I hope this doesn't sound too much like the tin-foil hat view of the world, but this whole business of the government's "need" to monitor everyone's phone calls, e-mails, web browsing, smartphone GPS coordinates, travel etc., makes me think of a very significant thing that Noam Chomsky once said, namely that in a free society, where people can do what they like, the government (or the ruling class) has a strong motivation to develop state-of-the-art tools to influence the way people think, whereas in a society where physical actions were controlled by the State, like in the old Soviet Union, the ruling class there didn't develop mind-twisting distortions of reality because with physical control, mind control is unnecessary. And Chomsky identified this as the cause of the total distortion of political language and thinking in the USA in particular, and in physically free countries in general.
Now I'm starting to think that the whole NSA spying thing, and government spying in general, is a direct result of the lack of physical control of the populace. In principal, people in the free countries can think what they want, but only if the government knows what people are thinking at all times. I guess monitoring everyone's thoughts like as if we were all prisoners on parole is a direct consequence of physical freedom. If people are granted the freedom to _do_ what they like, they must give up the right to _think_ what they like, or at least they give up the right to share their thoughts privately with others.
Generally when I try to set up HTTP/SSL in Apache, I get warnings that I can't do virtual hosts for SSL. In fact, I was able to force this through in the past. But I think there's supposed to be some issue with it. I think it's something along the lines that if a connection is encrypted, the server doesn't know what the URL is until it's decrypted, and it can't really decrypt until it knows what the virtual host is. Something like that....
So does it mean that adoptions of HTTP/SSL everywhere will be the end of virtual hosting, and then force each web domain to have a different IP address?
This image is utterly astonishing. When I was young, it was assumed that we would never see any other solar system as more than a point of light, or one point of light for each star in the system. Now this stunning resolution. Therefore I need to do a reality check on the resolution.
From the wikipedia page about the Chile telescope, resolution is about 10^-7 radians.
From the article, distance is about 450 light-years.
From the wikipedia article about light-years, one light-year is about 10^-13 kilometres.
In "bc" I get this.
10^-7 * 450 * 10^13
450000000
In other words, about 450 million kilometres resolution. That's about the diameter of the orbit of Mars, I think. (I'm too lazy to look it up.) So we should be able to resolve distances equal to about the diameter of the Mars orbit. So that image must be showing orbits that go out to about Neptune, which goes at a radius of about 4500 million kilometres. Well, that kind of makes sense. But it's still utterly astonishing resolution at that distance. I wonder what they get in the 4 to 10 light-year range. And when the next telescope comes long, it will be even more breathtaking. The following is in the wikipedia article on the Chile telescope.
"Although it is designed to have a resolution 10 times greater than that of Hubble, it will be superseded in 2024 by the Square Kilometre Array in South Africa and Australia, that will have 50 times the resolution of ALMA."
One way to get around the difficulties with zero gravity for eating would be to install a "hamster wheel" inside the space station which would give at least the Moon's level of gravity, i.e. about a sixth of Earth's gravity, or the surface gravity of Mars, which is about 38% of Earth's. Of course, this would disturb zero-gravity experiments due to the inevitable "gravity noise" from the hamster wheel, but some sort of isolation mechanism could be introduced. After all, whenever astronauts move around, they are introducing "gravity noise" into zero-gravity experiments. So it can't be that bad. And the hamster wheel could be helpful with gyroscopic stabilization. Within the hamster wheel, astronauts could eat normal Earth food, and do other things for which gravity would assist.
In 1972 at Adelaide University, we got 4-hour turn-around on our card decks. Half the time (at least), we got a print-out from the line printer which had two pages of octal dump centred on the location where the program bombed. So we could edit the cards and re-submit them a few times a day. We got 2-hour turn-around if we were on good terms with the girl who loaded the card batches into the reader. One good thing about the old 80-column IBM hollerith cards is that they were the best book-marks in the world. I wish I hadn't thrown away my last box of 2000 cards. They would have come in handy for my current book collection.
Using the card-decks had one great advantage. It discouraged software bloat. If you wrote a 10,000 line program, that was 5 big boxes of cards. You'd need a cart to move them around. Young people these days have no self-discipline when it comes to bloat.
Sometimes between the age of 15 and 16 years, one's point of view may change.
Maybe like King Asoka, who killed 100,000 people and then became a peaceful Buddhist because he realised the futility of destruction.
First, it's not that odd that teenagers are doing a bit of recreational hacking over the holidays. For some people it is a hobby, and what better time to indulge in one's hobby than over the holidays. Take into account also that during the holidays, one does want to check out holiday specials on the Met Link web site, especially if one is a poor teenager. And if that teenager just happens to know the basics of HTML, PHP, MySQL, etc., one does tend to notice that a site has a vulnerability. I often see these sorts of blunders by web developers, but when I report them, nothing happens and they are not fixed a year later. I don't "have a look" to see if the vulnerability is serious because that is not my hobby. But for some people, that's a hobby. When I was young, we used to hack radio and TV sets over the long Xmas holidays in Adelaide because summer holidays are very long if you can't afford an away-from-home holiday.
And on the subject of the ethics of saving 600,000 people's private data from falling into the hands of black-hats, look at this example. 1. You see a house on fire and a kid is trapped inside. 2. You break the window, grab the kid and bring it out to safety. 3. You get arrested for breaking and entering, and abducting a minor.
Of course, all burglary is criminal and all abduction of minors is criminal. Solution: Let the kid die in the fire. Nope. Luckily the police and judges are not idiots.
There are just a couple of comments speculating about where the boundary between "having a look" and hacking lies. Ultimately, I think it's PHP that must be blamed for 90% of all of the hackable sites, and the programmers who use PHP in a weakly structured way. And maybe the maximum blame goes on the software outsourcing managers who think only of budgets and deadlines, while forgetting about security. So-called "risk management" by insuring against intrusions and making the contractors take out liability and indemnity insurance is a very ignorant way to protect a web site. The best form of protection is well-structured code which passes all HTTP and SQL interface events through well engineered security modules.
Nope. Probably not a troll. But I thought I'd throw in my 2 bits anyway. I haven't posted on slashdot for years. So I guess this is a great opportunity to test if I can use the new GUI. The new GUI is nice.....
Anyway.... The best policy is out-in-the-open. Bruce Schneier doesn't use pseudonyms. My only pseudonym on the internet is this slashdot account. My other slashdot account has my real name... AUK.
Yes and no. Chimps have been well documented to have tribes no larger than a hundred or so. Aiello and Dunbar published studies showing a strong positive correlation between the range of vocalizations and the size of social groups in a wide range of species of monkeys.
The point here is that it is difficult to know who is "us" and who is "them" if you don't have language. It is difficult to identify so many individuals. (By comparison, humans need team uniforms to distinguish teams when there are more than 2 or so on each team.) But language permits you to very quickly identify an outsider from your group. Therefore language capability enables super-tribes or clans of thousands to be formed. That was really my point, that _big_ tribes can be formed when you've got language, and the incoming homo sapiens had that sort of language, and almost certainly that kind of large-tribe bonding.
Actually just about nothing in palaeoanthropology has a "real foundation in facts". I qualified my number by the words "about" and "probably". I think that is a sufficient indication of the lack of confidence and precision. Don't you think so? Otherwise you have to just give and say we know nothing.
The number 250,000 is not far from the median of what people think of as the beginning of language, I think. And remember that we could also argue that chimps and lemurs have language. By this definitions, humans got language 6 million or more years ago (probably). If you ask for something a bit more like modern language, you might have to say about 100,000 or less years ago (probably). I don't think a slashdot item is the best place to expound all the theories of palaeolinguistics.
(This is the original item I posted, accidentally as AC, which makes the item almost totally disappear.)
In my (humble) opinion, it is no coincidence that the explosion of cave art about 40,000 years ago in Europe shortly preceded the extinction of the Neanderthals 35,000 years ago. The subject of cave art was mostly hunting scenes, where the modern humans could teach each other what to do during the hunt and learn vocabulary etc. The Neanderthals apparently did not have cave art. So they would not have been anywhere near as skilled at hunting in groups.
So into Europe come these humans, which were very highly trained group-hunters, against Neanderthals who could not hunt anywhere near as effectively, partly because of very poor language ability. So first, the modern humans would out-compete the Neanderthals for resources. But secondly, the Neanderthals would not be recognized as fully human because they could not speak in such a sophisticated way. So the Neanderthals would seem like animals.
The reason cave art is mostly about hunting scenes is that teaching vocabulary for static objects can be done with the objects themselves. For fast moving objects like prey, you need to have drawings, and caves are the only places where the drawings survived for us to find.
Some people are perplexed that modern humans make war (not love). The reason is clear. The modern human species gained its ascendancy through genocide and cannibalism tens of thousands of years ago. It's programmed into the genes.
Now correct me if I'm wrong, but if the mafiaa's legal theory on "making available" is right, doesn't that mean that any company which makes available software which is easy to turn into a DoS zombie should be held liable. And the people who let their computers become zombies should be held liable for making their machines available to become zombies.
Not only that, those made-available computers actually _are_ exploited for evil acts.
So aren't the purveyors of dodgy software liable for damage caused by DDoS attacks?
Blaming the DDoS controlling people for the attacks is a bit like blaming the downloaders of music/videos for downloading copyright stuff instead of blaming the makers-available.
That would help to explain the surge in this kind of thing in the last few days.
15:07:13.666770 IP 63.217.28.226.17498 > 158.64.65.65.53: 36407+ NS? . (17) 15:07:13.750783 IP 63.217.28.226.61231 > 158.64.65.65.53: 46118+ NS? . (17) 15:07:13.831834 IP 63.217.28.226.44626 > 158.64.65.66.53: 51544+ NS? . (17)
Except that that source IP address doesn't look like a Network Solutions address to me.
Is it possible that there is a DDoS technique where the source IP addresses on DNS packets to 3rd party DNS servers are spoofed so as to generate the appearance of an attack from a different source? I guess that's what they're saying. But it doesn't seem to multiply the power of an attack much. They just get 17 bytes of DNS response from each 17 byte request.
So often I download software for free, and it's so excellent that I want to send money. Sometimes I send a cheque directly to the author. If only the free software download sites actually asked for money, I'm sure that a large proportion of people would pay a nominal amount.
But then there's the example of slashdot. I tried to send money recently, but the form to accept my money only offered a paypal option. So you can forget that! I wanted something where I could just enter credit card details and send money.
Just as in the case of music downloads, I'm sure that free software would make good money by just asking in a simple form: (1) Do you want to pay the standard X dollars for that? (2) Or would you like to pay an amount which you nominate? (3) Or would you like it for free? I'm sure that lot's of people would send money.
Paypal was supposed to facilitate micro-payments on the net. But it's more nuisance than it's worth. So what's really needed is either a better implementation of the micropayment idea, or just plain credit card payments. At least the FOSS distribution sites which want money should ASK! I guess maybe it's just too much cost and bother to set up the e-commerce facility on one's own site. But a centralized site could collect the money and hold it in a bank account.
I'd like to see this technique applied to the supposed bones of JS Bach, of whom the surviving pictures are unreliable and unconvincing. It's impressive that they could reconstruct even the facial stubble from the bones of Copernicus. It would be great to have such a high-resolution photo of Johann Sebastian also!
Seriously, the discussion of mathematical models in good PDE books is crisp and clear. The discussion in physics books is woolly and imprecise. That's because physicists rarely know enough mathematics to be able to express themselves precisely. So I would say: Just stick with the explanation of physical phenomena which you find in the mathematics books. It doesn't get much clearer than that, if you read the PDE books which I used to read.
I did the "dig" test on my patched DNS servers, and one of them failed. Reason: It was connected to an ADSL router by a 192.168.1.0/24 subnet which was translated by port S-NAT to a narrow range of source UDP ports.
As a result, all of the fixing of the DNS servers was made useless. It was only the "dig porttest.dns-oarc.net in txt" test which exposed this.
Not that you should really do:
dig @your.dns.server porttest.dns-oarc.net in txt
where your.dns.server is the local DNS server behind your ADSL router or firewall which you want to test. Otherwise you don't really know _which_ server you are testing.
So I reconfigured my ADSL modem and that is okay now.
However... On another site, the above "dig" test shows that everything is GOOD. But that is an illusion. What happened is that when the "dig" command is pointed with "@" at the local port of the ADSL router, the ADSL router's built-in DNS server uses the ISP's two DNS resolvers, and the _ISP's_ servers are patched. But the ADSL modem DNS requester is using fixed UDP source ports.
I can't find any definite confirmation of this. But I think this scenario is just as vulnerable as the worst case, even though the "dig" test says GOOD.
Every few years, someone does research to show exactly this same result. My applied math lecturer Prof. Ren Potts gave us a whole term of lectures on the subject of traffic behaviour in the early 1970s at Adelaide Uni. He wrote a book about it, which was the course textbook. In particular, he based the theory (involving Laplace transforms) on experiments in a tunnel between New Jersey and New York. He drove a car in the tunnel and put on the brakes, and the traffic came to a halt. But then he advised that there should be traffic-slowing vehicles in the traffic stream to prevent excessive speed, and as a result, the traffic did not get the wave effect which stops the traffic totally. This just goes to show how important it is to do a literature search before doing "new" research!
You've got it right there. The reason that the real cost is actually quite high is the fact that the GSM air interface is miniscule compared to the demands of the all the people using the system in each cell. If an SMS were free, the air interface would get clogged up. So it's quite sensible to economize the use of the interface using price to depress demand. From memory (from my work with Detecon/D-1 in Bonn, Germany) in 1991/92, the SMS data goes over something called an SDCCH channel, which uses 1/8 of the bandwidth of a normal 13 kbit/sec voice channel (or half-rate 6.5 kbit/sec). The SDCCH channel is devoted to one user for a few seconds during the transaction. Potentially you can have 64 SDCCH channels open on a single physical frequency (using TDMA) at one time. But there are also bottlenecks in the signalling system (control channels).
Additionally you require the whole infrastructure for storing and delivering the SMSes. Store-and-forward has complexities that connection-oriented traffic does not.
I've been reading slashdot since about 1998 or 1999, I forget which. My reader number is not quite accurate because I deleted my original slashdot registration after several months to change the handle name (and then someone named a movie after my new handle name, which is really irritating because I got the name swordfish from a Marx Brothers movie).
Anyway, that's the funniest post I've seen on slashdot so far, although I gave up reading the feedbacks for 99% of the articles a few years ago. So thanks for that. You've made my day. Well expressed, good timing, nice wording and smooth syntax. Too bad there isn't a hall of fame to aggregate the best feedback posts!
You're right. You beat me to the comment. Postgres is not a threat in the sense that MySQL is. Also MySQL takes money away from MS and puts it in their own bank account, whereas Postgres does not build up a cash-hoard that can be used against MS later. Postgres is really free, as opposed to GPL, which signifies ownership by "the community". A Few years ago, MS said very publically what their list of okay licences was. That list included BSD, but did not include GPL or the Artistic licence.
Slashdot Mirror
I hope this doesn't sound too much like the tin-foil hat view of the world, but this whole business of the government's "need" to monitor everyone's phone calls, e-mails, web browsing, smartphone GPS coordinates, travel etc., makes me think of a very significant thing that Noam Chomsky once said, namely that in a free society, where people can do what they like, the government (or the ruling class) has a strong motivation to develop state-of-the-art tools to influence the way people think, whereas in a society where physical actions were controlled by the State, like in the old Soviet Union, the ruling class there didn't develop mind-twisting distortions of reality because with physical control, mind control is unnecessary. And Chomsky identified this as the cause of the total distortion of political language and thinking in the USA in particular, and in physically free countries in general.
Now I'm starting to think that the whole NSA spying thing, and government spying in general, is a direct result of the lack of physical control of the populace. In principal, people in the free countries can think what they want, but only if the government knows what people are thinking at all times. I guess monitoring everyone's thoughts like as if we were all prisoners on parole is a direct consequence of physical freedom. If people are granted the freedom to _do_ what they like, they must give up the right to _think_ what they like, or at least they give up the right to share their thoughts privately with others.
Generally when I try to set up HTTP/SSL in Apache, I get warnings that I can't do virtual hosts for SSL. In fact, I was able to force this through in the past. But I think there's supposed to be some issue with it. I think it's something along the lines that if a connection is encrypted, the server doesn't know what the URL is until it's decrypted, and it can't really decrypt until it knows what the virtual host is. Something like that....
So does it mean that adoptions of HTTP/SSL everywhere will be the end of virtual hosting, and then force each web domain to have a different IP address?
This image is utterly astonishing. When I was young, it was assumed that we would never see any other solar system as more than a point of light, or one point of light for each star in the system. Now this stunning resolution. Therefore I need to do a reality check on the resolution.
From the wikipedia page about the Chile telescope, resolution is about 10^-7 radians. From the article, distance is about 450 light-years. From the wikipedia article about light-years, one light-year is about 10^-13 kilometres. In "bc" I get this.
10^-7 * 450 * 10^13
450000000
In other words, about 450 million kilometres resolution. That's about the diameter of the orbit of Mars, I think. (I'm too lazy to look it up.) So we should be able to resolve distances equal to about the diameter of the Mars orbit. So that image must be showing orbits that go out to about Neptune, which goes at a radius of about 4500 million kilometres. Well, that kind of makes sense. But it's still utterly astonishing resolution at that distance. I wonder what they get in the 4 to 10 light-year range. And when the next telescope comes long, it will be even more breathtaking. The following is in the wikipedia article on the Chile telescope.
"Although it is designed to have a resolution 10 times greater than that of Hubble, it will be superseded in 2024 by the Square Kilometre Array in South Africa and Australia, that will have 50 times the resolution of ALMA."
One way to get around the difficulties with zero gravity for eating would be to install a "hamster wheel" inside the space station which would give at least the Moon's level of gravity, i.e. about a sixth of Earth's gravity, or the surface gravity of Mars, which is about 38% of Earth's. Of course, this would disturb zero-gravity experiments due to the inevitable "gravity noise" from the hamster wheel, but some sort of isolation mechanism could be introduced. After all, whenever astronauts move around, they are introducing "gravity noise" into zero-gravity experiments. So it can't be that bad. And the hamster wheel could be helpful with gyroscopic stabilization. Within the hamster wheel, astronauts could eat normal Earth food, and do other things for which gravity would assist.
Using the card-decks had one great advantage. It discouraged software bloat. If you wrote a 10,000 line program, that was 5 big boxes of cards. You'd need a cart to move them around. Young people these days have no self-discipline when it comes to bloat.
Sometimes between the age of 15 and 16 years, one's point of view may change. Maybe like King Asoka, who killed 100,000 people and then became a peaceful Buddhist because he realised the futility of destruction.
First, it's not that odd that teenagers are doing a bit of recreational hacking over the holidays. For some people it is a hobby, and what better time to indulge in one's hobby than over the holidays. Take into account also that during the holidays, one does want to check out holiday specials on the Met Link web site, especially if one is a poor teenager. And if that teenager just happens to know the basics of HTML, PHP, MySQL, etc., one does tend to notice that a site has a vulnerability. I often see these sorts of blunders by web developers, but when I report them, nothing happens and they are not fixed a year later. I don't "have a look" to see if the vulnerability is serious because that is not my hobby. But for some people, that's a hobby. When I was young, we used to hack radio and TV sets over the long Xmas holidays in Adelaide because summer holidays are very long if you can't afford an away-from-home holiday.
And on the subject of the ethics of saving 600,000 people's private data from falling into the hands of black-hats, look at this example.
1. You see a house on fire and a kid is trapped inside.
2. You break the window, grab the kid and bring it out to safety.
3. You get arrested for breaking and entering, and abducting a minor.
Of course, all burglary is criminal and all abduction of minors is criminal.
Solution: Let the kid die in the fire.
Nope. Luckily the police and judges are not idiots.
It looks like positive coverage to me.
http://www.neowin.net/news/teenager-reported-to-police-after-reporting-vulnerability-in-government-website
There are just a couple of comments speculating about where the boundary between "having a look" and hacking lies. Ultimately, I think it's PHP that must be blamed for 90% of all of the hackable sites, and the programmers who use PHP in a weakly structured way. And maybe the maximum blame goes on the software outsourcing managers who think only of budgets and deadlines, while forgetting about security. So-called "risk management" by insuring against intrusions and making the contractors take out liability and indemnity insurance is a very ignorant way to protect a web site. The best form of protection is well-structured code which passes all HTTP and SQL interface events through well engineered security modules.
Nope. Probably not a troll.
But I thought I'd throw in my 2 bits anyway.
I haven't posted on slashdot for years.
So I guess this is a great opportunity to test if I can use the new GUI.
The new GUI is nice.....
Anyway....
The best policy is out-in-the-open.
Bruce Schneier doesn't use pseudonyms.
My only pseudonym on the internet is this slashdot account.
My other slashdot account has my real name...
AUK.
Yes and no.
Chimps have been well documented to have tribes no larger than a hundred or so. Aiello and Dunbar published studies showing a strong positive correlation between the range of vocalizations and the size of social groups in a wide range of species of monkeys.
The point here is that it is difficult to know who is "us" and who is "them" if you don't have language. It is difficult to identify so many individuals. (By comparison, humans need team uniforms to distinguish teams when there are more than 2 or so on each team.) But language permits you to very quickly identify an outsider from your group. Therefore language capability enables super-tribes or clans of thousands to be formed. That was really my point, that _big_ tribes can be formed when you've got language, and the incoming homo sapiens had that sort of language, and almost certainly that kind of large-tribe bonding.
Actually just about nothing in palaeoanthropology has a "real foundation in facts". I qualified my number by the words "about" and "probably". I think that is a sufficient indication of the lack of confidence and precision. Don't you think so? Otherwise you have to just give and say we know nothing.
The number 250,000 is not far from the median of what people think of as the beginning of language, I think. And remember that we could also argue that chimps and lemurs have language. By this definitions, humans got language 6 million or more years ago (probably). If you ask for something a bit more like modern language, you might have to say about 100,000 or less years ago (probably). I don't think a slashdot item is the best place to expound all the theories of palaeolinguistics.
(This is the original item I posted, accidentally as AC, which makes the item almost totally disappear.)
In my (humble) opinion, it is no coincidence that the explosion of cave art about 40,000 years ago in Europe shortly preceded the extinction of the Neanderthals 35,000 years ago. The subject of cave art was mostly hunting scenes, where the modern humans could teach each other what to do during the hunt and learn vocabulary etc. The Neanderthals apparently did not have cave art. So they would not have been anywhere near as skilled at hunting in groups.
So into Europe come these humans, which were very highly trained group-hunters, against Neanderthals who could not hunt anywhere near as effectively, partly because of very poor language ability. So first, the modern humans would out-compete the Neanderthals for resources. But secondly, the Neanderthals would not be recognized as fully human because they could not speak in such a sophisticated way. So the Neanderthals would seem like animals.
The reason cave art is mostly about hunting scenes is that teaching vocabulary for static objects can be done with the objects themselves. For fast moving objects like prey, you need to have drawings, and caves are the only places where the drawings survived for us to find.
Some people are perplexed that modern humans make war (not love). The reason is clear. The modern human species gained its ascendancy through genocide and cannibalism tens of thousands of years ago. It's programmed into the genes.
Now correct me if I'm wrong, but if the mafiaa's legal theory on "making available" is right, doesn't that mean that any company which makes available software which is easy to turn into a DoS zombie should be held liable. And the people who let their computers become zombies should be held liable for making their machines available to become zombies.
Not only that, those made-available computers actually _are_ exploited for evil acts.
So aren't the purveyors of dodgy software liable for damage caused by DDoS attacks?
Blaming the DDoS controlling people for the attacks is a bit like blaming the downloaders of music/videos for downloading copyright stuff instead of blaming the makers-available.
Just a thought....
That would help to explain the surge in this kind of thing in the last few days.
15:07:13.666770 IP 63.217.28.226.17498 > 158.64.65.65.53: 36407+ NS? . (17)
15:07:13.750783 IP 63.217.28.226.61231 > 158.64.65.65.53: 46118+ NS? . (17)
15:07:13.831834 IP 63.217.28.226.44626 > 158.64.65.66.53: 51544+ NS? . (17)
Except that that source IP address doesn't look like a Network Solutions address to me.
Is it possible that there is a DDoS technique where the source IP addresses on DNS packets to 3rd party DNS servers are spoofed so as to generate the appearance of an attack from a different source? I guess that's what they're saying. But it doesn't seem to multiply the power of an attack much. They just get 17 bytes of DNS response from each 17 byte request.
It's all a bit confusing really....
So often I download software for free, and it's so excellent that I want to send money. Sometimes I send a cheque directly to the author. If only the free software download sites actually asked for money, I'm sure that a large proportion of people would pay a nominal amount.
But then there's the example of slashdot. I tried to send money recently, but the form to accept my money only offered a paypal option. So you can forget that! I wanted something where I could just enter credit card details and send money.
Just as in the case of music downloads, I'm sure that free software would make good money by just asking in a simple form: (1) Do you want to pay the standard X dollars for that? (2) Or would you like to pay an amount which you nominate? (3) Or would you like it for free? I'm sure that lot's of people would send money.
Paypal was supposed to facilitate micro-payments on the net. But it's more nuisance than it's worth. So what's really needed is either a better implementation of the micropayment idea, or just plain credit card payments. At least the FOSS distribution sites which want money should ASK! I guess maybe it's just too much cost and bother to set up the e-commerce facility on one's own site. But a centralized site could collect the money and hold it in a bank account.
I'd like to see this technique applied to the supposed bones of JS Bach, of whom the surviving pictures are unreliable and unconvincing. It's impressive that they could reconstruct even the facial stubble from the bones of Copernicus. It would be great to have such a high-resolution photo of Johann Sebastian also!
Seriously, the discussion of mathematical models in good PDE books is crisp and clear. The discussion in physics books is woolly and imprecise. That's because physicists rarely know enough mathematics to be able to express themselves precisely. So I would say: Just stick with the explanation of physical phenomena which you find in the mathematics books. It doesn't get much clearer than that, if you read the PDE books which I used to read.
This DNS test is much better. https://www.dns-oarc.net/oarc/services/dnsentropy
You might find my notes useful.
http://www.topology.org/linux/bind_bigbug.html
I did the "dig" test on my patched DNS servers, and one of them failed.
Reason: It was connected to an ADSL router by a 192.168.1.0/24 subnet which was translated by port S-NAT to a narrow range of source UDP ports.
As a result, all of the fixing of the DNS servers was made useless.
It was only the "dig porttest.dns-oarc.net in txt" test which exposed this.
Not that you should really do:
dig @your.dns.server porttest.dns-oarc.net in txt
where your.dns.server is the local DNS server behind your ADSL router or firewall which you want to test. Otherwise you don't really know _which_ server you are testing.
So I reconfigured my ADSL modem and that is okay now.
However...
On another site, the above "dig" test shows that everything is GOOD. But that is an illusion. What happened is that when the "dig" command is pointed with "@" at the local port of the ADSL router, the ADSL router's built-in DNS server uses the ISP's two DNS resolvers, and the _ISP's_ servers are patched. But the ADSL modem DNS requester is using fixed UDP source ports.
I can't find any definite confirmation of this. But I think this scenario is just as vulnerable as the worst case, even though the "dig" test says GOOD.
Cheers,
Alan.
Every few years, someone does research to show exactly this same result. My applied math lecturer Prof. Ren Potts gave us a whole term of lectures on the subject of traffic behaviour in the early 1970s at Adelaide Uni. He wrote a book about it, which was the course textbook. In particular, he based the theory (involving Laplace transforms) on experiments in a tunnel between New Jersey and New York. He drove a car in the tunnel and put on the brakes, and the traffic came to a halt. But then he advised that there should be traffic-slowing vehicles in the traffic stream to prevent excessive speed, and as a result, the traffic did not get the wave effect which stops the traffic totally. This just goes to show how important it is to do a literature search before doing "new" research!
You've got it right there.
The reason that the real cost is actually quite high is the fact that the GSM air interface is miniscule compared to the demands of the all the people using the system in each cell.
If an SMS were free, the air interface would get clogged up.
So it's quite sensible to economize the use of the interface using price to depress demand.
From memory (from my work with Detecon/D-1 in Bonn, Germany) in 1991/92, the SMS data goes over something called an SDCCH channel, which uses 1/8 of the bandwidth of a normal 13 kbit/sec voice channel (or half-rate 6.5 kbit/sec). The SDCCH channel is devoted to one user for a few seconds during the transaction. Potentially you can have 64 SDCCH channels open on a single physical frequency (using TDMA) at one time. But there are also bottlenecks in the signalling system (control channels).
Additionally you require the whole infrastructure for storing and delivering the SMSes. Store-and-forward has complexities that connection-oriented traffic does not.
I've been reading slashdot since about 1998 or 1999, I forget which. My reader number is not quite accurate because I deleted my original slashdot registration after several months to change the handle name (and then someone named a movie after my new handle name, which is really irritating because I got the name swordfish from a Marx Brothers movie).
Anyway, that's the funniest post I've seen on slashdot so far, although I gave up reading the feedbacks for 99% of the articles a few years ago. So thanks for that. You've made my day. Well expressed, good timing, nice wording and smooth syntax. Too bad there isn't a hall of fame to aggregate the best feedback posts!
You're right. You beat me to the comment. Postgres is not a threat in the sense that MySQL is. Also MySQL takes money away from MS and puts it in their own bank account, whereas Postgres does not build up a cash-hoard that can be used against MS later. Postgres is really free, as opposed to GPL, which signifies ownership by "the community". A Few years ago, MS said very publically what their list of okay licences was. That list included BSD, but did not include GPL or the Artistic licence.
Stallman didn't initiate it. Stallman didn't anoint it.
Therefore it is bad, bad, bad!
It's time for Richard to move to the back row.