Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Mon, 12 Feb 2007, Sean Donelan wrote: On Sun, 11 Feb 2007, Gadi Evron wrote: Colin Powell mentioned at RSA in his extremely good, entertaining and pointless talk something of relevance. During the cold war American kids were trained to hide beneath their desktops in caseof a nuclear attack. Much good that would have done. The important lesson is you can educate people. The content may have been bogus, but it was very effective at reaching most of the population. People who grew up during that era still remember it. If you can come up with a few simple things to do, it is possible to reach most of the public. But we are our own worst enemies. When we have the opportunity, instead of giving the few simple things everyone could do, we create a lot of confusion. Show me one simple thing that is very easily achievable, and it will be everywhere at the next crisis. Giving security advice today is extremely difficult, as it is not always true nor is is easy to give it one meaning. Gadi.
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
During the cold war American kids were trained to hide beneath their desktops in caseof a nuclear attack. Much good that would have done. It could have kept them from running around the streets screaming we're all going to die. It may well save people if they are on the edge of the survival zone, that may not be a good idea but at least they know what to expect I don't pretend to know the real reason but keeping control is usually better even if you can't change the outcome. brandon
Re: death of the net predicted by deloitte -- film at 11
On Mon, 12 Feb 2007, Hank Nussbacher wrote: At 10:02 PM 11-02-07 -0500, Daniel Senie wrote: IP Multicast as a solution to video distribution is a non-starter. IP Multicast for the wide area is a failure. It assumes large numbers of people will watch the same content at the same time. The usage model that could work for it most mimics the broadcast environment before cable TV, when there were anywhere from three to ten channels to choose from, and everyone watched one of those. That model has not made sense in a long time. The proponents of IP Multicast seem to have failed to notice this. I never quite understood why layered multicast never took off which would solved the problems you state above. There have been so many research papers on the subject from the late 90s that I would have thought that by now IPmc would be the silver bullet for video distribution. Inside an organization? Most likely. Hotels could use it, as one example. Also, I don't see why ISPs couldn't group users who use this service together. Still, not that simple and may become impractical by the time we actually need it on a wide scale. -Hank
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Mon, Feb 12, 2007 at 01:45:41AM -0500, Sean Donelan [EMAIL PROTECTED] wrote a message of 16 lines which said: The important lesson is you can educate people. The content may have been bogus, Right on spot: it is easy to educate people with simple and meaningless advices such as Install an antivirus or Hide under the desk or (my favorite, now known by most ordinary users) Do not open attachments from unknown recipients. But most security risks do not require monkey advices (advices that an ordinary monkey could follow). They require intelligence, knowledge in the field, and time, all things that are in short supply. The discussion about the NPO who had the choice between breaking stuff that works because of patches or risking an attack was a very good one and the IT manager at the NPO was quite reasonable, indeed: the aim is not security (except for security professionals), the aim is to have the work done and, if you listen only the security experts, no work will ever be done (but you will be safe). If you can come up with a few simple things to do, it is possible to reach most of the public. Sure, just find these few simple things that will actually improve security. (My personal one would be Erase MS-Windows and install Ubuntu. If we are ready to inconvenience ordinary workers with computer security, this one would be a good start.)
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Mon, 12 Feb 2007, Stephane Bortzmeyer wrote: On Mon, Feb 12, 2007 at 01:45:41AM -0500, Sean Donelan [EMAIL PROTECTED] wrote a message of 16 lines which said: The important lesson is you can educate people. The content may have been bogus, snip If you can come up with a few simple things to do, it is possible to reach most of the public. Sure, just find these few simple things that will actually improve security. (My personal one would be Erase MS-Windows and install Ubuntu. If we are ready to inconvenience ordinary workers with computer security, this one would be a good start.) As a very smart person said a couple of weeks ago when this same argument was made: are you willing to do tech-support for my mother is she uses linux? Gadi.
Re: death of the net predicted by deloitte -- film at 11
IP Multicast as a solution to video distribution is a non-starter. IP Multicast for the wide area is a failure. It assumes large numbers of people will watch the same content at the same time. They do. Sure it degrades to effective unicast if too few people watch the same channel in the same area (so just use unicast for those channels), that doesn't mean it's no use for the popular channels that have millions of viewers. The usage model that could work for it most mimics the broadcast environment before cable TV, when there were anywhere from three to ten channels to choose from, and everyone watched one of those. That model has not made sense in a long time. The proponents of IP Multicast seem to have failed to notice this. 10 or 1000 channels it's going to be better than not using it. I don't see the logic in using it for nothing because it's not good for some things. There are local factors that may mean some countries adopt it. In the UK all spectrum is sold, as we turn off analog it's not a given that the broadcasters will be able to buy that spectrum for HD. When we want 10 HD Olympics channels IPTV may be the only way for a large portion of the 20M or so viewers to get it. The point is the more possible live content there is, the less multicast makes sense. Compounding this, fewer people care to watch live content, preferring instead to record and watch later on their own schedule, or be served on-demand. In this usage model, multicast is not helpful either. Because they want to watch later doesn't make multicast no use. Who is going to pay for their time shift bandwidth use? Why would someone pay when a home device can do the time shift and make good use of the live multicast stream? They'll save the download cash for stuff that never was available live to them or they forgot to record, unless someone makes it appear to have no cost. brandon
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Mon, Feb 12, 2007 at 03:23:26AM -0600, Gadi Evron [EMAIL PROTECTED] wrote a message of 25 lines which said: As a very smart person said a couple of weeks ago when this same argument was made: are you willing to do tech-support for my mother is she uses linux? I already do it. With my mother, not yours. And she uses MS-Windows so I can testify that the whole argument MS-Windows requires less tech support than Unix is completely bogus.
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On 2/12/07, Gadi Evron [EMAIL PROTECTED] wrote: As a very smart person said a couple of weeks ago when this same argument was made: are you willing to do tech-support for my mother is she uses linux? Gadi. Name anyone techie who doesn't have to do tech support for their mother on MS Windows..
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Mon, Feb 12, 2007 at 09:31:21AM +, Alexander Harrowell [EMAIL PROTECTED] wrote a message of 28 lines which said: Name anyone techie who doesn't have to do tech support for their mother on MS Windows.. Political fix: and their father, too :-)
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Mon, 12 Feb 2007, Alexander Harrowell wrote: On 2/12/07, Gadi Evron [EMAIL PROTECTED] wrote: As a very smart person said a couple of weeks ago when this same argument was made: are you willing to do tech-support for my mother is she uses linux? Gadi. Name anyone techie who doesn't have to do tech support for their mother on MS Windows.. Especially on family holidays, right? Tech support on usability is not that much of an issue as it is on Linux, whether because of years of use and becoming used to the Microsoft interface, or because no matter what Linux is just not that user friendly. Tech support on Windows has interface questions, but much less than on Linux. The real question is, are you willing to support my mother, too? 1. What would be the cost of doing such tech support at an ISP compared to Windows? 2. How secure would Linux be if massively used and in a default installation. We already have massive Linux server botnets, let's avoid the home users. x Gadi.
Re: Every incident is an opportunity
Date: Mon, 12 Feb 2007 08:05:08 GMT From: Brandon Butterworth [EMAIL PROTECTED] To: nanog@merit.edu Subject: Re: Every incident is an opportunity During the cold war American kids were trained to hide beneath their desktops in caseof a nuclear attack. Much good that would have done. It could have kept them from running around the streets screaming we're all going to die. It may well save people if they are on the edge of the survival zone, that may not be a good idea but at least they know what to expect I don't pretend to know the real reason but keeping control is usually better even if you can't change the outcome. There is a 'relatively small' area around ground-zero where it wouldn't make any difference what action was taken -- virtually everyone in that radius would be a 'prompt kill' causalty, regardless. 0utside the 'prompt kill' radius, there is a much larger circle where blast/concussion/over-pressure effects are the major cause of _immediate_ injury. _Most_ school-buildings in metro areas were of 'relatively' _survivable_ construction. Although there was likely to be significant damage -- flying glass from broken windows, airborne 'projectile' objects, possible minor thermal-flash triggered fires, etc. -- the buildings were not likely to suffer total collapse. 'Tornado safety' precautions -- get underground, if you can,, and get under something _solid_ -- are effective in minimizing immediate injuries. Many urban schools simply _did_not_ have basements. So that 'safety hatch' was not available. In the event of an imminent nuclear 'event', you just DON'T have any 'good' options. Depending on the delivery system, you may have a _maximum_ of from three (3) to 25 minutes warning. This isn't enough time to send the kids home. Assuming home provides better protection than the school building. *BIG* assumption. You don't have a basement to retreat to. You sure-as-hell don't want the kids gawking out the window, and ending up looking into the blast -- even from a range that wouldn't break windows. So, you make the 'best use' of what resources you _do_ have available. You cannot do much about preveting/reducing radiation injury. Given the situational constraints you have to work within. Blast/concussion/over-pressure is another story. When that procedure was promulgated, many classrooms had heavy wooden trestle-type desks. Getting _under_ them was some of the 'best protection available' against flying/falling 'foreign objects'. It is also a matter of experimental fact that having a _plan_ to do 'something' in event of an emergency -- 'right', 'wrong', or 'worthless' -- *IS* better than having no plans. No plans degenerates very quicly into 'panic', which is virtually always the 'worst possible thing'. 'Duck and cover' may not have appreciably incresed survival odds for those relatively near ground-zero, but it was (a) better than nothing, and (b) about the best that could be done, given the real-world constraints that did exist. BTW, I was in school (elementary/seconndary) in those days (1958-71), in a mid-sized Midwestern city. We -never- had any of those kind of drills. Apparently 'the powers that be' concluded that there was nothing in our vicinity that would be worth dropping a nuke on. :)
Re: death of the net predicted by deloitte -- film at 11
a point in the technology relatively soon where a movie can be shipped across the net for about the same cost as postage today. You mean like fileshare networks have been doing for years now? The delivery model is already functional. Geo.
Re: death of the net predicted by deloitte -- film at 11
10 or 1000 channels it's going to be better than not using it. I don't see the logic in using it for nothing because it's not good for some things. Multicast isn't going to help the phoneco atm network. Whatever model emerges will only work if it works all the way to the end user. If you have a weak link in the chain then the chain breaks and right now that weak link is the last 2 miles. You can't pump gigE bandwidth speed over a DS3 to a dslam because you have 65 users watching HD content at 6pm. But if you accept that the average user only watches 3-6 hours of HDTV per day, you can spread the load out over 24 hours, the effects on available bandwidth can be reduced. The TIVO model appears to have an advantage for the viewer (a large archive to select from) and for the phoneco's and ISP's at the customer end. Geo.
Re: death of the net predicted by deloitte -- film at 11
Multicast isn't going to help the phoneco atm network. Indeed, people keep quoting that but it's a bogus argument as nothing will help the phoneco atm network running out of bandwidth other than upgrading it That is happening, unicast/p2p/multicast/whatever, as all this content is raising average user bandwidth But if you accept that the average user only watches 3-6 hours of HDTV per day, you can spread the load out over 24 hours, the effects on available bandwidth can be reduced. The TIVO model appears to have an advantage for the viewer (a large archive to select from) and for the phoneco's and ISP's at the customer end. When people have their [EMAIL PROTECTED] box that'll help for some cases. To say it's a universal fix is a bogus as saying multicast will fix all problems. brandon
Re: death of the net predicted by deloitte -- film at 11
On 12-Feb-2007, at 09:23, Brandon Butterworth wrote: Sure it degrades to effective unicast if too few people watch the same channel in the same area (so just use unicast for those channels), that doesn't mean it's no use for the popular channels that have millions of viewers. I think you're presupposing that the concept of channels is something that will persist. Joe
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Mon, 2007-02-12 at 10:13 +0100, Stephane Bortzmeyer wrote: Sure, just find these few simple things that will actually improve security. (My personal one would be Erase MS-Windows and install Ubuntu. If we are ready to inconvenience ordinary workers with computer security, this one would be a good start.) Isn't that like treating smallpox with anthrax? Consumers are cheap and lazy. What they need is a serious incentive to care about security. Society holds individuals accountable for many forms of irresponsible behaviour. There's no need to make exceptions for computer users. Make computer-owners/users pay in full for damages caused by their equipment with no discount for incompetence. Insecure products might then be considered inappropriate for public consumption and that would be a powerful signal to the IT industry to change their ways. Maybe the market also finally would challenge the validity (or even existence) of std.disclaimer statements common in today's software licences. -- Per Heldal - http://heldal.eml.cc/
Re: death of the net predicted by deloitte -- film at 11
I think you're presupposing that the concept of channels is something that will persist. For some time. There's quite an industry with an interest in maintaining that. It probably won't vanish until the current generations die. Channel based and discrete delivery of content (radio vs records, tv/cinema vs vhs/dvd) have coexisted for some time. If one loses ground it's not a problem unless you take sides. brandon
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Feb 12, 2007, at 4:31 AM, Alexander Harrowell wrote: On 2/12/07, Gadi Evron [EMAIL PROTECTED] wrote: As a very smart person said a couple of weeks ago when this same argument was made: are you willing to do tech-support for my mother is she uses linux? Gadi. Name anyone techie who doesn't have to do tech support for their mother on MS Windows.. The ones whose Mom's got Macs, of course. (Well, in my case it's my Mother-in-Law, but the tech support required has dramatically reduced.) Regards Marshall
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
My two (and a half) cents. 1. Systems that need a firewall, antivirus and antispyware software added on to survive for more than a few minutes SHOULD NOT BE CONNECTED TO THE INTERNET IN THE FIRST PLACE. They're simply not good enough. It's like bringing a knife to a gunfight. (nod to Mr. Connery) 2. The idea that you can run a program on a known-compromised OS and count on that program to detect and/or remove the problem is fundamentally flawed. The only way to have much confidence in the former is to boot from a known-UNcompromised OS and run it from there; the only way to have some confidence in the latter is to wipe the drives and start over. And there are still ways that both of these can fail (e.g., sufficiently clever malware which hides from the first and manages to survive the second by concealing itself in restored data). Hitting the scan and disinfect button or whatever they call it this week is well on its way to becoming a NOOP. 3. Banks, credit card companies, and numerous online merchants have trained their users to be excellent phish victims by training them to read their mail with a web browser. Anyone who is serious about stopping phishing will stop sending mail marked up with HTML. 4. Network operators need to be far more proactive about keeping Bad Stuff from *leaving* their networks. (After all, if it can be be detected inbound to X's network, then in most cases it can be detected outbound from Y's -- the exceptions being things like slow, highly distributed attacks which originate nowhere and everywhere.) 5. I have no sympathy for anyone who still uses the IE and/or Outlook malware-and-exploit-propagation-engines-disguised-as-applications. Not that the alternatives are panaceas -- of course they're not -- but at least they're a big step away from two of the primary compromise vectors. I figure little, if anything, substantive will be done about 1-4, but I have some hope that 5 is simple enough that sufficient repetition will eventually have some effect. ---Rsk
Do routers prioritize control traffic?
I know routers today have the ability to prioritize traffic, but last I heard, these controls are not often used for user traffic (let's not discuss net neutrality here). Are they used for control (e.g., routing) traffic? Please say a bit more than It depends! :-) Our students are interested in real-world practices. Answers on or off list are welcome. Christos Papadopoulos Colorado State University.
motivating security, was Re: Every incident...
I've worked in security for some time, not that it makes me an expert but I have seen how it is promoted/advertised. On Feb/12/07, someone wrote: Consumers are cheap and lazy. I think that is the wrong place to start. It isn't the consumer's fault that they have a device more dangerous than they think. Look at what the are being sold - a device to store memories, a device to entertain them, a device to connect with people they want to talk to. Everyone economizes on what they think is unimportant. A consumer doesn't care for the software, they care for the person on the other side of the connection. They care about the colors in the office, the taste of the food, etc. So it may appear they low-ball that part of the computer equation. My point is that it is convenient to blame this on the consumers when the problem is that the technology is still just half-baked. What they need is a serious incentive to care about security. I find this to be a particularly revolting thought with regards to security. Security is never something I should want, it is always something I have to have. Not need but something I am resigned to have to have. This is like saying folks will have to die before a traffic signal is put here or more planes will have to be taken by hijackers before the TSA is given the funding it needs. Security shouldn't wait for a disaster to promote it - you might as well be chasing ambulances. Security has to resign itself to being second-class in the hearts and minds of society. Security has to be provided in response to it's environment and not complain about it's lot in life. (I realize that this post doesn't say anything about people dying - I've heard that in other contexts.) Society holds individuals accountable for many forms of irresponsible behaviour. This is true, but individuals are not held entirely accountable. A reckless driver can cause a multi-car accident on an exit ramps and cause a tie up for the entire morning rush. Are the victims of this compensated? What about the person who loses a job offer because of a missed interview and suffers fallout from that? And maybe it isn't recklessness. A failed water pump may cause a breakdown, followed by an accident, etc. Mentioned just to spread the analogy out. There's no need to make exceptions for computer users. Make computer-owners/users pay in full for damages caused by their equipment with no discount for incompetence. If that happened, then computer users would be the exception. I can't think of any situation in which an accident might occur and the one causing the accident pays in full to everyone. Insecure products might then be considered inappropriate for public consumption and that would be a powerful signal to the IT industry to change their ways. Maybe the market also finally would challenge the validity (or even existence) of std.disclaimer statements common in today's software licences. I used to work for a gov't facility whose mission was science. They had a serious telecommunications problem on their hands. Although it was important to solve, they funded science first - up until all the telecom problems became too annoying and money was allocated to solve the problem. There are IT security problems. But there are other priorities in life. Instead of complaining that IP security is under appreciated, the case has to be made that the situation is more serious than some other problem. If that case can't be made, than may be IT security is not that big if a deal (to anyone other than you). Don't get frustrated, present a better case. And be prepared that you still may not win. But never wish ill-will (as serious incentive alludes to) on someone to prove your point. BTW-This isn't meant to be a critique on one message. It's my reaction to quite a few messages that are similar and to some comments I have heard. Sorry if it seems like I'm attacking a single messenger. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis+1-571-434-5468 NeuStar Two years ago you said we had 5-7 years, now you are saying 3-5. What I need from you is a consistent story...
Re: death of the net predicted by deloitte -- film at 11
On Mon, Feb 12, 2007 at 06:42:06AM -0500, Joe Abley wrote: On 12-Feb-2007, at 09:23, Brandon Butterworth wrote: Sure it degrades to effective unicast if too few people watch the same channel in the same area (so just use unicast for those channels), that doesn't mean it's no use for the popular channels that have millions of viewers. I think you're presupposing that the concept of channels is something that will persist. Joe perhaps you have to narrow a view of what a channel is? --bill
Re: Do routers prioritize control traffic?
On Feb 12, 2007, at 8:55 AM, Christos Papadopoulos wrote: I know routers today have the ability to prioritize traffic, but last I heard, these controls are not often used for user traffic (let's not discuss net neutrality here). Are they used for control (e.g., routing) traffic? Please say a bit more than It depends! :-) Our students are interested in real-world practices. Real world answer: It depends. :) For instance, Juniper routers auto-police all traffic destined for the main CPU. Cisco routers (usually) do not. You can configure it, though. Newer ciscos have very nice policing options for traffic to the main CPU. Older ones still have options, but the policing can hurt the router in its own way. There is also some auto-policing in ciscos, e.g. only one ICMP echo request per second per source IP address will be allowed to hit the CPU. Hope that helps. -- TTFN, patrick
Re: motivating security, was Re: Every incident...
On 2/12/07, Edward Lewis [EMAIL PROTECTED] wrote: Security is never something I should want, it is always something I have to have. No-one wants security, they want not-trouble. Similar to the point that no-one wants energy, they want warm rooms and cold beers. Perhaps we need a concept of security efficiency? Security has to resign itself to being second-class in the hearts and minds of society. Security has to be provided in response to it's environment and not complain about it's lot in life. (I realize that this post doesn't say anything about people dying - I've heard that in other contexts.) Yup Society holds individuals accountable for many forms of irresponsible behaviour. This is true, but individuals are not held entirely accountable. A reckless driver can cause a multi-car accident on an exit ramps and cause a tie up for the entire morning rush. Are the victims of this compensated? What about the person who loses a job offer because of a missed interview and suffers fallout from that? And maybe it isn't recklessness. A failed water pump may cause a breakdown, followed by an accident, etc. Mentioned just to spread the analogy out. The whole logic of modern computing is that everything migrates towards users. Why shouldn't security? After all, if people didn't let the nasties in, 'twould be very hard to start a botnet.. There's no need to make exceptions for computer users. Make computer-owners/users pay in full for damages caused by their equipment with no discount for incompetence. If that happened, then computer users would be the exception. I can't think of any situation in which an accident might occur and the one causing the accident pays in full to everyone. [snip] True, but there are plenty of examples of either market (insurance) or government (regulation) solutions to problems where the individual's misfortune also falls on society. Arguably the bulk of the costs of malware proliferation is an externality - the benefits go to the enemy, but costs aren't restricted to the hacked. Not even close. I used to work for a gov't facility whose mission was science. They had a serious telecommunications problem on their hands. Although it was important to solve, they funded science first - up until all the telecom problems became too annoying and money was allocated to solve the problem. The appropriate analogy is the Great Stink of 1858. London had been suffering from not having sewerage for years, and poor people had been dying in droves from cholera, but nobody with the power to do anything about it cared enough until the Thames got so bad the committee rooms on the river side of Whitehall stank so much nobody would go in them. Then, wham, out came the chequebook, the compulsory purchase powers, and in came Joseph Bazalgette, with the result of an infrastructure used to this day.
Re: motivating security, was Re: Every incident...
At 14:59 + 2/12/07, Alexander Harrowell wrote: The whole logic of modern computing is that everything migrates towards users. Why shouldn't security? After all, if people didn't let the nasties in, 'twould be very hard to start a botnet.. Regarding letting the users in there was a story on the news while we were meeting in Toronto. A woman put her child in her car while it was warming and then went back into the house for 10 seconds. A thief jumped in the car, drove a while, crashed and fled the scene, stealing another car (that was also idling) to get away. The TV reports were very sympathetic to the woman and her husband (who was painted a hero for chasing down the suspect to the crash). A week earlier, in the DC metro area, there was a story about the police ticketing people for letting their cards idle unattended. The reason for the report was awareness of a new enforcement of the law that had been put on the books to stem auto theft in that county. One woman was ticketed having left some small children in the car while she went back into get one more item. The reporter asked what if someone ran here and just drove off? What I found interesting is the differences in the way the car owners were portrayed. It's not a US v. Canada thing, but just a point of view. Similarly, are the people who are running exploitable machines the cause of the problem or victims of those exploiting the machines? I don't mean to say that the car owners or computer users are free from blame. But holding a sentiment of just blaming users is not helpful. OTOH, if there was something the operators could clearly do to stop this, someone would have suggested it by now. (There are all them laws about snooping traffic, etc.) I thought I had a conclusion ... but I don't. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis+1-571-434-5468 NeuStar Two years ago you said we had 5-7 years, now you are saying 3-5. What I need from you is a consistent story...
Re: motivating security, was Re: Every incident...
d Lewis [EMAIL PROTECTED] wrote: I don't mean to say that the car owners or computer users are free from blame. But holding a sentiment of just blaming users is not helpful. OTOH, if there was something the operators could clearly do to stop this, someone would have suggested it by now. (There are all them laws about snooping traffic, etc.) I thought I had a conclusion ... but I don't. Sure. Demonising sufferers didn't stop the spread of AIDS, probably made it worse (Saudi Arabia has one of the fastest growing HIV problems, they say). But shouting at people to wear condoms/use a firewall has diminishing returns. It's complicated.
Re: motivating security, was Re: Every incident...
On Mon, 2007-02-12 at 09:06 -0500, Edward Lewis wrote: I've worked in security for some time, not that it makes me an expert but I have seen how it is promoted/advertised. On Feb/12/07, someone wrote: Consumers are cheap and lazy. I think that is the wrong place to start. It isn't the consumer's fault that they have a device more dangerous than they think. Look at what the are being sold - a device to store memories, a device to entertain them, a device to connect with people they want to talk to. Everyone economizes on what they think is unimportant. A consumer doesn't care for the software, they care for the person on the other side of the connection. They care about the colors in the office, the taste of the food, etc. So it may appear they low-ball that part of the computer equation. My point is that it is convenient to blame this on the consumers when the problem is that the technology is still just half-baked. What they need is a serious incentive to care about security. I find this to be a particularly revolting thought with regards to security. Security is never something I should want, it is always something I have to have. Not need but something I am resigned to have to have. This is like saying folks will have to die before a traffic signal is put here or more planes will have to be taken by hijackers before the TSA is given the funding it needs. Security shouldn't wait for a disaster to promote it - you might as well be chasing ambulances. Security has to resign itself to being second-class in the hearts and minds of society. Security has to be provided in response to it's environment and not complain about it's lot in life. (I realize that this post doesn't say anything about people dying - I've heard that in other contexts.) You're missing the point. My suggestion lies along the lines of follow the money-trail. I want consumers held responsible so that they in turn can move the focus to where it belongs; IT vendors. Society holds individuals accountable for many forms of irresponsible behaviour. This is true, but individuals are not held entirely accountable. A reckless driver can cause a multi-car accident on an exit ramps and cause a tie up for the entire morning rush. Are the victims of this compensated? What about the person who loses a job offer because of a missed interview and suffers fallout from that? The system isn't perfect but does that mean we should ditch all attempts at regulation. If the no-touch approach towards IT was applied to traffic and the automotive industry we could just as well drop all regulation of traffic. No rules, no offences. And maybe it isn't recklessness. A failed water pump may cause a breakdown, followed by an accident, etc. Mentioned just to spread the analogy out. There's no need to make exceptions for computer users. Make computer-owners/users pay in full for damages caused by their equipment with no discount for incompetence. If that happened, then computer users would be the exception. I can't think of any situation in which an accident might occur and the one causing the accident pays in full to everyone. That is (as you mention above with driving) mostly because people are covered by some form of insurance. Insurance doesn't mean the driver has no responsibility. Never heard about insurers claiming regress from clients for recklessness? Computer-owners could also be protected that way. Insurers will then help place responsibility where it belongs depending on whether the cause is reckless computing or product failure. Insurers also have the resources to help with class-action suits against manufacturers on behalf of their clients should that be necessary. If people can be held responsible for reckless driving, they should not get away with reckless computing either. Likewise, software manufacturers should be held accountable for the functionality and quality of their products like any other industry. What remains is to find definitions of these terms which are acceptable to the general public. //per
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
Name anyone techie who doesn't have to do tech support for their mother on MS Windows.. The ones whose Mom's got Macs, of course. (Well, in my case it's my Mother-in-Law, but the tech support required has dramatically reduced.) Marshall beat me to it. I have a T-shirt that says Mac: So simple my parents can use it. It's funny because it's true. -- Dave Pooser, ACSA Manager of Information Services Alford Media http://www.alfordmedia.com
Re: death of the net predicted by deloitte -- film at 11
Paul Vixie wrote: (i'm guessing kc will be on the phone soon, to get from them their data?) While I'm sure people were looking for headlines, I think the broader implication in the report was current pricing power not supporting new investment. ... A recent report from Deloitte said 2007 could be the year the internet approaches capacity, with demand outstripping supply. It predicted bottlenecks in some of the net's backbones as the amount of data overwhelms the size of the pipes. ... http://news.bbc.co.uk/2/hi/technology/6342063.stm
RE: death of the net predicted by deloitte -- film at 11
[Perhaps my viewpoint is skewed because channel-delivered TV content in Canada is horrible; it's almost as bad as American TV. I seem to think that broadcast TV in the UK more tolerable, although I haven't really seen it since I left the UK in the mid 90s so perhaps I'm just deluded.] We've gone digital in the UK (DVB-T) which includes an electronic program guide. So the average consumer CAN buy a PVR with digital receivers (yes plural) which they simply plug in, scan for channels, and use. Pause and rewind live TV, record programs according to the EPG. And it is all free, i.e. funded by TV commercials just like analog TV was. Of course, the cable companies, Sky satellite TV and the telephone company (ADSL provider) are offering some sort of PVR-like box with a selection of broadcast and pre-recorded content. Note: I happen to work for said telephone company (BT) but I have nothing to do with either our DSL or TV offerings. Cursory consideration of your examples above provide clues as to which way the scale is tipping; radio has for a long time been a way to promote record sales, and the video stores here are now half-full with boxed sets of TV series on DVD. Here too. Especially at Christmas time. I've noticed the same thing in Russia where homegrown TV series are in every video shop. It looks to me like people increasingly want their content on-demand, and that there's a growing industry supplying that demand. And I don't think it depends on culture. People are people all over the world. Everyone wants to control their own time. Everyone wants predictability of their outgoings, i.e. trend towards flat rates. So shifting TV from a flat-fee all-you-can-eat broadcast model to a pay-per-use network model is a non-starter. It will never be more than a drop in the bucket. --Michael Dillon
RE: Do routers prioritize control traffic?
I know routers today have the ability to prioritize traffic, but last I heard, these controls are not often used for user traffic (let's not discuss net neutrality here). Are they used for control (e.g., routing) traffic? They are used for BUSINESS traffic. Also, since these controls make routers work harder, there is no point in using them where there are no traffic problems. Most providers build their core networks with enough headroom so that there are no traffic problems. That leaves the last mile connection to tinker with, however, the cost problem remains. The only way to solve the cost problem is where a business customer will pay for traffic controls to be implemented on the provider's edge routers. Bottom line is that use of QOS is very common on CPE routers and edge routers of business customers and this is usually part of a total managed network package such as a VPN or Extranet. I have seen QOS implemented for control traffic but that was a scenario where the company allowed business customers access to a tool which would ping through to the CPE router. In order to prevent the customer from DOSing themself with pings, they capped the traffic with CAR or similar. It can be a bad idea to apply QOS to control traffic since it is generally easier and cheaper to add bandwidth. Just because the machine has lots of bright buttons and knobs on the control panel doesn't mean that it is a good idea to play with them all. And the fundamental problem of QOS means that you only use it where you have to. QOS works by delaying or discarding packets. It is hard to sell that as a valuable service to ordinary users. --Michael Dillon
Fwd: death of the net predicted by deloitte -- film at 11
-- Forwarded message -- From: Alexander Harrowell [EMAIL PROTECTED] Date: Feb 12, 2007 4:13 PM Subject: Re: death of the net predicted by deloitte -- film at 11 To: Paul Vixie [EMAIL PROTECTED] Paul, that's very interesting. A query: AMT Site: A multicast-enabled network not connected to the multicast backbone served by an AMT Gateway. It could also be a stand-alone AMT Gateway. Should that read: a multicast-enabled network, not connected to the multicast backbone, served by an AMT Gateway? It looks like it from the meat of the RFC. On 12 Feb 2007 06:14:00 +, Paul Vixie [EMAIL PROTECTED] wrote: http://tools.ietf.org/html/draft-ietf-mboned-auto-multicast-00 is what i expect. note: i've drunk that koolaid am helping on the distribution side. -- Paul Vixie
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Mon, 12 Feb 2007 03:23:26 -0600 (CST) Gadi Evron [EMAIL PROTECTED] wrote: As a very smart person said a couple of weeks ago when this same argument was made: are you willing to do tech-support for my mother is she uses linux? Yes. Well, not your mother (unless she paid me) but I used to support my father and I ran Unix on his system. It was great. If he had a problem I could generally get into his system and work on it as if I was right there except he couldn't watch over my shoulder and interrupt me every 30 seconds with questions. Now he uses WindBlows and it is easier for me only beause I can send him to my siblings for support. If I am willing to support someone who doesn't understand the technology I would rather put them on Unix rather than MSW. -- D'Arcy J.M. Cain darcy@druid.net | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Mon, 12 Feb 2007 09:51:38 -0600 Dave Pooser [EMAIL PROTECTED] wrote: Marshall beat me to it. I have a T-shirt that says Mac: So simple my parents can use it. It's funny because it's true. Why do I keep hearing My parents are stupid in these sorts of comments? Just wait. They get smarter as you get older. -- D'Arcy J.M. Cain darcy@druid.net | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
Date: Mon, 12 Feb 2007 11:38:10 -0500 From: D'Arcy J.M. Cain darcy@druid.net On Mon, 12 Feb 2007 09:51:38 -0600 Dave Pooser [EMAIL PROTECTED] wrote: Marshall beat me to it. I have a T-shirt that says Mac: So simple my parents can use it. It's funny because it's true. Why do I keep hearing My parents are stupid in these sorts of comments? Just wait. They get smarter as you get older. My father was NOT stupid. He could use several of the more popular word processors (Wang being the last one he had used) but he could NOT, for the life of him, get used to using MS Word. Or anything else associated with Windoze. The command sequences just didn't make sense to him (Why do I have to go push start when I want to shut the system down?) - I am perfectly capable of learning from my mistakes. I will surely learn a great deal today. A democracy is a sheep and two wolves deciding on what to have for lunch. Freedom is a well armed sheep contesting the results of the decision. - Benjamin Franklin The best we can hope for concerning the people at large is that they be properly armed. --Alexander Hamilton
Re: death of the net predicted by deloitte -- film at 11
Hello; On Feb 12, 2007, at 11:15 AM, Alexander Harrowell wrote: -- Forwarded message -- From: Alexander Harrowell [EMAIL PROTECTED] Date: Feb 12, 2007 4:13 PM Subject: Re: death of the net predicted by deloitte -- film at 11 To: Paul Vixie [EMAIL PROTECTED] Paul, that's very interesting. A query: AMT Site : A multicast-enabled network not connected to the multicast backbone served by an AMT Gateway. It could also be a stand-alone AMT Gateway. Should that read: a multicast-enabled network, not connected to the multicast backbone, served by an AMT Gateway? It looks like it from the meat of the RFC. If you point is that the commas are needed, I think that you are correct. I will forward this to the list. There is a low volume AMT specific list for deployers that I host; you can read about it and join at http://www.multicasttech.com/AMT/ Regards Marshall On 12 Feb 2007 06:14:00 +, Paul Vixie [EMAIL PROTECTED] wrote: http://tools.ietf.org/html/draft-ietf-mboned-auto-multicast-00 is what i expect. note: i've drunk that koolaid am helping on the distribution side. -- Paul Vixie
Re: motivating security, was Re: Every incident...
On Mon, 12 Feb 2007, Edward Lewis wrote: My point is that it is convenient to blame this on the consumers when the problem is that the technology is still just half-baked. I wonder if anyone has tried to quantify in economic terms, the worldwide army of people/products/services that have been mobilized to provide technical support and security to windows? I imagine the GDP of this market stacks up with some smaller European countries. It is interesting to ponder for a moment the alternative; the folks in Redmond releasing a stable, secure, less convoluted and easy to use OS. This would be great for the consumer, but what if that consumer works at the support desk, or for McAfee or Symantec or ad ininitum? Windows is a highly entropic OS. So much energy is used configuring, supporting, rebooting, updating, securing it, that the orgininal purpose of using the computer (automation, efficiency, computation) has been subsumed by the task of keeping the beast alive and disease free. A stable/secure version of windows is somewhat like the US moving to a flat tax. An idea that would greatly simplify the tax system, but wipe out an army of accountants, tax attorneys and bureaucrats. Thus it will never happen. There's too many vested interests in the status quo, which is latin for the mess we're in. craig
Re: death of the net predicted by deloitte -- film at 11
[EMAIL PROTECTED] (Geo.) writes: Multicast isn't going to help the phoneco atm network. ... nothing can help, or for that matter save, the phoneco atm network. -- Paul Vixie
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
During the cold war American kids were trained to hide beneath their desktops in caseof a nuclear attack. Much good that would have done. ... I don't pretend to know the real reason but keeping control is usually better even if you can't change the outcome. The goal was some protection from flying glass and debris from a blast. The idea was if you saw the flash you'd drop under your desk. Sure, other places would provide more protection but the assumption was if you saw that nuclear flash you didn't have time to do much more than just drop under the desk and put your head between your knees and your hands over your head (and kiss your a.. goodbye as we'd say) in the hope that you'd protect your head and face and eyes etc from flying bits and perhaps the initial heat flash. You were also probably blinded by the flash so slipping under your desk was about all you could expect from 30 little kids now suddenly blinded to manage in a few seconds. Obviously if you were so close to the blast that you didnt even have time to drop under the desk that's ok, it wouldn't help. But a blast wave travels at roughly the speed of sound so that's around 4 seconds per mile so if you were at least a half mile you had time for the teacher to shout DUCK AND COVER! and drop under your desk. If a bomb siren sounded that meant you had more time, probably minutes, so you'd quickly line up and all move to the school hallway presumably away from windows etc. I lived through that era and well remember those drills (NYC public schools.) -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool Die| Public Access Internet | SINCE 1989 *oo*
Re: death of the net predicted by deloitte -- film at 11
nothing can help, or for that matter save, the phoneco atm network. atm and frame relay do not need saving. they tend to be profitable. but the everything over mpls folk are managing to save them anyway, turning operating profit into capital expense to the vendors. brilliant. randy
Re: death of the net predicted by deloitte -- film at 11
On Mon, 12 Feb 2007, Paul Vixie wrote: I never quite understood why layered multicast never took off which would solved the problems you state above. There have been so many research papers on the subject from the late 90s that I would have thought that by now IPmc would be the silver bullet for video distribution. as i said earlier, for intranet use, ip multicast is all the rage for video content. i'm fairly sure it was in use at my hotel in cairo last week, and i know it's been deployed in a number of digital television networks in asia. it's internet multicast (idmr) that never happened, and as far as i can tell, that's because there's no billing or business model for it. Why couldn't internet multicast be used for content other than video? Stream Torrents, .mp4 files, etc. Instead of just sending a single video stream at some data rate, stream data files sequentially. Stream owners can post a schedule (or not, just sending a stream of files with metadata headers), your pc-based TiVo-like software can tune in (request the stream from your provider, which turns on and off all the streams they receive and only sends requested streams to your Last Mile on request) based on that schedule or request. NBC can now stream their shows to me as a .mp4 and I could grab them as fast as they could send it, rather than in realtime. They might offer the same stream at different data rates: 1mbps, 5mbps, 10mbps, 30mbps (for those of us lucky enough to have Verizon FIOS at home). The streams would simply repeat once they streamed all the files in a list. Think of a YouTube stream. As videos are uploaded, they are encoded and sent out an internet multicast stream. It's not a video stream, but a file stream, where one file is sent right after the other, and your end receiver knows what to do with the data. Metadata is put into the file headers so you can scan for content/description. Your TiVo can pickup the videos you might like to watch based on your keywords, and now you can watch those videos on your TV on demand, already on your PC. YouTube only had to broadcast it once, and thousands of people who may get the YouTube stream have decided to keep it or not. Sure, it might take up lots of disk space, and analyzing a stream (or 10 simultaneously) might take up a bunch of CPU/memory, but it'd be a way to distribute content efficiently and potentially lower transit bandwidth usage as people started to use it rather than today's status quo. If a channel is popular enough, people ask their provider to carry it. The provider is incentivized to carry a channel if the bandwidth they utilize to serve the unicast version of that data is greater than the amount of data they might use for a single multicasted stream of that same data. Rather than the end user paying for it, the provider saves money by utilizing the stream. Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ ---
Re: motivating security ....
Let's look at the cost factor of using Windows in a quick dirty fashion and why you have to love their scheme. On top of ripping you off, they'd like to sell you security atop of the garbage they've already flooded the world with. crapaganda 1 Corporate office 2000 users * 75.00 per WinXP professional 5 Exchange servers * 500.00 per software 2 Win2003 servers * per seat low factor of 25.00 per seat Some Terminal licenses for RDesktop (l)users * low factor 100 per seat per person 2000 * $75.00 $150,000.00 5 * 500 = 2500.00 25.00 per seat * 2000 50,000.00 100.00 terminal licenses * 100 employees (management) 10,000.00 $212,500.00 sounds reasonable. Last I did anything MS, I recall Exchange being something closer to $60.00 per seat (1st Q 2004) Windows updates once a month ... total time 5 minutes 5min * 2007 machines downtime... 10035 minutes lost productivity Possible virus/security risk ... Estimated downtime to upgrade say once per month at 5 minutes, another 10035 minutes. Let's say this is once per quarter 2508 minutes downtime... Total so far 12,543 minutes - 10035 and a possible 2508 in security risks/breaches - a month in lost computing time. Let's say the company made 15,000,000.00 a year this breaks down into about: 41095.00 per day (* 365 days per year) 1712.00 an hour 28.53 a minute Let's say 10% of this lost time affects profits: 1254 minutes * 28.53 per minute = $35,787.00 Ok, let me be realistic, let's say only 5% of the time it affects profit: 627 minutes * 28.53 = $17,888.00 * 12 mos Not good or realistic enough, fine, 1% of the time it affects profits, 125.43 * 28.53 = 3578.51 per month in lost revenue from downtime. $42,942.21 per year in lost revenue /crapaganda Why should MS get off their rears when corporations are stupid enough to continue doing business with a shoddy company. MS isn't doing anything I can't do on BSD, Linux or Solaris using OpenOffice or other program. Why do I use Windows still here and there... Utter laziness to swap out my drive. Utter laziness to replace Visio with Kivio. Just sheer laziness that's all. Would I run a production farm on Windows, as fast as I would pierce my ear with a harpoon. I blame the end user at the end of it all: sarcasm Mom Tommy don't touch the stove you will get burned Tommy Ouch I burned myself Mom Next time be more careful Tommy Ouch I touched it again Mom Tommy you have to look at what you're doing Tommy Ouch, yet again Tommy is the idiot here not his stove, not his mom, not the gas fueling the fire, Tommy. /sarcasm -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo echo @infiltrated|sed 's/^/sil/g;s/$/.net/g' http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x1383A743 How a man plays the game shows something of his character - how he loses shows all - Mr. Luckey
Re: Every incident is an opportunity
On February 12, 2007 at 04:28 [EMAIL PROTECTED] (Robert Bonomi) wrote: Mostly the same as what I said, but one important difference: duck and cover was a response to seeing the flash (only seconds), not to sirens going off (minutes) which was generally get your coat and go into the hallway and close the classroom doors and await further instruction like maybe head to the basement, being sent home was discussed and there's even some cultish early 60's? movie that revolves around the teachers sending the kids home upon hearing nuclear attack was imminent, etc. BTW, I was in school (elementary/seconndary) in those days (1958-71), in a mid-sized Midwestern city. We -never- had any of those kind of drills. Apparently 'the powers that be' concluded that there was nothing in our vicinity that would be worth dropping a nuke on. :) POSSIBLE OPERATIONAL CONTENT: In the late 60s I remember having an interesting conversation with someone who did this kind of strategizing for the Dept of Civil Defense. His scenarios were markedly diferent from the urban folklore you'd hear from people about what the Russkies were likely to nuke, other than everyone agreed they'd try to get the silos and a few other key military assets to try to prevent retaliation. But by and large his scenarios worked forward from the assumption that it was a prelude to an invasion and if you're going to invade you don't want to destroy immediately valuable assets like big factories etc. which usually meant you didn't want, or have any good reason, to nuke major cities, they'd make good slaves. Notice how this they'll nuke the big cities first to kill as many of us as possible presumption carries forward even today to the central plot of the current US TV show Jericho (it's summarized in the wikipedia) tho of course the enemy and its strategy has changed since the end of the cold war. Then again much of 9/11 did kinda happen in a big city. Anyhow, far be it for me to try to outline an invasion for fun and profit scenario in less words than you'll tire of reading. But it's somewhat different than a white-hot grudge match fling them all at major population centers extermination scenario. The operational content is to be careful of folkloric wisdom in regards to major disaster no one involved has ever really personally experienced. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool Die| Public Access Internet | SINCE 1989 *oo*
Re: Every incident is an opportunity
On Mon, 12 Feb 2007 15:05:45 -0500 Barry Shein [EMAIL PROTECTED] wrote: In the late 60s I remember having an interesting conversation with someone who did this kind of strategizing for the Dept of Civil Defense. His scenarios were markedly diferent from the urban folklore you'd hear from people about what the Russkies were likely to nuke, other than everyone agreed they'd try to get the silos and a few other key military assets to try to prevent retaliation. Targeting strategy changed over time, because of changes in technology, quantity of bombs available, accuracy, perceived threats, and internal politics. For a good history of US nuclear targeting strategy, see The Wizards of Armageddon, Fred Kaplan, 1983. The short answer, though, is that it changed markedly over time. To give just one example, at one time the US targeted cities, with very big bombs, because the missiles of the day couldn't reliably hit anything smaller. Since that's what was possible, a strategic rationale evolved to make that seem sensible. --Steve Bellovin, http://www.cs.columbia.edu/~smb
Re: death of the net predicted by deloitte -- film at 11
--- [EMAIL PROTECTED] wrote: ... A recent report from Deloitte said 2007 could be the year the internet approaches capacity, with demand outstripping supply. It predicted bottlenecks in some of the net's backbones as the amount of data overwhelms the size of the pipes. ... Beware, the end is near! www.onboardmovies.com/publicity/Synopsis/images/0021553.jpg scott
Re: Every incident is an opportunity
Of course, but the point was the goal of that targetting. The US public by and large believed, and seems to still believe (i.e., the TV show Jericho) that the goal of a USSR attack was purely vindictive, complete annhilation. Apparently Civil Defense leaned more towards invasion as a goal. No doubt as weapons systems evolve how you achieve one goal or the other evolves. Either goal leads to different targeting strategies, as possible. If your goal is invasion then value preservation is important (factories, bridges, civilian infrastructure, etc.) If anniliation is the goal than it's of no importance, just bomb the densest population centers. On February 12, 2007 at 16:17 [EMAIL PROTECTED] (Steven M. Bellovin) wrote: On Mon, 12 Feb 2007 15:05:45 -0500 Barry Shein [EMAIL PROTECTED] wrote: In the late 60s I remember having an interesting conversation with someone who did this kind of strategizing for the Dept of Civil Defense. His scenarios were markedly diferent from the urban folklore you'd hear from people about what the Russkies were likely to nuke, other than everyone agreed they'd try to get the silos and a few other key military assets to try to prevent retaliation. Targeting strategy changed over time, because of changes in technology, quantity of bombs available, accuracy, perceived threats, and internal politics. For a good history of US nuclear targeting strategy, see The Wizards of Armageddon, Fred Kaplan, 1983. The short answer, though, is that it changed markedly over time. To give just one example, at one time the US targeted cities, with very big bombs, because the missiles of the day couldn't reliably hit anything smaller. Since that's what was possible, a strategic rationale evolved to make that seem sensible. --Steve Bellovin, http://www.cs.columbia.edu/~smb -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool Die| Public Access Internet | SINCE 1989 *oo*
Request for topic death on Cold War history (was RE: Every incident is an opportunity)
Of course, but the point was the goal of that targetting. The US public by and large believed, and seems to still believe [snip] If anniliation is the goal than it's of no importance, just bomb the densest population centers. To borrow from snarky comments past: Unless Vendor C has introduced a no nuclear-apocalpyse command that I need to enable in IOS, it seems that this thread has wandered far from the flock and subsequently lost most any relevance to the listserv and/or topic that spawned it. Cold War strategy is fascinating and all (I do mean that in a non-snarky way) but does it really belong on NANOG after it has seemingly dropped any pretense of being an analogy for anything list-relevant? -Feren Sr Network Engineer DeVry University
Re: Every incident is an opportunity
On Mon, 12 Feb 2007 17:12:56 -0500 Barry Shein [EMAIL PROTECTED] wrote: Of course, but the point was the goal of that targetting. The US public by and large believed, and seems to still believe (i.e., the TV show Jericho) that the goal of a USSR attack was purely vindictive, complete annhilation. Apparently Civil Defense leaned more towards invasion as a goal. No doubt as weapons systems evolve how you achieve one goal or the other evolves. Either goal leads to different targeting strategies, as possible. If your goal is invasion then value preservation is important (factories, bridges, civilian infrastructure, etc.) If anniliation is the goal than it's of no importance, just bomb the densest population centers. Some of the time, that was the goal... It's not that anyone wanted that; however, it was (a) achievable, and (b) it was part of the MAD -- mutual assured destruction -- deterrent strategy. One could argue that that part, at least, worked, though I would assert that that was at least partially by accident. --Steve Bellovin, http://www.cs.columbia.edu/~smb
Re: Request for topic death on Cold War history (was RE: Every incident is an opportunity)
Hmm, let's see. Nukes = cold war = arpanet = internet Yup, looks ok. On 2/12/07, Olsen, Jason [EMAIL PROTECTED] wrote: Of course, but the point was the goal of that targetting. The US public by and large believed, and seems to still believe [snip] If anniliation is the goal than it's of no importance, just bomb the densest population centers. To borrow from snarky comments past: Unless Vendor C has introduced a no nuclear-apocalpyse command that I need to enable in IOS, it seems that this thread has wandered far from the flock and subsequently lost most any relevance to the listserv and/or topic that spawned it. Cold War strategy is fascinating and all (I do mean that in a non-snarky way) but does it really belong on NANOG after it has seemingly dropped any pretense of being an analogy for anything list-relevant? -Feren Sr Network Engineer DeVry University
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Mon, Feb 12, 2007 at 12:50:20PM +0100, Per Heldal wrote: On Mon, 2007-02-12 at 10:13 +0100, Stephane Bortzmeyer wrote: Sure, just find these few simple things that will actually improve security. (My personal one would be Erase MS-Windows and install Ubuntu. If we are ready to inconvenience ordinary workers with computer security, this one would be a good start.) Isn't that like treating smallpox with anthrax? More like treating smallpox with cowpox vaccinations. That, at least, works. -- Joe Yao --- This message is not an official statement of OSIS Center policies.
Re: Request for topic death on Cold War history (was RE: Every incident is an opportunity)
Causality? WW2=nukes, cold war=arpanet=internet, surely? On 2/12/07, micky coughes [EMAIL PROTECTED] wrote: Hmm, let's see. Nukes = cold war = arpanet = internet Yup, looks ok. On 2/12/07, Olsen, Jason [EMAIL PROTECTED] wrote: Of course, but the point was the goal of that targetting. The US public by and large believed, and seems to still believe [snip] If anniliation is the goal than it's of no importance, just bomb the densest population centers. To borrow from snarky comments past: Unless Vendor C has introduced a no nuclear-apocalpyse command that I need to enable in IOS, it seems that this thread has wandered far from the flock and subsequently lost most any relevance to the listserv and/or topic that spawned it. Cold War strategy is fascinating and all (I do mean that in a non-snarky way) but does it really belong on NANOG after it has seemingly dropped any pretense of being an analogy for anything list-relevant? -Feren Sr Network Engineer DeVry University
Re: Request for topic death on Cold War history (was RE: Every incident is an opportunity)
Come on guys... Some more originality please... Internet---Al-Qaeda fundraisingAfghanistan---USSR vs. USCold war Arpanet--- Internet. Vicious cycle. -mike On 2/12/07, Alexander Harrowell [EMAIL PROTECTED] wrote: Causality? WW2=nukes, cold war=arpanet=internet, surely? On 2/12/07, micky coughes [EMAIL PROTECTED] wrote: Hmm, let's see. Nukes = cold war = arpanet = internet Yup, looks ok. On 2/12/07, Olsen, Jason [EMAIL PROTECTED] wrote: Of course, but the point was the goal of that targetting. The US public by and large believed, and seems to still believe [snip] If anniliation is the goal than it's of no importance, just bomb the densest population centers. To borrow from snarky comments past: Unless Vendor C has introduced a no nuclear-apocalpyse command that I need to enable in IOS, it seems that this thread has wandered far from the flock and subsequently lost most any relevance to the listserv and/or topic that spawned it. Cold War strategy is fascinating and all (I do mean that in a non-snarky way) but does it really belong on NANOG after it has seemingly dropped any pretense of being an analogy for anything list-relevant? -Feren Sr Network Engineer DeVry University
Re: Request for topic death on Cold War history (was RE: Every incident is an opportunity)
On 2/12/2007 at 3:13 PM, Alexander Harrowell [EMAIL PROTECTED] wrote: Causality? WW2=nukes, cold war=arpanet=internet, surely? Hitler=WW2=... Godwin! Please? Anyway, we all know Al Gore invented the Internet. On 2/12/07, micky coughes [EMAIL PROTECTED] wrote: Hmm, let's see. Nukes = cold war = arpanet = internet Yup, looks ok. On 2/12/07, Olsen, Jason [EMAIL PROTECTED] wrote: Of course, but the point was the goal of that targetting. The US public by and large believed, and seems to still believe [snip] If anniliation is the goal than it's of no importance, just bomb the densest population centers. To borrow from snarky comments past: Unless Vendor C has introduced a no nuclear-apocalpyse command that I need to enable in IOS, it seems that this thread has wandered far from the flock and subsequently lost most any relevance to the listserv and/or topic that spawned it. Cold War strategy is fascinating and all (I do mean that in a non-snarky way) but does it really belong on NANOG after it has seemingly dropped any pretense of being an analogy for anything list-relevant? -Feren Sr Network Engineer DeVry University BĀ¼information contained in this e-mail message is confidential, intended only for the use of the individual or entity named above. If the reader of this e-mail is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please contact [EMAIL PROTECTED]
Re: Request for topic death on Cold War history (was RE: Every incident is an opportunity)
Alexander Harrowell wrote: Causality? WW2=nukes, cold war=arpanet=internet, surely? Heh. We're that close to invoking Godwin's Law here. :-) On 2/12/07, *micky coughes* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Hmm, let's see. Nukes = cold war = arpanet = internet Yup, looks ok. -- Jay Hennigan - CCIE #7880 - Network Engineering - [EMAIL PROTECTED] Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV
Major outage in Montreal, Canada
Hi, For thoses that are affected by the fiber outage that currently takes place in Montreal, I've got some clues. It could take some time to repair, as they are currently trying to localise the failure location. The SRDP (http://www.srdptele.com/) is working with the CSEM (http://www.csem.qc.ca) to fix this. UPDATE: they now know where the fibers were cut, and the SRDP is expecting the links to be up in 60-120 minutes. The outage almost isolate the datacentre Canix II from the Internet since today, 5:35PM, and Cogent (http://status.cogentco.com) was affected also. Maybe others. -- Vassili Tchersky Koumbit Network - 514-387-6262 #2
Re: Every incident is an opportunity
warning-- this thread is so far off topic, i can't even REMEMBER a topic that it might once have had. hit D now. [EMAIL PROTECTED] (Barry Shein) writes: ... If your goal is invasion then value preservation is important (factories, bridges, civilian infrastructure, etc.) ... so if the last remaining superpower were to bomb a country in the middle east in preparation for invasion, regime change, etc., that superpower would be well advised to avoid hitting civilian infrastructure, assuming that its bombs were smart enough to target like that? (i'm sorry, but your theory doesn't sound plausible given recent events.) -- Paul Vixie
Re: death of the net predicted by deloitte -- film at 11
On Mon, 12 Feb 2007, Peter Beckman wrote: NBC can now stream their shows to me as a .mp4 and I could grab them as fast as they could send it, rather than in realtime. They might offer the same stream at different data rates: 1mbps, 5mbps, 10mbps, 30mbps (for those of us lucky enough to have Verizon FIOS at home). The streams would simply repeat once they streamed all the files in a list. That is what layered IPmc is. There is a base stream and on top of that additional layers are interleaved and you pick up just what you need - depending on your b/w. There are other facets to layered IPmc such as staggered streams, whereby the same VOD is transmitted 10x an hour, at 6 minute intervals and using clever encoding you tap into the multicast stream and within an average of 3 minutes your VOD starts playing - at the level of quality based on your available b/w. I've seen this in action as far back as 1998 and just don't quite grok why it never took off. -Hank
Re: death of the net predicted by deloitte -- film at 11
On 2/13/07, Hank Nussbacher [EMAIL PROTECTED] wrote: I've seen this in action as far back as 1998 and just don't quite grok why it never took off. Let me paraphrase a couple folks who summed it all up very nicely: So assuming router state based multicast, how do you bill on that if the stream is exploded on the opposite end of, or in the middle of, a transit network? The simplified answer of only as the stream actually transiting the network won't fly with most bean counters, because in their eyes, every packet going through the network should be billed as bandwidth consumed. Multicast turns that notion inside out, because while multicast saves bandwidth generally, the bandwidth multiplies as it transits a for-pay network, meaning that more resources are consumed and thus ... could be billed for money. Traditional v4 multicast, then, is unlikely to see deployment outside of an organiation's own garden network, and you have near zero uptake. Follow the money, as always. :) -- -- Todd Vierling [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]