The idea I've had to kill spam is to have a mail system that generates a new e-mail address for each potential sender (i.e. mailing list, subscription, etc) that blocks anybody else using the e-mail except for the first user. A unique e-mail address would be generated each time a user wants to give out their e-mail address, and can block any given generated address at will. This will allow the ultimate control in who sends traffic to who, and solves the issue.
This technique could also cause loops on transparent proxies, where a proxy captures the request, does a DNS lookup, and sends the request to another location with a proxy, that does the same thing, until either something kills the connection or it gets through to an unproxied address. It is common for proxies to make use of DNS lookups instead of the target IP, as they can determine if there is more than one IP available using DNS, and use the best one to make the request to.
If the patent is based on plugins being applications, then if the plugin was a pure DLL, with no external application, then it would solve the issue, correct? If this is the case, all it would require would be a new DLL interface for the plugin files to make use of, correct?
I thought of how to create a proper auditable system, and the idea I had was to take the best aspects of both. First, make use of an electronic system, even web based, and use it to create a "paper" vote, where the information about the desired votes is printed out in human readable format, and in electronic readable format. This could contain a section of a printout that even contains the voter and a unique identifier, and a second section that contains the vote and the same identifier. The voter would keep the unique identifier, and would be able to verify the proper vote was registered online, allowing each individual to audit their own vote.
With this paper vote, either generated at home, or at the poll site, they would submit it to the vote reader, which simply scans in the information, resulting in the vote. It would display the vote information to the submitter, ask for verification, and keep the sheet for audit purposes. Result: Complete auditing capability at several levels, but without any local individuals being able to track who voted for who, but they can't tamper with the votes either.
Check out the Netscaler 9400 or 9800. The 9800 is a gigabit load balancer that can do up to 4400 RSA handshakes per second and up to 450-500Mb/s of bulk decryption per second on one box. The 9400 is the fast ethernet version, so it is pretty limited to fast ethernet speeds for everything.
This issue is manyfold. The reason the ISP is doing this is to improve the cache effeciency of many websites. If you resolve www.cnn.com, you will receive many answers back. If the proxy simply used the IP as a determiniation of what is 'unique' then it will end up copying each item from each IP, reducing the total effeciency of the cache. Instead, it will simply take the domain in either the request header, OR will make use of the host header, and then use that for further content retrieval. This in fact is fair. The issue that is being mentioned is when there is an alternate root server that you are attempting to retrieve content from. In this case, the ISP is broken (sorta) by not honoring the host names from this alternate DNS. There are several ways to solve this:
1) Get the ISP to use the Alternate root nameserver, allowing them to resolve the content (unlikely) 2) Attempt to contact the server without using a host header. In cases like this, the proxy will probably default to using the original source IP address that the connection contained in the first place, in order to handle programs that use port 80 for data retrieval but don't support host headers 3) Make use of an external proxy that doesn't do this interpretation (you probably won't find one) 4) Try to create a little proxy of some sort that you use that translates the host headers into an encoded format. This may get around the ISP's proxy, allowing you to use any DNS you want. 5) Suggest your ISP make use of a content aware redirecter that ensures that only the standard domains are sent to the proxy, such as.com,.edu,.org, etc. This will allow the redirector to forward (without the proxy intervening) the request to the proper location, and the problem goes away. This actually would be very easy to do with a product such as the NetScaler RS6000 series boxes. Side advantages is that they can forward non-cacheable content directly, reducing the load on the proxies. Transparent proxies are springing up everywhere, and you really can't avoid them much anymore. The issue you mentioned is actually new to me, but I can see where the problem can come in.
Try to find a Marlboro webpage on the Philip Morris web pages (www.philipmorrisusa.com) and I think you will find why there is no link to the Marlboro website--there is none. You can barely find mention of Marlboro on their webpage except as a name on their list of brands. Neat, huh?
Some numbers and a comment
on
Code Red III
·
· Score: 1, Informative
For people that don't run a webserver, here is what I'm getting out of this command (note that my log is probably a LOT less massive than others because I'm in a relatively NT free IP block, with mostly Linux servers):
This was run at 11:45 PST, meaning today may be even worse for the XXX version than yesterday, probably about 60 attempts before the end of the day. There was a discussion about a code red removal worm, which given how long this thing has been attacking, and the results, is probably the ONLY way this thing is going to be removed. Why isn't the US Government issuing such a worm to protect national interests? It could operate by infecting only machines that attempt to infect the local machine, thus not probing any non-infected machines itself, if you arn't infected, it won't touch you, if you are, it will. Seems simple enough to me. At the rate of propogation this thing works at, it would quickly decimate most if not all infections very quickly.
I guess all those crackpots that thought aliens formed this will have to "face" the facts and find some other obscure formation to pin their hopes on. Such is life (or the lack of it in their case).
How do you know that the laws only apply to the building contractors? Who is to say that the law doesn't have a rider on it that says that everybody living in the buildings that are built to this code don't owe a fee to the drafters of the law for guaranteeing a safe building? You don't unless you read the law, which you need to be able to get to understand. Law needs to be open to EVERYBODY to insure that those that the law applies to can actually follow the law. Without it being open, people won't know the laws that apply to them, and can't follow them.
Perhaps Uncle Sam caused some of this...
on
Hi-Tech Repo Man
·
· Score: 2
One thing I haven't seen here is the flip side. People are saying "they should have lived in their means" yet many of these people DID live in their means. The tax code, however, screwed them out due to some quirks in it. If you owned options and exercised them, many times you have to pay taxes on the price of the stock AT THE TIME YOU EXERCISE the stock, not how much you sell the stock for. This is taxed as income, and there is pretty much NO WAY TO AVOID IT. If the stock goes down after you exercise it, then you can take a capital loss off the stock, but you can only write off $3,000 a year for that. So, if you excercise 1000 shares of stock that was values at the time at $100 and your strike price was $10, then it dropped back to $10 and you sold, then you would owe taxes on $90,000 of income you never saw. Put that on even a fairly good income and you would see why many people in the valley are screwed. Lots of people didn't see it coming till it was too late as they have never seen this type of money, and the tax advisors never told them about the risk of excercise and holding stock. People know about it now though...
Consider this: If a song is a work for hire and they own it outright, then why would the band have to pay the expenses of marketing something they don't own? Chances are, this is them realizing that if they own it outright, they will end up loosing out profits now if it holds up. As such, they are again trying to screw the band by leaving them a token 35 years down the road in order to screw them now.
If you examine the tests, you will notice that they are using the Alteon 180 switches for network connectivity in both tests, which are not available in 1000TX configs. They simply used different names for the same cards between the two tests (they used the 1000SX name under one of the NT tests also).
The servers in question are probably the exact same setup, the difference is that the PERC2 delivered the best performance for NT, but Linux couldn't support it (no driver). As such, they used the on-board SCSI that comes with the server, and used the MD raid software on the Linux side to do the raid. This means that the comparison is when using hardware raid on NT vs. software raid on Linux.
The difference between SCSI-2 vs. SCSI-3 is probably not an issue. In all likelyhood, they used the quad channel version of the PERC2 with the data striped across the disks on seperate channels, resulting in enough throughput to handle the job. In addition, the caching would reduce the disk load enough so the drive throughput would be less of an issue.
The final point is that Dell would want to demonstrate the highest performance they could, so would try to tune the tests to show the highest numbers they could. In addition, the numbers other vendors showed for NT on similar platforms was comprable, so probably the results are fairly reasonable.
In the case of a Corporation, why not have them loose their copyright to material that has been sold to the public five years after they cease to sell the material to the public. This would open up a huge amount of material after they have deamed it not worth selling. In conjunction with this, if a Corporate entity continued selling it through the entire 70+ years, they should retain the copyright until they stop. If they want to support the material, fine, but once they abandon it, it becomes abandonware for anybody.
If you are plastering your resume around, there are a few tips: A) ignore anybody that says "keep it one page". This rule is WAY dead in tech jobs. People use keywords to weed out what resumes to read, if the keyword they typed in isn't on your resume, no human wil read it. Put EVERYTHING you know on your resume, no matter how long it is. B) Order the resume section wise based on what is most impressive. If you have an impressive skill section, place it above schooling. Follow this and you will be contacted by more people.
How about setting up the code to kill anything with the phrase "first post" in it?
Re:To the morons wanting this chip on AGP
on
Cheap Gigabit Ether
·
· Score: 1
Correction, you can have your graphics on the PCI, and the network on the AGP. This is in fact how the Network Engines operates. There is nothing inherent to prevent network access from using the AGP, but it excludes the graphics from sitting on the same bus as AGP is designed for one card, not many like PCI. So if your main interest is network bandwidth, it's a great idea, but if it's graphics, the idea sucks.
The 64 bit gigabit cards can be put into a server with a standard 32 bit slot and still function, albit at a slower speed. Yes, they support 64 bit 66mhz systems, but will run in your standard Celeron 466 with 32 bit 33mhz PCI also. In addition, the gigabit cards support interrupt coalessing, which allow processing to be done a lot more efficiently than with standard NIC's, especially when dealing with smaller frames.
Standard PCI==about 1.04 Gigabits/second. The Alteon ACENic supports 66Mhz, 64 Bit PCI, which is about 4Gb/s, which is comprable to AGP. On the flip side, Network Engines (http://www.networkengines.com) has a cluster interconnect that makes use of the AGP bus to drive the speeds.
Search for gigabit on www.pricewatch.com. The Netgear gigabit (based on Alteon Tigon II card) on Fiber is only $291. The 1000TX cards are shipping now to select vendors from Alteon, which should end up being cheaper once Broadcom gets more chips out in volume. The Netgear uses the same Alteon driver in Linux as the 3com gig (again the same chip). In order to run two PC's back to back at full duplex gigabit would be two of these NIC's and an SC-SC fiber cable.
Recentally, I setup a Linux router with 8 10Mb/s feeds (full duplex)inbound with one 100Mb/s feed going out. What happened is that at about 20K interrupts a second (about 70Mb/s), the system, which was running fine (about 97% idle) started sucking up cpu time. By 30K interrupts, it had saturated the CPU. In this setup, I made use of the vlan code (it was attached to a vlan switch), and used an Alteon AceNIC which does interrupt coalessing. The AceNIC under the same loads ran with about 1600 interrupts a second, and continued to run with about 97-98% idle time at the same traffic levels that had pegged the system before. I'm wondering if special drivers that are doing interrupt coalessing are making the difference on the NT boxes. Assuming that each transfer generates on a WebBench 20 interrupts (or more), then the 1K connections a second and the CPU load are really understandable.
On another note, why not have different groups do benchmarking with a fixed $$ amount that they can use to purchase equipment, as well as fixing a $$ amount per hour that they have to spend configuring the servers. This would be a MUCH more realistic benchmark scenario as the cost of equipment and time are realistic factors in the real world.
Basically, the way I see it, if Canada law says that you can't enter into a binding agreement, and even a GPL license is an agreement, than that means that in Canada, an 18 year old can't agree to honor the GPL. As such, Corel is insuring that anybody that downloads has to otherwise agree to all the license requirements, including GPL. If they are correct, then any minor can break the GPL and use the software however, and whereever they want, without having to return modifications, etc.
Slashdot Mirror
The idea I've had to kill spam is to have a mail system that generates a new e-mail address for each potential sender (i.e. mailing list, subscription, etc) that blocks anybody else using the e-mail except for the first user. A unique e-mail address would be generated each time a user wants to give out their e-mail address, and can block any given generated address at will. This will allow the ultimate control in who sends traffic to who, and solves the issue.
Erik Brandsberg
This technique could also cause loops on transparent proxies, where a proxy captures the request, does a DNS lookup, and sends the request to another location with a proxy, that does the same thing, until either something kills the connection or it gets through to an unproxied address. It is common for proxies to make use of DNS lookups instead of the target IP, as they can determine if there is more than one IP available using DNS, and use the best one to make the request to.
Erik
If the patent is based on plugins being applications, then if the plugin was a pure DLL, with no external application, then it would solve the issue, correct? If this is the case, all it would require would be a new DLL interface for the plugin files to make use of, correct?
Erik Brandsberg
I thought of how to create a proper auditable system, and the idea I had was to take the best aspects of both. First, make use of an electronic system, even web based, and use it to create a "paper" vote, where the information about the desired votes is printed out in human readable format, and in electronic readable format. This could contain a section of a printout that even contains the voter and a unique identifier, and a second section that contains the vote and the same identifier. The voter would keep the unique identifier, and would be able to verify the proper vote was registered online, allowing each individual to audit their own vote.
With this paper vote, either generated at home, or at the poll site, they would submit it to the vote reader, which simply scans in the information, resulting in the vote. It would display the vote information to the submitter, ask for verification, and keep the sheet for audit purposes. Result: Complete auditing capability at several levels, but without any local individuals being able to track who voted for who, but they can't tamper with the votes either.
Check out the Netscaler 9400 or 9800. The 9800 is a gigabit load balancer that can do up to 4400 RSA handshakes per second and up to 450-500Mb/s of bulk decryption per second on one box. The 9400 is the fast ethernet version, so it is pretty limited to fast ethernet speeds for everything.
Erik
This issue is manyfold. The reason the ISP is doing this is to improve the cache effeciency of many websites. If you resolve www.cnn.com, you will receive many answers back. If the proxy simply used the IP as a determiniation of what is 'unique' then it will end up copying each item from each IP, reducing the total effeciency of the cache. Instead, it will simply take the domain in either the request header, OR will make use of the host header, and then use that for further content retrieval. This in fact is fair. The issue that is being mentioned is when there is an alternate root server that you are attempting to retrieve content from. In this case, the ISP is broken (sorta) by not honoring the host names from this alternate DNS. There are several ways to solve this:
.com, .edu, .org, etc. This will allow the redirector to forward (without the proxy intervening) the request to the proper location, and the problem goes away. This actually would be very easy to do with a product such as the NetScaler RS6000 series boxes. Side advantages is that they can forward non-cacheable content directly, reducing the load on the proxies.
1) Get the ISP to use the Alternate root nameserver, allowing them to resolve the content (unlikely)
2) Attempt to contact the server without using a host header. In cases like this, the proxy will probably default to using the original source IP address that the connection contained in the first place, in order to handle programs that use port 80 for data retrieval but don't support host headers
3) Make use of an external proxy that doesn't do this interpretation (you probably won't find one)
4) Try to create a little proxy of some sort that you use that translates the host headers into an encoded format. This may get around the ISP's proxy, allowing you to use any DNS you want.
5) Suggest your ISP make use of a content aware redirecter that ensures that only the standard domains are sent to the proxy, such as
Transparent proxies are springing up everywhere, and you really can't avoid them much anymore. The issue you mentioned is actually new to me, but I can see where the problem can come in.
Try to find a Marlboro webpage on the Philip Morris web pages (www.philipmorrisusa.com) and I think you will find why there is no link to the Marlboro website--there is none. You can barely find mention of Marlboro on their webpage except as a name on their list of brands. Neat, huh?
For people that don't run a webserver, here is what I'm getting out of this command (note that my log is probably a LOT less massive than others because I'm in a relatively NT free IP block, with mostly Linux servers):
/default.ida?NNNNN
/default.ida?NNNNN
/default.ida?NNNNN
/default.ida?NNNNN
/default.ida?XXXXX
/default.ida?NNNNN
/default.ida?XXXXX
/x.ida?AAAAAAAAAAA
/default.ida?NNNNN
/default.ida?XXXXX
/default.ida?NNNNN
/default.ida?XXXXX
/default.ida?NNNNN
/default.ida?XXXXX
/default.ida?NNNNN
/default.ida?XXXXX
/default.ida?NNNNN
/default.ida?XXXXX
grep "Aug.*ida" httpd.log cut -f4,7 -d' ' |cut -c2-7,22-40 |sort -n|uniq -c
23 01/Aug
26 02/Aug
21 03/Aug
24 04/Aug
4 04/Aug
14 05/Aug
13 05/Aug
1 05/Aug
9 06/Aug
34 06/Aug
9 07/Aug
38 07/Aug
2 08/Aug
29 08/Aug
3 09/Aug
44 09/Aug
2 10/Aug
29 10/Aug
This was run at 11:45 PST, meaning today may be even worse for the XXX version than yesterday, probably about 60 attempts before the end of the day. There was a discussion about a code red removal worm, which given how long this thing has been attacking, and the results, is probably the ONLY way this thing is going to be removed. Why isn't the US Government issuing such a worm to protect national interests? It could operate by infecting only machines that attempt to infect the local machine, thus not probing any non-infected machines itself, if you arn't infected, it won't touch you, if you are, it will. Seems simple enough to me. At the rate of propogation this thing works at, it would quickly decimate most if not all infections very quickly.
I guess all those crackpots that thought aliens formed this will have to "face" the facts and find some other obscure formation to pin their hopes on. Such is life (or the lack of it in their case).
How do you know that the laws only apply to the building contractors? Who is to say that the law doesn't have a rider on it that says that everybody living in the buildings that are built to this code don't owe a fee to the drafters of the law for guaranteeing a safe building? You don't unless you read the law, which you need to be able to get to understand. Law needs to be open to EVERYBODY to insure that those that the law applies to can actually follow the law. Without it being open, people won't know the laws that apply to them, and can't follow them.
One thing I haven't seen here is the flip side. People are saying "they should have lived in their means" yet many of these people DID live in their means. The tax code, however, screwed them out due to some quirks in it. If you owned options and exercised them, many times you have to pay taxes on the price of the stock AT THE TIME YOU EXERCISE the stock, not how much you sell the stock for. This is taxed as income, and there is pretty much NO WAY TO AVOID IT. If the stock goes down after you exercise it, then you can take a capital loss off the stock, but you can only write off $3,000 a year for that. So, if you excercise 1000 shares of stock that was values at the time at $100 and your strike price was $10, then it dropped back to $10 and you sold, then you would owe taxes on $90,000 of income you never saw. Put that on even a fairly good income and you would see why many people in the valley are screwed. Lots of people didn't see it coming till it was too late as they have never seen this type of money, and the tax advisors never told them about the risk of excercise and holding stock. People know about it now though...
Consider this: If a song is a work for hire and they own it outright, then why would the band have to pay the expenses of marketing something they don't own? Chances are, this is them realizing that if they own it outright, they will end up loosing out profits now if it holds up. As such, they are again trying to screw the band by leaving them a token 35 years down the road in order to screw them now.
I'm not sure where you get this, checking the numbers for NT, I get:
1 1598 99.9% 4408.4 363.5 2.76 330.5
2 1592 99.5% 4400.3 364.2 2.75 329.8
3 1598 99.9% 4409.6 363.4 2.76 330.3
and for Tux:
1 4200 100.0% 12291.1 341.0 2.93 349.7
2 4199 100.0% 12328.6 339.9 2.94 350.4
3 4200 100.0% 12309.0 340.4 2.93 349.9
These numbers are comprable in ratios, and match the pattern of all the other tests.
Erik
If you examine the tests, you will notice that they are using the Alteon 180 switches for network connectivity in both tests, which are not available in 1000TX configs. They simply used different names for the same cards between the two tests (they used the 1000SX name under one of the NT tests also).
The servers in question are probably the exact same setup, the difference is that the PERC2 delivered the best performance for NT, but Linux couldn't support it (no driver). As such, they used the on-board SCSI that comes with the server, and used the MD raid software on the Linux side to do the raid. This means that the comparison is when using hardware raid on NT vs. software raid on Linux.
The difference between SCSI-2 vs. SCSI-3 is probably not an issue. In all likelyhood, they used the quad channel version of the PERC2 with the data striped across the disks on seperate channels, resulting in enough throughput to handle the job. In addition, the caching would reduce the disk load enough so the drive throughput would be less of an issue.
The final point is that Dell would want to demonstrate the highest performance they could, so would try to tune the tests to show the highest numbers they could. In addition, the numbers other vendors showed for NT on similar platforms was comprable, so probably the results are fairly reasonable.
Erik
In the case of a Corporation, why not have them loose their copyright to material that has been sold to the public five years after they cease to sell the material to the public. This would open up a huge amount of material after they have deamed it not worth selling. In conjunction with this, if a Corporate entity continued selling it through the entire 70+ years, they should retain the copyright until they stop. If they want to support the material, fine, but once they abandon it, it becomes abandonware for anybody.
If you are plastering your resume around, there are a few tips: A) ignore anybody that says "keep it one page". This rule is WAY dead in tech jobs. People use keywords to weed out what resumes to read, if the keyword they typed in isn't on your resume, no human wil read it. Put EVERYTHING you know on your resume, no matter how long it is. B) Order the resume section wise based on what is most impressive. If you have an impressive skill section, place it above schooling. Follow this and you will be contacted by more people.
How about setting up the code to kill anything with the phrase "first post" in it?
Correction, you can have your graphics on the PCI, and the network on the AGP. This is in fact how the Network Engines operates. There is nothing inherent to prevent network access from using the AGP, but it excludes the graphics from sitting on the same bus as AGP is designed for one card, not many like PCI. So if your main interest is network bandwidth, it's a great idea, but if it's graphics, the idea sucks.
The 64 bit gigabit cards can be put into a server with a standard 32 bit slot and still function, albit at a slower speed. Yes, they support 64 bit 66mhz systems, but will run in your standard Celeron 466 with 32 bit 33mhz PCI also. In addition, the gigabit cards support interrupt coalessing, which allow processing to be done a lot more efficiently than with standard NIC's, especially when dealing with smaller frames.
Standard PCI==about 1.04 Gigabits/second. The Alteon ACENic supports 66Mhz, 64 Bit PCI, which is about 4Gb/s, which is comprable to AGP. On the flip side, Network Engines (http://www.networkengines.com) has a cluster interconnect that makes use of the AGP bus to drive the speeds.
Search for gigabit on www.pricewatch.com. The Netgear gigabit (based on Alteon Tigon II card) on Fiber is only $291. The 1000TX cards are shipping now to select vendors from Alteon, which should end up being cheaper once Broadcom gets more chips out in volume. The Netgear uses the same Alteon driver in Linux as the 3com gig (again the same chip). In order to run two PC's back to back at full duplex gigabit would be two of these NIC's and an SC-SC fiber cable.
Recentally, I setup a Linux router with 8 10Mb/s feeds (full duplex)inbound with one 100Mb/s feed going out. What happened is that at about 20K interrupts a second (about 70Mb/s), the system, which was running fine (about 97% idle) started sucking up cpu time. By 30K interrupts, it had saturated the CPU. In this setup, I made use of the vlan code (it was attached to a vlan switch), and used an Alteon AceNIC which does interrupt coalessing. The AceNIC under the same loads ran with about 1600 interrupts a second, and continued to run with about 97-98% idle time at the same traffic levels that had pegged the system before. I'm wondering if special drivers that are doing interrupt coalessing are making the difference on the NT boxes. Assuming that each transfer generates on a WebBench 20 interrupts (or more), then the 1K connections a second and the CPU load are really understandable.
On another note, why not have different groups do benchmarking with a fixed $$ amount that they can use to purchase equipment, as well as fixing a $$ amount per hour that they have to spend configuring the servers. This would be a MUCH more realistic benchmark scenario as the cost of equipment and time are realistic factors in the real world.
Erik
Basically, the way I see it, if Canada law says that you can't enter into a binding agreement, and even a GPL license is an agreement, than that means that in Canada, an 18 year old can't agree to honor the GPL. As such, Corel is insuring that anybody that downloads has to otherwise agree to all the license requirements, including GPL. If they are correct, then any minor can break the GPL and use the software however, and whereever they want, without having to return modifications, etc.