I already use rail transportation as much as possible now because it is cheap, easy, and about as green as transportation can realistically get right now. I've gone from Albany to Chicago many times and taken the train. While it may not be the fastest thing in the world, $75 gets you one way, with extremely lenient baggage policies (two large carryons, three huge checked bags, and up to 3 extra or oversized checked bags for $10/each). My girlfriend and I were able to move out to Chicago for summer work and back for just the ticket price each way, since we could pack and check everything as baggage on Amtrak. I try to use rail travel whenever I go anywhere longer distance. I may be going to Texas to check out some job stuff down there (from NY), and I'd probably even consider taking the train down for that. Even moreso if some day there were more high speed rail options (whereas right now there are very few high-speed rail options in the US)
High speed rail would be awesome, and I'm sure people would use it. I know I would.
I'm tired of this kind of fear mongering, and it seems to show up on Slashdot as well as other places way too much.
What? The world is ending? An ISP just misconfigured their router and their peers or upstreams need to be better about filtering. The same goes for adoption of BCP38 to prevent intentional or accidental route hijacks.
I was very interested in the game and was planning on buying it until I heard about the Nazi DRM. I haven't pirated it since I'm not that desperate to play it, but once I heard about how the DRM operated and how restrictive it is, I didn't even consider buying it. I don't want to buy it and then pirate it after a few reinstalls.
1) the fact that NAT exists means we ran out a long time ago
2) NAT is not a proper solution. It crosses the Network and Transport layer boundary to provide a hack solution to a Network layer issue. Having something like NAT prevents anything besides UDP or TCP from being used behind a NAT, since NAT relies on port mapping between UDP and NAT
3) What makes people think uPNP is a good idea? Wouldn't it be better to just have *real end-to-end connectivity* like was actually intended and used to be the case?
4) As the world of networked devices and content providers increases as fast as it always has been or faster there will be a growing need for content providers (servers) that cannot be behind a NAT while still hoping to use well-known ports for services
5) NAT does not scale. State tracking tens of thousands of connections? Since state needs to be tracked, load balancing something like NAT is just yet another hack on top of a hack.
I would love to hear someone explain how using NAT is a feasible solution permanently. Reclaiming unused sub-allocations from legacy/8s and stuff is not a permanent solution, denying that IPv6 is needed due to the application of a growing list of band-aids is obnoxious to listen to.
Another way to silence machines is to boot off of the network with PXE or a similar technique. We have been doing this with our media machine for about a year now and the only noise from the machine now is the CPU and PSU fans. This ended up reducing the power consumption and noise from the machine drastically, since we could cut out all of the case fans since there's no HDD to cool.
This is fairly easy to do as long as you have a stable file server set up to do NFS and a DHCP server you can add some options into. It is stable enough, we've never had the machine crash because of NFS flaking out or anything (30+ day uptimes easily, ultimately rebooted for other reasons).
You could probably netboot simple workstation machines too, but I haven't bothered trying that with our desktop machines yet, though it might cut out a nice amount of noise. We have System76 Koala mini-PCs, so there's one CPU fan and the hard drive.
Our media machine that we have netbooting is booting a full installation of Ubuntu (Hardy, FWIW) with MythTV frontend and an MPD server set up on it. We haven't noticed any performance issues at all.
Hopefully this provokes some thoughts for someone looking to do the same kind of thing.
And I didn't even mention the insanity that will arise in global routing when a whole bunch of MIT's/22s are taken from MIT and assigned to some companies in Europe. Route aggregation will go out the window unless (for example) MIT moved all of their stuff into the lower or upper half of 18/8 (or otherwise made room for it to be split off "properly). Even then, you're still splitting one route into two or more (granted it isn't as bad as pulling a bunch of/22s right from the middle of it)
Just because addresses are lying idle doesn't mean we don't have a problem coming up. There is no sane way to use these idle addresses without having the large networks (read: owners of/8s) renumber their networks in such a way that they can be sanely subnetted and routed somewhere else.
Say a company has a/22. They may not be using more than half of their actual addresses, yet they may have assigned and be currently using every possible/24 in their allocation. Even if they are only using some of the addresses in a/24, it makes sense so that they can add machines to a subnet in the future without having to renumber everything to make certain subnets larger when they could/should have been that way from the start.
That last sentence pretty much describes what would have to be done to make use of these "idle" addresses. Renumbering everything to make these addresses available in routable subnets doesn't solve anything, it just shifts the problem onto the network owners who would have to give up theses addresses now, as they'll find themselves running out of address space at some point.
Then again, we could just move the whole world to one flat address space where any address can be used anywhere... (kidding).
The fact that there is an end of site and a "finite" number of addresses means that IPv6 adoption is important and is going to happen. Keep in mind that this article also completely ignores the fact that NAT is hiding millions of computers that otherwise would have needed publicly-routable IPv4 addresses. With IPv6, this hack of a solution isn't needed anymore.
We outgrew IPv4 a while ago, we just haven't hit the absolute limit of what we can do with it because of aids like NAT and hopefully we'll never have our backs up against that wall.
The Wired article/interview says that they were bouncing around web hosts like crazy. Of course if the point comcast.net to some large host, you'll see all kinds of services during your nmap scan.
They were using bunches of free webhosts who almost definitely have servers listening on imap/pop3/smtp and other services. That said, it makes sense that logins intended for comcast ended up failing when they hit these random web hosts.
There's the fact that removal of some malware that uses.profile and does nasty things in ~ is trivial compared to something that gets into a Windows machine. On any Linux or similarly-permissioned system, removal at worst consists of deleting the person's home directory and killing a few processes.
Now, if removing crap from pwned Windows machines was that easy, we'd all be much better off.
Looking at the actual link, this is talking about select _new_ features. The/. summary clearly is trying to scare us all into thinking that existing parts of MySQL would somehow be turned into a closed-source product.
Looking at other comments, the original poster is talking about RPI. He is talking about a tech school, not a job/tech training institute. (DeVry, ITT, others you see on TV with those 2 minute commercials, scrolling list of degrees available in some small number of years, and "Call Now!" at the bottom of the screen)
Her administration is doing this primarily to clinical/non-permanent faculty (though in reality these faculty members would have stuck around for quite some time, they just prefer teaching more than research/pursuing tenure for the most
part). This includes doing things like not allowing these members to have input on decisions regarding benefits for next year "because they might not be here" and a number of other actions that clearly target these faculty members. Unfortunately I don't have more details to share, because my memory isn't so great when it comes to politics... but I do know of at least five of the best faculty members at RPI that are being edged out, and these are just ones in my field.
She has also taken measures to disband the faculty senate and has told the faculty point-blank not to talk about these matters in the classroom. I have had a few professors start to discuss this and then cut themselves off saying "and the powers that be say I can't talk with you about this"
Besides this politic crap, RPI is the right school for most CS/engineering types, the kind who are pursuing a career in these fields because it interests them, not because they don't care and just want the money.
If you ever come to campus and take a tour, take what the guide says with a grain of salt, but it is still a good thing to do.
If you want to walk around a campus where inter-class discussion is about math/engineering courses/other really geeky things, RPI is one of those schools. You don't typically walk around campus hearing people discussing whatever the reality show of the week is.
I remember coming to my Freshman orientation, and knowing that this was the right school as we were up at night working on our schedules ("we" being the SO group I was in) and discussion turned to a number of topics I never could discuss with people in my high school, specifically because there was no or limited interest in them.
Overall, I rate the quality of education at RPI excellent, and I would say the environment is excellent for the right types of people (I'm not saying that it isn't good for others beyond the group for whom the environment is ideal).
Enjoy, I hope you end up enjoying whichever school you attend. It really comes down to "do you want to be surrounded by a bunch of technical people interested in the field (and fields related to the one) you're studying, or a bunch of people who are into other things?"
Unfortunately President Jackson's administration is edging out some of the best faculty at this school, including at least one of the most awesome lecturers in the CS department. It is a wound that will take some time for the school to heal once she is gone.
Aside from her shenanigans, I think RPI is a great school, and I have never doubted my decision to come here.
argh, this is what I get for posting right before going to sleep. I meant to say "the first (500) is the right way to do it, the second (200) is wrong"
I've seen this discussion come up a number of times in the past, with the pro-200 people saying it provides obfuscation of legit e-mail addresses, and the pro-500 people saying that it prevents backscatter and is the correct way to do it.
Right, isn't that exactly what I was describing, except without the mention of the specific response codes?
I agree there is a huge difference between the two. The first one is commonly accepted as "you're doing it wrong" and the latter is the better way to do it, aside from the fact that this allows spammers to verify e-mail addresses on your domain.
Unless you meant to reply to someone else originally, I think you're trying to correct me when I'm in full agreement with you...
Rejection during the initial SMTP conversatoin will still cause mail to go back to the sender saying that it wasn't received. It doesn't just disappear into the ether. This is how MOST e-mail servers on the face of the planet work.
The server trying to deliver mail (server X) contacts the destination server (server Y). The destination server immediately says "nope, sorry, that user doesn't exist" so server X sends a mail back to the sender saying "Server Y said 'user not found in user lookup'" or somesuch. Look through any failed mail delivery you have in your inbox and I bet you'll find a bunch like this, assuming you've fatfingred e-mail addresses in the past.
Read any mailop mailing list and you'll see mention of backscatter as a bad thing, regardless of whether or not it contains the original contents.
1) mailing list confirmations can't be used by spammers to identify existing or non-existing e-mail addresses 2) spammers, unlike your test, will use spoofed From: headers, making the mail you got be bounced back to someone who wasn't involved in the first place 3) yes, right now (1) isn't true for Google either, since they accept all mail, but that is indeed the problem right now, and there are stupid spammers out there who will blast thousands upon thousands of e-mails off to google to see what gets rejected (when they assume that there will be rejections during the initial SMTP conversation)
While it isn't backscatter spam since the initial content isn't delivered, it is still backscatter and Google is still doing the wrong thing. We all know that submitters to/. often get the wrong terms (look at how often "bricked" is used wrongly... we even have a tag for it). I'd bet that more of these wrong terms are due to ignorance than to people trying to spread FUD and blow things out of proportion. Maybe it is time for a !backscatterspam tag if this bothers you so much
Slashdot Mirror
Yeah, for home users they still block these incoming ports (and outgoing 25)
I already use rail transportation as much as possible now because it is cheap, easy, and about as green as transportation can realistically get right now. I've gone from Albany to Chicago many times and taken the train. While it may not be the fastest thing in the world, $75 gets you one way, with extremely lenient baggage policies (two large carryons, three huge checked bags, and up to 3 extra or oversized checked bags for $10/each). My girlfriend and I were able to move out to Chicago for summer work and back for just the ticket price each way, since we could pack and check everything as baggage on Amtrak. I try to use rail travel whenever I go anywhere longer distance. I may be going to Texas to check out some job stuff down there (from NY), and I'd probably even consider taking the train down for that. Even moreso if some day there were more high speed rail options (whereas right now there are very few high-speed rail options in the US)
High speed rail would be awesome, and I'm sure people would use it. I know I would.
I'm tired of this kind of fear mongering, and it seems to show up on Slashdot as well as other places way too much.
What? The world is ending? An ISP just misconfigured their router and their peers or upstreams need to be better about filtering. The same goes for adoption of BCP38 to prevent intentional or accidental route hijacks.
That is all. For now.
I was very interested in the game and was planning on buying it until I heard about the Nazi DRM. I haven't pirated it since I'm not that desperate to play it, but once I heard about how the DRM operated and how restrictive it is, I didn't even consider buying it. I don't want to buy it and then pirate it after a few reinstalls.
1) the fact that NAT exists means we ran out a long time ago
/8s and stuff is not a permanent solution, denying that IPv6 is needed due to the application of a growing list of band-aids is obnoxious to listen to.
2) NAT is not a proper solution. It crosses the Network and Transport layer boundary to provide a hack solution to a Network layer issue. Having something like NAT prevents anything besides UDP or TCP from being used behind a NAT, since NAT relies on port mapping between UDP and NAT
3) What makes people think uPNP is a good idea? Wouldn't it be better to just have *real end-to-end connectivity* like was actually intended and used to be the case?
4) As the world of networked devices and content providers increases as fast as it always has been or faster there will be a growing need for content providers (servers) that cannot be behind a NAT while still hoping to use well-known ports for services
5) NAT does not scale. State tracking tens of thousands of connections? Since state needs to be tracked, load balancing something like NAT is just yet another hack on top of a hack.
I would love to hear someone explain how using NAT is a feasible solution permanently. Reclaiming unused sub-allocations from legacy
Another way to silence machines is to boot off of the network with PXE or a similar technique. We have been doing this with our media machine for about a year now and the only noise from the machine now is the CPU and PSU fans. This ended up reducing the power consumption and noise from the machine drastically, since we could cut out all of the case fans since there's no HDD to cool.
This is fairly easy to do as long as you have a stable file server set up to do NFS and a DHCP server you can add some options into. It is stable enough, we've never had the machine crash because of NFS flaking out or anything (30+ day uptimes easily, ultimately rebooted for other reasons).
You could probably netboot simple workstation machines too, but I haven't bothered trying that with our desktop machines yet, though it might cut out a nice amount of noise. We have System76 Koala mini-PCs, so there's one CPU fan and the hard drive.
Our media machine that we have netbooting is booting a full installation of Ubuntu (Hardy, FWIW) with MythTV frontend and an MPD server set up on it. We haven't noticed any performance issues at all.
Hopefully this provokes some thoughts for someone looking to do the same kind of thing.
And I didn't even mention the insanity that will arise in global routing when a whole bunch of MIT's /22s are taken from MIT and assigned to some companies in Europe. Route aggregation will go out the window unless (for example) MIT moved all of their stuff into the lower or upper half of 18/8 (or otherwise made room for it to be split off "properly). Even then, you're still splitting one route into two or more (granted it isn't as bad as pulling a bunch of /22s right from the middle of it)
Just because addresses are lying idle doesn't mean we don't have a problem coming up. There is no sane way to use these idle addresses without having the large networks (read: owners of /8s) renumber their networks in such a way that they can be sanely subnetted and routed somewhere else.
/22. They may not be using more than half of their actual addresses, yet they may have assigned and be currently using every possible /24 in their allocation. Even if they are only using some of the addresses in a /24, it makes sense so that they can add machines to a subnet in the future without having to renumber everything to make certain subnets larger when they could/should have been that way from the start.
Say a company has a
That last sentence pretty much describes what would have to be done to make use of these "idle" addresses. Renumbering everything to make these addresses available in routable subnets doesn't solve anything, it just shifts the problem onto the network owners who would have to give up theses addresses now, as they'll find themselves running out of address space at some point.
Then again, we could just move the whole world to one flat address space where any address can be used anywhere... (kidding).
The fact that there is an end of site and a "finite" number of addresses means that IPv6 adoption is important and is going to happen. Keep in mind that this article also completely ignores the fact that NAT is hiding millions of computers that otherwise would have needed publicly-routable IPv4 addresses. With IPv6, this hack of a solution isn't needed anymore.
We outgrew IPv4 a while ago, we just haven't hit the absolute limit of what we can do with it because of aids like NAT and hopefully we'll never have our backs up against that wall.
I was actually scared that they were doing DPI for a minute, then I realized the OP just didn't know what they're talking about.
What ever happened to sysadmins being known for having strong/good morals and ethics?
The Wired article/interview says that they were bouncing around web hosts like crazy. Of course if the point comcast.net to some large host, you'll see all kinds of services during your nmap scan.
They were using bunches of free webhosts who almost definitely have servers listening on imap/pop3/smtp and other services. That said, it makes sense that logins intended for comcast ended up failing when they hit these random web hosts.
I'll keep updating the list, but also they're showing up on TPB if you just search for 'elc2008'
As I come across the torrents for these files (slowly showing up on TPB) I'm adding them to a list: http://scarecrow.puttynuts.com/~ryan/elc2008torrents.txt
There's the fact that removal of some malware that uses .profile and does nasty things in ~ is trivial compared to something that gets into a Windows machine. On any Linux or similarly-permissioned system, removal at worst consists of deleting the person's home directory and killing a few processes.
Now, if removing crap from pwned Windows machines was that easy, we'd all be much better off.
Now lets listen to what NANOG has to say about this FUD.
http://www.merit.edu/mail.archives/nanog/msg07568.html
Especially this post in that thread: http://www.merit.edu/mail.archives/nanog/msg07603.html
Among other things, they point out that AT&T's claims (about 20 homes)wouldn't be possible, even if 40gbit ethernet was deployed to every home.
Simple math and common sense, plus any reasonable FUD-detector should make it clear what to make of these claims the AT&T VP is making.
Once Albany populates the search engine indexes, it is going to be really fun looking for things locally!
"Albany window repair"
"Microsoft Albany repair corrupt files <technet.microsoft.com>"
"Hot dogs in Albany"
"Albany is about as useful as a hot dog dropped on the floor <technet.microsoft.com>"
"Used Cars in Albany"
"Microsoft Chairman Gates is now selling used cars after the failure of Microsoft Albany <slashdot.org>"
Looking at the actual link, this is talking about select _new_ features. The /. summary clearly is trying to scare us all into thinking that existing parts of MySQL would somehow be turned into a closed-source product.
Talk about someone trying to be misleading...
Looking at other comments, the original poster is talking about RPI. He is talking about a tech school, not a job/tech training institute. (DeVry, ITT, others you see on TV with those 2 minute commercials, scrolling list of degrees available in some small number of years, and "Call Now!" at the bottom of the screen)
I should also add...
Her administration is doing this primarily to clinical/non-permanent faculty (though in reality these faculty members would have stuck around for quite some time, they just prefer teaching more than research/pursuing tenure for the most
part). This includes doing things like not allowing these members to have input on decisions regarding benefits for next year "because they might not be here" and a number of other actions that clearly target these faculty members. Unfortunately I don't have more details to share, because my memory isn't so great when it comes to politics... but I do know of at least five of the best faculty members at RPI that are being edged out, and these are just ones in my field.
She has also taken measures to disband the faculty senate and has told the faculty point-blank not to talk about these matters in the classroom. I have had a few professors start to discuss this and then cut themselves off saying "and the powers that be say I can't talk with you about this"
Besides this politic crap, RPI is the right school for most CS/engineering types, the kind who are pursuing a career in these fields because it interests them, not because they don't care and just want the money.
If you ever come to campus and take a tour, take what the guide says with a grain of salt, but it is still a good thing to do.
If you want to walk around a campus where inter-class discussion is about math/engineering courses/other really geeky things, RPI is one of those schools. You don't typically walk around campus hearing people discussing whatever the reality show of the week is.
I remember coming to my Freshman orientation, and knowing that this was the right school as we were up at night working on our schedules ("we" being the SO group I was in) and discussion turned to a number of topics I never could discuss with people in my high school, specifically because there was no or limited interest in them.
Overall, I rate the quality of education at RPI excellent, and I would say the environment is excellent for the right types of people (I'm not saying that it isn't good for others beyond the group for whom the environment is ideal).
Enjoy, I hope you end up enjoying whichever school you attend. It really comes down to "do you want to be surrounded by a bunch of technical people interested in the field (and fields related to the one) you're studying, or a bunch of people who are into other things?"
Unfortunately President Jackson's administration is edging out some of the best faculty at this school, including at least one of the most awesome lecturers in the CS department. It is a wound that will take some time for the school to heal once she is gone.
Aside from her shenanigans, I think RPI is a great school, and I have never doubted my decision to come here.
argh, this is what I get for posting right before going to sleep. I meant to say "the first (500) is the right way to do it, the second (200) is wrong"
I've seen this discussion come up a number of times in the past, with the pro-200 people saying it provides obfuscation of legit e-mail addresses, and the pro-500 people saying that it prevents backscatter and is the correct way to do it.
Right, isn't that exactly what I was describing, except without the mention of the specific response codes?
I agree there is a huge difference between the two. The first one is commonly accepted as "you're doing it wrong" and the latter is the better way to do it, aside from the fact that this allows spammers to verify e-mail addresses on your domain.
Unless you meant to reply to someone else originally, I think you're trying to correct me when I'm in full agreement with you...
How is this any different than what I described?
Rejection during the initial SMTP conversatoin will still cause mail to go back to the sender saying that it wasn't received. It doesn't just disappear into the ether. This is how MOST e-mail servers on the face of the planet work.
The server trying to deliver mail (server X) contacts the destination server (server Y). The destination server immediately says "nope, sorry, that user doesn't exist" so server X sends a mail back to the sender saying "Server Y said 'user not found in user lookup'" or somesuch. Look through any failed mail delivery you have in your inbox and I bet you'll find a bunch like this, assuming you've fatfingred e-mail addresses in the past.
Read any mailop mailing list and you'll see mention of backscatter as a bad thing, regardless of whether or not it contains the original contents.
There are a few important differences
/. often get the wrong terms (look at how often "bricked" is used wrongly... we even have a tag for it). I'd bet that more of these wrong terms are due to ignorance than to people trying to spread FUD and blow things out of proportion. Maybe it is time for a !backscatterspam tag if this bothers you so much
1) mailing list confirmations can't be used by spammers to identify existing or non-existing e-mail addresses
2) spammers, unlike your test, will use spoofed From: headers, making the mail you got be bounced back to someone who wasn't involved in the first place
3) yes, right now (1) isn't true for Google either, since they accept all mail, but that is indeed the problem right now, and there are stupid spammers out there who will blast thousands upon thousands of e-mails off to google to see what gets rejected (when they assume that there will be rejections during the initial SMTP conversation)
While it isn't backscatter spam since the initial content isn't delivered, it is still backscatter and Google is still doing the wrong thing. We all know that submitters to