Not necessarily. If these printers are factory configured to use uPnP and their edge firewalls allow it, these printers could punch their way out even if they were on a network with private IP space.
I'd bet that many of these printers are on small business DSL or cable connections that come with a pool of public addresses and these folks just connected directly to the Internet. No firewall, no security.
It would be unrealistic to ban IC-engine vehicles in a decade. As others have pointed out, short of some revolution in battery capacity, they just don't have the range.
What would be more realistic would be a ban on diesel engines and a requirement to use hybrid drivetrains for passenger and freight vehicles. The technology is mostly available today and the pain and cost would be much lower.
Correction: "...the FTPS server can't tell the client to issue a CCC (clear control) or a CDC (clear data) command. So if your site requires a clear control channel..."
Stateful firewalls and load-balancers don't care if the data channel is encrypted. They only care about the control channel after authentication.
FTP can be encapsulated with TLS, but it is neither easy nor pretty. And the claim that it is just as secure as HTTPS depends on how you invoke FTPS.
The most secure method is to use implicit FTPS, which uses TCP ports 989 and 990. The FTPS server immediately expects the client to negotiate TLS (ClientHello) and to stay in TLS mode. The slightly less secure method is to use explicit FTPS, which uses the traditional TCP ports 20 and 21. For that method, the FTPS client has the ability to step in (AUTH TLS, PROT) and out (CDC) of TLS mode as its likes. It is up to the server to enforce if a resource is available outside of TLS mode.
In either method, an encrypted control channel prevents firewalls and load-balancers from eavesdropping on PORT and PASV commands, which prevents those devices from creating dynamic ACLs and NATs. Supporting Active FTPS on a firewall is ugly. Passive FTPS isn't as bad, but then you have to use source address affinity/persistence across ports to glue the control and data channels together for your load-balancer NATs/VIPs. If your client resides behind a source NAT or proxy cluster that doesn't keep their IP address locked, that persistence can break unless you use source mask larger than a/32. Even that can break if the client is load-balancing outbound connections across multiple ISPs (think mobile devices that use both WiFi and Cellular data simultaneously).
The explicit FTPS method allows a client to revert to an unencrypted control channel after authentication, but it is only at the client's discretion. The FTPS server can't tell the client to issue a CDC command. So if your site requires it, you have to tell your users to configure their FTPS client that way.
Lastly, SFTP is a subsystem of SSH. It is unrelated to FTPS. You're asking that browser designers and network admins add yet another protocol and port when an existing solution, HTTPS, already exists and is good enough. I have only seen SFTP used as a stand-alone product (read: not bundled with shell access) in a couple of very niche situations.
Then you go back to the dark days of code pages, which was its own headache, especially with eastern languages.
It wouldn't be difficult to have a program highlight text that comes from another Unicode alphanumeric language block than your own. That way if someone tries to use similar looking characters, you'd have some notice. Also, it wouldn't be difficult to blacklist Unicode blocks, like the ones used for symbols. That would eliminate the emoticon issue.
Connor MacLeod could fail to achieve a Quickening, which would allow the head of China National Shield Corporation to continue with their nefarious plans for another five decades after the Earth has cooled.
Hopefully this cozy relationship between media creators and distribution channels will eventually be unraveled. Long ago, movie studios used to have ownership stakes in the theaters their movies were shown in. The government put an end to that. I'd like to see the same competition law kick in and force Disney to keep streaming contracts with outside firms.
I've owned android devices ever since my T-Mobile G1 and I have *never* needed to roll back an OS upgrade.
I have. I upgraded my Galaxy S1 Fascinate from stock Android 2.3 to a Cyanogenmod Android 4.0 ROM, but later rolled back to stock because of how frequently my handset would freeze.
My Galaxy S5 Neo just upgraded to Android 7.0 last week. The lock screen clock is now weird, lock screen controls for PowerAmp are now buggy, and the several programs now seem to just sit and think for a second or two. I tried replacement lock screen apps to fix the first two issues, but they bring their own set of bugs. I'm half tempted to roll the handset back to Android 6.0. Probably going to be my last Samsung phone.
The related links section at the bottom of the page listed "Donald Trump Wins US Presidency".
Perhaps Slashdot's servers are on to something: giant sucking windbags, massive economic damages, and constant media attention. I understand how it could mistake the resemblement.
I've noticed in the past two years that local broadcasters are rushing to add as many DTV subchannels as they can. As a result, the picture quality is turning to absolute garbage. I've been slowly deleting them from my channel list as they become unwatchable.
Legislation will need to be approved that forces manufacturers to keep their software patched. There just isn't enough financial incentive at the moment. What scares me is that the next gen DTV broadcast standards are moving towards increased connectivity. The new ATSC 3 standard uses a MPEG-H transport stream over UDP/IP, which includes a HTML-5 presentation layer. Even if you leave your TV disconnected from your local network, it can still receive bad content from from broadcasters.
Imagine a scenario where a state sponsored intelligence agency pushed out an attack against a neighboring country that bricked television sets just before an invasion by their military.
Even if the emails are sent over SMTP-TLS and the emails themselves are signed and encrypted, the workstations of the people in finance could be targeted via a spear-phising attack. A trojan could alter the text as their email client displays it. Companies really need to treat those devices with special care and extra doses of paranoia.
Keep in mind that 64-bit applications are more resistant to brute force memory attacks since address space layout randomization (ASLR) techniques have a significantly larger address space to work with. It may utilize more memory, but it'll be less prone to stack and heap attacks.
I disagree. I ran XP x86-64 edition on several home PCs. I never had an issue finding drivers for integrated peripherals (Ethernet, Firewire, audio, RAID), video cards, mice, keyboards, or mid-level printers. Drivers for video capture and game controllers were rare at first, but became much better after the release of Vista. The only drivers that remain difficult to find to this day are for entry-level printers and WiFi adapters.
Many of the worst issues with x86 assembly were resolved with the 386. The instruction set was more orthogonal and the memory layout was simpler to use. That said, there are three things I wish that Intel or AMD had included with the 386:
1) a couple more address base registers (ie, EAB, ECB, EDB) so we didn't have to borrow general purpose registers for address indirect ops, or just add more GPRs like they did with AMD64 and the Z8000 2) support for index and displacement address modes with the CALL instruction so that proper call tables could be used (ie, CALL EDB+_FuncOffset) 3) deprecate the direction flag for the ability to specify the direction in a string op itself (ie, MOVSDI/MOVSDD or MOVSD [EDI++],[ESI--])
I don't see what's wrong with continuing to license older content to another streaming network
You would think that it would be in their best interest to release content to at least one competing streaming service after 6-12 months in order to avoid antitrust regulations. As someone upstream mentioned, when movie theaters were studio specific, the feds eventually became involved and broke the system up.
I dropped DirectTV years ago when I used to look at my channel guide on Saturday morning and see page after page of infomercials. And that was after setting up my favorites list which was maybe a third of the channels I was paying for.
Even when a program I liked was playing, the commercial breaks seemed to get longer and longer, and the commercials scummier and scummier. Boner pills. Restless leg syndrome. Reversible mortgages. Snake oil, junk food, and scams.
People are sick and tired of traditional cable systems. They don't want to pay for channels they don't watch. They're tired of the commercials. And they're increasingly spoiled with on-demand programming.
Your business model is dying. The sooner you become an IPTV on-demand gateway for content distributors, the better. Otherwise, the Roku boxes of the world will do it for you.
They're actually worse. In a traditional brick and mortar store, every customer sees the same price on the shelf. But e-Commerce stores like Amazon are increasingly turning to customer analytics to fine tune pricing on a per customer basis. They're looking at your shopping history, your estimated income, and several other metrics to squeeze more money out of you. The closest traditional retail can come to that is setting different prices for their stores depending on the economic status of the surrounding area.
Sales are often little more than a price scam. It has been shown time and time again that many stores raise their prices before a sale in order to give the illusion of a discount during the sale. Or they do it to give the impression that their product is more upscale since it originally came with such a high base price.
If you use price tracking websites or comparison apps, you can see in the historical pricing that stores often raise their prices shortly before large sales events. Black Friday and store closure liquidation sales are often the worst. I've been to stores claiming 80% off, yet found cheaper prices down the street.
So do yourself a favor: ignore the signs saying x% off and just look at the final price. Compare it to other stores and historical data. Then figure out the real x% off based off the lowest price you can find. Probably not such a great deal, right?
Switching providers may not help because they may be oversubscribing their backbone or uplink just as much as your own ISP.
I don't have an issue of ISPs providing different latency tiers or different levels of guaranteed bandwidth. But the choice should be on the customer buying the connection. The ISP shouldn't be using quality of service or resource reservation protocols to improve traffic to their own services (like VoIP) and not those of their competitors. Nor should third parties be allowed to pay the ISP to alter traffic flows within that ISP's network to the detriment of other third parties. If MegaCorp X wants to speed things up to their site, they need to work with the ISP to add their own PoP.
I've never owned a smart TV where the manufacturer provided updates beyond a year. I consider the smart functionality to be a waste of money and a waste of electricity. I'd rather have extra inputs than any smart functionality.
There was also a tiny window where Itanium had some life, around the early 2000s before x86-64 became a thing.
It also had some life in the research computing and banking industries. In addition to the extended memory space, the Itanium included a significant amount of hardware for catching and correcting faults. If the cost of a wrongly flipped bit was incredibly high, you needed this level of checking and correction. It has only been in the past few years that Intel has included the same level of hardware in their Xeon series, now that their hesitation to cannibalize Itanium sales has subsided.
It's a local pollution reduction thing... Not every truck is on long routes.
True, but many warehouses and distribution centers are within populated areas. There are a huge number of distribution centers east of L.A., and they are a significant contributor to particulate pollution in the area. It is bad enough that it is causing an asthma cluster in the area.
While hydrogen-hybrids may not be suitable for long-haul trucking, there are other options using current-gen tech. One proposal is to switch to LNG, which contributes significantly less pollution per mile driven. A number of states have been experimenting with it as a cleaner fuel, especially with the crash in NG prices.
Slashdot Mirror
Not necessarily. If these printers are factory configured to use uPnP and their edge firewalls allow it, these printers could punch their way out even if they were on a network with private IP space.
I'd bet that many of these printers are on small business DSL or cable connections that come with a pool of public addresses and these folks just connected directly to the Internet. No firewall, no security.
It would be unrealistic to ban IC-engine vehicles in a decade. As others have pointed out, short of some revolution in battery capacity, they just don't have the range.
What would be more realistic would be a ban on diesel engines and a requirement to use hybrid drivetrains for passenger and freight vehicles. The technology is mostly available today and the pain and cost would be much lower.
Wrong. Using your mobile device on an extended partner network for a large period of time is considered a ToS violation.
Correction: "...the FTPS server can't tell the client to issue a CCC (clear control) or a CDC (clear data) command. So if your site requires a clear control channel..."
Stateful firewalls and load-balancers don't care if the data channel is encrypted. They only care about the control channel after authentication.
FTP can be encapsulated with TLS, but it is neither easy nor pretty. And the claim that it is just as secure as HTTPS depends on how you invoke FTPS.
The most secure method is to use implicit FTPS, which uses TCP ports 989 and 990. The FTPS server immediately expects the client to negotiate TLS (ClientHello) and to stay in TLS mode. The slightly less secure method is to use explicit FTPS, which uses the traditional TCP ports 20 and 21. For that method, the FTPS client has the ability to step in (AUTH TLS, PROT) and out (CDC) of TLS mode as its likes. It is up to the server to enforce if a resource is available outside of TLS mode.
In either method, an encrypted control channel prevents firewalls and load-balancers from eavesdropping on PORT and PASV commands, which prevents those devices from creating dynamic ACLs and NATs. Supporting Active FTPS on a firewall is ugly. Passive FTPS isn't as bad, but then you have to use source address affinity/persistence across ports to glue the control and data channels together for your load-balancer NATs/VIPs. If your client resides behind a source NAT or proxy cluster that doesn't keep their IP address locked, that persistence can break unless you use source mask larger than a /32. Even that can break if the client is load-balancing outbound connections across multiple ISPs (think mobile devices that use both WiFi and Cellular data simultaneously).
The explicit FTPS method allows a client to revert to an unencrypted control channel after authentication, but it is only at the client's discretion. The FTPS server can't tell the client to issue a CDC command. So if your site requires it, you have to tell your users to configure their FTPS client that way.
Lastly, SFTP is a subsystem of SSH. It is unrelated to FTPS. You're asking that browser designers and network admins add yet another protocol and port when an existing solution, HTTPS, already exists and is good enough. I have only seen SFTP used as a stand-alone product (read: not bundled with shell access) in a couple of very niche situations.
And the only safe encoding is ASCII.
Then you go back to the dark days of code pages, which was its own headache, especially with eastern languages.
It wouldn't be difficult to have a program highlight text that comes from another Unicode alphanumeric language block than your own. That way if someone tries to use similar looking characters, you'd have some notice. Also, it wouldn't be difficult to blacklist Unicode blocks, like the ones used for symbols. That would eliminate the emoticon issue.
What could possibly go wrong?!
Connor MacLeod could fail to achieve a Quickening, which would allow the head of China National Shield Corporation to continue with their nefarious plans for another five decades after the Earth has cooled.
It'll continue to happen as long as nobody important goes to jail for the breaches.
Hopefully this cozy relationship between media creators and distribution channels will eventually be unraveled. Long ago, movie studios used to have ownership stakes in the theaters their movies were shown in. The government put an end to that. I'd like to see the same competition law kick in and force Disney to keep streaming contracts with outside firms.
I've owned android devices ever since my T-Mobile G1 and I have *never* needed to roll back an OS upgrade.
I have. I upgraded my Galaxy S1 Fascinate from stock Android 2.3 to a Cyanogenmod Android 4.0 ROM, but later rolled back to stock because of how frequently my handset would freeze.
My Galaxy S5 Neo just upgraded to Android 7.0 last week. The lock screen clock is now weird, lock screen controls for PowerAmp are now buggy, and the several programs now seem to just sit and think for a second or two. I tried replacement lock screen apps to fix the first two issues, but they bring their own set of bugs. I'm half tempted to roll the handset back to Android 6.0. Probably going to be my last Samsung phone.
The related links section at the bottom of the page listed "Donald Trump Wins US Presidency".
Perhaps Slashdot's servers are on to something: giant sucking windbags, massive economic damages, and constant media attention. I understand how it could mistake the resemblement.
I've noticed in the past two years that local broadcasters are rushing to add as many DTV subchannels as they can. As a result, the picture quality is turning to absolute garbage. I've been slowly deleting them from my channel list as they become unwatchable.
Legislation will need to be approved that forces manufacturers to keep their software patched. There just isn't enough financial incentive at the moment. What scares me is that the next gen DTV broadcast standards are moving towards increased connectivity. The new ATSC 3 standard uses a MPEG-H transport stream over UDP/IP, which includes a HTML-5 presentation layer. Even if you leave your TV disconnected from your local network, it can still receive bad content from from broadcasters.
Imagine a scenario where a state sponsored intelligence agency pushed out an attack against a neighboring country that bricked television sets just before an invasion by their military.
Even if the emails are sent over SMTP-TLS and the emails themselves are signed and encrypted, the workstations of the people in finance could be targeted via a spear-phising attack. A trojan could alter the text as their email client displays it. Companies really need to treat those devices with special care and extra doses of paranoia.
Keep in mind that 64-bit applications are more resistant to brute force memory attacks since address space layout randomization (ASLR) techniques have a significantly larger address space to work with. It may utilize more memory, but it'll be less prone to stack and heap attacks.
I disagree. I ran XP x86-64 edition on several home PCs. I never had an issue finding drivers for integrated peripherals (Ethernet, Firewire, audio, RAID), video cards, mice, keyboards, or mid-level printers. Drivers for video capture and game controllers were rare at first, but became much better after the release of Vista. The only drivers that remain difficult to find to this day are for entry-level printers and WiFi adapters.
Many of the worst issues with x86 assembly were resolved with the 386. The instruction set was more orthogonal and the memory layout was simpler to use. That said, there are three things I wish that Intel or AMD had included with the 386:
1) a couple more address base registers (ie, EAB, ECB, EDB) so we didn't have to borrow general purpose registers for address indirect ops, or just add more GPRs like they did with AMD64 and the Z8000
2) support for index and displacement address modes with the CALL instruction so that proper call tables could be used (ie, CALL EDB+_FuncOffset)
3) deprecate the direction flag for the ability to specify the direction in a string op itself (ie, MOVSDI/MOVSDD or MOVSD [EDI++],[ESI--])
I don't see what's wrong with continuing to license older content to another streaming network
You would think that it would be in their best interest to release content to at least one competing streaming service after 6-12 months in order to avoid antitrust regulations. As someone upstream mentioned, when movie theaters were studio specific, the feds eventually became involved and broke the system up.
I dropped DirectTV years ago when I used to look at my channel guide on Saturday morning and see page after page of infomercials. And that was after setting up my favorites list which was maybe a third of the channels I was paying for.
Even when a program I liked was playing, the commercial breaks seemed to get longer and longer, and the commercials scummier and scummier. Boner pills. Restless leg syndrome. Reversible mortgages. Snake oil, junk food, and scams.
People are sick and tired of traditional cable systems. They don't want to pay for channels they don't watch. They're tired of the commercials. And they're increasingly spoiled with on-demand programming.
Your business model is dying. The sooner you become an IPTV on-demand gateway for content distributors, the better. Otherwise, the Roku boxes of the world will do it for you.
They're actually worse. In a traditional brick and mortar store, every customer sees the same price on the shelf. But e-Commerce stores like Amazon are increasingly turning to customer analytics to fine tune pricing on a per customer basis. They're looking at your shopping history, your estimated income, and several other metrics to squeeze more money out of you. The closest traditional retail can come to that is setting different prices for their stores depending on the economic status of the surrounding area.
Sales are often little more than a price scam. It has been shown time and time again that many stores raise their prices before a sale in order to give the illusion of a discount during the sale. Or they do it to give the impression that their product is more upscale since it originally came with such a high base price.
If you use price tracking websites or comparison apps, you can see in the historical pricing that stores often raise their prices shortly before large sales events. Black Friday and store closure liquidation sales are often the worst. I've been to stores claiming 80% off, yet found cheaper prices down the street.
So do yourself a favor: ignore the signs saying x% off and just look at the final price. Compare it to other stores and historical data. Then figure out the real x% off based off the lowest price you can find. Probably not such a great deal, right?
Switching providers may not help because they may be oversubscribing their backbone or uplink just as much as your own ISP.
I don't have an issue of ISPs providing different latency tiers or different levels of guaranteed bandwidth. But the choice should be on the customer buying the connection. The ISP shouldn't be using quality of service or resource reservation protocols to improve traffic to their own services (like VoIP) and not those of their competitors. Nor should third parties be allowed to pay the ISP to alter traffic flows within that ISP's network to the detriment of other third parties. If MegaCorp X wants to speed things up to their site, they need to work with the ISP to add their own PoP.
I've never owned a smart TV where the manufacturer provided updates beyond a year. I consider the smart functionality to be a waste of money and a waste of electricity. I'd rather have extra inputs than any smart functionality.
There was also a tiny window where Itanium had some life, around the early 2000s before x86-64 became a thing.
It also had some life in the research computing and banking industries. In addition to the extended memory space, the Itanium included a significant amount of hardware for catching and correcting faults. If the cost of a wrongly flipped bit was incredibly high, you needed this level of checking and correction. It has only been in the past few years that Intel has included the same level of hardware in their Xeon series, now that their hesitation to cannibalize Itanium sales has subsided.
It's a local pollution reduction thing ... Not every truck is on long routes.
True, but many warehouses and distribution centers are within populated areas. There are a huge number of distribution centers east of L.A., and they are a significant contributor to particulate pollution in the area. It is bad enough that it is causing an asthma cluster in the area.
While hydrogen-hybrids may not be suitable for long-haul trucking, there are other options using current-gen tech. One proposal is to switch to LNG, which contributes significantly less pollution per mile driven. A number of states have been experimenting with it as a cleaner fuel, especially with the crash in NG prices.