There are also those of us who much prefer the BSD way of doing UNIX, stylistically speaking, and thus find IRIX (which went down the AT&T System V path long ago) very painful and unpleasant to use.
The short version is: AT&T tried to prohibit a third-party device at the customer's premesis from connecting to network, and they lost. Thus opened up the market for telephones made by companies other than Western Electric.
The Cellular industry is probably going to go the same route; they'll fight this, and they'll lose (sooner, ones hopes, rather than later).
It will stop when you and your peers start using IP Security with the Encapsulated Security Protocol (ESP) where in all data in the packets except for the IP header are encrypted. If you do this, the ISP will only be able to tell where your packets are going. They can't see your transport protocol (TCP, UDP, etc), let alone what application protocol you're using, so they won't be able to filter.
If Microsoft is serious about this, then we need a serious counter-proposal. We agree not to publish exploits if they agree to accept complete and total legal and financial liability for their software, and the incidental and consequential losses to persons and businesses caused by their software, with the presumption of fault being in Microsoft's software, first and foremost.
Thus, if someone successfully attacks a Microsoft OS, Microsoft shall absorb the losses incurred by the affected person or business. If their software is really all that good, and they have confidence in their code, then this should be easy!
Somehow, though, I don't think that they're up to this challenge.
Rick Rashid was the principal investigator of the CMU Mach Project, which means the grant requests were filed under his aegis as a professor at CMU; it does not mean that he was the principal systems architect. He went to work for Microsoft Research.
Avadis Tevanian was one of the graduate students on the Mach project, but his name figured prominently in most of the papers given at various USENIX Technical Conferences (after the PI's name, of course!). He went to work for NeXT, and is now CTO at Apple Computer.
Microsoft doesn't get all the good people. They don't even end up with most of the good people.
In Stockholm, Sweden, the city ran fibre everywhere in rings around the city, and then set up Stokab A/B to run the infrastructure, and sell access to it on a non-discriminatory basis. It is important to note that this is in no way related to the Swedish telephone company, Telia which can buy transit across this fibre, but also has to compete with other telecomm companies that use this fibre.
That's how it is supposed to be done: a separate, disinterested company running and selling acess to the infrastructure, with service companies competing with each other on top of that.
The frustrating thing for me is watching the City of Palo Alto, California (a neighboring city), which also has a fibre infrastructure, but they keep arguing over what to do with it, and thus do nothing!
Despite the fact that the IETF uses ASN.1 in some of its protocols (notably SNMP), it is widely derided as "asinine one" around here, with the Brain-damaged Encoding Rules (BER). To get around a lot of the stupidity in ASN.1, the IETF uses a very carefully constrained subset of it.
The UNIX Programming Environment by Kernighan & Pike is an excellent book, and as close to a manifesto of the UNIX Philosophy as exists anywhere. The community of Linux developers would do well to read it, carefully, and take it to heart.
The authorities have tried port blocking before in the history of the Internet to prevent sharing of objectionable data, and it utterly failed then, as it will fail now.
Though it will be interesting to see if the ISPs try to claim common carrier status as a protection, after avoiding it (and the regulations that come with that status) for so many years. I bet the TelCo associated ISPs will go for it (it's what they know), and the small-fry independent ISPs will fold under pressure from the MPAA and RIAA.
A UV lamp inside your computer would do wonders for your EPROMs. Like, erase them all...
Unions are useful, so long as they're not required
on
IT Unions?
·
· Score: 1
Unions exist because some employees feel (or felt) abused by their employers, and rather than voting with their feet, they stayed, organized, and bludgeoned management into better behavior.
The catch is that many unions outlive their usefulness, and become parasites on the employees themselves.
The key to fixing that situation is to guarantee, in law, that union membership is always voluntary. That way, so long as the employees feel that a union is doing them good, membership goes up, and dues get paid. When the union is doing nothing, and still skimming a percentage of the employees' paychecks, the employees can individually stop that. The union must constantly demonstrate its utility, and convince everyone to be a member.
These sorts of laws exist in some states; they're often called "right to work" laws because they guarantee that you have a right to work at any job without becoming a member of any union. With that sort of set up, union problems become self-correcting.
Re:Remember when USB was Useless Serial Bus ??
on
Bluetooth Bombs
·
· Score: 1
USB went exactly nowhere (a number of years) until Apple Computer put it in the iMac with no alternatives (no serial ports, no Apple Desktop Bus for keyboards and mice). Suddenly, Fry's Electronics had USB cables, hubs, mice, keyboards...
They validated the technology, and made the market big enough for the small equipment players to come in and compete.
Everyone has stomped on MacOS for years for being a cooperatively multitasked system, i.e. no pre-emption in the OS. However, there is an advantage to this sort of system that no one mentions: real time response from the application level; that is, an application can run for as long as it needs to run before giving up the CPU to the OS or to other apps.
Real time program response is key to being able to burn CD-ROMs without creating coasters (gotta deliver the bits to the burner before its buffer runs dry), playing any kind of audio or video without jerking or dropouts (again, gotta deliver the data in time!). And so on.
UNIX is a multiuser timesharing system down to its very core; all system resources are fairly allocated amongst the processes running on the system. Overload the system, and all processes slow down. Real time scheduling (e.g. letting one or more processes get a fixed size share of system resources without regard to the remaining load) has been anathema to the mindset of the typical UNIX Systems Programmer forever - after all, that means picking winners and losers in a resource allocation. It's not fair.
For a multiuser system, this is a perfectly good attitude to take. However, UNIX systems are now used in other roles where this is exactly the wrong attitude to take; for example: the single user workstation.
For the Single User Workstation, the user must be king: he decides what he wants to do with the system, and the system should respond as directed. This is what Apple calls "user centered design" and it has been part of their mindset for decades. This is why when the mouse stops moving in MacOS, you know that the system is dead; under UNIX, you might just be waiting for the X server to page back in.
What we in the UNIX community have been getting away with is just being a little careful about what we ask the system to do at a given moment; we play with "nice" and making sure that memory or CPU intensive things just don't get run at the same time. We've also been lucky that Moore's Law keeps giving us faster hardware, and unlike most of the rest of the software world, our OS and its basic set of utilities have not changed fundamentally in over a decade, so they really do run twice as fast on hardware that is twice as fast.
Unfortunately, this sort of system management is a geek's cheat; we can do it because we understand the system, and the consequences of various job mixes. Ma and Pa Kettle aren't as well educated as we, and so for them, it's high time that the applications and the OS begin to cooperate on questions of resource allocation.
In other words, there needs to be an API wherein an application can request some level of resources to guarantee the user real time response, and if the OS can't provide it (resource overcommit would result), then the application can sanely inform the user why it can't be run right now.
MacOS X is fundamentally UNIX at its heart, with all the fair-share multiuser system attitude that implies. The NeXT people who are now in charge of Apple are UNIX people. Unfortunately, this means they've missed the point I'm making here, and the existing MacOS market is just about to give them a serious reality check.
The biz about playing DVDs is not just about Hollywood wants for protection of their content; it's also about being able to do a real time thing in a fair-share scheduled OS.
If you think the Bonsai Kitten site is offensive, just take a look at this poor excuse for a living creature. It's a walking dustmop! It can't possibly live in the wild - it was bred to be an incredibly stupid, docile animal, so that it will put up with being properly "taken care of" by the people who buy them.
I spent a few years around the edge of the cat show/breeding scene, and it's just amazing what you see...
You've just described the Apple Airport Base Station which retails for $299. It can be set up to NAT & DHCP on both the wired and wireless networks, and automatically dial up an ISP over the modem.
Granted, the 10base-T port is just a host port, not a hub, but 10base-T hubs are really cheap these days.
This is a case where Apple has bundled a lot of functionality into an attractive package, and the priced it low enough to drive the market in that direction.
The Internet Engineering Task Force (IETF) publishes all its standards (the RFCs) for the Internet in American Standard Code for Information Interchange (ASCII). You can also submit the document in PostScript, but the ASCII is the primary reference.
ASCII is searchable, printable, indexable, and forward compatible essentially forevermore. Everyone can display it correctly, anywhere. There is no better format for any kind of International standard. The IETF debates the question of superceding ASCII as the standard format about every other year, but we've yet to identify any other format that has ASCII's advantages.
HTML might one day replace ASCII in this capacity, but it needs to be stable for longer than it has been, and the HTML generators out there never generate correct HTML (ever looked at web pages in iCab? It has a built-in syntax checker, and even slashdot comes up with errors, all the time). Until those problems are fixed...
The basis for the suit came from law governing the apparel industry, called "trade dress." The law is intended to protect Designer clothing from cheap look-alike knockoffs.
Apple won the suit, and eMachines had to withdraw that product.
The applicability of this to the themes is left as an exercise to the reader.
Don't forget what AT&T offered in exchange for its monopoly: universal service. That was an exceedingly good deal, all told. It only had to be undone when AT&T got too big for its britches and began to actively suppress competitors while not improving its services; classic behavior of a monopoly.
Network Address Translation (NAT) is Evil. It violates one of the fundamental architectural assumptions of IP: everyone gets a globally unique address.
Without that, Peer-to-Peer networking goes right out the window; there has to be a "mediator" (which a security person would call a "man in the middle attack") to fiddle with your packets. And guess what? IP security (encrypted packets) go right out the window, too. No way to keep your traffic away from Carnivore's sucking sniffer...
There's only one way out of this: insist on real, routable IP address space at all times.
It's funny you should mention the TCP SYN attacks on Panix, because I actually did E-mail a description of this problem to the CERT a full three years before it was actually used as a denial of service attack. I also wrote to the IETF main mailing list a more general observation about denial of service attacks, and the need for all ISPs to do ingress filtering of packets based on IP source address in order to have a first approximation of DoS attack source (who you then go and stomp).
The CERT didn't get it. They did nothing about it until Panix was attacked.
The responses on the IETF list mostly moaned about the cost of adding all those filters to all those CPE routers, and how ingress filtering would stomp one mode for mobile IP...
Three years later, people were a whole lot more interested in dealing with this.
... some newspaper runs a bullshit story like this about "rampant" drug use in the tech industry, with the stated or unstated "concern" about software quality resulting from such a deploreable situation. It is no more true now than the last time it ran.
Some people do drugs. Most don't. Big fucking deal.
Of course, since such reports in the newspaper are bound to excite the drug warriors and their busybody supporters, we can expect some kind of crackdown on the industry, with concomitant restrictions on civil liberties.
One small correction to the timeline: Apple Computer used the ARM CPUs in the Newton PDA (which Steve Jobs killed off after he took over again - not one of his better decisions).
It was Apple that insisted that Acorn Computer divest itself of the ARM development team, so that they could be buying from a supplier that wasn't directly competing with them in the computer systems market. Thus was Acorn RISC Machines (ARM), Ltd. born.
The collaboration with DEC came later, and that produced the StrongARM.
One other thing that came out in the Congressional Hearing that I haven't seen in any postings moderated up to level 3 or above is that Carnivore is an exact equivalent to a practice in the telephony world called "trunk tapping" which Congress specifically debated, deliberated, and outlawed 30 years ago.
When any LEA taps your phone, they've got to go to the particular wire pair that leads to the telephone being tapped. They are not allowed to tap the inter-switch trunk lines, because they could concievably record more than they're legally entitled to under the court-order that authorizes the wiretap. Carnivore's function as a packet sniffer for Ethernet or equivalent allows them to tap the trunks of ISPs - the LAN links between routers, rather than just the xDSL pair leading to your house. This is likely to be ruled illegal.
Longer term, IP Security (encrypting everything in an IP packet except the IP header) is going to reduce LEA's ability to do anything other than traffic analysis (who is talking to whom, but not what they're saying). The quicker we deploy IPsec and use it in daily practice, the sooner we render Carnivore relatively harmless.
Slashdot Mirror
There are also those of us who much prefer the BSD way of doing UNIX, stylistically speaking, and thus find IRIX (which went down the AT&T System V path long ago) very painful and unpleasant to use.
The precedent legal case is the Carterfone decision from 1968.
The short version is: AT&T tried to prohibit a third-party device at the customer's premesis from connecting to network, and they lost. Thus opened up the market for telephones made by companies other than Western Electric.
The Cellular industry is probably going to go the same route; they'll fight this, and they'll lose (sooner, ones hopes, rather than later).
It will stop when you and your peers start using IP Security with the Encapsulated Security Protocol (ESP) where in all data in the packets except for the IP header are encrypted. If you do this, the ISP will only be able to tell where your packets are going. They can't see your transport protocol (TCP, UDP, etc), let alone what application protocol you're using, so they won't be able to filter.
If Microsoft is serious about this, then we need a serious counter-proposal. We agree not to publish exploits if they agree to accept complete and total legal and financial liability for their software, and the incidental and consequential losses to persons and businesses caused by their software, with the presumption of fault being in Microsoft's software, first and foremost.
Thus, if someone successfully attacks a Microsoft OS, Microsoft shall absorb the losses incurred by the affected person or business. If their software is really all that good, and they have confidence in their code, then this should be easy!
Somehow, though, I don't think that they're up to this challenge.
Rick Rashid was the principal investigator of the CMU Mach Project, which means the grant requests were filed under his aegis as a professor at CMU; it does not mean that he was the principal systems architect. He went to work for Microsoft Research.
Avadis Tevanian was one of the graduate students on the Mach project, but his name figured prominently in most of the papers given at various USENIX Technical Conferences (after the PI's name, of course!). He went to work for NeXT, and is now CTO at Apple Computer.
Microsoft doesn't get all the good people. They don't even end up with most of the good people.
In Stockholm, Sweden, the city ran fibre everywhere in rings around the city, and then set up Stokab A/B to run the infrastructure, and sell access to it on a non-discriminatory basis. It is important to note that this is in no way related to the Swedish telephone company, Telia which can buy transit across this fibre, but also has to compete with other telecomm companies that use this fibre.
That's how it is supposed to be done: a separate, disinterested company running and selling acess to the infrastructure, with service companies competing with each other on top of that.
The frustrating thing for me is watching the City of Palo Alto, California (a neighboring city), which also has a fibre infrastructure, but they keep arguing over what to do with it, and thus do nothing!
Despite the fact that the IETF uses ASN.1 in some of its protocols (notably SNMP), it is widely derided as "asinine one" around here, with the Brain-damaged Encoding Rules (BER). To get around a lot of the stupidity in ASN.1, the IETF uses a very carefully constrained subset of it.
The UNIX Programming Environment by Kernighan & Pike is an excellent book, and as close to a manifesto of the UNIX Philosophy as exists anywhere. The community of Linux developers would do well to read it, carefully, and take it to heart.
The authorities have tried port blocking before in the history of the Internet to prevent sharing of objectionable data, and it utterly failed then, as it will fail now.
Though it will be interesting to see if the ISPs try to claim common carrier status as a protection, after avoiding it (and the regulations that come with that status) for so many years. I bet the TelCo associated ISPs will go for it (it's what they know), and the small-fry independent ISPs will fold under pressure from the MPAA and RIAA.
I wonder which way Starbuck's will go when their IEEE 802.11b Internet access networks are deployed. Will they live up to their Corporate Social Responsibility Policy and support free speech, fair use of copyright, and open Internet access?
A UV lamp inside your computer would do wonders for your EPROMs. Like, erase them all...
Unions exist because some employees feel (or felt) abused by their employers, and rather than voting with their feet, they stayed, organized, and bludgeoned management into better behavior.
The catch is that many unions outlive their usefulness, and become parasites on the employees themselves.
The key to fixing that situation is to guarantee, in law, that union membership is always voluntary. That way, so long as the employees feel that a union is doing them good, membership goes up, and dues get paid. When the union is doing nothing, and still skimming a percentage of the employees' paychecks, the employees can individually stop that. The union must constantly demonstrate its utility, and convince everyone to be a member.
These sorts of laws exist in some states; they're often called "right to work" laws because they guarantee that you have a right to work at any job without becoming a member of any union. With that sort of set up, union problems become self-correcting.
USB went exactly nowhere (a number of years) until Apple Computer put it in the iMac with no alternatives (no serial ports, no Apple Desktop Bus for keyboards and mice). Suddenly, Fry's Electronics had USB cables, hubs, mice, keyboards...
They validated the technology, and made the market big enough for the small equipment players to come in and compete.
Everyone has stomped on MacOS for years for being a cooperatively multitasked system, i.e. no pre-emption in the OS. However, there is an advantage to this sort of system that no one mentions: real time response from the application level; that is, an application can run for as long as it needs to run before giving up the CPU to the OS or to other apps.
Real time program response is key to being able to burn CD-ROMs without creating coasters (gotta deliver the bits to the burner before its buffer runs dry), playing any kind of audio or video without jerking or dropouts (again, gotta deliver the data in time!). And so on.
UNIX is a multiuser timesharing system down to its very core; all system resources are fairly allocated amongst the processes running on the system. Overload the system, and all processes slow down. Real time scheduling (e.g. letting one or more processes get a fixed size share of system resources without regard to the remaining load) has been anathema to the mindset of the typical UNIX Systems Programmer forever - after all, that means picking winners and losers in a resource allocation. It's not fair.
For a multiuser system, this is a perfectly good attitude to take. However, UNIX systems are now used in other roles where this is exactly the wrong attitude to take; for example: the single user workstation.
For the Single User Workstation, the user must be king: he decides what he wants to do with the system, and the system should respond as directed. This is what Apple calls "user centered design" and it has been part of their mindset for decades. This is why when the mouse stops moving in MacOS, you know that the system is dead; under UNIX, you might just be waiting for the X server to page back in.
What we in the UNIX community have been getting away with is just being a little careful about what we ask the system to do at a given moment; we play with "nice" and making sure that memory or CPU intensive things just don't get run at the same time. We've also been lucky that Moore's Law keeps giving us faster hardware, and unlike most of the rest of the software world, our OS and its basic set of utilities have not changed fundamentally in over a decade, so they really do run twice as fast on hardware that is twice as fast.
Unfortunately, this sort of system management is a geek's cheat; we can do it because we understand the system, and the consequences of various job mixes. Ma and Pa Kettle aren't as well educated as we, and so for them, it's high time that the applications and the OS begin to cooperate on questions of resource allocation.
In other words, there needs to be an API wherein an application can request some level of resources to guarantee the user real time response, and if the OS can't provide it (resource overcommit would result), then the application can sanely inform the user why it can't be run right now.
MacOS X is fundamentally UNIX at its heart, with all the fair-share multiuser system attitude that implies. The NeXT people who are now in charge of Apple are UNIX people. Unfortunately, this means they've missed the point I'm making here, and the existing MacOS market is just about to give them a serious reality check.
The biz about playing DVDs is not just about Hollywood wants for protection of their content; it's also about being able to do a real time thing in a fair-share scheduled OS.
If you think the Bonsai Kitten site is offensive, just take a look at this poor excuse for a living creature. It's a walking dustmop! It can't possibly live in the wild - it was bred to be an incredibly stupid, docile animal, so that it will put up with being properly "taken care of" by the people who buy them.
I spent a few years around the edge of the cat show/breeding scene, and it's just amazing what you see...
Java and JavaScript both suck when used with the web. Here is an explanation why.
You've just described the Apple Airport Base Station which retails for $299. It can be set up to NAT & DHCP on both the wired and wireless networks, and automatically dial up an ISP over the modem.
Granted, the 10base-T port is just a host port, not a hub, but 10base-T hubs are really cheap these days.
This is a case where Apple has bundled a lot of functionality into an attractive package, and the priced it low enough to drive the market in that direction.
The Internet Engineering Task Force (IETF) publishes all its standards (the RFCs) for the Internet in American Standard Code for Information Interchange (ASCII). You can also submit the document in PostScript, but the ASCII is the primary reference.
ASCII is searchable, printable, indexable, and forward compatible essentially forevermore. Everyone can display it correctly, anywhere. There is no better format for any kind of International standard. The IETF debates the question of superceding ASCII as the standard format about every other year, but we've yet to identify any other format that has ASCII's advantages.
HTML might one day replace ASCII in this capacity, but it needs to be stable for longer than it has been, and the HTML generators out there never generate correct HTML (ever looked at web pages in iCab? It has a built-in syntax checker, and even slashdot comes up with errors, all the time). Until those problems are fixed...
Last year, Apple Computer sued eMachines, Inc. over the similarity of an eMachines wintel computer to the iMac.
The basis for the suit came from law governing the apparel industry, called "trade dress." The law is intended to protect Designer clothing from cheap look-alike knockoffs.
Apple won the suit, and eMachines had to withdraw that product.
The applicability of this to the themes is left as an exercise to the reader.
Don't forget what AT&T offered in exchange for its monopoly: universal service. That was an exceedingly good deal, all told. It only had to be undone when AT&T got too big for its britches and began to actively suppress competitors while not improving its services; classic behavior of a monopoly.
Network Address Translation (NAT) is Evil. It violates one of the fundamental architectural assumptions of IP: everyone gets a globally unique address.
Without that, Peer-to-Peer networking goes right out the window; there has to be a "mediator" (which a security person would call a "man in the middle attack") to fiddle with your packets. And guess what? IP security (encrypted packets) go right out the window, too. No way to keep your traffic away from Carnivore's sucking sniffer...
There's only one way out of this: insist on real, routable IP address space at all times.
It's funny you should mention the TCP SYN attacks on Panix, because I actually did E-mail a description of this problem to the CERT a full three years before it was actually used as a denial of service attack. I also wrote to the IETF main mailing list a more general observation about denial of service attacks, and the need for all ISPs to do ingress filtering of packets based on IP source address in order to have a first approximation of DoS attack source (who you then go and stomp).
The CERT didn't get it. They did nothing about it until Panix was attacked.
The responses on the IETF list mostly moaned about the cost of adding all those filters to all those CPE routers, and how ingress filtering would stomp one mode for mobile IP...
Three years later, people were a whole lot more interested in dealing with this.
... some newspaper runs a bullshit story like this about "rampant" drug use in the tech industry, with the stated or unstated "concern" about software quality resulting from such a deploreable situation. It is no more true now than the last time it ran.
Some people do drugs. Most don't. Big fucking deal.
Of course, since such reports in the newspaper are bound to excite the drug warriors and their busybody supporters, we can expect some kind of crackdown on the industry, with concomitant restrictions on civil liberties.
One small correction to the timeline: Apple Computer used the ARM CPUs in the Newton PDA (which Steve Jobs killed off after he took over again - not one of his better decisions).
It was Apple that insisted that Acorn Computer divest itself of the ARM development team, so that they could be buying from a supplier that wasn't directly competing with them in the computer systems market. Thus was Acorn RISC Machines (ARM), Ltd. born.
The collaboration with DEC came later, and that produced the StrongARM.
One other thing that came out in the Congressional Hearing that I haven't seen in any postings moderated up to level 3 or above is that Carnivore is an exact equivalent to a practice in the telephony world called "trunk tapping" which Congress specifically debated, deliberated, and outlawed 30 years ago.
When any LEA taps your phone, they've got to go to the particular wire pair that leads to the telephone being tapped. They are not allowed to tap the inter-switch trunk lines, because they could concievably record more than they're legally entitled to under the court-order that authorizes the wiretap. Carnivore's function as a packet sniffer for Ethernet or equivalent allows them to tap the trunks of ISPs - the LAN links between routers, rather than just the xDSL pair leading to your house. This is likely to be ruled illegal.
Longer term, IP Security (encrypting everything in an IP packet except the IP header) is going to reduce LEA's ability to do anything other than traffic analysis (who is talking to whom, but not what they're saying). The quicker we deploy IPsec and use it in daily practice, the sooner we render Carnivore relatively harmless.
Crypto is good, crypto is fine, but crypto won't save you from that bug on the wall or window.