It still isn't clear to me, or apparently most people, what falsifiable hypotheses they're testing with their "millions [on] experiments". And I've read the link....
And no, throwing doubt onto certain parts of evolutionary theory does not automatically mean all of evolution is wrong and therefore creationism is correct. That's just retarded.
Without wishing to get dragged into an argument about why people pirate, I think it's obvious that there are three types of people who pirate - those who can afford the product and would have otherwise bought it, those who can afford it and wouldn't have otherwise bought the product, and those who can't afford it.
For the $1 iPhone app, the people the developer is concerned with are those who can afford the $1 and would have bought it if piracy wasn't an option for them. I'm arguing that, in this specific case, that particular group of users is vanishingly small and irrelevant.
Which is better for the seller? One sale from the only guy who can afford / wants the app, or one sale from that guy + 1 million pirated versions from people who either can't afford it or just having it because it's free on piracy? Either way, he makes the same amount of money.
It's worth pointing out the difference between someone throwing it on a torrent site and having a significant number of people downloading it. If I make an app and sell it for $1, sure, someone will probably stick it on the piratebay. But I'd argue that the percentage of the overall usebase that will pirate it from that rather than pay $1 to have it installed easily will be quite low.
Don't think it alters your overall point, but I just wanted to make the point that there's a difference between mass-piracy (which may well be because your original product is too expensive) and one bored guy taking something and sticking it on a torrent site.
Exactly. This hits the point. Information security guys don't need authority, because they shouldn't have any responsibility over the business. The business should be asking infosec for help on how to secure their systems, and the infosec guys should tell them the risks of implementing / not implementing controls.
If the business has a system that gets hacked because they chose not to implement a good password policy, despite being aware of the risk, then that's their own damn fault, not infosec's.
Nothing wrong with passwords for authentication. Depends entirely on what you're trying to achieve with authentication on whether having only passwords is a good choice.
How will a single "deny all" rule be complex? You want to run a webserver, open the port for that ip address. You want a mailserver too? open port 25 for that ip address. I don't understand how that's complex?
Wouldn't that router just need to be replaced by a firewall if everything had a globally valid IP?
Yes. That's the point. Right tool for the job and all that.
People are still not getting it. The reason to switch to ipv6 isn't for residential users, it's because it makes life a lot easier when youre connecting seriously large networks together. The company I work for just merged with another large problems, and we have massive problems with networks with overlapping RFC1918 networks. Cue clusterfuck of NATs everywhere. This is the problem that ipv6 solves.
Oh, I know that individual users have problems now. But that's not the same sort of scale of problem of a large company requesting a new IP block from their ISP and being told 'no'. That sort of problem tends to get things moving.
It's not about the short-term advantage because there is no short-term advantage. However, it's going to take a long time to do. Therefore, you start to think about doing it 10 years before it all goes tits-up.
We don't have a problem *now*. IPv4 is working great at the moment. However, we (people) are incredibly bad a doing global solutions to big problems quickly, so we need to start to migrate things early.
Cue people who don't understand routing and generally how the internet works saying "But why can't we just use NAT? HP don't need that many IP addresses!".
I thought NTP could handle leap seconds though? I seem to remember when there was a leap second about 3 years ago looking through the NTP logs and finding an entry saying something like "woohoo an extra second here!" - it just chopped the clock back a second. Could be wrong though.
And if they employed their routers as simple packet filters, they'd achieve exactly the same result as NAT, but without the annoyingness and without using the wrong tool for the job.
I solved this by buying a decent wifi card that's actually supported. Who's fault is it that the default wifi card on an Eee isn't supported in Ubuntu? Asus? Canonical? The card manufacturer? Linus Torvalds?
Just bought the 4965AGN. Found a big thread on the 901 (that I have) for replacing the wifi, everyone there is nuts about the Atheros chipset. The 4965 can do injection with aircrack so is good for warwalking:)
Out of curiosity, how did you replace the wireless card? Googleing around turns up a guy who had no luck with a Broadcom card, so have you documented how you did it?
Slashdot Mirror
It still isn't clear to me, or apparently most people, what falsifiable hypotheses they're testing with their "millions [on] experiments". And I've read the link....
And no, throwing doubt onto certain parts of evolutionary theory does not automatically mean all of evolution is wrong and therefore creationism is correct. That's just retarded.
Sorry, the above should be TV-owners who use their TVs to watch live broadcasts. Other TV-owners don't pay for it.
Well, it's fully funded by tv-owners. Not all taxpayers own tvs, and vice-versa.
Without wishing to get dragged into an argument about why people pirate, I think it's obvious that there are three types of people who pirate - those who can afford the product and would have otherwise bought it, those who can afford it and wouldn't have otherwise bought the product, and those who can't afford it.
For the $1 iPhone app, the people the developer is concerned with are those who can afford the $1 and would have bought it if piracy wasn't an option for them. I'm arguing that, in this specific case, that particular group of users is vanishingly small and irrelevant.
Which is better for the seller? One sale from the only guy who can afford / wants the app, or one sale from that guy + 1 million pirated versions from people who either can't afford it or just having it because it's free on piracy? Either way, he makes the same amount of money.
It's worth pointing out the difference between someone throwing it on a torrent site and having a significant number of people downloading it. If I make an app and sell it for $1, sure, someone will probably stick it on the piratebay. But I'd argue that the percentage of the overall usebase that will pirate it from that rather than pay $1 to have it installed easily will be quite low.
Don't think it alters your overall point, but I just wanted to make the point that there's a difference between mass-piracy (which may well be because your original product is too expensive) and one bored guy taking something and sticking it on a torrent site.
It's not paid to the BBC, it's paid to the government, who then give a blob of money to the BBC. Small, but subtle difference.
Exactly. This hits the point. Information security guys don't need authority, because they shouldn't have any responsibility over the business. The business should be asking infosec for help on how to secure their systems, and the infosec guys should tell them the risks of implementing / not implementing controls.
If the business has a system that gets hacked because they chose not to implement a good password policy, despite being aware of the risk, then that's their own damn fault, not infosec's.
Nothing wrong with passwords for authentication. Depends entirely on what you're trying to achieve with authentication on whether having only passwords is a good choice.
How will a single "deny all" rule be complex? You want to run a webserver, open the port for that ip address. You want a mailserver too? open port 25 for that ip address. I don't understand how that's complex?
(I don't know what happened to that block of text, hopefully it's still coherent).
Yes. That's the point. Right tool for the job and all that. People are still not getting it. The reason to switch to ipv6 isn't for residential users, it's because it makes life a lot easier when youre connecting seriously large networks together. The company I work for just merged with another large problems, and we have massive problems with networks with overlapping RFC1918 networks. Cue clusterfuck of NATs everywhere. This is the problem that ipv6 solves.
Oh, I know that individual users have problems now. But that's not the same sort of scale of problem of a large company requesting a new IP block from their ISP and being told 'no'. That sort of problem tends to get things moving.
It's not about the short-term advantage because there is no short-term advantage. However, it's going to take a long time to do. Therefore, you start to think about doing it 10 years before it all goes tits-up.
We don't have a problem *now*. IPv4 is working great at the moment. However, we (people) are incredibly bad a doing global solutions to big problems quickly, so we need to start to migrate things early.
Cue people who don't understand routing and generally how the internet works saying "But why can't we just use NAT? HP don't need that many IP addresses!".
I thought NTP could handle leap seconds though? I seem to remember when there was a leap second about 3 years ago looking through the NTP logs and finding an entry saying something like "woohoo an extra second here!" - it just chopped the clock back a second. Could be wrong though.
Why? We pay for it...?
You got network.dns.disableIPv6 enabled in about:config?
And if they employed their routers as simple packet filters, they'd achieve exactly the same result as NAT, but without the annoyingness and without using the wrong tool for the job.
How does a properly managed firewall not control devices inside the network, known or otherwise?
It's good, yes, but the Intel 3945ABG has a better range on it and is supported by the kernel :)
I solved this by buying a decent wifi card that's actually supported. Who's fault is it that the default wifi card on an Eee isn't supported in Ubuntu? Asus? Canonical? The card manufacturer? Linus Torvalds?
Why on earth can't they stick a gigabit ethernet port on it? That alone stops me buying it.
And no, the silly "spend an extra wadge of cash on this base thing to sit it on" is not a good solution.
Just bought the 4965AGN. Found a big thread on the 901 (that I have) for replacing the wifi, everyone there is nuts about the Atheros chipset. The 4965 can do injection with aircrack so is good for warwalking :)
Out of curiosity, how did you replace the wireless card? Googleing around turns up a guy who had no luck with a Broadcom card, so have you documented how you did it?
Aluminium plane + iron oxide on steel beams + lots of heat = aluminium oxide + molton iron.