The parent article wasn't saying that the AOL-hacking Paypal-record-falsifying thief was a poor victim. It was saying that the domain name speculator who the thief ripped off was in the scummy cybersquatting business himself.
Domain names are supposed to let people who have actual interesting content make it findable and memorable by people who want to use those sites. Most of the "domainer" industry isn't taking names that are already in use (except by buying them right when they expire, taking advantage of sloppy or abusive registrars' renewal systems) - they're taking names that sound like they ought to be interesting, usually as search terms, and parking them with advertising pages or possibly putting up low-value content redirecting people to other web sites, either for the ad banners or a cut of those sites' advertising revenue. Sometimes the names they come up with are variants on existing businesses' domain names, or variants on product names, and often enough they're used by SEOs or other search space spammers as well.
Re: Technical Accuracy vs. Writing Skill
on
Tetraktys
·
· Score: 2, Interesting
There are people who can present interesting technical or philosophical discussions in fiction and do it well; there are far more who can do it really badly, and some of them can get editors to publish their work for them:-) IMHO, "better novel writer than Dan Brown" is a fairly low bar to jump, as is (to pick a much more important writer in a different technical field) "better novel writer than Ayn Rand"... I haven't read Tetrakys, so I'm not going to judge its literary merits.
Cryptonomicon is probably the canonical novel in the field - Neal got away with enough rambling that he was allowed to write a far longer Baroque trilogy after that, but so much of the fun with Cryptonomicon was that back when it came out, we _knew_ most of the characters (and even if you didn't recognize the specific individuals, most people in the tech startup world at least knew them as archetypes, and the getting-venture-funding and literary-critic-girlfriend bits were dead on as well as totally over the top.)
We got my late mother-in-law a computer back in the late 90s, and an AOL account, so she could do email and read her celebrity gossip and such. Unlike my mom, who's moderately tech-savvy and used Macs, my MIL was the type who'd happily click on the "we can make your PC go faster" or "get these cute dancing kitty cursors today!!!" popups, so her machine was generally a wretched hive of villainy and viral scum. On the other hand, she didn't really get the hang of saving things to disk files, so if she wanted to save something, she'd either print it out on dead trees or file it away in AOL. That meant that cleaning her machine was usually easy - wipe out everything, install the OS from scratch, and install the latest AOL coaster, and it was good as new.
Well, it nullifies the query in the sense of saying "instead of carrying a netbook, carry a flash drive with your data and a Linux LiveCD, so you can use whatever hardware's available at your destination, and you'll probably be safe from viruses or keyloggers by running the US you brought with you." And it's becoming much more common these days for machines to boot from USB, and 4GB flash drives cost under $10, you can even carry a fairly full environment on your keychain.
No, my laptop didn't get stolen this time. It was a brand new machine, with the OS and my files installed on it, and got sent in for "repairs" because the hardware clock wasn't working - probably needed the battery seated correctly or whatever. And either our outsourced corporate desktop support people didn't get the message requesting them to fix the clock, or Dell didn't get the message requesting them to fix the clock, or something else happened, because they allegedly scrapped the machine and sent me a new one. Did they crush it, or rip it apart, or fix the battery and send it to a new users? Nobody can tell me:-)
But it had Pointsec, so allegedly my data's protected from outsiders, and my old laptop is left over from our *old* corporate desktop bureaucracy, so it's company-owned rather than leased, and I've been using it while they "fix" my new one, so I haven't lost my data.
The submitter didn't say he wanted the machine bricked - he said he wanted his data protected, and if that means bricking the machine, he's ok with that. After all, if a thief is trying to resell the hardware, not the data, even ATA passwords aren't enough, because the thief can replace the drive with a new one. On the other hand, encryption will protect your data against smart thieves as well as dumb ones, and ATA passwording won't, unless you get lucky and have a disk from a non-flawed manufacturer.
Encryption doesn't take that much horsepower, especially if you're also doing compression, which lets you run your disks a lot faster. If it's still a problem, encrypt the file systems where you keep data (including/home and/var and maybe swap) and leave the operating system itself on a non-encrypted partition.
Many people use their laptops to work on projects for their employers, and companies really don't like having their corporate data exposed - especially if they're in California or other states that require corporations to disclose to the public if customer information is exposed, which makes them look stupid.
There are upmarket criminals who do want data, typically credit card and bank account information. Does your browser have your bank's password cached? That can be worth far more than a used laptop. And spammers may pay trivial amounts for Facebook/etc. logins. On the other hand, yeah, most low-level criminals just want to sell the hardware fast, and it might be easier if they can just wipe your user data and leave Windows installed rather than having to reinstall pirated Windows themselves.
The real technical question is whether you want to encrypt the whole disk, or only encrypt the file systems or partitions that have your files (and maybe swap and spool) and leave the vanilla operating system partition unencrypted for performance reasons.
Airport inspection rules are arbitrary - the only thing consistent is that they'll tell you that whatever random thing they made up this week has *always* been the rule and that *you* should know that and obey them. There was a while in the mid-90s when laptops were still viewed as new and shiny and the airport people made you turn them on. (I remember getting asked once if I was carrying a laptop - I had to refrain from saying "Is this the wrong airport - I'm at San Jose aren't I? Have you seen anybody today who didn't have a laptop, duh!")
But recently the Bush Administration's Customs thugs were stopping laptop-carrying people coming from Canada (I think this was in Seattle) because there might be (gasp!) *pr0n* on some of the computers and asserting their right to hold onto your machine until they were sure it was Pure. And Canada sometimes stops people to inspect their papers to see if they're carrying commercial material that might be taxable, so it wouldn't surprise me if they might randomly do something obnoxious (politely, of course, unlike the American customs thugs.)
Disappearing Inc had a similar service back during the boom. They'd manage document keys for you, and you'd read the document using a reader that fetched a document key from their servers and opened a copy for you but didn't give you the actual key. When the key expired (based on whatever date you set with them, or a delete message), they'd delete the key, so nobody could decrypt the document later.
Back in the 90s boom, a friend of mine started a dating website, and wrote a book about using online dating. It's not still around, and I don't know if she made any money off it, but she did find a husband:-)
Oh, come on, people, why did you mod that a +5? I was just trolling, because there was a 0-comment article there and I hadn't had a First Post in years:-) I suppose it's ok to leave it modded up now that it's done, since there's some actual useful followup, but really now!
One of the big drivers of the dot-com crash was Greenspan kicking up interest rates six times in early 2000 to get the economy ready for Bush's election, and it certainly didn't help that people were starting to figure out that selling dogfood online wasn't necessarily a billion-dollar business model either (or putting things more conventionally, Greenspan's interest rate rises had a big impact on a capital-dependent business model, and the big growth driver to the dotcom boom, speculation about the value of internet advertising, was getting closer to discovering what the realistic values and prices were, which trashed everybody on the bottom side of the curve.) And of course the Y2K-driven replacement of lots of old stuff was done.
But a really big problem was that there were two main cash-out models for the venture capitalists who were funding the dotcom boom - either go IPO to sell your startup to the public, or sell out to a big company, which was Cisco for hardware and Microsoft for software/services. And with the Justice Department threatening to rip MS into two or three big pieces, MS wasn't going to be spending big bucks buying out anybody's startup for a couple of years - so if you'd spent two years in your garage hoping to become the next Hotmail, suddenly you were Toast, and that VC who'd been offering you Round B funding wasn't calling you any more.
Both of them are identifying flows, but the similarity pretty much stops there. OpenBSD packet filters are a firewall function, typically used to protect your endpoint from evil traffic. This is a router, deciding which interface to send a packet out when it arrives on a different interface at an ISP backbone location. Packet filters are running at the speed of your computer's interfaces and application processing, typically well under a gigabit/sec - this is trying to run at network-backbone speeds of many gigabits/second.
One thing this router is trying to do is have a $30k device using mostly-standard parts that performs as well as a $300k Cisco box using expensive fancy parts.
Yeah, CEF has done that for a while, but it's pretty dumb as well as fast. This article sounds like what he's doing also provides somewhat fancy queue management to take advantage of the flow information during periods of congestion. It's possible that he's also doing a fancier version of CEF, which can get into trouble if there are too many traffic flows so the router runs out of TCAM, but there's not really enough detail in the article to tell.
IPv6 is a new version of IP, not a new version of TCP/UDP (though it forces those protocols to change, because the IP addresses are longer.) Yes, there are priority bits, but there are also priority bits in IPv4, and some ISPs support them for traffic within that ISP, but very few support them between ISPs. The important change in IPv6 is of course longer addresses, plus a lot of boundless optimism about "if we're changing IP anyway, we can fix all the problems it has", some of which is warranted but most of it wasn't. The job of a network layer protocol is to figure out where the other end of the connection is and get packets there - some of the things we hoped IPv6 would fix were to make it easier to do aggregation so you don't need exponentially-large routing tables to get there.
That's absolutely correct - routers can benefit from understanding what the end-to-end service is doing, but ultimately what they're doing is routing, and it's the endpoints that are doing the TCP or UDP.
Like, RTFA? But it's only there if you're using Firefox 3.5 or Google Chrome, and if you've got the options set correctly (which doesn't seem to work with my copy of Chrome?) and if you can figure out that the not-very-obvious little circle-in-a-square icon on your Google Map is a "My Location" button (waving the mouse over it seems to invoke Tooltips.)
The article doesn't say if Google Maps works differently depending on whether you're on a laptop vs desktop (or how it can tell) - my laptop moves around to different places, while my desktop doesn't. Maybe if the feature worked better I could figure out whether it cares (e.g. asks every time or whatever?)
If you're checking the weather or airline schedules or Slashdot, it doesn't matter if you get eavesdropped on. If you're checking your work email, you want to be using an IPSEC VPN, so all your traffic is going to be protected inside that (unless you're doing split-tunnel...) and SSH is fine too.
The tricky case is using SSL-protected websites, when you can't trust the DNS and network not to be redirecting you to some bogus cracker site. If you pay attention to the certificate details, you can be safe, but if you're not paying attention and hit the "Yeah, Sure, Whatever" button, then you're hosed. An SSL VPN connection to work may or may not be, if your company is using an SSL VPN appliance - are you using passwords or one-time-access tokens? Does the cracker know how to break in to that given your authentication, as opposed to just stealing credit card or bank passwords?
For offline storage, that's pretty lightweight. But if you need online storage, you need to put the MicroSD flakes into readers that weigh more than the storage does, and string a bunch of those things together, which probably requires active computers with lots of ports on them. Still not that heavy, but it's a lot bigger than just a bunch of flakes with sequence numbers written on them in Sharpie pen or punched into Columns 73-80...
Sure, it's mostly useless. But it does exercise all the bits on your disk drives, so you'll know if you've got checksum problems, bad blocks, etc. and can recover from faults before you lose lots more data.
If you're an average American, your car probably outweighs you by a factor of 10-20 (unlike this lightweight vehicle, which you might outweigh:-). So no more than 5-10% of the energy is moving you as opposed to the vehicle, and *then* you can go multiply by 30-45% depending on fuel, etc.
Also, one of the most common methods of producing hydrogen today isn't electolyzing water, it's cracking methane or other hydrocarbons.
Now that I've started commuting, it's time to replace my old Chevy Van with a more efficient car. The Smart car looks pretty attractive at first (it's actually possible to park one in San Francisco, unlike the van:-), but the big drawback with it or the other small lightweight cars on the market is safety. Admittedly I've only had a collision every few decades, but the van's never been the smaller vehicle, while the small cars are smaller than most other things on the road, plus they're short enough that you don't have as much visibility.
On the other hand, a friend of mine totalled her Miata once and walked away with only some airbag burns - a truck ahead of her on the freeway lost a ladder, and there was no time to dodge it. She spun around a couple of times and banged into the median barriers.
Slashdot Mirror
The parent article wasn't saying that the AOL-hacking Paypal-record-falsifying thief was a poor victim. It was saying that the domain name speculator who the thief ripped off was in the scummy cybersquatting business himself.
Domain names are supposed to let people who have actual interesting content make it findable and memorable by people who want to use those sites. Most of the "domainer" industry isn't taking names that are already in use (except by buying them right when they expire, taking advantage of sloppy or abusive registrars' renewal systems) - they're taking names that sound like they ought to be interesting, usually as search terms, and parking them with advertising pages or possibly putting up low-value content redirecting people to other web sites, either for the ad banners or a cut of those sites' advertising revenue. Sometimes the names they come up with are variants on existing businesses' domain names, or variants on product names, and often enough they're used by SEOs or other search space spammers as well.
There are people who can present interesting technical or philosophical discussions in fiction and do it well; there are far more who can do it really badly, and some of them can get editors to publish their work for them :-) IMHO, "better novel writer than Dan Brown" is a fairly low bar to jump, as is (to pick a much more important writer in a different technical field) "better novel writer than Ayn Rand"... I haven't read Tetrakys, so I'm not going to judge its literary merits.
Cryptonomicon is probably the canonical novel in the field - Neal got away with enough rambling that he was allowed to write a far longer Baroque trilogy after that, but so much of the fun with Cryptonomicon was that back when it came out, we _knew_ most of the characters (and even if you didn't recognize the specific individuals, most people in the tech startup world at least knew them as archetypes, and the getting-venture-funding and literary-critic-girlfriend bits were dead on as well as totally over the top.)
We got my late mother-in-law a computer back in the late 90s, and an AOL account, so she could do email and read her celebrity gossip and such. Unlike my mom, who's moderately tech-savvy and used Macs, my MIL was the type who'd happily click on the "we can make your PC go faster" or "get these cute dancing kitty cursors today!!!" popups, so her machine was generally a wretched hive of villainy and viral scum. On the other hand, she didn't really get the hang of saving things to disk files, so if she wanted to save something, she'd either print it out on dead trees or file it away in AOL. That meant that cleaning her machine was usually easy - wipe out everything, install the OS from scratch, and install the latest AOL coaster, and it was good as new.
Well, it nullifies the query in the sense of saying "instead of carrying a netbook, carry a flash drive with your data and a Linux LiveCD, so you can use whatever hardware's available at your destination, and you'll probably be safe from viruses or keyloggers by running the US you brought with you." And it's becoming much more common these days for machines to boot from USB, and 4GB flash drives cost under $10, you can even carry a fairly full environment on your keychain.
No, my laptop didn't get stolen this time. It was a brand new machine, with the OS and my files installed on it, and got sent in for "repairs" because the hardware clock wasn't working - probably needed the battery seated correctly or whatever. And either our outsourced corporate desktop support people didn't get the message requesting them to fix the clock, or Dell didn't get the message requesting them to fix the clock, or something else happened, because they allegedly scrapped the machine and sent me a new one. Did they crush it, or rip it apart, or fix the battery and send it to a new users? Nobody can tell me :-)
But it had Pointsec, so allegedly my data's protected from outsiders, and my old laptop is left over from our *old* corporate desktop bureaucracy, so it's company-owned rather than leased, and I've been using it while they "fix" my new one, so I haven't lost my data.
The submitter didn't say he wanted the machine bricked - he said he wanted his data protected, and if that means bricking the machine, he's ok with that. After all, if a thief is trying to resell the hardware, not the data, even ATA passwords aren't enough, because the thief can replace the drive with a new one. On the other hand, encryption will protect your data against smart thieves as well as dumb ones, and ATA passwording won't, unless you get lucky and have a disk from a non-flawed manufacturer.
Encryption doesn't take that much horsepower, especially if you're also doing compression, which lets you run your disks a lot faster. If it's still a problem, encrypt the file systems where you keep data (including /home and /var and maybe swap) and leave the operating system itself on a non-encrypted partition.
Many people use their laptops to work on projects for their employers, and companies really don't like having their corporate data exposed - especially if they're in California or other states that require corporations to disclose to the public if customer information is exposed, which makes them look stupid.
There are upmarket criminals who do want data, typically credit card and bank account information. Does your browser have your bank's password cached? That can be worth far more than a used laptop. And spammers may pay trivial amounts for Facebook/etc. logins. On the other hand, yeah, most low-level criminals just want to sell the hardware fast, and it might be easier if they can just wipe your user data and leave Windows installed rather than having to reinstall pirated Windows themselves.
The real technical question is whether you want to encrypt the whole disk, or only encrypt the file systems or partitions that have your files (and maybe swap and spool) and leave the vanilla operating system partition unencrypted for performance reasons.
Of course you should bring a knife to a bun fight - and butter!
Airport inspection rules are arbitrary - the only thing consistent is that they'll tell you that whatever random thing they made up this week has *always* been the rule and that *you* should know that and obey them. There was a while in the mid-90s when laptops were still viewed as new and shiny and the airport people made you turn them on. (I remember getting asked once if I was carrying a laptop - I had to refrain from saying "Is this the wrong airport - I'm at San Jose aren't I? Have you seen anybody today who didn't have a laptop, duh!")
But recently the Bush Administration's Customs thugs were stopping laptop-carrying people coming from Canada (I think this was in Seattle) because there might be (gasp!) *pr0n* on some of the computers and asserting their right to hold onto your machine until they were sure it was Pure. And Canada sometimes stops people to inspect their papers to see if they're carrying commercial material that might be taxable, so it wouldn't surprise me if they might randomly do something obnoxious (politely, of course, unlike the American customs thugs.)
A m00t bit my sister once...
Disappearing Inc had a similar service back during the boom. They'd manage document keys for you, and you'd read the document using a reader that fetched a document key from their servers and opened a copy for you but didn't give you the actual key. When the key expired (based on whatever date you set with them, or a delete message), they'd delete the key, so nobody could decrypt the document later.
Back in the 90s boom, a friend of mine started a dating website, and wrote a book about using online dating. It's not still around, and I don't know if she made any money off it, but she did find a husband :-)
Oh, come on, people, why did you mod that a +5? I was just trolling, because there was a 0-comment article there and I hadn't had a First Post in years :-) I suppose it's ok to leave it modded up now that it's done, since there's some actual useful followup, but really now!
One of the big drivers of the dot-com crash was Greenspan kicking up interest rates six times in early 2000 to get the economy ready for Bush's election, and it certainly didn't help that people were starting to figure out that selling dogfood online wasn't necessarily a billion-dollar business model either (or putting things more conventionally, Greenspan's interest rate rises had a big impact on a capital-dependent business model, and the big growth driver to the dotcom boom, speculation about the value of internet advertising, was getting closer to discovering what the realistic values and prices were, which trashed everybody on the bottom side of the curve.) And of course the Y2K-driven replacement of lots of old stuff was done.
But a really big problem was that there were two main cash-out models for the venture capitalists who were funding the dotcom boom - either go IPO to sell your startup to the public, or sell out to a big company, which was Cisco for hardware and Microsoft for software/services. And with the Justice Department threatening to rip MS into two or three big pieces, MS wasn't going to be spending big bucks buying out anybody's startup for a couple of years - so if you'd spent two years in your garage hoping to become the next Hotmail, suddenly you were Toast, and that VC who'd been offering you Round B funding wasn't calling you any more.
Kaboom!
Netcraft confirms - OpenBSD is... oh, sorry, wrong thread...
Both of them are identifying flows, but the similarity pretty much stops there.
OpenBSD packet filters are a firewall function, typically used to protect your endpoint from evil traffic. This is a router, deciding which interface to send a packet out when it arrives on a different interface at an ISP backbone location. Packet filters are running at the speed of your computer's interfaces and application processing, typically well under a gigabit/sec - this is trying to run at network-backbone speeds of many gigabits/second.
One thing this router is trying to do is have a $30k device using mostly-standard parts that performs as well as a $300k Cisco box using expensive fancy parts.
Yeah, CEF has done that for a while, but it's pretty dumb as well as fast. This article sounds like what he's doing also provides somewhat fancy queue management to take advantage of the flow information during periods of congestion. It's possible that he's also doing a fancier version of CEF, which can get into trouble if there are too many traffic flows so the router runs out of TCAM, but there's not really enough detail in the article to tell.
IPv6 is a new version of IP, not a new version of TCP/UDP (though it forces those protocols to change, because the IP addresses are longer.) Yes, there are priority bits, but there are also priority bits in IPv4, and some ISPs support them for traffic within that ISP, but very few support them between ISPs. The important change in IPv6 is of course longer addresses, plus a lot of boundless optimism about "if we're changing IP anyway, we can fix all the problems it has", some of which is warranted but most of it wasn't. The job of a network layer protocol is to figure out where the other end of the connection is and get packets there - some of the things we hoped IPv6 would fix were to make it easier to do aggregation so you don't need exponentially-large routing tables to get there.
That's absolutely correct - routers can benefit from understanding what the end-to-end service is doing, but ultimately what they're doing is routing, and it's the endpoints that are doing the TCP or UDP.
Like, RTFA? But it's only there if you're using Firefox 3.5 or Google Chrome, and if you've got the options set correctly (which doesn't seem to work with my copy of Chrome?) and if you can figure out that the not-very-obvious little circle-in-a-square icon on your Google Map is a "My Location" button (waving the mouse over it seems to invoke Tooltips.)
The article doesn't say if Google Maps works differently depending on whether you're on a laptop vs desktop (or how it can tell) - my laptop moves around to different places, while my desktop doesn't. Maybe if the feature worked better I could figure out whether it cares (e.g. asks every time or whatever?)
If you're checking the weather or airline schedules or Slashdot, it doesn't matter if you get eavesdropped on. If you're checking your work email, you want to be using an IPSEC VPN, so all your traffic is going to be protected inside that (unless you're doing split-tunnel...) and SSH is fine too.
The tricky case is using SSL-protected websites, when you can't trust the DNS and network not to be redirecting you to some bogus cracker site. If you pay attention to the certificate details, you can be safe, but if you're not paying attention and hit the "Yeah, Sure, Whatever" button, then you're hosed. An SSL VPN connection to work may or may not be, if your company is using an SSL VPN appliance - are you using passwords or one-time-access tokens? Does the cracker know how to break in to that given your authentication, as opposed to just stealing credit card or bank passwords?
For offline storage, that's pretty lightweight. But if you need online storage, you need to put the MicroSD flakes into readers that weigh more than the storage does, and string a bunch of those things together, which probably requires active computers with lots of ports on them. Still not that heavy, but it's a lot bigger than just a bunch of flakes with sequence numbers written on them in Sharpie pen or punched into Columns 73-80...
Sure, it's mostly useless. But it does exercise all the bits on your disk drives, so you'll know if you've got checksum problems, bad blocks, etc. and can recover from faults before you lose lots more data.
If you're an average American, your car probably outweighs you by a factor of 10-20 (unlike this lightweight vehicle, which you might outweigh :-). So no more than 5-10% of the energy is moving you as opposed to the vehicle, and *then* you can go multiply by 30-45% depending on fuel, etc.
Also, one of the most common methods of producing hydrogen today isn't electolyzing water, it's cracking methane or other hydrocarbons.
Now that I've started commuting, it's time to replace my old Chevy Van with a more efficient car. The Smart car looks pretty attractive at first (it's actually possible to park one in San Francisco, unlike the van :-), but the big drawback with it or the other small lightweight cars on the market is safety. Admittedly I've only had a collision every few decades, but the van's never been the smaller vehicle, while the small cars are smaller than most other things on the road, plus they're short enough that you don't have as much visibility.
On the other hand, a friend of mine totalled her Miata once and walked away with only some airbag burns - a truck ahead of her on the freeway lost a ladder, and there was no time to dodge it. She spun around a couple of times and banged into the median barriers.