On one hand you have the motivation. I think war should be the last option on the table, what you turn to when you have desperately exhausted all other options. Not desperate as in fighting for you life, but as in "we still think we are right, you are wrong, and we will have it our way at any cost". Some people, on the other hand, think that war is a powerful political instrument which is part of our culture. Just like the big bully can have his way in the schoolyard, there is nothing immoral about flexing military muscle, and it is only the goodness in the hearts of the superpowers that prevent them from taking the worlds collective lunch money. The latter motivation imposes a higher moral standard on the people fighting the war, because they aren't fighting because of desperation, but out of their free will.
Going past the motivation, there is a similar dichotomy in how you see the act of fighting. Most parties obey basic rules like the Geneva convention, because there is not much to gain from breaking them, and one would lose support from the international community. It's of course entirely voluntary to follow them, what are they going to do if you break them -- go to war? And it has many advantages, like you discussed. Lots of people take this too far, though, and think that war is about bravery and valor. The drone attacks seem "unfair". This is what I object to: war is not fair. And more importantly war is not a game. So I don't know if I'm one of the "war is hell"ers, but I think anyone who makes a calculated decision to go to war, when presented with other options, is a psychopath.
The virus attacks are very different from the drone attacks, and shouldn't be considered in the same context. First of all, you don't have to be a superpower to make fancy worms. The US doesn't even seem to take advantage of the fact that much of the software industry is US-based -- so anyone can get a team of hackers together and do this. It's also much easier to attack New York with viruses than with boats, so this is an equalizer, where drone attacks shows a great power and tech imbalance. Secondly, the attacks were committed against countries who the US is not at war with. There was also collateral damage in allied and neutral countries. The only similarity is that shown in the original submission -- that it causes "bad will". Well, big surprise, you infect others with worms, and people don't like you...
Haven't we had this discussion before? Anyway, a desktop (e.g. 24") screen with 100 DPI can display 8pt text which is readable, but a little pixelated. This is also at the limit at how small text one can comfortably read. So a screen with greater than 100 DPI might be a win for 8pt text, but you can't cram in much more information before it's too small to read. It will be nicer to use, but may not increase productivity that much.
Actually, I was a bit too quick (after being a few days too slow with checking for a reply;).
2. The expiration of state to stop receiving any packets when
finished with a flow solves a set of problems.
This is the main reason I got an IPv6 tunnel. My lame (shared) NAT router drops my SSH connections after about 30 minutes. I wish there was a way to avoid having this state on intermediate routers, as it greatly increases the complexity and the possibility for bugs.
Btw, one neat solution for TCP if we use stateless firewalls would be to have a third party mediate the initial connection setup, and bypass the SYN/SYN ACK bit. Two IPv6 peers would be able to send normal ACK packets back and forth, if the OS allowed one to create such connections without setup. Maybe UDP could be left wide open, or one could use a stateful firewall for that
Hey, cool, facebook now resolves to an IPv6 address by default:)
As for my point, how will regular consumers deal with firewalling? Modern OSes have to have good firewall protection, because people take laptops to all kinds of insecure networks. Stil, I'm not sure it's a good idea to make all devices directly accessible over the internet, it's kind of like begging for a wormpocalypse. On the other hand, we have UPnP for NAT-ed IPv4, allowing applications to specifically request incoming ports. This is crucial for many applications. What should we do for v6 then? (I run without a separate firewall, even for a windows laptop, but this may not be a great idea on a large scale)
So if these things are government "cyberweapons", they are something like a cyber-landmines, with huge collateral damage. This will not go on for long.
It has recently become obvious that spy agencies can get any keys/certificates they need. An obvious way to spread spy software would be to send a poisoned system update, or an update for Adobe, etc. In the end, we have to trust the people who provide software systems, or write everything from scratch (and possibly build the hardware). Is there a usable system that limits the extent to which software creators can take control? Would be nice if there was a system that wasn't constantly tied to an update repository, and the code was reviewed, yet it was still usable.
I'm just a user, but it is a good idea to provide one IPv4 address to each flat. There are many protocols that require or benefit from peer-to-peer connectivity, including Skype, the Xbox and IM-based file transfer. These work with NAT, but they use UPNP, so either you have to provide UPNP port forwarding to all flats at once (a big clusterfuck) or an IP address to each. All those protocols do work around lame NATs by proxying, but this is slower and the applications sometimes indicate this to the user (so they can complain). Some "old-school" VPNs don't work with NAT.
On WiFi, the expectation is different, so you can provide either NATed or firewalled connections for WiFi (assuming you build both WiFi and wired nets).
If you build support for IPv6, you can delegate a subnet to each wired outlet, and use firewalled (drop all incoming, allow all outgoing) for wireless connections.
I would appreciate this setup greatly as a user, but I'm a geek, and "normal" people may not care that much. Still, the examples in the first paragraph are used by many people, so I think it's a fair point. (even better would be multiple public IPs per outlet, but that would just encourage noob users to get a switch instead of a router, which is bad. Windows is probably not ready for the "bare " internet yet)
Good points, unison is probably not the way to go. I just wanted to sneak in a semi-on-topic plug, because I use it all the time (seems there was no need, so many people are suggesting it).
It seems stupid to delete the local copies though. Unless the laptop has an SSD, there will be enough space for all the pictures, and that's the only backup the submitter will have. Sure, he/she can set up timestamped backups at the home server, but there's no way to know for sure that a bug didn't sneak in to the scripts (or that someone robs their home, etc). This goes for cloud services as well, the provider could decide that he/she violates their TOS and close the account, they could have a disaster, or even a lawyer attack like MegaUpload.
rsync makes no sense to me, because of the requirement that file deletions on the mobile device should not be repeated remotely, which is exactly what rsync normally does.
It doesn't delete files unless you specify --delete
unison is really cool, it's two-way sync, so it's better than rsync when you make changes on both copies. There are no limitations of file size or transfer rate, of course. And it can use SSH for security. As for the negatives, it gets messy if you sync more than three copies, and (relevant to the OP) it seems to crap.unisonXXX files over the filesystem if the sync gets aborted. Maybe I'm doing something wrong there though.
Cash is like the paper ballot -- it has some advantages that are very difficult to replicate with high tech. The advantages are in fact due to the simplicity and inefficiency of the system. The good thing is that with money, people can individually make the decision about when to switch
This is news to me. I'm not saying it's false, but I haven't seen any actions from China's government to indicate this. There are stories about hacking, and now about hardware corruption, but the details are so vague that it's hard to know what to believe. An the other hand, there is a flourishing and growing commerce between China and western countries. China is of course quite totalitarian, which is contrary to western values, but that's a political and not a diplomatic stance.
I can forgive the optical drive, but no ethernet? that's assinine.. not everyone uses wireless, for security and performance reasons.
A couple of unrelated comments,
Plain Ethernet is arguably less secure thant WPA (if we ignore the recent problems with the WiFi Quick Setup buttons, which shouldn't be used in any serious setup). It's easy to tap an Ethernet wire, and it can even be read at a distances using a big antenna - not quite Van Eck phreaking, but I can't think of the name. Of course, there are encryption protocols for Ethernet, my favourite is to use transport mode IPSEC, which admittedly is not specific to Ethernet , and it doesn't offer security in as many ways as WPA
Performance alone is a great reason to go with Ethernet, and it is also more stable (you could say it's more secure against jamming)
Dongles are a huge pain! I always forget to carry one, especially when I don't anticipate that I need one. My Thinkpad has a D-SUB out, and I use it much more than the DisplayPort, because I never remember to bring the DisplayPort->DVI adapter, or DisplayPort->HDMI, etc. This is also the reason why I see Mini-DisplayPort-> DSUB adapter scattered everywhere - the Mac users aren't happy about carrying dongles either.
The OP was asking for meta-recommendations, not recommendations. If lots of people treat this as a recommendation for how to shop, i.e., "how do I find the best $X?" "Get a $BRAND", then we'll have a marketplace like the fashion industry, where manufacturers are better off appealing to human weaknesses rather than producing superior products.The first generations of $BRAND will be popular because they are a better product - then they will be popular because they are made by $BRAND. Apple are probably still competitive on their own merits and I don't dispute that it's a good choice. Your recommendation may also be seen as "limit yourself to an arbitrary subset of the products to make the decision easier ". This may indeed be a good idea.
It makes a huge difference to go beyond 100 Mbit, but many systems can't handle a full gigabit. Also, many servers can serve exactly one client at 1 Gbit. I wish 10 Gig became more common and cheap, so most servers could use it. With a single SSD you could serve a few clients at gigabit speeds.
What are they going to use it for, pron & torrents?
Sometimes it's very convenient to have a fast connection for research purposes. I'm a physics student, and if I need to analyse some data at home, I have the choice between downloading a data file (anywhere from 100 kB to 40 GB) and processing it locally or using some kind of remote desktop, e.g. networked X11. Having a fast connection would mean that I don't have to do something else while waiting for it to download / display.
That said, for my first year I did live in university accommodation, and the connection was very fast. The problem was that they had some lame traffic shaping / blocking system that for example blocked me from accessing my home directory (AFS). So this could be a great help to students, but they should keep blocking to a minimum to avoid interfering with research.
It's good that citizens complain about injustice and evil abroad, even though their own government is also injust and commits evil actions. Sure, US as a country doesn't have the moral high ground by more than a few inches, but it's better than to shut up.
We can just look at the music industry to see how well that works, and it seems to work OK. I buy music downloads, but I don't buy video because it's all DRMed (I currently get all my video by recording free over-the-air channels in MythTV, so it's legal, but I used to pirate a good amount of TV shows and video).
Slashdot Mirror
On one hand you have the motivation. I think war should be the last option on the table, what you turn to when you have desperately exhausted all other options. Not desperate as in fighting for you life, but as in "we still think we are right, you are wrong, and we will have it our way at any cost". Some people, on the other hand, think that war is a powerful political instrument which is part of our culture. Just like the big bully can have his way in the schoolyard, there is nothing immoral about flexing military muscle, and it is only the goodness in the hearts of the superpowers that prevent them from taking the worlds collective lunch money. The latter motivation imposes a higher moral standard on the people fighting the war, because they aren't fighting because of desperation, but out of their free will.
Going past the motivation, there is a similar dichotomy in how you see the act of fighting. Most parties obey basic rules like the Geneva convention, because there is not much to gain from breaking them, and one would lose support from the international community. It's of course entirely voluntary to follow them, what are they going to do if you break them -- go to war? And it has many advantages, like you discussed. Lots of people take this too far, though, and think that war is about bravery and valor. The drone attacks seem "unfair". This is what I object to: war is not fair. And more importantly war is not a game. So I don't know if I'm one of the "war is hell"ers, but I think anyone who makes a calculated decision to go to war, when presented with other options, is a psychopath.
The virus attacks are very different from the drone attacks, and shouldn't be considered in the same context. First of all, you don't have to be a superpower to make fancy worms. The US doesn't even seem to take advantage of the fact that much of the software industry is US-based -- so anyone can get a team of hackers together and do this. It's also much easier to attack New York with viruses than with boats, so this is an equalizer, where drone attacks shows a great power and tech imbalance. Secondly, the attacks were committed against countries who the US is not at war with. There was also collateral damage in allied and neutral countries. The only similarity is that shown in the original submission -- that it causes "bad will". Well, big surprise, you infect others with worms, and people don't like you...
Not just Iran, Obama attacked lots of countries with Stuxnet. Even US itself.
Haven't we had this discussion before? Anyway, a desktop (e.g. 24") screen with 100 DPI can display 8pt text which is readable, but a little pixelated. This is also at the limit at how small text one can comfortably read. So a screen with greater than 100 DPI might be a win for 8pt text, but you can't cram in much more information before it's too small to read. It will be nicer to use, but may not increase productivity that much.
2. The expiration of state to stop receiving any packets when finished with a flow solves a set of problems.
This is the main reason I got an IPv6 tunnel. My lame (shared) NAT router drops my SSH connections after about 30 minutes. I wish there was a way to avoid having this state on intermediate routers, as it greatly increases the complexity and the possibility for bugs.
Thanks for clearing that up for me !
Btw, one neat solution for TCP if we use stateless firewalls would be to have a third party mediate the initial connection setup, and bypass the SYN/SYN ACK bit. Two IPv6 peers would be able to send normal ACK packets back and forth, if the OS allowed one to create such connections without setup. Maybe UDP could be left wide open, or one could use a stateful firewall for that
Hey, cool, facebook now resolves to an IPv6 address by default :)
As for my point, how will regular consumers deal with firewalling? Modern OSes have to have good firewall protection, because people take laptops to all kinds of insecure networks. Stil, I'm not sure it's a good idea to make all devices directly accessible over the internet, it's kind of like begging for a wormpocalypse. On the other hand, we have UPnP for NAT-ed IPv4, allowing applications to specifically request incoming ports. This is crucial for many applications. What should we do for v6 then? (I run without a separate firewall, even for a windows laptop, but this may not be a great idea on a large scale)
So if these things are government "cyberweapons", they are something like a cyber-landmines, with huge collateral damage. This will not go on for long.
It has recently become obvious that spy agencies can get any keys/certificates they need. An obvious way to spread spy software would be to send a poisoned system update, or an update for Adobe, etc. In the end, we have to trust the people who provide software systems, or write everything from scratch (and possibly build the hardware). Is there a usable system that limits the extent to which software creators can take control? Would be nice if there was a system that wasn't constantly tied to an update repository, and the code was reviewed, yet it was still usable.
I'm just a user, but it is a good idea to provide one IPv4 address to each flat. There are many protocols that require or benefit from peer-to-peer connectivity, including Skype, the Xbox and IM-based file transfer. These work with NAT, but they use UPNP, so either you have to provide UPNP port forwarding to all flats at once (a big clusterfuck) or an IP address to each. All those protocols do work around lame NATs by proxying, but this is slower and the applications sometimes indicate this to the user (so they can complain). Some "old-school" VPNs don't work with NAT.
On WiFi, the expectation is different, so you can provide either NATed or firewalled connections for WiFi (assuming you build both WiFi and wired nets).
If you build support for IPv6, you can delegate a subnet to each wired outlet, and use firewalled (drop all incoming, allow all outgoing) for wireless connections.
I would appreciate this setup greatly as a user, but I'm a geek, and "normal" people may not care that much. Still, the examples in the first paragraph are used by many people, so I think it's a fair point. (even better would be multiple public IPs per outlet, but that would just encourage noob users to get a switch instead of a router, which is bad. Windows is probably not ready for the "bare " internet yet)
Good points, unison is probably not the way to go. I just wanted to sneak in a semi-on-topic plug, because I use it all the time (seems there was no need, so many people are suggesting it).
It seems stupid to delete the local copies though. Unless the laptop has an SSD, there will be enough space for all the pictures, and that's the only backup the submitter will have. Sure, he/she can set up timestamped backups at the home server, but there's no way to know for sure that a bug didn't sneak in to the scripts (or that someone robs their home, etc). This goes for cloud services as well, the provider could decide that he/she violates their TOS and close the account, they could have a disaster, or even a lawyer attack like MegaUpload.
rsync makes no sense to me, because of the requirement that file deletions on the mobile device should not be repeated remotely, which is exactly what rsync normally does.
It doesn't delete files unless you specify --delete
unison is really cool, it's two-way sync, so it's better than rsync when you make changes on both copies. There are no limitations of file size or transfer rate, of course. And it can use SSH for security. As for the negatives, it gets messy if you sync more than three copies, and (relevant to the OP) it seems to crap .unisonXXX files over the filesystem if the sync gets aborted. Maybe I'm doing something wrong there though.
Electricity can be more than 100 % efficient if you use a heat pump ( http://en.wikipedia.org/wiki/Heat_pump ).
Cash is like the paper ballot -- it has some advantages that are very difficult to replicate with high tech. The advantages are in fact due to the simplicity and inefficiency of the system. The good thing is that with money, people can individually make the decision about when to switch
Chinese leaders are in a cold war with the west.
This is news to me. I'm not saying it's false, but I haven't seen any actions from China's government to indicate this. There are stories about hacking, and now about hardware corruption, but the details are so vague that it's hard to know what to believe. An the other hand, there is a flourishing and growing commerce between China and western countries. China is of course quite totalitarian, which is contrary to western values, but that's a political and not a diplomatic stance.
I can forgive the optical drive, but no ethernet? that's assinine.. not everyone uses wireless, for security and performance reasons.
A couple of unrelated comments,
Plain Ethernet is arguably less secure thant WPA (if we ignore the recent problems with the WiFi Quick Setup buttons, which shouldn't be used in any serious setup). It's easy to tap an Ethernet wire, and it can even be read at a distances using a big antenna - not quite Van Eck phreaking, but I can't think of the name. Of course, there are encryption protocols for Ethernet, my favourite is to use transport mode IPSEC, which admittedly is not specific to Ethernet , and it doesn't offer security in as many ways as WPA
Performance alone is a great reason to go with Ethernet, and it is also more stable (you could say it's more secure against jamming)
Dongles are a huge pain! I always forget to carry one, especially when I don't anticipate that I need one. My Thinkpad has a D-SUB out, and I use it much more than the DisplayPort, because I never remember to bring the DisplayPort->DVI adapter, or DisplayPort->HDMI, etc. This is also the reason why I see Mini-DisplayPort-> DSUB adapter scattered everywhere - the Mac users aren't happy about carrying dongles either.
The OP was asking for meta-recommendations, not recommendations. If lots of people treat this as a recommendation for how to shop, i.e., "how do I find the best $X?" "Get a $BRAND", then we'll have a marketplace like the fashion industry, where manufacturers are better off appealing to human weaknesses rather than producing superior products.The first generations of $BRAND will be popular because they are a better product - then they will be popular because they are made by $BRAND. Apple are probably still competitive on their own merits and I don't dispute that it's a good choice. Your recommendation may also be seen as "limit yourself to an arbitrary subset of the products to make the decision easier ". This may indeed be a good idea.
But some details are in there most don't care about (i5 vs i5 where you have to look up processor codes to see what the differences are).
Well they should. For example, not all i5s have the AES instructions, so there is a real difference in capability
It makes a huge difference to go beyond 100 Mbit, but many systems can't handle a full gigabit. Also, many servers can serve exactly one client at 1 Gbit. I wish 10 Gig became more common and cheap, so most servers could use it. With a single SSD you could serve a few clients at gigabit speeds.
What are they going to use it for, pron & torrents?
Sometimes it's very convenient to have a fast connection for research purposes. I'm a physics student, and if I need to analyse some data at home, I have the choice between downloading a data file (anywhere from 100 kB to 40 GB) and processing it locally or using some kind of remote desktop, e.g. networked X11. Having a fast connection would mean that I don't have to do something else while waiting for it to download / display.
That said, for my first year I did live in university accommodation, and the connection was very fast. The problem was that they had some lame traffic shaping / blocking system that for example blocked me from accessing my home directory (AFS). So this could be a great help to students, but they should keep blocking to a minimum to avoid interfering with research.
Though I am left wondering what the five letter swear word that starts with 'f' is.
The askterisk matches any number of chars, so the last three asterisks are redundant, and this could be anything from 'fine' to 'fucktastic'
people pay a lot of money for portability. it's not an unreasonable request to have the keypad integrated.
It's good that citizens complain about injustice and evil abroad, even though their own government is also injust and commits evil actions. Sure, US as a country doesn't have the moral high ground by more than a few inches, but it's better than to shut up.
We can just look at the music industry to see how well that works, and it seems to work OK. I buy music downloads, but I don't buy video because it's all DRMed (I currently get all my video by recording free over-the-air channels in MythTV, so it's legal, but I used to pirate a good amount of TV shows and video).