This is obviously a violation of the Sherman Act, and now that the DOJ has a chance of being on the side of the law and not big business after Bush leaves, its time to start filing them. I say legally NUKE comcast to oblivion.
As Americans, we need to retake control of our communications systems. That USED TO BE the job of the FCC!
In the late 1980s I wrote the Windows version of Business & Professional Software's Trumpet Presentation program. In it, I showed iconic representations of presentations.
Who cares? I know that it's fun to bash Bush, but geez, let's stick to bashing diebold.
It is Diebold in Ohio that enabled the shrub to get re-elected.
For the record, I have no problem with computerized entry machines, but the final output that I turn-in needs to be easily readable paper that is counted by human eyes at some point in the process, IMO.
One of my first jobs, right out of high school, was as a bank teller. Right around the time of the introduction of the ATM in the late 70s/early 80s.
More or less 30 years have passed and a measurable percentage of the population are afraid or are incapable of using one. What makes anyone think that this is appropriate technology for voting?
Think I haven't? Short of taking up arms against my country, I've done all the legal things I can. The tide is turning, I think, but it takes a long time to wake up the U.S.A.
I honestly believe that the vast majority of Americans are motivated less by money and more by "doing the right thing." The problems is that "the right thing to do" has been purposefully obfuscated by the bastards in power. By using christiantity and the talking heads of talk radio, propaganda minister of the Bush administration, Karl Rove, has successfully turned America in against itself. Dividing families and groups against each other over simplistic moral debates, while completely drowning the substantive discussions about what is truly best for the country.
All this so that they can rob the country of its wealth and make themselves rich at the same time.
I'll say here and now, Bush and Cheney and everyone in their administration have been traitors to the U.S.A.
Seriously, the crap that kept the Bush administration in office has paid off.
Does anyone believe that the 2000 election was a legitimate Bush win? Does anyone believe that Diebold DIDN'T tamper with the machines? Now that bush is leaving office, we find that the machines are insecure and aren't going to be used?
Now, *all* of the wealthy Bush supporters made HUGE amounts of money under Bush. The bailout was basically a theft of $700B (and more to come) from the U.S. treasury for the very people that have been getting rich 8 years. Never in the history of man-kind has so much relative wealth been given to so few. How did this happen?
I can't think of a single policy of this administration that was designed NOT to remove money from the middle class and transfer it into the hands of the more wealthy. Immigration, trade, health care, intellectual property, and even the department of the interior and the CPB have all been centered around either allowing corporations to make money at the expense of the people, or out-right giving money to large corporations directly.
Now, we, the regular people, call us middle class, working poor, unemployed engineers, have to somehow rebuild the economy after its departure.
I'm 45 years old. I am ill at what I've seen happen to my country. It is a rush to the bottom. If we are not a third world nation already, we will be. Its disgusting.
even when you are ahead- it is allowable to improve your products & marketshare at the expense of the competition
Absolutely, but not by using your monopoly position to coerce or threaten other vendors NOT do business with the competition.
And yet- microsoft has some AMAZING backwards compatibility with their own products with every generation forward
Exactly, no other standards, just theirs. Every industry initiative to standardize protocols and document formats has seen Microsoft's heavy hand to subvert them. Remember ODF and OOXML?
I am no 'fanboi' and I do think microsoft may be a monopoly de facto, but that is not in itself illegal.
But as a monopoly, it is illegal to use your position to reduce competition.
what a monopoly de jure chooses to do with it's powerful position in the marketplace can be found illegal in some countries- not all.
Well in the U.S. and European union they are, at least.
so spend the goddamn money.. it's only a monopoly as long as your mindset of 'paying a lot of money' is the barrier.
You'd scream bloody murder if every time you bought a new TV, you'd have to buy new music media, new video media, have the cable company replace the box, and have the electrical company add a different voltage to your home.
Thats because of standards, the types Microsoft does not follow.
just because something is "very fucking expensive" is not a reason to legislate it out of existence- it is a reason to accept or reject it.
It is if it it makes competition virtually impossible. That's why we have the laws that we do.
Er, and then Word was easier to use and so better for most people, and so WordPerfect lost, and is now, no more.
Funny, I remember it differently. Word for DOS was horrible, it was hard to use, slow, sorry, slllooowwww. It was terrible. On one release they decided to change the word format to read the first and last page of a document to beat WP in a Byte Magazine in a benchmark.
There is even a chapter in the Windows 2.x SDK about "Extensions to Windows for Microsoft Word." Get that? Microsoft added extensions to Windows so that word would work better than WordPerfect!
Sorry, Microsoft killed WordPerfect with unethical practices.
I still have my hard cover Word For Windows 1.0 book, talk about a buggy piece of crap.
Here's the problem: Microsoft has used illegal tactics to maintain its monopoly gained from unethical practices.
Microsoft's monopoly is so entrenched, that the proto-typical "Sun Oil" case can't even compare.
In a real competitive environment, customers would have long ago abandoned Microsoft. The best analogy is WordStar vs WordPerfect. WordStar was first, but WordPerfect was better. Naturally WordStar lost and is now, no more.
Microsoft is so entrenched, and so anti-standards, that your data and business operations are held hostage. You can't escape the Widows lock-in without paying a lot of money and abandoning some of your core applications.
Furthermore, the monopoly level of Microsoft means that it is unrealistic for ISVs to develop for other platforms because Windows represents 80+% of the market and who can justify an the cost of development unless you can really identify a market. Virtually every notebook and P.C. sold at the consumer and "system" level has Windows installed.
In a real competitive environment, Windows ME, Microsoft BOB, Microsoft Dogs, or Vista would have killed any other company and we would be glad to see them go. But no, it is so bad that users CAN'T escape windows, so they are settling for an 8 year old operating system instead of modern alternatives.
If there was ever a time where clear proof existed that Microsoft needs to be broken up, this is it. Its insane.
That would introduce another point of failure, and be rather expensive. Giving people or browsers a way to at least check the cert's fingerprint would be cheaper and afaik just as effective.
Yes and no. Say it is mozilla.org. A single TRUSTED source for certs separate from the actual site makes it very difficult for a MITM to spoof.
Self signed certs suck, they just educate the user to simply accept whatever SSL warning their browser throws at them.
That's precisely my point, self-signed certs are far more secure in theory, but there is no mechanism to use them securely.
In thinking about it, it should be the job of ICANN or the top level domain registrar to host certs for your domain. That way, there is a TRUSTED mechanism for obtaining self-signed certs.
Chris Rock has a routine that bullets should cost $5000, because if a bullet cost $5000 there would be no death by random bullets.
Similarly, if RIAA and MPIAA has to pay a HUGE fee UPFRONT to remove a single user from an ISP, then they would target serious offenders, not just attempt to create an environment of fear.
I'm not unsympathetic with what RIAA and MPIAA claim they want to do, ensuring that artists get fair compensation for their work, what I find despicable are their actions and tactics and the fact that the artists get next to nothing (or actually nothing.)
So you tell your browser to only trust those certs you manually accepted? Kind of a big hassle, don't you think? You really expect the average web user to go through that process?
Well, its more complicated than that. The mechanism is broken because the process by which you get a cert is the same process in which you use one.
In a "secure" environment, you install the cert. Then you use it.
That being said, it is rather irrelevant to the encryption scheme if it's mathematically secure, but vulnerable to a breakdown of the way it's organized. It's broken either way.
This is true. There needs to be a mechanism by which "certificates" are downloaded separate and individually and securely.
I would like to see a non-profit organization that allows people and companies to register downloadable certs for free or at a minimal cost.
Each site can create its own certs and register them with, say, mozilla.org, and browsers go there for certs rather than download them rather than from the potentially spoofed site.
Right now self signed certs are problematic because there is no mechanism for trusting their download, and the companies in charge of managing certs are too expensive or too restrictive for small sites or special projects.
I never liked the notion of "trusted" certs. I have always built my own certs. While I can't read the article, I would say it is an obvious vulnerability in host naming.
SSL/TLS is mathematically secure. I mean, yes, it really is. You can trust that aspect of it. It breaks down in practice where secrets need to be kept secret or in areas where strict adherence to good practices are vital but not done.
Of course, some ISPs get bitchy about users running servers anyway, so you might want to use another well-known port instead.
My personal favorites are 5050 MSN chat and 5190 AIM. It would be hard to justify blocking these ports, further more, they are typically point to point between to users. So, PERFECT!
Not if they only block outbound. Remember, it's the receiving end's responsibility to open the random port and establish the communication channel (seen on any router where you can block ports)
You misunderstand TCP/IP. Both "server" and "client" create a random sockets over which to communicate. Both send and receive data. TCP relies on "out bound" traffic from both ends.
In TCP, the connection port is only used for connection. The "accept()" call creates a new socket for the server and the client has a pseudo-random socket created by "socket()."
You can't have two processes listening on the same port. If you're running an HTTP server on port 80, you won't be able to use that port to listen with BitTorrent.
Well, there are a god number of ways in which it can be handled, the first, as implied by my post, would be that your web server has some sort of plugin to handle "bittorrent" traffic instead of HTTP.
Another solution is to configure the web server to listen on some other port, say 8080, and create a listener on port 80 that will inspect the port and pass it to the correct process.
There are a number of solution to the problem, but this is not really a suitable technical forum.
Sure, until people start using port 80 as the incoming port for their BitTorrent traffic. Works fine unless you're also trying to run an HTTP server...
But when the connection is first established, you're connecting to a known port, and that is possible to block. All they have to do is block the connection if it is being established on a blacklisted port.
Then everyone will communicate on port 80 or more likely 443.
but they could block every connection to a port that's not on an approved list
That's actually impossible. Under UDP you can block a single port, but with TCP communication does not happen on the connection port, but on two kind of random ephemeral ports. So, for instance, you may connect to a web server but your actual data conversation occurs on a port allocated from a pool of available ports.
So blocking all ports except port 80 will block all internet TCP communications.
The internet is practically unusable without peer-to-peer communications. Instant messaging, remote desktop, and a lot of "non-p2p" applications would break. So, you HAVE to have peer-to-peer communications.
Filtering requires that you can intercept and interpret content.
If you communicate via SSL/TLS they can not intercept and interpret your content.
Slashdot Mirror
This is obviously a violation of the Sherman Act, and now that the DOJ has a chance of being on the side of the law and not big business after Bush leaves, its time to start filing them. I say legally NUKE comcast to oblivion.
As Americans, we need to retake control of our communications systems. That USED TO BE the job of the FCC!
Yes, and America stole California from Mexico.
And the Mexicans stole it from the spanish in the same way we stole new England from the English.
The spanish stole it from the indians.
The (at the time) current indians stole it from the previous indians.
In the late 1980s I wrote the Windows version of Business & Professional Software's Trumpet Presentation program. In it, I showed iconic representations of presentations.
I'd call that prior art. Just contact me.
Who cares? I know that it's fun to bash Bush, but geez, let's stick to bashing diebold.
It is Diebold in Ohio that enabled the shrub to get re-elected.
For the record, I have no problem with computerized entry machines, but the final output that I turn-in needs to be easily readable paper that is counted by human eyes at some point in the process, IMO.
One of my first jobs, right out of high school, was as a bank teller. Right around the time of the introduction of the ATM in the late 70s/early 80s.
More or less 30 years have passed and a measurable percentage of the population are afraid or are incapable of using one. What makes anyone think that this is appropriate technology for voting?
then don't rant - act
Think I haven't? Short of taking up arms against my country, I've done all the legal things I can. The tide is turning, I think, but it takes a long time to wake up the U.S.A.
I honestly believe that the vast majority of Americans are motivated less by money and more by "doing the right thing." The problems is that "the right thing to do" has been purposefully obfuscated by the bastards in power. By using christiantity and the talking heads of talk radio, propaganda minister of the Bush administration, Karl Rove, has successfully turned America in against itself. Dividing families and groups against each other over simplistic moral debates, while completely drowning the substantive discussions about what is truly best for the country.
All this so that they can rob the country of its wealth and make themselves rich at the same time.
I'll say here and now, Bush and Cheney and everyone in their administration have been traitors to the U.S.A.
Signed, patriotic American!!
It's funny, but you know, its people like you that have let the people like Bush get away with what they have.
Enjoy what you've been arguing for, because we'll be a long time digging out.
Seriously, the crap that kept the Bush administration in office has paid off.
Does anyone believe that the 2000 election was a legitimate Bush win? Does anyone believe that Diebold DIDN'T tamper with the machines? Now that bush is leaving office, we find that the machines are insecure and aren't going to be used?
Now, *all* of the wealthy Bush supporters made HUGE amounts of money under Bush. The bailout was basically a theft of $700B (and more to come) from the U.S. treasury for the very people that have been getting rich 8 years. Never in the history of man-kind has so much relative wealth been given to so few. How did this happen?
I can't think of a single policy of this administration that was designed NOT to remove money from the middle class and transfer it into the hands of the more wealthy. Immigration, trade, health care, intellectual property, and even the department of the interior and the CPB have all been centered around either allowing corporations to make money at the expense of the people, or out-right giving money to large corporations directly.
Now, we, the regular people, call us middle class, working poor, unemployed engineers, have to somehow rebuild the economy after its departure.
I'm 45 years old. I am ill at what I've seen happen to my country. It is a rush to the bottom. If we are not a third world nation already, we will be. Its disgusting.
even when you are ahead- it is allowable to improve your products & marketshare at the expense of the competition
Absolutely, but not by using your monopoly position to coerce or threaten other vendors NOT do business with the competition.
And yet- microsoft has some AMAZING backwards compatibility with their own products with every generation forward
Exactly, no other standards, just theirs. Every industry initiative to standardize protocols and document formats has seen Microsoft's heavy hand to subvert them. Remember ODF and OOXML?
I disagree in the strongest of terms- expense to market entry/exit is not itself a actionable reason to look to anti-monopoly law
if it is made so by a defacto monopoly it is, yes.
I am no 'fanboi' and I do think microsoft may be a monopoly de facto, but that is not in itself illegal.
But as a monopoly, it is illegal to use your position to reduce competition.
what a monopoly de jure chooses to do with it's powerful position in the marketplace can be found illegal in some countries- not all.
Well in the U.S. and European union they are, at least.
so spend the goddamn money.. it's only a monopoly as long as your mindset of 'paying a lot of money' is the barrier.
You'd scream bloody murder if every time you bought a new TV, you'd have to buy new music media, new video media, have the cable company replace the box, and have the electrical company add a different voltage to your home.
Thats because of standards, the types Microsoft does not follow.
just because something is "very fucking expensive" is not a reason to legislate it out of existence- it is a reason to accept or reject it.
It is if it it makes competition virtually impossible. That's why we have the laws that we do.
Er, and then Word was easier to use and so better for most people, and so WordPerfect lost, and is now, no more.
Funny, I remember it differently. Word for DOS was horrible, it was hard to use, slow, sorry, slllooowwww. It was terrible. On one release they decided to change the word format to read the first and last page of a document to beat WP in a Byte Magazine in a benchmark.
There is even a chapter in the Windows 2.x SDK about "Extensions to Windows for Microsoft Word." Get that? Microsoft added extensions to Windows so that word would work better than WordPerfect!
Sorry, Microsoft killed WordPerfect with unethical practices.
I still have my hard cover Word For Windows 1.0 book, talk about a buggy piece of crap.
Then they started bundling!! Goodbye WordPerfect.
I'd recommend Kubuntu Linux and if you need Windows, use something like VMWare player to run a Windows VM.
Here's the problem: Microsoft has used illegal tactics to maintain its monopoly gained from unethical practices.
Microsoft's monopoly is so entrenched, that the proto-typical "Sun Oil" case can't even compare.
In a real competitive environment, customers would have long ago abandoned Microsoft. The best analogy is WordStar vs WordPerfect. WordStar was first, but WordPerfect was better. Naturally WordStar lost and is now, no more.
Microsoft is so entrenched, and so anti-standards, that your data and business operations are held hostage. You can't escape the Widows lock-in without paying a lot of money and abandoning some of your core applications.
Furthermore, the monopoly level of Microsoft means that it is unrealistic for ISVs to develop for other platforms because Windows represents 80+% of the market and who can justify an the cost of development unless you can really identify a market. Virtually every notebook and P.C. sold at the consumer and "system" level has Windows installed.
In a real competitive environment, Windows ME, Microsoft BOB, Microsoft Dogs, or Vista would have killed any other company and we would be glad to see them go. But no, it is so bad that users CAN'T escape windows, so they are settling for an 8 year old operating system instead of modern alternatives.
If there was ever a time where clear proof existed that Microsoft needs to be broken up, this is it. Its insane.
That would introduce another point of failure, and be rather expensive. Giving people or browsers a way to at least check the cert's fingerprint would be cheaper and afaik just as effective.
Yes and no. Say it is mozilla.org. A single TRUSTED source for certs separate from the actual site makes it very difficult for a MITM to spoof.
Self signed certs suck, they just educate the user to simply accept whatever SSL warning their browser throws at them.
That's precisely my point, self-signed certs are far more secure in theory, but there is no mechanism to use them securely.
In thinking about it, it should be the job of ICANN or the top level domain registrar to host certs for your domain. That way, there is a TRUSTED mechanism for obtaining self-signed certs.
How is $15 per year too expensive for a small site or special project?
That's actually pretty cheap, I'd seen them for $250 and high per year. Still, I'd rather see a non-profit organization instead.
Chris Rock has a routine that bullets should cost $5000, because if a bullet cost $5000 there would be no death by random bullets.
Similarly, if RIAA and MPIAA has to pay a HUGE fee UPFRONT to remove a single user from an ISP, then they would target serious offenders, not just attempt to create an environment of fear.
I'm not unsympathetic with what RIAA and MPIAA claim they want to do, ensuring that artists get fair compensation for their work, what I find despicable are their actions and tactics and the fact that the artists get next to nothing (or actually nothing.)
So you tell your browser to only trust those certs you manually accepted?
Kind of a big hassle, don't you think? You really expect the average web user to go through that process?
Well, its more complicated than that. The mechanism is broken because the process by which you get a cert is the same process in which you use one.
In a "secure" environment, you install the cert. Then you use it.
That being said, it is rather irrelevant to the encryption scheme if it's mathematically secure, but vulnerable to a breakdown of the way it's organized. It's broken either way.
This is true. There needs to be a mechanism by which "certificates" are downloaded separate and individually and securely.
I would like to see a non-profit organization that allows people and companies to register downloadable certs for free or at a minimal cost.
Each site can create its own certs and register them with, say, mozilla.org, and browsers go there for certs rather than download them rather than from the potentially spoofed site.
Right now self signed certs are problematic because there is no mechanism for trusting their download, and the companies in charge of managing certs are too expensive or too restrictive for small sites or special projects.
I never liked the notion of "trusted" certs. I have always built my own certs. While I can't read the article, I would say it is an obvious vulnerability in host naming.
SSL/TLS is mathematically secure. I mean, yes, it really is. You can trust that aspect of it. It breaks down in practice where secrets need to be kept secret or in areas where strict adherence to good practices are vital but not done.
Of course, some ISPs get bitchy about users running servers anyway, so you might want to use another well-known port instead.
My personal favorites are 5050 MSN chat and 5190 AIM. It would be hard to justify blocking these ports, further more, they are typically point to point between to users. So, PERFECT!
Not if they only block outbound. Remember, it's the receiving end's responsibility to open the random port and establish the communication channel (seen on any router where you can block ports)
You misunderstand TCP/IP. Both "server" and "client" create a random sockets over which to communicate. Both send and receive data. TCP relies on "out bound" traffic from both ends.
In TCP, the connection port is only used for connection. The "accept()" call creates a new socket for the server and the client has a pseudo-random socket created by "socket()."
You can't have two processes listening on the same port. If you're running an HTTP server on port 80, you won't be able to use that port to listen with BitTorrent.
Well, there are a god number of ways in which it can be handled, the first, as implied by my post, would be that your web server has some sort of plugin to handle "bittorrent" traffic instead of HTTP.
Another solution is to configure the web server to listen on some other port, say 8080, and create a listener on port 80 that will inspect the port and pass it to the correct process.
There are a number of solution to the problem, but this is not really a suitable technical forum.
Sure, until people start using port 80 as the incoming port for their BitTorrent traffic. Works fine unless you're also trying to run an HTTP server...
Actually, HTTP has that covered.
GET myfile.rar bittorrent/2.0
But when the connection is first established, you're connecting to a known port, and that is possible to block. All they have to do is block the connection if it is being established on a blacklisted port.
Then everyone will communicate on port 80 or more likely 443.
GET myfile.rar bittorrent/2.0
but they could block every connection to a port that's not on an approved list
That's actually impossible. Under UDP you can block a single port, but with TCP communication does not happen on the connection port, but on two kind of random ephemeral ports. So, for instance, you may connect to a web server but your actual data conversation occurs on a port allocated from a pool of available ports.
So blocking all ports except port 80 will block all internet TCP communications.
The internet is practically unusable without peer-to-peer communications. Instant messaging, remote desktop, and a lot of "non-p2p" applications would break. So, you HAVE to have peer-to-peer communications.
Filtering requires that you can intercept and interpret content.
If you communicate via SSL/TLS they can not intercept and interpret your content.