Torrents aren't as useful as they could be for this - it depends on how many people are looking at the same files. It'll at least help with their selection of more popular images, but if the average file is a gig, and they've got 1700 of them, then the number of people simultaneously opening any particular one isn't as high as Bittorrent might like. On the other hand, torrents plus an auto-updated list of today's most popular downloads might work, especially if people keep their clients open.
They're also providing viewers for the images - if you're trying to look at Mars on a typical ~1 Megapixel monitor, you don't need to see much of the surface at a time. Perhaps a gigabyte download of the lower-res versions would help that work, and Bittorrent would be a good way to distribute that.
Building for the poor doesn't just mean "go build a house for a poor person instead" - it also means "You're going to sell the house some day - build something that somebody in your local market can buy", and in New Orleans, that probably means building something that not only rich people can afford.
But adding electronics options to your house doesn't cost much if you've already got the walls torn off. You're designing a system that'll fit behind sheetrock walls, not one that needs to be retrofitted behind plaster with unknown wood pieces and bumpy stuff behind it. The obvious technology to use for wiring hasn't changed in a couple of decades - you're going to run conduit, fat enough to put whatever you really need inside it, and you can probably run straight connections up to an attic or down to a crawlspace if you're luck, and leave some strings in it to pull whatever wiring you need in the future. Plus you're going to run Romex for the electricity and twisted pair for phones, and again it doesn't cost you much extra to homerun it back to somewhere central and accessible. There may some places that are obvious locations for TVs, desks, or washing machines - so make sure the wire's fat enough for whatever you need, and it doesn't cost much to make sure you've got an extra conductor or two in case you want to split things out into two sockets or isolate circuits or whatever.
Make sure you've done diagrams of everything you run - that's really cheap to do up front, and a real pain to do later:-) And just because you've got that conduit there, that doesn't mean you're going to use it for data - wireless is a better choice for everything except your TV cabling and a couple of your phones, and it's dirt cheap and becoming cheaper.
Save the high-cash spending for things like kitchens, bathrooms, and other plumbing and HVAC. You'll also want to make that stuff as modular and accessible as possible.
Apple and the copyright owners don't want you to buy the music and put into the pirated-music sharing networks. (That's different from sharing copies or mix tapes with a couple of friends; it's the mass distribution that they're most worried about.)
Putting your email address into music that you download means that if you put it on a large pirated-music sharing network, then anybody there can see your email address. So not only can the RIAA's lawyers send you nastygrams asking for $3000, but all those Nigerian Dictators' Widows can send you mail about how you've won the Microsoft Herbal V1@Gra Lottery and if you provide them with your bank account and snailmail information they'll send you your share of the winnings, a hot stock tip, and a bottle of their latest pills.
This will cost them a less than actually bothering to sue anybody, and it's probably a *lot* more annoying:-) And they don't have to worry about somebody making a Fair Use argument that they might risk losing; the Nigerians already think anything they do with your address is Fair Use.
Pike's "The Hideous Name" paper from Plan 9
on
DNS Complexity
·
· Score: 2, Insightful
Rob Pike and Peter Weinberger wrote a paper in 1985 called "The Hideous Name", arguing against DNS's naming order in favor of Plan 9's Unix-like order. Plan 9 very aggressively uses the file system naming structure for everything, and they argue that consistent naming systems are much better than the alternatives, including the relatively new Arpanet naming system that some people were starting to use for email. I haven't read it in a decade or more, but one issue besides the one you mention is that if you do high-level-first names, it gives you a lot more flexibility for localized namespace management, and gets around some of the semantic and political issues with rootedness.
Sometimes a US judge can do that too, without a lawsuit.
The disadvantage to loser-automatically-pays is that it's extremely risky for an injured individual to sue a large corporation, even if he's right, because the corporation can afford much better lawyers (and therefore has an unequally high chance of winning, even if they're wrong), and usually has much higher legal costs. So if you lose you're not just out your own legal costs and the court's costs, you're out the legal costs of the corporation that had injured you.
These "domainers" can make a profit just from the advertising - being able to resell the domain name is just a bonus, and in many cases they're selling them to other domainers rather than legitimate content providers, sometimes for a lot of money.
ICANN's "domain tasting" policy really aggravates the problem - if you make a "mistake" registering a domain, they'll give your money back if you return the domain name within something like five days, even if the mistake was "didn't get enough random hits to make money from my banner ads." So some of these litterers will think up names that seem to make sense, and some of them will just combine lots of random terms, but either way they'll buy the names, see if they get enough hits, and return the names that don't win. They may need to pay the registrars a bit for handling them, but not much.
Even more annoying than the content free all-banner-ads pages that are trying to get hits from keywords in the domain names are the ones that have some kind of robo-generated or plagiarized content (e.g. links to sites that might or might not have content) that's trying to attract search engine hits as well as dumb-typer hits, because it can provide enough imitation of legitimacy that Google doesn't block them, and therefore can crowd out the results that have actual content.
But the random-typist hunters get Extra Lucky, because the people who got to those pages are more likely to want to see the results of the avertisements (compared to people who got to the pages from Google and found they were bogus), so they're much more likely to click through on ads that look close enough to what they want - and Google Adwords is good at placing ads that are the best match available.
IPv6 is a big enough field that I haven't come close to following all of it. I've got mixed feelings about hearing they've gotten rid of that approach to addressing - it was a convenient way to run Netware back in the day. Privacy's potentially an issue, but in reality I think there'll continue to be enough different kinds of firewalling that it's not as big a deal as it could have been.
Most of what I've worried about is that there still doesn't appear to be a good solution for routing and address assignment for multiply-homed users, so there isn't really a good way to avoid routing table expansion as more and more businesses want to be at least dual-homed. Shim6 is an ugly hack even if they do get it to work.
One of the many optimistic goals in IPv6's design was to support really simple administration, so users can set up machines and networks automagically without having to configure anything by hand. (This dates from the days before DHCP and DHCP Relay support were universal. And Netware IPX could do that (remember Netware? IPX was an XNS-like protocol alternative to IP.)) And we certainly wouldn't have NAT, because that was a crufty annoying artifact of IPv4 address shortages that broke the end-to-end principle that's fundamental to how the Internet worked.
IPv6 has large address blocks - the smallest any organization (like your home DSL line) is likely to have is a/64, so you've got 64 bits to play with. A real obvious IP address assignment strategy is to use 16 bits for a subnet number and 48 bits (the MAC address on your Ethernet or Wireless card), kind of the way Netware used to work. So you could set up routers if you needed to split up your building into subnets, and when your computer or printer or whatever booted up, it could squawk the LAN to get a subnet number and use all-0s if nobody answered, and it was ready to talk. And it meant that if your router/switch wants to find the machine with a given IP address, instead of having to ARP to find the MAC address for the machine, you just look at the lower 48 bits of the IP address. (And that means you don't need to worry about ARP storms - remember ARP storms?)
So unlike IPv4, where any machine you connect to on the net or anybody eavesdropping in between knows what IPv4 address you're using, and maybe they can find out from DNS or logfiles where that address is, with IPv6, they see your IPv6 address which tells them what machine you're connecting from. You can do things to change that (e.g. pick a different IPv6 address, or set the MAC address on your network card if it supports that), and if you control the network connection, you can set it any way you want. And these days you're probably still going to go through some firewall, there might be something NAT-like happening, or at least a proxy, or some 6to4 gateways.
But in theory, if everybody administered everything the way the IPv6 designers envisioned it, every time you plugged in your laptop to a different LAN, your MAC address would probably still be visible, which is really convenient for debugging and not so hot for privacy.
I did some business with the @Home cable modem people back during the 90s boom. They had a very schizophrenic attitude about Napster - not only were they paranoid about users running anything serverlike that might interfere with network performance, but they had an official policy about "Napster Users are EEEVILLLL Content Thieves who'll steal television next! Bad! Bad!"
But if you talked to @Home's people as individuals rather than Corporate Employees, almost all of them would say "Well, Duh! Napster is the reason that people are *buying* broadband internet connections, of *course* we like it."
And, ok, the paranoia about servers on home cable modems was partly because their early trial equipment didn't work very well and they had no way to regulate individual upstream bandwidth usage, and PacBell's dishonest "Cable Modem Web Hog" ads made them really worried about perceptions of slow performance, but they were worried that somebody would run a pr0n webserver from home, become Cool Site of the Day because doing that on cable modem would be cool, and trash their neighborhood's network performance while causing a lot of publicity. And unfortunately most of the cable companies have not only not recovered from that attitude, they've been propagating it to the DSL providers, and they've been learning other cluelessly paranoid attitudes from the Australian ex-monopoly who thinks you should cap the total monthly download of their users (since that used to be expensive in Oz), and cap it to a ridiculously low level like 1GB/month, which is like 1.5 days of continuous 56kbps usage.
But when I had my corporate hat on, especially if I was talking to non-California customers, it was certainly much more proper to talk about the big internet usage being for music piracy than for pr0n:-) These days, BitTorrent occupies over 1/3 of the Internet's bits, apparently mostly copying movies and TV and Linux distros as opposed to music (that's by volume, not by number of items), and I don't know what fraction of that is what kind of movies.
DKIM doesn't solve most of the spam-related problems I care about, but there's one thing it's good for:
An outgoing-email service provider that uses DKIM on all of their outbound mail can validate that a spam or abuse complaint about mail purporting to be from exampleuser@their-domain.com really was from that user and not a forgery, so they can kill off that user's account without worrying about false positives or faked complaints or joe-jobs. They can read the message text to see that it's spam, and they can validate the headers to show that it came from that user on their servers, and they can trash the account for TOS violations. This works even if the receiver doesn't ever bother verifying the header - it's enough that the sender's abuse desk can verify it.
That doesn't mean that some cybercafe user or zombie relay can't send mail with From: or Reply-To: NigerianCorruptOffial@yahoo.com , or that it's any easier to get the Yahoo abuse desk to delete the account for TOS violations for email that wasn't sent from their server, but at least they can't send that spam *from* Yahoo accounts without getting them closed easily.
Remember that most users aren't like anybody who reads Slashdot:-)
Most users are on big consumer ISPs like AOL and MSN, and they do a good if nowhere near perfect job of blocking most of the spam, and they can usually recognize it from the titles and delete it without having to actually open it. And they're sufficiently used to getting *some* spam all the time that they actually see and delete, but to them it's just noise like TV commercials, not an offense like having their precious bodily fluids corrupted by Commies, and the Internet is just another form of TV to them.
That's a really cool paper. One point, though, is that the human eye can see about 350K colors if you express the colors in HSV space - but that space doesn't really match up with RGB space, so if you want to present those same colors in RGB, you'll need a lot more colors, so that you can get all the distinguishable HSV colors (plus a bunch you may not be able to tell apart.) The paper says we can see about 128-130 levels each of H and S (so you'd need 7 bits for each of those, and 23 levels of V (so 5 bits are enough.) So you'd probably need at least 7 bits/color of R, G, and B to get that range of H and S, which would be 21-bit color, as opposed to 18-bit.
And of course printing colors are an entirely different set of problems, and you'll probably need to dither to get the printed colors you want, especially if you've got ink-smearing going on.
I can get pretty good connections in most of Mountain View, when I'm outside. It's pretty convenient to be able to stop my car in a random parking lot and fire up wireless.
My apartment isn't facing the street, so I don't get Google Wifi inside, though there's pod on the lamppost pretty nearby. I can't do everything I want to with the service, so I haven't bothered getting a repeater - it's still slower than my DSL, blocks port 25, doesn't give me a static IP address, and presumably won't let me run servers on it, plus I'd rather not give Google the opportunity to log all my traffic. (Plus I can see several 802.11 networks from various neighbors, so the couple of times I've had DSL problems I've been able to sponge off them; the tradeoff is that in my dining room I get a better signal from a neighbor's connection that kills my work VPN than I do from my own 802.11g, but at least I can browse the web and download email:-)
Ok, so sometimes the Invisible Hand gets ink on it, and you can follow the fingerprints around to see what it's up to.....
Markets are always an abstraction for a collection of individual decisions and events, and sometimes the granularity of the process means that you end up caring more about an individual decision than about the statistical averages. And the concept that a market generates good feedback based on those individual decisions each being good from the perspective of the individuals involved is also an abstraction - sometimes the individuals involved are boneheads, and their perspective of "good" isn't very accurate.
Since this thread started out as some sort of an anti-Libertarian flame, it's potentially worth mentioning that Socialism, or at least its Marxist flavors, only considers "The Masses" to be important, and if the masses aren't doing what the elitists say they should, it's obviously time for them to step in and be a Vanguard of the Proletariat, Raising the Consciousness of the Masses. That's of course much different from what happens if the Market doesn't do what the elitists want, because Market Failures are a sign that markets don't work and need to be regulated. At least when Libertarians see individuals in the market doing things that aren't what we hoped they'd do, we get to call them boneheads and say they deserve to lose, as opposed to forcing them to have their consciousnesses raised:-)
There's a Tier 1 ISP that uses a Death Star as its logo - I haven't looked at the current marketing numbers, but they claim to carry somewhere between 5-10 Petabytes a day. This includes public Internet traffic, private networks for businesses, and the voice network --- and the voice network is the smallest of those three. I don't think those numbers include the consumer DSL side of the net, which is run by the local telco side of the company as opposed to the long distance side.
If you look at consumer broadband, the US has about 50 million homes getting an average of 1.9 Mbps download speed - that's about 100 petabits/sec, though obviously the network's oversubscribed enough that they couldn't actually carry that much without broadband, but it's still likely to be well above 1 petabit/sec of sustainable throughput if there were enough servers available to pump data that fast. In about two minutes, CERN@home should be able to download the CERN collider's entire data set for the year...
Browsers with Whitelists? Nonsense - Mikko did wave his hand in that direction, but it's such a bogus concept that I'm surprised he even tried that. Blacklists, sure, you can do that, but the main point of a browser is to be able to look at anything on the Internet, so effectively *everything* is whitelisted unless it's blacklisted.
I suppose you could build a separate browser that only looks at whitelisted sites and tell people to use it instead of their regular browser when they're doing banking - but if that became at all popular, phishers would start sending out their own special browsers or (more realistically, given the size) emails about the special browser-update download you need to install to use your bank safely, and they wouldn't even need to target it to a specific bank - they could send the mail "from" Microsoft or The Federal Banking Regulatory Agency or whatever, and gullible people would install it. That kind of attack does suffer from diminishing returns - the world will never run out of gullible people, but the gullible people can run out of money:-)
Just because ICANN's been dragging their feet on setting up new TLDs because it wants to guarantee that it can make money off the process doesn't mean that we shouldn't have them or that the DNS system can't easily support them. It might dilute the brand value of ".com", which would annoy ICANN, but a few dozen or a few hundred more names wouldn't break anything useful. (A few thousand might, and a few million would, though.)
There are a number of countries that have extensive private banking systems, generally connected with tax-haven free trade environments. You want to start a bank in the Caribbean? It'll cost you more than starting a corporation, and you might need a local partner to sponsor you, but that's well within the range of anybody who's willing to fork over $50K for a bank domain name.
The harder part is getting a *useful* bank domain name - you're probably not going to get chase-manhattan-grand-cayman-branch.bank even if you can prove that you own the real Don Corleone Bank registered in Grand Cayman. (N.B. I don't remember if Grand Cayman lets you start banks easily, or only corporations these days - you can do your own research:-) But if you're creative, you'll find something.
I'm disappointed - Mikko's answers pretty much gloss over the real question, which is "Will it work?", ignoring all the technical arguments, and only answering the easy questions. Mikko does talk about how this won't fix the fact that people are stupid, but says it will make software able to work better. I don't see it - if your software lets you click on exAAmplebAAnk.com when you're trying to reach examplebank.com, it'll let you do that when you're trying to reach examplebank.bank, because it only knows what the link says and whether you clicked on it, not what you *thought* the link said.
You're right about the "real.bank.example.com" problem, and there are lots of other approaches, like
Javascript/ActiveX/Flash attacks that does pretty much the same thing, displaying "real.bank" so it looks like a link but making it go to the attacker's site.
And that doesn't even get into DNS poisoning or hosts-file attacks (though usually by the time an attacker can use hosts-file on you you're totally pwned.)
There's another class of n00b phishing attacks that use the real.bank name as social engineering - "Dear subscriber, we're changing the name of our website to EXAMPLEBANK.BANK to improve security! Please verify your information on the old website, EXAAMPLEBAANK.com, to make sure your access continues to work!"
I assume that most of these different approaches to virtualization will run some versions of the Linux kernel as a client, perhaps even most versions, and that you can talk BSDs into running on them as well (though it'd be particularly nice to know whether OpenBSD runs on them), and that you can run most of them on top of most Linuxes and maybe most BSDs (again, OpenBSD's the interesting one, due to security).
But which ones of these things can run Windows clients, at least XP? VMWare can, User Mode Linux can't, but what about OpenVZ, Xen, and some of the others? There are times that it's convenient to have a Windows client OS, so I can run TurboTax and other Windows applications, but mostly I'd like a real OS underneath.
Also, do any of these make USB devices visible to the client OS? Or do they all just have to network-mount resources that are actually mounted in the host OS?
The difference is that sometime around 2012, the IPv4 world is going to explode, fairly rudely, and you won't be able to get any more globally routable IPv4 addresses. So you'll have to do something, and the only two obvious choices are IPv6 and big chunks of NAT, which is even uglier than IPv6.
X.400 didn't have that advantage - a major entity announced that it was going to be using X.400 Real Soon Now, and you'd need to use it to be compatible with them when they got around to it, but if you really cared about that you could hack up Sendmail to translate to something your X.400 server would accept.
Secretary of State is an elected position in California, and Debra Bowen got elected last November, so she hasn't been in place long. Previously she was in the state assembly and then state senate, where she was one of the influential people on open government, open records, and privacy issues, and made a big issue of doing something about the voting machine problems. I gather there are other issues where some people passionately hate her, but for the most part she's been viewed as an honest politician rather than one of the machine players. She's also an advocate of voting alternatives such as Instant Runoff and proportional representation in general.
SIP doesn't make much difference, because most people don't need multiple simultaneous phone calls at home (yeah, I know, people have kids.) The voice-related application that really matters is cell phones with internet connectivity - the choices are either to hide them behind a big NAT cloud, or to give them real IP addresses, and if you want to give them real IP addresses that'll probably push the remaining IPv4 address space over the cliff. Of course, the places that IP cellphones are most likely to get heavy penetration are China (where the Great Firewall means you might as well NAT) and Japan (where the mobile carriers like walled-garden services, but also like IPv6, and are willing to do 6-to-4 NAT things if they need them.)
But imagine every household in China and in cities in India and Indonesia getting broadband, whether it's DSL or cable or radio-based. (The Internet's not just for old people in Korea, after all.) Even if they've only got one address per household, that's a few hundred million IP addresses. It's easy to blow out the remaining supply of IPv4 addresses.
The US government has also mandated that its new computer and software purchases support IPv6. Unlike the 1980s, when they tried that with the OSI protocol stacks (remember GOSIP and X.400?), IPv6 is close enough to usable that agencies will gradually start adopting it, which means that vendors will also be commercializing it. So it won't be just vendors checking the box on their proposals and agencies getting waivers to ignore the stuff, at least once their Microsoft Windows PCs are supporting it widely.
Microsoft has been working on IPv6 for a while. It's available in XP if you want to dig it out of the documentation and enable it, and Vista supposedly has more support for it, not that Vista deployment is really blasting off yet. We'll see.
Of course, until there's a fair bit of usable content on the web, it'll get largely ignored by the public, but eventually it'll stagger onto the field.
Andrew's a reliably grumpy columnist for El Reg, a Brit based in San Francisco. Occasionally it's hard to tell whether phrases like "badger's paws" are dialectical things I'm not familiar with or whether they're just made up at random for the occasion, and I still don't know, but he does make the obligatory cultural reference to "Badger Badger Badger"...
Adored != Actually In Control of the Government
on
Thailand Sues YouTube
·
· Score: 1
I don't know about Thailand, but every Thai restaurant I've been to in the US has at least one picture of the King (often with the Queen.) It's not like the Thai Secret Police are going to come hunt them down if they don't - "Universally adored" seems to be pretty accurate, though I don't know how often it's seriously deep respect vs. how often putting up a picture of the King is like putting up a lucky waving cat statue in a Chinese restaurant, but they all like the guy.
Just because everybody respects and adores the king doesn't mean that he's in charge - they've had a military coup replace the previous elected government, but the generals all say they respect the King too, so it's ok for them to do that.
Here in America we'd never have a system like that. All of our citizens and politicians like Mom, The Flag, and Apple Pie, and when one political party wants to insult another they talk about how the other guys want to make Mom get a job, allow flag-burning, and regulate the Trans-Fatty-Acids and High Fructose Corn Syrup out of our traditional Apple Pie recipes and our Freedom Fries. Because really, that's much more important than habeus corpus or the right to travel or trial by jury or newer traditions like a non-partisan civil service.
The Thais are really polite people who want to keep the Internet free from King-Insulters, and the Americans government wants to protect the Homeland from havin' those narco-porno-copyright-stealin'-Terrorists jammin' up the Tubes. You gotta problem with that?
They're also providing viewers for the images - if you're trying to look at Mars on a typical ~1 Megapixel monitor, you don't need to see much of the surface at a time. Perhaps a gigabyte download of the lower-res versions would help that work, and Bittorrent would be a good way to distribute that.
But adding electronics options to your house doesn't cost much if you've already got the walls torn off. You're designing a system that'll fit behind sheetrock walls, not one that needs to be retrofitted behind plaster with unknown wood pieces and bumpy stuff behind it. The obvious technology to use for wiring hasn't changed in a couple of decades - you're going to run conduit, fat enough to put whatever you really need inside it, and you can probably run straight connections up to an attic or down to a crawlspace if you're luck, and leave some strings in it to pull whatever wiring you need in the future. Plus you're going to run Romex for the electricity and twisted pair for phones, and again it doesn't cost you much extra to homerun it back to somewhere central and accessible. There may some places that are obvious locations for TVs, desks, or washing machines - so make sure the wire's fat enough for whatever you need, and it doesn't cost much to make sure you've got an extra conductor or two in case you want to split things out into two sockets or isolate circuits or whatever.
Make sure you've done diagrams of everything you run - that's really cheap to do up front, and a real pain to do later
Save the high-cash spending for things like kitchens, bathrooms, and other plumbing and HVAC. You'll also want to make that stuff as modular and accessible as possible.
Putting your email address into music that you download means that if you put it on a large pirated-music sharing network, then anybody there can see your email address. So not only can the RIAA's lawyers send you nastygrams asking for $3000, but all those Nigerian Dictators' Widows can send you mail about how you've won the Microsoft Herbal V1@Gra Lottery and if you provide them with your bank account and snailmail information they'll send you your share of the winnings, a hot stock tip, and a bottle of their latest pills.
This will cost them a less than actually bothering to sue anybody, and it's probably a *lot* more annoying
The original paper is available in Postscript at bell-labs.com or Google has an HTML translation.
The disadvantage to loser-automatically-pays is that it's extremely risky for an injured individual to sue a large corporation, even if he's right, because the corporation can afford much better lawyers (and therefore has an unequally high chance of winning, even if they're wrong), and usually has much higher legal costs. So if you lose you're not just out your own legal costs and the court's costs, you're out the legal costs of the corporation that had injured you.
ICANN's "domain tasting" policy really aggravates the problem - if you make a "mistake" registering a domain, they'll give your money back if you return the domain name within something like five days, even if the mistake was "didn't get enough random hits to make money from my banner ads." So some of these litterers will think up names that seem to make sense, and some of them will just combine lots of random terms, but either way they'll buy the names, see if they get enough hits, and return the names that don't win. They may need to pay the registrars a bit for handling them, but not much.
Even more annoying than the content free all-banner-ads pages that are trying to get hits from keywords in the domain names are the ones that have some kind of robo-generated or plagiarized content (e.g. links to sites that might or might not have content) that's trying to attract search engine hits as well as dumb-typer hits, because it can provide enough imitation of legitimacy that Google doesn't block them, and therefore can crowd out the results that have actual content.
But the random-typist hunters get Extra Lucky, because the people who got to those pages are more likely to want to see the results of the avertisements (compared to people who got to the pages from Google and found they were bogus), so they're much more likely to click through on ads that look close enough to what they want - and Google Adwords is good at placing ads that are the best match available.
Most of what I've worried about is that there still doesn't appear to be a good solution for routing and address assignment for multiply-homed users, so there isn't really a good way to avoid routing table expansion as more and more businesses want to be at least dual-homed. Shim6 is an ugly hack even if they do get it to work.
IPv6 has large address blocks - the smallest any organization (like your home DSL line) is likely to have is a
So unlike IPv4, where any machine you connect to on the net or anybody eavesdropping in between knows what IPv4 address you're using, and maybe they can find out from DNS or logfiles where that address is, with IPv6, they see your IPv6 address which tells them what machine you're connecting from. You can do things to change that (e.g. pick a different IPv6 address, or set the MAC address on your network card if it supports that), and if you control the network connection, you can set it any way you want. And these days you're probably still going to go through some firewall, there might be something NAT-like happening, or at least a proxy, or some 6to4 gateways.
But in theory, if everybody administered everything the way the IPv6 designers envisioned it, every time you plugged in your laptop to a different LAN, your MAC address would probably still be visible, which is really convenient for debugging and not so hot for privacy.
But if you talked to @Home's people as individuals rather than Corporate Employees, almost all of them would say "Well, Duh! Napster is the reason that people are *buying* broadband internet connections, of *course* we like it."
And, ok, the paranoia about servers on home cable modems was partly because their early trial equipment didn't work very well and they had no way to regulate individual upstream bandwidth usage, and PacBell's dishonest "Cable Modem Web Hog" ads made them really worried about perceptions of slow performance, but they were worried that somebody would run a pr0n webserver from home, become Cool Site of the Day because doing that on cable modem would be cool, and trash their neighborhood's network performance while causing a lot of publicity. And unfortunately most of the cable companies have not only not recovered from that attitude, they've been propagating it to the DSL providers, and they've been learning other cluelessly paranoid attitudes from the Australian ex-monopoly who thinks you should cap the total monthly download of their users (since that used to be expensive in Oz), and cap it to a ridiculously low level like 1GB/month, which is like 1.5 days of continuous 56kbps usage.
But when I had my corporate hat on, especially if I was talking to non-California customers, it was certainly much more proper to talk about the big internet usage being for music piracy than for pr0n
An outgoing-email service provider that uses DKIM on all of their outbound mail can validate that a spam or abuse complaint about mail purporting to be from exampleuser@their-domain.com really was from that user and not a forgery, so they can kill off that user's account without worrying about false positives or faked complaints or joe-jobs. They can read the message text to see that it's spam, and they can validate the headers to show that it came from that user on their servers, and they can trash the account for TOS violations. This works even if the receiver doesn't ever bother verifying the header - it's enough that the sender's abuse desk can verify it.
That doesn't mean that some cybercafe user or zombie relay can't send mail with From: or Reply-To: NigerianCorruptOffial@yahoo.com , or that it's any easier to get the Yahoo abuse desk to delete the account for TOS violations for email that wasn't sent from their server, but at least they can't send that spam *from* Yahoo accounts without getting them closed easily.
Most users are on big consumer ISPs like AOL and MSN, and they do a good if nowhere near perfect job of blocking most of the spam, and they can usually recognize it from the titles and delete it without having to actually open it. And they're sufficiently used to getting *some* spam all the time that they actually see and delete, but to them it's just noise like TV commercials, not an offense like having their precious bodily fluids corrupted by Commies, and the Internet is just another form of TV to them.
And of course printing colors are an entirely different set of problems, and you'll probably need to dither to get the printed colors you want, especially if you've got ink-smearing going on.
My apartment isn't facing the street, so I don't get Google Wifi inside, though there's pod on the lamppost pretty nearby. I can't do everything I want to with the service, so I haven't bothered getting a repeater - it's still slower than my DSL, blocks port 25, doesn't give me a static IP address, and presumably won't let me run servers on it, plus I'd rather not give Google the opportunity to log all my traffic. (Plus I can see several 802.11 networks from various neighbors, so the couple of times I've had DSL problems I've been able to sponge off them; the tradeoff is that in my dining room I get a better signal from a neighbor's connection that kills my work VPN than I do from my own 802.11g, but at least I can browse the web and download email
Markets are always an abstraction for a collection of individual decisions and events, and sometimes the granularity of the process means that you end up caring more about an individual decision than about the statistical averages. And the concept that a market generates good feedback based on those individual decisions each being good from the perspective of the individuals involved is also an abstraction - sometimes the individuals involved are boneheads, and their perspective of "good" isn't very accurate.
Since this thread started out as some sort of an anti-Libertarian flame, it's potentially worth mentioning that Socialism, or at least its Marxist flavors, only considers "The Masses" to be important, and if the masses aren't doing what the elitists say they should, it's obviously time for them to step in and be a Vanguard of the Proletariat, Raising the Consciousness of the Masses. That's of course much different from what happens if the Market doesn't do what the elitists want, because Market Failures are a sign that markets don't work and need to be regulated. At least when Libertarians see individuals in the market doing things that aren't what we hoped they'd do, we get to call them boneheads and say they deserve to lose, as opposed to forcing them to have their consciousnesses raised
If you look at consumer broadband, the US has about 50 million homes getting an average of 1.9 Mbps download speed - that's about 100 petabits/sec, though obviously the network's oversubscribed enough that they couldn't actually carry that much without broadband, but it's still likely to be well above 1 petabit/sec of sustainable throughput if there were enough servers available to pump data that fast. In about two minutes, CERN@home should be able to download the CERN collider's entire data set for the year...
I suppose you could build a separate browser that only looks at whitelisted sites and tell people to use it instead of their regular browser when they're doing banking - but if that became at all popular, phishers would start sending out their own special browsers or (more realistically, given the size) emails about the special browser-update download you need to install to use your bank safely, and they wouldn't even need to target it to a specific bank - they could send the mail "from" Microsoft or The Federal Banking Regulatory Agency or whatever, and gullible people would install it. That kind of attack does suffer from diminishing returns - the world will never run out of gullible people, but the gullible people can run out of money
Just because ICANN's been dragging their feet on setting up new TLDs because it wants to guarantee that it can make money off the process doesn't mean that we shouldn't have them or that the DNS system can't easily support them. It might dilute the brand value of ".com", which would annoy ICANN, but a few dozen or a few hundred more names wouldn't break anything useful. (A few thousand might, and a few million would, though.)
The harder part is getting a *useful* bank domain name - you're probably not going to get chase-manhattan-grand-cayman-branch.bank even if you can prove that you own the real Don Corleone Bank registered in Grand Cayman. (N.B. I don't remember if Grand Cayman lets you start banks easily, or only corporations these days - you can do your own research
You're right about the "real.bank.example.com" problem, and there are lots of other approaches,
like
- http://real.bank@example.com/
- real.bank.obfuscating-non-ASCII-characters
- real.bank.3242134832143214.com
- link text that doesn't match href like real.bank
- links that display an image of "real.bank"
- Javascript/ActiveX/Flash attacks that does pretty much the same thing, displaying "real.bank" so it looks like a link but making it go to the attacker's site.
And that doesn't even get into DNS poisoning or hosts-file attacks (though usually by the time an attacker can use hosts-file on you you're totally pwned.)There's another class of n00b phishing attacks that use the real.bank name as social engineering - "Dear subscriber, we're changing the name of our website to EXAMPLEBANK.BANK to improve security! Please verify your information on the old website, EXAAMPLEBAANK.com, to make sure your access continues to work!"
But which ones of these things can run Windows clients, at least XP? VMWare can, User Mode Linux can't, but what about OpenVZ, Xen, and some of the others? There are times that it's convenient to have a Windows client OS, so I can run TurboTax and other Windows applications, but mostly I'd like a real OS underneath.
Also, do any of these make USB devices visible to the client OS? Or do they all just have to network-mount resources that are actually mounted in the host OS?
X.400 didn't have that advantage - a major entity announced that it was going to be using X.400 Real Soon Now, and you'd need to use it to be compatible with them when they got around to it, but if you really cared about that you could hack up Sendmail to translate to something your X.400 server would accept.
Secretary of State is an elected position in California, and Debra Bowen got elected last November, so she hasn't been in place long. Previously she was in the state assembly and then state senate, where she was one of the influential people on open government, open records, and privacy issues, and made a big issue of doing something about the voting machine problems. I gather there are other issues where some people passionately hate her, but for the most part she's been viewed as an honest politician rather than one of the machine players. She's also an advocate of voting alternatives such as Instant Runoff and proportional representation in general.
But imagine every household in China and in cities in India and Indonesia getting broadband, whether it's DSL or cable or radio-based. (The Internet's not just for old people in Korea, after all.) Even if they've only got one address per household, that's a few hundred million IP addresses. It's easy to blow out the remaining supply of IPv4 addresses.
The US government has also mandated that its new computer and software purchases support IPv6. Unlike the 1980s, when they tried that with the OSI protocol stacks (remember GOSIP and X.400?), IPv6 is close enough to usable that agencies will gradually start adopting it, which means that vendors will also be commercializing it. So it won't be just vendors checking the box on their proposals and agencies getting waivers to ignore the stuff, at least once their Microsoft Windows PCs are supporting it widely.
Microsoft has been working on IPv6 for a while. It's available in XP if you want to dig it out of the documentation and enable it, and Vista supposedly has more support for it, not that Vista deployment is really blasting off yet. We'll see.
Of course, until there's a fair bit of usable content on the web, it'll get largely ignored by the public, but eventually it'll stagger onto the field.
Andrew's a reliably grumpy columnist for El Reg, a Brit based in San Francisco. Occasionally it's hard to tell whether phrases like "badger's paws" are dialectical things I'm not familiar with or whether they're just made up at random for the occasion, and I still don't know, but he does make the obligatory cultural reference to "Badger Badger Badger"...
Just because everybody respects and adores the king doesn't mean that he's in charge - they've had a military coup replace the previous elected government, but the generals all say they respect the King too, so it's ok for them to do that.
Here in America we'd never have a system like that. All of our citizens and politicians like Mom, The Flag, and Apple Pie, and when one political party wants to insult another they talk about how the other guys want to make Mom get a job, allow flag-burning, and regulate the Trans-Fatty-Acids and High Fructose Corn Syrup out of our traditional Apple Pie recipes and our Freedom Fries. Because really, that's much more important than habeus corpus or the right to travel or trial by jury or newer traditions like a non-partisan civil service.
The Thais are really polite people who want to keep the Internet free from King-Insulters, and the Americans government wants to protect the Homeland from havin' those narco-porno-copyright-stealin'-Terrorists jammin' up the Tubes. You gotta problem with that?