Neither the article you linked to, nor the suspect Bauman paper it references measured a real 112db dynamic range from an actual record. They measured the noise floor of a pickup, did some measurements of the pre-amp, did some hand waving about how a skilled ear can add a magic 30 dB below the noise floor and claimed that as the theoretical dynamic range of actually playing a record on high quality equipment. It totally ignores the physical limitations of the vinyl and pickup. It also ignores the other issues with records such as rumble, wow and flutter, poor stereo separation, non-linear response, and other distortions. Their own measurements show the pre-amp SNR in in the 70s, which shows the 112dB claim to be BS.
I label any review as suspect when it uses fluffy wording like this:
As you might expect, the resolution of low-level detail was outstanding. Against a dead-black background, finely layered images floated in three dimensions on what was a somewhat wider soundstage than I'd become accustomed to
OnLive may very well not be doing anything wrong. If I use VNC or even RDP to connect to my Win7 box from a MAC, I'm not required to buy another license just to connect. In this instance, OnLive probably has sufficient Win7 licenses to cover the number of Win7 instances that are running at a single time..
Either way, Microsoft has some very convoluted licensing scheme and it's hard to stay compliant for complex setups like terminal services. Hell even MS will give you different answers depending on which sales person you talk to.
It (Title 8 of the US Code 1185) also only applies only to citizens of the US (a category with only two members in the group of people that I know and care about) and only to the United States itself, not to anywhere important (to me). I also see that it doesn't specify what (if any) travel documents non-US citizens need. (The original claim was that "The right to travel, the right to leave any country, and the right to return to your own country", not about the peculiarities of one particular nation.)
I cited the US Code after the claim "Not having a passport never has prevented you from leaving any particular country." http://www.law.cornell.edu/uscode/text/8/1181 details the for paperwork requirements for non-citizens entering the US.
Going back to the case of my British friends rebuilding a boat in Texas then... if they decided to take their boat on a trip to Hawaii, the long way round (I believe that is one of their actual intentions, spread over several years), then since they are planning on going from US territory to US territory... then they don't need any more documentation than if they were sailing from Texas to Florida.
I suppose technically, they are leaving the country once they hit international waters far enough offshore from Texas and would be reentering in Hawaii (both are US states, not US territories). In reality, they are probably not going to enter or exit at a controlled border point and no-one would be the wiser. Unless the Coast Guard noticed then they might be required to show papers. I'm not sure if using the Panama Canal constitutes entering their country or not.
Well you would only have to pay attention the the rear-view cam when backing up.
We already have vehicles with backup sensors that chirp based on objects in the proximity of the bumper. Seems those could work just as well, and don't require the driver to actively look or do something non-intuitive like stare at the dash to backup. The little 2" square displays in the rear view mirror aren't much better, as many of the studies say the driver just glanced in the rearview mirror and never actually turned their head around to look.
For something that might prevent 100 deaths (a lofty claim of half, btw), this is estimated to cost 2.7 billion. Why not just create a charity fund and pay the victims families 27 million each?
Anyone else suspect the non-profit that did the study and is pushing this, is funded by some company that makes the camera systems?
Start on page with with Paragraph I.A.1 which reads "Generally,
So, it's a set of guidelines, not an absolute prescription.
The ruling is based on the law, specifically Title 8 of the US Code 1185 (aka Immigration and Nationality Act), "Travel control of citizens and aliens" http://www.law.cornell.edu/uscode/text/8/1185
"(b) Citizens Except as otherwise provided by the President and subject to such limitations and exceptions as the President may authorize and prescribe, it shall be unlawful for any citizen of the United States to depart from or enter, or attempt to depart from or enter, the United States unless he bears a valid United States passport. "
So while the law allows the president to create exceptions, the Land and Sea final rule re-iterates the requirement for ID and allows for some acceptable alternatives for proof of citizenship.
Most issues are best mitigated by countermeasures at the edge where the most intelligence resides. The ISP should be treated as a common carrier and only act when the integrity of their network is at risk.
What do you define as the edge? The DSL/Cable/Satellite modem in the end users home? Are you trusting the average home user to set that up securely and police themselves? Certainly the consumer grade end routers could benefit from a little more brains and some IDS capabilities, but from a design perspective an independent IDS on each drop is far less effective that placing them in key locations at the aggregate or closet switches. I'm proposing that the "edge" be a few steps closer to the ISP and let them manage the defenses based on an understanding of the bigger picture.
I simply don't accept your notion that the ISPs have no responsibility to police their networks and should do nothing to protect their customers. If they get good information about a user on their network actively attacking someone, I don't want them to say "it's not my problem".
It is not the ISPs fight no more than it is UPSs fight to make sure the vendor shipped the widget you asked for. They are simply a conduit.
UPS and USPS have measures at their central sorting facilities to detect malicious packages containing explosive or radiological hazards. They are common and/or contract carriers, whereas ISPs are not. You might want to brush up on the legal aspects of that, as the ISPs have been lobbying to NOT be considered common carriers as that imposes additional regulations on them.
Search engines and browser filter providers can detect whether a site is infected because they have dedicated teams, massive amounts of data and metrics on all sites over time... ISPs do not have that type of data or infustructure or experience to perform such analysis.
Search engines filtering and browser filters work about as well as antivirus, generally several steps behind and have a poor track record stopping anything new and lots of false positives. Not all malicious traffic is browser based. I believe the ISPs are in the right spot to monitor traffic and detect abnormalities. Web crawling search engines have a different type of intelligence that can be combined to form a bigger picture.
If the FBI showed up on my door and asked for their tracking device back, I'd say, "I don't know who you are, whether you own it, or whether you have a legal right to get it. Send me a letter giving me all the details and establishing that you own it, and I'll take it to a lawyer and do what he says."
Suppose an hour later another bunch of guys showed up and said that they were the FBI and they wanted their tracking device back?
I doubt they'd ask. They'd just remove it when the vehicle was accessible. Perhaps parked in your driveway instead of the garage, or in the parking lot at your work. They certainly felt no compulsion to ask when the put it their, possibly trespassing when they did it.
Plus there is nothing in the optical realm that even approaches the processing power of an electrical based CPU. Optical routing, even with this very transient optical storage ability is still quite a ways off.
Either I'm missing something obvious, or it's free for 10-nodes and you start paying quite a bit for anything beyond that. http://puppetlabs.com/puppet/how-to-buy/
Node Packs 10 FREE 25 $1,995 100 $6,995 250 $16,995 500 $29,995 1,000 $55,995 More than 1,000 Contact sales@puppetlabs.com
Except 30 nodes is going to cost several thousand dollars for the licensing. It'd be cheaper to hire the local neighborhood kid to sit there for an afternoon and do them individually. For that you could buy and image a new set of drives. Would 32-gig USB thumb drives be big enough for your install, allowing you to usb boot the machines? Or perhaps create a custom Live-CD, which has the advantage that you simply reboot the machine if the user dorks it up?
Typo there. I meant to type "And that's exactly what DOESNT happen, resulting in a "brick" and requiring service by Tesla". The battery never gets damaged, but the BMS ends up in a state where it can't get power to itself to supervise charging.
since the management system should have gone into a deep shutdown where nothing at all (including the management system) draws from the battery.
That's exactly what happens
When the charger is plugged in, THAT should power the management system and it should reboot without further intervention. In such a deep shutdown, the car should be fine for a lot longer than 3 months.
And that's exactly what does happen, resulting in a "brick" and requiring service by Tesla. The BMS isn't powered by the charger. The classic definition of a brick is the device is rendered unusable and must be returned to the manufacturer for repair.
It's really a catch-22. If the battery cells drop too low, the BMS disconnects the battery to prevent further drain which shuts down the BMS entirely. Plugging in a charger doesn't power the BMS back up. So it's not a matter of just plugging in a charger.
It's kind like pushing HD radio, when most people listen to their radios in their noisy cars with stock speakers and can't tell the difference.
You've got the cause and effect backwards. People only listen to the radio in their cars, and using cheap equipment, because radio sounds pretty crappy to begin with. HD Radio has the potential to reverse both trends (but I don't expect it will).
Don't believe it? Look up how many users Pandora / Last.fm / XM/Sirius / Shoutcast / et al., have. People clearly value a radio-like service, and find the current broadcast radio situation so bad that they go for more expensive alternatives.
But do you see XM/Sirius users upgrading the quality of audio equipment in their cars? I've heard the portable XM/Sirius radios (a few people in my office have them). I can't tell the difference in quality, and now that they have ads I don't see the advantage of a subscription radio service.
"The study, also available in draft form at ArXiv, primarily studied interlocked power grids but could apply to computer networks and interconnected computer systems as well, the authors note. The work could influence thinking on issues such as how to best deal with DDOS (distributed denial-of-service) attacks, which can take down individual servers and nearby routers, causing traffic to be rerouted to nearby networks. Balancing workloads across multiple cloud computing services could be another area where the work would apply."
The study was about the stability of power systems, which is a completely different animal. For power systems, as demonstrated by a few wide spread outages, are at the mercy of the control systems which can over or under react. Computer networks might have some similarities but trying to draw any firm conclusions from this study would be pure speculation.
I would agree though, that at some point you move beyond providing redundant paths to opening up additional areas of exposure and risk.
The crappy speakers and mics in most phones probably has as much effect as the processing and compression. It is true though that the cellphone frequency range does cut off too much of the lower frequencies. A codec that goes to 20k is pointless when there is no speech frequencies that high, and most people can't hear it anyway. The focus should be better lower frequency coverage, improve the dynamic range, and filter background noise.
It's kind like pushing HD radio, when most people listen to their radios in their noisy cars with stock speakers and can't tell the difference.
Actually the iPhone has pretty good audio. The speakerphone and room mic work very well compared to several dumb phones I've had. I still have a dumb flip phone because I don't need anything more than that, and I prefer a smaller flip that fits my head and pocket better..
BTW, what possible reason could you have for doing traceroute with a refresh rate of 1 second?
Your question is really the core issue... The person designing the rules makes the value judgement based on their limited knowledge and as a result things break and people become unhappy because the rule maker turns out to not be as smart as their self image. If you think I'm nitpicking.. the real world is absolutely relentless... Ask the people who wrote mtr why they did it. It is often used to evaluate transient or long term metrics about the network path..per-hop latency, packet loss. I assume it is to keep from having to wait forever to see what is going on and where.
No the network engineers will simply look at the existing traffic patterns to determine what is normal for their network. Really, I have lots of experience in this area, and it's not difficult to spot the outliers from the norm. I'm not saying blindly block every little suspicous thing (in fact, often the best response is to let an active intrusion continue so you can gather more info). I'm talking about flagging and reacting to the obvious. In some cases the appropriate response might be blocking the traffic, for example decent http proxies can block a response from a webpage that has known malicious code for a virus that's current rapidly spreading. Or notify a home user because he's sending out 10,000 emails an hour with the word viagra using 200 different smtp relays. Or maybe a home user is seen communicating with a known trojan command server, and they simply send that user an email that they need to check their system because it's likely compromised. Perhaps with appropriate intel they determine they can safely block the IP/port of the command server entirely for all their users which kills off a large portion of the botnet. In some cases, the action would be drive by a violation of the TOS or a need to block an ongoing problem.
The ISPs need to get more proactive. They continue to sit back and ignore glaring problems like zombies and spammers because they have no financial incentive to do so. The end result is going to be the govt stepping in and establishing inflexible one-size-fits-all requirements that are guaranteed to step on the legitimate fringe cases. You won't be able to call your ISP and tell them that you really do need port 25 open. You won't get told that it's against your TOS, instead you'll get told that all smtp server need to be registered with the FCC before an ISP can legally allow the traffic. Controls at the ISP and network level are inevitable, and I'd much rather the ISPs have their hands on the controls because I can change ISPs if mine becomes overly restrictive. It's a hell of a lot harder to change my govt.
One likely outcome already seen in some ISPs, is the creation of different levels of service based on the type of connectivity you need (that's where the financial incentive comes in). A basic grandma type of connection would have more traffic controls placed on it (eg they can only send smtp through the ISPs relays). If you're hosting services on your home connection, they might expect you to pay for a fixed IP and give you the ability to specify what services you're hosting. That would simplify things for users like you who like to run MTR against web hosting companies so you get rapid notice when something goes down.
I don't host my own website, and neither do many on my customers. I guess it never occurred to you that one reason to port scan is to find out if a hosting company has a clue. I'm one of those funny guys that isn't satisfied with calling customer service and asking hey, do you guys have a clue? and then just accepting their answer.
Yeah, I get the whole trust but verify thing. I realize there are legitimate reasons to port scan a single IP or do things that could be viewed as an attack, such as verifying a firewall config. It's all about defining appropriate thresholds and using them to flag malicious activity. Port scanning whole class B subnets at a time, or your machine running port scans 24x7 would probably be on the wrong side of that threshold. We could spend all day pointing out fringe cases, but 99.9% of an ISPs customers are going to fall within a fairly well defined realm of normal network activity.
It's been my experience when dealing with corporate or hosting companies that if they have unusual open ports or other obvious security issues, it's rare for them to actually give a crap when a customer points this out.
They ARE different when it comes to data. AT&T and T-Mobile don't offer real 4G. Sprint doesn't cap data use or throttle you. Verizon has real 4G and the largest, fastest 3G/4G cellular data network.
Do you pay a lot of attention to what brand of sugar or salt you buy? Probably not - because salt is salt. The same for phone calls and texts.
The reality is that it doesn't matter which company has the bigger network or the biggest hype about 4G. It's the capabilities they can provide in your area. If you're in the boonies, what really matter is whether the cell tower out by you has newer equipment and how well it's connected to the backbone. Don't choose a provide based on ads. Find out how well they perform in your area and go with that.
Instead of nitpicking the numbers I pulled off the top of my head because they might interfere with your particular invented legitimate activity, how about recognizing that outliers in usage patterns often correspond to malicious activity? Maybe 500 pings/minute is a bad example, but certainly that's not the norm for an average customer. How about an ISP noticing that 100 IPs within their address space are sending the exact same http query to a particular website at a very high rate? Surely even you guys would think this might indicate an ongoing DDOS attack that someone should look at. Maybe not block the traffic, but at least record that as an possible indicator for that particular customer .
As for how many IPs/ports for port scanning makes me suspicious - certainly scanning entire subnets looks suspicious. Scanning 100's of ports on a single IP would count as probing and a possible attack. Whether it's a legitimate scan by the website owner is irrelevant with regard to classifying it.
BTW, what possible reason could you have for doing traceroute with a refresh rate of 1 second?
"The ISPs are really the only ones positioned to thwart attacks as well. For example, blocking an IP that appears to be port scanning or sending high rates of email."
Yeah. That's a great idea! That way, when I do penetration tests on my websites I will just get kicked right off! Thanks for your help, man!
If penetration testing means you have to port scan your web site, then you're not doing it right. You should already know what ports are open if you or your hosting company have any clue. Running dumb tools like Retina, Nessus, etc really don't show you the true vulnerabilities on a website anyway. THey can't show you crappy programming that doesn't validate inputs and leaves you open to sql injection, or permissions issues on files.
I don't want the govt involved in the internet, and they have a crappy track record on dealing with botnets.
If you're port scanning multiple IPs, then you fit the profile of an attacker and need to be looked at. Bulk mail is another issue. It would be reasonable to notify customers that their computers are sending large volumes of email. If the customer isn't aware of it, then they just got a clue that they might be infected. Sending bulk mail, especially not using the ISPs relay, is often against the TOS.
I was talking about inbound as well as outbound. If your ISP sees someone port scanning through their address space looking for open ports, blocking them makes sense. It also makes sense to watch for users inside their space port scanning. It's no different than the cops stopping someone who is walking through the neighborhood checking the doors. Rate limiting stuff like icmp works just fine, as does ingress filtering stuff you shouldn't be seeing. If a connection is spewing 500 pings a minute for 10 minutes, it's pretty unlikely it's for a legitimate reason. Another example if dropping packets which appear to be from bogons. Or noticing clients that appear to be doing syn attacks or the like.
Really, it's not hard to detect computers acting badly.
Slashdot Mirror
Neither the article you linked to, nor the suspect Bauman paper it references measured a real 112db dynamic range from an actual record. They measured the noise floor of a pickup, did some measurements of the pre-amp, did some hand waving about how a skilled ear can add a magic 30 dB below the noise floor and claimed that as the theoretical dynamic range of actually playing a record on high quality equipment. It totally ignores the physical limitations of the vinyl and pickup. It also ignores the other issues with records such as rumble, wow and flutter, poor stereo separation, non-linear response, and other distortions. Their own measurements show the pre-amp SNR in in the 70s, which shows the 112dB claim to be BS.
I label any review as suspect when it uses fluffy wording like this:
As you might expect, the resolution of low-level detail was outstanding. Against a dead-black background, finely layered images floated in three dimensions on what was a somewhat wider soundstage than I'd become accustomed to
OnLive may very well not be doing anything wrong. If I use VNC or even RDP to connect to my Win7 box from a MAC, I'm not required to buy another license just to connect. In this instance, OnLive probably has sufficient Win7 licenses to cover the number of Win7 instances that are running at a single time..
Either way, Microsoft has some very convoluted licensing scheme and it's hard to stay compliant for complex setups like terminal services. Hell even MS will give you different answers depending on which sales person you talk to.
It (Title 8 of the US Code 1185) also only applies only to citizens of the US (a category with only two members in the group of people that I know and care about) and only to the United States itself, not to anywhere important (to me). I also see that it doesn't specify what (if any) travel documents non-US citizens need. (The original claim was that "The right to travel, the right to leave any country, and the right to return to your own country", not about the peculiarities of one particular nation.)
I cited the US Code after the claim "Not having a passport never has prevented you from leaving any particular country." http://www.law.cornell.edu/uscode/text/8/1181 details the for paperwork requirements for non-citizens entering the US.
Going back to the case of my British friends rebuilding a boat in Texas then ... if they decided to take their boat on a trip to Hawaii, the long way round (I believe that is one of their actual intentions, spread over several years), then since they are planning on going from US territory to US territory ... then they don't need any more documentation than if they were sailing from Texas to Florida.
I suppose technically, they are leaving the country once they hit international waters far enough offshore from Texas and would be reentering in Hawaii (both are US states, not US territories). In reality, they are probably not going to enter or exit at a controlled border point and no-one would be the wiser. Unless the Coast Guard noticed then they might be required to show papers. I'm not sure if using the Panama Canal constitutes entering their country or not.
Well you would only have to pay attention the the rear-view cam when backing up.
We already have vehicles with backup sensors that chirp based on objects in the proximity of the bumper. Seems those could work just as well, and don't require the driver to actively look or do something non-intuitive like stare at the dash to backup. The little 2" square displays in the rear view mirror aren't much better, as many of the studies say the driver just glanced in the rearview mirror and never actually turned their head around to look.
For something that might prevent 100 deaths (a lofty claim of half, btw), this is estimated to cost 2.7 billion. Why not just create a charity fund and pay the victims families 27 million each?
Anyone else suspect the non-profit that did the study and is pushing this, is funded by some company that makes the camera systems?
So, it's a set of guidelines, not an absolute prescription.
The ruling is based on the law, specifically Title 8 of the US Code 1185 (aka Immigration and Nationality Act), "Travel control of citizens and aliens"
http://www.law.cornell.edu/uscode/text/8/1185
"(b) Citizens
Except as otherwise provided by the President and subject to such limitations and exceptions as the President may authorize and prescribe, it shall be unlawful for any citizen of the United States to depart from or enter, or attempt to depart from or enter, the United States unless he bears a valid United States passport. "
So while the law allows the president to create exceptions, the Land and Sea final rule re-iterates the requirement for ID and allows for some acceptable alternatives for proof of citizenship.
Most issues are best mitigated by countermeasures at the edge where the most intelligence resides. The ISP should be treated as a common carrier and only act when the integrity of their network is at risk.
What do you define as the edge? The DSL/Cable/Satellite modem in the end users home? Are you trusting the average home user to set that up securely and police themselves? Certainly the consumer grade end routers could benefit from a little more brains and some IDS capabilities, but from a design perspective an independent IDS on each drop is far less effective that placing them in key locations at the aggregate or closet switches. I'm proposing that the "edge" be a few steps closer to the ISP and let them manage the defenses based on an understanding of the bigger picture.
I simply don't accept your notion that the ISPs have no responsibility to police their networks and should do nothing to protect their customers. If they get good information about a user on their network actively attacking someone, I don't want them to say "it's not my problem".
It is not the ISPs fight no more than it is UPSs fight to make sure the vendor shipped the widget you asked for. They are simply a conduit.
UPS and USPS have measures at their central sorting facilities to detect malicious packages containing explosive or radiological hazards. They are common and/or contract carriers, whereas ISPs are not. You might want to brush up on the legal aspects of that, as the ISPs have been lobbying to NOT be considered common carriers as that imposes additional regulations on them.
Search engines and browser filter providers can detect whether a site is infected because they have dedicated teams, massive amounts of data and metrics on all sites over time... ISPs do not have that type of data or infustructure or experience to perform such analysis.
Search engines filtering and browser filters work about as well as antivirus, generally several steps behind and have a poor track record stopping anything new and lots of false positives. Not all malicious traffic is browser based. I believe the ISPs are in the right spot to monitor traffic and detect abnormalities. Web crawling search engines have a different type of intelligence that can be combined to form a bigger picture.
That's actually a good response.
If the FBI showed up on my door and asked for their tracking device back, I'd say, "I don't know who you are, whether you own it, or whether you have a legal right to get it. Send me a letter giving me all the details and establishing that you own it, and I'll take it to a lawyer and do what he says."
Suppose an hour later another bunch of guys showed up and said that they were the FBI and they wanted their tracking device back?
I doubt they'd ask. They'd just remove it when the vehicle was accessible. Perhaps parked in your driveway instead of the garage, or in the parking lot at your work. They certainly felt no compulsion to ask when the put it their, possibly trespassing when they did it.
Plus there is nothing in the optical realm that even approaches the processing power of an electrical based CPU. Optical routing, even with this very transient optical storage ability is still quite a ways off.
Either I'm missing something obvious, or it's free for 10-nodes and you start paying quite a bit for anything beyond that.
http://puppetlabs.com/puppet/how-to-buy/
Node Packs
10 FREE
25 $1,995
100 $6,995
250 $16,995
500 $29,995
1,000 $55,995
More than 1,000 Contact sales@puppetlabs.com
Except 30 nodes is going to cost several thousand dollars for the licensing. It'd be cheaper to hire the local neighborhood kid to sit there for an afternoon and do them individually. For that you could buy and image a new set of drives. Would 32-gig USB thumb drives be big enough for your install, allowing you to usb boot the machines? Or perhaps create a custom Live-CD, which has the advantage that you simply reboot the machine if the user dorks it up?
Typo there. I meant to type "And that's exactly what DOESNT happen, resulting in a "brick" and requiring service by Tesla". The battery never gets damaged, but the BMS ends up in a state where it can't get power to itself to supervise charging.
Not having a passport never has prevented you from leaving any particular country.
http://www.dhs.gov/xlibrary/assets/whti_landseafinalrule.pdf
Start on page with with Paragraph I.A.1 which reads "Generally, U.S. citizens must possess a valid U.S. Passport to depart or enter the United States".
since the management system should have gone into a deep shutdown where nothing at all (including the management system) draws from the battery.
That's exactly what happens
When the charger is plugged in, THAT should power the management system and it should reboot without further intervention. In such a deep shutdown, the car should be fine for a lot longer than 3 months.
And that's exactly what does happen, resulting in a "brick" and requiring service by Tesla. The BMS isn't powered by the charger. The classic definition of a brick is the device is rendered unusable and must be returned to the manufacturer for repair.
It's really a catch-22. If the battery cells drop too low, the BMS disconnects the battery to prevent further drain which shuts down the BMS entirely. Plugging in a charger doesn't power the BMS back up. So it's not a matter of just plugging in a charger.
Cisco has a white paper pushing the G.722 codec which is a 16-bit sampling from 150Hz to 7kHz.
http://www.cisco.com/en/US/prod/collateral/voicesw/ps6788/phones/ps379/ps8537/prod_white_paper0900aecd806fa57a.html
Keep in mind, part of the reason for the white paper is that they want to sell their newest 79xx series VOIP phones.
You've got the cause and effect backwards. People only listen to the radio in their cars, and using cheap equipment, because radio sounds pretty crappy to begin with. HD Radio has the potential to reverse both trends (but I don't expect it will).
Don't believe it? Look up how many users Pandora / Last.fm / XM/Sirius / Shoutcast / et al., have. People clearly value a radio-like service, and find the current broadcast radio situation so bad that they go for more expensive alternatives.
But do you see XM/Sirius users upgrading the quality of audio equipment in their cars? I've heard the portable XM/Sirius radios (a few people in my office have them). I can't tell the difference in quality, and now that they have ads I don't see the advantage of a subscription radio service.
"The study, also available in draft form at ArXiv, primarily studied interlocked power grids but could apply to computer networks and interconnected computer systems as well, the authors note. The work could influence thinking on issues such as how to best deal with DDOS (distributed denial-of-service) attacks, which can take down individual servers and nearby routers, causing traffic to be rerouted to nearby networks. Balancing workloads across multiple cloud computing services could be another area where the work would apply."
The study was about the stability of power systems, which is a completely different animal. For power systems, as demonstrated by a few wide spread outages, are at the mercy of the control systems which can over or under react. Computer networks might have some similarities but trying to draw any firm conclusions from this study would be pure speculation.
I would agree though, that at some point you move beyond providing redundant paths to opening up additional areas of exposure and risk.
The crappy speakers and mics in most phones probably has as much effect as the processing and compression. It is true though that the cellphone frequency range does cut off too much of the lower frequencies. A codec that goes to 20k is pointless when there is no speech frequencies that high, and most people can't hear it anyway. The focus should be better lower frequency coverage, improve the dynamic range, and filter background noise.
It's kind like pushing HD radio, when most people listen to their radios in their noisy cars with stock speakers and can't tell the difference.
Actually the iPhone has pretty good audio. The speakerphone and room mic work very well compared to several dumb phones I've had. I still have a dumb flip phone because I don't need anything more than that, and I prefer a smaller flip that fits my head and pocket better..
BTW, what possible reason could you have for doing traceroute with a refresh rate of 1 second?
Your question is really the core issue... The person designing the rules makes the value judgement based on their limited knowledge and as a result things break and people become unhappy because the rule maker turns out to not be as smart as their self image. If you think I'm nitpicking.. the real world is absolutely relentless... Ask the people who wrote mtr why they did it. It is often used to evaluate transient or long term metrics about the network path..per-hop latency, packet loss. I assume it is to keep from having to wait forever to see what is going on and where.
No the network engineers will simply look at the existing traffic patterns to determine what is normal for their network. Really, I have lots of experience in this area, and it's not difficult to spot the outliers from the norm. I'm not saying blindly block every little suspicous thing (in fact, often the best response is to let an active intrusion continue so you can gather more info). I'm talking about flagging and reacting to the obvious. In some cases the appropriate response might be blocking the traffic, for example decent http proxies can block a response from a webpage that has known malicious code for a virus that's current rapidly spreading. Or notify a home user because he's sending out 10,000 emails an hour with the word viagra using 200 different smtp relays. Or maybe a home user is seen communicating with a known trojan command server, and they simply send that user an email that they need to check their system because it's likely compromised. Perhaps with appropriate intel they determine they can safely block the IP/port of the command server entirely for all their users which kills off a large portion of the botnet. In some cases, the action would be drive by a violation of the TOS or a need to block an ongoing problem.
The ISPs need to get more proactive. They continue to sit back and ignore glaring problems like zombies and spammers because they have no financial incentive to do so. The end result is going to be the govt stepping in and establishing inflexible one-size-fits-all requirements that are guaranteed to step on the legitimate fringe cases. You won't be able to call your ISP and tell them that you really do need port 25 open. You won't get told that it's against your TOS, instead you'll get told that all smtp server need to be registered with the FCC before an ISP can legally allow the traffic. Controls at the ISP and network level are inevitable, and I'd much rather the ISPs have their hands on the controls because I can change ISPs if mine becomes overly restrictive. It's a hell of a lot harder to change my govt.
One likely outcome already seen in some ISPs, is the creation of different levels of service based on the type of connectivity you need (that's where the financial incentive comes in). A basic grandma type of connection would have more traffic controls placed on it (eg they can only send smtp through the ISPs relays). If you're hosting services on your home connection, they might expect you to pay for a fixed IP and give you the ability to specify what services you're hosting. That would simplify things for users like you who like to run MTR against web hosting companies so you get rapid notice when something goes down.
I don't host my own website, and neither do many on my customers. I guess it never occurred to you that one reason to port scan is to find out if a hosting company has a clue. I'm one of those funny guys that isn't satisfied with calling customer service and asking hey, do you guys have a clue? and then just accepting their answer.
Yeah, I get the whole trust but verify thing. I realize there are legitimate reasons to port scan a single IP or do things that could be viewed as an attack, such as verifying a firewall config. It's all about defining appropriate thresholds and using them to flag malicious activity. Port scanning whole class B subnets at a time, or your machine running port scans 24x7 would probably be on the wrong side of that threshold. We could spend all day pointing out fringe cases, but 99.9% of an ISPs customers are going to fall within a fairly well defined realm of normal network activity.
It's been my experience when dealing with corporate or hosting companies that if they have unusual open ports or other obvious security issues, it's rare for them to actually give a crap when a customer points this out.
They ARE different when it comes to data. AT&T and T-Mobile don't offer real 4G. Sprint doesn't cap data use or throttle you. Verizon has real 4G and the largest, fastest 3G/4G cellular data network.
Do you pay a lot of attention to what brand of sugar or salt you buy? Probably not - because salt is salt. The same for phone calls and texts.
The reality is that it doesn't matter which company has the bigger network or the biggest hype about 4G. It's the capabilities they can provide in your area. If you're in the boonies, what really matter is whether the cell tower out by you has newer equipment and how well it's connected to the backbone. Don't choose a provide based on ads. Find out how well they perform in your area and go with that.
Instead of nitpicking the numbers I pulled off the top of my head because they might interfere with your particular invented legitimate activity, how about recognizing that outliers in usage patterns often correspond to malicious activity? Maybe 500 pings/minute is a bad example, but certainly that's not the norm for an average customer. How about an ISP noticing that 100 IPs within their address space are sending the exact same http query to a particular website at a very high rate? Surely even you guys would think this might indicate an ongoing DDOS attack that someone should look at. Maybe not block the traffic, but at least record that as an possible indicator for that particular customer .
As for how many IPs/ports for port scanning makes me suspicious - certainly scanning entire subnets looks suspicious. Scanning 100's of ports on a single IP would count as probing and a possible attack. Whether it's a legitimate scan by the website owner is irrelevant with regard to classifying it.
BTW, what possible reason could you have for doing traceroute with a refresh rate of 1 second?
Yeah. That's a great idea! That way, when I do penetration tests on my websites I will just get kicked right off! Thanks for your help, man!
If penetration testing means you have to port scan your web site, then you're not doing it right. You should already know what ports are open if you or your hosting company have any clue. Running dumb tools like Retina, Nessus, etc really don't show you the true vulnerabilities on a website anyway. THey can't show you crappy programming that doesn't validate inputs and leaves you open to sql injection, or permissions issues on files.
I don't want the govt involved in the internet, and they have a crappy track record on dealing with botnets.
If you're port scanning multiple IPs, then you fit the profile of an attacker and need to be looked at. Bulk mail is another issue. It would be reasonable to notify customers that their computers are sending large volumes of email. If the customer isn't aware of it, then they just got a clue that they might be infected. Sending bulk mail, especially not using the ISPs relay, is often against the TOS.
I was talking about inbound as well as outbound. If your ISP sees someone port scanning through their address space looking for open ports, blocking them makes sense. It also makes sense to watch for users inside their space port scanning. It's no different than the cops stopping someone who is walking through the neighborhood checking the doors. Rate limiting stuff like icmp works just fine, as does ingress filtering stuff you shouldn't be seeing. If a connection is spewing 500 pings a minute for 10 minutes, it's pretty unlikely it's for a legitimate reason. Another example if dropping packets which appear to be from bogons. Or noticing clients that appear to be doing syn attacks or the like.
Really, it's not hard to detect computers acting badly.