A lot of posts on this thread are of the "when will it all end, what can we do about it" nature. And others on the theme of "it was better when it was just us geeks".
The reason the Internet is such a great tool for communication, and also the reason that it is so easily abused, is that every node on the network is empowered. Everyone is able to send and receive at will, limited by the amount of bandwidth that they have. This is also its weakness, in that the model "trusts" its users not to abuse the system. Originally, when the network was all military and education, this was a reasonably safe assumption.
But we've seen what happens when everyone trusts everyone else. Someone comes along and abuses that trust - like the Morris worm in 1988. So we try and secure our individual sites, which means that administrators have to be smart and knowledgeable because the nature of the traffic coming to their sites is not predictable. And, as ever, if we can't protect ourselves, someone's going to want to jump in and do it for us.
My fear is that eventually the business side of the Net - its use as a money making tool - will overtake its other uses. That the "solution" to the problem of hacking and DDOSing will be to limit the traffic that flows through the network. That, essentially, the internet will turn into a giant content-delivery engine with just enough interactivity to allow you to Add Item to your Shopping Cart.
Of course, the fact that commercial sites use crummy, easily hacked software tends to push in favor of these sorts of limits. Almost makes you wonder if they're doing it on purpose...
This is unfortunately going to become completely useless really fast, unless the people running the site take some active measures.
At first glance, of the top 10 reported "attackers", one was an authorized security scan from home.com, two were 10.x.x.x addresses, and one was a 169.254 Windows AutoIP non-routeable address (and no doubt the port that address was "attacking" was UDP port 53).
When all the world's cable modem users are encouraged to buy these "personal firewalls" which do nothing but trigger false alarms to show how "useful" they are, sites like this can't help but be drowned in a sea of noise.
Career-wise, the dot com madness has certainly benefited me, even though I wasn't a part of the "dot-com industry". I've been a software developer my entire career, but it's always been in embedded stuff, either in the public sector or in consumer peripherals, never in web development or any of that. I've risen through the ranks as a wage-slave programmer and then project manager, and am now a happy consultant in a small, specialized firm. I'm sure the better economy, helped in large part by the Internet boom, was a factor in my upward mobility -- but I work hard and I suspect I would have done fairly well regardless. I'm no dot-com millionaire, but I'm not crying either.
To me, the best thing about the web hype was the commoditization of the internet. Sure that's got its ill effects, for example the millions of idiots, the script kiddies, etc, etc, but it also means good things like $40/month 1500 kbps ADSL connections, cable modems, etc. Despite being stingy and greedy, the big corps realized that there was a gold mine out there on the web (or thought there was), and they knew that if they were going to keep the hype going they were going to have to deliver a better experience -- thus the higher bandwidth, lower PC prices, etc. Whether or not we like the content, the fact is that the dot-com boom benefited everyone by motivating big slow businesses to improve the communications infrastructure.
And, more importantly for me, the inescapable hype surrounding the internet caused vast numbers of ordinary, non-Internet-oriented companies and consumers to realize that the Internet exists and that it can make their life easier. That certainly hasn't hurt my consulting career...
This is at best about as useful as putting a firewall in a DSL modem / router (which is not that bad an idea), but with the added disadvantage that it can't be as flexibly located since it's "in" one of the PCs on the network. I guess it's nice that you can get power from the host PC, except that if the host PC crashes and you have to reboot it then you'll have to reboot your "firewall" ase well. And really, ethernet isn't so slow that you need to be able to DMA directly from your firewall to the PC over the PCI bus.
Totally pointless product. On the scale at which this thing is designed to operate, the LinkSys and NetGear DSL/Cable/modem routers already do this sort of thing quite well and without the above mentioned disadvantages. For a single user, all of this stuff can easily be done in software using e.g. ipchains or one of the many Windows-based personal firewalls, and for any kind of office or enterprise you'll really want the flexibility and expandability of a full sized computer to serve as a firewall.
Well. I for one am not going to vote. The main reason is: I and millions of others didn't even get a chance to affect the outcome of the primary elections. Back during the primaries, I lived in Kentucky. Kentucky has its primary election later than many other states. Indeed, by the time the Kentucky Republican primary had rolled around, the GOP nominee was a foregone conclusion. There was no longer any reason for me to go vote. Nothing I could do would affect the outcome in any way.
So now I'm faced with a "choice" of two candidates, neither of whom I feel is qualified to be president. It's like having to choose from between two retards: one with an 80 I.Q., the other with an 82. I guess one is more qualified, but really neither is a good fit for the job.
In the past year I've moved from Lexington, KY to West Haven, CT. I've had ADSL service in both places. Here's how it went:
In Lexington, I had GTE (Verizon) provide the DSL and IgLou Internet provide the ISP service. I had the Bronze Plus line, 768/128 for $32/month, and the $30 package from IgLou. IgLou has a strange pricing scheme, in that they have two bandwidth levels (normal and really bad), and they offer different levels of service which really are throughput limits - for $30/month you get 3000 megs of throughput at normal priority, after which your bandwidth drops to about 64k.
GTE was pretty impressive; they came out when they said they would and the installer wound up rewiring basically everything (I had 50 year old lines) - from the pole to the house, new network entrance, new line from basement to DSL jack). The guy didn't leave until he had three green lights on the modem.
Service was OK, it was bridged DSL with static IP, but the network was way oversold -- in particular, at one point IgLou had a single ftame T1 between GTE and themselves -- and ping times would get up to the 400's during the day. At night and on weekends though it was fine. Using it with linux/ipmasquerade was trivial since it was "just ethernet" as far as the boxes were concerned.
Then I moved to Connecticut. This time I decided to just go with the ILEC and get the whole ball of wax from SNET. They offer a $39/month package 1500/128 (384/128 guaranteed) with their ISP service and self install. I took it; everything was basically delivered and turned on on time and the microfilter solution seems to work. The speed is great - I'm pretty close to the CO, so I get the full 1500/128, and latency is good at non-peak hours - one weekend I played Quake against some of my friends back in KY and had lower ping times to the server box at one guy's house than anyone else in Lexington at the same ISP was getting.
Unfortunately, SNET uses PPPoE. I use Roaring Penguin rp-pppoe on my P90 firewall, it works fine and reconnects reliably within 30 seconds when the ISP drops the connection (which it does on a regular basis, I'd say about four times a day). I've rigged up a little cron job to ftp the output of ifconfig ppp0 to a website at Tripod every 10 minutes so I can get back in from outside. I guess it works.
The real problem with SNET is their network. Although most of it is fine, and there is no problem getting data from the DSL/ATM cloud out to the actual internet, there is a well-known chokepoint with a SBC/WCG router in Stamford, CT, that can't handle the amount of traffic flowing through it. From 6PM to 11PM every weeknight, pings go up from 150 to 250 to hosts that otherwise give 60-80, and throughput will drop from 150KB/sec down to maybe 50KB/sec. Still quite usable and *much* better than 56K, but irritating nonetheless.
In short... I think that DSL is a decent solution. It's a better technology than cable modem, and more secure, and easier to set up with non-M$ or Mac operating systems. But the main problem is that a lot of ISPs and telcos have jumped onto the bandwagon without having the infrastructure to handle the demand. Both of the ISP's I've had had oversold their bandwidth, and I think the old argument that DSL proponents gave against cable modems ("wait til everyone in the neighborhood has it") applies equally to DSL.
Since the end of August, EFnet has become a real pain to use. Some of the better servers, like core.com and primenet.com, have simply gone away, and others are just about impossible to get to. The ones you can get on go up and down all the time, there are endless netsplits, etc. The only semi-stable servers either belong to.edu's or are part of some network like mindspring or home.com and don't let anyone on who isn't a part of their network (understandable, but frustrating).
The article is correct in one thing: it's because of the packet kiddies. With hundreds of kids behind cable modems blasting away at servers all day long, it's no wonder that network admins take down IRC servers -- the turnover rate on EFnet servers has been amazingly high recently.
The one thing to take comfort in: despite its problems, EFnet is still "the" IRC network to most people, so if you're on another IRC network, it's taking the brunt of the assault...
It seems like Indians are getting knocked pretty hard in this thread. Unfortunately, there's good reason for it. My experience with H1B people is that they were all Indians with decent - but not outstanding - skill sets, who came on board and wrote mediocre code. They all lived like hermits - at best in a bare efficiency, at worst four to a one-bedroom apartment - and sent all their money home to their families. And the code they produced was terrible, because they didn't have to care about it - it's not like they were going to be there in a couple of years maintaining the stuff.
The problem I have with this situation is that it takes jobs away from domestic programmers and exploits the financial situation the Indians face at home. Over there, the salary they make in the US is a fortune; over here, the salary they get is far less than what their employers would have to pay an American programmer. The corp wins, and in a way the Indians win, but the rest of us get shafted -- and in the final analysis we're exporting money and getting bad code in return. Not a great deal.
Loosen immigration restrictions and let more people come in, people who will stay here and work here and contribute to our economy, people who actually have a stake in what they do. But the current situation is really no different than exporting software work abroad, with all the consequences that brings. I say, good riddance to H1B.
I had this experience myself a few months ago - I was having a problem compiling 2.3.48 and.49 with Athlon-specific kernel features turned on. I wound up fixing the problem - it was trivial - and posted this patch to the mailing list.
No one got back to me directly, and indeed it took two revisions of the kernel (but at that point they were coming out about twice a week) to get the fix "officially" in.
But, on the other hand: a lot of people were happy that I posted the patch, and the fix did eventually get included -- or at least, the problem got noticed and someone fixed it, albeit a different way.
The moral of the story: the developers don't have time to answer every email personally, but posting problems - and patches - to the list will help others and it will cause the problems to eventually get noticed and fixed.
I used to work for a consulting firm; I was the only consultant with my particular skill set (embedded and realtime programming) so when it came time to hire more programmers for that client it fell to me to interview them. I discovered that the best approach was to go down their resume item by item and just ask them either something about "how they did that" (if it was a project) or situations in which they "had used that" (if it was a skill). The best applicants were the ones who took it as a conversation, and we basically had a nice chat about that item, possibly going off into tangents where I got to find out more about their interests etc. I tended to emphasize things that I had some knowledge about, as that made it very easy to tell when someone didn't really know what they were talking about. I really hated having to pull out "the dreaded list of ten C questions", and if the interview degenerated to that level it was almost always the kiss of death.
IMO this is the ideal way to do an interview, and it's certainly the kind of interview I would want to be given. The only problem is, a lot of times the person giving the interview is not themselves a programmer, so the ability to establish a rapport with the interviewee is limited and they're forced to resort to standardized measures like quizzes or puzzles.
As an aside, my current new job - where I start next month - was landed the best way of all. I went to a training course given at the company's headquarters and immediately liked what I saw. It gave me three days to talk to everyone, go out to lunch with them, see how they worked and talked to each other, see their projects, etc. and of course they got to know me reasonably well also. I went away from the course feeling happy but not really expecting anything more to come from it; I was very pleased when a while later they expressed an interest in hiring me on. Needless to say, there was no real need for a technical interview at that point.
This is no surprise at all. Fred Moody is basically just a trained parrot for Microsoft. Check out this piece from last year where he attempts to trash Linux with such gems as
But my informant didn't just rant: he probed the psychology of the Grail-seekers: "because linux makes it easy ( due to its unix like nature ) to mess under the hood, people actually feel like they `control' or know whats up with their boxes...it doesnt come from any rational thoughts..." "linux," he concluded, "sux."
For all we know, Moody just invented this person who allegedly works in a "non-Microsoft shop" and makes sweeping claims about Linux's instability and insecurity. Same with his invented numbers here.
I guess what I find odd is just how vitriolic and hateful Moody becomes in writing about Linux. He paints Linux users as zealots and freaks and just basically makes stuff up off the top of his head. Maybe he just needs therapy.
Or maybe he's just pissed cause his MSWord box keeps crashing as he tries to write.
The true spirit of mass human communication?
on
Geek Flavor
·
· Score: 4
...and I hope this ain't it. As evidenced by the number of posts as I write this (9) this article hasn't been up more than a few minutes and already someone's been clever enough to disable it. Props to your mad skillz, d00d...
Not that I in any way agree with web page defacements, but at least I can understand how taking down or modifying a secured web page that a lot of people will see has a certain publicity stunt appeal to it - defacing Seti@Home and putting your h4x0r nick on it is kind of like spraypainting your name atop the world's biggest water tower. But what does it say about human nature when the very first thing people want to do to a supposed community collaboration project is to anonymously make it unavailable to everyone else?
Here I am, always an advocate of privacy and anonymity, and yet when I see people do stuff like this it makes me want to rethink all of those positions. On the one hand I'm cynical enough to think a whole lot of people would want to nuke a site like this; on the other hand even after I've had my coffee and am no longer quite so misanthropic I realize that with total anonymity even a single idiot can ruin a lot of other people's day with total impunity.
One of the main reasons Unix is so fragmented and inconsistent, which really is what he's complaining about, is that the whole system (kernel, libs, user interface) never been under a single entity's control. Someone above cited MacOS X as a great example of what Unix can become if it's done right. This is true -- it's easy to be consistent when a single entity controls every aspect of the platform. The problem is, that's not what most Linux users want.
Where he is completely wrong is his claim that Unix is no longer a platform for innovation. He's got that completely backwards -- indeed, the whole reason for the inconsistency of user interfaces is the very openness and relative simplicity of Unix. Each layer is separate from the next, so it's easy to write a new GUI system on top of the OS without changing any of the underlying layers. And people have done just that, which has led to several generations of X and other apps lying around (Xaw, Motif, OffiX, etc) -- people see a problem with the existing GUI and they reinvent the wheel, leading to a proliferation of incompatible interfaces.
Hmm, just like KDE and Gnome.
The upshot is, because it's open, we have a choice. And choice can lead to inconsistency. So if he wants to work on a platform where everything will always be consistent, he can go work for Apple or Microsoft. Otherwise, he'll just have to make Gnome so good that no one will want to use anything else, because there isn't any way to shove things down people's throats in the *nix world.
Here in Lexington, Kentucky, demand for ADSL has been so great that GTE has started a self-install promotion also. They give you the splitter, the modem, the jack, etc, etc, and you get to do it yourself. Then they only have to come out if it doesn't work. See http://www.gte.com/dsl/sys_reqs_equip.html for their blurb on this.
I for one am glad they weren't doing this back when I got DSL on my line -- my house is about 70 years old and my phone lines were about 50 years old ; they came in and rewired everything from the pole on the street to the wall jack -- for free. Gotta love those early bird install specials...
Gosh, this is just like things were back in the 80's. I remember when I was about 11 or so (gasp, in 1981) and hearing about a 16 year old who had designed a VisiCalc type spreadsheet and made pots of money. And about two years later I was running the "computer system" at my high school (OK, two Apple ][ clones) with programs that tracked attendance and developed class schedules. It wasn't a Silicon Valley fortune, but it kept me in the office and out of gym class.
But I digress. Even back then, there was all kinds of talk about Video Space Age Whiz Kids, movies like War Games were coming out, and every average adult over 35 shook their head and said "gawsh, these crazy kids are gonna run the world, I have to ask em how to program my VCR and...".
The point is, most people will look at a new technology and not try to understand how it works, they'll just use it the way they're told to. We take something like a PC and use it for doing spreadsheets, because even though the machine is capable of far more, our thinking has become limited to things we use every day. Kids don't usually yet have those mental barriers in place, so they're not afraid to take it apart and mess with it, and they don't have the mentality that things can only be used a certain way, so they come up with more creative uses for what the technology can do.
The only real difference is that today the technology is more pervasive than it was then, more people have PCs so when a teenager comes up with something like Napster it gets on the front page instead of being featured in a condescending human-interest article.
And that's generally a Good Thing. But let's not let it go to our heads: the cleverest ideas have always come from people who think outside the box, and it's always going to be easier for young people to do that.
I'd lay odds it's a power supply issue. Why? Pure heuristics. PC makers like to save money where it doesn't really make sense, like in the power supply. Most Gateway, Dell, Micron, etc., PCs come with a measly 200 watt power supply - and a no name one at that, which may or may not be up to spec. Add to that the presence of a new chip, for which motherboard designs may not have stabilized yet, and you've got a system with stability issues. Someone mentioned the problematic FIC SD11 design that had PS issues back when the Athlon first came out -- I'm writing this on my cobbled together Athlon 550 / SD11 with a 300W power supply, and I've seen all this before.
My first and only "major manufacturer" PC, top of the line in the summer of 1998, shipped with a PII/400, VoodooII, Riva 128 AGP, DVD-ROM + decoder card, PCI NIC, modem, ZIP drive, and 2 hard disks. Even with all that hardware, I was shocked to discover it only came equipped with a 200 watt power supply, which caused all kinds of lockups and crashes and on occasion prevented the system from even booting. The manufacturer refused to replace it, even though Intel's own website confirmed that, for the motherboard design, the PS was not adequate. They claimed that their "engineers" who "designed" these systems knew what they were doing and wouldn't have spec'd inadequate components. If that's the case, why did a $80 300W PS cure all of the system's problems?
Basically, if you read through the marketspeak in the article, Gateway screwed up by putting something really cheap in these machines and now they're having lockup problems. "Designing" PC's from off the shelf parts is not rocket science, the only place where these people "push the envelope" is in seeing how cheap they can get the parts and still put together a system that will be usable by an acceptable percentage of the buying public.
Yes, my argument is both anecdotal and based on a small sample size. Tough. Between all the corpo PC's I've dealt with, the predatory habits of big companies like Gateway, and my own vast intelligence, I still bet I'm right:)
This is more corporate and government sponsored hysteria. This NETSEC company wants attention, so they issue a big press release at a time when all the major media outlets just eat up virus and DDOS stories. And the government wants to exploit this hysteria to pass stupid anti-encryption laws and gain broad wiretapping powers. Two great tastes that taste great together...
I dunno, maybe I'm too cynical but don't the names "Serbian" and "Badman" sound just a little corny? Almost like they were made up by someone who read a few glossy articles about the computer underground and then decided to write some FUD that would get people's dander up? Can anyone not involved in the promotion of this exciting story confirm that these guys really exist and that they're not more than a couple of kids being l33t on an irc channel?
As to the question of "can they...", that likely depends on your Terms Of Service agreement. A lot of these things are seriously restrictive, and they almost always place the burden on you the consumer. For all we know, if you get DOSd they can accuse you of "running a server" and knock out your account for that reason. The "acceptable use" policies are usually drawn in very broad language and they can cancel your account for just about anything they don't like that gets their attention. This is yet another reason to make sure and read the fine print before you start handing out that shiny new email address...
OK, Jon, this happened in Utah. Utah is not in general known for its high degree of tolerance of social malcontents. That goes double for small towns. And the fact that the Internet is, as everyone knows, the source of all evil and godless things only makes this worse. Basically you had a kid that hated everyone and that most everyone hated, who angered a lot of people. The "good people" of this town probably weren't counting on anyone really finding out about this on a national level, and I'm sure that this sort of thing has happened in this same town before to drug users, long-hair types, girls who got pregnant out of wedlock, and the like. The only thing that makes this unique is that "The Web" was involved. It does not signal a newly emerging social dynamic.
If anything, the fact that this sort of thing can now get instantaneous national attention will probably help put a stop to it. But let's not overreact, OK? It's just the same old story with a new form of media thrown in.
I use Junkbuster and don't have that problem, I also don't have to look at the banner ads. The problem you're having is that attempting the connection to doubleclick returns an error (due to your box reseting the HTTP connection to localhost), which causes the page to stop loading. A filtering proxy will instead return a 1x1 pixel GIF or some other content, so that your browser is fooled into thinking everything is OK and the ad loaded.
The problem with even having this discussion is that it assumes that the victim of the initial attack, and the attacker, are operating in a vacuum -- or at least that they both have direct connections to internet backbones. Most times this is not the case; both parties have upstream ISPs that carry their outbound and inbound traffic to the rest of the world. In the unlikely event that the victim can locate the true source of the attack, and not just an owned machine, retaliating against the attacker will constitute an even greater load on the victim's ISP and probably create a DOS condition at the attacker's ISP.
Let's do the math: we retaliate, and twice as many people (or more) are subjected to a DOS. Hmm, doesn't sound like a good strategy.
Ambiguous Goals, Ambiguous Outcome
on
Virtual War
·
· Score: 2
On the one hand, Katz once again demonstrates his ignorance and his dislike for anything "American" by going on about the "uniquely American" slant on automated killing. The Chinese invented guns, the British invented the longbow, the Germans invented poison gas, the British decided to bomb Germany only at night and from high altitudes during WWII, etc, etc, all with the intent of maximizing damage to the enemy while minimizing loss to one's own troops. "Smart bombs" and the policy of not descending below 15,000 feet to drop them (as was done over Kosovo) is just an extension of that same mentality, not some new exclusively American slant on war.
That being said, the real reason for the sort of standoff warfare (I'll refrain from using the completely incorrect term "virtual war") in places like Kosovo is that there isn't sufficient political motivation for anything else. Look what happened to Bush and Clinton when we all saw American troops killed and humiliated in Somalia. The political price was far worse than when we saw POWs on Iraqi TV in 1991. Why? The Gulf War had an enormous base of popular support behind it, but the Somalia intervention did not. Likewise, the Kosovo action didn't have strong American support - most Americans felt that it was a European problem that should have been taken care of by Europeans, and they felt that putting US troops in harm's way (more than they already were) was not justified. Had a US armored division entered Kosovo and started slugging it out with the Serbian army, the US would doubtless have won, but the political and human cost would have been unacceptable. Cynically, it's the political cost that made the decision, but the outcome was the same.
So... The only new and unique thing about the new standoff warfare is the way it expresses ambiguity. When there is enough political will to do something about a situation, but not enough public support to put large numbers of American lives at risk, we'll send in the smart bombs. Militarily it doesn't accomplish much, but the collapsed bridges and exciting footage of airplanes taking off and landing is clear evidence that we're doing something!
This is absolutely awful. Republicans in the US always like to use the term "legislating from the bench" to describe rulings by liberal judges which overstep the bounds of the case being argued. This is actually worse -- the judge is essentially making up technological terms as he goes along. Using someone's resources that they can never get back? Give me a break, the crawler that Bidder's Edge uses uses an infinitesimal amount of EBay's and other auctions' server capacity compared to the legions of "legitimate" EBay users. This judge is speaking from pure ignorance, and his ruling endangers everything the Web is based upon.
Where do you draw the line? Are we only going to allow "manually" retrieving information from a Web site? What does that mean? Do I have to write code for each page I want to see? Are offline browser caches now going to be illegal since they automatically "drill down" into sites and grab several pages at a time for later viewing?
When you create a Web site, you do it under the implicit assumption that people are going to connect to it and retrieve informaton. End of story. There is no "right" to only have your pages viewed by means you approve of. Every time _anyone_ connects to your site they use some of your resources, and doing it by automated means is no more onerous than by doing it "manually".
Slashdot Mirror
A lot of posts on this thread are of the "when will it all end, what can we do about it" nature. And others on the theme of "it was better when it was just us geeks".
The reason the Internet is such a great tool for communication, and also the reason that it is so easily abused, is that every node on the network is empowered. Everyone is able to send and receive at will, limited by the amount of bandwidth that they have. This is also its weakness, in that the model "trusts" its users not to abuse the system. Originally, when the network was all military and education, this was a reasonably safe assumption.
But we've seen what happens when everyone trusts everyone else. Someone comes along and abuses that trust - like the Morris worm in 1988. So we try and secure our individual sites, which means that administrators have to be smart and knowledgeable because the nature of the traffic coming to their sites is not predictable. And, as ever, if we can't protect ourselves, someone's going to want to jump in and do it for us.
My fear is that eventually the business side of the Net - its use as a money making tool - will overtake its other uses. That the "solution" to the problem of hacking and DDOSing will be to limit the traffic that flows through the network. That, essentially, the internet will turn into a giant content-delivery engine with just enough interactivity to allow you to Add Item to your Shopping Cart.
Of course, the fact that commercial sites use crummy, easily hacked software tends to push in favor of these sorts of limits. Almost makes you wonder if they're doing it on purpose...
Wrong. The rc in rc.x and foorc stands for resource (sometimes .rc files are referred to as Resource Configuration files, but usually just resource).
Not RunCom.
This is unfortunately going to become completely useless really fast, unless the people running the site take some active measures.
At first glance, of the top 10 reported "attackers", one was an authorized security scan from home.com, two were 10.x.x.x addresses, and one was a 169.254 Windows AutoIP non-routeable address (and no doubt the port that address was "attacking" was UDP port 53).
When all the world's cable modem users are encouraged to buy these "personal firewalls" which do nothing but trigger false alarms to show how "useful" they are, sites like this can't help but be drowned in a sea of noise.
From the page:
:)
27/Nov/2000 16:00
Current Most Active
Attacking IP: 24.0.94.130
Then...
nslookup 24.0.94.130
Server: localhost
Address: 127.0.0.1
Name: authorized-scan.security.home.net
Address: 24.0.94.130
Ohh yeah, this is useful information
Career-wise, the dot com madness has certainly benefited me, even though I wasn't a part of the "dot-com industry". I've been a software developer my entire career, but it's always been in embedded stuff, either in the public sector or in consumer peripherals, never in web development or any of that. I've risen through the ranks as a wage-slave programmer and then project manager, and am now a happy consultant in a small, specialized firm. I'm sure the better economy, helped in large part by the Internet boom, was a factor in my upward mobility -- but I work hard and I suspect I would have done fairly well regardless. I'm no dot-com millionaire, but I'm not crying either.
To me, the best thing about the web hype was the commoditization of the internet. Sure that's got its ill effects, for example the millions of idiots, the script kiddies, etc, etc, but it also means good things like $40/month 1500 kbps ADSL connections, cable modems, etc. Despite being stingy and greedy, the big corps realized that there was a gold mine out there on the web (or thought there was), and they knew that if they were going to keep the hype going they were going to have to deliver a better experience -- thus the higher bandwidth, lower PC prices, etc. Whether or not we like the content, the fact is that the dot-com boom benefited everyone by motivating big slow businesses to improve the communications infrastructure.
And, more importantly for me, the inescapable hype surrounding the internet caused vast numbers of ordinary, non-Internet-oriented companies and consumers to realize that the Internet exists and that it can make their life easier. That certainly hasn't hurt my consulting career...
This is at best about as useful as putting a firewall in a DSL modem / router (which is not that bad an idea), but with the added disadvantage that it can't be as flexibly located since it's "in" one of the PCs on the network. I guess it's nice that you can get power from the host PC, except that if the host PC crashes and you have to reboot it then you'll have to reboot your "firewall" ase well. And really, ethernet isn't so slow that you need to be able to DMA directly from your firewall to the PC over the PCI bus.
Totally pointless product. On the scale at which this thing is designed to operate, the LinkSys and NetGear DSL/Cable/modem routers already do this sort of thing quite well and without the above mentioned disadvantages. For a single user, all of this stuff can easily be done in software using e.g. ipchains or one of the many Windows-based personal firewalls, and for any kind of office or enterprise you'll really want the flexibility and expandability of a full sized computer to serve as a firewall.
Well. I for one am not going to vote. The main reason is: I and millions of others didn't even get a chance to affect the outcome of the primary elections. Back during the primaries, I lived in Kentucky. Kentucky has its primary election later than many other states. Indeed, by the time the Kentucky Republican primary had rolled around, the GOP nominee was a foregone conclusion. There was no longer any reason for me to go vote. Nothing I could do would affect the outcome in any way.
So now I'm faced with a "choice" of two candidates, neither of whom I feel is qualified to be president. It's like having to choose from between two retards: one with an 80 I.Q., the other with an 82. I guess one is more qualified, but really neither is a good fit for the job.
In the past year I've moved from Lexington, KY to West Haven, CT. I've had ADSL service in both places. Here's how it went:
In Lexington, I had GTE (Verizon) provide the DSL and IgLou Internet provide the ISP service. I had the Bronze Plus line, 768/128 for $32/month, and the $30 package from IgLou. IgLou has a strange pricing scheme, in that they have two bandwidth levels (normal and really bad), and they offer different levels of service which really are throughput limits - for $30/month you get 3000 megs of throughput at normal priority, after which your bandwidth drops to about 64k.
GTE was pretty impressive; they came out when they said they would and the installer wound up rewiring basically everything (I had 50 year old lines) - from the pole to the house, new network entrance, new line from basement to DSL jack). The guy didn't leave until he had three green lights on the modem.
Service was OK, it was bridged DSL with static IP, but the network was way oversold -- in particular, at one point IgLou had a single ftame T1 between GTE and themselves -- and ping times would get up to the 400's during the day. At night and on weekends though it was fine. Using it with linux/ipmasquerade was trivial since it was "just ethernet" as far as the boxes were concerned.
Then I moved to Connecticut. This time I decided to just go with the ILEC and get the whole ball of wax from SNET. They offer a $39/month package 1500/128 (384/128 guaranteed) with their ISP service and self install. I took it; everything was basically delivered and turned on on time and the microfilter solution seems to work. The speed is great - I'm pretty close to the CO, so I get the full 1500/128, and latency is good at non-peak hours - one weekend I played Quake against some of my friends back in KY and had lower ping times to the server box at one guy's house than anyone else in Lexington at the same ISP was getting.
Unfortunately, SNET uses PPPoE. I use Roaring Penguin rp-pppoe on my P90 firewall, it works fine and reconnects reliably within 30 seconds when the ISP drops the connection (which it does on a regular basis, I'd say about four times a day). I've rigged up a little cron job to ftp the output of ifconfig ppp0 to a website at Tripod every 10 minutes so I can get back in from outside. I guess it works.
The real problem with SNET is their network. Although most of it is fine, and there is no problem getting data from the DSL/ATM cloud out to the actual internet, there is a well-known chokepoint with a SBC/WCG router in Stamford, CT, that can't handle the amount of traffic flowing through it. From 6PM to 11PM every weeknight, pings go up from 150 to 250 to hosts that otherwise give 60-80, and throughput will drop from 150KB/sec down to maybe 50KB/sec. Still quite usable and *much* better than 56K, but irritating nonetheless.
In short... I think that DSL is a decent solution. It's a better technology than cable modem, and more secure, and easier to set up with non-M$ or Mac operating systems. But the main problem is that a lot of ISPs and telcos have jumped onto the bandwagon without having the infrastructure to handle the demand. Both of the ISP's I've had had oversold their bandwidth, and I think the old argument that DSL proponents gave against cable modems ("wait til everyone in the neighborhood has it") applies equally to DSL.
Since the end of August, EFnet has become a real pain to use. Some of the better servers, like core.com and primenet.com, have simply gone away, and others are just about impossible to get to. The ones you can get on go up and down all the time, there are endless netsplits, etc. The only semi-stable servers either belong to .edu's or are part of some network like mindspring or home.com and don't let anyone on who isn't a part of their network (understandable, but frustrating).
The article is correct in one thing: it's because of the packet kiddies. With hundreds of kids behind cable modems blasting away at servers all day long, it's no wonder that network admins take down IRC servers -- the turnover rate on EFnet servers has been amazingly high recently.
The one thing to take comfort in: despite its problems, EFnet is still "the" IRC network to most people, so if you're on another IRC network, it's taking the brunt of the assault...
It seems like Indians are getting knocked pretty hard in this thread. Unfortunately, there's good reason for it. My experience with H1B people is that they were all Indians with decent - but not outstanding - skill sets, who came on board and wrote mediocre code. They all lived like hermits - at best in a bare efficiency, at worst four to a one-bedroom apartment - and sent all their money home to their families. And the code they produced was terrible, because they didn't have to care about it - it's not like they were going to be there in a couple of years maintaining the stuff.
The problem I have with this situation is that it takes jobs away from domestic programmers and exploits the financial situation the Indians face at home. Over there, the salary they make in the US is a fortune; over here, the salary they get is far less than what their employers would have to pay an American programmer. The corp wins, and in a way the Indians win, but the rest of us get shafted -- and in the final analysis we're exporting money and getting bad code in return. Not a great deal.
Loosen immigration restrictions and let more people come in, people who will stay here and work here and contribute to our economy, people who actually have a stake in what they do. But the current situation is really no different than exporting software work abroad, with all the consequences that brings. I say, good riddance to H1B.
I had this experience myself a few months ago - I was having a problem compiling 2.3.48 and .49 with Athlon-specific kernel features turned on. I wound up fixing the problem - it was trivial - and posted this patch to the mailing list.
No one got back to me directly, and indeed it took two revisions of the kernel (but at that point they were coming out about twice a week) to get the fix "officially" in.
But, on the other hand: a lot of people were happy that I posted the patch, and the fix did eventually get included -- or at least, the problem got noticed and someone fixed it, albeit a different way.
The moral of the story: the developers don't have time to answer every email personally, but posting problems - and patches - to the list will help others and it will cause the problems to eventually get noticed and fixed.
I used to work for a consulting firm; I was the only consultant with my particular skill set (embedded and realtime programming) so when it came time to hire more programmers for that client it fell to me to interview them. I discovered that the best approach was to go down their resume item by item and just ask them either something about "how they did that" (if it was a project) or situations in which they "had used that" (if it was a skill). The best applicants were the ones who took it as a conversation, and we basically had a nice chat about that item, possibly going off into tangents where I got to find out more about their interests etc. I tended to emphasize things that I had some knowledge about, as that made it very easy to tell when someone didn't really know what they were talking about. I really hated having to pull out "the dreaded list of ten C questions", and if the interview degenerated to that level it was almost always the kiss of death.
IMO this is the ideal way to do an interview, and it's certainly the kind of interview I would want to be given. The only problem is, a lot of times the person giving the interview is not themselves a programmer, so the ability to establish a rapport with the interviewee is limited and they're forced to resort to standardized measures like quizzes or puzzles.
As an aside, my current new job - where I start next month - was landed the best way of all. I went to a training course given at the company's headquarters and immediately liked what I saw. It gave me three days to talk to everyone, go out to lunch with them, see how they worked and talked to each other, see their projects, etc. and of course they got to know me reasonably well also. I went away from the course feeling happy but not really expecting anything more to come from it; I was very pleased when a while later they expressed an interest in hiring me on. Needless to say, there was no real need for a technical interview at that point.
If only all "interviews" could be like that...
This is no surprise at all. Fred Moody is basically just a trained parrot for Microsoft. Check out this piece from last year where he attempts to trash Linux with such gems as
But my informant didn't just rant: he probed the psychology of the Grail-seekers: "because linux makes it easy ( due to its unix like nature ) to mess under the hood, people actually feel like they `control' or know whats up with their boxes...it doesnt come from any rational thoughts..."
"linux," he concluded, "sux."
For all we know, Moody just invented this person who allegedly works in a "non-Microsoft shop" and makes sweeping claims about Linux's instability and insecurity. Same with his invented numbers here.
I guess what I find odd is just how vitriolic and hateful Moody becomes in writing about Linux. He paints Linux users as zealots and freaks and just basically makes stuff up off the top of his head. Maybe he just needs therapy.
Or maybe he's just pissed cause his MSWord box keeps crashing as he tries to write.
...and I hope this ain't it. As evidenced by the number of posts as I write this (9) this article hasn't been up more than a few minutes and already someone's been clever enough to disable it. Props to your mad skillz, d00d...
Not that I in any way agree with web page defacements, but at least I can understand how taking down or modifying a secured web page that a lot of people will see has a certain publicity stunt appeal to it - defacing Seti@Home and putting your h4x0r nick on it is kind of like spraypainting your name atop the world's biggest water tower. But what does it say about human nature when the very first thing people want to do to a supposed community collaboration project is to anonymously make it unavailable to everyone else?
Here I am, always an advocate of privacy and anonymity, and yet when I see people do stuff like this it makes me want to rethink all of those positions. On the one hand I'm cynical enough to think a whole lot of people would want to nuke a site like this; on the other hand even after I've had my coffee and am no longer quite so misanthropic I realize that with total anonymity even a single idiot can ruin a lot of other people's day with total impunity.
Makes ya think...
One of the main reasons Unix is so fragmented and inconsistent, which really is what he's complaining about, is that the whole system (kernel, libs, user interface) never been under a single entity's control. Someone above cited MacOS X as a great example of what Unix can become if it's done right. This is true -- it's easy to be consistent when a single entity controls every aspect of the platform. The problem is, that's not what most Linux users want.
Where he is completely wrong is his claim that Unix is no longer a platform for innovation. He's got that completely backwards -- indeed, the whole reason for the inconsistency of user interfaces is the very openness and relative simplicity of Unix. Each layer is separate from the next, so it's easy to write a new GUI system on top of the OS without changing any of the underlying layers. And people have done just that, which has led to several generations of X and other apps lying around (Xaw, Motif, OffiX, etc) -- people see a problem with the existing GUI and they reinvent the wheel, leading to a proliferation of incompatible interfaces.
Hmm, just like KDE and Gnome.
The upshot is, because it's open, we have a choice. And choice can lead to inconsistency. So if he wants to work on a platform where everything will always be consistent, he can go work for Apple or Microsoft. Otherwise, he'll just have to make Gnome so good that no one will want to use anything else, because there isn't any way to shove things down people's throats in the *nix world.
And that's a Good Thing (tm).
Here in Lexington, Kentucky, demand for ADSL has been so great that GTE has started a self-install promotion also. They give you the splitter, the modem, the jack, etc, etc, and you get to do it yourself. Then they only have to come out if it doesn't work. See http://www.gte.com/dsl/sys_reqs_equip.html for their blurb on this.
I for one am glad they weren't doing this back when I got DSL on my line -- my house is about 70 years old and my phone lines were about 50 years old ; they came in and rewired everything from the pole on the street to the wall jack -- for free. Gotta love those early bird install specials...
Gosh, this is just like things were back in the 80's. I remember when I was about 11 or so (gasp, in 1981) and hearing about a 16 year old who had designed a VisiCalc type spreadsheet and made pots of money. And about two years later I was running the "computer system" at my high school (OK, two Apple ][ clones) with programs that tracked attendance and developed class schedules. It wasn't a Silicon Valley fortune, but it kept me in the office and out of gym class.
...".
But I digress. Even back then, there was all kinds of talk about Video Space Age Whiz Kids, movies like War Games were coming out, and every average adult over 35 shook their head and said "gawsh, these crazy kids are gonna run the world, I have to ask em how to program my VCR and
The point is, most people will look at a new technology and not try to understand how it works, they'll just use it the way they're told to. We take something like a PC and use it for doing spreadsheets, because even though the machine is capable of far more, our thinking has become limited to things we use every day. Kids don't usually yet have those mental barriers in place, so they're not afraid to take it apart and mess with it, and they don't have the mentality that things can only be used a certain way, so they come up with more creative uses for what the technology can do.
The only real difference is that today the technology is more pervasive than it was then, more people have PCs so when a teenager comes up with something like Napster it gets on the front page instead of being featured in a condescending human-interest article.
And that's generally a Good Thing. But let's not let it go to our heads: the cleverest ideas have always come from people who think outside the box, and it's always going to be easier for young people to do that.
I'd lay odds it's a power supply issue. Why? Pure heuristics. PC makers like to save money where it doesn't really make sense, like in the power supply. Most Gateway, Dell, Micron, etc., PCs come with a measly 200 watt power supply - and a no name one at that, which may or may not be up to spec. Add to that the presence of a new chip, for which motherboard designs may not have stabilized yet, and you've got a system with stability issues. Someone mentioned the problematic FIC SD11 design that had PS issues back when the Athlon first came out -- I'm writing this on my cobbled together Athlon 550 / SD11 with a 300W power supply, and I've seen all this before.
:)
My first and only "major manufacturer" PC, top of the line in the summer of 1998, shipped with a PII/400, VoodooII, Riva 128 AGP, DVD-ROM + decoder card, PCI NIC, modem, ZIP drive, and 2 hard disks. Even with all that hardware, I was shocked to discover it only came equipped with a 200 watt power supply, which caused all kinds of lockups and crashes and on occasion prevented the system from even booting. The manufacturer refused to replace it, even though Intel's own website confirmed that, for the motherboard design, the PS was not adequate. They claimed that their "engineers" who "designed" these systems knew what they were doing and wouldn't have spec'd inadequate components. If that's the case, why did a $80 300W PS cure all of the system's problems?
Basically, if you read through the marketspeak in the article, Gateway screwed up by putting something really cheap in these machines and now they're having lockup problems. "Designing" PC's from off the shelf parts is not rocket science, the only place where these people "push the envelope" is in seeing how cheap they can get the parts and still put together a system that will be usable by an acceptable percentage of the buying public.
Yes, my argument is both anecdotal and based on a small sample size. Tough. Between all the corpo PC's I've dealt with, the predatory habits of big companies like Gateway, and my own vast intelligence, I still bet I'm right
This is more corporate and government sponsored hysteria. This NETSEC company wants attention, so they issue a big press release at a time when all the major media outlets just eat up virus and DDOS stories. And the government wants to exploit this hysteria to pass stupid anti-encryption laws and gain broad wiretapping powers. Two great tastes that taste great together...
I dunno, maybe I'm too cynical but don't the names "Serbian" and "Badman" sound just a little corny? Almost like they were made up by someone who read a few glossy articles about the computer underground and then decided to write some FUD that would get people's dander up? Can anyone not involved in the promotion of this exciting story confirm that these guys really exist and that they're not more than a couple of kids being l33t on an irc channel?
It just seems so convenient...
As to the question of "can they...", that likely depends on your Terms Of Service agreement. A lot of these things are seriously restrictive, and they almost always place the burden on you the consumer. For all we know, if you get DOSd they can accuse you of "running a server" and knock out your account for that reason. The "acceptable use" policies are usually drawn in very broad language and they can cancel your account for just about anything they don't like that gets their attention. This is yet another reason to make sure and read the fine print before you start handing out that shiny new email address...
OK, Jon, this happened in Utah. Utah is not in general known for its high degree of tolerance of social malcontents. That goes double for small towns. And the fact that the Internet is, as everyone knows, the source of all evil and godless things only makes this worse. Basically you had a kid that hated everyone and that most everyone hated, who angered a lot of people. The "good people" of this town probably weren't counting on anyone really finding out about this on a national level, and I'm sure that this sort of thing has happened in this same town before to drug users, long-hair types, girls who got pregnant out of wedlock, and the like. The only thing that makes this unique is that "The Web" was involved. It does not signal a newly emerging social dynamic.
If anything, the fact that this sort of thing can now get instantaneous national attention will probably help put a stop to it. But let's not overreact, OK? It's just the same old story with a new form of media thrown in.
I use Junkbuster and don't have that problem, I also don't have to look at the banner ads. The problem you're having is that attempting the connection to doubleclick returns an error (due to your box reseting the HTTP connection to localhost), which causes the page to stop loading. A filtering proxy will instead return a 1x1 pixel GIF or some other content, so that your browser is fooled into thinking everything is OK and the ad loaded.
The problem with even having this discussion is that it assumes that the victim of the initial attack, and the attacker, are operating in a vacuum -- or at least that they both have direct connections to internet backbones. Most times this is not the case; both parties have upstream ISPs that carry their outbound and inbound traffic to the rest of the world. In the unlikely event that the victim can locate the true source of the attack, and not just an owned machine, retaliating against the attacker will constitute an even greater load on the victim's ISP and probably create a DOS condition at the attacker's ISP.
Let's do the math: we retaliate, and twice as many people (or more) are subjected to a DOS. Hmm, doesn't sound like a good strategy.
On the one hand, Katz once again demonstrates his ignorance and his dislike for anything "American" by going on about the "uniquely American" slant on automated killing. The Chinese invented guns, the British invented the longbow, the Germans invented poison gas, the British decided to bomb Germany only at night and from high altitudes during WWII, etc, etc, all with the intent of maximizing damage to the enemy while minimizing loss to one's own troops. "Smart bombs" and the policy of not descending below 15,000 feet to drop them (as was done over Kosovo) is just an extension of that same mentality, not some new exclusively American slant on war.
That being said, the real reason for the sort of standoff warfare (I'll refrain from using the completely incorrect term "virtual war") in places like Kosovo is that there isn't sufficient political motivation for anything else. Look what happened to Bush and Clinton when we all saw American troops killed and humiliated in Somalia. The political price was far worse than when we saw POWs on Iraqi TV in 1991. Why? The Gulf War had an enormous base of popular support behind it, but the Somalia intervention did not. Likewise, the Kosovo action didn't have strong American support - most Americans felt that it was a European problem that should have been taken care of by Europeans, and they felt that putting US troops in harm's way (more than they already were) was not justified. Had a US armored division entered Kosovo and started slugging it out with the Serbian army, the US would doubtless have won, but the political and human cost would have been unacceptable. Cynically, it's the political cost that made the decision, but the outcome was the same.
So... The only new and unique thing about the new standoff warfare is the way it expresses ambiguity. When there is enough political will to do something about a situation, but not enough public support to put large numbers of American lives at risk, we'll send in the smart bombs. Militarily it doesn't accomplish much, but the collapsed bridges and exciting footage of airplanes taking off and landing is clear evidence that we're doing something!
This is absolutely awful. Republicans in the US always like to use the term "legislating from the bench" to describe rulings by liberal judges which overstep the bounds of the case being argued. This is actually worse -- the judge is essentially making up technological terms as he goes along. Using someone's resources that they can never get back? Give me a break, the crawler that Bidder's Edge uses uses an infinitesimal amount of EBay's and other auctions' server capacity compared to the legions of "legitimate" EBay users. This judge is speaking from pure ignorance, and his ruling endangers everything the Web is based upon.
Where do you draw the line? Are we only going to allow "manually" retrieving information from a Web site? What does that mean? Do I have to write code for each page I want to see? Are offline browser caches now going to be illegal since they automatically "drill down" into sites and grab several pages at a time for later viewing?
When you create a Web site, you do it under the implicit assumption that people are going to connect to it and retrieve informaton. End of story. There is no "right" to only have your pages viewed by means you approve of. Every time _anyone_ connects to your site they use some of your resources, and doing it by automated means is no more onerous than by doing it "manually".