The difference between security by obscurity and a key is that when using a key, you publicly announce (or assume it is known) the exact proceedure to enter a key (relying solely on the key strength).
Let's use your mesh point as an example. If, when you build it, you say "to access this router you have to use such IP address", and for each device you write a different address (or make it user changeable), then you have a 32 bit key (assuming IPv4). Everybody knows what to do in order to access your (or anyone's) device, and you rely on the difficulty of trying addresses until they hit.
If, on the other hand you do not announce why you use such address to access the device, it's security by obscurity. You rely on the secrecy of the method for security. You're not likely to treat it like a real key (if you do, then you have both a key and obscurity). You might then be relying on a security feature that is not secure (you told a friend, somebody copied the programming of your box, etc).
Anyway, the IP address is just a lousy place to add your authentication. You cannot change on demand your IP address unless you want to isolate yourself from your network.
As for hacking your device, assuming a fixed knocking scheme, telnet port and root password, I'd say it can be cracked as soon as someone taps your channel. If you change normally your root password, complexity is the same (password gets sniffed). If knocking and port changes, then there's a key, unless the changing algorithm is fixed, in that case the attacker will just have to deduce which algorithm is (or he might already have it, he might have found your docs). If the algorithm is fixed, what would you do if someone finds out?
If you're relying on the box to automatically change the password, the just use a one time password system (crypto, but cheap in your terms, although it does not protect against session hijacking).
Anyway, if speed if so important, there are specialized chips that do crypto lighting fast by themselves. Even COTS hardware does simmetric key operations really fast, the bottleneck is probably your wifi throughput.
Nope, it's not simple as that. This is why you need to be an actual EE. You can't passively monitor it, you need to inject a current into the system, which is easily detected.
Current that can be easily detected and misidentified as the receiver's. Remember, I cut the receiver from the line and connected an identical device (which RANDOMLY connects components, like the receiver's) to the line. You don't ask the receiver what his random choices are (if you did, I'd just compromise this secondary channel). The device performs no authentication, so you can never know who's on the other end of the wire (which means I can do a man in the middle attack).
Recheck my steps, please. Unless the devices somehow know how to identify the device on the other end, they are vulnerable.
In this case, there is no need to transfer keying material. The receiver injects the random noise himself, so it's not really related to the one time pad, it's more like the idea of public key cryptography (in a very indirect way, before criticizing please read Ellis' paper).
But you're right. Man in the middle would work like a charm, and that propagation method might work too (not my area of expertise).
Unless Schneier is an expert on electronics, Schneier isn't qualified to say anything about this.
Schneier does not have to be an expert on electronics, if he can show he can recover the message.
I'm a CS student/TA/Network administrator (so I'm no electronics expert) but my solution would be very simple (a man in the middle attack):
1)Buy two of these encryption boxes 2)Cut wire (wait until the devices are off or not monitored if necessary) 3)Put a device on each end of the cut wire. 4)Listen from one side, eavesdrop and copy to the other side. 5)Profit (no ??? or electronics knowledge involved).
Simple as that, no EE involved. And I'm sure it's not the only answer (there are some posts about measuring the propagation of the signals too).
Peeking at the paper, it seems that the receiver somehow introduces noise to the channel, garbling the sender's signal. He then recovers the message by deducing what the sender chose because he knows what his noise is.
A similar principle was used about 50 years ago, although maybe using a different method. I've not seen the paper about this device (Bell project C43), but the Ellis Paper on non-secret encryption (PDF, sorry) makes a brief description of the device in item 6.
Oh, if I were attacking that device (or Kish's one), I'd do a man in the middle attack without thinking twice (his assumptions about being perfectly secure are apparently wrong).
Well the problem is, unless you have a bulletproof memory you'll still have to write passwords down if you want to be secure. Trying to remember 50 secure 16 character passwords is pretty hard, so if you are using passwords that long, odds are they're the same password. The problem here is that the owner of xyzsite.com may now have your password to abcsite.com. Of course odds are nobody will check, but if you use that argument there's no real point in using passwords.
That's not necesarily true. I follow the same approach. The first password (which I memorize) is for an encrypted password storage. When I need to access something, I can read its password from the device. Most frequently used ones will tend to stick, just from frequent use.
Obviously one must be really careful with the master password, but once proper care is taken, you have both the advantage of a hard to guess password (random, probably) and ease of retrieval. That's why it is always memorized.
Combine that with S/Key, and you've got some hell of a security system.
GMail might be a permanent beta, but its release schedule is nothing like Microsoft. Let's take XBox 360 as an example: they set a release date, and ready or not they start selling on that date. It doesn't matter it there are problems, as long as there are no show stoppers, they'll release and patch later.
On the other hand, when Gmail was announced, we all thought it was an april's fool joke. They took their time sending invites, too. Same thing with other thing from the lab. They let you mess with some stuff if you want, but they release when it's ready (in a permanent beta state, though). It's more like a "Debian Lite" attitude.
Oh, about the totem pole: Steve (corporate) answers to Bill (corporate).
If Bill Gates is a techie, I'm Yuri Gagarin. Remember, he's a BUSINESS school dropout. He may be a geek, but he's a business one.
These are not flaws,.kids would probably be a way of moving responsibilities back to the right place.
No duplication and everything remotely "sexual", "adult" or whatever is not there.
Wikipedia talks about sex? No wikipedia for you, kids! Same goes for everything else.
The point is that it would be a place where none of the "filthy" stuff would be present. Of course it would be 100% crap, but that puts the problem on the other side of the line.
Of course horny teenagers would get out of the kids sector, but then it's the uptight parent's fault (who probably watches as much porn as everyone else in secret), not OURS.
"What do you mean your kid went to a porn site when you allowed unrestricted access? If you were so concerned, why weren't you watching him while he had unrestricted access? Well, YOU allowed him access, YOU should watch him."
What you say has some merit, but it's pretty clear accountants and salespeople rule Microsoft. Products ship out with bugs, as we all know, because it's necessary to ship by a certain date. That's a symptom of salesmen calling the shots. Products also ship with all kind of activation and genuine advantage shit. I don't know who's ordering that thing to be put in their products, but it's not techies. We all know it doesn't work.
MS Research, on the other hand, is a completely different kind of thing. I'd swear the only relation to MS is money and the letters 'MS'. I wouldn't be suprised if it was ran like google.
That's not clinical addiction, that's more like stupidity and failure to distinguish reality from fantasy.
Signs of addiction would be increased use of games, and maybe you would be right if this was a death because of lack of sleep or other physiological problems due to game abuse.
Deliberately jumping to one's death is just a candidate for a darwin award.
It's not that simple as copying a few root servers. As lots of people said, being the "official" server is what matters here. The point here is what the root servers say. The basic idea is that since each country has a ccTLD of its own, they should control it themselves, and have a joint decision about not ccTLD ones, as opposed to having ICANN (a US organization) decide about important things for them. The debate has heated up recently mostly because the US has been recently taking decisions unilaterally, based on their own beliefs (such as denying a.xxx TLD). Things like that, plus the broken promise of handling some control to other countries, constant pressure from ICANN to certain countries and stupid notions such as them believing that the Internet is theirs have deteriorated the situation even further.
The weird bit here is that the reasons stated for not relinquishing control are false:
The Internet is not theirs: see my other post.
They do not retain control over DNS to prevent freedom loss in the Internet: the great firewall of China is a very good example of this. If you're in China, China controls what you see. (and that applies everywhere, even in the US).
So basically you've got a bully that does not want to share his toys. See what happened when I posted my rant? Now, what if instead of being no one, my net was important? What about if my net was large? Like the ones that belong to the countries currently discussing the same as us in Tunis. Don't you think it won't lead to trouble further down the road?
I don't think this will lead to a crack right now, just like I won't be disconnecting from the US controlled parts of the Internet. But I'm pretty sure something's brewing underneath. Eventually they'll be ready and if the US keeps sending them packing they will do things unilaterally. And we'll see how important these other networks are to the US.
One thing I know: It'll hurt both sides a lot. I hope the US reconsiders its position.
I don't even understand why we're still debating about this. I'm not trying to be pro-american here, but we did technically make it, so why can't we govern it?
No, you technically did not make the Internet.
The little piece of the Internet that's in my home was built by myself a few years ago. The hardware I bought them with my money, and I assembled everything myself. I'm running Linux, so my stack would have been made in Finland (a huge simplification, but I guess you get the point). Even though that part is just a small insignificant bit mainly consisting of a few wires and a hub (important to about 5 people in the whole world), that doesn't mean it's not mine. You can claim ownership when you take it from my charred hands after you nuke me out of this world, because I'm not settling for less.
The ARPAnet? That's yours (whatever is left of it). The NSFnet? Yours, no doubt. Milnet? Yes, USA property too.
However before claiming that the Internet is yours, I suggest you substract a few parts that don't belong to you (like my net).
Oh, if you think that I'm no one, you're right. However you should consider that I also know some of the people responsible of building the inter-university network in the nineties (and that doesn't belong to the USA either). I guess a few countries in the world do share my opinion, too.
Why not just forget about time zones, day light savings and create a new universal global time. So what if it makes my 8am-5pm job change to 1am-9am or if it means I eat lunch during the night. It just seems like we are slowly outgrowing the need for this, as many people work normal hours that used to be considered odd (such as graveyard shifts)
Well, you have to admit that having a local time is convenient. It would be a real bitch if for every different part of the world you had a different time for "noon".
Anyway, it's all a matter of habit. What I do is use local time in my daily life when addressing people near me (in my case, that area is my country), but immediately switch to a more universal format (either translate to UTC, explicitly write UTC-3, my time zone, after the time, or try to guess the other party's time zone, always writing my guess after the time, like 2005-11-10 21:20 UTC-3.
That works like a charm, and I get the best of both worlds.
I definitely don't understand why the Americans would propose dumping UTC. After all, leap seconds are for the convenience of the public. If they are so interested in avoiding leap seconds, why don't they just use TAI and let the others keep using UTC?
Although in this incident there is a clear operator error (attempting to do some function clearly out of spec), the creators of the software are also to blame, if the problem was as you described it.
Changing the order of the vertices of a geometric figure should not affect the way the "inside" of the figure should be, since the order of the points is irrelevant (geometric-wise, as in mathemathics).
The software should have probably prompted the user (in all cases) which should be the inside area and not assumed something that is not clearly defined (especially since we're talking about a potentially lethal assumption).
As the sibling posts say, a better UI would have probably helped a lot, but there was a fatal mistake in the software from the beginning.
You shouldn't call software made under insane management and disregarding procedures "rock solid" (especially if there are deaths involved). It is definitely not. I would have supposed that software developers would have taken a hint after Therac-25.
After attempting to put SuSE on an older machine to use as a home firewall, I gave up (SuSE insisted to install X libs in the "minimal" install) and tried OpenBSD instead. Besides, iptables syntax truly sucks big time.
Wrong tool for the job, I'd say. SuSE is an excelent distro for workstations, but it sucks as a firewall (and is not so good as a server). You did well to switch to OpenBSD. I would have tried debian first, though.
My recipe is:
SuSE for workstations. Debian for servers. Debian or a custom made linux for firewalls.
It's something like YYYY-MM-DDTHH:MM:SS.xxxxxxx TZ (you may remove the unnecesary parts and the "T" that marks the hour part if you wish and it's unnecesary).
I've used that format for years, it's unambiguous and very practical. I accept the little-endian format too, since it's commonly used here. However I could never understand that middle-endian freak the Americans use. I know it's a direct copy from the full length version, but it's too easily confused with the little-endian version and not as practical.
As said in the other replies, the Internet tends to route around damage. Even if ISPs are forced to reveal all information know to them. The next step is even written as of today in the Darknet paper, by no one other than Microsoft! (DOC link, sorry but MS has a tendency to do that things)
What will happen is that you will have infringers sharing copyrighted content on invitation only, encrypted networks.
Then the ISPs will not be able to help RIAA and company because they will not be able to see into the encrypted channels (and that's the answer they will give since it's in their best interest that file sharing continues).
Sure, they will suspect such activity, but nothing will be proven unless someone screws up really bad (like inviting an informer to the closed net).
yup, 8 years ago they were saying the ip4 space would be exhausted in next 5 years. Heck, I sat at a presentation on IPng in 1994 where that was said. At least such a statement is more true now than it was then, but I'll bet reclaiming old absurdly huge allocations of IP space could push this out beyond 10-12 years.
The address space in 1994 really was almost exhausted. What you saw at that conference was 100% true. They made a plan consisting of a long term solution, and a short term one.
IPv6 was the long term solution, and the idea is to eventually start using it.
What you seem to have missed is the short term solution, CIDR. The idea behind it was to take all the unused address space (and reclaim another addresses too) and allocate them in a less wasteful manner.
And yes, IANA should reclaim those/8 assigned, nobody has that many hosts. They probably will if the situation gets desperate enough.
NAT means serious problems when you're using ipsec. AH can't go thru NAT (by design) and ESP has problems too. Although we have an ipsec vpn running at work that accepts connections from NATed hosts, there are always minor problems. You also have port forwarding issues and such. I'd rather have all public addresses and use AH for all connections. Besides, any admin worth his salt can set a stateful firewall and have a similar degree of protection than NAT.
I'd rather use protocols that were designed to provide security for that role instead of kludges (unfortunately I cannot, as we do not have public addresses for the office workstations).
True, we don't need to leave our country to write letters to other places in the world -- but we do need somebody to write to. I've only done business (directly) with 2 or 3 companies that aren't in the U.S. What am I supposed to do? Write a letter to 'Fraulein in Deutschland' and expect a reply?
There are pen-pal lists going around. I'm not participating in such activities, but I have a friend that does. She's written letters to people at least in three different countries. You might also want to join a foreign community that speaks German, the same way I joined slashdot (ok, English's sort of a native language to me). Reading is also a very good way to exercise your other languages. The point is that you'll always forget if you don't practice. You should notice that being forced to learn a language just to pass some test or get admitted in the university is not enough, you will obviously forget everything once the pressure is over. I think that's the situation in the US with most people.
I honestly know more sign-language than German now, because I actually use sign language; it has a practical value to me. German, while interesting, hasn't provided me with any practical value; it has given me no utility. Even the Spanish I've picked up over the years is more useful to me than the language I studied in school.
I'd be grateful in your place -- that learning a language that is not your native tongue has become truly useful for you. I felt no small amount of jealosy towards some of the people I went to college with -- whom spoke eight or more languages. But I would never be welcomed into their home countries; not for any personal attributes, but simply because of where I was born.
The problem is that you keep seeing only the immediate use of the language. However leaning a foreign language is not useful because the immediate need (if you have such need you'll learn the language, like people living in a foreign country) but the possibility of having another tool to communicate when the situation arises. I do not speak French all the time, yet I know I can speak it should the need arise. That means both the need and the capability of reading books in french once in a while, I would forget if I didn't, just like you.
You bet I'm grateful I can talk in multiple languages. I also try to improve my skills, because I can see the long term usefulness of that skill. It is also a very good mental exercise that keeps the brain in shape.
About not being welcome in foreign countries, that's not true. You wouldn't be welcome with the "I care about my culture, screw yours" attitude lots of Americans have. I assure you that with a possitive attitude people wouldn't care (in fact, people tends to appreciate the desire of foreign people to learn the local customs). That's something that happens with Argentinians too. It's not that you have the words "American" tatooed on you forehead.
(and remember, the US might be big, but it's small compared to south america). You might want to check your facts: South America is a continent; not a country. It would be like comparing North America to South America (Considering most Canadians speak English as well). And IIRC, all of South America doesn't speak the same language either (Although Portugese and Spanish are somewhat similar)
What I was trying to point is that the distance argument is wrong. It doesn't matter that south america is a continent while the US is a country. I could use the same argument saying that I can travel all around a whole continent, even far as Mexico (with the exception of the Guyanas, Belize and the antilles) and yet hear nothing but Spanish and Portuguese. If the argument was true, I would only speak Spanish and Portuguese. It's not a matter of land mass or population, the argument uses distance (if you think a ticket to Europe is expensive, you should look at the price lis
Setting up your own DNS servers is not a way to express an opinion. It's just a way of unilaterally doing things.
Probably what the EU intends is to make the ICANN accept input from other countries (IMHO a good thing), with the split as a last resort (meaning failure to negotiate).
In the end, ICANN (or whatever replaces it) will have input from multiple organizations/countries. The current US position is stubborn and not very rational. If the US does not change its policy regarding ICANN, pressure will increase as other countries/organizations begin to feel unrepresented too. Once they reach a certain critical mass either ICANN will change policy or a REAL split will happen with the majority, unlike now (leaving the US unrepresented in the process).
One of the reasons Americans typically speak only English: There isn't a need. If I pick any horizontal direction and move 500 miles, I'm going to be speaking English.
That argument again?
In that case nobody in Argentina would speak English, since you could travel a couple thousands of kilometers and not find an English speaking country (and remember, the US might be big, but it's small compared to south america).
Yet people here (and in the rest of the world too) learn different languages. You don't need to leave your country to write letters to other places of the world, or to meet other people. Or to read foreign books (and just as the original author intended).
Most Americans don't learn other languages because they don't want to. Let's face the truth as it is.
I started learning English before I even left my city, there's no reason you could not do likewise. Geography is just an excuse.
Slashdot Mirror
The difference between security by obscurity and a key is that when using a key, you publicly announce (or assume it is known) the exact proceedure to enter a key (relying solely on the key strength).
Let's use your mesh point as an example. If, when you build it, you say "to access this router you have to use such IP address", and for each device you write a different address (or make it user changeable), then you have a 32 bit key (assuming IPv4). Everybody knows what to do in order to access your (or anyone's) device, and you rely on the difficulty of trying addresses until they hit.
If, on the other hand you do not announce why you use such address to access the device, it's security by obscurity. You rely on the secrecy of the method for security. You're not likely to treat it like a real key (if you do, then you have both a key and obscurity). You might then be relying on a security feature that is not secure (you told a friend, somebody copied the programming of your box, etc).
Anyway, the IP address is just a lousy place to add your authentication. You cannot change on demand your IP address unless you want to isolate yourself from your network.
As for hacking your device, assuming a fixed knocking scheme, telnet port and root password, I'd say it can be cracked as soon as someone taps your channel. If you change normally your root password, complexity is the same (password gets sniffed). If knocking and port changes, then there's a key, unless the changing algorithm is fixed, in that case the attacker will just have to deduce which algorithm is (or he might already have it, he might have found your docs). If the algorithm is fixed, what would you do if someone finds out?
If you're relying on the box to automatically change the password, the just use a one time password system (crypto, but cheap in your terms, although it does not protect against session hijacking).
Anyway, if speed if so important, there are specialized chips that do crypto lighting fast by themselves. Even COTS hardware does simmetric key operations really fast, the bottleneck is probably your wifi throughput.
Current that can be easily detected and misidentified as the receiver's. Remember, I cut the receiver from the line and connected an identical device (which RANDOMLY connects components, like the receiver's) to the line. You don't ask the receiver what his random choices are (if you did, I'd just compromise this secondary channel). The device performs no authentication, so you can never know who's on the other end of the wire (which means I can do a man in the middle attack).
Recheck my steps, please. Unless the devices somehow know how to identify the device on the other end, they are vulnerable.
In this case, there is no need to transfer keying material. The receiver injects the random noise himself, so it's not really related to the one time pad, it's more like the idea of public key cryptography (in a very indirect way, before criticizing please read Ellis' paper).
But you're right. Man in the middle would work like a charm, and that propagation method might work too (not my area of expertise).
Schneier does not have to be an expert on electronics, if he can show he can recover the message.
I'm a CS student/TA/Network administrator (so I'm no electronics expert) but my solution would be very simple (a man in the middle attack):
1)Buy two of these encryption boxes
2)Cut wire (wait until the devices are off or not monitored if necessary)
3)Put a device on each end of the cut wire.
4)Listen from one side, eavesdrop and copy to the other side.
5)Profit (no ??? or electronics knowledge involved).
Simple as that, no EE involved. And I'm sure it's not the only answer (there are some posts about measuring the propagation of the signals too).
Peeking at the paper, it seems that the receiver somehow introduces noise to the channel, garbling the sender's signal. He then recovers the message by deducing what the sender chose because he knows what his noise is.
A similar principle was used about 50 years ago, although maybe using a different method. I've not seen the paper about this device (Bell project C43), but the Ellis Paper on non-secret encryption (PDF, sorry) makes a brief description of the device in item 6.
Oh, if I were attacking that device (or Kish's one), I'd do a man in the middle attack without thinking twice (his assumptions about being perfectly secure are apparently wrong).
That's not necesarily true. I follow the same approach. The first password (which I memorize) is for an encrypted password storage. When I need to access something, I can read its password from the device. Most frequently used ones will tend to stick, just from frequent use.
Obviously one must be really careful with the master password, but once proper care is taken, you have both the advantage of a hard to guess password (random, probably) and ease of retrieval. That's why it is always memorized.
Combine that with S/Key, and you've got some hell of a security system.
WTF is happening here....? I would have sworn I posted a reply.
.kids does indeed solve the problem of fanatics screwing the net.
.kids over .xxx, but I oppose the intervention on .xxx on principle. Tightasses shouldn't be screwing the Internet.
.kids.us would be even better, I'm tired of those top level domains (and the US' attitude about them too).
Well, here it goes again.
I agree with the sibling post,
That's why I prefer
By the way,
GMail might be a permanent beta, but its release schedule is nothing like Microsoft. Let's take XBox 360 as an example: they set a release date, and ready or not they start selling on that date. It doesn't matter it there are problems, as long as there are no show stoppers, they'll release and patch later.
On the other hand, when Gmail was announced, we all thought it was an april's fool joke. They took their time sending invites, too. Same thing with other thing from the lab. They let you mess with some stuff if you want, but they release when it's ready (in a permanent beta state, though). It's more like a "Debian Lite" attitude.
Oh, about the totem pole: Steve (corporate) answers to Bill (corporate).
If Bill Gates is a techie, I'm Yuri Gagarin. Remember, he's a BUSINESS school dropout. He may be a geek, but he's a business one.
These are not flaws, .kids would probably be a way of moving responsibilities back to the right place.
No duplication and everything remotely "sexual", "adult" or whatever is not there.
Wikipedia talks about sex?
No wikipedia for you, kids!
Same goes for everything else.
The point is that it would be a place where none of the "filthy" stuff would be present. Of course it would be 100% crap, but that puts the problem on the other side of the line.
Of course horny teenagers would get out of the kids sector, but then it's the uptight parent's fault (who probably watches as much porn as everyone else in secret), not OURS.
"What do you mean your kid went to a porn site when you allowed unrestricted access? If you were so concerned, why weren't you watching him while he had unrestricted access? Well, YOU allowed him access, YOU should watch him."
What you say has some merit, but it's pretty clear accountants and salespeople rule Microsoft. Products ship out with bugs, as we all know, because it's necessary to ship by a certain date. That's a symptom of salesmen calling the shots. Products also ship with all kind of activation and genuine advantage shit. I don't know who's ordering that thing to be put in their products, but it's not techies. We all know it doesn't work.
MS Research, on the other hand, is a completely different kind of thing. I'd swear the only relation to MS is money and the letters 'MS'. I wouldn't be suprised if it was ran like google.
That's not clinical addiction, that's more like stupidity and failure to distinguish reality from fantasy.
Signs of addiction would be increased use of games, and maybe you would be right if this was a death because of lack of sleep or other physiological problems due to game abuse.
Deliberately jumping to one's death is just a candidate for a darwin award.
That's nothing.
There's evidence of grass consumption by various species of dinosaurs in north america. I'm not sure they eat it, though.
As lots of people said, being the "official" server is what matters here. The point here is what the root servers say. The basic idea is that since each country has a ccTLD of its own, they should control it themselves, and have a joint decision about not ccTLD ones, as opposed to having ICANN (a US organization) decide about important things for them. The debate has heated up recently mostly because the US has been recently taking decisions unilaterally, based on their own beliefs (such as denying a
The weird bit here is that the reasons stated for not relinquishing control are false:
So basically you've got a bully that does not want to share his toys. See what happened when I posted my rant? Now, what if instead of being no one, my net was important? What about if my net was large? Like the ones that belong to the countries currently discussing the same as us in Tunis. Don't you think it won't lead to trouble further down the road?
I don't think this will lead to a crack right now, just like I won't be disconnecting from the US controlled parts of the Internet. But I'm pretty sure something's brewing underneath. Eventually they'll be ready and if the US keeps sending them packing they will do things unilaterally. And we'll see how important these other networks are to the US.
One thing I know: It'll hurt both sides a lot. I hope the US reconsiders its position.
No, you technically did not make the Internet.
The little piece of the Internet that's in my home was built by myself a few years ago. The hardware I bought them with my money, and I assembled everything myself. I'm running Linux, so my stack would have been made in Finland (a huge simplification, but I guess you get the point). Even though that part is just a small insignificant bit mainly consisting of a few wires and a hub (important to about 5 people in the whole world), that doesn't mean it's not mine. You can claim ownership when you take it from my charred hands after you nuke me out of this world, because I'm not settling for less.
The ARPAnet? That's yours (whatever is left of it).
The NSFnet? Yours, no doubt.
Milnet? Yes, USA property too.
However before claiming that the Internet is yours, I suggest you substract a few parts that don't belong to you (like my net).
Oh, if you think that I'm no one, you're right. However you should consider that I also know some of the people responsible of building the inter-university network in the nineties (and that doesn't belong to the USA either). I guess a few countries in the world do share my opinion, too.
Well, you have to admit that having a local time is convenient. It would be a real bitch if for every different part of the world you had a different time for "noon".
Anyway, it's all a matter of habit. What I do is use local time in my daily life when addressing people near me (in my case, that area is my country), but immediately switch to a more universal format (either translate to UTC, explicitly write UTC-3, my time zone, after the time, or try to guess the other party's time zone, always writing my guess after the time, like 2005-11-10 21:20 UTC-3.
That works like a charm, and I get the best of both worlds.
I definitely don't understand why the Americans would propose dumping UTC. After all, leap seconds are for the convenience of the public.
If they are so interested in avoiding leap seconds, why don't they just use TAI and let the others keep using UTC?
Although in this incident there is a clear operator error (attempting to do some function clearly out of spec), the creators of the software are also to blame, if the problem was as you described it.
Changing the order of the vertices of a geometric figure should not affect the way the "inside" of the figure should be, since the order of the points is irrelevant (geometric-wise, as in mathemathics).
The software should have probably prompted the user (in all cases) which should be the inside area and not assumed something that is not clearly defined (especially since we're talking about a potentially lethal assumption).
As the sibling posts say, a better UI would have probably helped a lot, but there was a fatal mistake in the software from the beginning.
You shouldn't call software made under insane management and disregarding procedures "rock solid" (especially if there are deaths involved). It is definitely not. I would have supposed that software developers would have taken a hint after Therac-25.
Wrong tool for the job, I'd say.
SuSE is an excelent distro for workstations, but it sucks as a firewall (and is not so good as a server). You did well to switch to OpenBSD. I would have tried debian first, though.
My recipe is:
SuSE for workstations.
Debian for servers.
Debian or a custom made linux for firewalls.
Remember kids, the right tool for the right job.
It's a standard: ISO-8601.
It's something like YYYY-MM-DDTHH:MM:SS.xxxxxxx TZ (you may remove the unnecesary parts and the "T" that marks the hour part if you wish and it's unnecesary).
I've used that format for years, it's unambiguous and very practical. I accept the little-endian format too, since it's commonly used here. However I could never understand that middle-endian freak the Americans use. I know it's a direct copy from the full length version, but it's too easily confused with the little-endian version and not as practical.
As said in the other replies, the Internet tends to route around damage. Even if ISPs are forced to reveal all information know to them. The next step is even written as of today in the Darknet paper, by no one other than Microsoft! (DOC link, sorry but MS has a tendency to do that things)
What will happen is that you will have infringers sharing copyrighted content on invitation only, encrypted networks.
Then the ISPs will not be able to help RIAA and company because they will not be able to see into the encrypted channels (and that's the answer they will give since it's in their best interest that file sharing continues).
Sure, they will suspect such activity, but nothing will be proven unless someone screws up really bad (like inviting an informer to the closed net).
That paper is really interesting to read.
The address space in 1994 really was almost exhausted. What you saw at that conference was 100% true. They made a plan consisting of a long term solution, and a short term one.
IPv6 was the long term solution, and the idea is to eventually start using it.
What you seem to have missed is the short term solution, CIDR. The idea behind it was to take all the unused address space (and reclaim another addresses too) and allocate them in a less wasteful manner.
And yes, IANA should reclaim those
NAT means serious problems when you're using ipsec.
AH can't go thru NAT (by design) and ESP has problems too.
Although we have an ipsec vpn running at work that accepts connections from NATed hosts, there are always minor problems. You also have port forwarding issues and such.
I'd rather have all public addresses and use AH for all connections. Besides, any admin worth his salt can set a stateful firewall and have a similar degree of protection than NAT.
I'd rather use protocols that were designed to provide security for that role instead of kludges (unfortunately I cannot, as we do not have public addresses for the office workstations).
There are pen-pal lists going around. I'm not participating in such activities, but I have a friend that does. She's written letters to people at least in three different countries. You might also want to join a foreign community that speaks German, the same way I joined slashdot (ok, English's sort of a native language to me). Reading is also a very good way to exercise your other languages. The point is that you'll always forget if you don't practice. You should notice that being forced to learn a language just to pass some test or get admitted in the university is not enough, you will obviously forget everything once the pressure is over. I think that's the situation in the US with most people.
The problem is that you keep seeing only the immediate use of the language. However leaning a foreign language is not useful because the immediate need (if you have such need you'll learn the language, like people living in a foreign country) but the possibility of having another tool to communicate when the situation arises. I do not speak French all the time, yet I know I can speak it should the need arise. That means both the need and the capability of reading books in french once in a while, I would forget if I didn't, just like you.
You bet I'm grateful I can talk in multiple languages. I also try to improve my skills, because I can see the long term usefulness of that skill. It is also a very good mental exercise that keeps the brain in shape.
About not being welcome in foreign countries, that's not true. You wouldn't be welcome with the "I care about my culture, screw yours" attitude lots of Americans have. I assure you that with a possitive attitude people wouldn't care (in fact, people tends to appreciate the desire of foreign people to learn the local customs). That's something that happens with Argentinians too. It's not that you have the words "American" tatooed on you forehead.
What I was trying to point is that the distance argument is wrong. It doesn't matter that south america is a continent while the US is a country. I could use the same argument saying that I can travel all around a whole continent, even far as Mexico (with the exception of the Guyanas, Belize and the antilles) and yet hear nothing but Spanish and Portuguese. If the argument was true, I would only speak Spanish and Portuguese. It's not a matter of land mass or population, the argument uses distance (if you think a ticket to Europe is expensive, you should look at the price lis
Setting up your own DNS servers is not a way to express an opinion. It's just a way of unilaterally doing things.
Probably what the EU intends is to make the ICANN accept input from other countries (IMHO a good thing), with the split as a last resort (meaning failure to negotiate).
In the end, ICANN (or whatever replaces it) will have input from multiple organizations/countries. The current US position is stubborn and not very rational. If the US does not change its policy regarding ICANN, pressure will increase as other countries/organizations begin to feel unrepresented too. Once they reach a certain critical mass either ICANN will change policy or a REAL split will happen with the majority, unlike now (leaving the US unrepresented in the process).
That argument again?
In that case nobody in Argentina would speak English, since you could travel a couple thousands of kilometers and not find an English speaking country (and remember, the US might be big, but it's small compared to south america).
Yet people here (and in the rest of the world too) learn different languages. You don't need to leave your country to write letters to other places of the world, or to meet other people. Or to read foreign books (and just as the original author intended).
Most Americans don't learn other languages because they don't want to. Let's face the truth as it is.
I started learning English before I even left my city, there's no reason you could not do likewise. Geography is just an excuse.