheric pollution is a classic tragedy-of-the-commons. So long as there's a sufficiently industrialised civilisation to dig it up and burn it, we're going to be emitting fossil CO2 at, at best, mid-20th century levels for the foreseeable future. Look out Jurassic, here we come. (Oh yeah, and the water-vapour-cloud-seeding-ships idea fails at the first hurdle, namely that (even if it worked, which I seriously doubt as the clouds would be too low in the atmosphere) the whole thing stops working the day the ships do. Dirty coal does at least produce relatively long-lived and high sulphate aerosols. (Now if only there were a cheap simple way to capture the CO2 at the generator site, but still emit the sulphates...) Over the past 20 years, my level of optimism for the future (vis a vis climate change) has followed a curve very similar to the NSIDC sea-ice extent for 2008 (except that my optimism only flat-lined at the point where I couldn't think things could get much worse.)
The GW money making machine is in full swing, ripping off as many taxpayers as possible. Great job, you con artists!
Speaking as a fully paid-up card carrying member of the bunny-loving, tree-hugging, knit-your-own-yoghurt brigade, and having paid an interest in global warming since Hansen et. al. (1988), I must say I'm sitting here on top of a big pile of money just cackling to myself whilst I light myself another Monte Cristo and finish of the last of the Montrachet '86. Thank-you so much to all those fools who cut down on their carbon emissions, thus ???, allowing me to profit! Muahahahahahaha.
God help me, I parsed that as "cucumber", and now I feel like the Sam Neill character in Event Horizon...
Better to let it die, period.
Generally peering happens at an IX, where a bunch of service providers chip in together towards the cost of running the IX (which has it's own independent management structure.) Service providers with a presence at the IX pay for their own infrastructure (switches, routers, Xbox 360s...)
Yeah, that would totally rock. You'd end up with some hideous blasphemy, like a sort of cross between Sarah Palin and Cowboy Neil. Or perhaps Cthulhu.
So for the Net under Palin, bottom line: less porn, more drugs.
Hell, she's got my vote! Lemme tell you, with a $100/day smack habit, pr0n's really not a big priority.