3632 posts • joined 10 Jun 2009
"I was under the impression that the 'separation' by NAT routers was kinda a byproduct, and can easily be worked into a 6 only router* by just blocking anything coming in over the WAN interface by default, allowing port forwarding much the same as IPv4 + NAT, but just not requiring the IP address MAPPING, as in instead of "anything coming in on the WAN on port 80, map to port 6680 of 192.168.1.230" you'd simply say "Anything coming in on 3D8B:0004:773A:FB01:: port 80, route straight through" ?"
A byproduct, maybe, but a welcomed one, because local net addresses are just that: they're not meant to be exposed to the Internet, and most network stacks will interpret this as such. If not, some link in the chain is likely to realize, "Hey, this isn't a proper internet address" and reject the connection. IOW, odds are if you tried to use a local net address to connect to a LAN address behind a firewall, odds are the firewall won't even be aware of it.
Sometimes, the best defense is stealth, as in making it look as if your machine doesn't exist. Think of it like a hotel or hospital where the rooms can't be direct-dialed from the outside (room-to-room calling is unaffected) but have to go through the front desk first. The front desk is the NAT firewall in this case even if outgoing calls are being routed automatically. If you tried to direct-dial a room, odds are the number is invalid and the phone company will block you, not even reaching the front desk.
There's an IPv4 address space in IPv6, and there are ways to bridge between them. One concern has been firewall penetration, as NAT provided an additional layer of security by separating the address spaces naturally. Also, some businesses run OLD (Pre-IPv6) hardware they can't replace. A sudden changeover would isolate them.
Re: Ban the voice!
"It's about time that the myth was busted over safety concerns. If there was *EVER* the possibility that a PED could have downed an aircraft, they would *NEVER* have been permitted on board. They would have been confiscated at security."
But unlike other things, the PED has several factors that make wholesale confiscation thorny.
1. They're ubiquitous, meaning most passengers have them. The wholesale confiscation of something most passengers have can be ornerous, especially when...
2. They're not easily replaced. People grumble about the liquids bit, but that's offset because one can usually just resupply at their destination. About the only people who have a problem are those with large quantity of prescription fluids. In which case, they'll have to go into checked luggage. But...
3. They're sensitive to temperature extremes AND contain Lithium. Since there's no guarantee a luggage hold will be climate-controlled, the PED might be exposed to damaging temperature extremes and such. Furthermore, lithium is a fire risk (prone to spontaneous combustion), which is why it's banned in luggage holds (at least in a carry-on it can be pulled out in an emergency).
4. They're considered an essential accessory to many: a link back to base. Meaning if they can't take the PED, they're not going. That puts a financial pressure on the airlines catching them between Scylla and Charybdis. If they cave, the PED might down the plane, but if they don't, the lack of passengers might torpedo the business.
Re: Don't get too upset
I don't know. People are used to the lag with video sat phones seen on newscasts. If they're aware of this, they may peg this as the cost of using their phones on an airplane.
Re: Don't get too upset
How did they block Skype if someone was tunneling? Did they block tunnels?
Re: It is not my own government I am most worried about.
You'll never convince the software makers to loosen their terms since many of them have captive markets with no honest competition, especially in the professional field. Let's face it. Except for the most basic of things, GIMP is no Photoshop, and I still haven't found anything that approaches the level of features in Premiere or After Effects. All the software maker has to do to (which many are transitioning anyway) is to render all of their transactions leases or subscriptions. At which point, all the buyer can do is accept the limits of the agreement or go without.
When the town only has one well (and practically no way to make another), do you dehydrate yourself to spite its owner?
Re: @FormerKowloonTonger Lest We Forget.
"Wolesale indiscriminate collection of data on the citizens of a country by those who govern is completely different."
So is a world where a single man can potentially ruin civilisation if you're not careful. That's the thing about eternal vigilance. One bad apple can spoil the whole bunch. One determined nihilist with time, and resources can unleash pure hell (and with technology progressing as it is, one cannot discount the possibility of something like a rampant viral plague like avian flu). Know any other way to combat a lone-wolf existential threat?
Re: Here We Go Again.
But what if it's not "a little temporary safety," but "the only thing standing between you and utter oblivion"? We already know some people are insane enough to desire The End of the World as We Know It, and technology is making the possibility easier to reach. Furthermore, it's against our instinct to allow an existential threat to linger.
I think the article notes however that domains cost real money and are generally held for a decent length of time (say at least one year), so there's an incentive to reuse the domains, just not right away. IOW, a malcontent wanting to maximize the RoI on the domain will want to figure out how long to lay the domain low before using it again.
Furthermore, the algorithm used to generate the domain names has to be portable since the malware has to know the code, too. This requirement also reduces the odds of changing the algorithm in mid-flight since doing so requires a way to pass along the new technique to the botnet, some nodes of which may fall out of the loop before being updated.
Re: One thing which hasn't been mentioned re MP3 encoding
Another commenter already tried the Audacity bit, subtract-mixing the encoded file over the lossless one and noted that, especially at high bitrates, the resultant delta is generally very small, like a tiny warble of noise along the centerline of the graph. Admitted, there could be some spikes along the line where perceptual coding can't handle things so well such as at high-frequency noise (eg. cymbals), but is says something to the "pretty good enough" factor.
Re: Smartphone vulnerability?
This appears to be specific to custom ROMs. Mine's a lightly-touched TouchWiz job, and bash is missing from it. Which lends credence to my supposition that most Android installs lack bash and are thus safe for now.
Re: Smartphone vulnerability?
I may be wrong, but I think Android's default is the basic Bourne Shell sh. Bash has to be explicitly installed, and I think that takes a rooted phone. Since sh isn't robust enough to be vulnerable to the same problem as bash, most Android implementations should be safe. Besides, most Android rooters tend towards Busybox, which is also safe.
Re: "since most of them can't be patched"
"Can you compile the update of Bash for a BT Home Hub, or do you have to wait for BT to push out a full firmware update?"
Are we SURE this devices uses bash? As the article and several comments note, embedded devices are strapped for space and are more likely to use a compact implementation like that in busybox, which isn't affected. Other network-facing devices are just as likely to be running BSD than Linux, and BSD prefers the C shell csh (usually TENEX C Shell or tcsh) over the Bourne shell sh(and the bug in this case is specific to the Bourne-Again Shell bash).
You can extend this idea even further and ask yourself why pharmaceuticals never put serious work into full cures and permanent vaccines. An economist can easily answer the question: there's no long-term return on a one-and-done. That's why it's always treatment regimens and short-term vaccines where there's always a need for a return trip, guaranteeing one of those economic paradises: a captive market which guarantees repeat business. The only way to break this cycle is to seek an entity that isn't in it for money. About the only type of entity with both enough power and an ability to detach from a money motive is a state.
Re: In the last few years
I suppose this is why no country has gone the extra step to require express, explicit, and direct consent (IOW, full opt-in) in order to obtain any PID or share it anywhere outside the direct context of the site. Also why no country expressly bans requesting such PID as a requirement for the use of a site barring direct commerce (exchanging actual money for goods/services).
The service providers can simply go, "Sod this" and take their ball and go home, blocking all access to that part of the world.
Re: "Fake tape detectors..."
I can understand insertions and distortions, but you're saying these forensics can also detect cuts to existing material (in your case, cutting out the "our opponents would say"), even though nothing was added that was different from the original source material with all its background characteristics?
Re: "Fake tape detectors..."
The part at the end where "doctored" tapes are submitted with cleverly-edited audio and such.
"A common trope in a lot of drama, pirated or otherwise, is where the protagonist hands on a recording that could have been faked, or altered."
Re: Right upto the point where the Netflix exec demonstrated on camera
"They aren't using DPI, they would just use ports to identify types of traffic, so an unencrypted proxy wouldn't change anything. A proxy running on the same port Netflix sends video on would be interesting."
And if the ports are randomized? Or routed through nonstandard ports? Or wrapped in more traditional traffic like HTTP?
Re: Right upto the point where the Netflix exec demonstrated on camera
Then why doesn't someone counter the claim by showing the same trick works with an UNENCRYPTED proxy?
Then what about companies like Comcast that have vertical integration? They not only own the pipes but also the content to send along it (Comcast owns NBC Universal)? It's like the railroads also owning the timber land. They now have a natural (and fiduciary) interest to favor their own sources (Comcast will want to prefer NBC/Universal content, the railroad will prefer timber from their own land). Trouble is, this creates a conflict between private property rights and monopoly behavior, especially if the transit line is the one and only line available.
Re: Where's Worstall?
"But you must concede, both are on a rather different order of magnitude than things like aluminium or land."
A different order of magnitude, yes...lower. Especially time. "Your days are numbered" comes to mind. No matter how much we want to fight it, our time comes eventually, so every living thing as far as we know has a time limit. Meanwhile, how much energy can one human or one community amass in any given time period and put to practical use?
Re: Where's Worstall?
"But people also value the lovely software that some of you guys around here write. And that requires no resource use (time and effort, yes, but none of those "finite resources") in manufacture. But it's still an addition to value added and thus is part of GDP."
You still need a finite resource even for software: you need energy: energy to think of the design, energy to exert yourself, energy to employ tools and machines to carry out your design, and (especially here) energy to actually put your stuff to use. In addition, you need time to do everything. Both energy and time are inherently finite.
Re: If you give a politician 1£ ...
"And that leads to another facet of the popular vote, maybe the hardest of all: you should learn all you can about the subject before voting and if you feel that you do not know enough d o n o t vote!!"
But then you run into the problem of "blissful ignorance." Everyone who goes to vote believes in his or her mind that they DO know all they can about whoever they want to vote. And there's no way to objectively test this because ANY test is a product of man (even a computer program must be programmed by a man at some point), which means SOME form of bias creeps in. And even if we make the test standard the same as for naturalization I would bet people are willing to screw both parties over. IOW, the potential for self-sustaining corruption is endemic to the human condition. There's just no way to escape it long-term, and even correcting their appearances short-term are difficult.
Re: The Russians are still the best evidence...
"It was a tit for tat agreement - the Russians kept schtum about the hoax Moon landings in return for the Americans not revealing that Sputnik was in fact a balloon."
But that would imply the Russkies threw the Space Race at a time when a lot of national pride was on the line in the middle of the Cold War (not to mention less than a decade after the Cuban Missile Crisis). IOW, the Soviets were competing with the Americans. If the landing was fake all the Russians had to do to deflate the Americans was to film themselves first. Why throw the race if the solution was so simple? If they pulled it off, Sputnik could be safely ignored or simply blown off as American lies.
Re: The Russians are still the best evidence...
"In fact the best evidence against the hoax is the recording technology available at the time. It was physically impossible to do what the hoaxers claim was done."
What about black tech. No one knew the Americans had a practical and flying stealth fighter for decades. Even the SR-71 (which was still low-radar) was black tech. Under the auspices of black tech, it may have been possible to have tech beyond anything possible in the civilian world.
Re: Return journey
" It's just a matter of finding out what moon dust is good for"
I hear a rather kooky "scientist" who built a weird laboratory some 5km under a salt mine just happened to notice that mixing it into a gel and painting a surface with it made it quite conductive to quantum spatial portals. Unfortunately, the same man also discovered moon dust is not meant to be taken internally...
Re: Class Action?
But then who foots the bill? The legislature is unlikely to set aside the budget; there are bigger fish to fry.
"What the UK needs more and more as time goes by is a written binding constitution with rules written into it that make changes that affect citizens rights via Parliamentary Sovereingty or any other means difficult to make without going to the people via referendum."
That'll never work. In the end, ANY form of agreement is ONLY as binding as the parties are willing to go along with it. Once one side decides it's not worth their time, it becomes merely ink on a page. This is especially true when one of the parties is a sovereign state because one fundamental thing everyone overlooks is the very definition of "sovereign".
"Simply statistics. If a company has 1000 people and 1 gets ill, if you are the ill one you are going to have sufficient problems that might make it impossible to work. I know someone who recently died from diabetes complications - a terrible way to go I can assure you all- but their employer did not eject them. This is why healtcare should be universal - we can quibble about the implementation but not the need."
But now take it to a more perverted end. The overall costs involved might make it cheaper to train a replacement for you from scratch. As far as the employer (and perhaps his/her investors) are concerned, let Darwin sort you out.
Re: It's all down to the stupid....
And the boss couldn't threaten to dismiss them?
Re: Two factor ...
So they just develop a portable biometric scanner. They can use a putty or jelly to snag your fingerprint, a syringe to get blood for DNA. Pretty sure they can whip up a vein scanner eventually. Put it this way: something you are may as well be something you have, for anything we can whip up to detect a live presence, someone else can whip up to simulate said presence.
Or perhaps electrode helmets like in other VR sci-fis. I frankly don't know if we can sufficiently fool the brain without doing something too radical. Seeing as how the brain has to many sensory inputs to draw from: namely the entire nervous system which includes all the tactile neurons associated with out skin. Without full five-sense illusion, the potential always exists for Simulation Sickness.
Re: Why cut it live?
"However, it's far easier to just hook in where the cable lands."
Perhaps, but also recall that some of the argument is that the cable may land in "enemy territory" where tapping on land isn't politically possible or safe.
"One issue is when new technology comes out, like faster SAS speeds or an entire replacement. Then you just cannot swap drives out but a full-on migration."
But you can still perform it gradually. The big part is replacing the controller tech with one that can bridge the gap, say one with the new tech built in and the old stuff supported with a module. Then you can change out to the new drives as you swap out the old ones. Once the last old drive is gone, the module can go as well.
Re: Take a hint from nature
As I recall, DNA is an inexact kind of thing. Which is why even identical twins don't have identical fingerprints. In any event, while sharks may not have evolved much over a few hundred million years, we'd probably be able to note some incremental steps along the way, meaning the copying process isn't very exact.
Hey, people still look up Sun Tzu, don't they? Historical combat data can have its uses in the broader scheme of things.
Re: 1000 years?
"The thing to keep in mind is that with Blu Ray, you won't have to do the periodic (and expensive depending on size) tape migrations."
Then what happens when you have an optical disc migration instead? DVD migrated to BluRay, and for archival we'll probably be moving from BluRay to Archival Disc unless something else comes along, and even within Archival Disc there will be several iterations for starters. The vaunted 1TB/side won't be available for a few years yet. Heck, even external hard drive tech like RDX requires periodic migration (RDX claims a 30 year life right now, but can you really believe that number?).
Re: Game of Thrones
Unfortunately, that's part of the power of copyright. If HBO feels Foxtel's deal rakes in more money than any potential loss of customers due to the bundling, that's for them to decide and no one else. The only way you can counter is to offer a sweeter deal, but you can still be outbid.
"The film is no longer in the cinema."
Not at the first-run cinemas, but you forget all the second-strings like cinema cafes, airlines, prisons, hospitals, etc. All of these locations will pay good dollar to host content that's not available elsewhere at this time. And remember, this is all for view-once venues. The distributors won't go for one-and-done sales (videos) until they exhaust the oppotunity for view-onces since they still stand the chance of getting a double-dip until then. Which means they won't release discs until it has its day with On Demand/Pay Per View, either. Besides, for them, video release day acts as a second wind when it comes to advertising, so they're not too worried about people not remembering the movie.
"For decades bands have had merch stalls at concerts so you can buy CDs, tee shirts and other memorabilia."
Barring a phenomenon franchise like Harry Potter or The Hunger Games, loyalty for any one movie tends to pass over time. People go on to the next one. To movie companies, once the movie goes out on home video, that's about it as far as they're concerned. People will buy it or not at their choosing, and time usually won't affect the sales that much, as people who want the movie will be willing to wait (ask any diehard Apple fan).
"A film with an August cinema release doesn't appear on Blu-ray/DVD until Christmas. How many people with a desire to buy and cash on the hip will wait that long?"
Do you know it's been this way since the days of the videotape? This is normal for any mainstream release, even in the US. Movies always get released on a specific staggered schedule (theaters first, then airplanes and other confined venues, then pay-per-view/on-demand, then home videos, and finally mainstream television), and they're not going to deviate from the schedule because it's very carefully calculated to maximize the revenues from each step before going on to the next one. Cardinal rule of publishing: don't introduce a new distribution stream until you're sure the effect it will have on your existing revenue streams (ex. you don't release home videos while the movie's playing at the cinema; otherwise people stop going to the cinema) are minimal enough to take.
Re: I'd still say it's MIMO
I thought the key element to MIMO is the fact it uses multiple antennae in order to take advantage of interferometry to improve signal clarity. IOW, this can't be MIMO as most would understand the concept.
Caught up with Linux? What about true and ubiquitous symbolic linking?
About the dendrites? Yes, that's supposedly the bug-a-boo about both recharging techs. I recall that it's a disturbing tendency with alkaline batteries which is why the idea has since dropped (you don't get enough recharges out of it to be worth it). And dendrites have been fingered in more than a few spontaneous Lithium combustions. I recall the research shows that improper charging is a big factor in that, which means this research could help to minimize the phenomenon.
GZIPped 7-bit ASCII if the article is accurate. Deflation works very well on simple HTML.
Re: Human flea instead?
"...then the opposing force turns on a wide-band high-power RF jammer, giggling all the way, and the drones are left to fend for themselves (if they have any onboard intelligence at all)."
And then the OpFor finds themselves minus a few members because the drones were preprogrammed to ID enemy targets so needs no outside input to carry out its mission. With gyroscopic accelerometers and a prior fix, it may even be able to find its way out of the battlezone without satellite guidance. This is not as crazy as you think and represents the current cutting edge of drone design.
PS. Going to the "short burst" design, I would think this would actually be more practical. Not so much to provide a continuous thrust but perhaps a quick burst of speed if and when necessary, say a jumpstart to get up to running speed (which is tougher to do when you're fully loaded), as someone said, a quick heave to get over a wall or perhaps something to get across the kill zone more quickly and with a greater chance of escaping unscathed. The unit would also have a longer work life that way.
Re: DARPA has a budget problem: How to spend it fast enough
Until you discover the man is still right behind you...because he's lived most of his life without shoes and therefore routinely runs barefoot.
"If WiFi calling is really just VoIP and uses the same setup as VoLTE, then roaming between the two seamlessly would work."
It doesn't quite work that way. It's more like a modified SIP as it's currently set up. It's a more or less proprietary implementation so as the article notes it needs a T-Mobile-specific firmware for it to work.
Re: Creation and Duplication
Now, for professional textbooks and such with intricate and exacting layouts (picture and diagrams have to exist in a certain arrangement, etc), particularly in colour, yes there's an art in itself to the layout which would require the work of a skilled professional. Plus there's the research and verification of the source material by experts in the related field. Given all that and relatively low print runs, professional books will always be expensive simply for all that: never mind the ink, presses, and paper.
What about for a simple novel with few if any illustartions (all B&W) and no complicated layouts (say the illustrations are all full-page and all the text follows a fixed layout? Does it really, really cost that much to that such simple typesetting?
Even if it appears to come from a colleague? That's the point behind spear phishing.
Re: And of course...
"I'm still puzzled about the allegedly disguised filename. The story is that the text is reversed so the scanner won't pick it up, but the display presents it in such a way that it reads normally. When you click on a link or a filename it doesn't matter what it looks like, the thing that is executed is whatever is in the text, and that's what the scanner will see too."
The example in the article is erroneous, but the idea is that the filename is written backwards, too. Think "txt.setoN gniteeM evituc.exE". This is actually a program (which could contain a zero-day privilege escalation rootkit or such), but if it's displayed in a RTL mode, the displayed name gets reversed and now appears to be "Exe.cutive Meeting Notes.txt", making it look like an innocuous text file. See where this is going? Combine this with spear phishing, and the whole thing could be believable enough to click to open.
- +Comment Anti-Facebook Ello: Here's why we're still in beta. SPAMGASM!
- Vid+Pics Microsoft unwraps WINDOWS 10: Seven ate Nine. Or 8 did, anyway
- NASA rover Curiosity drills HOLE in MARS 'GOLF COURSE'
- WHY did Sunday Mirror stoop to slurping selfies for smut sting?
- Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9