I think having things crash should be a bit of a nuisance, because otherwise it's never get fixed. On the other hand, automatically restarting the server makes it easier for people to get your buffer overflows to run their code.
It depends on the software. One of the programs that used to die a lot for me was apcupsd, the program that manages the serial port communication with my UPS. There's no network remote access anyway, but if the program isn't running when the UPS battery goes dead, the machine won't power off properly. Another program that has died on me is Xprt (the X11 print server).
Sometimes the problem is stupid kernel bugs (like an overactive OOM killer).
I agree, though, that there is an extra risk involved with automatically restarting crashed network services.
[Debian stable] even still has SysV init which is a dying "Legacy UNIX" thing... so the OSX, Ubuntu, Slowlaris etc. crowds say..
I'm a long-time Debian user, and I also think it's an ugly legacy UNIX thing. It's much better to have some sort of process supervisor that will restart crashed servers, and that will deal with dependencies in some sort of sane manner. The problem is that Debian is huge, and the amount of work required to switch to a new system would be almost equally as huge, but the benefits are comparatively small, so there's never been a push to change to something different.
The bright side of it is, like most of the advances Debian has made, when it finally does get replaced, it'll probably be replaced with something substantially better, because anything less would be unlikely to win the support of Debian's army of volunteers.
All this rfc really says is that.xxx (or similar) isn't 100% effective, therefore don't bother.
For improved accuracy, replace "isn't 100% effective" with "is 0% effective (or nearly so)".
Requiring mandatory.xxx tld's for porn and making it illegal to use anything else adds one useful layer of filtering that some (not all) countries could subscribe to.
Useful how, exactly? You won't make.com significantly cleaner (since countries that don't have such laws would be free to point a.com domain at porn), and you'll put your own country's porn companies at an economic disadvantage.
Legislating the use of top-level domains for content filtering makes about as much sense as legislating the use of chisels as screwdrivers. If you want to legislate something, at least legislate something that is actually designed for filtering.
The problem isn't filtering content. The problem is that domain names are a terrible way to do it (see RFC 3675), and there are better ways of doing it (see PICS).
As for a voluntary.xxx, the public and legislators will misunderstand its limitations. It's practically begging for bad law. It's better not to set it up in the first place.
I don't really get why people who are discussing Internet policy are so opposed to reading RFCs, like, for example, the RFC that specifically addresses this issue:RFC 3675.
That could be $3 in the first case, and $500000 or more in the second case. Perhaps I'm only an interesting contact worth $7.
Perhaps, yes. However, "perhaps", someone will just guess the correct key after brute-forcing only 25% of the full keyspace (there's a 1 in 4 chance of it). "Perhaps" someone will figure out how to quickly perform prime factorization. "Perhaps" someone will build a quantum computer.
You don't really know what capabilities an attacker is going to have. You can't know absolutely, because you're designing a system today that needs to be secure against tomorrow's attacks. As the saying goes, "attacks only get better; they never get worse".
What you do know is that the more complex a system is, the more likely it is to be vulnerable to attack. Perhaps your rot13 function will be nicely exploitable by some side-channel attack. Take a look at a recent result, Simple Branch Prediction Analysis. If your nifty new rot13 function had been written and deployed 2 years ago, before this attack had been published, would your implementation have been secure against it? If not, would you at least be able to say that the added complexity was worth the added risk?
My opinion is that the negligible increase in security (between 0 and 1 bits of added security) isn't worth the risk that the added complexity brings. There are better-understood ways of adding one bit of security to a system. Furthermore, if you think you need one more bit of security, you should probably add a much larger safety margin, like 50% or 100% or 200% more bits of security.
Crypto experts routinely have their own systems broken. How do you honestly think you will fare?
80-year-old Elizabeth Windsor is suing 41-year-old Andrei Lugovoi for pain and suffering caused by the death of her dependent, Alexander Litvinenko. Andrei says: Elizabeth doesn't know what she's talking about.
Except when you're using strong cryptography, the assumption is already being made that you are worth the effort. Otherwise, plaintext or rot13 alone would probably suffice.
Nothing is wrong with having ideas, but they're just not that valuable. The people who come up with the ideas are far more valuable, but a lot of them don't even get off the ground because they do self-defeating things like (for example) insisting on confidentiality that job applicants (or worse, investors) sign NDAs prior to an interview/sales pitch.
Another common mistake is to get patents, only to find out that people violate your patents anyway, and you can't afford to prosecute them, because you don't have any revenue, because you spent too much of your time and money on getting the patents rather than on developing a product that actually sells.
For example - assuming someone can crack DES / AES / Twofish, etc - I wonder if doing a cascade of ROT13/DES/ROT13 would protect you from the tools that merely run the standard DES cracker against it.
At best, it would double the work factor (hooray for 1 bit of security!). More likely, it wouldn't even do that much. Still more likely, it'll make your future protocol switch (you'll eventually be interoperating with the rest of the world, after all) more vulnerable to attack.
Amendments to the Copyright Act are currently in the process of being drafted. This is probably an attempt by the U.S. movie industry to influence that process.
Slashdot Mirror
It depends on the software. One of the programs that used to die a lot for me was apcupsd, the program that manages the serial port communication with my UPS. There's no network remote access anyway, but if the program isn't running when the UPS battery goes dead, the machine won't power off properly. Another program that has died on me is Xprt (the X11 print server).
Sometimes the problem is stupid kernel bugs (like an overactive OOM killer).
I agree, though, that there is an extra risk involved with automatically restarting crashed network services.
Rebuttal: "They wouldn't have been able to do that if your software wasn't so bad."
You've managed to rebut my weakest argument. Congratulations.
What about the technical problems with using TLDs for filtering? What do you have against PICS?
I'm a long-time Debian user, and I also think it's an ugly legacy UNIX thing. It's much better to have some sort of process supervisor that will restart crashed servers, and that will deal with dependencies in some sort of sane manner. The problem is that Debian is huge, and the amount of work required to switch to a new system would be almost equally as huge, but the benefits are comparatively small, so there's never been a push to change to something different.
The bright side of it is, like most of the advances Debian has made, when it finally does get replaced, it'll probably be replaced with something substantially better, because anything less would be unlikely to win the support of Debian's army of volunteers.
... if somebody made an auto-installing version of this, i.e. installed the same way as spyware is?
For improved accuracy, replace "isn't 100% effective" with "is 0% effective (or nearly so)".
Requiring mandatoryUseful how, exactly? You won't make .com significantly cleaner (since countries that don't have such laws would be free to point a .com domain at porn), and you'll put your own country's porn companies at an economic disadvantage.
Legislating the use of top-level domains for content filtering makes about as much sense as legislating the use of chisels as screwdrivers. If you want to legislate something, at least legislate something that is actually designed for filtering.
But then we couldn't bitch about how US-centric slashdot.us is.
The problem isn't filtering content. The problem is that domain names are a terrible way to do it (see RFC 3675), and there are better ways of doing it (see PICS).
As for a voluntary .xxx, the public and legislators will misunderstand its limitations. It's practically begging for bad law. It's better not to set it up in the first place.
I don't really get why people who are discussing Internet policy are so opposed to reading RFCs, like, for example, the RFC that specifically addresses this issue: RFC 3675.
Three words: Network Working Group.
Maybe you should read existing RFCs before you propose your own.
Perhaps, yes. However, "perhaps", someone will just guess the correct key after brute-forcing only 25% of the full keyspace (there's a 1 in 4 chance of it). "Perhaps" someone will figure out how to quickly perform prime factorization. "Perhaps" someone will build a quantum computer.
You don't really know what capabilities an attacker is going to have. You can't know absolutely, because you're designing a system today that needs to be secure against tomorrow's attacks. As the saying goes, "attacks only get better; they never get worse".
What you do know is that the more complex a system is, the more likely it is to be vulnerable to attack. Perhaps your rot13 function will be nicely exploitable by some side-channel attack. Take a look at a recent result, Simple Branch Prediction Analysis. If your nifty new rot13 function had been written and deployed 2 years ago, before this attack had been published, would your implementation have been secure against it? If not, would you at least be able to say that the added complexity was worth the added risk?
My opinion is that the negligible increase in security (between 0 and 1 bits of added security) isn't worth the risk that the added complexity brings. There are better-understood ways of adding one bit of security to a system. Furthermore, if you think you need one more bit of security, you should probably add a much larger safety margin, like 50% or 100% or 200% more bits of security.
Crypto experts routinely have their own systems broken. How do you honestly think you will fare?
Real people; Real cases; Judge Judy.
80-year-old Elizabeth Windsor is suing 41-year-old Andrei Lugovoi for pain and suffering caused by the death of her dependent, Alexander Litvinenko. Andrei says: Elizabeth doesn't know what she's talking about.
No. Really, stop asking.
Except when you're using strong cryptography, the assumption is already being made that you are worth the effort. Otherwise, plaintext or rot13 alone would probably suffice.
Oops. Remove "on confidentiality" (so it reads, "...insisting that job applicants..."), and it'll make sense.
Nothing is wrong with having ideas, but they're just not that valuable. The people who come up with the ideas are far more valuable, but a lot of them don't even get off the ground because they do self-defeating things like (for example) insisting on confidentiality that job applicants (or worse, investors) sign NDAs prior to an interview/sales pitch.
Another common mistake is to get patents, only to find out that people violate your patents anyway, and you can't afford to prosecute them, because you don't have any revenue, because you spent too much of your time and money on getting the patents rather than on developing a product that actually sells.
At best, it would double the work factor (hooray for 1 bit of security!). More likely, it wouldn't even do that much. Still more likely, it'll make your future protocol switch (you'll eventually be interoperating with the rest of the world, after all) more vulnerable to attack.
Amendments to the Copyright Act are currently in the process of being drafted. This is probably an attempt by the U.S. movie industry to influence that process.
You have nothing to worry about, since the judge will throw out the case as soon as you get your hearing (habeas corpus... oh crap.
whoosh
... the NSA loves you when you do!
whoosh
If the only thing you have is an idea you're afraid someone might steal, then you don't have anything of value.
IANAL, but you have to defend your copyrights or you risk losing them...
(Incidentally, that's actually true, if you're Disney and your idea of defending your copyrights involves lobbying.)