So, the idea is "simple enough that a sophisticated hobbyist could build one in a couple weekends from plans and standard electronics" and yet you are "not an electrical or RF guy so I can't carry out my own independent development on the electronics".
This does not jive. If it is quite so simple, being a "software guy" is not much of an impediment. You should be able to learn as much as a "sophisticated hobbyist", in particular in 2 years - that electronics stuff isn't all that hard, in particular at hobby level.
Either your idea is not quite so simple, or there are problems with it that prevent it from being actually implemented. Either way - if you can't do it - no one else will do it for you, unless you pay them.
I've seen this in multitude of places world wide. Not so popular in US but exists here and there. What exactly is their problem? Walking half a block extra? I knew people in Chicago were some of the least fit in the country but this sounds like extreme whining. Would they prefer to walk back from wherever they are every hour to "feed the meter"? Or do they want a system that lets them pay without leaving the car? That's called a parking garage:)
I used to open-source everything I do. No more. My current project is closed-source (but free) application. While there are quite a few users, very few butt in with "extensions" that they feel absolutely must be there. No forking either - you don't get to take the results of my work, add a few things and distribute, creating confusion and incompatibility, which lead users to other products all together and hurt me (I don't care about the other guy). Don't like my design? Write your own damn product, it is a free country and you have access to gcc and vi:) just like I do.
Incidentally, in my experience with open-source projects significant majority of user response email consisted "feature requests", usually written in demanding "you owe it to me" key. Now with a closed-source application, no such thing and quite a bit of feedback begins with "thank you for the great product":) Now that's good motivation, and it keeps me working.
You must be joking. Israel has one of the most advanced electronic design industries in the world and, in particular, for avionics, aircraft, radar systems and such.
If there is any sharing of technology, it generally goes the other way around - from Israel to the "major ally" US which is all to happy to get those technologies for free, while constantly denying Israel ability to sell fruits of their own work and benefit financially (even though quite obviously countries to which Israel sells its technology are generally not considered hostile to US). In fact, in more recent times Israel is attempting to sell to China in spite of US restrictions precisely because US can't really interfere in dealings with China anymore (Israel may be small and easy to push around by US, whereas China is big and powerful and right now has quite a bit of leverage against US, so a baby gets what a baby wants).
This is nothing like sprintf. In sprintf there is no way to know how much data will be created ahead of time, so limit on buffer size is useful to make sure there is no buffer overrun.
With memcpy it is *precisely* known how much data will be copied. It is right there, 3rd parameter. If a developer can't do "if (sizetocopy = sizeofdstbuffer)", it is just as unlikely that he will be able to properly state that additional parameter that specifies the destination buffer size.
Of course if Microsoft is so concerned with security, why the heck did it take them years to add snptinf()? All this is is another attempt to make crossplatform development that much harder (much like all those "obsolete" POSIX functions that will barf warnings unless you use a cryptic define).
That said, if this silliness ever becomes a rule, I have an easy solution: #define memcpy(dst, src, size) memcpy_s((dst), (src), (size), (size))
Problemo solved, now let's go actually write some real code.
I am sorry, but if you are claiming something to be a report on "national rankings" of "The Electronic Police State", you should at a very least have a clue.
A few hints to the fact that this report is a bunch of crap (no offense to a good name of real crap) is clear lack of understanding of legal concepts, imprecise and not legally or scientifically accepted definitions and simply errors in basic terms and grammar.
It is spelled "habeAs corpus". You do not start a paper that you want to be taken seriously with cheap usenet flame references to "Nazi Germany or Stalin's USSR".
It is not a "criminal evidence" (what the hell is "criminal evidence" anyway?), unless it is admissible in court and no information as collected is admissible on its own merits. And how do you compare countries with completely different legal systems?
I could go on and on, but really it isn't worth the time. This report should not be on a first page of "idle", much less on/. Really, editors - get a clue.
1) Who thinks building *another* city, reclaiming natural resources, open space, building roads and infrastructure over them is a good idea? It is a great boon to various construction businesses though. And that crazy "green" stuff - well, it will get them some federal grants and easier approval. Then when all said and done, it will turn out that there is some technical issue with the solar generator and they'll just build the standard coal powered station or some such. Temporarily;)
2) Personally, I would not want to live in a place where people are known as *inhabitants of the community*. But hey, I bet some enjoy being treated as lab rats.
So now that these reports are "released", how many of you, slashdot readers that post in this thread, actually read at least 1 of them in its entirety? How many read 2? 5? Hands, anyone?
I did go to the site. I read 3 reports on a topic that interests me. What I found was a dry, relatively correct, summary of public and well known information. These reports are created so that each congressman (or whoever else may need them) does not have to read every single newspaper, web site or send his staff on a search of basic statistics. The information is not obtained in ways that are inaccessible to you and me, and reports do not seem to provide any particular insight not already available to those who follow the topic (for example I found nothing of interest in these reports, everything was well known to me, because I follow this topic on my own).
There are hundreds of thousands of reports like these prepared in each large (or small) organization on variety of themes. They are not specifically released because, frankly, it is pointless to do so. While some sort of a website with these reports would be a symbol of opennes, it would likely have very little practical applicability. The only people who need these reports are those who need information on topics that they don't personally care very much about (so they don't want to do their own research) but do need for whatever reason to know what's going on. That means: 1) politicians 2) students, in particular during midterms and finals:):)
1st group has access anyway and 2nd could benefit from doing a bit of research on their own.
"Does your small business with 60 employees want to use IP telephony? In this case, each PC (or each telephone) needs a public IP. You can get away with routing this at the application layer, but why bother when it doesn't actually gain you anything?"
No, it does not need a public IP address and this is a great example for this exact reason. How often does every person in a business have a direct publicly accessible telephone number? Some businesses do that - many (perhaps most) do not. Instead, you call the primary number and then dial an extension which connects you to appropriate person.
VOIP is no different. You call a SIP server for the company and this server (acting as a proxy) connects you to appropriate person. Done and done.
Exactly what you need - email only provider with IMAP, spam protection, good pricing and no useless junk. I am surprised they were not the first answer.
I usually do not reply to my own posts (or replies to my posts) on/., but this is one area where I think it may actually be important.
First of all, if I were to guess, I'd say that all those who replied while questioning my background don't actually do network development for a living. While I could start beating my own chest about how most of your traffic right now probably goes through something designed by me, that would be beside the point (and noone knows you are a dog on the Internet:) ).
That said, a few points specifically.
1) "Never heard of structs?". Structures are orthogonal to the size of IP addresses. You can represent IPv4 address as a structure (as original in_addr used to do, exactly because not all hardware supported 32 bit natively). You could do the same with IPv6 (or you can simply stuff it into 16 sequential bytes). What won't change is ability to perform operations directly on the data type. You can natively compare two v4 addresses by using a == b (which will translate into a single assembly instruction). You cannot do that on a 129 bit data item. Your choices are - memcmp, or defined operation (compare first 4 bytes, then next 4 bytes, then next, then next:) ). This is inefficient, prone to error and makes code less maintainable.
2) Radix trees. Sure, anything can be stored in a radix tree with appropriately long prefix or appropriately large number of nodes in a prefix. What can't be done, however, is keeping this tree in memory (given current device and system memory sizes, which are in low gigabytes to a few dozen gigabytes). This problem is exacerbated by the fact that IPv4 address space is very compact of necessity (not too many holes, and everything is neatly CIDRed together), whereas IPv6 is of necessity full of holes (and designed to stay that way).
3) Performance is a relatively minor consideration in this.
As far as NAT goes - I firmly believe that solutions (in technology and elsewhere) are of two kinds - "organic", i.e. borne of and supported by needs and circumstances, and "artificial". Organic solutions are not always streamlined or pretty. Humans are a good example. A rock of salt is pretty darn inorganic (though I wouldn't want to stretch this analogy too far:) ) NAT is the former, IPv6 is the latter.
It may be just me, but I always felt IPv6 is a solution looking for the problem.
There is a reason IPv4 is so well entrenched. Other than availability of software, hardware and services, it is convenience of handling IPv4 in all those things. This is what permits developers to create all those wonderful products, administrators to effectively administer them and users to enjoy them. A primary reason to that is IPv4 address size - it is 32 bit which is natively handled by all current hardware, and easily remembered by humans (short term) in its quad decimal form.
IPv6 has neither of these features. It is difficult to deal with in software (I know, I do this for a living), does not fit into any native data type (and won't until we move to 128 bit architectures - which does not seem to be very soon), cannot be remembered or used by a human (so effective administration requires magic automatic tools), does not give itself with any convenience to routing related data structures (like radix trees). All this for dubious benefit of addressing directly (in non-hierarchical manner) of every toaster in the world. This is directly opposite to the way the Real World operates (i.e. your home has an address, but noone gets to talk to your toaster directly without going through you first.
If I were solving this, I'd suggest separate and non-directly routable IPv4 address spaces for separate countries (and, perhaps, for other entities). And lots and lots of NAT or proxying. Of course that is kind of what is happening anyway.
China would be happier that way too. In case of cross-border cyberattack, just cut external links and your country is self-sufficient and interconnected:)
Anyway, I am ready to bet some cash that IPv6 will never become a major transport protocol. I know I will do whatever I can to keep it far far away.
Here is what the article says: "They will then go to all of the trusted CAâ(TM)s and try to get them to issue them a valid âoeinternal onlyâ certificate with the FQDN of a target sslvpn URL. As soon as they get a success, that company now becomes their target of choice. Remember, the certificate they need can be issued from any trusted CA in the browser and does not need to match the CA that the SSLVPN gateway is using."
Now, may be I am not understanding the purpose of SSL certificates and the PKI infrastructure in general, but I was under distinct impression that the whole reason those authorities exist is to verify who they give the certificate to, and in such a way that we, users, can trust these certificates.
If this is not correct, and anyone can with relatively minor effort get certificate for a random domain name from one of recognized cert. authorities - game over, none of this matters, the entire PKI infrastructure is in the crapper.
So, either we have to deal with cert. authorities signing things they should not or this is not an attack that is worth discussing. Everything else is a half-measure.
How is this either implementationally or conceptually different from BER/DER encoding (commonly used and available all over the place)?
Looks to me like it is exactly the same thing, reimplemented. I am sure bearing a mark of Google is nice and all, but they are definitely reinventing the wheel here.
Amazing - and I am saying this in all seriousness. I did not know this was even allowed. For the past number of years (and really prior to that as well) I know that every time I took a flight, security person at the beginning of the line demanded to see my ID and boarding pass. To the best of my understanding there was no exception to that, they were fairly clear that I would not be permitted to proceed if I don't show the ID.
That and really I wouldn't even get through check in without one - airline registration counter person demands your id first.
Anyone actually flown without going through this in recent years? How did you do that?
Google bid up this spectrum on purpose so that it would have to be sold for a minimum price that came with strings attached, while it had no intention of buying or developing it. It is interesting that they chose to place the burden of developing and maintaining the network infrastructure on someone else while they wait to reap the benefits of universal access.
Consider a simple scenario - there is a nice lot on a lake, and if it sells for above certain amount, the buyer would have to provide right of way across his property. So, someone that has absolutely no intention of buying this property, but wants to get to walk across to the lake anytime (which he could not currently do as the property is not developed) bids it up until the price is right. You like the place and buy it anyway, but now you presumably have to let the other guy visit and hang around on your private beach whenever he likes. Wouldn't you try to either remove or limit such right of way from your property? Before you answer - think, be honest with yourself. I know I would.
So, back to this - Google did not pay for the spectrum and it lost it's rights of complaining. If they are so much for open access - they should have spent their money and provide such access to all. Put up or shut up.
This whole Ethanol idea is a disaster waiting to happen.
A simple fact - Mexico produces a total of 5 million tons of sugar a year. That amount, according to the article, is enough to make about 800 million gallons of ethanol. US consumes 400 million gallons of gasoline a DAY for transportation. That means the entire crop of Mexican sugar would be completely used up by cars in TWO days. What would we do the rest of the year I don't know. And guess what this would do to sugar prices. Also - no more sugar in your food either.
And if the proposition is to use this as an addition to oil-based fuels, well - we are talking less than 1% of total gasoline requirement from entire Mexican crop. This would hardly make a dent in oil consumption, but sure as heck would wreck havoc on the sugar and food markets.
Realistically, United Russia was going to win about %50 in "unrigged" elections. This is a simple majority, sufficient to pass regular laws. However, Putin needs constitutional majority (which is defined as 2/3 of the votes) to be able to pass constitutional amendments and various important laws related to status of Russia in union such as union with Belorussia. Now 2/3 for those advanced math majors is about %66:) And, guess what, United Russia at this point has %64 of all votes which, what with rounding up and all, will be that magic constitutional majority. D-oh.
BTW, what is the protection of the data signal transmitted over an electric wire? Clearly the signal is emitted far and wide and can be easily intercepted and decoded. This is very much unlike any other wired transmission medium where signals are well contained. Even satellite connection is somewhat narrowly directed and pointed upwards. Here your web browsing session will be available for 100s of miles along the path of those power lines, in places with easy access. Just set up a tent, open a laptop with proper antenna and enjoy.
The power companies that implement this would have to provide significant signal encryption well beyond anything that is currently done by other carriers.
I think that your example is very telling. In this example it is not enough to simply say "do not copy my work" because people don't care about your rights. In order for them not to copy it you must physically enforce that. Personally, I would prefer to live in a society where people abide by laws because they know they should and not because they are unable to break laws. I do hope that is the case. I assume people do not steal food from stores because it is "wrong" and "illegal", not because they won't get caught.
However, we are discussing legal standing of internet archive here. They were able to copy pages because nobody had means to protect them. Now comes time for this activity to be tested by the law. I claim that their copying is illegal under copyright law unless they have express permission by site authors to do so. I think that it is unnecessary for the author to invent technical means to protect himself, and would prefer that everyone including Internet Archive respect those rights.
I would disagree. Site is made publicly available for a reason. If I as an owner do not wish you to have a bona-fide copy but only view the site I should be able to enforce such rights. If a painter paints a picture - he gets to say who can copy it and who cannot. If he wants to be truly conservative, he can even prohibit photographing the picture even though it would hang in a gallery.
Web site is not different at all. Just because the technology bringing a web site to a user makes a "temporary copy" for technical reasons user does not receive a right for a bona-fide stored copy.
As i mentioned before, HTTP and other protocols have specific provisions built to request that no caching would occur - as such the only "copy" of the site should be in memory as it is being displayed. So, the protocol and the design of the Web do foresee a need for site owners to protect them from any copying and storing other then that absolutely necessary to display it. Unless a user has an express permission to make any other type of a copy - a permanent copy not necessary for technical operation ofa protocol and display of a page, user cannot do this *legally* whether it is technically possible or not.
Students photocopy textbooks all the time, but it still isn't legal.
You are assuming it will be viewed. Technology is unimportant. Your phone conversation may be digitized and cached for a certain amount of time in a communication system (time delay, or whatever) yet you do not agree that every phone conversation be saved forever? I am sure THAT would be something a few government agencies would like.
In fact, there is a reason pragmas "no-cache" and expire time have been placed in HTTP protocol (and similar facilities exist in NNTP from way before WWW was born).
The author may agree with a technically necessary caching (or may even wish to prevent that) but he does not by agreeing to that also agree to you copying the entire work and storing it forever.
An argument of "people being able to do it and doing it anyway" is completely ridiculous. People are also able to steal sundry items from the store and pee in elevators. Just because they can - this is neither legal nor ethical.
Now what do I expect? This is slashdot, and anyone not willing to run with the moo-ing crowd is a troll. Of course.
Slashdot Mirror
So, the idea is "simple enough that a sophisticated hobbyist could build one in a couple weekends from plans and standard electronics" and yet you are "not an electrical or RF guy so I can't carry out my own independent development on the electronics".
This does not jive. If it is quite so simple, being a "software guy" is not much of an impediment. You should be able to learn as much as a "sophisticated hobbyist", in particular in 2 years - that electronics stuff isn't all that hard, in particular at hobby level.
Either your idea is not quite so simple, or there are problems with it that prevent it from being actually implemented. Either way - if you can't do it - no one else will do it for you, unless you pay them.
I've seen this in multitude of places world wide. Not so popular in US but exists here and there. What exactly is their problem? Walking half a block extra? I knew people in Chicago were some of the least fit in the country but this sounds like extreme whining. Would they prefer to walk back from wherever they are every hour to "feed the meter"? Or do they want a system that lets them pay without leaving the car? That's called a parking garage :)
I used to open-source everything I do. No more. My current project is closed-source (but free) application. While there are quite a few users, very few butt in with "extensions" that they feel absolutely must be there. No forking either - you don't get to take the results of my work, add a few things and distribute, creating confusion and incompatibility, which lead users to other products all together and hurt me (I don't care about the other guy). Don't like my design? Write your own damn product, it is a free country and you have access to gcc and vi :) just like I do.
Incidentally, in my experience with open-source projects significant majority of user response email consisted "feature requests", usually written in demanding "you owe it to me" key. Now with a closed-source application, no such thing and quite a bit of feedback begins with "thank you for the great product" :) Now that's good motivation, and it keeps me working.
You must be joking. Israel has one of the most advanced electronic design industries in the world and, in particular, for avionics, aircraft, radar systems and such.
If there is any sharing of technology, it generally goes the other way around - from Israel to the "major ally" US which is all to happy to get those technologies for free, while constantly denying Israel ability to sell fruits of their own work and benefit financially (even though quite obviously countries to which Israel sells its technology are generally not considered hostile to US). In fact, in more recent times Israel is attempting to sell to China in spite of US restrictions precisely because US can't really interfere in dealings with China anymore (Israel may be small and easy to push around by US, whereas China is big and powerful and right now has quite a bit of leverage against US, so a baby gets what a baby wants).
http://jeremiahgrossman.blogspot.com/2006/08/i-know-where-youve-been.html
Of course there is no reason this is still not fixed (by being able to disable a:visited style).
This is nothing like sprintf. In sprintf there is no way to know how much data will be created ahead of time, so limit on buffer size is useful to make sure there is no buffer overrun.
With memcpy it is *precisely* known how much data will be copied. It is right there, 3rd parameter. If a developer can't do "if (sizetocopy = sizeofdstbuffer)", it is just as unlikely that he will be able to properly state that additional parameter that specifies the destination buffer size.
Of course if Microsoft is so concerned with security, why the heck did it take them years to add snptinf()? All this is is another attempt to make crossplatform development that much harder (much like all those "obsolete" POSIX functions that will barf warnings unless you use a cryptic define).
That said, if this silliness ever becomes a rule, I have an easy solution:
#define memcpy(dst, src, size) memcpy_s((dst), (src), (size), (size))
Problemo solved, now let's go actually write some real code.
I am sorry, but if you are claiming something to be a report on "national rankings" of "The Electronic Police State", you should at a very least have a clue.
A few hints to the fact that this report is a bunch of crap (no offense to a good name of real crap) is clear lack of understanding of legal concepts, imprecise and not legally or scientifically accepted definitions and simply errors in basic terms and grammar.
It is spelled "habeAs corpus". You do not start a paper that you want to be taken seriously with cheap usenet flame references to "Nazi Germany or Stalin's USSR".
It is not a "criminal evidence" (what the hell is "criminal evidence" anyway?), unless it is admissible in court and no information as collected is admissible on its own merits. And how do you compare countries with completely different legal systems?
I could go on and on, but really it isn't worth the time. This report should not be on a first page of "idle", much less on /. Really, editors - get a clue.
1) Who thinks building *another* city, reclaiming natural resources, open space, building roads and infrastructure over them is a good idea? It is a great boon to various construction businesses though. And that crazy "green" stuff - well, it will get them some federal grants and easier approval. Then when all said and done, it will turn out that there is some technical issue with the solar generator and they'll just build the standard coal powered station or some such. Temporarily ;)
2) Personally, I would not want to live in a place where people are known as *inhabitants of the community*. But hey, I bet some enjoy being treated as lab rats.
So now that these reports are "released", how many of you, slashdot readers that post in this thread, actually read at least 1 of them in its entirety? How many read 2? 5? Hands, anyone?
I did go to the site. I read 3 reports on a topic that interests me. What I found was a dry, relatively correct, summary of public and well known information. These reports are created so that each congressman (or whoever else may need them) does not have to read every single newspaper, web site or send his staff on a search of basic statistics. The information is not obtained in ways that are inaccessible to you and me, and reports do not seem to provide any particular insight not already available to those who follow the topic (for example I found nothing of interest in these reports, everything was well known to me, because I follow this topic on my own).
There are hundreds of thousands of reports like these prepared in each large (or small) organization on variety of themes. They are not specifically released because, frankly, it is pointless to do so. While some sort of a website with these reports would be a symbol of opennes, it would likely have very little practical applicability. The only people who need these reports are those who need information on topics that they don't personally care very much about (so they don't want to do their own research) but do need for whatever reason to know what's going on. That means: :) :)
1) politicians
2) students, in particular during midterms and finals
1st group has access anyway and 2nd could benefit from doing a bit of research on their own.
Feel free to rate this flamebait.
"Does your small business with 60 employees want to use IP telephony? In this case, each PC (or each telephone) needs a public IP. You can get away with routing this at the application layer, but why bother when it doesn't actually gain you anything?"
No, it does not need a public IP address and this is a great example for this exact reason. How often does every person in a business have a direct publicly accessible telephone number? Some businesses do that - many (perhaps most) do not. Instead, you call the primary number and then dial an extension which connects you to appropriate person.
VOIP is no different. You call a SIP server for the company and this server (acting as a proxy) connects you to appropriate person. Done and done.
Exactly what you need - email only provider with IMAP, spam protection, good pricing and no useless junk.
I am surprised they were not the first answer.
I usually do not reply to my own posts (or replies to my posts) on /., but this is one area where I think it may actually be important.
First of all, if I were to guess, I'd say that all those who replied while questioning my background don't actually do network development for a living. While I could start beating my own chest about how most of your traffic right now probably goes through something designed by me, that would be beside the point (and noone knows you are a dog on the Internet :) ).
That said, a few points specifically.
1) "Never heard of structs?". Structures are orthogonal to the size of IP addresses. You can represent IPv4 address as a structure (as original in_addr used to do, exactly because not all hardware supported 32 bit natively). You could do the same with IPv6 (or you can simply stuff it into 16 sequential bytes). What won't change is ability to perform operations directly on the data type. :) ). This is inefficient, prone to error and makes code less maintainable.
You can natively compare two v4 addresses by using a == b (which will translate into a single assembly instruction). You cannot do that on a 129 bit data item. Your choices are - memcmp, or defined operation (compare first 4 bytes, then next 4 bytes, then next, then next
2) Radix trees. Sure, anything can be stored in a radix tree with appropriately long prefix or appropriately large number of nodes in a prefix. What can't be done, however, is keeping this tree in memory (given current device and system memory sizes, which are in low gigabytes to a few dozen gigabytes). This problem is exacerbated by the fact that IPv4 address space is very compact of necessity (not too many holes, and everything is neatly CIDRed together), whereas IPv6 is of necessity full of holes (and designed to stay that way).
3) Performance is a relatively minor consideration in this.
As far as NAT goes - I firmly believe that solutions (in technology and elsewhere) are of two kinds - "organic", i.e. borne of and supported by needs and circumstances, and "artificial". Organic solutions are not always streamlined or pretty. Humans are a good example. A rock of salt is pretty darn inorganic (though I wouldn't want to stretch this analogy too far :) ) NAT is the former, IPv6 is the latter.
It may be just me, but I always felt IPv6 is a solution looking for the problem.
There is a reason IPv4 is so well entrenched. Other than availability of software, hardware and services, it is convenience of handling IPv4 in all those things. This is what permits developers to create all those wonderful products, administrators to effectively administer them and users to enjoy them. A primary reason to that is IPv4 address size - it is 32 bit which is natively handled by all current hardware, and easily remembered by humans (short term) in its quad decimal form.
IPv6 has neither of these features. It is difficult to deal with in software (I know, I do this for a living), does not fit into any native data type (and won't until we move to 128 bit architectures - which does not seem to be very soon), cannot be remembered or used by a human (so effective administration requires magic automatic tools), does not give itself with any convenience to routing related data structures (like radix trees). All this for dubious benefit of addressing directly (in non-hierarchical manner) of every toaster in the world. This is directly opposite to the way the Real World operates (i.e. your home has an address, but noone gets to talk to your toaster directly without going through you first.
If I were solving this, I'd suggest separate and non-directly routable IPv4 address spaces for separate countries (and, perhaps, for other entities). And lots and lots of NAT or proxying. Of course that is kind of what is happening anyway.
China would be happier that way too. In case of cross-border cyberattack, just cut external links and your country is self-sufficient and interconnected :)
Anyway, I am ready to bet some cash that IPv6 will never become a major transport protocol.
I know I will do whatever I can to keep it far far away.
This isn't an attack on anything, really.
Here is what the article says:
"They will then go to all of the trusted CAâ(TM)s and try to get them to issue them a valid âoeinternal onlyâ certificate with the FQDN of a target sslvpn URL. As soon as they get a success, that company now becomes their target of choice. Remember, the certificate they need can be issued from any trusted CA in the browser and does not need to match the CA that the SSLVPN gateway is using."
Now, may be I am not understanding the purpose of SSL certificates and the PKI infrastructure in general, but I was under distinct impression that the whole reason those authorities exist is to verify who they give the certificate to, and in such a way that we, users, can trust these certificates.
If this is not correct, and anyone can with relatively minor effort get certificate for a random domain name from one of recognized cert. authorities - game over, none of this matters, the entire PKI infrastructure is in the crapper.
So, either we have to deal with cert. authorities signing things they should not or this is not an attack that is worth discussing. Everything else is a half-measure.
How is this either implementationally or conceptually different from BER/DER encoding (commonly used and available all over the place)?
Looks to me like it is exactly the same thing, reimplemented. I am sure bearing a mark of Google is nice and all, but they are definitely reinventing the wheel here.
Amazing - and I am saying this in all seriousness. I did not know this was even allowed. For the past number of years (and really prior to that as well) I know that every time I took a flight, security person at the beginning of the line demanded to see my ID and boarding pass. To the best of my understanding there was no exception to that, they were fairly clear that I would not be permitted to proceed if I don't show the ID.
That and really I wouldn't even get through check in without one - airline registration counter person demands your id first.
Anyone actually flown without going through this in recent years? How did you do that?
Yep, its easy to rate something "troll" but what about a real answer? I wonder exactly the same thing. Anyone?
Google bid up this spectrum on purpose so that it would have to be sold for a minimum price that came with strings attached, while it had no intention of buying or developing it. It is interesting that they chose to place the burden of developing and maintaining the network infrastructure on someone else while they wait to reap the benefits of universal access.
Consider a simple scenario - there is a nice lot on a lake, and if it sells for above certain amount, the buyer would have to provide right of way across his property. So, someone that has absolutely no intention of buying this property, but wants to get to walk across to the lake anytime (which he could not currently do as the property is not developed) bids it up until the price is right. You like the place and buy it anyway, but now you presumably have to let the other guy visit and hang around on your private beach whenever he likes. Wouldn't you try to either remove or limit such right of way from your property? Before you answer - think, be honest with yourself. I know I would.
So, back to this - Google did not pay for the spectrum and it lost it's rights of complaining. If they are so much for open access - they should have spent their money and provide such access to all. Put up or shut up.
This whole Ethanol idea is a disaster waiting to happen.
A simple fact - Mexico produces a total of 5 million tons of sugar a year. That amount, according to the article, is enough to make about 800 million gallons of ethanol. US consumes 400 million gallons of gasoline a DAY for transportation. That means the entire crop of Mexican sugar would be completely used up by cars in TWO days. What would we do the rest of the year I don't know. And guess what this would do to sugar prices. Also - no more sugar in your food either.
And if the proposition is to use this as an addition to oil-based fuels, well - we are talking less than 1% of total gasoline requirement from entire Mexican crop. This would hardly make a dent in oil consumption, but sure as heck would wreck havoc on the sugar and food markets.
Why you ask? I'll tell you why!
:) And, guess what, United Russia at this point has %64 of all votes which, what with rounding up and all, will be that magic constitutional majority. D-oh.
Realistically, United Russia was going to win about %50 in "unrigged" elections. This is a simple majority, sufficient to pass regular laws. However, Putin needs constitutional majority (which is defined as 2/3 of the votes) to be able to pass constitutional amendments and various important laws related to status of Russia in union such as union with Belorussia. Now 2/3 for those advanced math majors is about %66
BTW, what is the protection of the data signal transmitted over an electric wire? Clearly the signal is emitted far and wide and can be easily intercepted and decoded. This is very much unlike any other wired transmission medium where signals are well contained. Even satellite connection is somewhat narrowly directed and pointed upwards. Here your web browsing session will be available for 100s of miles along the path of those power lines, in places with easy access. Just set up a tent, open a laptop with proper antenna and enjoy.
The power companies that implement this would have to provide significant signal encryption well beyond anything that is currently done by other carriers.
I think that your example is very telling. In this example it is not enough to simply say "do not copy my work" because people don't care about your rights. In order for them not to copy it you must physically enforce that. Personally, I would prefer to live in a society where people abide by laws because they know they should and not because they are unable to break laws.
I do hope that is the case. I assume people do not steal food from stores because it is "wrong" and "illegal", not because they won't get caught.
However, we are discussing legal standing of internet archive here. They were able to copy pages because nobody had means to protect them. Now comes time for this activity to be tested by the law. I claim that their copying is illegal under copyright law unless they have express permission by site authors to do so. I think that it is unnecessary for the author to invent technical means to protect himself, and would prefer that everyone including Internet Archive respect those rights.
I would disagree.
Site is made publicly available for a reason. If I as an owner do not wish you to have a bona-fide copy but only view the site I should be able to enforce such rights.
If a painter paints a picture - he gets to say who can copy it and who cannot. If he wants to be truly conservative, he can even prohibit photographing the picture even though it would hang in a gallery.
Web site is not different at all. Just because the technology bringing a web site to a user makes a "temporary copy" for technical reasons user does not receive a right for a bona-fide stored copy.
As i mentioned before, HTTP and other protocols have specific provisions built to request that no caching would occur - as such the only "copy" of the site should be in memory as it is being displayed. So, the protocol and the design of the Web do foresee a need for site owners to protect them from any copying and storing other then that absolutely necessary to display it.
Unless a user has an express permission to make any other type of a copy - a permanent copy not necessary for technical operation ofa protocol and display of a page, user cannot do this *legally* whether it is technically possible or not.
Students photocopy textbooks all the time, but it still isn't legal.
Except for the law, you mean?
You are assuming it will be viewed. Technology is unimportant.
Your phone conversation may be digitized and cached for a certain amount of time in a communication system (time delay, or whatever) yet you do not agree that every phone conversation be saved forever? I am sure THAT would be something a few government agencies would like.
In fact, there is a reason pragmas "no-cache" and expire time have been placed in HTTP protocol (and similar facilities exist in NNTP from way before WWW was born).
The author may agree with a technically necessary caching (or may even wish to prevent that) but he does not by agreeing to that also agree to you copying the entire work and storing it forever.
An argument of "people being able to do it and doing it anyway" is completely ridiculous. People are also able to steal sundry items from the store and pee in elevators. Just because they can - this is neither legal nor ethical.
Now what do I expect? This is slashdot, and anyone not willing to run with the moo-ing crowd is a troll. Of course.