There are really two kinds of weakness that matter - weakness with wimpy passwords, and weakness with randomly-chosen maximum-entropy strong passwords. The former problem is important because lots of people DO pick wimpy passwords. The Unix "Crack" program has been cracking passwords for years now on vanilla hardware in minimal time - it's not very fast, but if you try a list of a Million Wimpy Passwords, you can catch reasonable numbers of users on a big system. Typically, it was most effective to try to crack root's password, because root can usually the rules for minimum password length for its own password, while real users have to pick better passwords:-) Better algorithms like MD5 let you use longer passwords, so you're not only able to get better theoretical strength, but you're more likely to pick passwords that aren't wimpy and you've got enough room to pick really unique salt. (But the algorithms are also faster than DES, so you'd need to crank them about 100 times instead of 25.)
But the more general problem is crackable also. The EFF DES cracker machine from 1998 is probably still gathering dust in John Gilmore's basement. They built it to demonstrate how irresponsibly inadequate the government's crypto export strength rules were. It took about 2-3 days for the average DES crack, and so did the distributed.net Internet cracker effort at the time. The Unix password algorithm cranks a modified DES about 25 times, so it's proportionally slower, and you can't use the same ASICs (that's deliberate), but if you wanted to build cracker hardware with FPGAs it wouldn't be too hard, or ASICs if you really want to target Unix passwords. Moore's law means that if you can talk the same number of people into running your password-cracking screensaver, you can go about 10 times as fast as in 1998, and an ASIC version would probably have a similar speedup.
Remember that there are somewhere around 100,000 - 1 million virus-infected PCs 0wned by spammers out there - if they wanted to run CPU-burners for some reason, they could, and symmetric crypto is a great match for massive parallelism with low communication rates.
Previous Windows versions didn't have that feature - you could drag the taskbar around to various positions, normally by accident when you're trying to grab the edge of some window:-) I hated that! So thanks for the information.
Why would you want rotating machinery in your office? Use a network! Get yourself a diskless workstation or an X terminal, and keep the disk servers in some other room. That was an obvious strategy a decade ago with Sun workstations, but you can find a number of little appliance-sized PCs today. Alternatively, use a small flash to boot from, if you're more comfortable that way, but still keep the bulk of your storage somewhere else.
A decade ago, when the Sparcstation ELC was still fast (with a *rocking* 40 MHz processor uilt into the back of the monitor), I chose it a my desktop machine precisely because it was diskless and had no fan. The computers that had the real data I was working on were up in the lab, but my office was nice and quiet. I had a CDROM shoebox attached to it, but that only made noise when I turned it on to feed it CDs. It was unfortunately black&white, not color, but most of the work I was doing was on the databases attached to our graphic viewer application, and I could walk up to the lab if I needed to use the graphic side.
The noisy fan on the game console doesn't matter much, assuming you're playing loud games:-) And unlike a desktop computer which is on while you're doing quiet work, the game console is probably turned off when you're not fragging.
Some of this obfuscation is standard patent language, which has its own idioms and jargon for expressing things that aren't what nornally passes for English - they're almost all pretty bad, but other patent lawyers can read them if they understand the invention that's being patented. However, these guys seem to have stretched the art excessively, piling on lots and lots of things hoping that something will stick, and their "Claims" section is very short compared to many I've seen, with an extremely high density of artificial as well as natural fertilizer. Too many obscure patents make long lists of claims; these greedy bozos at least refrained from that, though they make up for it in their explanations sections. I'd love to see their lawsuit, and how bad _it_ is.
(Claim 1) Their basic concept appears to have been to accept several syntaxes for contacting a list of people who might not use email (or mihgt have hard-to-guess email addresses). They use a rather obvious syntax for email addresses.
Doing this with a _single_ syntax isn't sufficiently novel to patent - things like email-to-fax gateways and email-to-printer-to-snailmail gateways were long-before prior art, as are email aliases. So are lots of "Unified Messaging" things that people like Bell Labs have played with for years.
They wanted interfaces other than email, like browser interfaces, that could reach their customers, so they thought a simple URL would be cool, since you can type it into a browser. The mere fact that they don't understand what a URL is doesn't mean that it doesn't work:-)
They're not real good with semantics either...
(Claim 2)Doctors are an example of a target market. Again, there's no semantics here - it appears to be trying to add enough depth and specificity to hopefully let enough stuff stick together to roll past a patent examiner. Apparently, that works also:-)
(The Plot Thickens) They appear to have noticed that the.name registrars are using similar character-transformations between email addresses and domain name strings, and weren't bothered by the radical semantic differences between domain names and syntactically-incorrect "URLs".
(Obligatory Slashdot Memes Follow)
....
PROFIT!!!
(Now for the cynical "Malice or Incompetence" discussion:-) So why did they write this egregiously overblown incompetent abuse of the patent process? Was it just a "throw enough things together to hope they'll get through, since the Patent Office was allowing anybody to patent just about anything as a business method"? Did they just get lucky about noticing.NAME's syntax?
Or (extra-cynical mode) did they notice that the syntactic trick was potentially useful, and write a bogus patentable-looking process around it to get it through so they could do overly-broad lawsuits? I suspect regular greed and malice are enough of an explanation, since they don't appear to be competent enough to have applied extra-special malice:-)
Oh, yeah, the mere fact that BIND has some similar syntax (with correct semantics) a decade earlier, which anyone vaguely skilled in the trade would know, suggests they weren't paying much attention to prior art (and the patent examiner should of course also be fired...) The fact that the "IETF Ad-Hoc Committee" (IAHC), (who were the IETF's attempt at dealing with the new-TLDs question before ICANN formed itself) had proposed a ".nom" gTLD that was largely similar to ICANN's later ".name" should also have been obvious prior art - the IAHC's report was in February 1997, about 2.5 years before the patent filing. So even if ".name" uses similar syntax, there's prior art for *that*, plus the ",name" people are doing domain names, which are radically different from URLs, which the plaintiffs should also know.
I can't say that the lawsuit is facially invalid, because IANAL, especially not a patent lawyer, and the patent office did let this turkey through along with a herd of other turkeys that have succeeded at lawsuits, but boy is this a vessel of fertilizer that's extremely strong.
URLs don't have to start with http:// - they can start with other protocols, e.g. ftp://, gopher://, and there are increasing numbers of applications that use protocolname://domain/stuff even if it's not strictly in a URL RFC.
But that's ok - the patent is on ways to use (syntactically incorrect) URLs that are almost identical to to email addresses, not on using character strings that happen to resemble domain names, and that's not what the.name registrars are doing - they's using domain names correctly:-)
So while there are a wide range of reasons this patent should have been rejected, and should now be thrown out on its ear, that's a separate problem issue from the lawsuit, which (if the newspaper articles are correct, which they never are about technical issues) is frivolously and falsely claiming that the respondants are infringing the plaintiff's patent. NO surprise that if they'd write a patent that was that blatantly incorrect, they'd also be bad at lawsuits, but the press reports don't give the text of the lawsuit, they just give the patent number which has the text of the patent.
First of all, the patent doesn't cover "domain names" that are identical to email addresses except for replacing the "@" with a ".". It covers URLs of that form; such a shame that that's not a valid URL syntax. "http://name.subdomain.domain/" is a much different animal entirely. THe registrars are selling domain names.
But ".name" wasn't the first TLD to use first.last.name as a format - the IETF Ad-Hoc Committee (IAHC) proposed an approximately-identical ".nom" in their February 1997 report. (THe IAHC were the legitimate organization that failed politically and was followed by the highly dubious ICANN gang.) So ~2.5 years before the patent filing, there was a public report about the general topic, and it had been discussed by a lot of the skilled practioners before that.
Furthermore, there was lots of published material about using email or other syntaxes for contacting offline people, such as email-to-fax gateways and lots of Unified Messaging Hype from Bell Labs, Bellcore, AT&T, Lucent, etc., which is the fundamental technical thing that they seem to be claiming.
The patent was filed some time in 1999, and under US law, you can file up to one year after disclosure of the invention. (That part isn't non-sensible, although there are debates about whether it's a better approach than Europe's file-before-you-publish rule.) I don't _know_ when they disclosed it (e.g. before the patent was filed or not?), and US law is actually first-to-invent, not first-to-file, and I don't remember seeing any documentation on when they invented their method.
Fortunately, BIND treats name.subdomain.domain as an email address for name@subdomain.domain, and I'd be really really surprised to see these Bozos get away with claiming that they were doing this prior to BIND's existence, since it's the canonical DNS server implementation since about a decade before their alleged invention. Also, the IAHC IETF Ad-Hoc Committee, which was trying to do a set of new TLDs (unsuccessful politically) before ICANN was formed to pretend to address the same problem, had proposed a ".nom" gTLD which is substantially similar to ".name" - Their report was in February 1997, and it had been discussed widely in the mailing lists that many of the skilled practitioners hung out in for a while before that.
OK, maybe you don't wear your solar-powered jacket on rainy days, but how does this overly-electrical thing deal with getting rained on? Is it washable?
My Hitachi Visionbook Traveller was a nice 1.1kg machine with a wimpy 640x480 screen. Unlike many laptops, it uses Video Camera batteries, which are easy to find and replace for a reasonable price when they get old. Unfortunately, the little plastic doors that hold the batteries in tend to break off and get lost, and the last time I tried to replace them, I found that Hitachi had farmed out parts and maintenance to some other company, and they'd stopped selling individual parts, so instead of paying $5 for little plastic doors, I'd have to send the machine in for a minimum $100 repair charge.
Shortly thereafter the LCD screen got cracked, which simplified the problem:-) It's now a nice web terminal and printer server, and can drive a monitor at 1024x768 if you don't mind 8-bit color.
It has a light side and a dark side an holds the Universe together....
Also, it's a bit stretchy, which helps for some applications. Back when I had by 71 Chevy van (bought heavily misused in ~1984), there were several parts you just couldn't find junkyard replacements for (since they'd rusted out on _all_ Chevy vans, and spending $600 to replace the windows because you can't buy the hanger brackets separately is pretty silly on a $1200 car), and duct tape worked just fine.
But yes, gaffer tape is often better for applications like that.
Most current Cisco router hardware can do IPv6 just fine, and probably Juniper can too. It may not have as much horsepower running IPv6 as it does with IPv4, which could be a problem for some ISPs.
Dial modem equipment matters a bit more, and I'm not sure all of it really supports IPv6,
but Redback routers for DSL support at least basic IPv6 functions.
Recent Microsoft Windows operating system versions support IPv6, though I'm not sure how much application program support there is. It may be a bit less efficient, but end-user PCs have horsepower to burn. Most web servers probably do too.
I don't know if AOL supports IPv6 or not.
The real issue is getting a few major ISPs and some of the popular web sites to support IPv6. Web sites mostly don't run it because their ISPs don't, but if native IPv6 becomes available, it's easier for them to switch. The problem for ISPs isn't so much security (though they obviously care about that), but reliability - the degree of reliability testing and the level of developer exposure to weird real-world events is much more limited with IPv6, which makes them hesitant to really jump on it since there's minimal market demand (using "market demand" in the sense of "people who will pay you money if you have it and won't pay you if you don't" rather than "people who think it might be cool but aren't handing you money".)
Your tinfoil hat's strapped on a bit too tightly - loosen up.
Sure, the Feds could possibly pay Adobe to add a "tell the Feds" bit to Photoshop's Stego feature, if Phtoshop had such a thing. But stego isn't the kind of thing you typically ship integrated with other products - it'd be a separate image-manipulation program or audio-manipulation program, or perhaps a plugin for programs that support such things (e.g. a Mozilla stego-reader thing.) And they can't control all sources of image bits, much less image manipulation programs.
The problem is pretty hard - how good are the models you can make of each type of image source and its noise components, how good are the image manipulation programs at transforming noise-like encrypted data into something that matches the statistics of the image noise, what traces does the stego program leave so it can find its own images?
The problem from an honest eavesdropper's perspective is how to keep the false positive rate low enough to wade through the huge amounts of image data, raw or manipulated, on the net to find the potentially very very small amount of real stego. (Hint: the amount of binary data on Usenet is probably well over 100 Megabits per second, and spam still counts if you're looking for stego.) On the other hand, a dishonest eavesdropper only has to maintain an attempt at verisimilitude "We found pr0n on the suspected terrorists' computers, but real religious fanatics wouldn't have that so it must be Steganography! That means they're guilty guilty guilty! And this picture of Osama has his Left Eye Winking and his right middle finger mostly extended! That means that the attack is planned for This Month, in an American City next to a bend in a river!" Sure, it's bogus, but the almanac stuff is bogus too - it only has to keep the sheep feeling nervous about what the Feds might find next, because terrorists are a threat to our nation's Precious Bodily Fluids. An automated stego detector is fine if you want to claim that there are 10,000 suspected terrorist chatter messages per day, but you can't actually issue PR alarms as fast as you get false positives because it'd be way too fast to maintain credibility; crying "Wolf" is something you do at controlled intervals if you want to be believed.
Diesel? What about STEAM?
on
Your Own Mecha
·
· Score: 1
They've got giant mecha robots, they've got water for cooling the engine, and diesel for fuel - Water + Heat = Steam! The world can be saved by Steam!
Sorry. But how can you pass up a straight line like that one....
I'm not sure when Sonic.net started doing DSL, but they've been in the ISP business since ~1994-1995, while Speakeasy started as an Internet cafe in 1995, and didn't start DSL until 1998. Speakeasy _was_ my other main choice for DSL, but Sonic's plans looked a bit closer to what I wanted, and they've done some cool rooftop network stuff up in Sonoma that I'd like to see expand.
There are about 10 ways to pull this kind of service out of a protocol stack - from simple "don't care who's there" to RADIUS games to IPSEC VPNs to various games with NAT (for roamers who don't mind being stuck behind NAT) to SSL tunnels to HTTP/HTTPS proxies to whatever. Depending on the kind of service you're trying to provide, the user get more or less control of their environment. One of the cleaner approaches is to let guests set up a VPN tunnel to some gateway (either a hotspot provider or just let all ipsec traffic through.) This is safe for the wired host user, prevents problems with spamming, etc., and gives you something to prioritize on if the wireless guests are hogging all your bandwidth, plus it's secure for the wireless guest as well.
But all of them require somebody to go do the programming work. The centralized approaches have an obvious person to do that, but they require business models. If the cable modem companies weren't suicidally clueless about the data world, they'd offer a $10/month roaming service from any cable modem user that has wireless running. But there are friendlier DSL providers, like Sonic and Speakeasy and to some extent Earthlink, where the users could do decentralized friendly wireless sharing if they wanted because their contracts' terms of service are open.
Sonic.net provides DSL and dial ISP services. They have a hotspot bribe service, which lets their DSL customers set up a hotspot and receive 50% of the daily charges for anyone sharing their DSL. So Sonic.net customers can roam, or share DSL with their neighbors, and non-customers can pay a $3.50 per day hotspot usage fee. They don't provide hardware, but just about anybody who runs DSL is geeky enough to buy WiFi, and it's under $100 for access points anyway.
It appears that it's a hardware problem - bluescreens during boot. But the hardware works fine under Knoppix, so maybe it's just operating system disk corruption.
Until this event, I almost never had Win2K Pro crash on me, unlike Win98 which could crash several times a day if it felt like it. On the other hand, I still had to log off or reboot about every other day because the window system gets too wedged to behave properly - so there are still quality problems. Office is the part that gets hung up most often, also IE (even though I do 90% of my browsing with Firebird), but neither one of those should cause the task bar not to reflect what tasks are running or update itself when you switch applications.
Nethack works just fine under Linux, as well as working under Windows and Mac. And there are a variety of Solitaire games. And that Mozilla thing - that's pretty much all the PC games I play.
On the other hand, Microsoft seems to have stopped supporting the donkey-crossing-the-street game....
I don't know if they're still going, but a bunch of the local Cypherpunks gang decided that CCCC would be fine to do and went to the first few. 2500 people and six E1 lines the first time:-) Electricity was a constraint at the first one - "Use gas stoves or fire for cooking - conserve electricity for the computers!" It was a geeking focus rather than Burning Man's arts focus, but lots of the same crowd do both.
SASL is certainly a good start, and particularly needs the alternate port to deal with fascist ISPs that block Port 25 (an increasingly popular thing to do, unfortunately, especially for US cable modems), but it still doesn't deal with firewalls. Users who want to do this from work need to get their offices' sysadmins to enable Port 465 or whatever port their provider likes.
But the more general problem is crackable also. The EFF DES cracker machine from 1998 is probably still gathering dust in John Gilmore's basement. They built it to demonstrate how irresponsibly inadequate the government's crypto export strength rules were. It took about 2-3 days for the average DES crack, and so did the distributed.net Internet cracker effort at the time. The Unix password algorithm cranks a modified DES about 25 times, so it's proportionally slower, and you can't use the same ASICs (that's deliberate), but if you wanted to build cracker hardware with FPGAs it wouldn't be too hard, or ASICs if you really want to target Unix passwords. Moore's law means that if you can talk the same number of people into running your password-cracking screensaver, you can go about 10 times as fast as in 1998, and an ASIC version would probably have a similar speedup.
Remember that there are somewhere around 100,000 - 1 million virus-infected PCs 0wned by spammers out there - if they wanted to run CPU-burners for some reason, they could, and symmetric crypto is a great match for massive parallelism with low communication rates.
Previous Windows versions didn't have that feature - you could drag the taskbar around to various positions, normally by accident when you're trying to grab the edge of some window :-) I hated that! So thanks for the information.
That's a nice review - thanks!
Why would you want rotating machinery in your office? Use a network! Get yourself a diskless workstation or an X terminal, and keep the disk servers in some other room. That was an obvious strategy a decade ago with Sun workstations, but you can find a number of little appliance-sized PCs today. Alternatively, use a small flash to boot from, if you're more comfortable that way, but still keep the bulk of your storage somewhere else.
A decade ago, when the Sparcstation ELC was still fast (with a *rocking* 40 MHz processor uilt into the back of the monitor), I chose it a my desktop machine precisely because it was diskless and had no fan. The computers that had the real data I was working on were up in the lab, but my office was nice and quiet. I had a CDROM shoebox attached to it, but that only made noise when I turned it on to feed it CDs. It was unfortunately black&white, not color, but most of the work I was doing was on the databases attached to our graphic viewer application, and I could walk up to the lab if I needed to use the graphic side.
The noisy fan on the game console doesn't matter much, assuming you're playing loud games :-) And unlike a desktop computer which is on while you're doing quiet work, the game console is probably turned off when you're not fragging.
(Now for the cynical "Malice or Incompetence" discussion :-) So why did they write this egregiously overblown incompetent abuse of the patent process? Was it just a "throw enough things together to hope they'll get through, since the Patent Office was allowing anybody to patent just about anything as a business method"? Did they just get lucky about noticing .NAME's syntax?
Or (extra-cynical mode) did they notice that the syntactic trick was potentially useful, and write a bogus patentable-looking process around it to get it through so they could do overly-broad lawsuits? I suspect regular greed and malice are enough of an explanation, since they don't appear to be competent enough to have applied extra-special malice :-)
Oh, yeah, the mere fact that BIND has some similar syntax (with correct semantics) a decade earlier, which anyone vaguely skilled in the trade would know, suggests they weren't paying much attention to prior art (and the patent examiner should of course also be fired...) The fact that the "IETF Ad-Hoc Committee" (IAHC), (who were the IETF's attempt at dealing with the new-TLDs question before ICANN formed itself) had proposed a ".nom" gTLD that was largely similar to ICANN's later ".name" should also have been obvious prior art - the IAHC's report was in February 1997, about 2.5 years before the patent filing. So even if ".name" uses similar syntax, there's prior art for *that*, plus the ",name" people are doing domain names, which are radically different from URLs, which the plaintiffs should also know.
I can't say that the lawsuit is facially invalid, because IANAL, especially not a patent lawyer, and the patent office did let this turkey through along with a herd of other turkeys that have succeeded at lawsuits, but boy is this a vessel of fertilizer that's extremely strong.
But that's ok - the patent is on ways to use (syntactically incorrect) URLs that are almost identical to to email addresses, not on using character strings that happen to resemble domain names, and that's not what the .name registrars are doing - they's using domain names correctly :-)
So while there are a wide range of reasons this patent should have been rejected, and should now be thrown out on its ear, that's a separate problem issue from the lawsuit, which (if the newspaper articles are correct, which they never are about technical issues) is frivolously and falsely claiming that the respondants are infringing the plaintiff's patent. NO surprise that if they'd write a patent that was that blatantly incorrect, they'd also be bad at lawsuits, but the press reports don't give the text of the lawsuit, they just give the patent number which has the text of the patent.
But ".name" wasn't the first TLD to use first.last.name as a format - the IETF Ad-Hoc Committee (IAHC) proposed an approximately-identical ".nom" in their February 1997 report. (THe IAHC were the legitimate organization that failed politically and was followed by the highly dubious ICANN gang.) So ~2.5 years before the patent filing, there was a public report about the general topic, and it had been discussed by a lot of the skilled practioners before that.
Furthermore, there was lots of published material about using email or other syntaxes for contacting offline people, such as email-to-fax gateways and lots of Unified Messaging Hype from Bell Labs, Bellcore, AT&T, Lucent, etc., which is the fundamental technical thing that they seem to be claiming.
Fortunately, BIND treats name.subdomain.domain as an email address for name@subdomain.domain, and I'd be really really surprised to see these Bozos get away with claiming that they were doing this prior to BIND's existence, since it's the canonical DNS server implementation since about a decade before their alleged invention. Also, the IAHC IETF Ad-Hoc Committee, which was trying to do a set of new TLDs (unsuccessful politically) before ICANN was formed to pretend to address the same problem, had proposed a ".nom" gTLD which is substantially similar to ".name" - Their report was in February 1997, and it had been discussed widely in the mailing lists that many of the skilled practitioners hung out in for a while before that.
OK, maybe you don't wear your solar-powered jacket on rainy days, but how does this overly-electrical thing deal with getting rained on? Is it washable?
Shortly thereafter the LCD screen got cracked, which simplified the problem :-) It's now a nice web terminal and printer server, and can drive a monitor at 1024x768 if you don't mind 8-bit color.
Also, it's a bit stretchy, which helps for some applications. Back when I had by 71 Chevy van (bought heavily misused in ~1984), there were several parts you just couldn't find junkyard replacements for (since they'd rusted out on _all_ Chevy vans, and spending $600 to replace the windows because you can't buy the hanger brackets separately is pretty silly on a $1200 car), and duct tape worked just fine.
But yes, gaffer tape is often better for applications like that.
Yup.. My cat's activing weird - must be an earthquake coming....
The real issue is getting a few major ISPs and some of the popular web sites to support IPv6. Web sites mostly don't run it because their ISPs don't, but if native IPv6 becomes available, it's easier for them to switch. The problem for ISPs isn't so much security (though they obviously care about that), but reliability - the degree of reliability testing and the level of developer exposure to weird real-world events is much more limited with IPv6, which makes them hesitant to really jump on it since there's minimal market demand (using "market demand" in the sense of "people who will pay you money if you have it and won't pay you if you don't" rather than "people who think it might be cool but aren't handing you money".)
Sure, the Feds could possibly pay Adobe to add a "tell the Feds" bit to Photoshop's Stego feature, if Phtoshop had such a thing. But stego isn't the kind of thing you typically ship integrated with other products - it'd be a separate image-manipulation program or audio-manipulation program, or perhaps a plugin for programs that support such things (e.g. a Mozilla stego-reader thing.) And they can't control all sources of image bits, much less image manipulation programs.
The problem is pretty hard - how good are the models you can make of each type of image source and its noise components, how good are the image manipulation programs at transforming noise-like encrypted data into something that matches the statistics of the image noise, what traces does the stego program leave so it can find its own images?
The problem from an honest eavesdropper's perspective is how to keep the false positive rate low enough to wade through the huge amounts of image data, raw or manipulated, on the net to find the potentially very very small amount of real stego. (Hint: the amount of binary data on Usenet is probably well over 100 Megabits per second, and spam still counts if you're looking for stego.) On the other hand, a dishonest eavesdropper only has to maintain an attempt at verisimilitude "We found pr0n on the suspected terrorists' computers, but real religious fanatics wouldn't have that so it must be Steganography! That means they're guilty guilty guilty! And this picture of Osama has his Left Eye Winking and his right middle finger mostly extended! That means that the attack is planned for This Month, in an American City next to a bend in a river!" Sure, it's bogus, but the almanac stuff is bogus too - it only has to keep the sheep feeling nervous about what the Feds might find next, because terrorists are a threat to our nation's Precious Bodily Fluids. An automated stego detector is fine if you want to claim that there are 10,000 suspected terrorist chatter messages per day, but you can't actually issue PR alarms as fast as you get false positives because it'd be way too fast to maintain credibility; crying "Wolf" is something you do at controlled intervals if you want to be believed.
Sorry. But how can you pass up a straight line like that one....
I'm not sure when Sonic.net started doing DSL, but they've been in the ISP business since ~1994-1995, while Speakeasy started as an Internet cafe in 1995, and didn't start DSL until 1998. Speakeasy _was_ my other main choice for DSL, but Sonic's plans looked a bit closer to what I wanted, and they've done some cool rooftop network stuff up in Sonoma that I'd like to see expand.
But all of them require somebody to go do the programming work. The centralized approaches have an obvious person to do that, but they require business models. If the cable modem companies weren't suicidally clueless about the data world, they'd offer a $10/month roaming service from any cable modem user that has wireless running. But there are friendlier DSL providers, like Sonic and Speakeasy and to some extent Earthlink, where the users could do decentralized friendly wireless sharing if they wanted because their contracts' terms of service are open.
Sonic.net provides DSL and dial ISP services. They have a hotspot bribe service, which lets their DSL customers set up a hotspot and receive 50% of the daily charges for anyone sharing their DSL. So Sonic.net customers can roam, or share DSL with their neighbors, and non-customers can pay a $3.50 per day hotspot usage fee. They don't provide hardware, but just about anybody who runs DSL is geeky enough to buy WiFi, and it's under $100 for access points anyway.
Until this event, I almost never had Win2K Pro crash on me, unlike Win98 which could crash several times a day if it felt like it. On the other hand, I still had to log off or reboot about every other day because the window system gets too wedged to behave properly - so there are still quality problems. Office is the part that gets hung up most often, also IE (even though I do 90% of my browsing with Firebird), but neither one of those should cause the task bar not to reflect what tasks are running or update itself when you switch applications.
On the other hand, Microsoft seems to have stopped supporting the donkey-crossing-the-street game....
You are in a maze of twisty little Slashdot postings, all different
I don't know if they're still going, but a bunch of the local Cypherpunks gang decided that CCCC would be fine to do and went to the first few. 2500 people and six E1 lines the first time :-) Electricity was a constraint at the first one - "Use gas stoves or fire for cooking - conserve electricity for the computers!" It was a geeking focus rather than Burning Man's arts focus, but lots of the same crowd do both.
SASL is certainly a good start, and particularly needs the alternate port to deal with fascist ISPs that block Port 25 (an increasingly popular thing to do, unfortunately, especially for US cable modems), but it still doesn't deal with firewalls. Users who want to do this from work need to get their offices' sysadmins to enable Port 465 or whatever port their provider likes.