Turning the Tables On "Phone Tech Support" Scammers
I managed over an hour and a half the other day.
I learned a fun one from a particularly annoying call.
Get them to repeat the messages. They rattle off the instructions, wait ten seconds, then ask them to repeat it. Alternatively, wait until they have rattled of the entire instruction, then slowly repeat the exact words from the beginning "first.. press.. the.. start.. button.. and.. type.. in.. "
Tell them you need to write it down first to make sure you do it correctly. Since you as the 'victim' don't want the infection to be worse you obviously should write it down to make sure you do it exactly right.
Naturally you can use the time for more productive things, like looking up ways to best take up the time of the scammer.
Microsoft Agrees To Contempt Order So It Can Appeal Email Privacy Case
It is actually illegal. You can't deliberate engage in activities to make it more expensive or complex for law enforcement to search subpoenaed records. That's contempt of court.
Emphasis in your quote.
As gets mentioned every time this story appears on slashdot, this is a warrant not a subpoena. The two are different tools. Both are used to find things but one is clean and neat, the other broad and aggressive. As a parallel, a subpoena is a scalpel and a warrant is a chainsaw.
A subpoena says 'We know you have this specific information, provide it to us within a time frame'. They get subpoenas of this type all the time. There is no dispute a subpoena would get the document no matter where in the world Microsoft held it.
A warrant says 'We will search for and take anything even remotely related to this, search it ourselves on our own terms.' When they demanded dumps of servers and copies of databases they were told the servers were in another nation and were not subject to a US warrant.
As was discussed in the previous incarnations of this story, the warrants are rather broad demanding they turn over everything related to the email address and user in question even if it isn't related to a criminal investigation. They want it all, everything the user ever touched or potentially touched, everything sent to the user, everything related to the user. While government investigators can usually get that through a broad warrant, they cannot get that with a subpoena. A subpoena would give them the specific emails related to the crime under investigation, but it is quite likely they already have the specific documents they could ask for.
Facebook Blamed For Driving Up Cellphone Bills, But It's Not Alone
Facebook has provided this. Just hit settings and turn off autoplay videos and you get a lovely little play icon.
This article is another big whine on behalf of users who don't bother to actually hit a settings button or Google a problem.
That's news to me. Thanks for telling me. Default setting adjusted.
Also relevant to your "everybody already knows" attitude, there's an XKCD for that. No, everybody does not know about it.
Combating Recent, Ugly Incidents of Misogyny In Gamer Culture
It doesn't seem to be pervasive. We've all seen the recent stats on similar stories. Over half of all gamers are female. Less than 1/5 are under the age 18. The stereotypical teenage boy gamer is a small component of the "gamer" culture.
I doubt this is "Misogyny In Gamer Culture". I think instead this is just a few vocal idiots.
Mysterious, Phony Cell Towers Found Throughout US
Picking up phone calls over TV tuners is one thing. Buying and installing a product with a name like "VME Dominator".
One of those can happen by innocent mistake. The other sounds ... well, not so innocent.
How Big Telecom Smothers Municipal Broadband
So you don't think the government should step in if the big guys are abusing their monopoly? You don't think the voters in a municipality should be allowed to decide for themselves if they want the government to establish broadband services for their own use? I know it's a popular meme to presume that governments are nothing but incompetent but the reality is that sometimes the government is the best way to get something done. If the existing ISPs find it not worthwhile to serve a population I see no credible argument why the local government couldn't fill that role if the taxpayers want them to. Might not be economically ideal but sometimes perfect is the enemy of good enough.
My region (the 2M people metro area) is going through municipal broadband fights. They started the fights back in 2002.
The group got an initial rollout in a few of the smaller cities, roughly 11,000 people got hooked up. Then the entrenched monopolies kicked in.
* Lawsuits from both the incumbent megacorps on cable-based and phone-based Internet on the claim that it was unlawful and anti-competitive for a state agency to compete with an established business. The lawsuits took several years and cost millions. The judges and the appeals court found that government is allowed to provide services, similar to how they provide municipal trash services and still businesses compete; nothing prevents the cable and phone companies from competing if they want.
* Every year state legislators keep introducing new bills prohibiting government agencies from competing with existing businesses, or requiring that governments cannot provide information services to the public without high fees and those fees should go to education, or that any group providing Internet services have so many billions in assets to mitigate risk of disaster, and other variations. Invariably a little research shows the legislators get money from the phone and cable companies, and the company lobbyists vocally support them. The municipal fiber groups have needed to spend several million dollars to fight these as well.
* In a few cities installation was unexpectedly stopped again when some of the smaller cities discovered their own contracts with the megacorps demanded that they couldn't build their own systems until after a multi-year vetting process with the megacorps plus giving them another multi-year opportunity for megacorps to adjust prices and to improve their infrastructure. Basically the smaller city and town governments signed deals for their own cheap Internet that block municipal fiber within their limits for a decade or more. Since then the FCC and other groups have urged cities to be more careful in the contracts they sign.
* Incumbents even got the federal government to drop contracts. In one case they had a contract with the federal government for a $66M under the RUS. After the municipal system had invested and contracted based on that contract it was unexpectedly cancelled. Investigation showed the federal contract was cancelled because the federal RUS system was threatened by the megacorps. A chain of 'smoking gun' emails were discovered where Comcast and CenturyLink demanded the RUS cancel the contract or the two megacorps would act against it; a lawsuit on tortious interference is ongoing, but the cost will be several more million before any ruling will follow, in the mean time the municipal system is out the $66M plus all the interest they need to pay on the emergency loan they had to take out to avoid defaulting on the expenses.
* Because the megacorps have forced the municipal fiber system to spend hundreds of millions on lawsuits and illegally-broken contracts, and because the redirected money has resulted in higher interest rates and longer-term loans costing over $500M to date, they are leveraging it and constantly sponsoring print ads, billboards, and TV ads (on their own cable networks) making nonspecific claims about how the municipal fiber has collected so many millions but only invested a limited amount and how so few people are currently hooked up. The city is covered with signs paid for by the megacorps with things like "$500,000,000 Wasted!", "Municipal Fiber Failed!", "Demand (city) Stops Internet Tax!" They all say things like "sponsored by Citizens for Fair Taxation and Representation", which in turn are run by and sponsored by the megacorps. They fail to mention that they're the ones who induced the huge expenses.
* The few people who are hooked up try to convince everyone just how good it is. Just $20/month for a hundred megabit (both ways) Internet connection on a fiber-to-the-home connection. Business pay a just little more and are seeing into the gigabit speeds. They are immediately drowned out by people making claims that is only cheap because the entire region is subsidizing only a few thousand connections and that nobody will ever see that when everything is hooked up and that we should all by Comcast because it is only $45 for the first year plus taxes and fees and installation. They are also accompanied with ads are along the lines of "Right now you are paying the city $20 every month for high speed Internet that you can't use. Get high speed Internet from Comcast starting at just $45 per month for the first year."
So while it is nice to think the governments could do that kind of transformation, know that the incumbents see this as a death threat. The cable and phone monopolies are willing to spend hundreds of millions of dollars fighting municipal broadband because they see it as a threat to their very existence. It is very much a case of adapt or die, but they fail to see the adapt part.
New Nail Polish Alerts Wearers To Date Rape Drugs
Looking over the USDOJ stats, it seems Rohypnol is a regional problem with relatively low use count. In many places it is listed as "the least accessible date-rape drug", in other regions it is a suspected factor in hundreds of rape cases. The numbers show it going from about 1000 suspected cases nationally in 1997 to it's modern level of being suspected use in 1.5% of rape cases, a few thousand cases per year. Consider: how many hundreds of thousands of dates where a drink is consumed are there every year? Millions of drinks? Hundreds of millions of drinks? On a per-drink basis the number of uses is a very small percentage. Since it is small as a percentage that suggests going after bigger percentages for the bigger reductions.
While any number bigger than 0 is a problem, as a statistic these two drugs are not used in a high percentage of rapes, and date rapes themselves are relatively rare. I'm not trying to trivialize it. As the parent post suggests, a very rare problem does not lend itself to a TSA-like drug test where millions of drinks are tested for something detectable only a few thousand times annually at a maximum. My rough estimate is around 100M drinks across the nation over the course of a year, roughly 3000 testable contaminated drinks, so 0.0003% of date drinks, or one in every 30,000. That's a lot of useless fingernail-dips.
I suppose if you do go that route, of the new products this one that continuously monitors your drink by the cup and straw changing color seems much better than nail polish you need to dip frequently. It is both passive and continuous. Someone could slip the drug in after you dunk your fingernail, but the sensor on the container or the straw is 'always on'.
It's Dumb To Tell Kids They're Smart
If you only ever praise effort instead of achievement you will wind up with a generation of morons that think they're great just for trying even when they never get anything done.
Let's try again...
rewarding the effort and the completion of tasks rather than rewarding the natural state.
Trying to reward "being smart" is ineffectual at best. Similarly it is ineffectual to reward basketball players just for being tall, or reward a junior player simply for being young, or reward a senior player simply for being senior.
Rewarding effort and completion are effective at teaching students that those (rather than the grades or being first place) are important. If being first place is the only thing that matters then means are unimportant: break the opponent's equipment, or even put your opponent in the hospital, to reach the goal of being first. If grades are more important than learning, cheat from your neighbor or hack the grade book so you can get the rewarded grade.
When the rewards focus only on the final scores you get children who value the wrong things. Once their life of cheating in school is done, it transitions to the real world into lying, cheating, and stealing to get other outcomes without putting in effort or completing work. Or, if they use those patterns in management to try to encourage others they will be confused about why those same patterns fail to produce positive results.
Real world example:
At one place I worked several years ago there was a team of 6 salespeople. Management wanted to get the most sales out of them, so they created a reward. They made a big poster and charted sales, the highest sales would get a paid trip to a fabulous resort plus some spending money. Most of the salesfolk instantly gave up. In the first week there was a clear leader: The senior salesperson was about quadruple everyone else. By the end of the first month the senior person polished off another deal; they were at over $200K three were between $50K and $20K, and the two intern-type grunts were around $5k each. The reason was obvious to several of us, the senior salesperson worked with management to build and sign the corporate contracts, the three medium-tier people had a collection of established regular customers, and the entry level noobs were stuck with cold calls. After three months the senior salesperson acted all thankful and grateful for the challenge, the attitude of 'better luck next time' to those who obviously never had a chance. When I talked with the mangers about it they were confused about why the interns were upset and why the more experienced workers weren't putting in an effort to win. They couldn't understand it because their own value system only valued the end goal and competition rather than effort, cooperation, and completion. Their challenge rewarded tenure rather than growth. Sales were down significantly over those months. The end result was less money for the business, reduced morale, and one of the salesfolk quitting over it.
A far better system would have been to set an ambitious combined sales goal, and all those who helped cross some boundaries get the reward. The tenured staff then has an incentive to help the beginners succeed, and everyone has an incentive to increase total sales. Instead of rewarding the natural and immutable situation of tenure, they could have rewarded effort and completion of sales. Everyone whose efforts contribute to the completion of the goal gets the rewards. These systems tend to work well as incentives. For example, "If we meet X we'll have a team party", or "everyone who meets goal X will get two days off." Those who have crossed the threshold typically then help their peers to also cross the threshold.
Rewarding "You sure are smart", or "You sure are tall", or "you sure have tenure" is just plain stupid. It might feel good to the person giving the reward and the person getting the reward, but to outsiders it is usually painfully obvious that the system is broken.
It's Dumb To Tell Kids They're Smart
Praise the kid for good ideas, but also ask your kid - how do you think this or that could be better?
Those are part of it, but really the report is just that Khan discovered something well-known in education.
Really, it is well known for everybody involved in motivation.
You get more of whatever you recognize.
Any school teacher can explain how when you point out the bad behavior, "Johnny, sit back down", you have rewarded the child. It may not be what most people think of as recognition, but it serves to reinforce the behavior.
When you recognize a child "You are smart", or "You are so fast", or other attributes that they cannot control, it can have many negative effects. One negative effect is the child can become complacent. They may think to themselves, I'm already good enough, I don't need to do any more. When that happens the child will quickly stop succeeding. Another negative effect is the child can become fearful. They may think to themselves, I don't know what I did to become smart, what if I'm not smart enough tomorrow? What if I lose it? I've seen this happen to several children who quickly break down.
Instead, educators are taught to reward effort when they see it. Publicly praise how Johnny has worked hard on the project. Comment about how it looks like Jenny spent many hours researching the detail. When you are uncertain, praise anyway, "It must have taken some effort to prepare all of this, good job."
Those families that encourage learning tend to also reward and encourage effort. There may be a few of the "you're so smart" complements, but there will also be statements like "Good job figuring those details out", "That looks complicated, it must have taken effort to understand", "You studied a lot", etc. Generally the focus is (and should be) on rewarding the effort and the completion of tasks rather than rewarding the natural state.
Rounding it out, for kids in sports you complement "Good job working hard at practice today" to reward the effort rather than "Good job at being so tall" which is something they cannot control.
51% of Computer Users Share Passwords
It would really surprise me if your Android phone *doesn't* have this feature, because it *is* required by law. Mine certainly has it.
This is one of those funny cases were people accidentally out themselves as not securing their phone.
The phones legally must display it in most countries, but only if the phone is locked or password protected. If there is no password required to get in, just a "swipe to unlock" rather than a security system, the button does not appear.
Lack of emergency call button == unsecured smart phone.
(Or a fairly old phone, or a hacked phone that breaks the law in many nations.)
$125,000 Settlement Given To Man Arrested for Photographing NYPD
Right, because trial can set precedent and the city *really* doesn't want that.
Precedent is only part of the story.
A settlement comes with the clause that they do not admit to any guilt. If the courts get involved, and a guilty verdict comes down, it also comes down with the "under color of law" modifier. That comes with a year in prison at the lowest tier. If there was bodily injury if weapons were used or threat of weapons was used, it jumps to a ten year prison term. The third tier, which triggers if the acts result in death, threat of death, or if they include kidnapping (which false arrests can qualify under), attempt to kidnap, sexual abuse or its attempt, the punishment can grow to life in prison.
It doesn't matter what their original violation was, those are additional bonus punishments of up to a year, a decade, or life in jail.
They will fight in the courts right up until the court decides they are no longer immune. The moment the immunity is broken they will do anything to take a non-guilt settlement.
LEOs (both as individuals and as departments) will do all they can to avoid an actual guilty verdict when their own acts are done under color of law. They will try to get any other deal or settlement they can rather then spend time in the prisons they helped create.
German Intelligence Spying On Allies, Recorded Kerry, Clinton, and Kofi Annan
Yes, countries spy on other countries. All of their hands are dirty to some extent.
The difference is the method and extent of targeting. As a wartime example, it is the difference between a sniper rifle vs Agent Orange.
There are various 'socially acceptable' levels of international espionage. Military groups are going to spy on other military groups, sure. Installing listening devices inside embassies, I understand that. Under international law it is well regarded that those INDIVIDUALS who engage in an activity against another party can be subject to similar activities by other nations. That is, government spying on government is okay. Government spying on citizenry is NOT okay.
The Geneva Convention implemented and now all nations are bound to treat non-combatant civilians as 'protected persons'. While they might be affected by actions, they are unlawful targets and violators are considered international war criminals. Those same protections should apply even during times of peace and apply to espionage, but unfortunately they don't.
"Ethical espionage" is not a contradiction in terms. Just as in traditional warfare the common citizenry are protected and are illegal targets, so to should they be off limits to espionage. The "Just War" doctrine, which currently includes details like only attacking war-related targets, ethical treatment of prisoners, post-war reconstruction and recovery for the citizens, should apply just as well to espionage.
The Man Responsible For Pop-Up Ads On Building a Better Web
He made great improvements on the book.
Improvements along the same way we see many improvements in software. Things are certainly different and a few changes are enjoyable, but some changes leave me longing for the original.
Ask Slashdot: Should You Invest In Documentation, Or UX?
On the projects I've worked on over the years, I had the pleasure of working with one that created a lot of little items. (My contribution was 48 unique creations over 21 months, as a team bringing in roughly $16M and bringing in nice bonuses to everyone.) Our designers had a wonderful philosophy:
1. Write the requirements as the final outcomes. These are along the idea of a sprint's acceptance criteria defining the what, not the how.
2. Write the end user documentation with complete screen mockups. For us, everything could be done in no more two mouse clicks. Take time to ensure everything is consistent and uniform and easy. These were reviewed by the ten people on the team, our QA group, and about fifteen people on completely unrelated projects who had no experience working with our systems.
These two items, the "what" of the requirements and the end user documentation, were typically fought over and revised many times over the course of one or two weeks.
Only after we had firmly established what precisely the tasks were and how exactly the user accomplished them did we start into main development. Once we knew the "what" and we knew the UI steps to trigger them, building the parts in the middle was a simple matter; The initial tests and acceptance criteria can be built directly from the design doc, and with a bit of TDD the new components could be created and tested easily while the next round was designed.
I miss that group. It was rather frustrating to have the entire profitable team get dismantled because a newly-hired CEO wanted to shake up some parts of business and make complicated what was once easy with mega-apps rather than pluggable pieces.
A Thousand Kilobots Self-Assemble Into Complex Shapes
I also misread at first and needed a double take. If it was 1024 killbots I'd be rather worried.
If they're Futurama killbots we can just throw wave after wave of soliders and police into them until they exceed their kill limit safeties.
If they were more like Terminator killbots, the world would be screwed.
But since they're kilobots rather than killbots, having a kilo of kilobots sounds like fun.
Berlin Bans Car Service Uber
Like most things in real life, there is nuance to that case.
The companies DO provide insurance. $1M in coverage, but it is only in effect from the time the ride is accepted to the time the passengers exit. That situation was an edge case, an auto/pedestrian collision right at the border of that time, immediately before the passenger was in the car. They denied coverage because the event happened immediately before coverage took effect. Much like having an insurance policy that takes effect October 1st and having damage reported September 29th, the collision happened immediately prior to the policy becoming active. Tragic, but unfortunately it happens sometimes. Rather importantly, they have since extended the time of coverage so if it happened today it would be covered. So when another tragedy like that inevitably happens the full $1M insurance will be in effect.
Both Uber and Lyft have added additional insurance which is in effect any time the driver marks themselves online as 'available'. The insurance rules can be summed up pretty easily:
* Logged out / unavailable: Your own insurance covers you, nothing from company as you aren't on the clock.
* Available but between jobs: Company provides $50K in supplemental insurance, after your insurance pays as the primary.
* From "ride accepted" to "ride finished and passengers is away from vehicle": Company provides $1M as primary insurance, personal insurance is secondary.
I assume it is similar for all their locations, but it may be different in Germany where they were banned.
The California proposal is to increase the insurance coverage for the "Available but between jobs" segment from $50K to $750K, which would cost quite a lot more for the company and is dramatically more than what traditional taxis must have for collision and liability. I would only agree with the bill if it affected all transportation companies, not just the newcomers.
Ask Slashdot: Why Are Online Job Applications So Badly Designed?
Not to mention that, in software, I'd be in a bit of a quandary over recommendations. I am willing to testify that numerous of my friends are smart and honest and do stuff, but I've almost never seen any of their code, so I can't comment on their technical proficiency and programming ability.
That isn't how employee referrals work.
For the existing employee, you get a copy of their resume and contact information and give it to the boss with the opening. You tell them "I got this from a friend [or friend of a friend], I have no idea how good he is, but we are offering a $500 referral bonus. He looks good on paper and they are very interested in working at this company." The referring employee does not need to forswear their firstborn child against the referral being the perfect worker.
All it says is "this person is particularly interested in the job. I think they should pass or bypass the first two HR filters since it looks like they are qualified."
Ask Slashdot: Why Are Online Job Applications So Badly Designed?
It seems you missed an important part of my post:
This means that while it is still important to apply through the web because they pull many workers through there, it is far more effective to get an employee referral.
I did not state nor imply that you should not apply through the web sites. Instead I recommended that you maximize your efforts on the most effective path.
Once that most effective path is exhausted, spend your time on the next-most effective path. Once that path is exhausted, work your way down through the various less-effective job hunting methods.
While 40% of workers coming from direct referrals, 35% come through web sites. That is still a large number, but your application is less than one-tenth as likely to get the job. That doesn't mean "don't apply", instead it means "apply through the most effective method". One of those two methods is an order of magnitude more successful, so take it.
As for not having a social network, that is a fairly rare thing. You probably have family members (unless you are perhaps an unadopted orphan with no siblings, and unmarried and childless). You probably have one or two friends or at least acquaintances. If nothing else you have a weak social network that includes several thousand active /. users.
While a direct friend is best they may not work at the target company. You probably have a friend-of-a-friend-of-a-friend at every corporation in the world. Find that chain and you instantly boost your odds by an order of magnitude.
Ask Slashdot: Why Are Online Job Applications So Badly Designed?
There is no relationship between an online job application and getting a job.
Online job applications are neglected because no one needs 10,000 online forms filled out for 1 job.
It is well established (through most of history) that direct contacts and personal networks are the most likely way to get jobs. A few seconds on Google pulls up many research studies and sites that maintain real statistics (rather than just made-up numbers) on the topic. Like this one among many.
That one linked to is interesting because of the various charts. For those companies they track, direct referrals are only 6.9% of the applicants but represent 39.9% of those actually hired. Job boards and web sites account for 74.9% of the job applicants and 35.8% of the hires. This means that while it is still important to apply through the web because they pull many workers through there, it is far more effective to get an employee referral. In other words, one hour of working your social network looking for a referral is equivalent to roughly 12 hours of submitting web-based job applications.
The Internet is great for research and finding people in the organization, great for learning about openings. But when it comes to actually applying for a job, spend your time farming your social network to find someone who knows someone at the company rather than just applying through their site.
Oracle Hasn't Killed Java -- But There's Still Time
Besides, who would want to work on a stable platform where all the major library needs have been met and vetted when one can be on the bleeding edge of something new to show off?
It is nothing to be too concerned about, it is part of the normal life cycle.
Like happens to all languages before it, Java has slowly changed from a lean and sexy system into an overweight, middle-aged, sometimes nagging system that is not really much to look at. While it is great to have around, cooks great meals, and keeps the house clean, it is not attractive any more.
Nothing to be ashamed of.
Systems get older. Usually they get less attractive as they age and stop attracting people.
Java was once that lean and sexy system when compared to its contemporaries. I was there when C++ was lean and sexy compared to predecessors. I remember hearing stories about C being lean and sexy compared to needing to rewrite the program for every system.
Lots of new languages are popping up that are new and sexy. Dart and Go and Boo languages are all cute (and are mature enough that people don't look away and mumble 'tsk tsk'). Apple's new Swift language looks cute but is still a bit too young. While I have a lot of code in Java, I'm not married to the language and can use them as they appeal to me.
Now for my rambling "get off my lawn" story. Stop reading here if you don't want to listen to grandpa babble about his old conquests and drift into a drooling sleep.
I first started playing with C++ around 1985. It was so easy to create systems compared to the C systems I was also working on. I could modify behavior really easy with inheritance. I didn't need to specify my structure on every single function, just use the fancy new member functions that passed it automatically with the this pointer. Function names were much simpler, instead of the format NounVerbNoun they could be reduced to VerbNoun or just Verb. So much less typing. I didn't need to maintain tables of function pointers inside every object. I didn't need to follow every allocation with a series of intialization statements, but throw them into a constructor. I didn't need to search the entire code base and make hundreds of changes when adding something to a structure, I could just modify a single file. It was wonderful. But over time people kept adding new requirements and best practices; when you do this you also need to do five other things. Build times radically increased as features like templates were added (they were not there originally) and then huge swaths of code was automatically generated at runtime, or hundreds or even thousands of potential types were evaluated as potentially deduced types. It slowly changed from young and sexy to old and ugly.
I first started programming with Java back in the 1.1 days, around 1996. It was so easy compared to the C++ systems I was also working on. I could create a good looking graphical program that I could run from a web page in a matter of minutes, or hours at most. My first real project at the time was a distributed image processing tool, with back-end clients running on 12 machines and a coordinating server, and the whole project took less than a week. If I needed to build a similar tool in C++ at the time it would have taken five or ten times the effort. Being able to simply rely on java.net.* rather than trying to find a networking library, relying on java.awt.Image classes to process the work, and otherwise having everything instantly available made development very easy. I could dynamically build images and pass them over the web with a trivial amount of human effort.
Today I could still do that, but it would upset people. I would be asked things like "Why doesn't it use Maven to build it? Why don't I use more advanced image processing packages? Why are these talking directly with network libraries rather than using a comprehensive REST-based system? Why is there no comprehensive unit testing?" All the little additions have crept in to the process making it just as time consuming --- if not more --- than C++ was at the time I picked up Java. That makes it no longer lean and sexy, more of an overbearing source of frustration.
Finishing up my ramblings, Java has become annoying to use. There are lean, sexy, young alternatives. Java could re-invent itself to appeal to a new crowd, but I don't think it will.
From an article about the degradation of the Internet
You sell a simpler box where security is the primary factor. A lot of grandmas and older people might go for something that only does AOL, mail, web browsing and maybe printing and digital photos.
That might solve part of the problem (consumer side) but not the issue that the article was about. It does not solve the real issue.
Making a grandma-friendly, secure, e-mail and download-only box would not do what the article suggests is happening. It might keep grandma from getting infected with the latest worm, but she will still get progressively less useful bandwidth from her modem. Grandma might have a 256Kbps DSL modem. She might even be fairly lucky and after dropping the malformed packets and garbage already out there, get a 200Kbps rate right now. But next year it might be 150Kbps, then 100Kbps as a few million script-kiddies are scanning for the next generation of BackOrafice trojans. Then she'll go buy a faster connection, because her Internet connection is slower than she wants. Her new connection will give her more visible speed, but would still be dropping a majority of the packets.
I've seen the issue first hand. I'm with a small business, where we have a shared T1 line. Our upstream provider performs some packet filtering, but not much. After we pay for the data through our T1, we filter it. We drop malformed packets, packets from reserved and unassigned addresses, source-routed packets, and so on. We detect and block portscans and other obvious attacks at that point as well. We average a 7-10% packet loss through that filter daily. Next, we run SpamAssassin at a high filter level (15) along with attachment and virus blocking of emails, which collectively drop thousands of e-mail messages daily. Additionally our computers are running ad-filtering programs that save us a lot of bandwidth, but ads still slip through.
If we were to assume that all the ads also got through, that is about 20-25% of our bandwidth wasted in complete junk, and that percentage has been increasing for the past two years that I have been watching it. Next we have a bunch of legitimate, but unwanted, traffic. That includes file sharing and trojan ports, incoming http, mail, telnet, DNS, ftp, rpc, and other assorted ports. We get a few hundred of these each day, and the number is always growing. Some might be people in the company trying to use NetMeeting or something, even though it is against policy. Some may be legitimate errors, while the remaining others are probably probing for systems to attack.
The article says that the problem is this growing collection of junk -- currently about a quarter of our bandwidth -- which will quickly kill the Internet unless there is a change.
Unfortunately, I agree with the author of the article; unless we see some fundamental changes, it will become unusable. There are a number of good ideas already out there as to what that may be.
One idea that I like is to remove the anonymity of end-to-end, while preserving the end-to-end functionality. Every handler of every packet signs the packet, and drops packets from sources they do not trust or with invalid signatures. The sender cannot deny sending the message, each handler signs the packets and cannot deny that they handled it, each handler can state that they directly know who they received it from, and that all end-points can verify the sources. That allows any message not properly signed and not properly addressed to be dropped, and allow for law enforcement or system admins to find out who the attackers are, or exactly which machines have been compromised.
The only significant drawbacks to that system are the resources involved in all the digital signatures and the loss of anonymity. I can only see a few reasons for anonymous speech (whistle-blowers, victims of crime, etc.) but there are other anonymous outlets for them. Online, I think non-repudiation should be built in, so long as you have encryption tools available. Your boss/government/police/mafia could know that you said something, but not know what it was.
Until that level of fundamental infrastructure change spreads across the Internet, making a grandma-friendly Internet console isn't enough. The DDoS attacks on everything from spam blacklists, litigous companies like RIAA and SCO, honest mistakes like U. Wisconson's time servers, and script-kiddie behavior will continue to degrade the Internet. The spammers clogging up mailboxes and usenet will degrade the Internet. Tomorrows worms, along with todays worms on unpached systems, will continue to degrade the Internet. More people with cable-modems downloading movies will degrade Internet performance. In short, continuing our course will be just a little worse until we hit a very-near critical threshold. Then our performance will be like a figher jet slamming into a wall of jello. We need to change course, or face some serious performance losses.
Musings about a Corpus of Truth
I've had a problem with the corpus of facts that people are willing to allow in their arguments lately. These in turn lead to stupid arguments, that lead to my compliants. So here are the complaints.
The first is:
Mankind has been wrong about science for all of recorded history, why are some people assuming that the newest theory is the absolute, final, last word?
Science is a progressive refinement of ideas. There was a time when the public believed that that maggots came from rotting meat and that frogs came from mud around lakes and streams or that they came from rain. Given the corpus of facts that they could work with, those were perfect, scientific beliefs.
The corpus of truth, or the accepted facts at that time [through Europe, at least] included only what could be viewed by the naked eye, and what was accepted by the Church. Since the Church probably didn't have much to say about maggots and rotting meat, it was a simple observation that (1) you had rotting meat, (2) maggots appeard, therefore maggots came from rotting meat. Similarly, (1) While at a pond there were no frogs, (2) It started raining, (3) the area got muddy, (4) frogs appeared. Sure, modern science has pretty much cleared up the origin of maggots and frogs, but it doesn't stop there.
Newtonian physics was around for quite some time, and they have been succeeded by similar equations based on Relativity. These are being further refined today. But these refined models will probably be succeeded in a few decades by yet another model that more accurately describes the Universe, and our current views will be considered 'Wrong'. But that won't mean that Newtonian models will suddenly stop working, or that the Einstienien models will stop working, just that there are more accurate models that can be used.
The point is that our current scientific views should never be taken as the absolute fact of the thing, but just as another iteration that is better than what was there before. Each of these 'facts' is added to our corpus of truth, which helps us better understand the things around us.
This leads to my second complaint,
Some people claim "Religion cannot be demonstrated by Science". That is a stupid argument.
This comes back to the corpus of truth. What are you willing to give me in my corpus? If you give me only the things I can observe with my naked eye and bare hands, I'll prove that maggots come from rotting meat and frogs come from either rain or mud. But with only my bare hands and my naked eyes, I cannot prove cellular theory, or astronomy, or even how reproduction works. If you give me only what can be observed with the naked eye and manipulated with bare hands, it becomes difficult to prove religion.
If you take one simple thing from a mathematician's corpus of truth, let's say the definition of equality or the definitions of addition and subtraction, they will lose all ability to operate. Sure, it is possible to prove addition and subtraction with advanced math, but that math cannot be proven without addition and subtraction. Similarly, if I require proof that a number is always equal to itself, but I refuse to allow any definition of equality, I can destroy all of mathematics.
The point here is that all science is based on postulates. Things that cannot be proven for whatever reason but are accepted as fact anyway. For most people, things that can be directly observed are postulates -- you cannot prove that what you saw is actually what happened, or even that you observed it, but you accept that it is what you observed, and that it is correct.
If you give just enough postulates, those can be expanded to a corpus of truth that can demonstrate the existance of a higher power.
Finally, there are the people who never accept into their corpus of truth anything that contradicts their world-view.
These are the people I most feel sorry for. Yes, there are many things out there that I may disagree with, but I am willing to accept as a theory into my corpus of truth. I may not accept it as a fact, but at the least, I will accept that you accept it. But as is the way with science, contradictions in your corpus of truth must be resolved, or at least marked as 'further research required' before being accepted as fact. When enough evidence is collected to resolve the things to fact, Science is content.
So to the people who assert that Aliens are near Earth, that Alien UFO's abduct people and return them after performing whatever experiments they had in mind, I look at the body of observations that counter them. Air traffic controllers around the world would likely detect such a vessel. Millitaries and governments would quite likely have seen them. Their motion would be seen by astronomers of all kinds, those paid for by governments, by corporations, and by schools, the students and private researchers, and arm-chair scientists. Anything trying to cover it up would be improbable (not impossible).
Of course, I DO beleve in UFO's. They are simply that -- unidentified flying objects. Individuals cannot identify them. Governments deny them, and often for good reason. Many people saw classified aircraft and the governments denied their existance until they unveiled them publically. These were UFO's. Many people have been exposed to (in many cases illigal) radition tests or toxicity tests or other experiments that governments have denied, only to admit to decades later. Yet other things are not easily explained by governments, but by bizzare acts of nature. Lakes turn over, and can even explode. Mists of a dense fog, carbon dioxide, can form naturally and flood towns with death.
While these things may not be easily explained, theories can be developed, and they can be enterered into the Corpus of Truth, to be later accepted or denied.
But now I have looked at my watch, and looked at the time. I don't want to accept the consequences that my Corpus of Truth says I will likely face if I spend more time on this article, so I am finished now.
For anyone interested, the nick "Frobnicator" is a derivative of "frobnicate", which I haven't heard before. I started using the nick in 2000. I take it to mean 'one who frobnicates'. Here is the dictionary.com definition:
/frob'ni-kayt/ (Possibly from frobnitz, and usually abbreviated to frob, but "frobnicate" is recognised as the official full form). To manipulate or adjust, to tweak. One frequently frobs bits or other 2-state devices. Thus: "Please frob the light switch" (that is, flip it), but also "Stop frobbing that clasp; you'll break it". One also sees the construction "to frob a frob".
Usage: frob, twiddle, and tweak sometimes connote points along a continuum. "Frob" connotes aimless manipulation; "twiddle" connotes gross manipulation, often a coarse search for a proper setting; "tweak" connotes fine-tuning. If someone is turning a knob on an oscilloscope, then if he's carefully adjusting it, he is probably tweaking it; if he is just turning it but looking at the screen, he is probably twiddling it; but if he's just doing it because turning a knob is fun, he's frobbing it. The variant "frobnosticate" has also been reported.
Between '95 and 2000 I used the nick "Ixion" based on the Greek mythological king who did some pretty nasty things, incluing try to bed a god, and was punished.
Before that I went by "Zug", which I got from my older brother, but had to stop when Warcraft II came out and used "Zugzug" as a quote from one of their characters.