A lot of people seem to forget that one of the first really widespread products that end users in corporations used that fully integrated public/private key encryption was Lotus Notes. I started using it in 1991, but I believe as early as 1989 it was functionally part of the product.
Sure, others used it before then, but in terms of a widely used corporate end user audience, it was (and still is to some extent) unique.
Yes, you may now rag on Notes if you like -- of course, keep in mind it remains the only real solution for a major corporation that by public key authentication and encryption by default, has a fully functional smtp mta built in, handles the front end needs of end users well enough for salespeople (not like a typical pop or imap client) and of course, fully supports linux as a server platform (and within a few months as a client platform as well).:-)
That's why they won't be there. Remember, a key new DRM goal here is to "close the analog hole" by not displaying video in any higher resolution than current standards out through anything but DRM capable ports. If you can write your own kernel driver you could get it in the way of that process -- potentially intercepting that stream of data or sending it to unauthorized devices.
The sick part is, we're all paying for this DRM so that we can then be sure to pay for future content.
With a small hardware modification, you can plug the power directly into the PC, and then you don't have to peddle any more. The modification is only a $3 cable, but if you want to be able to download the instructions, you have to join our web site which is $20 per year. You also get wifi firmware with it.:-)
..when you compare it to the support city that will spring up around the base of any such endeavor.
I'm not saying that is a bad thing, btw. If done will, maybe this technology would be cleaner overall than rockets or some kind of mythical antigravity fusion powered jet-pack thing.
I have been an expert witness in a court case related to computer logs and emails. As it happens, I was hired by the plaintiff who was suing a company who made public accusations against him. Through careful use of logs and an understanding of the technology involved, I was able to prove conclusively that what they accused him of could not be proved with the logs, and most likely did not happen (though it would have also been impossible to prove that he did not do it strictly through this data). I was also able to show the most likely cause of the problem and what was done to fix it.
The evidence I was able to present to other side during a 5 hour deposition was convincing enough that within a short period of time thereafter a settlement was reached and the case did not end up in court.
So 5 minutes at something like a megawatt of current.
OUCH! Who's gonna plug that sucker in? The charge radiating from the line would be dangerous to stand next to, and enough to light a fluorescent bulb!
Then, what happens if that huge capacitor you're sitting on gets in a car wreck? As a firefighter, do I have to find a way to discharge it somewhere (safely?) before I can cut you out of this deathtrap?
Where does all the power go if this thing cracks?
Besides, the switch for the 220v, 20amp line on a household circuit is half the size of a closed fist. That's a max of something like 4 kilowatts. A 110v 20amp plug is about 1/4 that size, and about 2 kilowatts capacity (I'm measuring capacity through the simple expedient of the fact the some engineer somewhere came up with these plugs -- not any kind of valid engineering). Scale that up in a linear way and I have to plug something 250 times the size of a dryer plug into my car. Hope I can carry it.
There are times when tables, bold tags, or other html simplicity just works better. CSS is very useful, but like all things it isn't the only consideration. XML is like that -- useful, but not critical. Don't get me started on "Ajax" which doesn't justify having a name of its own as it is simply the codification of a technique that's been around a while.
If the job gets done well, the technology was a good choice. I have programmers who start with a technology before they have a design.
I love this. It's the modern equivalent of having a soup taster for the King. We think we're sooo clever.
I also like the article's forced effort to explain how the fix cannot stop the bombing of a water main or the release of germs which target humans. Clearly, the system is insufficient due to those limitations and must be replaced with a hundred million dollar project. LOL.
It's the canary in the coal mine.
Hazmat team joke: "How do you know if a scene is IDLH? (Immediately Dangerous to Live or Health).... Simple, when you get there all the cops are horizontal instead of vertical.
These Voting machines actually do what they say they do. They vote for us. Thanks to the advances in voting machine technology, humans will be relieved the burden of actually voting altogether! Voting machines are clearly a terrific labor saving device.
Vista will not CREATE I.T. jobs, it will mean companies need to hire 50,000 more employees to support it. I.T. is a COST CENTER in a company, not a center of profit. A common figure tossed around for the "fully weighted" cost of an I.T. employee (pay + benefits + facilities + management) is $130,000 US. It's just a placeholder, but tends to work for large scale budgeting.
Taking that number and multiplying it by these new jobs which are going to be required to support Vista, and you're draining 6.5 Billion (or "thousand million" for our non U.S. readers) U.S. Dollars.
x.509 certificates essentially say "This is who I am, according to this trusted authority. Further, with this identification I've presented to you, you can secure your communication to me."
The "Who I am" is more than just my name. It can include my name, address, and other identifying features which make it far superior to simply a name. There is the uniqueid part, and then there is the name part. They are not the same.
What would help much more, is for x.509 to become more widespread. I suspect that eventually it (or something like it) will end up with governmental buy in. A passport, for example, could eventually include a publically verifiable x.509 certificate. Keeping the secret key part secret would be a challenge -- possibly a physical item like a secureid card embedded in the document itself would be needed.
So, now you have another place for "name prospectors" to hunt down all the best names and try to make money by owning the ones that have marketing value. The site's home page even says:
"these names are unique, so those who are paying attention can get the name or names that they want."
That was enough for me to write it off.
This doesn't go as far toward an actual unique and secure identity as an x.509 certificate, isn't as flexible at handling people who have the same name, has no track record for trust or security, and is controlled by a single organization.
This looks to me like someone's way to make money fast on the interweb by having a signup race for cool names at $5 (then $20) per year each.
We know how well regulated, fair, and efficient the DNS system has been.
If you travel enough to need this guide, you don't want just a connection in airports. You want it in taxis, hotel lobbies, customer sites that don't allow network use for external people, restaurants, malls, and parks.
I also want it at soccer practice fields where I'm waiting for my kids, as with Karate dojos and the the like.
Finally, I don't want to have to hunt down and sign up for multiple providers -- many of whom I'm very unsure about. I've seen crackers at airports with fake airport wifi sites set up.
It's not terribly cheap -- but compared to multiple pay as you go places it it's not bad. Practical speed is about 800k/sec download and way less upload (60k or so) which is exagerated but typical consumer bandwidth black hole hell. Not good for file sharing up loads, but that's not what I use it for.
Most important -- it is reasonably secure (at least I know where I'm calling), reasonably fast, and available most places now (though there are some big holes that piss me off, like MAINE.)
IPv6 has been waiting in the wings for how long? Why? More hardware, software, and routers need to support it. Now, MS comes along and supports it. This is reported as bad?
What can they do that won't get negative commentary on/.? I'm not a fan of MS overall, and prefer linux on my servers -- but c'mon people.
I'm an officer in a fire department. A much smaller department of course -- but we all study the same issues and see the same FEMA, NFPA, etc. bulletins.
The problems at the trade center were not so easily blamed on radios. Katrina related issues in New Orleans however, were influenced a great deal by radio communication problems.
That said, here are some things to consider:
1. Most departments are NOT like FDNY. 86% of firefighters in the USA are "on-call" not live in full timers. 96% of departments in the USA are staffed in part or in whole by on-call firefighters, and 40% of the population is protected by these "volunteers". Focusing on FDNY and their issues on 9/11 isn't doing a service to the real problem.
2. With Katrina, every cell tower, every radio repeater, and all the power for thousands of square miles was down. Trucks with portable backup repeaters couldn't operate in the deep water and muck. With no communication, fire crews are acting as islands and cut off from knowing where emergencies are or from getting help. Police had the same problem, but the added issue of a populace which would rather fight them then help them.
Now, taking that knowledge in hand, let's talk about what has happened since 9/11 in my little department. Since 9/11 here's what's changed:
1. Every member of my department has their own radio at all times. This is unusual for rural departments - or was. These radios are not cheap. They run about $1500 each. Remember, not just any radio will do -- they must be "intrinsically safe" (meaning no internal sparks) and must stand up to some fairly serious abuse.
2. Every member of my department (and most in other departments I've spoken to) has complete the now required "NIMS" (National Incident Management System) training and certification process at levels 100 and 700. Most town leaders have also completed this training. Officers such as myself also complete NIMS 300, while chiefs complete several more. This system is set up so that in an escallating emergency all responders are on the same page from a language, radio traffic, procurement, authorization, authority, and responsibility perspective as an incident grows from a single unit response to a multi-state task force. The system is patterned after a very successful program used for years by the forest service.
3. Although most towns still use their own frequencies on their radios, in our area all the towns which are adjacent and most which are one town removed are pre-programmed on our radios. There is also a statewide non-repeated frequency so that any firefighter on the fireground has a way to communicate.
4. I am told, though I have not seen, that for very large incidents equipment exists that allows high level incident management teams from the federal level to respond and "slot in" a radio from each local jurisdiction. This device acts as a switch of some kind, bridging the radio systems on the fly. I'm told a decision on how far down the chain that technology will be pushed is still in the works.
5. Even in our little town of under 10,000; we've gotten together with nearby towns and drilled at mass casualty and hazardous materials incidents.
Now, if you think there are more things we should do, consider that most "volunteers" (remember, that's 86% of firefighters) put in more than 50 hours a year of unpaid training time as it is. Where were you?
The people who understand the failings in the 911 response but are not part of the chain of command are other firefighters. All of us, around the country, can point to things the FDNY did wrong. It's easy to do after the fact. We're also the most reluctant to do so. Our brothers may have made mistakes, but they did a lot of things right in the face of terrible danger and stress. We're reluctant to point fingers. That doesn't mean we don't discuss it among ourselves and in our training.
Even in the nearby city of Portland, Maine -- with less than 1/30 the population of NYC, there are fire trucks with repeaters in them which can be dispatched to locations around the city if the system is down for one reason or another.
....would work to keep a tool kit of their own "zero-day" exploits handy for that day when they need or want to gain access to something in particular where the admin is doing the work of applying patches.
I no longer have a T1 to my home office server room. I have a consumer cable modem. I moved my public facing content to a machine at ServerBeach. It's faster, more reliable, and about 1/10 the monthly cost (I live a LONG way from any reasonable POP so a T1 was very expensive).
Now, the stuff clients see is 100% reliable (I have a failover server). The cable modem for my own use works fine -- in fact has been more and more reliable as the cables companies are now trying to compete for phone service and discovering people don't tollerate phone outages nearly so well as cable tv outages.
My experience with them is from 18 years ago, but the organizational style rings true.
I found this organization to be utterly classless, morally bankrupt, and totally incompetent. The sole exception to this was that INDIVIDUAL store managers and a couple of reginal guys were fantastic sales people and had solid retail skills. The entire corporate profile is designed to mass produce cheap crap and sell it at a huge margin, sucking every ounce of effort and creativity from the few good sales kids and retail level managers who give huge efforts to eek out a poor living.
The times I was in Ft. Worth for one reason or another the level of waste and incompetance was stunning to behold.
-- Please forgive the poor spelling and typos. I'm typing on a small keyboard and have limited editing here.
Here's the thing -- Dell has always been very good to me. I don't work for them and have no skin in the game in that respect. I've built my own PC's and servers since the late 1980's but when it comes to laptops I prefer to buy prebuilt rather than trying the new kit products available.
I've had four Dell laptops, and all have been among the most reliable machines I've owned. I've used their support very very rarely -- but hell, I don't expect any company to provide a support tech up to my own technical abilities. I have 20 years experience and earn more than five times when they can affort to pay for support techs. I just want a support tech to tell me if what I've got is a known problem or if they're seeing it with other people.
My most recent purchase is a Latitude d820 which I am frankly thrilled with in terms of performance, bulk, weight, durability, style, and battery life. I travel with it, and have already dropped it once while watching a dvd on an airplane and as expected from this machine, the magnesium case wasn't even scuffed.
Sure, Dell has cheaped out on support for consumers. So has everyone else. Their choice to stay in bed too long with pure Intel processors and no AMD was a mistake and it cost them -- as it should have. They are, however, in my experience a responsible company and I just don't buy that they'd have left dangerous batteries in place once they were aware of the problem.
The publicity was excellent about getting attention to the problem -- but I don't believe it forced anyone to do anything they wouldn't otherwise have done.
The wide aspect screens offer two key benfits. One of course is that movies are now shownin that aspect. The other turns out to be space. A short wide screen opens on an airplane much better than a taller one. The laptop requires significantly less room between you and the guy ahead leaning back so far you could do dental work on him.
Slashdot Mirror
A lot of people seem to forget that one of the first really widespread products that end users in corporations used that fully integrated public/private key encryption was Lotus Notes. I started using it in 1991, but I believe as early as 1989 it was functionally part of the product.
:-)
Sure, others used it before then, but in terms of a widely used corporate end user audience, it was (and still is to some extent) unique.
Yes, you may now rag on Notes if you like -- of course, keep in mind it remains the only real solution for a major corporation that by public key authentication and encryption by default, has a fully functional smtp mta built in, handles the front end needs of end users well enough for salespeople (not like a typical pop or imap client) and of course, fully supports linux as a server platform (and within a few months as a client platform as well).
She's no 7 (of 9) either.
That's why they won't be there. Remember, a key new DRM goal here is to "close the analog hole" by not displaying video in any higher resolution than current standards out through anything but DRM capable ports. If you can write your own kernel driver you could get it in the way of that process -- potentially intercepting that stream of data or sending it to unauthorized devices.
The sick part is, we're all paying for this DRM so that we can then be sure to pay for future content.
With a small hardware modification, you can plug the power directly into the PC, and then you don't have to peddle any more. The modification is only a $3 cable, but if you want to be able to download the instructions, you have to join our web site which is $20 per year. You also get wifi firmware with it. :-)
...you will be approximated.
..when you compare it to the support city that will spring up around the base of any such endeavor.
I'm not saying that is a bad thing, btw. If done will, maybe this technology would be cleaner overall than rockets or some kind of mythical antigravity fusion powered jet-pack thing.
I have been an expert witness in a court case related to computer logs and emails. As it happens, I was hired by the plaintiff who was suing a company who made public accusations against him. Through careful use of logs and an understanding of the technology involved, I was able to prove conclusively that what they accused him of could not be proved with the logs, and most likely did not happen (though it would have also been impossible to prove that he did not do it strictly through this data). I was also able to show the most likely cause of the problem and what was done to fix it.
The evidence I was able to present to other side during a 5 hour deposition was convincing enough that within a short period of time thereafter a settlement was reached and the case did not end up in court.
So 5 minutes at something like a megawatt of current.
OUCH! Who's gonna plug that sucker in? The charge radiating from the line would be dangerous to stand next to, and enough to light a fluorescent bulb!
Then, what happens if that huge capacitor you're sitting on gets in a car wreck? As a firefighter, do I have to find a way to discharge it somewhere (safely?) before I can cut you out of this deathtrap?
Where does all the power go if this thing cracks?
Besides, the switch for the 220v, 20amp line on a household circuit is half the size of a closed fist. That's a max of something like 4 kilowatts. A 110v 20amp plug is about 1/4 that size, and about 2 kilowatts capacity (I'm measuring capacity through the simple expedient of the fact the some engineer somewhere came up with these plugs -- not any kind of valid engineering). Scale that up in a linear way and I have to plug something 250 times the size of a dryer plug into my car. Hope I can carry it.
...as the old man always says...
This too shall pass, in the end.
There are times when tables, bold tags, or other html simplicity just works better. CSS is very useful, but like all things it isn't the only consideration. XML is like that -- useful, but not critical. Don't get me started on "Ajax" which doesn't justify having a name of its own as it is simply the codification of a technique that's been around a while.
If the job gets done well, the technology was a good choice. I have programmers who start with a technology before they have a design.
I love this. It's the modern equivalent of having a soup taster for the King. We think we're sooo clever.
I also like the article's forced effort to explain how the fix cannot stop the bombing of a water main or the release of germs which target humans. Clearly, the system is insufficient due to those limitations and must be replaced with a hundred million dollar project. LOL.
It's the canary in the coal mine.
Hazmat team joke: "How do you know if a scene is IDLH? (Immediately Dangerous to Live or Health).... Simple, when you get there all the cops are horizontal instead of vertical.
These Voting machines actually do what they say they do. They vote for us. Thanks to the advances in voting machine technology, humans will be relieved the burden of actually voting altogether! Voting machines are clearly a terrific labor saving device.
I, for one, welcome our new......oh. Too late.
Vista will not CREATE I.T. jobs, it will mean companies need to hire 50,000 more employees to support it. I.T. is a COST CENTER in a company, not a center of profit. A common figure tossed around for the "fully weighted" cost of an I.T. employee (pay + benefits + facilities + management) is $130,000 US. It's just a placeholder, but tends to work for large scale budgeting.
Taking that number and multiplying it by these new jobs which are going to be required to support Vista, and you're draining 6.5 Billion (or "thousand million" for our non U.S. readers) U.S. Dollars.
x.509 certificates essentially say "This is who I am, according to this trusted authority. Further, with this identification I've presented to you, you can secure your communication to me."
The "Who I am" is more than just my name. It can include my name, address, and other identifying features which make it far superior to simply a name. There is the uniqueid part, and then there is the name part. They are not the same.
What would help much more, is for x.509 to become more widespread. I suspect that eventually it (or something like it) will end up with governmental buy in. A passport, for example, could eventually include a publically verifiable x.509 certificate. Keeping the secret key part secret would be a challenge -- possibly a physical item like a secureid card embedded in the document itself would be needed.
This doesn't go as far toward an actual unique and secure identity as an x.509 certificate, isn't as flexible at handling people who have the same name, has no track record for trust or security, and is controlled by a single organization.
This looks to me like someone's way to make money fast on the interweb by having a signup race for cool names at $5 (then $20) per year each.
We know how well regulated, fair, and efficient the DNS system has been.
If you travel enough to need this guide, you don't want just a connection in airports. You want it in taxis, hotel lobbies, customer sites that don't allow network use for external people, restaurants, malls, and parks.
I also want it at soccer practice fields where I'm waiting for my kids, as with Karate dojos and the the like.
Finally, I don't want to have to hunt down and sign up for multiple providers -- many of whom I'm very unsure about. I've seen crackers at airports with fake airport wifi sites set up.
It's not terribly cheap -- but compared to multiple pay as you go places it it's not bad. Practical speed is about 800k/sec download and way less upload (60k or so) which is exagerated but typical consumer bandwidth black hole hell. Not good for file sharing up loads, but that's not what I use it for.
Most important -- it is reasonably secure (at least I know where I'm calling), reasonably fast, and available most places now (though there are some big holes that piss me off, like MAINE.)
IPv6 has been waiting in the wings for how long? Why? More hardware, software, and routers need to support it. Now, MS comes along and supports it. This is reported as bad?
/.? I'm not a fan of MS overall, and prefer linux on my servers -- but c'mon people.
What can they do that won't get negative commentary on
I'm an officer in a fire department. A much smaller department of course -- but we all study the same issues and see the same FEMA, NFPA, etc. bulletins.
The problems at the trade center were not so easily blamed on radios. Katrina related issues in New Orleans however, were influenced a great deal by radio communication problems.
That said, here are some things to consider:
1. Most departments are NOT like FDNY. 86% of firefighters in the USA are "on-call" not live in full timers. 96% of departments in the USA are staffed in part or in whole by on-call firefighters, and 40% of the population is protected by these "volunteers". Focusing on FDNY and their issues on 9/11 isn't doing a service to the real problem.
2. With Katrina, every cell tower, every radio repeater, and all the power for thousands of square miles was down. Trucks with portable backup repeaters couldn't operate in the deep water and muck. With no communication, fire crews are acting as islands and cut off from knowing where emergencies are or from getting help. Police had the same problem, but the added issue of a populace which would rather fight them then help them.
Now, taking that knowledge in hand, let's talk about what has happened since 9/11 in my little department. Since 9/11 here's what's changed:
1. Every member of my department has their own radio at all times. This is unusual for rural departments - or was. These radios are not cheap. They run about $1500 each. Remember, not just any radio will do -- they must be "intrinsically safe" (meaning no internal sparks) and must stand up to some fairly serious abuse.
2. Every member of my department (and most in other departments I've spoken to) has complete the now required "NIMS" (National Incident Management System) training and certification process at levels 100 and 700. Most town leaders have also completed this training. Officers such as myself also complete NIMS 300, while chiefs complete several more. This system is set up so that in an escallating emergency all responders are on the same page from a language, radio traffic, procurement, authorization, authority, and responsibility perspective as an incident grows from a single unit response to a multi-state task force. The system is patterned after a very successful program used for years by the forest service.
3. Although most towns still use their own frequencies on their radios, in our area all the towns which are adjacent and most which are one town removed are pre-programmed on our radios. There is also a statewide non-repeated frequency so that any firefighter on the fireground has a way to communicate.
4. I am told, though I have not seen, that for very large incidents equipment exists that allows high level incident management teams from the federal level to respond and "slot in" a radio from each local jurisdiction. This device acts as a switch of some kind, bridging the radio systems on the fly. I'm told a decision on how far down the chain that technology will be pushed is still in the works.
5. Even in our little town of under 10,000; we've gotten together with nearby towns and drilled at mass casualty and hazardous materials incidents.
Now, if you think there are more things we should do, consider that most "volunteers" (remember, that's 86% of firefighters) put in more than 50 hours a year of unpaid training time as it is. Where were you?
The people who understand the failings in the 911 response but are not part of the chain of command are other firefighters. All of us, around the country, can point to things the FDNY did wrong. It's easy to do after the fact. We're also the most reluctant to do so. Our brothers may have made mistakes, but they did a lot of things right in the face of terrible danger and stress. We're reluctant to point fingers. That doesn't mean we don't discuss it among ourselves and in our training.
Even in the nearby city of Portland, Maine -- with less than 1/30 the population of NYC, there are fire trucks with repeaters in them which can be dispatched to locations around the city if the system is down for one reason or another.
....would work to keep a tool kit of their own "zero-day" exploits handy for that day when they need or want to gain access to something in particular where the admin is doing the work of applying patches.
I no longer have a T1 to my home office server room. I have a consumer cable modem. I moved my public facing content to a machine at ServerBeach. It's faster, more reliable, and about 1/10 the monthly cost (I live a LONG way from any reasonable POP so a T1 was very expensive).
Now, the stuff clients see is 100% reliable (I have a failover server). The cable modem for my own use works fine -- in fact has been more and more reliable as the cables companies are now trying to compete for phone service and discovering people don't tollerate phone outages nearly so well as cable tv outages.
My experience with them is from 18 years ago, but the organizational style rings true.
I found this organization to be utterly classless, morally bankrupt, and totally incompetent. The sole exception to this was that INDIVIDUAL store managers and a couple of reginal guys were fantastic sales people and had solid retail skills. The entire corporate profile is designed to mass produce cheap crap and sell it at a huge margin, sucking every ounce of effort and creativity from the few good sales kids and retail level managers who give huge efforts to eek out a poor living.
The times I was in Ft. Worth for one reason or another the level of waste and incompetance was stunning to behold.
-- Please forgive the poor spelling and typos. I'm typing on a small keyboard and have limited editing here.
Here's the thing -- Dell has always been very good to me. I don't work for them and have no skin in the game in that respect. I've built my own PC's and servers since the late 1980's but when it comes to laptops I prefer to buy prebuilt rather than trying the new kit products available.
I've had four Dell laptops, and all have been among the most reliable machines I've owned. I've used their support very very rarely -- but hell, I don't expect any company to provide a support tech up to my own technical abilities. I have 20 years experience and earn more than five times when they can affort to pay for support techs. I just want a support tech to tell me if what I've got is a known problem or if they're seeing it with other people.
My most recent purchase is a Latitude d820 which I am frankly thrilled with in terms of performance, bulk, weight, durability, style, and battery life. I travel with it, and have already dropped it once while watching a dvd on an airplane and as expected from this machine, the magnesium case wasn't even scuffed.
Sure, Dell has cheaped out on support for consumers. So has everyone else. Their choice to stay in bed too long with pure Intel processors and no AMD was a mistake and it cost them -- as it should have. They are, however, in my experience a responsible company and I just don't buy that they'd have left dangerous batteries in place once they were aware of the problem.
The publicity was excellent about getting attention to the problem -- but I don't believe it forced anyone to do anything they wouldn't otherwise have done.
The wide aspect screens offer two key benfits. One of course is that movies are now shownin that aspect. The other turns out to be space. A short wide screen opens on an airplane much better than a taller one. The laptop requires significantly less room between you and the guy ahead leaning back so far you could do dental work on him.
Good film -- particularly liked the ending.