Google Said..... Was: RE: London incidents

[Hannigan, Martin]

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
> Steve Sobol
> Sent: Tuesday, July 12, 2005 10:25 PM
> To: North American Networking & Offtopic Gripes
> Subject: Re: London incidents
> 
> 
> 
> Jim Popovitch wrote:
> 
> > I think the world has shown that cellphones have been used 
> over and over
> > to detonate explosive devices.  Why wait for it to be proved again
> > before doing something?  AFAIK "Emergency Only" mode allows for 911
> > calls, 
> 
> And means nothing if power is cut to the cell sites and you 
> can't connect to 
> anything. Emergency mode only works where there is a signal.

Good points. And thanks for not saying "Google said...". 
Independant sources are not listed in google. :-).


[ObSecOp: FWIW, you can google how a cell phone can be used as a detonator
   and it does tend to demonstrate some thought on controlling cell
   signals as security policy...THAT is a good use for google.. -M< ]

ObTechnoPoliButOffTopic:

If the UK GOV makes a tacit denial of such an event 
that would hold  more[1] credibility than them pointing 
at others saying they didn't do it. 

[1] Slightly more, depending upon how high up.


-M<

Re: London incidents

[Joseph S D Yao]

On Tue, Jul 12, 2005 at 06:11:09PM -0400, [EMAIL PROTECTED] wrote:
> On Wed, 13 Jul 2005 09:26:33 +1200, Mark Foster said:
> > "Using phone company records, researchers assessed phone use immediately
> > before the crash.
> > They found a third of calls in the 10 minutes before the crash were made on
> > cellphones.
> 
> And the *other* 2/3rd of the calls were made on what, exactly?
> 
> A land line just before departure, followed by a crash less than 10 minutes 
> into
> the drive? (This would tie in well with the "agitated by the phone call" 
> theory
> advanced by JC Dill...)


No doubt VOIP via satellite or other wireless LAN ... an exciting
concept, no?  And putatively even on topic.


-- 
Joe Yao
---
   This message is not an official statement of OSIS Center policies.

Comment - Re: OMB: IPv6 by June 2008

[Joseph T. Klein]

Just spent the evening catching upon NANOG reading.

IPv6, NAT, VoIP, address reclamation and routing scalability all in
one thread - WOW. Truly a nice mix of top NANOG argument.

Even one posting on sloppy IPv6 peering policy!

So how many who write against IPv6 have tried it?

For any who use IPv6, I am interested in NAT/PT, 6to4, faith and
DSTM experiences. Drop me a line if your willing to share your data.

A few years ago I set up my home network with OS X, XP, and FreeBSD
on it to run dual stacked IPv6/IPv4 - Set up a tunnel - The autoconf
works IMHO better than DHCP - I can watch the Kame swim on all
systems.

Yeah I know deploying IPv6 on a large scale is an annoying thought,
but I think some of the resistance to IPv6 is more from "don't
bother me, I'm busy" than any hard fast technological reason.

I do buy the market arguments that it will be driven by customer
demand, especially in the US. I also side with the view that IPv6
appears to be gaining traction.

USG is the 600lb gorilla customer and network provider will
take notice.

I have tasted the IPv6 forum cool-aide, and don't think its all
that bad.

The stuff is starting to work. I am beginning to think that you
soon will be able to swap 6 for 4 and user will not be the wiser.

Perhaps the cool-aide is spiked?
--
Joseph T. Klein

PSTN: +1 414 961 1690 VoIP: +1 414 431 4231 Mobile: +1 414 628 3380

Re: ICANN warns world of domain hijacking

[Steven J. Sobol]

On Tue, 12 Jul 2005, Fergie (Paul Ferguson) wrote:


> found that domain name hijacking incidents are commonly
> the result of flaws in registration and related processes,

And in other news: Researchers found today that the sun rises in the east, 
and sets in the west.

Is ICANN actually going to come up with a set of guidelines that will be 
enforced?

-- 
JustThe.net - Steve Sobol / [EMAIL PROTECTED] / PGP: 0xE3AE35ED
Coming to you from Southern California's High Desert, where the 
temperatures are as high as the gas prices! / 888.480.4NET (4638)

"Life's like an hourglass glued to the table"   --Anna Nalick, "Breathe"

RE: London incidents

[Hannigan, Martin]

> -Original Message-
> From: Sean Donelan [mailto:[EMAIL PROTECTED]
> Sent: Monday, July 11, 2005 8:50 PM
> To: Hannigan, Martin
> Cc: nanog@merit.edu
> Subject: RE: London incidents
> 
> 
> On Mon, 11 Jul 2005, Hannigan, Martin wrote:
> > > All this while I was trying unsuccessfully to use my
> > > mobile to ring the office.
> >
> > Some cell relays were temporarily shut to prevent a remote
> > detonation of additional explosives. Cellular remotes seem
> > to be a favorite of Al Qaeda and others.
> 
> UK Government officials deny they shutdown any cell phone service.

And?

Re: London incidents

[Steven J. Sobol]

On Tue, 12 Jul 2005, Jim Popovitch wrote:

> 
> --- "Patrick W. Gilmore" <[EMAIL PROTECTED]> wrote:
> > 
> > No, it's damned if you take stupid action, damned if you do not do  
> > something you should.
> > 
> > People in charge of our security should not be allowed to take  
> > whatever action comes to mind in the name of security.  
> 
> Then who should, and with data from who's mind?  I suppose they (the 
> ones in charge) could spend their time polling the audience, but that
> has it's price and uncertainty too.

Indeed it does, but I have to question whether the cellphone decision was 
well-thought-out. I really can't believe it was.
 
-- 
JustThe.net - Steve Sobol / [EMAIL PROTECTED] / PGP: 0xE3AE35ED
Coming to you from Southern California's High Desert, where the 
temperatures are as high as the gas prices! / 888.480.4NET (4638)

"Life's like an hourglass glued to the table"   --Anna Nalick, "Breathe"

Re: OMB: IPv6 by June 2008

[Bill Stewart]

> > How are people making the case for IPv6 with [VOIP]?
> > With G.711 and 20ms voice samples, with IPv4 you get:

If you're running G.711, you've decided that network bandwidth isn't a
problem for your application.  Percentage of overhead doesn't really
matter - it's total overhead bandwidth compared to available bandwidth
that sometimes matters.   There are several different usage scenarios
where there are different tools available for managing bandwidth
consumption
* LANs - you generally don't care
* Single point-to-point calls between general-purpose Internet
endpoints - bandwidth might matter, depending on the pipe size at each
end, and compression can be useful, but usually the more important
problems on small connections are MTU size (because of the latency of
a 1500 byte packet on a 128kbps upstream) and to some extent
prioritization.
* Multiple simultaneous calls between endpoints on a Layer 1 or Layer
2 network - Voice over Layer 2 Frame or ATM has largely fallen out of
fashion, though it worked well for its day.  IP header compression
from vendors starting with C is generally intended for this
environment - some of the versions also support fragmentation to work
around the MTU size problem, but many of them don't work well for
Frame/ATM interworking.
* Multiple simultaneous calls between a pair of Internet endpoints -
there are trunking-style VOIP protocols such as some of the IAX
versions that let you use one set of IP+Layer4 headers to  carry
multiple voice channels, and these can eliminate most of the per-call
overhead (at least when you have most of your channels active, which
is when it matters.)   There are some other VOIP-call-stacking
protocol approaches that at least let you use one set of IP headers to
carry a bunch of {Layer 4 header + Payload} tuples that reduces some
overhead.
* Multiple simultaneous calls at one endpoint to a bunch of
single-call or few-call endpoints across a general IP network.  At the
big end, the easy approach is to just buy fat pipes, but there are
carriers or applications that use header compression on the access
line, either with PPP headers to an access router or frame relay to an
Internet or MPLS edge router.  Unfortunately, we've mostly found it's
difficult to make those solutions scalable - typically the access
cards that are scalable for carrier-sized networks don't do that in
ASICs, and the router doesn't have enough CPU horsepower to support a
significant number of compression sessions in the main CPU at a
reasonable price (where "reasonable" is defined as "cheaper than
adding another access line and a couple more router cards".)
* Encrypted Voice Sessions - the popular approach is to use IPSEC,
which often requires adding a layer or two of NAT traversal UDP
headers as well, so any complaints about the overhead of IPv4 or IPv6
headers on an 8kbps voice session just get multiplied.  It's much more
efficient to do the encryption at the voice layer (at least for
Internet VOIP, as opposed to enterprise VPNs where all the bits are
getting wrapped in IPSEC anyway.)  SIP supports it, and even some
H.323 versions have it tacked on,  but I've found it very frustrating
how much carrier-scale and large-enterprise VOIP equipment doesn't
support payload encryption, so VOIP carriers either don't encrypt
(leaving VOIP wide open to wiretapping without even the grudging
pretense of protection of some of the CALEA rules), even on the media
connection which is between callers, or it's an option that the
carriers didn't buy/provision/activate/whatever.  Skype at least gets
some credit here (though they're using proprietary protocols and
closed source, so it's impossible to tell whether they've done a
secure implementation  that doesn't leak keying material all over the
place), and the Asterisk PBXs are capable of encrypting voice and
signalling channels for many choices of endpoints.


 Thanks; Bill

Re: London incidentsn

[David Lesher]

X-URL: http://www.nytimes.com/2005/07/12/technology/12auto.html?pagewanted=print


The New York Times 
July 12, 2005
Hands-Free Cellphone Devices Don't Aid Road Safety, Study Concludes

By JEREMY W. PETERS

DETROIT, July 11 - A study of Australian drivers found that those
using cellphones were four times as likely to be involved in a
serious crash regardless of whether they used hands-free devices
like earpieces or speaker phones that have been perceived as
making talking while driving safer.

.


-- 
A host is a host from coast to [EMAIL PROTECTED]
& no one will talk to a host that's close[v].(301) 56-LINUX
Unless the host (that isn't close).pob 1433
is busy, hung or dead20915-1433

Re: London incidents

[Bill Stewart]

On 7/12/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> > They found a third of calls in the 10 minutes before the crash were made on 
> > cellphones.
> And the *other* 2/3rd of the calls were made on what, exactly?
> 
> A land line just before departure, followed by a crash less than 10 minutes 
> into the drive?
> (This would tie in well with the "agitated by the phone call" theory advanced 
> by JC Dill...)

Landline *during* the drive.  Long extension cord.  Really yanks the
steering wheel around when you reach the end.(This probably
wouldn't become any more operationally relevant
if I noted that analog land lines avoid the need for IPv6 VOIP header
overhead)

Some fraction of phone calls made immediately before driving are
conversations about
"Please get here right away" or "sorry, I'm N minutes late but I'm
leaving now",
which don't lead to safe driving

 Thanks; Bill

Note that this isn't my regular email account.
And Google probably logs and indexes everything you send it.

Re: OMB: IPv6 by June 2008

[Phillip Vandry]

On Tue, Jul 12, 2005 at 09:35:37PM -0400, David Andersen wrote:
> samples to squeeze into a low bandwidth channel.  Enter IP header 
> compression, which is shockingly effective at compressing IP headers of 
> all sorts... if you've dedicated 128 bits for the address, and it's 
> still just as static as it was in IPv4, it'll compress to just the same 
> amount.  This is an easy technical problem to solve.

IP header compression only works well over a link where you have few
flows (fewer than the number of slots for compression) so my customers
get to save some bandwidth on their access links and I get the
privilege of wasting a lot in the core.

But I certainly take Iljitsch's point: maybe I'm complaining about VoIP,
not about IPv6.

-Phil

Re: London incidents

[Patrick W. Gilmore]

On Jul 12, 2005, at 7:09 PM, Crist Clark wrote:

As for the "inattentive-risky driver" and "agitated driver"  
theories, the
researchers took (tried to take) this into acount by using a case- 
crossover

design whereby individual drivers are their own control.


The drivers are "their own control" by looking at their driving the  
one, three, and seven days before.  Not exactly a good control if the  
drivers did not get an "agitating call" on those days.



But whether it is the call, the phone, the headset, the drivers,  
etc., JC's point of "accidents are not increasing in general" sounds  
pretty strong to me.



And MOST importantly, none of this is even slightly on topic. :)

--
TTFN,
patrick

Cable cutting suspect arrested

[Sean Donelan]

Chelmsford suspect on the hook in cable-cutting case
By Jessica Fargen
Tuesday, July 12, 2005

A Chelmsford man allegedly tried to get rich in a snip by cutting Verizon
and Comcast phone lines, then tried to get the companies to pay him to
stop, prosecutors say.

http://news.bostonherald.com/localRegional/view.bg?articleid=93434

Re: London incidents

[Steve Sobol]

Jim Popovitch wrote:


I think the world has shown that cellphones have been used over and over
to detonate explosive devices.  Why wait for it to be proved again
before doing something?  AFAIK "Emergency Only" mode allows for 911
calls, 


And means nothing if power is cut to the cell sites and you can't connect to 
anything. Emergency mode only works where there is a signal.



-Jim P. (who is tired of being caught in traffic behind weaving,
slowing/speeding, hand-waving and head-shaking, cellphone "drivers")


Well, Jim, it's a good thing that your dislike of cellphone drivers isn't 
completely orthogonal to this discussion, eh?


It also doesn't make you sound biased.

--
JustThe.net - Steve Sobol / [EMAIL PROTECTED] / PGP: 0xE3AE35ED
Coming to you from Southern California's High Desert, where the
temperatures are as high as the gas prices! / 888.480.4NET (4638)

"Life's like an hourglass glued to the table"   --Anna Nalick, "Breathe"

Re: OMB: IPv6 by June 2008

[David Andersen]

On Jul 12, 2005, at 1:52 PM, Phillip Vandry wrote:


How are people making the case for IPv6 with popular applications like
voice?

With G.711 and 20ms voice samples, with IPv4 you get:

20 bytes IP + 8 bytes UDP + 12 bytes RTP + 160 bytes payload
20% overhead.

40 bytes IP + 32 bytes shim6 8 bytes UDP + 12 bytes RTP +
160 bytes payload
36.5% overhead

Almost twice as much overhead is a much tougher pill to swallow. I 
would

try to stay with IPv4 as long as I could. Even without adding shim6
into the picture you're taking a significant penalty.


Even standard IP headers are a pretty high overhead for VoIP, 
particularly if you're doing very high compression to try to get the 
samples to squeeze into a low bandwidth channel.  Enter IP header 
compression, which is shockingly effective at compressing IP headers of 
all sorts... if you've dedicated 128 bits for the address, and it's 
still just as static as it was in IPv4, it'll compress to just the same 
amount.  This is an easy technical problem to solve.


  -Dave

Re: London incidents

[Steven M. Bellovin]

In message <[EMAIL PROTECTED]>, Valdis.Kletni
[EMAIL PROTECTED] writes:
>
>--==_Exmh_1121206268_8796P
>Content-Type: text/plain; charset=us-ascii
>
>On Wed, 13 Jul 2005 09:26:33 +1200, Mark Foster said:
>
>> "Using phone company records, researchers assessed phone use immediately
>> before the crash.
>> They found a third of calls in the 10 minutes before the crash were made on
>> cellphones.
>
>And the *other* 2/3rd of the calls were made on what, exactly?
>
>A land line just before departure, followed by a crash less than 10 minutes in
>to
>the drive? (This would tie in well with the "agitated by the phone call" theor
>y
>advanced by JC Dill...)
>

Sure, but there have been other studies *on simulators* that show 
similar effects: it's the call, not the handset, that causes the 
problem.

--Steven M. Bellovin, http://www.cs.columbia.edu/~smb

Re: OMB: IPv6 by June 2008

[Randy Bush]

> With G.711 and 20ms voice samples, with IPv4 you get:
> 
> 20 bytes IP + 8 bytes UDP + 12 bytes RTP + 160 bytes payload
> 20% overhead.
> 
> Now with IPv6. Say we use shim6 or something like that to implement
> multihoming too. The shim6 header isn't decided yet, but I suppose it's
> got to contain at least a pair of addresses (32 bytes).
> 
> 40 bytes IP + 32 bytes shim6 8 bytes UDP + 12 bytes RTP +
> 160 bytes payload
> 36.5% overhead

hey!  we charge by the byte.  so ipv6 is looking better and better!

Re: OMB: IPv6 by June 2008

[Phillip Vandry]

On Wed, Jul 06, 2005 at 09:46:53PM +0200, Iljitsch van Beijnum wrote:
> It's getting better all the time, but there are still strange bugs in  
> the applications, OSes and even the standards. IPv6 works very well  
> for many things but not so well for others. Fortunately, there is  
> still plenty of time to work out all the kinks before we need IPv6 to  
> step up to the plate. In the mean time, we need SOME IPv6 so that the  
> early adopters can find those kinks, and that part is right on track.

How are people making the case for IPv6 with popular applications like
voice?

With G.711 and 20ms voice samples, with IPv4 you get:

20 bytes IP + 8 bytes UDP + 12 bytes RTP + 160 bytes payload
20% overhead.

Now with IPv6. Say we use shim6 or something like that to implement
multihoming too. The shim6 header isn't decided yet, but I suppose it's
got to contain at least a pair of addresses (32 bytes).

40 bytes IP + 32 bytes shim6 8 bytes UDP + 12 bytes RTP +
160 bytes payload
36.5% overhead

Almost twice as much overhead is a much tougher pill to swallow. I would
try to stay with IPv4 as long as I could. Even without adding shim6
into the picture you're taking a significant penalty.

-Phil

Re: London incidents

[Crist Clark]

[EMAIL PROTECTED] wrote:

On Wed, 13 Jul 2005 09:26:33 +1200, Mark Foster said:



"Using phone company records, researchers assessed phone use immediately
before the crash.
They found a third of calls in the 10 minutes before the crash were made on
cellphones.



And the *other* 2/3rd of the calls were made on what, exactly?

A land line just before departure, followed by a crash less than 10 minutes into
the drive? (This would tie in well with the "agitated by the phone call" theory
advanced by JC Dill...)


Oh, gawd. Now I have to go read it myself. You can track this down
pretty easily at the BMJ site, bmj.com, and download a PDF version.
It's only 5 pages long.

I don't see where they got that "one third of the calls" number above.
As far as I can tell, the study only looks at mobile phone calls.

As for the "inattentive-risky driver" and "agitated driver" theories, the
researchers took (tried to take) this into acount by using a case-crossover
design whereby individual drivers are their own control.

Feel free to argue the results of the study, but read the study, not
some confused newspaper summary, and please don't do it on NANOG.
--
Crist J. Clark   [EMAIL PROTECTED]
Globalstar Communications(408) 933-4387

Re: London incidents

[Valdis . Kletnieks]

On Wed, 13 Jul 2005 09:26:33 +1200, Mark Foster said:

> "Using phone company records, researchers assessed phone use immediately
> before the crash.
> They found a third of calls in the 10 minutes before the crash were made on
> cellphones.

And the *other* 2/3rd of the calls were made on what, exactly?

A land line just before departure, followed by a crash less than 10 minutes into
the drive? (This would tie in well with the "agitated by the phone call" theory
advanced by JC Dill...)




pgpYeIXmiOInM.pgp
Description: PGP signature

Re: London incidents

[JC Dill]

Mark Foster wrote:


"Using phone company records, researchers assessed phone use immediately
before the crash.


There are 3 kinds of lies:

lies
damn lies
statistics



They found a third of calls in the 10 minutes before the crash were made on
cellphones. This was associated with a four-fold increased likelihood of
crashing, and the risk was irrespective of age, sex or whether the phone was
hands-free.
Researchers said more new vehicles were being equipped with hands-free
technology. Although this could lead to fewer hand-held phones in cars, the
study showed it might not eliminate the risk."


Coincidence != cause and effect.

Despite all these studies saying that cell phone use "causes accidents", 
the overall accident rate is NOT going up.  Therefore, the cell phone 
using drivers who get in accidents are drivers who would have been in an 
accident *anyway*.  They are inattentive drivers.  Take away their cell 
phones and they will get in accidents while driving and eating, or 
driving and tuning the radio, or driving and arguing with a passenger.


Take the above "four-fold increase".  Suppose you go BACK a step and 
find out why they were making a phone call within the 10 minutes before 
a crash.  Odds are that the reason they made the phone call is highly 
related to the reason they got in a crash - they were running late - 
their boss called and yelled at them (employee) - they called home and 
were chewed out for not being home yet (teenager) - just had an argument 
with spouse, etc.  So after engaging in a call of this nature (while 
driving or while NOT driving), they are more likely to get in an 
accident due to being upset and/or in a hurry.  The *cell* phone use was 
totally incidental, rather than cause/effect.



jc

Re: OMB: IPv6 by June 2008

[Iljitsch van Beijnum]

On 12-jul-2005, at 19:52, Phillip Vandry wrote:


In the mean time, we need SOME IPv6 so that the
early adopters can find those kinks, and that part is right on track.



How are people making the case for IPv6 with popular applications like
voice?


Dunno, but it can't be many.


With G.711 and 20ms voice samples, with IPv4 you get:



20 bytes IP + 8 bytes UDP + 12 bytes RTP + 160 bytes payload
20% overhead.


Yes. It gets worse when you add compression.  :-)


Now with IPv6. Say we use shim6 or something like that to implement
multihoming too. The shim6 header isn't decided yet, but I suppose  
it's

got to contain at least a pair of addresses (32 bytes).


I'm still fighting the good fight on that one. Hopefully, there won't  
be a header, and if there is, it's only going to be there when there  
was a failure (ie the multihoming kicked in) and the size would  
almost certainly be 8 bytes. But that's all still up in the air.



40 bytes IP + 32 bytes shim6 8 bytes UDP + 12 bytes RTP +
160 bytes payload
36.5% overhead


Without a shim6 header it would be 60 out of 220, with a shim6 header  
most likely 68 out of 228, so 27% or 30%.


Almost twice as much overhead is a much tougher pill to swallow. I  
would

try to stay with IPv4 as long as I could. Even without adding shim6
into the picture you're taking a significant penalty.


This doesn't so much show an IPv6 problem but rather that voice over  
IP is extremely inefficient. Those TDM guys were on to something...  
Too bad the TDM networks are left to rot in the ground as we speak.  
Mark my words, we're going to regret letting this happen at some  
point in the future.

Re: London incidents

[Chris A. Epler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

[EMAIL PROTECTED] wrote:
>>I think the world has shown that cellphones have been used over and over
>>to detonate explosive devices.  Why wait for it to be proved again
>>before doing something?
> 
> 
> The logical conclusion to that line of thought would seem to be that
> all cell phone services should be turned off in all densely populated
> areas. Is this really what we want?

Doesn't Al Queda use the Internet to communicate?  Probably would be a
good idea to shut that down too...

- --
Chris A. Epler <[EMAIL PROTECTED]> | PGP KeyID: 0xBD1BE609
HostMySite.com - Network Operations| 6092 42BA 666E 73CF 91C9
UGZY znvy vf gur fcnja bs FNGNA!   | 34AC 38D5 DDBA BD1B E609
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFC1DahONXdur0b5gkRAsxwAKCToM7KwFw8dmDTNgn9SgvnBT3LpgCfUcNo
iF2LDCsCvSTps6wKFnun+x0=
=47na
-END PGP SIGNATURE-

Re: London incidents

[Jay R. Ashworth]

On Wed, Jul 13, 2005 at 09:26:33AM +1200, Mark Foster wrote:
> > Shutting down the networks just because they can be used to trigger a
> > bomb is asinine, though, yes.
> 
> Its the first step toward the Police State mentality that I fear is going to
> develop over time.
> And damned if I know what to do about it.

Well, the terrorists wanted to deprive us of the freedoms we enjoy, and
they've talked us into doing the hard parts for them...

but I see no way to configure a router to enhance personal freedom, so
I guess we'll take this subthread off list.  ;-)

Cheers,
-- jra
-- 
Jay R. Ashworth[EMAIL PROTECTED]
Designer  Baylink RFC 2100
Ashworth & AssociatesThe Things I Think'87 e24
St Petersburg FL USA  http://baylink.pitas.com +1 727 647 1274

  If you can read this... thank a system administrator.  Or two.  --me

Re: London incidents

[Mark Foster]

- Original Message - 
From: "Jay R. Ashworth" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, July 13, 2005 9:17 AM
Subject: Re: London incidents


> On Tue, Jul 12, 2005 at 12:34:32PM +0200, Brad Knowles wrote:
> > The problem with mobile phones in the car has less to do with
> > taking a person's hand off the wheel (although that is something to
> > be concerned about), and more to do with the fact that the driver is
> > distracted by talking to the person on the other end.
>
> They say this, but it doesn't work that way for me, as a datapoint.
>
> It's not the conversation that's the big thing, IME; it's *holding a
> phone up to your ear*, which is an action we train ourselves to follow
> up with *ignoring what's going on around us*.
>
> When I talk while driving *without* a headset, my driving's usually
> fine... it's my *navigation* that fails totally.  Using a headset, both
> are fine.  YMMV.
>
> Shutting down the networks just because they can be used to trigger a
> bomb is asinine, though, yes.
>

Its the first step toward the Police State mentality that I fear is going to
develop over time.
And damned if I know what to do about it. But the enhanced security required
when crossing borders now is case in point.  Are they just going to keep on
locking down all the freedoms which we've come to enjoy in the last 50
years, in order to prevent their use in assistance of, or vulnerability to,
terrorist activity?  Thats a _big_ can of worms.

Funny the cellphone stuff is being discussed, tho - Local Media had this
today:

http://www.stuff.co.nz/stuff/0,2106,3343357a11,00.html

"People using cellphones while driving are four times more likely to have a
serious crash than non-users, and using a hands-free phone does not lower
the risk, new research has found.

The British Medical Journal has today published the results of a Perth study
of drivers using cellphones who have been involved in road crashes requiring
hospital treatment."


"Using phone company records, researchers assessed phone use immediately
before the crash.
They found a third of calls in the 10 minutes before the crash were made on
cellphones. This was associated with a four-fold increased likelihood of
crashing, and the risk was irrespective of age, sex or whether the phone was
hands-free.
Researchers said more new vehicles were being equipped with hands-free
technology. Although this could lead to fewer hand-held phones in cars, the
study showed it might not eliminate the risk."


I'm saddened by it, because IMHO people who let their driving suffer through
cellphone use have gotten it the wrong way around.  Personally I let my
conversation skills slip :)  Safer that way. Seems to make sense.  Or is
that just too obvious?

Mark.

Re: OMB: IPv6 by June 2008

[Jay R. Ashworth]

On Tue, Jul 12, 2005 at 06:43:17AM +, [EMAIL PROTECTED] wrote:
> > And I'm still holding my breathe to see when a commercial company returns 
> > their /8.   -Hank
> 
>   its already happened... over a dozen have been returned.

I'd like to send thank you cards: who are they?  :-)

Cheers,
-- jra
-- 
Jay R. Ashworth[EMAIL PROTECTED]
Designer+-Internetworking--+--+   RFC 2100
Ashworth & Associates   |  Best Practices Wiki |  |'87 e24
St Petersburg FL USAhttp://bestpractices.wikicities.com+1 727 647 1274

  If you can read this... thank a system administrator.  Or two.  --me

Re: London incidents

[Jay R. Ashworth]

On Tue, Jul 12, 2005 at 12:34:32PM +0200, Brad Knowles wrote:
>   The problem with mobile phones in the car has less to do with 
> taking a person's hand off the wheel (although that is something to 
> be concerned about), and more to do with the fact that the driver is 
> distracted by talking to the person on the other end.

They say this, but it doesn't work that way for me, as a datapoint.

It's not the conversation that's the big thing, IME; it's *holding a
phone up to your ear*, which is an action we train ourselves to follow
up with *ignoring what's going on around us*.

When I talk while driving *without* a headset, my driving's usually
fine... it's my *navigation* that fails totally.  Using a headset, both
are fine.  YMMV. 

Shutting down the networks just because they can be used to trigger a
bomb is asinine, though, yes.

Cheers,
-- jra
-- 
Jay R. Ashworth[EMAIL PROTECTED]
Designer+-Internetworking--+--+   RFC 2100
Ashworth & Associates   |  Best Practices Wiki |  |'87 e24
St Petersburg FL USAhttp://bestpractices.wikicities.com+1 727 647 1274

  If you can read this... thank a system administrator.  Or two.  --me

Re: Yahoo and Cisco to submit e-mail ID spec to IETF

[william(at)elan.net]

On Tue, 12 Jul 2005, Dave Crocker wrote:


"Roaylty-free" does not mean it can be used by everyone.


it would probably help to debate the licensing details when folks have
looked at the specific language of the licensing agreement(s).


Not being lawyer myself, it would probably help to know opinion of 
lawyer well familiar with GNU and other opensource licenses.


However statement that roaylty free in no way implies that license
is compatible with requirements of open-source is absolutly correct.

--
William Leibzon
Elan Networks
[EMAIL PROTECTED]

Re: Yahoo and Cisco to submit e-mail ID spec to IETF

[Dave Crocker]

"Roaylty-free" does not mean it can be used by everyone.


it would probably help to debate the licensing details when folks have
looked at the specific language of the licensing agreement(s).

begin:vcard
fn:Dave Crocker
n:Crocker;Dave
adr:;;;Sunnyvale;CA;94086;USA
email;internet:dcrocker a t ...
tel;work:+1.408.246.8253
url:http://bbiw.net
version:2.1
end:vcard

Re: London incidents

[Fergie (Paul Ferguson)]

"I'm with stupid."

;-)

- ferg



-- Todd Vierling <[EMAIL PROTECTED]> wrote:

On Tue, 12 Jul 2005, Steven M. Bellovin wrote:

> >Since the news this morning reported that service had been restored,
> >one could assume it had been turned off.
>
> Partially restored: http://www.nytimes.com/2005/07/12/nyregion/12cell.html

And as is commonplace with this kind of gross technology botch, everybody's
pointing his finger in the direction of "the guy on my left".

Re: London incidents

[Todd Vierling]

On Tue, 12 Jul 2005, Steven M. Bellovin wrote:

> >Since the news this morning reported that service had been restored,
> >one could assume it had been turned off.
>
> Partially restored: http://www.nytimes.com/2005/07/12/nyregion/12cell.html

And as is commonplace with this kind of gross technology botch, everybody's
pointing his finger in the direction of "the guy on my left".

-- 
-- Todd Vierling <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>

PacSec/core05 Call For Papers

[Dragos Ruiu]

English url: http://pacsec.jp/speakers.html?LANG=ENGLISH
Japanese url: http://pacsec.jp/speakers.html?LANG=JAPANESE

PacSec/core05 CALL FOR PAPERS 

World Security Pros To Converge on Japan November 15/16

TOKYO, Japan -- To address the increasing importance of information 
security in Japan, the best known figures in the international security
industry will get together with leading Japanese researchers to share 
best practices and technology. The most significant new discoveries
about computer network hack attacks and defenses will be presented 
at the third annual PacSec conference. 

The PacSec/core05 meeting provides an opportunity for foreign 
specialists to be exposed to Japanese innovation and markets, and
to collaborate on practical solutions to computer security issues. In 
a relaxed setting with a mixture of material bilingually translated into
both English and Japanese, the eminent technologists can socialize 
and attend training sessions.

Announcing the opportunity to submit papers for the third annual 
PacSec/core05 network security training conference.  The conference 
will be held November 15/16th in Tokyo at the Aoyama Diamond Hall. 
The conference focuses on emerging information security tutorials - it 
will be a bridge between the international and Japanese information 
security technology communities.

Please make your paper proposal submissions before Aug 1 2005.
Slides for the papers must be submitted by October 1st 2005.
The conference is November 15th and 16th 2005, presenters need
to be available in the days before to meet with interpreters.

Some invited papers have been confirmed, but a limited 
number of speaking slots are still available. The conference is 
responsible for travel and accomodations for the speakers. If you 
have a proposal for a tutorial session then please email a 
synopsis of the material and your biography, papers and, 
speaking background to [EMAIL PROTECTED] Tutorials are
one hour in length, but with simultaneous translation should
be approximately 45 minutes in English, or Japanese. 
Only slides will be needed for the October paper deadline, 
full text does not have to be submitted.

The PacSec/core05 conference consists of tutorials on technical
details about current issues, innovative techniques and best 
practices in the information security realm. The audiences are a 
multi-national mix of professionals involved on a daily basis 
with security work: security product vendors, programmers, 
security officers, and network administrators. We give 
preference to technical details and new education for a 
technical audience.

The conference itself is a single track series of presentations
in a lecture theater environment.  The presentations offer
speakers the opportunity to showcase on-going research
and collaborate with peers while educating and highlighting
advancements in security products and techniques. 
The focus is on innovation, tutorials, and education
instead of product pitches. Some commercial content 
is tolerated, but it needs to be backed up by a technical 
presenter - either giving a valuable tutorial and best 
practices instruction or detailing significant new 
technology in the products. 

Paper proposals should consist of the following information:

1) Presenter, and geographical location (country of origin/passport)
   and contact info (e-mail, postal address, phone, fax).
2) Employer and/or affiliations.
3) Brief biography, list of publications and papers.
4) Any significant presentation and educational experience/background.
5) Topic synopsis, Proposed paper title, and a one paragraph description.
6) Reason why this material is innovative or significant or an 
important tutorial.
7) Optionally, any samples of prepared material or outlines ready. 


Please forward the above information to [EMAIL PROTECTED] to
be considered for placement on the speaker roster.

cheers,
--dr

-- 
World Security Pros. Cutting Edge Training, Tools, and Techniques
Tokyo, JapanNovember 15/16 2005  http://pacsec.jp
pgpkey http://dragos.com/ kyxpgp

Re: London incidents

[Steven M. Bellovin]

In message <[EMAIL PROTECTED]>, Scott W Brim writes:
>
>On 07/12/2005 13:51 PM, Adam Rothschild allegedly wrote:
>
>> Since the vent buildings are owned operated by the
>> NY/NJ Port Authority, it seems conceivable they could have pulled the
>> power if they wanted to.  Whether or not they did is best left as an
>> exercise for the nanog-l army of political commentators and
>> counter-terrorism specialists...
>
>Since the news this morning reported that service had been restored,
>one could assume it had been turned off.
>

Partially restored: http://www.nytimes.com/2005/07/12/nyregion/12cell.html


--Steven M. Bellovin, http://www.cs.columbia.edu/~smb

Re: London incidents

[Jim Popovitch]

--- "Patrick W. Gilmore" <[EMAIL PROTECTED]> wrote:
> 
> I was not speculating.  From the post:
> 
> > Then we have this:
> > http://us.cnn.com/2005/US/07/11/tunnels.cell.phones.ap/index.html
> >
> >   "The Port Authority of New York and New Jersey, which runs area
> >   transit hubs, bridges and tunnels, decided last Thursday to
> >   indefinitely sever power to transmitters providing wireless
> >   service in the Holland and Lincoln tunnels, spokesman Tony
> >   Ciavolella said Monday."
> 
> The Port Authority spokesman said they decided to "indefinitely sever  
> power to transmitters".  The source seems reliable, knowledgeable,  
> and specific.
> 
> So you "jumped into this cat fight" by "speculating" on something  
> when you had an authoritative source with good, specific information.
> 

Personal attacks/differences aside.. you need to read that article.  It in no
way is specific about any one thing.  There are several tunnels in NYC, some
which the article says have had "power severed" and some which they say have
"suspended mobile service" (what if the reporter got them mixed up?  which
tunnel are you speaking to? etc., etc.).  

There is also quite a few other open-ended statments like who "ordered" the
service to be shut off, and then their is the final paragraph which seems to
refute your claim that some higher US government power orchestrated this whole
thing (presumably to get under your skin)

I stand by my claim that, in the absense of more data, speculation on "why" is
best left to others.  I am not going to second guess their every decision until
such time that I have as much info as they do.  I'm sure they are not perfect,
so I don't expect perfection either.  YMMV.

-Jim P.

Re: London incidents

[Scott W Brim]

On 07/12/2005 13:51 PM, Adam Rothschild allegedly wrote:

> Since the vent buildings are owned operated by the
> NY/NJ Port Authority, it seems conceivable they could have pulled the
> power if they wanted to.  Whether or not they did is best left as an
> exercise for the nanog-l army of political commentators and
> counter-terrorism specialists...

Since the news this morning reported that service had been restored,
one could assume it had been turned off.

Re: London incidents

[Adam Rothschild]

On 2005-07-12-12:56:42, Jim Popovitch <[EMAIL PROTECTED]> wrote:
> > As for the "Emergency Only" mode, the original poster said _power was  
> > cut_ to the repeaters.  Could you explain to me how this allows for  
> > 911 calls please?
> 
> The original poster quoted a news report, how may times have you seen
> technically accurate news reports?  I don't know the source of the 
> report but I do know that some people think the the whole internet is
> down when only it is their connection.  In this case (someone saying that 
> the port authority had shutdown cellphone access) there are so many 
> possible interpretations that it is impossible to really know without 
> firsthand knowledge.  Speculation as to "how", is just as bad as speculation
> as to "why" (which is why I jumped into this cat fight).

When I was in the Lincoln Tunnel yesterday, my Cingular (GSM) phone
clearly reported that it had no service, not even "SOS-only" mode.

As I understand it, cellular service in the tunnels is provided by
cells co-located in the Weehawken, NJ and New York City, NY vent
buildings, with "leaky coax" cable shared by all carriers running
inside the tubes.  Since the vent buildings are owned operated by the
NY/NJ Port Authority, it seems conceivable they could have pulled the
power if they wanted to.  Whether or not they did is best left as an
exercise for the nanog-l army of political commentators and
counter-terrorism specialists...

Hope this helps,
-a

Re: London incidents

[Patrick W. Gilmore]

On Jul 12, 2005, at 12:56 PM, Jim Popovitch wrote:


Billions of dollars, millions of person-hours, and more frustration
than I can quantify is not a good price to pay for the infinitesimal
increase in security (if any) we have received through decisions like
this one.



How can you accurately know this?  I think you are just presuming, but
you (like I) will never really truly know.  We don't like spending  
that
money, but we have no proof that not spending it is better.  We can  
all
agree that it could probably be spent wiser, but this is the US  
Government.


To date, the TSA, the OMB, Congress, the FBI, and the CIA all agree  
that the TSA has not made us any safer.  (Note the first department  
in that list.)


Of course, maybe we averted World War III, but everyone who's been  
asked (including the security people themselves), and real-world  
tests of our security efforts, show that we are not any safer.


IOW: No, it is not a presumption.



I think the world has shown that cellphones have been used over and
over
to detonate explosive devices.  Why wait for it to be proved again
before doing something?  AFAIK "Emergency Only" mode allows for 911
calls, just not inbound/outbound calls.  Besides, the US (at  
least) is

full of a lot of people who need to hang up the phone and start
driving
good again.



Your logic is ... illogical.  If you cannot see why, I will not be
able to explain it to you.  (But you probably feel safer knowing I
can't pack a Zippo in my checked in baggage.)



No, your logic is ... illogical.., and I will not show you where. ;-)


Others in the thread have shown fallacies in your argument.  I am  
sorry you did not understand them.




As for the "Emergency Only" mode, the original poster said _power was
cut_ to the repeaters.  Could you explain to me how this allows for
911 calls please?



The original poster quoted a news report, how may times have you seen
technically accurate news reports?  I don't know the source of the
report but I do know that some people think the the whole internet is
down when only it is their connection.  In this case (someone  
saying that

the port authority had shutdown cellphone access) there are so many
possible interpretations that it is impossible to really know without
firsthand knowledge.  Speculation as to "how", is just as bad as  
speculation

as to "why" (which is why I jumped into this cat fight).


I was not speculating.  From the post:


Then we have this:
http://us.cnn.com/2005/US/07/11/tunnels.cell.phones.ap/index.html

  "The Port Authority of New York and New Jersey, which runs area
  transit hubs, bridges and tunnels, decided last Thursday to
  indefinitely sever power to transmitters providing wireless
  service in the Holland and Lincoln tunnels, spokesman Tony
  Ciavolella said Monday."


The Port Authority spokesman said they decided to "indefinitely sever  
power to transmitters".  The source seems reliable, knowledgeable,  
and specific.


So you "jumped into this cat fight" by "speculating" on something  
when you had an authoritative source with good, specific information.


--
TTFN,
patrick

Clueful security contact at Adelphia?

[Howard C. Berkowitz]

Could someone at Adelphia, who understands there is a difference 
between newsgroup trolling and newsgroup denial of service, contact 
me offline?


Thanks!
--
Howard C. Berkowitz
5012 25th Street South
Arlington VA 22206

(703)998-5819 voice
(703)998-5058  fax (alas, sometimes poorly operated by "helpful" cat)

Re: London incidents

[Petri Helenius]

Francesco Usseglio Gaudi wrote:



My little experience is that cell phones are in the most of cases 
nearly congenstion: a simple crow of people calling all together can 
shut down or delay every calls and sms


GSM networks running TFR or EFR audio codecs have 8 timeslots on a cell. 
Usual 900MHz frequency allocation plans allow for 4-5 usable cells but 
most handsets try only the two with best reception to get an available 
timeslot. If you happen to be in a neighborhood with 850/1900 or 
900/1800 service, the odds of having more capacity available are better. 
This translates to 16 people with the same network dialing 
simultaneously can congest the two local cells.


Almost all GSM networks implement emergency priority where a call with 
the bit set will pre-empt capacity in the primary cell. Some handset 
firmware can be modified to set the neccessary bit on demand. Not sure 
how long one would get away with it or if the BTS firmware would check 
the number dialed before granting pre-emption.


Pete

2005 SC Elections

[Betty Burke]

Reminder -- NANOG Steering Committee elections begin today. If you have not 
verified your email address, please refer to 
 for details.


We look forward to the first NANOG elections process!

All best,
Betty Burke

Re: London incidents

[Jim Popovitch]

--- "Patrick W. Gilmore" <[EMAIL PROTECTED]> wrote:
> 
> No, it's damned if you take stupid action, damned if you do not do  
> something you should.
> 
> People in charge of our security should not be allowed to take  
> whatever action comes to mind in the name of security.  

Then who should, and with data from who's mind?  I suppose they (the 
ones in charge) could spend their time polling the audience, but that
has it's price and uncertainty too.

>Intelligent, useful, competent decisions should be made.  If they cannot
> make them, we should find someone who can.

But they did make a decision, it is only some (majority or not, but clearly
not all) that are still not convinced of the competency of their decision.
(note: some will never be convinced, some will always be convinced).

> Billions of dollars, millions of person-hours, and more frustration  
> than I can quantify is not a good price to pay for the infinitesimal  
> increase in security (if any) we have received through decisions like  
> this one.

How can you accurately know this?  I think you are just presuming, but 
you (like I) will never really truly know.  We don't like spending that
money, but we have no proof that not spending it is better.  We can all
agree that it could probably be spent wiser, but this is the US Government.

> > I think the world has shown that cellphones have been used over and  
> > over
> > to detonate explosive devices.  Why wait for it to be proved again
> > before doing something?  AFAIK "Emergency Only" mode allows for 911
> > calls, just not inbound/outbound calls.  Besides, the US (at least) is
> > full of a lot of people who need to hang up the phone and start  
> > driving
> > good again.
> 
> Your logic is ... illogical.  If you cannot see why, I will not be  
> able to explain it to you.  (But you probably feel safer knowing I  
> can't pack a Zippo in my checked in baggage.)

No, your logic is ... illogical.., and I will not show you where. ;-)

> As for the "Emergency Only" mode, the original poster said _power was  
> cut_ to the repeaters.  Could you explain to me how this allows for  
> 911 calls please?

The original poster quoted a news report, how may times have you seen
technically accurate news reports?  I don't know the source of the 
report but I do know that some people think the the whole internet is
down when only it is their connection.  In this case (someone saying that 
the port authority had shutdown cellphone access) there are so many 
possible interpretations that it is impossible to really know without 
firsthand knowledge.  Speculation as to "how", is just as bad as speculation
as to "why" (which is why I jumped into this cat fight).

> > -Jim P. (who is tired of being caught in traffic behind weaving,
> > slowing/speeding, hand-waving and head-shaking, cellphone "drivers")
> 
> Not really relevant to the discussion at hand.

Mom?  :-)   <--- notice the smiley

-Jim P.

Re: London incidents

[Patrick W. Gilmore]

On Jul 12, 2005, at 6:16 AM, Jim Popovitch wrote:


On Tue, 2005-07-12 at 19:20 +0930, Mark Newton wrote:


There's been -nothing- from the Brits to say that cellphones were
involved in their explosions;  And DHS says they haven't made any
recommendations one way or the other;  And there's no reason to
believe that the threat to the New York subway system is any higher
than usual;  And yet someone at the Port Authority has made a
unilateral decision to shut off the cells, and now if there -is- a
real emergency nobody can call 911.


Basically it's damned if you do take action, damned if you don't.   
Once

again we see that you can't please all the people (yes, even those not
using NYC tunnels) all the time.


No, it's damned if you take stupid action, damned if you do not do  
something you should.


People in charge of our security should not be allowed to take  
whatever action comes to mind in the name of security.  Intelligent,  
useful, competent decisions should be made.  If they cannot make  
them, we should find someone who can.


Billions of dollars, millions of person-hours, and more frustration  
than I can quantify is not a good price to pay for the infinitesimal  
increase in security (if any) we have received through decisions like  
this one.



I think the world has shown that cellphones have been used over and  
over

to detonate explosive devices.  Why wait for it to be proved again
before doing something?  AFAIK "Emergency Only" mode allows for 911
calls, just not inbound/outbound calls.  Besides, the US (at least) is
full of a lot of people who need to hang up the phone and start  
driving

good again.


Your logic is ... illogical.  If you cannot see why, I will not be  
able to explain it to you.  (But you probably feel safer knowing I  
can't pack a Zippo in my checked in baggage.)


As for the "Emergency Only" mode, the original poster said _power was  
cut_ to the repeaters.  Could you explain to me how this allows for  
911 calls please?




-Jim P. (who is tired of being caught in traffic behind weaving,
slowing/speeding, hand-waving and head-shaking, cellphone "drivers")


Not really relevant to the discussion at hand.

--
TTFN,
patrick

Re: Yahoo and Cisco to submit e-mail ID spec to IETF

[Rich Kulawiec]

On Mon, Jul 11, 2005 at 02:22:07PM +, Fergie (Paul Ferguson) wrote:
> Yahoo and Cisco Monday plan to announce they will submit
> their e-mail authentication specification, DomainKeys
> Identified Mail (DKIM), to the IETF to be considered as
> an industry standard.

None of these have the slightest operational value.   They are
either (a) attempts to exert control over email (for profit, of course)
or (b) PR exercises -- for instance, in Yahoo's case, to distract
attention from the enormous amount of spam/spam support coming
from or facilitated by Yahoo Stores and their freemail operation.

See, for instance:

Spammers Continue to be the Biggest (By Far) Supporters of Email 
Authentication
http://www.techdirt.com/articles/20050711/1945259_F.shtml

Oh, not that I expect the backers of these schemes to stop flogging them
-- apparently they've managed, mostly by grandisose and bogus claims,
to convince at least _some_ gullible people that they have the answer to
spam.   But they don't -- even if the "perfect" email auth method existed
(and of course it doesn't) and was instantaneously and globally deployed
tomorrow (ha!), the effect on SMTP spam would be a momentary hiccup,
no more, and of course the effect on other forms of spam would be zero.

---Rsk

RE: London incidents

[Neil J. McRae]

 > The logical conclusion to that line of thought would seem to 
> be that all cell phone services should be turned off in all 
> densely populated areas. Is this really what we want?
> 
> (It's certainly not what *I* want.)

Not sure about that, a life with no mobile phones? It certainly
has its plus points! :)

Regards,
Neil.

Re: London incidents

[Francesco Usseglio Gaudi]

My little experience is that cell phones are in the most of cases nearly 
congenstion: a simple crow of people calling all together can shut down 
or delay every calls and sms


Francesco

Re: London incidents

[Mark Rogaski]

An entity claiming to be Joseph S D Yao ([EMAIL PROTECTED]) wrote:
: 
: On Mon, Jul 11, 2005 at 08:49:47PM -0400, Sean Donelan wrote:
: > On Mon, 11 Jul 2005, Hannigan, Martin wrote:
: > > > All this while I was trying unsuccessfully to use my
: > > > mobile to ring the office.
: > >
: > > Some cell relays were temporarily shut to prevent a remote
: > > detonation of additional explosives. Cellular remotes seem
: > > to be a favorite of Al Qaeda and others.
: > 
: > UK Government officials deny they shutdown any cell phone service.
: 
: My personal experience, with the last few disasters, is that cell 'phone
: services tend to shut themselves down in the affected areas.  Sort of a
: natural feedback type of thing.  ;-]
: 

I heard it was a feature called Catastrophic Response Adaptive SHutdown.

Mark

-- 
[] |
[] Mark Rogaski|I think there is a world market
[] [EMAIL PROTECTED]   |for maybe five computers.
[] [EMAIL PROTECTED]   | --Thomas Watson, chairman of IBM, 1943
[] |


signature.asc
Description: Digital signature

ITU-D report on exchange points in Africa

[Suresh Ramasubramanian]

http://www.itu.int/ITU-D/treg/publications/AfricaIXPRep.pdf

-- 
Suresh Ramasubramanian ([EMAIL PROTECTED])

Re: London incidents

[Joseph S D Yao]

On Mon, Jul 11, 2005 at 08:49:47PM -0400, Sean Donelan wrote:
> On Mon, 11 Jul 2005, Hannigan, Martin wrote:
> > > All this while I was trying unsuccessfully to use my
> > > mobile to ring the office.
> >
> > Some cell relays were temporarily shut to prevent a remote
> > detonation of additional explosives. Cellular remotes seem
> > to be a favorite of Al Qaeda and others.
> 
> UK Government officials deny they shutdown any cell phone service.

My personal experience, with the last few disasters, is that cell 'phone
services tend to shut themselves down in the affected areas.  Sort of a
natural feedback type of thing.  ;-]

-- 
Joe Yao
---
   This message is not an official statement of OSIS Center policies.

ICANN warns world of domain hijacking

[Fergie (Paul Ferguson)]

Via the ICANN website:

"The Domain Name Hijacking Report was commissioned in
response to both highly publicized hijacking events
and a number of lesser publicized events. The SSAC
found that domain name hijacking incidents are commonly
the result of flaws in registration and related processes,
failure to comply with the transfer policy and poor
administration of domain names. The report recommends
ten key actions including implementation of improved
auditing and compliance measures, and additional measures
to protect registration information from misuse by would-be
hijackers, as well as implementation of emergency procedures
to assist in the urgent restoration of a domain name."


http://www.icann.org/announcements/hijacking-report-12jul05.pdf

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 [EMAIL PROTECTED] or [EMAIL PROTECTED]
 ferg's tech blog: http://fergdawg.blogspot.com/

Re: Openbsd fixes icmp protocol bugs apparently ignored by the IETF

[Suresh Ramasubramanian]

On 12/07/05, Jared Mauch <[EMAIL PROTECTED]> wrote:
> Are you speaking of this, or is it more vulnerability
> marketing?
> 
> http://www.niscc.gov.uk/niscc/docs/al-20050412-00308.html?lang=en

This is it

-- 
Suresh Ramasubramanian ([EMAIL PROTECTED])

Re: Openbsd fixes icmp protocol bugs apparently ignored by the IETF

[Jared Mauch]

On Tue, Jul 12, 2005 at 01:47:37PM +0530, Suresh Ramasubramanian wrote:
> 
> And the guy who did this says that someone at cisco called him a
> terrorist, and that the IETF ignored him .. but Theo deRaadt believes
> him, and puts his changes into the openbsd codebase.
> 
> All for your basic ICMP source quench / hard ICMP error exploits, from
> a quick read through
> 
> http://kerneltrap.org/node/5382
> 
> Oh well, makes interesting reading if nothing else.  

Are you speaking of this, or is it more vulnerability
marketing?

http://www.niscc.gov.uk/niscc/docs/al-20050412-00308.html?lang=en

- jared

-- 
Jared Mauch  | pgp key available via finger from [EMAIL PROTECTED]
clue++;  | http://puck.nether.net/~jared/  My statements are only mine.

Someone at Sprint security please contact me.

[Chip Mefford]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

off list.

Thanks kindly.

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFC06pU0STXFHxUucwRArO7AJ9L3dUEs9iluwWFTUAl0EsIjNnKsQCdFcxJ
8b9r0X5LN0zMGW+Euw5PRtY=
=c4xA
-END PGP SIGNATURE-

Re: London incidents

[Michael . Dillon]

> http://networks.silicon.com/mobile/0,39024665,39150177,00.htm
> has what Sean was referring to.
> >> UK Government officials deny they shutdown any cell phone
service.

In London, the mobile operators do not provide any
service 
anywhere in the London underground network. The only
place 
that I know of where there is service is on the Heathrow
Express platforms at Heathrow but that is technically
not
part of the London underground. Outside of Central
London
the lines run aboveground and there is obviously mobile
coverage in those areas. Also, some of the lines run
in shallow
tunnels, sometimes little more than uncovered trenches
and
so there are areas where the signal from local cells
does
penetrate into the trains. 

There has been some talk recently of setting up microcells
inside the tunnels to give mobile coverage throughout
the
system as is found in other countries. I wonder if
this will
now be reconsidered.

There are always tradeoffs when building infrastructures
of any type. Like the requirement for generator capacity
at 60 Hudson versus the desire of Tribeca residents
to
not live next door to a fuel dump.

--Michael Dillon

Re: London incidents

[Brandon Butterworth]

> I think the world has shown that cellphones have been used over and over
> to detonate explosive devices.

They can go back to alarm clocks with big bells.

The point is people are only inconveniencing themselves in accepting
such knee jerk responses in the name of fighting terrorists. The
terrorists don't care, self imposed constant fear is just doing their
job for them.

You may as well go hide in a cave just in case, the rest of us would
prefer to not have our personal freedom infringed

brandon

Re: London incidents

[Brad Knowles]

At 6:16 AM -0400 2005-07-12, Jim Popovitch wrote:


 I think the world has shown that cellphones have been used over and over
 to detonate explosive devices.  Why wait for it to be proved again
 before doing something?


What do you suggest?  Eliminating the entire mobile telephone industry?


  AFAIK "Emergency Only" mode allows for 911
 calls, just not inbound/outbound calls.


	You can only change to something like that after an emergency has 
happened, by which time it is too late.  If the bombers do the kind 
of thing they did in Madrid (using the alarm function), then you 
don't need mobile phones at all, except as a cheap source of easily 
programmable digital alarm clocks.


	I'm sorry, I just don't see mobile phones being the bad guy here. 
I don't see any kind of activity designed to restrict their use as 
being a positive thing, regardless of the timing.



  Besides, the US (at least) is
 full of a lot of people who need to hang up the phone and start driving
 good again.

 -Jim P. (who is tired of being caught in traffic behind weaving,
 slowing/speeding, hand-waving and head-shaking, cellphone "drivers")


	All testing results I've heard of indicate that the real problem 
is that the driver is distracted when doing anything but driving. 
Many accidents happen when drivers are futzing about with their 
radios.  Many happen when drivers are talking to other people in the 
car.


	The problem with mobile phones in the car has less to do with 
taking a person's hand off the wheel (although that is something to 
be concerned about), and more to do with the fact that the driver is 
distracted by talking to the person on the other end.


	So, to make good on this, you'd have to outlaw all activities 
which could potentially interfere with driving.  All mobile phones of 
all sorts would have to be kept out of the range of hearing of the 
driver (also eliminating all hands-free units), all car audio/video 
systems would have to be eliminated, you could not allow any GPS 
devices, you'd have to outlaw eating food and/or drinking beverages 
while driving (including soft drinks, coffee, etc...), and you'd have 
to have a muzzle law for all passengers.


	Drivers would have to be completely isolated from all sights, 
sounds, and other distractions not directly related to driving.



	Do you honestly think that there's a snowball's chance of ever 
being able to achieve even one of these goals?



	Believe me, I understand your frustration.  Unfortunately, since 
we have the best government that money can buy (or worse, depending 
on what country you live in), I don't see that you or I or anyone 
else will be able to do anything to even slow down the introduction 
of new technologies whose primary goal (or side-effect) is to further 
distract drivers.


--
Brad Knowles, <[EMAIL PROTECTED]>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755

  SAGE member since 1995.  See  for more info.

Re: London incidents

[sthaug]

> I think the world has shown that cellphones have been used over and over
> to detonate explosive devices.  Why wait for it to be proved again
> before doing something?

The logical conclusion to that line of thought would seem to be that
all cell phone services should be turned off in all densely populated
areas. Is this really what we want?

(It's certainly not what *I* want.)

Steinar Haug, Nethelp consulting, [EMAIL PROTECTED]

Re: London incidents

[Jim Popovitch]

On Tue, 2005-07-12 at 19:20 +0930, Mark Newton wrote:
> There's been -nothing- from the Brits to say that cellphones were
> involved in their explosions;  And DHS says they haven't made any
> recommendations one way or the other;  And there's no reason to 
> believe that the threat to the New York subway system is any higher
> than usual;  And yet someone at the Port Authority has made a
> unilateral decision to shut off the cells, and now if there -is- a
> real emergency nobody can call 911.

Basically it's damned if you do take action, damned if you don't.  Once
again we see that you can't please all the people (yes, even those not
using NYC tunnels) all the time.  

I think the world has shown that cellphones have been used over and over
to detonate explosive devices.  Why wait for it to be proved again
before doing something?  AFAIK "Emergency Only" mode allows for 911
calls, just not inbound/outbound calls.  Besides, the US (at least) is
full of a lot of people who need to hang up the phone and start driving
good again.

-Jim P. (who is tired of being caught in traffic behind weaving,
slowing/speeding, hand-waving and head-shaking, cellphone "drivers")

Re: London incidents

[Mark Newton]

On Mon, Jul 11, 2005 at 10:57:55PM -0400, Steven M. Bellovin wrote:

 > In message <[EMAIL PROTECTED]>, Bill Nash writes:
 > >Would the folks posting news related events please footnote source URLS, 
 > >especially if arguing over factual details?
 > 
 > http://networks.silicon.com/mobile/0,39024665,39150177,00.htm
 > has what Sean was referring to.

Then we have this:
http://us.cnn.com/2005/US/07/11/tunnels.cell.phones.ap/index.html

  "The Port Authority of New York and New Jersey, which runs area
  transit hubs, bridges and tunnels, decided last Thursday to
  indefinitely sever power to transmitters providing wireless
  service in the Holland and Lincoln tunnels, spokesman Tony
  Ciavolella said Monday."
[ ... ]

  "The Department of Homeland Security said the decision in New York
  to cut off cellular service was made without any recommendation by
  the federal government's National Communications System, which
  ensures communications are available during national emergencies."

I gotta say, this is pretty typical of the lack of coordination and
actual rational thought that goes into reacting to security incidents.

There's been -nothing- from the Brits to say that cellphones were
involved in their explosions;  And DHS says they haven't made any
recommendations one way or the other;  And there's no reason to 
believe that the threat to the New York subway system is any higher
than usual;  And yet someone at the Port Authority has made a
unilateral decision to shut off the cells, and now if there -is- a
real emergency nobody can call 911.

Breathtaking.

  - mark

-- 
Mark Newton   Email:  [EMAIL PROTECTED] (W)
Network Engineer  Email:  [EMAIL PROTECTED]  (H)
Internode Systems Pty Ltd Desk:   +61-8-82282999
"Network Man" - Anagram of "Mark Newton"  Mobile: +61-416-202-223

Openbsd fixes icmp protocol bugs apparently ignored by the IETF

[Suresh Ramasubramanian]

And the guy who did this says that someone at cisco called him a
terrorist, and that the IETF ignored him .. but Theo deRaadt believes
him, and puts his changes into the openbsd codebase.

All for your basic ICMP source quench / hard ICMP error exploits, from
a quick read through

http://kerneltrap.org/node/5382

Oh well, makes interesting reading if nothing else.  

-- 
Suresh Ramasubramanian ([EMAIL PROTECTED])

Re: OMB: IPv6 by June 2008

[Hank Nussbacher]

At 11:52 PM 11-07-05 -0700, william(at)elan.net wrote:



On Tue, 12 Jul 2005 [EMAIL PROTECTED] wrote:



On Tue, Jul 12, 2005 at 08:41:04AM +0300, Hank Nussbacher wrote:


At 12:24 PM 11-07-05 -0400, Rich Emmings wrote:


According to IANA, (http://www.iana.org/assignments/ipv4-address-space)
MIT & MERIT are the two .edu /8 holders on the list.  Stanford turned
their /8 in a while ago.


And I'm still holding my breathe to see when a commercial company returns
their /8.   -Hank


its already happened... over a dozen have been returned.


List that dozen blocks please or I'll not believe it.
(I can only see 3 blocks that have been returned)


Why then single out Stanford's 36/8 with "Formerly Stanford University - 
Apr 93" and all other dozen commercial companies remain anonymously returned?


-Hank



--
William Leibzon
Elan Networks
[EMAIL PROTECTED]
+++
This Mail Was Scanned By Mail-seCure System
at the Tel-Aviv University CC.