People have different interests? I'm flabbergasted and amazed. C'mon now, use your head. This fact is obvious. What's being proposed is a general trend that emales tend to prefer different games. Just as they prefer different movies, TV shows, clothing, music, etc. But, as all generalizations, they're false in an absolute sense, and have no application upon an individual.
Not true. It could be that back in the DAY the US gov gave Verisign some servers to use, to get them started. But since then, verisign has upgraded immensely. They run their own software systems, server hardware, the whole thing. As they should, really. In fact, from a technical perspective, verisign is doing a good job (the.com domain has always worked). It's their political decisions that are causing grief.
How do you know you're infected without AV to tell you?
This question has been posed by many here. And the answer is simple. You know if you've been infected by the collateral damage. The evidence. By the change in your system. Hard as this may be to believe, some of us would IMMEDIATELY notice large outbound traffic in the form of portscans, and thus the virus. Some of us would IMMEDIATELY notice a weird icon, a process not seen before, a general 'badness' abou the computer that was not there a day before. If you cannot observe the effects of a virus, how can you know it's there? Put another way, if you have a virus, and it does nothing, can you even say you've got a virus? And even if you DID have a virus, but it did nothing at all, what would be the harm? None.
So, for a virus to worth worrying about, it must be malicious, and harmful. These things are observable by normal, non-AV methods.
THEREFORE, one can exist, without AV, and be certain enough for one's own comfort (as nothing can be certain, even when you DO run AV) that you are not infected.
I personally was in the exact same position, and have several friends who also don't run AV, and yet, miraculously, haven't gotten a virus. Honest.
(Since that time, I've defected to linux, so now i'm even MORE cocky, but the logic is sound, and lasted me through 8 years of heavy windows use.)
But they didn't claim to offer unlimited water, nor unlimited anything. Your point is valid, except that in this case, the company arbitrarily decides what reasonable means.
Basically, the rules about common sense don't apply to interenet connections. "Reasonable" does not apply to computers. Never has. Have you looked at ads for computers? Covered with specifications. Because words like 'fast' or 'good' or 'plenty of space' are useless with computers. Things update too fast. And a 'fast' speed before (56K modems) is no longer fast today. So a 'reasonable' amount of usage now is not going to be the same in the future.
And consumers are NOT to blame that the companies business model is unsucessful. This ENTIRELY within the realm of capitalism, who's rules state that if a business is not profitable, it will fail.
With no network latancys,[sic] imagine what cool multiuser game platform that could become.
Er... are you serious? On a LAN, latencies caused by the network should be on the order of <10ms, which is not noticable to humans. And what about the huge load you now have on your single system trying to support 4 CPU intensive games? The point is, your solution isn't really any better than the existing systems, nor does it offer any advantages.
Nesting ip addresses has the exact same effect as extending the address space we currently have. As in, we get more addresses. So your system adds complexity without adding any functionality.
In addition to that, the delivery of your packet is now DEPENDANT on the external router which forwards the rest of the way internally, right? So what if that router fails? Well, no one can pick an alternate route, because you've hard-coded in the IP of the gateway router. And suddenly, you're basically telling the internet what route to take to deliver the packet. The intenet DOES NOT work like this by design. For the sake of robustness, the internet is allowed to choose ANY POSSIBLE path to deliver the packet. This allows it to be VERY fault tolerant, precisely the goal of the military-funded engineers who designed the system.
It could be useful to extend the IP protocol to allow partitioning off private intranets with machines that don't have to show up in the (ever growing) public DNS tables, yet can still be addressed individually provided you know where you want to go.
Heh. Poor uradu. That statment doesn't really make any sense. Best to learn of what you speak. More IPs doesn't mean that somehow DNS is going to suffer...
Okay, you rebutted me well. But there is a failure to your suggestion.
Essentially, you are suggesting that we should separate the application from the address of the other application they are talking to. Excellent suggestion. And in this, i can see your point in how this is MORE separation, and LESS dependancy, which was your original claim.
But here's the problem: Now that you've separated the application from the address, how does the application tell the network where it wants it's data to go? The layers have to communcate, you know. Like, each layer of the OSI model can communcate with the layers above and below them, right? I mean, you can't just COMPLETELY separate things, there needs to be communcation. So the application has to feed the network SOMETHING about where the packet is destined. And so what does it feed the network? Previously, it used an address, an IP address. The application said: "Send this data to this address". Now, what's it going to say, now that you've removed the 'dependancy' of the application on the IP address space?
Let's examine your suggestion: The application should be able to find things based purely on "http://slashdot.org/" and leave any piddling network addresses to the network stack.
Er, but, dns translates into IPs. So that idea is no good. Heh, so this goes back to my snide "proof is in the pudding" comment. You DON'T have a replacement idea in your head. NAT is starting to break the end-to-end principle, which is what the internet was founded upon, and thus, is starting to break the ineternet. If you have a better idea of how the internet should work, let's hear it.
And my contention would be that the current NAT sitution is more complex, more costly, and more complicated that the end-to-end idea. And since it adds no functionality at all, is worse than having no NAT, but proper addressing.
The reason he doesn't get what I mean is that with current routers and IP you cannot directly send a packet from outside to address 192.168.1.3 on your home LAN without mapping it to a particular port.
No i get what you mean. I'm just saying that your system is MORE complex than the system we currently have. That is, use public IP addresses everywhere, then just firewall if you're concerned with security. Don't give your 'internal' machines 192.168.x.x addresses, give them 'real' ip addresses. Then, without all this fancy packet mangling and address translation, you have the exact same functionality. Which is how the internet works.
So what i'm saying is i get your idea, but it's completely uneccesary. Just give your internal computers real ips and you're already there, without complex and costly NAT technology, and without a new addressing scheme. The only problem with this idea is that your provider doesn't give you enough IPs. The ISP is actually the one who's dropping the ball here, not the IP adressing system. If the ISP would give you an IP for each host (as the system is supposed to work) then NAT would be entirely unneccessary in the first place, and we wouldn't be in such a state as we currently are in.
Okay, uradu, we already HAVE a system for doing that.
You propose a a.b.c.d/e.f.g.h addressing sheme. Where a.b.c.d is the connection facing the world, and e.f.g.h is the internal IP. How is that any better than our current set up of having e.f.g.h point directly to the host? You're still pointing directly to the host in both cases. Oh, perhaps you're worried about security?
Well, if you have an office building with a single internet connection feeding all the computers, you can still put a firewall on that single connection, and block ports or types or traffic you do not want, on a host-by-host basis. In fact, this is regularily done. And it requires no modification of the internet structure at all. No new stack, no new routers, nothing like that. And it keeps things more simple anyway.
The public NAT router would examine the next nested IP header (in this case e.f.g.h) and pass the packet to the correct internal machine (which could be another NAT box, ad infinitum).
I laughed when i read this. What you just described is a router. A plain regular router of which thousands exist. I looks at the destination IP of the packet, and forwards it on to the correct place! Wow, what a concept!
Still, given that for the vast majority of setups it would be just a two-tiered setup (public internet and internal LAN), it should be workable.
But this is how it works already! The internet is a network of networks, so to speak. How a individual network runs it's own operations is it's own business, being part of the 'internet' just means it's connected to other networks already.
The thing is, the wheel has already BEEN invented, guys. Re-inventing it by suggesting 'new' ideas on slashdot is not required, nor does it lead to innovative ideas. Rarely, at least. The internet is the way it is because it's a GOOD design, capable of many things, highly functional. Witness how widespread it has become. If it had crippling design flaws, it would never have gotten this far.
Wow. I *completely* disagree with what you've just stated here. Allow me to explain why.
First off, the internet was BUILT as an end-to-end network. You cannot just sweep this fact aside by saying it's "outdated". This principle is what MADE the internet successful. Without end-to-end, the internet would have gone nowhere. Really.
We want the application to run end-to-end, because that is what make the application useful -- but folks have confused this with requiring the mechanism to be identical from end to end
But now, in the new system, it requires that the network be AWARE of the application, and configured EXPLICITLY to allow this certain type of data to be transferred. Now you have to ask permission from the people who control the network to run your application. Now you have to make configuration changes in the network itself before you can run any new application. Gone is the open development environment of the internet. Gone are new applications that pop up that anyone can use immediately. (This is how the web started. Your NAT support would have made the web so difficult that it wouldn't have gone anywhere. Imagine the millions who would have had to configure their NAT to work with a new system of doubious worth.)
You say that the network should be SEPERATE from the application, and then go on to promote the application being DEPENDANT on the specific configuration of the network.
"like in the days of the telegraph, the mechanism and the application were synonymous. That is an obsolete model, though. Our needs and demands have gotten more varied and complex from the point of view of the applications -- the mechanism (IPv4) needs to be separated out from the applications."
AND IT IS! That's the POINT, Bookwyrm. Currently, in the 'obsolete' model, the network is TRANSPARENT to the application. No specific configuration of the network is requried. The network is seperate from the application. However, NAT makes the application depend on the network, and thus makes the network and the application once again joined, like the telegraph, phone and cable TV networks of the past. That's a step BACKWARDS.
Even now, because of NAT, we can observe the harmful effects of new development. VoIP doesn't work properly. File sharing applications are suffering massively because people can't share, even when they want to. Running a server of any kind, (a game server for you and your budies to play on) requires additional configuration, making it harder. People in certain situations, like in university, for example, have no ability to influence the functionality of the NAT, and are stuck being internet consumers. And don't forget that it's even MORE arduous to have multiple computers doing the same thing, like being a webserver, behind the NAT. Now you have to specify to the CLIENTS to use different ports for different servers behind the NAT. It begins to get so ugly that people give up.
Your goals are noble, Bookwyrm, but your thoughts on the matter are misguided. This site might help shed some additional light on the situtation.
And finally, the people who invented the internet for real though that end-to-end addressing was the best idea, and from their efforts, we have the most advanced communcation system humans have ever seen. To say that they are utterly wrong requires some guts, and also a LOT of backing up. In other words, the proof is in the pudding. Where is YOUR all NAT internet?
Why they are doing this: Versign used to do 2 updates per day, once every 12 hours. That means if you made any change that required new info in the.com zone, you were always waiting a long time before the changes actually happened. Verisign wanted to improve this, so they have developed a new system that they're going to roll out on Feb 9. The only visible effect of this change from the outside world is that the serial number format will change. So, in order to prevent paranoids from flipping out, they let people know before they made this change.
It's important to note that this WILL NOT affect the DNS system at all. This serial number is in an arbitrary format for any domain. Just because many administrators use the YYYYMMDDNN format in no way means that this is the only correct way to do it. The format only matters to the slave name servers, all of which are run by versign. And as for 'user impact', it's the same impact as if you were using a script to monitor a website, and then the website changed. You can't really blame the website for screwing up your script.
And Verisign should not be pre-hated. A technical action requires analysis on a technical level, and if you're level headed and have understanding of the situation, you will see that this change is harmless, and will actually IMPROVE the performance of the.com and.net domains. Falling into the trap of hating a company outright is zealotry. You need to look at this on a technical level, and make your decision.
If marcelo is not interested, post to the lkml (Linux Kernel Mailing List). If you have real, useful bugreports (it sounds like you do) people will listen, and if you get more actual kernel developers on your side, changes are more likely to happen.
I can assure you there are many people out there who WANT to make the Linux kernel as good as it can be, and if you can provide useful info (important point) then i'm sure they will WANT to help you, track down bugs, and get things working.
You do have some valid points, such as mentioning that traceroute (on unix) uses UDP and also ICMP TTL Expired messages (that's what you meant, right?). And you also mentioned that disabling one type of ICMP is not the same as disabling all. Well, if you're a good network tech, then yes, you're right. Most people aren't though, and impliment a blanket drop of ICMP.
Disabling inbound ICMP echo-request messages will limit the amount of portscans you have to deal with.
It may. But this isn't additional security. This just saves bandwidth. Any dedicated attacker will merely assume you have pings diabled and continue. Sure disabling pings has some effect, but that effect is not 'more security'. Which is really the point. You can fiddle with your network all you like, and get different behaviours to arise. But obscurity is not more secuirty.
Many Americans are responding to this saying "The republicans aren't the bad guys! It's those damned DEMOCRATS!"
I'm Canadian. And as an outsider, it doesn't matter. Republicans and Democrats are so slightly different. As far as i'm concerned, this is a comment on how the entire Country seems to behave, not just a particular political party. The country is moving togther, probably most citizens are aimless, but you cannot divide this into party politics. You know how every outsiders says they can't tell the difference between Republicans and Democrats? Why do you think that is? Do you think they are ALL wrong? I don't know what party is responsible for the above listed actions, but i know they are all Americans.
This makes more sense as comment on the country, not on a particlar political party.
I'm a candian, and i thought i'd offer up some helpful links, if anyone is seriously interested in immigrating here. Obviously i'm not familiar with the details, but the Government of Canada is.
Services for non-Canadians All kinds of info about Canada for non Canadians. And, more specifically, Immigrating to Canada is another section of their website.
they will help you keep on top of whatever trend is coming into play this week and help you achieve your IT and business needs as quickly as possible.
Yeah, this seems to be as close of a summary as i can get about what this AE initiative is. But you know what? that's just business. There's absolutely no reason you need HP or IBM or Sun to help you do that. Any business needs to do this to survive. All businesses need to change, most need computer systems to match their needs... It appears HP wants to do some constulting, but to get clients they're telling their potential customers that HP are the one who should be doing the thinking, not your company. This is not a fundamentally bad idea, outsourcing in this sytle has been goin on for far longer than computers are around.
What's really baffling is how baffling they make it. If even a tech journalist with a vested interest in understanding the industry can't make heads or tails of it, what is HP trying to do? Confuse people into giving them money? That's certainly an interesting plan, if it's true.
What he means is that they can be lumped together because they all provide exactly the same PRODUCT. What you're buying from this online music retailer is the file itself. That's all. And if the files are identical from one retailer to the other, then certainly they can be lumped together. Just like the multiple GM dealers in your area. The 'choice' you make between the two would only be in interface of the website, and price. The actual files are the same. In summary, the choice between the WMA vendors is very very limited, to the point of not even being relevant after you've made the purchase.
If they are updating the 2.x series why are they *also* updating the 1.3.x series? Isn't the idea that 2.x will supplant/replace the earlier series? What do you get out of using the older version that you don't with the newer?
Here, my friend is the beauty of open source. If you want to keep using apache 1.3 (as many are), you can. There's no such thing as a forced upgrade. What version of the software you use is entirely up to you. 2.0 is supposed to be an improvement over 1.3 (and it is), but it's not supposed to 'supplant' 1.3. Just like the Linux kernel 2.4 didn't 'supplant' 2.2, though it WAS an improvement.
As long as there are interested people in the 1.3 series, bugfixes will come in, and holes will be patched. And that's why it's still being updated. Heck, even the 2.0 kernel is actively maintained. The canges are very slow, but if there's an obvious fix, it will be put in.
So basically, it's up to you to decide which version to run. And that's exactly the idea, that you have choice and freedom with your software.
I think the reason for the outcome here is not that the patent is ridiculous, but that it's valid. See, if you were arguing the validity of the original patent, then your lawyer-to-lawyer dialog makes sense, you're trying to show that the patent is invalid. However, in this case, it appears the patent was ASSUMED to be valid, and the court case was to decide whether or not X10 was violating the patent, which they in fact were.
So what i'm saying is that whether or not this is an idea that should be patentable is a seperate argument from whether or not X10 violated the issued patent.
X10 *DID* violate the patent, but the patent should never have been granted in the first place. This shows that software patents are stupid, and that the USPO process is severely broken.
The _exact same network_ before it was called the Internet and run by comercial backbones, was owned by the government and named "The ArpaNet"
The exact same? How? What was excatly the same about it? The routers? The protocols, the applications? Nope, none of those were the same when they started. The only thing that's been consistent is the use of IP addresses, and only since about 1983 has that been entirely true.
Secondly, 'the internet' is not a single, homogeneous network as you seem to imply here. In fact, 'the internet' is what we call the collection of interconnected networks. The internet, if you defined it, would be an agreement. An agreement on how seperate, diverse networks interconnect with each other, how they talk to each other. They're not connected to all of each other, nor are they connected all the time. In fact, current routing systems work based on Autonomous System definitions, which in itself kinda undermines your assertation that 'the internet' is a single thing.
And your discussion of RFC 1918 address space doesn't really do anything to support your argument.
Anyway, you're kinda confused here, and this post's grandparent is correct.
I previously read, right here on slashdot, about someone's observation that this is like another word who's meaning has been changed by the people it refers to.
"Nigger". At one point in time, this was a demeaning word used by white slave owners to refer to their slaves. Nigger had a horrible connotation. Eventually, the wiser amongst us pointed out how ridiculous the whole situation was, and the word 'nigger' was FORCED out of general usage. However, the black forced immigrants from Africa still continued to use the word when referring to each other. This simultaneously reminded them of where they came from, but was also a self-depracatng joke. This basically took back the word from the white people, and turned the word into a claim of surperiority and brotherhood, of sorts.
Imagine if hackers did the same thing with the word 'hacker'. Only hackers would be allowed to call each other hackers, and the media would be forced to use a different word to describe these computer criminals.
I just think that analogy is so damned cool, and illustrates this 'hacker' situation perfectly. But as i said, i can't take credit for this idea, i just agree with it. Mull it over, i think it works.
Parent is a troll. Educated network administrators think this is a bad thing. ICANN is obviously flawed to the outside observer. To really show this troll what's what, do a little reading on the subjects he mentions, and draw your own conclusions. When it turns out the parent is completely and utterly wrong, you will have beaten him. Good luck, and Godspeed.
Downloading a song does not equal a sale (Apple's iTunes and similar services excluded), though it should also be pointed out that it may lead to one in certain circumstances.
Right. We know that, but that's not what the RIAA claims. They say 1 downloaded song equals $150,000 of damages. And i'm not exaggerating, either.
Furthermore, they have to pay for the statistics. I don't see how they're profiting from that.
They pay less for the stats than they gain from sales, otherwise it would be a useless cost to them, they would lose money. They wouldn't buy the stats if it lost them money.
The point here is that information is power, and also money. Gaining information about illegal activities that you campaign against and then profiting off it is a pretty clear case of hypocrisy. It would be similar to MS saying Linux is the worst, but using ideas from Linux in their own products. It undermines their first claim.
If p2p piracy nets the RIAA money, they why are they opposed to it? It can't be good AND bad for them at the same time. It's a pretty clear contradiction here, i'm not sure why you're saying the RIAA is right.
Frost22 perfectly illustrates why NATs are bad. They break the internet. How can i say this? Well, the internet is a networking system designed to connect end devices directly to each other. The idea here is that the network can be stupid, and let the end devices worry about everything. Establishing and maintaining connections, error correction, dropped packets... all handled by the end devices. When you break this principle, the End to End principle, by inserting a NAT into the network, you break the internet. The internet ends at the NAT, and from there on, things are hackish, workaroundy and generally messy.
I'm all for firewalls, they definately have their place. But a NAT is a hack, and not the proper solution to internet addressing at all.
Slashdot Mirror
People have different interests? I'm flabbergasted and amazed. C'mon now, use your head. This fact is obvious. What's being proposed is a general trend that emales tend to prefer different games. Just as they prefer different movies, TV shows, clothing, music, etc. But, as all generalizations, they're false in an absolute sense, and have no application upon an individual.
Not true. It could be that back in the DAY the US gov gave Verisign some servers to use, to get them started. But since then, verisign has upgraded immensely. They run their own software systems, server hardware, the whole thing. As they should, really. In fact, from a technical perspective, verisign is doing a good job (the .com domain has always worked). It's their political decisions that are causing grief.
flamingweasel, you rule. And you're right.
How do you know you're infected without AV to tell you?
This question has been posed by many here. And the answer is simple. You know if you've been infected by the collateral damage. The evidence. By the change in your system. Hard as this may be to believe, some of us would IMMEDIATELY notice large outbound traffic in the form of portscans, and thus the virus. Some of us would IMMEDIATELY notice a weird icon, a process not seen before, a general 'badness' abou the computer that was not there a day before. If you cannot observe the effects of a virus, how can you know it's there? Put another way, if you have a virus, and it does nothing, can you even say you've got a virus? And even if you DID have a virus, but it did nothing at all, what would be the harm? None.
So, for a virus to worth worrying about, it must be malicious, and harmful. These things are observable by normal, non-AV methods.
THEREFORE, one can exist, without AV, and be certain enough for one's own comfort (as nothing can be certain, even when you DO run AV) that you are not infected.
I personally was in the exact same position, and have several friends who also don't run AV, and yet, miraculously, haven't gotten a virus. Honest.
(Since that time, I've defected to linux, so now i'm even MORE cocky, but the logic is sound, and lasted me through 8 years of heavy windows use.)
But they didn't claim to offer unlimited water, nor unlimited anything. Your point is valid, except that in this case, the company arbitrarily decides what reasonable means.
Basically, the rules about common sense don't apply to interenet connections. "Reasonable" does not apply to computers. Never has. Have you looked at ads for computers? Covered with specifications. Because words like 'fast' or 'good' or 'plenty of space' are useless with computers. Things update too fast. And a 'fast' speed before (56K modems) is no longer fast today. So a 'reasonable' amount of usage now is not going to be the same in the future.
And consumers are NOT to blame that the companies business model is unsucessful. This ENTIRELY within the realm of capitalism, who's rules state that if a business is not profitable, it will fail.
With no network latancys,[sic] imagine what cool multiuser game platform that could become.
Er... are you serious? On a LAN, latencies caused by the network should be on the order of <10ms, which is not noticable to humans. And what about the huge load you now have on your single system trying to support 4 CPU intensive games? The point is, your solution isn't really any better than the existing systems, nor does it offer any advantages.
Nesting ip addresses has the exact same effect as extending the address space we currently have. As in, we get more addresses. So your system adds complexity without adding any functionality.
In addition to that, the delivery of your packet is now DEPENDANT on the external router which forwards the rest of the way internally, right? So what if that router fails? Well, no one can pick an alternate route, because you've hard-coded in the IP of the gateway router. And suddenly, you're basically telling the internet what route to take to deliver the packet. The intenet DOES NOT work like this by design. For the sake of robustness, the internet is allowed to choose ANY POSSIBLE path to deliver the packet. This allows it to be VERY fault tolerant, precisely the goal of the military-funded engineers who designed the system.
It could be useful to extend the IP protocol to allow partitioning off private intranets with machines that don't have to show up in the (ever growing) public DNS tables, yet can still be addressed individually provided you know where you want to go.
Heh. Poor uradu. That statment doesn't really make any sense. Best to learn of what you speak. More IPs doesn't mean that somehow DNS is going to suffer...
Okay, you rebutted me well. But there is a failure to your suggestion.
Essentially, you are suggesting that we should separate the application from the address of the other application they are talking to. Excellent suggestion. And in this, i can see your point in how this is MORE separation, and LESS dependancy, which was your original claim.
But here's the problem: Now that you've separated the application from the address, how does the application tell the network where it wants it's data to go? The layers have to communcate, you know. Like, each layer of the OSI model can communcate with the layers above and below them, right? I mean, you can't just COMPLETELY separate things, there needs to be communcation. So the application has to feed the network SOMETHING about where the packet is destined. And so what does it feed the network? Previously, it used an address, an IP address. The application said: "Send this data to this address". Now, what's it going to say, now that you've removed the 'dependancy' of the application on the IP address space?
Let's examine your suggestion: The application should be able to find things based purely on "http://slashdot.org/" and leave any piddling network addresses to the network stack.
Er, but, dns translates into IPs. So that idea is no good. Heh, so this goes back to my snide "proof is in the pudding" comment. You DON'T have a replacement idea in your head. NAT is starting to break the end-to-end principle, which is what the internet was founded upon, and thus, is starting to break the ineternet. If you have a better idea of how the internet should work, let's hear it.
And my contention would be that the current NAT sitution is more complex, more costly, and more complicated that the end-to-end idea. And since it adds no functionality at all, is worse than having no NAT, but proper addressing.
The reason he doesn't get what I mean is that with current routers and IP you cannot directly send a packet from outside to address 192.168.1.3 on your home LAN without mapping it to a particular port.
No i get what you mean. I'm just saying that your system is MORE complex than the system we currently have. That is, use public IP addresses everywhere, then just firewall if you're concerned with security. Don't give your 'internal' machines 192.168.x.x addresses, give them 'real' ip addresses. Then, without all this fancy packet mangling and address translation, you have the exact same functionality. Which is how the internet works.
So what i'm saying is i get your idea, but it's completely uneccesary. Just give your internal computers real ips and you're already there, without complex and costly NAT technology, and without a new addressing scheme. The only problem with this idea is that your provider doesn't give you enough IPs. The ISP is actually the one who's dropping the ball here, not the IP adressing system. If the ISP would give you an IP for each host (as the system is supposed to work) then NAT would be entirely unneccessary in the first place, and we wouldn't be in such a state as we currently are in.
Okay, uradu, we already HAVE a system for doing that.
You propose a a.b.c.d/e.f.g.h addressing sheme. Where a.b.c.d is the connection facing the world, and e.f.g.h is the internal IP. How is that any better than our current set up of having e.f.g.h point directly to the host? You're still pointing directly to the host in both cases. Oh, perhaps you're worried about security?
Well, if you have an office building with a single internet connection feeding all the computers, you can still put a firewall on that single connection, and block ports or types or traffic you do not want, on a host-by-host basis. In fact, this is regularily done. And it requires no modification of the internet structure at all. No new stack, no new routers, nothing like that. And it keeps things more simple anyway.
The public NAT router would examine the next nested IP header (in this case e.f.g.h) and pass the packet to the correct internal machine (which could be another NAT box, ad infinitum).
I laughed when i read this. What you just described is a router. A plain regular router of which thousands exist. I looks at the destination IP of the packet, and forwards it on to the correct place! Wow, what a concept!
Still, given that for the vast majority of setups it would be just a two-tiered setup (public internet and internal LAN), it should be workable.
But this is how it works already! The internet is a network of networks, so to speak. How a individual network runs it's own operations is it's own business, being part of the 'internet' just means it's connected to other networks already.
The thing is, the wheel has already BEEN invented, guys. Re-inventing it by suggesting 'new' ideas on slashdot is not required, nor does it lead to innovative ideas. Rarely, at least. The internet is the way it is because it's a GOOD design, capable of many things, highly functional. Witness how widespread it has become. If it had crippling design flaws, it would never have gotten this far.
Wow. I *completely* disagree with what you've just stated here. Allow me to explain why.
First off, the internet was BUILT as an end-to-end network. You cannot just sweep this fact aside by saying it's "outdated". This principle is what MADE the internet successful. Without end-to-end, the internet would have gone nowhere. Really.
We want the application to run end-to-end, because that is what make the application useful -- but folks have confused this with requiring the mechanism to be identical from end to end
But now, in the new system, it requires that the network be AWARE of the application, and configured EXPLICITLY to allow this certain type of data to be transferred. Now you have to ask permission from the people who control the network to run your application. Now you have to make configuration changes in the network itself before you can run any new application. Gone is the open development environment of the internet. Gone are new applications that pop up that anyone can use immediately. (This is how the web started. Your NAT support would have made the web so difficult that it wouldn't have gone anywhere. Imagine the millions who would have had to configure their NAT to work with a new system of doubious worth.)
You say that the network should be SEPERATE from the application, and then go on to promote the application being DEPENDANT on the specific configuration of the network.
"like in the days of the telegraph, the mechanism and the application were synonymous. That is an obsolete model, though. Our needs and demands have gotten more varied and complex from the point of view of the applications -- the mechanism (IPv4) needs to be separated out from the applications."
AND IT IS! That's the POINT, Bookwyrm. Currently, in the 'obsolete' model, the network is TRANSPARENT to the application. No specific configuration of the network is requried. The network is seperate from the application. However, NAT makes the application depend on the network, and thus makes the network and the application once again joined, like the telegraph, phone and cable TV networks of the past. That's a step BACKWARDS.
Even now, because of NAT, we can observe the harmful effects of new development. VoIP doesn't work properly. File sharing applications are suffering massively because people can't share, even when they want to. Running a server of any kind, (a game server for you and your budies to play on) requires additional configuration, making it harder. People in certain situations, like in university, for example, have no ability to influence the functionality of the NAT, and are stuck being internet consumers. And don't forget that it's even MORE arduous to have multiple computers doing the same thing, like being a webserver, behind the NAT. Now you have to specify to the CLIENTS to use different ports for different servers behind the NAT. It begins to get so ugly that people give up.
Your goals are noble, Bookwyrm, but your thoughts on the matter are misguided. This site might help shed some additional light on the situtation.
And finally, the people who invented the internet for real though that end-to-end addressing was the best idea, and from their efforts, we have the most advanced communcation system humans have ever seen. To say that they are utterly wrong requires some guts, and also a LOT of backing up. In other words, the proof is in the pudding. Where is YOUR all NAT internet?
Why they are doing this: Versign used to do 2 updates per day, once every 12 hours. That means if you made any change that required new info in the .com zone, you were always waiting a long time before the changes actually happened. Verisign wanted to improve this, so they have developed a new system that they're going to roll out on Feb 9. The only visible effect of this change from the outside world is that the serial number format will change. So, in order to prevent paranoids from flipping out, they let people know before they made this change.
.com and .net domains. Falling into the trap of hating a company outright is zealotry. You need to look at this on a technical level, and make your decision.
It's important to note that this WILL NOT affect the DNS system at all. This serial number is in an arbitrary format for any domain. Just because many administrators use the YYYYMMDDNN format in no way means that this is the only correct way to do it. The format only matters to the slave name servers, all of which are run by versign. And as for 'user impact', it's the same impact as if you were using a script to monitor a website, and then the website changed. You can't really blame the website for screwing up your script.
And Verisign should not be pre-hated. A technical action requires analysis on a technical level, and if you're level headed and have understanding of the situation, you will see that this change is harmless, and will actually IMPROVE the performance of the
If marcelo is not interested, post to the lkml (Linux Kernel Mailing List). If you have real, useful bugreports (it sounds like you do) people will listen, and if you get more actual kernel developers on your side, changes are more likely to happen.
I can assure you there are many people out there who WANT to make the Linux kernel as good as it can be, and if you can provide useful info (important point) then i'm sure they will WANT to help you, track down bugs, and get things working.
You do have some valid points, such as mentioning that traceroute (on unix) uses UDP and also ICMP TTL Expired messages (that's what you meant, right?). And you also mentioned that disabling one type of ICMP is not the same as disabling all. Well, if you're a good network tech, then yes, you're right. Most people aren't though, and impliment a blanket drop of ICMP.
Disabling inbound ICMP echo-request messages will limit the amount of portscans you have to deal with.
It may. But this isn't additional security. This just saves bandwidth. Any dedicated attacker will merely assume you have pings diabled and continue. Sure disabling pings has some effect, but that effect is not 'more security'. Which is really the point. You can fiddle with your network all you like, and get different behaviours to arise. But obscurity is not more secuirty.
Many Americans are responding to this saying "The republicans aren't the bad guys! It's those damned DEMOCRATS!"
I'm Canadian. And as an outsider, it doesn't matter. Republicans and Democrats are so slightly different. As far as i'm concerned, this is a comment on how the entire Country seems to behave, not just a particular political party. The country is moving togther, probably most citizens are aimless, but you cannot divide this into party politics. You know how every outsiders says they can't tell the difference between Republicans and Democrats? Why do you think that is? Do you think they are ALL wrong? I don't know what party is responsible for the above listed actions, but i know they are all Americans.
This makes more sense as comment on the country, not on a particlar political party.
somehow i confiused 'Submit' with 'Preview'. :(
Immigrating to Canada - proper second link. Many apologies...
I'm a candian, and i thought i'd offer up some helpful links, if anyone is seriously interested in immigrating here. Obviously i'm not familiar with the details, but the Government of Canada is.
Services for non-Canadians All kinds of info about Canada for non Canadians. And, more specifically,
Immigrating to Canada is another section of their website.
they will help you keep on top of whatever trend is coming into play this week and help you achieve your IT and business needs as quickly as possible.
Yeah, this seems to be as close of a summary as i can get about what this AE initiative is. But you know what? that's just business. There's absolutely no reason you need HP or IBM or Sun to help you do that. Any business needs to do this to survive. All businesses need to change, most need computer systems to match their needs... It appears HP wants to do some constulting, but to get clients they're telling their potential customers that HP are the one who should be doing the thinking, not your company. This is not a fundamentally bad idea, outsourcing in this sytle has been goin on for far longer than computers are around.
What's really baffling is how baffling they make it. If even a tech journalist with a vested interest in understanding the industry can't make heads or tails of it, what is HP trying to do? Confuse people into giving them money? That's certainly an interesting plan, if it's true.
What he means is that they can be lumped together because they all provide exactly the same PRODUCT. What you're buying from this online music retailer is the file itself. That's all. And if the files are identical from one retailer to the other, then certainly they can be lumped together. Just like the multiple GM dealers in your area. The 'choice' you make between the two would only be in interface of the website, and price. The actual files are the same. In summary, the choice between the WMA vendors is very very limited, to the point of not even being relevant after you've made the purchase.
If they are updating the 2.x series why are they *also* updating the 1.3.x series? Isn't the idea that 2.x will supplant/replace the earlier series? What do you get out of using the older version that you don't with the newer?
Here, my friend is the beauty of open source. If you want to keep using apache 1.3 (as many are), you can. There's no such thing as a forced upgrade. What version of the software you use is entirely up to you. 2.0 is supposed to be an improvement over 1.3 (and it is), but it's not supposed to 'supplant' 1.3. Just like the Linux kernel 2.4 didn't 'supplant' 2.2, though it WAS an improvement.
As long as there are interested people in the 1.3 series, bugfixes will come in, and holes will be patched. And that's why it's still being updated. Heck, even the 2.0 kernel is actively maintained. The canges are very slow, but if there's an obvious fix, it will be put in.
So basically, it's up to you to decide which version to run. And that's exactly the idea, that you have choice and freedom with your software.
I think the reason for the outcome here is not that the patent is ridiculous, but that it's valid. See, if you were arguing the validity of the original patent, then your lawyer-to-lawyer dialog makes sense, you're trying to show that the patent is invalid. However, in this case, it appears the patent was ASSUMED to be valid, and the court case was to decide whether or not X10 was violating the patent, which they in fact were.
So what i'm saying is that whether or not this is an idea that should be patentable is a seperate argument from whether or not X10 violated the issued patent.
X10 *DID* violate the patent, but the patent should never have been granted in the first place. This shows that software patents are stupid, and that the USPO process is severely broken.
The _exact same network_ before it was called the Internet and run by comercial backbones, was owned by the government and named "The ArpaNet"
The exact same? How? What was excatly the same about it? The routers? The protocols, the applications? Nope, none of those were the same when they started. The only thing that's been consistent is the use of IP addresses, and only since about 1983 has that been entirely true.
Secondly, 'the internet' is not a single, homogeneous network as you seem to imply here. In fact, 'the internet' is what we call the collection of interconnected networks. The internet, if you defined it, would be an agreement. An agreement on how seperate, diverse networks interconnect with each other, how they talk to each other. They're not connected to all of each other, nor are they connected all the time. In fact, current routing systems work based on Autonomous System definitions, which in itself kinda undermines your assertation that 'the internet' is a single thing.
And your discussion of RFC 1918 address space doesn't really do anything to support your argument.
Anyway, you're kinda confused here, and this post's grandparent is correct.
I previously read, right here on slashdot, about someone's observation that this is like another word who's meaning has been changed by the people it refers to.
"Nigger". At one point in time, this was a demeaning word used by white slave owners to refer to their slaves. Nigger had a horrible connotation. Eventually, the wiser amongst us pointed out how ridiculous the whole situation was, and the word 'nigger' was FORCED out of general usage. However, the black forced immigrants from Africa still continued to use the word when referring to each other. This simultaneously reminded them of where they came from, but was also a self-depracatng joke. This basically took back the word from the white people, and turned the word into a claim of surperiority and brotherhood, of sorts.
Imagine if hackers did the same thing with the word 'hacker'. Only hackers would be allowed to call each other hackers, and the media would be forced to use a different word to describe these computer criminals.
I just think that analogy is so damned cool, and illustrates this 'hacker' situation perfectly. But as i said, i can't take credit for this idea, i just agree with it. Mull it over, i think it works.
Parent is a troll. Educated network administrators think this is a bad thing. ICANN is obviously flawed to the outside observer. To really show this troll what's what, do a little reading on the subjects he mentions, and draw your own conclusions. When it turns out the parent is completely and utterly wrong, you will have beaten him. Good luck, and Godspeed.
Downloading a song does not equal a sale (Apple's iTunes and similar services excluded), though it should also be pointed out that it may lead to one in certain circumstances.
Right. We know that, but that's not what the RIAA claims. They say 1 downloaded song equals $150,000 of damages. And i'm not exaggerating, either.
Furthermore, they have to pay for the statistics. I don't see how they're profiting from that.
They pay less for the stats than they gain from sales, otherwise it would be a useless cost to them, they would lose money. They wouldn't buy the stats if it lost them money.
The point here is that information is power, and also money. Gaining information about illegal activities that you campaign against and then profiting off it is a pretty clear case of hypocrisy. It would be similar to MS saying Linux is the worst, but using ideas from Linux in their own products. It undermines their first claim.
If p2p piracy nets the RIAA money, they why are they opposed to it? It can't be good AND bad for them at the same time. It's a pretty clear contradiction here, i'm not sure why you're saying the RIAA is right.
Mod parent up.
Frost22 perfectly illustrates why NATs are bad. They break the internet. How can i say this? Well, the internet is a networking system designed to connect end devices directly to each other. The idea here is that the network can be stupid, and let the end devices worry about everything. Establishing and maintaining connections, error correction, dropped packets... all handled by the end devices. When you break this principle, the End to End principle, by inserting a NAT into the network, you break the internet. The internet ends at the NAT, and from there on, things are hackish, workaroundy and generally messy.
I'm all for firewalls, they definately have their place. But a NAT is a hack, and not the proper solution to internet addressing at all.