Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



Republicans Block Latest Attempt At Curbing NSA Power

Frobnicator Re:How did your senator vote? (424 comments)

That's cool... is there some sort of OKCupid interface to it yet, so you can see which representatives match your interests the best, and alerts you when they vote against what you say you're interested in?

Bills are not that simple. By the time they are entered into THOMAS for tracking they have already been through many different groups. Lots of fun little additions have been made. Also by design it is extremely difficult to track down who added what and when; there is no button to track down the details of an individual line like you get with version control; it becomes "these were attached by someone" rather than "Sen. Johnson added line 47 requiring additional oversight, then Sen Smith modified line 47 to remove the oversight". Common citizens do not see the change log, they are only allowed to see specific checkpoints.

Critically, these are NOT little 10-line precise changes. Instead, this is a bill that adds some limits to NSA spying, and a bill that re-authorizes the patriot act, and a bill that gives the Attorney General the ability to rubber stamp "emergency production" of business records acquisition without a judge, and a bill that grants immunity ("liability protection") to those who hand over records without a court order, and a bill that pays people under the table for giving information to the government if they bypass the courts and just hand it over, and a bill that allows the DNI and AG to bypass the requirement to declassify information, that is, a bill to decrease transparency and remove important data from federal reports. And more.

It is 7000 words and 46 pages. Many similar bills exceed 100 pages. Some bills, especially those with critical financial items, grow into the thousand page range with all kinds of ugly growths attached.

Hooking that up with an OKCupid style is quite difficult. Did they reject it because of the NSA spying portion? Did they reject it because of the pen register changes? Did they reject it because of the declassification portion? Did they reject it because of the additional ability to bypass the courts? Did they reject it because it re-authorizes the USA PATRIOT act?

Trying to match it more in an OKCupid style, you may really like the beautiful eyes, but find the cluster of moles and cracked teeth rather ugly, the personal history of high school dropout insufficient, the three aborted teenage pregnancies and collection of STD's rather bothersome, and the extensive criminal history and drug additions are not exactly spouse material ... but those eyes, they are really quite lovely.

2 days ago

Republicans Block Latest Attempt At Curbing NSA Power

Frobnicator Re:So basically (424 comments)

It curtailed some domestic spying, but extended it in other areas, and also extended the PATRIOT Act. My guess is you would have criticized him if he voted in favor of it as well.

That's the issue with so many of these bills. Politicians start with an important bill that is very likely to pass, and then attach all kinds of unpalatable features to it.

They are not little 10-line precise changes to policy. This particular bill is 7000 words in a 46-page PDF. Often they are in bills that are tens of thousands of words, sometimes hundreds of thousands of words, and hundreds of pages in length.

It is easy to headline "${PoliticalParty} objects to bill with ${Feature}" but to not mention the fact that the bill included several hundred additional features.

You've got a headline "Thirsty person rejects glass of water", but buried deep down in the details you will read the water is yellow and brown and came from the toilet. The thirsty person will turn that drink down and wait for something a little more palatable.

2 days ago

Halting Problem Proves That Lethal Robots Cannot Correctly Decide To Kill Humans

Frobnicator Re:Silly article, waste of time (315 comments)

Well there's the crux of their whole flawed argument. They're conflating "correct decision" with "best outcome" possible. Human judgement and morals don't work on what will result in the best outcome, but what will result in the most reasonable outcome.

Very true. Also, different humans have different versions of "most reasonable outcome".

Many deaths through history are caused by quite conflicting goals. War, obviously, is different groups killing over conflicting outcomes. Mafia/cartel/gang/etc kill to get their own best outcomes even though other groups strongly reject the premise.

2 days ago

Duke: No Mercy For CS 201 Cheaters Who Don't Turn Selves In By Wednesday

Frobnicator Re:Or just practicing for an actual job (319 comments)

Would using frameworks make you a cheater? Would copying a very know pattern deem you a cheater? ... If you want to stomp out cheaters, come up with problem domains with very unique and strange processes that wouldn't be found in the wild.

The class is algorithms and data structures. The entire point is to learn the internals of common structures. The student needs to write and learn about linked lists, not learn how to use a linked list library. The student needs to write and learn about trees, not learn how to use a tree library. Learn about and implement several different sorting algorithms, not how to use a sorting library.

A student's role is different than a job in industry. A student is attempting to learn the material. They need to learn how the internals work. Many of these algorithms and data structures are used all over inside standard libraries. They are so common that every professional should know them flat-out. For a class about the algorithms and data structures they need to write their own tools. For a class about something else or in the industry they can use a library if they want.

It is the same reason we teach kids times tables and make them do long division rather than just hand them a calculator in the third grade. When the study is covering mastery of the material and understand how things are manipulated they need to do it by hand. This way the student will actually develop the ability to use the knowledge when they need it.

about two weeks ago

Black IT Pros On (Lack Of) Racial Diversity In Tech

Frobnicator Re:Yeah, right... (458 comments)

Argh, didn't proofread my edits and two links broke the gender gap paragraph. Forgot that greater than and less then signs get treated as html blocks and get eaten.

From various reports the first one in a tab I closed, the second one like this we get stats. Poor mothers, UNDER $25K, usually stay at home. About 45% work. Once the individuals in the family make between $30K to $60K each it is common for both to work, with 77% of mothers in the workforce. But once they enter the "highly paid" range of over $90K of husband's salary the mothers start to tend to stay home, and once the husbands hit $150K it drops back to 43% of the women working. A large part of the gender gap in tech jobs comes from worker choice, not employer bias.

about two weeks ago

Black IT Pros On (Lack Of) Racial Diversity In Tech

Frobnicator Re:Yeah, right... (458 comments)

Well, according to government statistics, the "Percent Black or African-American" represent about 7.1% of 2011 graduates and about 7.4% of the workforce, and both are trending upwards. Compare the roughly 7.4% of black computer programmers with 10.8% of the general population. So a smaller percent of the population get the training, but those who get the training are not discriminated against for hiring purposes. (Not talking about wages, just hiring diversity.)

From the same report with a 10-year granularity, females make up about 33.9% of the 2011 graduates and about 26.6% of the computer programming workforce. Women are also making up an increasing number of the workforce that changes based on age. The report notes "these estimates could be consistent with an age effect. That is, when women are young, they are more likely to be employed in STEM, but as they age, they move out of STEM employment." The trend lines show 35-year-old females in the group as a growing population, with the growth dropping rapidly by age groups. Compare that with the 48% females in the general national workforce. So in hiring diversity women do make up a lower number by diversity but it is largely by their own choice rather than hiring discrimination.

One of the real problems with the gender gap is that many times it is a sign of wealth or poverty -- that is, in various demographics of wealthy households and poor households women are not part of the workforce. It forms a bell-shaped curve. Poor mothers ($90K) the line starts to rapidly drop again. So splitting out the numbers, if the individuals are making $30K-$50K then often the mother is educated and also the mother works. But once the family has highly paid workers, with the husband highly paid making >$90K then the women again tend to stay home with children rapidly trending back down to about 43% working once you've crossed the roughly $150K husband's income. Since the tech field is very highly paid that puts the gender gap as a voluntary choice, not an involuntary hiring discrimination.

Based both on what I have seen and also what I have read in various reports, the problem (if there is one) is at the source end of the education pipeline. When it comes to "Black or African American" demographics the number of graduates and number of workers is at parity. When it comes to females, the numbers are that women who choose to stick with the field are readily employed and that many women leave as they age at a rate far more rapid than other fields.

about two weeks ago

Another Election, Another Slew of Voting Machine Glitches

Frobnicator Re:Vote by mail. (388 comments)

Yeah, no one could ever tamper with the mail.

So you start with a fairly reliable delivery service, add in severe federal penalties for tampering with the mail, then additional severe federal penalties for interfering with an election.

If you are worried about tampering (or if you didn't send your ballot in time, they must be postmarked the day before the election) you can deliver them yourself to any polling place or the election office on voting day. If you still don't trust that a paper ballot delivered to the polling place will be tampered with, you are more paranoid than most.

And as others have mentioned, compare the risk of a mailed ballot being lost or tampered with versus an electronic vote being lost or tampered with. I have more trust in the mail-based paper system.

about two weeks ago

Another Election, Another Slew of Voting Machine Glitches

Frobnicator Vote by mail. (388 comments)

Meh. I voted by mail a week ago. Got a paper ballot. Had lots of time to look up details on all the issues, including the judges, some obscure issues, and the people I'd never heard of.

Much better solution. No lines. No scheduling around work. Several weeks to study out everything.

I highly recommend it for everybody.

about two weeks ago

MPAA Bans Google Glass In Theaters

Frobnicator Re:I suppose this means... (357 comments)

Sure you can. Just slip the projector girl $20 and you're golden

I've known projector operators who would do it for free.

about three weeks ago

Is the Outrage Over the FBI's Seattle Times Tactics a Knee-Jerk Reaction?

Frobnicator Re:18 US Code 1343, Wire Fraud (206 comments)

Re:18 US Code 1343, Wire Fraud .... Whoever, having devised or intending to devise any scheme or artifice to defraud [...]

No fraud took place. Hoax, perhaps, but not fraud...

Keep trying...

So first you demand that people cite actual laws, and you refuse to accept things like "copyright infringement", "slander of title", or "defamation of character".

And then when someone cites chapter and verse of the law you reply with a wikipedia link saying it isn't correct.

No, for the law cited above it was fraud. The definition in that chapter is clear: "For the purposes of this chapter, the term “scheme or artifice to defraud” includes a scheme or artifice to deprive another of the intangible right of honest services." They were expecting the honest service of the specific newspaper. Instead they received a different service, an intentionally deceptive site that transmits something called a "computer contaminant" in the law. Chapter 63 (criminal fraud) doesn't have any of the now-common exceptions "except for law enforcement as part of an investigation". Officers can commit quite a lot of what would normally be crimes when they get court approval, but fraud is not on that list.

Their malware is covered under at least one of the variations in the state law, RCW 9A.52.110, 120, and 130. Since the government may argue it wasn't done with the intent to commit another crime (since they were intending to enforce laws but accidentally committed crimes in the process) then 110 may be out, but 120 and 130 both apply.

For copyright, you can pick quite a few different laws under title 17. Several of the exclusive rights in 106 were violated, as were 113. Their designs were protected so 1301. You can pick and choose quite a few more under Copyright as well, with a notable absence of court-authorized police action exemption.

For trademarks the newspapers have certainly trademarked their logos, names, and probably a few other distinctive elements.15 USC 1114 seems to have that covered quite thoroughly, including penalties against DNS hijacking. And thanks to 15 USC 122, they cannot claim immunity for that one.

Defamation is pretty strong since their use injures the newspaper's reputation. People will now pause and think "why should I go there since the government hijacks them"? While there is the statute, it is now the court's test that qualifies it. The four-prong test by the court is, first, a false element purported to be fact (in this case, they communicated that the false website was true), second that it was published (clearly the fact was published), third, actual fault on the person making the statement amounting to at least negligence (in fact, it amounts to the level of fraud, as covered above), and fourth, some harm to the subject of the statement (which can be shown as a harm to trust and harm to their stock). Again, there is no "official government action immunity" to commit fraud thanks to 42 USC 1983. Now if they had limited it to the very specific individuals under investigation this one might not apply as a legal intercept, but since they chose to throw a broad net and infected thousands, causing a huge impact to their brand the single authorized intercept exemption doesn't apply.

I'm sure there are many more, but while some laws make exception for court-authorized police action, these specific laws do not.

about three weeks ago

Rosetta Probe Reveals What a Comet Smells Like

Frobnicator Re:So, perfume? (53 comments)

Sounds like a list of ingredients for perfume. Rosetta perfume, anyone?

Sure! I mean, I may not care much for horse urine, but we use components of urine in lots of perfumes.

The combo of eggs, almonds, and vinegar sound tolerable as pickled eggs are a popular dish in many countries. And alcohol scented, no problems there. Sweet ether sounds reasonable, as well.

Time to fire up the marketing machine.

about a month ago

DHS Investigates 24 Potentially Lethal IoT Medical Devices

Frobnicator Re:At last... (79 comments)

Looks like it is out in more than just the report. More news agencies are publishing extra details.

The news agencies are pointing out the brand (Hospira) and the exact models of devices that are Internet-controllable. They mention the type of signals that need to be sent (multiple commands to infuse the drug) and they discuss the security measures already in place.

It seems the only thing they left out of news stories is the actual payload.

about a month ago

DHS Investigates 24 Potentially Lethal IoT Medical Devices

Frobnicator Re:At last... (79 comments)

This statement comes so late... The security community has been saying that for years! What happened to forward-thinking?

In the engineering community that is so standard it entered into the common usage. "Fail safe", meaning that for any failure you need to go to the safe option. A gate or switch or lock should either fail open or closed, which one is safe depends on the circumstances.

On a more prophetic note, the story two weeks ago predicting the first online murder by the end of the year seems that much closer. The reports nearly give explicit instructions.

Seems like this Billy Rios researcher identified the problem but didn't kill anyone with it. But he could have if he wanted. Someone else could read the details and figure they are anonymous enough to flip the switch just for grins and giggles.

about a month ago

Facebook and Apple Now Pay For Female Employees To Freeze Their Eggs

Frobnicator Re:"Productive" has a pretty clear definition (253 comments)

I've said it before, and I'll say it again. If women want to take all of the jobs, I'm good with that. I'm looking forward to being a 1950's house wife in 2015 -- you know, with modern kitchen appliances, big-screen tv's, music in every room, and modern cleaning tools. I'll even throw in DIY home renovations if it means that I don't need to deal with commuting, clients, bosses, and, you know, actual work. We won't even discuss spending time with children. Men, it's time to let women work hard and pay for everything. I'm ready to stay home and cook -- I love to cook.

I did the "stay at home Dad" thing for a few years. It is a pretty sweet deal in many respects. Today I do contract development work and am at home as often as I can be.

Many of the parenting tasks were mind numbing and thankless, but that's so different from software development. My wife would sometimes complain that I was putting too much effort into child activities, but I think think the results were awesome. Not only did I get to spend a bunch of time with my kids during their formative years, I got to live many things vicariously (I was a latchkey child and missed a lot), I had frequent trips and annual passes to local zoos and the local aviary, but we also spent a lot of time at learning-oriented parks, museums, libraries, and more. We did lots of tech experiments and science stuff, including playing around with microcontrollers and circuit boards and servos, dabbling in chemistry, making model rockets, and assorted other geek stuff. The kids are all intellectually skilled, great readers, and both talk about and do big things. One of my daughters (now in high school) complained about how petty most of her classmates are, more concerned about friends not immediately returning texts or teachers demanding that they actually turn in homework (gasp!) rather than bigger issues, and I openly commiserate while inwardly praise just how awesome she turned out.

Yes, stay at home if you can. It is worth it. Women who want to work all day can have it! Contract from home in your spare time, software development is a great field for that.

about a month ago

Ask Slashdot: Why Can't Google Block Spam In Gmail?

Frobnicator Re:WTF? (265 comments)

OP might just be getting a lot of legitimate list traffic that they signed up for. That isn't spam, you asked for that and need to hit 'unsubscribe'.

For me personally, I don't use gmail regularly, only to get access to Google's services. I'm careful to NOT opt in to anything with the account on the very rare occasions I need it. On the ultra-rare occasion I need to log in to the gmail account it is always filled with spam --- from Google itself. Whenever I add a Google service it automatically opts in by itself to spam me.

Just checking it now, I've got an enormous list under a tab called "promotions" with ads from Google Play. I've got a similar list under "Social" filled with weekly ads from YouTube. And I've got a weekly notice of how other people are using AdSense. Then I've got a bunch of "circle requests" from a bunch of spammy-looking people.

So gmail's spam filter works for me --- if it ends up in gmail, it is spam.

about a month ago

Where Intel Processors Fail At Math (Again)

Frobnicator Re:What this mean... (239 comments)

You might take a look at the article and at Intel's reply.

The issue is in sine, cosine, and similar trig functions, with an actual error of 4e-21. That error scales, of course.

Intel's documentation change basically says you should scale and reduce your numbers first before running the functions.

Consider what that level of error precision means. If you were measuring with a meter stick, you could be measuring the radius of electron charge radii with several precision bits left over. If you were measuring the distance between the Sun and Proxima Centari, you could do it in millimeters and have accuracy to spare.

Even though I've run HPC simulations most of my career, we've seldom needed more than around six decimal digits of precision; that's akin to variations of human hair width when working at the meter level. It's only a problem when someone throws some strange scale into the mix; we're running physics on the kg-m-s scale, and suddenly someone complains that their usage of microseconds and nanometers breaks the physics engine We answer simply, "Yes. Yes, it does." If you need to operate in both scales, you need a different library that handles it.

Finally, even the actual article admits this is mostly about documentation. "The absolute error in the range I was looking at was fairly constant at about 4e-21, which is quite small. For many purposes this will not matter. ... for the domains where that matters the misleading documentation can easily be a problem." He then points out that a bunch of existing math libraries know about it. He mentions that high precision libraries have different solutions and always have. He mentions that most scientists who need it use better, high precision libraries. And he details that is really just the rough approximations done on the FPU that already plays fast-and-loose by switching between 53-bit and 63-bit floating point values that have been documented as being only good for that kind of approximation since the 1980s. Everybody who works professionally with floating point for any amount of time already knows the entire x86 family (including AMD and Intel) dating back to the original coprocessor are all terrible if you need high precision.

about a month and a half ago

Snapchat Says Users Were Victimized By Their Use of Third-Party Apps

Frobnicator Re:I'm disappointed ... (90 comments)

I'm starting to feel abnormal because the second someone hands me a camera I don't feel in the least bit inclined to take a picture of my penis with it.

<troll>Well, with yours you'd need a macro lens or a deep zoom, so your attitude makes sense.</troll>

More seriously, it is only a tiny subset of the modern society who does that.

On the male side, I'm guessing they're the ones who assume that if they show it off others will be attracted to them, or at least admire them somehow. They're the flashers who are confused why the women they flash don't immediately open their legs to them. They hear a woman say "What's your name?" and they reply "Can we have sex?" Or a woman sends a "lets go out to the movies" text and he replies with a picture of his junk, somehow believing that is appropriate. I'm hoping that they represent the tiniest sliver of society, but their actions are so outlandish that they get online notoriety.

On the female side, I'm guessing they're the ones who are desperately craving attention or the ones who give in to pressure. Women who want to show of their bodies can easily find the males looking for it (see above) and wouldn't need to send pics that delete themselves; for these women a permanent picture is unlikely to bother them. But like the males, I think the ones who do it without coercion are a tiny sliver of society, not the norm.

about a month and a half ago

Eric Schmidt: Anxiety Over US Spying Will "Break the Internet"

Frobnicator Re:Very easy to solve (179 comments)

Worry over spying may cause people to take more interest in protecting their privacy, which may break Google's business model.

Boo hoo.

The problem isn't really with Google's business model.

It also is not limited to the US government.

Think back to various releases. News stories of the US government intercepting Cisco equipment shipments, installing back doors, and sealing them back in their original boxes with new factory seals. There are many news stories of logs with people communicating over supposedly secure connections and exchanging honeypot URLs, only to have the honeypot link hit several hours later by government-owned IP blocks or sometimes Microsoft or Apple IP blocks when using their 'secure' products.

As a result of those we set up honeypot links of our own, and I've seen reports that a percent of our site-to-site messages with honeypot links really are being visited by IP blocks from several nations. This is not just the US government, multiple governments and probably multiple big businesses have their spying tendrils inside businesses. We're looking for and slowly tightening down on potential leaks, either that or the assorted groups are slowly hitting our honeypots less and less. I used to think some of our security policies were draconian, but seeing how many probably-government groups are watching internal messages, I've become quite paranoid myself.

If someone cannot trust that their encrypted, supposedly secure communications are safe, they will stop using the products. When a government IP address hits a honeypot link shared over Apple's iMessage, does that mean Apple is a willing participant forwarding the messages while telling the public it is secured, or does that mean Apple is a victim too? Either way, iMessage is now one of many banned products in our workplace, sending any type of secure business information over it (or over Lync or Google's services or any but a short list of secure communications programs) has become a fire-able offense.

When the news broke on the Cisco equipment being intercepted this spring, their stock price plummeted and orders slowed. I know in my organization there were several major purchasing announcements, and they only buy HP equipment now (although I'm sure those are intercepted just as readily). Cisco went directly to the POTUS both publicly and privately to tell them to stop harming the company. I would not be surprised if their lawyers are nearly ready to file lawsuits for tortuous interference.

This is about far more than Google's business model. People cannot communicate within their own company infrastructure about business needs without some sort of government espionage or corporate spying. It is completely out of control.

about a month and a half ago

GlaxoSmithKline Released 45 Liters of Live Polio Virus

Frobnicator Re:Correct me if I'm wrong (209 comments)

It is very nearly eradicated globally. Good thing too.

The paralysis aspect is horrible. Those who got the disease didn't know if they would be hit by the paralysis. Those who were hit with the paralysis didn't know if it would become permanent.

Some people who had the paralysis hit lungs or heart and didn't make it to the hospital quickly enough were occasionally considered lucky. Some very unfortunate people were condemned to spend the rest of their lives on a ventilator. I knew several people (most are dead today) who had deformed faces, arms, and legs from the virus resulting in permanent paralysis. I knew several older folks with a gravely whispered voice as a result of the paralysis. I heard horror stories about people fighting in lines as the vaccine became available in the 1960s.

Last year the WHO declared a surge in polio as a world health emergency, it had jumped from below 200 globally known cases to over 400.

They track the progress and update it weekly. the web site says there are 209 year to date with a new outbreak in Syria.

It is a horrible, destructive disease. The Gates Foundation has made enormous donations, $1.8B last year. This year the Larry Ellison foundation threw in another $100M. The disease is so incredibly close to global eradication, it just needs that one final little nudge to the finish line.

about a month and a half ago

GlaxoSmithKline Released 45 Liters of Live Polio Virus

Frobnicator Re:Imagine the punishment it it killed millions (209 comments)

And those unfortunate enough not to be able to be vaccinated.

Not that much of an issue really in western europe or even europe.

So many responses are like "meh, polio, who cares."

The devastating effects of this virus are obviously forgotten by this generation. It results in paralysis that is fatal when it hits things like lungs and hearts, and results in sometimes temporary, sometimes life-long paralysis in many victims. I knew people who permanently lost their ability to talk, others with one paralyzed leg, others who lost an arm, others with distorted facial muscles and other ugly effects. In the early 1960s when it was released people lined up for the vaccine, they would lie, cheat, and steal to get the vaccine when supplies were still limited.

In you're case, you're basically discounting anyone under age 6? Polio is a 4-dose vaccination where the last dose usually isn't until age 4-6. Google says that is a half million people in Belgium. That's "not much of an issue"?

Anyone who has had a reaction to one of the components and cannot have the series, they also are irrelevant? It's probably a million or so of the population. Again, you're okay with them getting a permanently disabling disease?

The vaccines are not 100% effective, many people who were vaccinated according to schedule are still able to become sick. No idea what the percentage is, but anything other than 0 is too much. Are they really not that important?

What would you think if it was YOU or a loved one in the hospital bed, hooked up to a ventilator because your lungs were paralyzed, hoping that the paralysis is temporary in your case.

Now, if we could limit the infections just to anti-vaxers (not the innocent children of anti-vaxers) that would be something else entirely. Anti-vax for chicken pox or milder diseases are not that bad, but anti-vax for polio and other seriously ravaging diseases is just stupid.

Polio is so close to global eradication. I applaud those like the Gates Foundation that are funding killing off the last few known wild cases.

about a month and a half ago


Frobnicator hasn't submitted any stories.



From an article about the degradation of the Internet

Frobnicator Frobnicator writes  |  more than 11 years ago

You sell a simpler box where security is the primary factor. A lot of grandmas and older people might go for something that only does AOL, mail, web browsing and maybe printing and digital photos.

That might solve part of the problem (consumer side) but not the issue that the article was about. It does not solve the real issue.

Making a grandma-friendly, secure, e-mail and download-only box would not do what the article suggests is happening. It might keep grandma from getting infected with the latest worm, but she will still get progressively less useful bandwidth from her modem. Grandma might have a 256Kbps DSL modem. She might even be fairly lucky and after dropping the malformed packets and garbage already out there, get a 200Kbps rate right now. But next year it might be 150Kbps, then 100Kbps as a few million script-kiddies are scanning for the next generation of BackOrafice trojans. Then she'll go buy a faster connection, because her Internet connection is slower than she wants. Her new connection will give her more visible speed, but would still be dropping a majority of the packets.

I've seen the issue first hand. I'm with a small business, where we have a shared T1 line. Our upstream provider performs some packet filtering, but not much. After we pay for the data through our T1, we filter it. We drop malformed packets, packets from reserved and unassigned addresses, source-routed packets, and so on. We detect and block portscans and other obvious attacks at that point as well. We average a 7-10% packet loss through that filter daily. Next, we run SpamAssassin at a high filter level (15) along with attachment and virus blocking of emails, which collectively drop thousands of e-mail messages daily. Additionally our computers are running ad-filtering programs that save us a lot of bandwidth, but ads still slip through.

If we were to assume that all the ads also got through, that is about 20-25% of our bandwidth wasted in complete junk, and that percentage has been increasing for the past two years that I have been watching it. Next we have a bunch of legitimate, but unwanted, traffic. That includes file sharing and trojan ports, incoming http, mail, telnet, DNS, ftp, rpc, and other assorted ports. We get a few hundred of these each day, and the number is always growing. Some might be people in the company trying to use NetMeeting or something, even though it is against policy. Some may be legitimate errors, while the remaining others are probably probing for systems to attack.

The article says that the problem is this growing collection of junk -- currently about a quarter of our bandwidth -- which will quickly kill the Internet unless there is a change.

Unfortunately, I agree with the author of the article; unless we see some fundamental changes, it will become unusable. There are a number of good ideas already out there as to what that may be.

One idea that I like is to remove the anonymity of end-to-end, while preserving the end-to-end functionality. Every handler of every packet signs the packet, and drops packets from sources they do not trust or with invalid signatures. The sender cannot deny sending the message, each handler signs the packets and cannot deny that they handled it, each handler can state that they directly know who they received it from, and that all end-points can verify the sources. That allows any message not properly signed and not properly addressed to be dropped, and allow for law enforcement or system admins to find out who the attackers are, or exactly which machines have been compromised.

The only significant drawbacks to that system are the resources involved in all the digital signatures and the loss of anonymity. I can only see a few reasons for anonymous speech (whistle-blowers, victims of crime, etc.) but there are other anonymous outlets for them. Online, I think non-repudiation should be built in, so long as you have encryption tools available. Your boss/government/police/mafia could know that you said something, but not know what it was.

Until that level of fundamental infrastructure change spreads across the Internet, making a grandma-friendly Internet console isn't enough. The DDoS attacks on everything from spam blacklists, litigous companies like RIAA and SCO, honest mistakes like U. Wisconson's time servers, and script-kiddie behavior will continue to degrade the Internet. The spammers clogging up mailboxes and usenet will degrade the Internet. Tomorrows worms, along with todays worms on unpached systems, will continue to degrade the Internet. More people with cable-modems downloading movies will degrade Internet performance. In short, continuing our course will be just a little worse until we hit a very-near critical threshold. Then our performance will be like a figher jet slamming into a wall of jello. We need to change course, or face some serious performance losses.



Musings about a Corpus of Truth

Frobnicator Frobnicator writes  |  more than 11 years ago This is just some ramblings based on views.

I've had a problem with the corpus of facts that people are willing to allow in their arguments lately. These in turn lead to stupid arguments, that lead to my compliants. So here are the complaints.

The first is:

Mankind has been wrong about science for all of recorded history, why are some people assuming that the newest theory is the absolute, final, last word?

Science is a progressive refinement of ideas. There was a time when the public believed that that maggots came from rotting meat and that frogs came from mud around lakes and streams or that they came from rain. Given the corpus of facts that they could work with, those were perfect, scientific beliefs.

The corpus of truth, or the accepted facts at that time [through Europe, at least] included only what could be viewed by the naked eye, and what was accepted by the Church. Since the Church probably didn't have much to say about maggots and rotting meat, it was a simple observation that (1) you had rotting meat, (2) maggots appeard, therefore maggots came from rotting meat. Similarly, (1) While at a pond there were no frogs, (2) It started raining, (3) the area got muddy, (4) frogs appeared. Sure, modern science has pretty much cleared up the origin of maggots and frogs, but it doesn't stop there.

Newtonian physics was around for quite some time, and they have been succeeded by similar equations based on Relativity. These are being further refined today. But these refined models will probably be succeeded in a few decades by yet another model that more accurately describes the Universe, and our current views will be considered 'Wrong'. But that won't mean that Newtonian models will suddenly stop working, or that the Einstienien models will stop working, just that there are more accurate models that can be used.

The point is that our current scientific views should never be taken as the absolute fact of the thing, but just as another iteration that is better than what was there before. Each of these 'facts' is added to our corpus of truth, which helps us better understand the things around us.

This leads to my second complaint,

Some people claim "Religion cannot be demonstrated by Science". That is a stupid argument.

This comes back to the corpus of truth. What are you willing to give me in my corpus? If you give me only the things I can observe with my naked eye and bare hands, I'll prove that maggots come from rotting meat and frogs come from either rain or mud. But with only my bare hands and my naked eyes, I cannot prove cellular theory, or astronomy, or even how reproduction works. If you give me only what can be observed with the naked eye and manipulated with bare hands, it becomes difficult to prove religion.

If you take one simple thing from a mathematician's corpus of truth, let's say the definition of equality or the definitions of addition and subtraction, they will lose all ability to operate. Sure, it is possible to prove addition and subtraction with advanced math, but that math cannot be proven without addition and subtraction. Similarly, if I require proof that a number is always equal to itself, but I refuse to allow any definition of equality, I can destroy all of mathematics.

The point here is that all science is based on postulates. Things that cannot be proven for whatever reason but are accepted as fact anyway. For most people, things that can be directly observed are postulates -- you cannot prove that what you saw is actually what happened, or even that you observed it, but you accept that it is what you observed, and that it is correct.

If you give just enough postulates, those can be expanded to a corpus of truth that can demonstrate the existance of a higher power.

Finally, there are the people who never accept into their corpus of truth anything that contradicts their world-view.

These are the people I most feel sorry for. Yes, there are many things out there that I may disagree with, but I am willing to accept as a theory into my corpus of truth. I may not accept it as a fact, but at the least, I will accept that you accept it. But as is the way with science, contradictions in your corpus of truth must be resolved, or at least marked as 'further research required' before being accepted as fact. When enough evidence is collected to resolve the things to fact, Science is content.

So to the people who assert that Aliens are near Earth, that Alien UFO's abduct people and return them after performing whatever experiments they had in mind, I look at the body of observations that counter them. Air traffic controllers around the world would likely detect such a vessel. Millitaries and governments would quite likely have seen them. Their motion would be seen by astronomers of all kinds, those paid for by governments, by corporations, and by schools, the students and private researchers, and arm-chair scientists. Anything trying to cover it up would be improbable (not impossible).

Of course, I DO beleve in UFO's. They are simply that -- unidentified flying objects. Individuals cannot identify them. Governments deny them, and often for good reason. Many people saw classified aircraft and the governments denied their existance until they unveiled them publically. These were UFO's. Many people have been exposed to (in many cases illigal) radition tests or toxicity tests or other experiments that governments have denied, only to admit to decades later. Yet other things are not easily explained by governments, but by bizzare acts of nature. Lakes turn over, and can even explode. Mists of a dense fog, carbon dioxide, can form naturally and flood towns with death.

While these things may not be easily explained, theories can be developed, and they can be enterered into the Corpus of Truth, to be later accepted or denied.

But now I have looked at my watch, and looked at the time. I don't want to accept the consequences that my Corpus of Truth says I will likely face if I spend more time on this article, so I am finished now.



Frobnicator Frobnicator writes  |  more than 12 years ago This is here so I have a journal entry.

For anyone interested, the nick "Frobnicator" is a derivative of "frobnicate", which I haven't heard before. I started using the nick in 2000. I take it to mean 'one who frobnicates'. Here is the definition:


/frob'ni-kayt/ (Possibly from frobnitz, and usually abbreviated to frob, but "frobnicate" is recognised as the official full form). To manipulate or adjust, to tweak. One frequently frobs bits or other 2-state devices. Thus: "Please frob the light switch" (that is, flip it), but also "Stop frobbing that clasp; you'll break it". One also sees the construction "to frob a frob".

Usage: frob, twiddle, and tweak sometimes connote points along a continuum. "Frob" connotes aimless manipulation; "twiddle" connotes gross manipulation, often a coarse search for a proper setting; "tweak" connotes fine-tuning. If someone is turning a knob on an oscilloscope, then if he's carefully adjusting it, he is probably tweaking it; if he is just turning it but looking at the screen, he is probably twiddling it; but if he's just doing it because turning a knob is fun, he's frobbing it. The variant "frobnosticate" has also been reported.

Between '95 and 2000 I used the nick "Ixion" based on the Greek mythological king who did some pretty nasty things, incluing try to bed a god, and was punished.

Before that I went by "Zug", which I got from my older brother, but had to stop when Warcraft II came out and used "Zugzug" as a quote from one of their characters.

Slashdot Login

Need an Account?

Forgot your password?