Yes the technology can do fairly high speeds. Yes the technology can work over fairly long lines
No it CAN'T do both at the same time. Replacing ADSL2 with VDSL2 without changing anythign else is likely to result in only a marginal imrpovement for most people. Those with the worst service now are likely to see no improvement at all.
The only way to significantly increase speeds over copper lines is to significantly reduce their length by replacing parts of the copper network with fiber. This leaves a couple of difficult questions for telcos
1: how to decide how far to go. Do they go to the cabinets located every few streets? do they go to the distribution points located up every pole? 2: is the cost of building all that active outdoor infrastructure really worth it or does it make more sense to go stright to fiber to the home (which is more expensive but also far more future proof)
If you control the end devices then you can MITM without the users really noticing it. If you don't control the end devices then the users will either get security warnings or have to install your certificate. Either way they will become aware of your MITM setup, will get annoyed and may start asking awkward questions.
If you have sufficient organisational power you may be able to force the users to suck it up but it will certainly be a hinderance.
Just to let you know the services virgin media advertise as "fiber optic" aren't fiber to the home, they are fiber to the cabinet and then cable TV coax from cabinet to home.
I left them because of their crappy upload speeds, afaict the max upload you can get on a new virgin media cable service is 5mbps whereas openreach fiber to the cabinet service offers 20mbps upload.
It's not really about ISPs it's about end user communications providers who may or may not be vertically integrated with ISPs.
They have massive but old networks which are creaking at the seams with current traffic levels. Giving everyone 100 mbps symetric unmetered (heck may as well do gigabit while you are at it) would mean pretty much rebuilding those networks from scratch. Rebuilding a large network from scratch is always going to be expensive.
New upstarts can sometimes make a difference but a combination of regulatory hurdles and the natural economics of the situation mean they are unlikely to have much impact outside of small areas.
Is it not enough for CA's to _stop_ issuing new certificates under SHA-1, as only new certificates would be the potential source of collision attacks?
Unfortunately SSL certificates have become a lowest bidder shithole market. In this environment ensuring that no CA continues to issue SHA-1 certs is impractical.
Rejecting certs based on issue date doesn't directly solve the problem either because the "legit" and "fake" certs in the collision attack can have different issue and expiry dates. What it does do is strongly discourage CAs from issuing SHA-1 certs which has two positive affects
1: it reduces (but does not eliminate) the risk that the attacker will find a cert issuing service that is vulnerable to SHA-1 collision attacks. 2: it prepares for the eventual complete dropping of SHA-1 support.
Is there any security gain whatsoever in upgrading any individual site from SHA-1 to SHA-2?
Not directly. It is very unlikely that the legitimate certificate for a given site and the fake one obtained by an attacker will have any cryptographic relationship to each other.
I used casios all through school, colllage and universify and I don't think I ever killed one. Here in the UK they seem to be the dominant brand the TI dominance seems to be an american thing.
But this begs the question why anyone needs a graphics calculator in the first place.
I much preffered them because of the large display that lets you check what you are entering without having to do everything twice and lets you see the last few calculations you did so you dont' lose your place.
Even the maths students at my uni were told they really shouldn't bother....
What calculators did they allow in exams?
My approach was that i'll use the best calculator that they will let me have in the exams. If they won't let you take a graphic calculator into exams then using one while practicing seems like setting yourself up to fail. If they do let you use a graphic calculator in exams may as well get one and use it so that you take maximum advantage come exam time.
I remember using calculators like that in the early stages of being at school. They were a PITA to use because you couldn't see what you had typed and couldn't back up so the only way to check for mistakes was to run the whole calculation twice but at the time I didn't know anything better.
Then I got a casio "power graphic" which had a big display that could display everything you were doing. I found the big multiline text display far more important than the graphing features (which I found a fun toy but little more)
In exams where graphic calculators aren't allowed i've used casio "s-vpam" calculators. They are better than the old style calculators but nowhere near as nice to use as the graphic calculators.
Pretty much all the scientific and graphic calculators i've used have been casio across multiple schools and collages. I guess the TI fascisination is an american thing.
A spill is a write to memory, there is nothing special about the instructions used that indicates to the processor it is only temporary. That means at the very least the processor needs to check the cache policy of the target location before it eliminates it.
AIUI much of the performance gains from going to x86-64 were attributed to the extra registers AMD added. These gains were even significant enough that someone put the effort into designing an ABI that uses 32-bit pointers but runs the CPU in 64-bit mode.
The downside of having few registers in the ISA is it means the compiler may have to choose instruction ordering based on register availability or worse still "spill" registers to memory to fit the code to the available registers.
The only way you'd get that kind of expansion is using quoted-printable in a case where it's totally inappropriate. If your mail client is doing that you really need to file a bug.
He didn't say what those ISPs were buying from AT&T you assumed it was bandwidth to "the internet", I think it's more likely that what they were buying was bandwidth to "the end user".
Sure theres lots of competition if what you want is transit bandwidth from a major datacenter in a major city to the internet. Not so much if what you want is bandwith from that same major datacenter to your customer out in the burbs.
Finally some insight. 150GB is trivial for a "modern" family, and would easily be dwarfed if comcast billed their "cable" as "data."
Cable is for the most part a broadcast system though.
The real problem is that we need internet access provided and regulated as a utility. No, i don't much relish the thought of paying per-(prefix)byte, but I'd rather have an enforced system where everyone pays a rate that reflects what the service actually costs than the current hideously broken regime.
You'd have to be pretty careful how the system was set up through. In particular the definition of "what the service actually costs"
The real cost in providing internet access is replacing infrastructure. When you build new infrastructure you (if you have any sense) build it with ample bandwidth but gradually the bandwidth becomes less and less ample. Most people still get their internet through infrastructure that was really designed for phone calls or broadcast TV and has had patchwork upgrades.
The people at the telcos/cablecos look at the cost of the forklift upgrades to handle the growing traffic and get sticker shock. Then they look at the usage patterns and find that households like your ""modern" family" are the exception not the rule (and I fully admit that i'm probablly part of said exception). Then they put in place measures so that those households either reduce their usage or pay more.
I fear with a "cost based" model the utilities would be prone to keep running old (and expensive per-(prefix)byte) infrastructure to an even greater extent than they do today. Why install more modern (and cheaper per-(prefix)byte) infrastructure when it just means you get to charge less for the same data.
On the other hand postal services and couriours can and do charge you for the complete weight of your package including packaging and they will almost certainly refuse to ship your package if you don't package it to something at least approximating their standards.
That's the hard bit. If you block the phone from all networks in your home country the theives will just export it. Theives have also found ways to change the identity of at least some models of phone.
Good luck getting the whole world to block your stolen phones.
The problem is to those not skilled in the art (whatever the "art" in question is) it's very hard to tell the reputable sources from the BS. Furtheremore the sources that are most likely to be reputable are often locked up behind paywalls.
Wikipedia ends up with a set of rules that heavilly favour the mainstream media. Unfortunately the mainstream media is poor on the fact checking and heavilly biased towards certain subject areas.
You also have multiple competing power structures none of which seem very democratic to me.
You have the "community driven" processes on the individual wikis which afaict are largely driven by who is prepared to put the most time into them and who is already a wiki admin or at least has friends among them.
Then you have the wikimedia foundation which is led by a board of trustees. There is some voting involved but less than half the board is directly elected. Below them you have various staff which are even further removed from community input.
It used to be that you clicked on an image and were taken to the image description page with lots of information about the image, access to full resoloution versions etc.
Now when you click on an image some javascript media viewer pops up with very little information on the image, if the javascript is working correctly then this adds an extra click to the route to the image description page. The first time you see this it's not entirely obvious how to get to the image description page. I'm sure i've also seen cases where the javascript didn't work properly.
The local admins on some high profile wikipedia projects tried to disable this media viewer. So the wikimedia foundation added a new feature ("superprotection") to the software to take control of whether the media viewer was enabled (and many other things) away from the local admins.
Also, you should know that a 89/90 impact is 2.01 times as hard as a 44/45 impact. Twice the speed is four times the kinetic energy.
Assuming the two cars are moving in the same direction the impact itself and the energy it dissapates is the same.
For example lets take the simple case, e.g. assume the collision is inelastic and the vehicles weigh 1 unit of mass each each.
89/90: kenetic energy before impact 89^2 +90^2 = 16021 kenetic energy after impact 89.5^2 + 89.5^2 = 16020.5 difference in kenetic energy = 0.5
44/45 kenetic energy before impact 44^2 + 45^2 = 3961 kenetic energy after impact 44.5^2 + 44.5^2 = 3960.5 difference in kenetic energy 0.5
Slight differences in direction will cause an increase in energy dissipated at higher speeds because the relative velocity will be slightly higher but it won't be "twice as hard".
Now, unless you arrange for your outbound email to arrive from a server operated by a large email provider, your deliverability is probably low.
You have to make sure your mail is delivered from something that looks like a server (e.g. not on lists of known dynamic IP blocks, has proper reverse dns) but you don't have to use a "large email provider".
Been running my own email for years with few problems.
No, SMS is the common denominator. Not every phone has email, but they all have SMS. (Change of perspective, the computer is no longer the preferred medium of communication.)
In office jobs the chances are everyone will have a work computer which they spend a large portion of the time sitting in front of but only a subset will have a work mobile* and most people probablly aren't going to want to give their personal mobile number out to all their collegues
And while a phone has the advantage of portability there is no way that it's a preferable device to a computer for viewing and entering large numbers of messages
And then there are the techical limitations, a sms is only 160 characters. Yes modern phones can chain messages but that drives up the cost and can only carry plain text.
For people who don't work in an office it is of course a different matter.
* Yes I know some landline phones support SMS but afaict it's the exception not the rule.
The arm based (non-pro) surface models have a permanently locked bootloader. The x86 based (pro) surface models have a regular secure boot setup (locked by default but can be unlocked by the user).
To clarify I fully understand why startSSL do this, they are a buisness and they need to make money and they are certainly the best value widely recognised CA I have found.
I just don't think using startSSLs limited free certs as a rebuttal to claims that SSL increases costs for website operators is reasonable. Either you pay to get the wildcard certs or you pay to get extra IPv4 addresses or some combination of the two.
Slashdot Mirror
"supposedly"
Yes the technology can do fairly high speeds.
Yes the technology can work over fairly long lines
No it CAN'T do both at the same time. Replacing ADSL2 with VDSL2 without changing anythign else is likely to result in only a marginal imrpovement for most people. Those with the worst service now are likely to see no improvement at all.
The only way to significantly increase speeds over copper lines is to significantly reduce their length by replacing parts of the copper network with fiber. This leaves a couple of difficult questions for telcos
1: how to decide how far to go. Do they go to the cabinets located every few streets? do they go to the distribution points located up every pole?
2: is the cost of building all that active outdoor infrastructure really worth it or does it make more sense to go stright to fiber to the home (which is more expensive but also far more future proof)
If you control the end devices then you can MITM without the users really noticing it. If you don't control the end devices then the users will either get security warnings or have to install your certificate. Either way they will become aware of your MITM setup, will get annoyed and may start asking awkward questions.
If you have sufficient organisational power you may be able to force the users to suck it up but it will certainly be a hinderance.
Just to let you know the services virgin media advertise as "fiber optic" aren't fiber to the home, they are fiber to the cabinet and then cable TV coax from cabinet to home.
I left them because of their crappy upload speeds, afaict the max upload you can get on a new virgin media cable service is 5mbps whereas openreach fiber to the cabinet service offers 20mbps upload.
It's not really about ISPs it's about end user communications providers who may or may not be vertically integrated with ISPs.
They have massive but old networks which are creaking at the seams with current traffic levels. Giving everyone 100 mbps symetric unmetered (heck may as well do gigabit while you are at it) would mean pretty much rebuilding those networks from scratch. Rebuilding a large network from scratch is always going to be expensive.
New upstarts can sometimes make a difference but a combination of regulatory hurdles and the natural economics of the situation mean they are unlikely to have much impact outside of small areas.
Compression algotihms and the hardware to run them on have improved massively in the last 20 years.
Is it not enough for CA's to _stop_ issuing new certificates under SHA-1, as only new certificates would be the potential source of collision attacks?
Unfortunately SSL certificates have become a lowest bidder shithole market. In this environment ensuring that no CA continues to issue SHA-1 certs is impractical.
Rejecting certs based on issue date doesn't directly solve the problem either because the "legit" and "fake" certs in the collision attack can have different issue and expiry dates. What it does do is strongly discourage CAs from issuing SHA-1 certs which has two positive affects
1: it reduces (but does not eliminate) the risk that the attacker will find a cert issuing service that is vulnerable to SHA-1 collision attacks.
2: it prepares for the eventual complete dropping of SHA-1 support.
Is there any security gain whatsoever in upgrading any individual site from SHA-1 to SHA-2?
Not directly. It is very unlikely that the legitimate certificate for a given site and the fake one obtained by an attacker will have any cryptographic relationship to each other.
I thought chrome moved away from using the windows SSL support some time ago to allow it to support SNI on XP.
I used casios all through school, colllage and universify and I don't think I ever killed one. Here in the UK they seem to be the dominant brand the TI dominance seems to be an american thing.
But this begs the question why anyone needs a graphics calculator in the first place.
I much preffered them because of the large display that lets you check what you are entering without having to do everything twice and lets you see the last few calculations you did so you dont' lose your place.
Even the maths students at my uni were told they really shouldn't bother....
What calculators did they allow in exams?
My approach was that i'll use the best calculator that they will let me have in the exams. If they won't let you take a graphic calculator into exams then using one while practicing seems like setting yourself up to fail. If they do let you use a graphic calculator in exams may as well get one and use it so that you take maximum advantage come exam time.
Has your daughter tried anything more modern?
I remember using calculators like that in the early stages of being at school. They were a PITA to use because you couldn't see what you had typed and couldn't back up so the only way to check for mistakes was to run the whole calculation twice but at the time I didn't know anything better.
Then I got a casio "power graphic" which had a big display that could display everything you were doing. I found the big multiline text display far more important than the graphing features (which I found a fun toy but little more)
In exams where graphic calculators aren't allowed i've used casio "s-vpam" calculators. They are better than the old style calculators but nowhere near as nice to use as the graphic calculators.
Pretty much all the scientific and graphic calculators i've used have been casio across multiple schools and collages. I guess the TI fascisination is an american thing.
A spill is a write to memory, there is nothing special about the instructions used that indicates to the processor it is only temporary. That means at the very least the processor needs to check the cache policy of the target location before it eliminates it.
AIUI much of the performance gains from going to x86-64 were attributed to the extra registers AMD added. These gains were even significant enough that someone put the effort into designing an ABI that uses 32-bit pointers but runs the CPU in 64-bit mode.
The downside of having few registers in the ISA is it means the compiler may have to choose instruction ordering based on register availability or worse still "spill" registers to memory to fit the code to the available registers.
x3 for the encoding
The only way you'd get that kind of expansion is using quoted-printable in a case where it's totally inappropriate. If your mail client is doing that you really need to file a bug.
He didn't say what those ISPs were buying from AT&T you assumed it was bandwidth to "the internet", I think it's more likely that what they were buying was bandwidth to "the end user".
Sure theres lots of competition if what you want is transit bandwidth from a major datacenter in a major city to the internet. Not so much if what you want is bandwith from that same major datacenter to your customer out in the burbs.
Finally some insight. 150GB is trivial for a "modern" family, and would easily be dwarfed if comcast billed their "cable" as "data."
Cable is for the most part a broadcast system though.
The real problem is that we need internet access provided and regulated as a utility. No, i don't much relish the thought of paying per-(prefix)byte, but I'd rather have an enforced system where everyone pays a rate that reflects what the service actually costs than the current hideously broken regime.
You'd have to be pretty careful how the system was set up through. In particular the definition of "what the service actually costs"
The real cost in providing internet access is replacing infrastructure. When you build new infrastructure you (if you have any sense) build it with ample bandwidth but gradually the bandwidth becomes less and less ample. Most people still get their internet through infrastructure that was really designed for phone calls or broadcast TV and has had patchwork upgrades.
The people at the telcos/cablecos look at the cost of the forklift upgrades to handle the growing traffic and get sticker shock. Then they look at the usage patterns and find that households like your ""modern" family" are the exception not the rule (and I fully admit that i'm probablly part of said exception). Then they put in place measures so that those households either reduce their usage or pay more.
I fear with a "cost based" model the utilities would be prone to keep running old (and expensive per-(prefix)byte) infrastructure to an even greater extent than they do today. Why install more modern (and cheaper per-(prefix)byte) infrastructure when it just means you get to charge less for the same data.
On the other hand postal services and couriours can and do charge you for the complete weight of your package including packaging and they will almost certainly refuse to ship your package if you don't package it to something at least approximating their standards.
and everyone else
That's the hard bit. If you block the phone from all networks in your home country the theives will just export it. Theives have also found ways to change the identity of at least some models of phone.
Good luck getting the whole world to block your stolen phones.
The problem is to those not skilled in the art (whatever the "art" in question is) it's very hard to tell the reputable sources from the BS. Furtheremore the sources that are most likely to be reputable are often locked up behind paywalls.
Wikipedia ends up with a set of rules that heavilly favour the mainstream media. Unfortunately the mainstream media is poor on the fact checking and heavilly biased towards certain subject areas.
You also have multiple competing power structures none of which seem very democratic to me.
You have the "community driven" processes on the individual wikis which afaict are largely driven by who is prepared to put the most time into them and who is already a wiki admin or at least has friends among them.
Then you have the wikimedia foundation which is led by a board of trustees. There is some voting involved but less than half the board is directly elected. Below them you have various staff which are even further removed from community input.
It used to be that you clicked on an image and were taken to the image description page with lots of information about the image, access to full resoloution versions etc.
Now when you click on an image some javascript media viewer pops up with very little information on the image, if the javascript is working correctly then this adds an extra click to the route to the image description page. The first time you see this it's not entirely obvious how to get to the image description page. I'm sure i've also seen cases where the javascript didn't work properly.
The local admins on some high profile wikipedia projects tried to disable this media viewer. So the wikimedia foundation added a new feature ("superprotection") to the software to take control of whether the media viewer was enabled (and many other things) away from the local admins.
Also, you should know that a 89/90 impact is 2.01 times as hard as a 44/45 impact. Twice the speed is four times the kinetic energy.
Assuming the two cars are moving in the same direction the impact itself and the energy it dissapates is the same.
For example lets take the simple case, e.g. assume the collision is inelastic and the vehicles weigh 1 unit of mass each each.
89/90:
kenetic energy before impact 89^2 +90^2 = 16021
kenetic energy after impact 89.5^2 + 89.5^2 = 16020.5
difference in kenetic energy = 0.5
44/45
kenetic energy before impact 44^2 + 45^2 = 3961
kenetic energy after impact 44.5^2 + 44.5^2 = 3960.5
difference in kenetic energy 0.5
Slight differences in direction will cause an increase in energy dissipated at higher speeds because the relative velocity will be slightly higher but it won't be "twice as hard".
Now, unless you arrange for your outbound email to arrive from a server operated by a large email provider, your deliverability is probably low.
You have to make sure your mail is delivered from something that looks like a server (e.g. not on lists of known dynamic IP blocks, has proper reverse dns) but you don't have to use a "large email provider".
Been running my own email for years with few problems.
No, SMS is the common denominator. Not every phone has email, but they all have SMS. (Change of perspective, the computer is no longer the preferred medium of communication.)
In office jobs the chances are everyone will have a work computer which they spend a large portion of the time sitting in front of but only a subset will have a work mobile* and most people probablly aren't going to want to give their personal mobile number out to all their collegues
And while a phone has the advantage of portability there is no way that it's a preferable device to a computer for viewing and entering large numbers of messages
And then there are the techical limitations, a sms is only 160 characters. Yes modern phones can chain messages but that drives up the cost and can only carry plain text.
For people who don't work in an office it is of course a different matter.
* Yes I know some landline phones support SMS but afaict it's the exception not the rule.
The arm based (non-pro) surface models have a permanently locked bootloader. The x86 based (pro) surface models have a regular secure boot setup (locked by default but can be unlocked by the user).
To clarify I fully understand why startSSL do this, they are a buisness and they need to make money and they are certainly the best value widely recognised CA I have found.
I just don't think using startSSLs limited free certs as a rebuttal to claims that SSL increases costs for website operators is reasonable. Either you pay to get the wildcard certs or you pay to get extra IPv4 addresses or some combination of the two.