Firewalls Make DDoS Attacks Worse
A successful DDOS attack makes actual, valid, requests to the victim host. If it is a web browser, then it makes actual HTTP requests, possibly to the home page, possibly taking a random URL off that home page, in the same domain, and crawling the web site. Simply replying with an Ack isn't going to do squat. There are services out there that can scrub the requests for you. I'm not going to mention the name of the company, but you can research it if you want. Basically, once you sign up traffic normally goes to your site. However, if you are attacked they can use BGP to make your traffic go through their systems, and they scrub the traffic using proprietary methods, and only send clean non-DDOS traffic to your site. There are other things you can do also, if you have the right gear. You can inject a HTTP cookie if you get more than x requests from a particular IP address within y seconds, and then any future requests may get dropped (if you have a complying web browser or HTTP stack on the other end). Or, you can just keep a list of IP's that appear to be infected and drop the traffic if it is from those IP addresses. That's what is behind Cisco's and TippingPoint's, and just about any other decent IPS vendor's "reputation services" or whatever they brand it as. There is a lot you can attempt to do about DDOS, but "simply replying with an Ack" isn't a good one.
Bufferbloat — the Submarine That's Sinking the Net
I'd say it is more of a problem of incorrectly configured QoS, or hardware with insufficient QoS capabilities, rather than large buffers. Obviously they are not using WRED or other methods, or the thresholds per queue are set too high to activate WRED or other packet drop mechanisms. This results in the buffers always being near 100% full, during periods of congestion. There are a slew of QoS capabilities on different hardware from different manufacturers, and even from the same manufacturer. Cisco, for example, has different QoS capabilities on almost every different piece of hardware they sell. So, you have to be fairly diligent that you are configuring QoS correctly on each individual piece of equipment, many of which will have very different capabilities, to be able to ensure an overall QoS strategy for the whole network.
However, this proper functioning of QoS is, as anyone who really knows QoS, dependent on the proper configuration on every node in the network. If you are talking VoIP, for instance, just one improperly configured node, or even a single link on a node, can break QoS on the entire network (or at least flows going through that node/link). Since most cheap home equipment does not have configurable QoS settings, or at least not to the extend that Internet infrastructure devices do, they may well be part of the problem.
However, as far as the Internet infrastructure devices, if Comcast, or any other ISP, is suffering from "buffer-bloat" on their equipment I'd blame them for not configuring QoS appropriately.
'Anonymous' WikiLeaks Proponents Not So Anonymous
You don't really know what you are talking about, do you?
Tail bits? That's going to get you around egress filtering? Also, as pointed out by others, ISP's do ingress filtering, not egress. Egress filtering is what companies that have their own firewalls and/or routers are encouraged to do, but the ISP should be doing ingress filtering also.
Making Airport Scanners Less Objectionable
Absolutely correct. One of my brothers reached his lifetime limit, and can no longer work in nuclear power plants. It doesn't matter that he could request to avoid "hot" jobs, he just plain simply can't work in an areas where radiation is known to be present.
Microsoft Open Sources F#
Oh come on. Not speaking for anyone else or any particular comment, I'd guess 90% of the snotty responses are in jest. One thing we do know, is that snotty responses get the attention of MS, and upset them. So, even if MS does something worthy of praise, the amount of praise would likely never exceed 10-30% of total comments, just because we like poking MS.
There is also the "once bitten twice shy" syndrome. MS has such a horrible past that even when they do something worth of praise it is very difficult to trust that there is not some hidden scheme with ulterior motives. So please understand forgive if us /. snots continue to have fun at the expense of MS.
Countering a DMCA Takedown In the Magnet Wars
With the usual caveat of IANAL, I don't believe the voicemail is the property of Buckyballs. They left the voice mail, but they left it on someone else's voice mail system. The recording is owned by the receiver of the message, not the sender. Now if the message were recorded on a tape, CD, or some other device, and the device was sent to the recipient, I suppose an argument could be made that the original recording is copyright Buckyballs, but not a traditional voice mail. There is probably relevant case law on the matter, but again IANAL.
As far as the images, that all depends on where they were obtained from. Many, if not most, social networking sites, which I'm assuming these were grabbed from, explicitly state in their terms that you give up copyright on anything that you post. So even the images may, in fact, be non-infringing.
So, there are really two issues here. One issue is the original complain in the voice mail, which I don't believe BuckyBalls has a leg to stand on in court. The second issue is the use of copyrighted material (the voice mail and the images of the BuckBalls guy acting like an idiot), which BuckyBalls may or may not have a valid claim on.
Don't confuse the comparison of the products with the DCMA take down notice.
Ballmer, Bezos Fund Effort To Undermine Bill Gates
Yes, he's entitled to the money he makes. Others are not. Speaking of a warped sense of entitlement!
Hubble In Anaglyph Stereo 3D
If you are funded by the US government, then I would say no, don't waste any more of your time our our money on this. If you are privately funded, then sure, go ahead.
Wi-Fi WPA2 Vulnerability Found
Sigh. Understand the protocol before commenting, or at least RTFA. There IS an individual key per user. But, there is also a shared key used for broadcast traffic. The problem is that the shared key is not authenticated, so a user who knows the shared key (i.e., anyone with access to the wireless network), can use the shared key to spoof the AP and send messages to other users, and force them to give up or change their unique per-user keys. A "fix" would be getting rid of the shared key for broadcast, but that would require the AP to send a separate "broadcast" packet to each user individually, using their unique per-user key, instead of just one packet.
Wi-Fi WPA2 Vulnerability Found
There is an out-of-band key exchange. It is called a trusted certificate. You know, just like how HTTPS works. This is for WPA2 Enterprise, of which there are many different EAP methods possible, but for which most do include an out of band key exchange (i.e., certificates, or EAP-FAST PAK). In any case, there's also the old DH key exchange, which worked fine for IPsec for years.
OLPC's XO-3 Prototype Tablet Coming In 2010
You obviously missed the article way back about the sapphire monitors...
Methane-Trapping Ice May Have Triggered Gulf Spill
The amazing thing is, if we allowed ocean drilling much closer to shore we wouldn't have these problems. One, the depth would not be so great that the pressure created these methane and ice / sludge pockets. Two, a leak, if one were to occur, would be much easier to contain. You could actually send someone down to fix the problem if it were close enough to the shore. You are not sending someone down under 5000 feet of water... So, ironically, it is the wacko environmentalists that are to blame for this situation. Their answer? Either don't drill at all, or if you do, drill even further out, where the problems are even greater. Yea, that makes a lot of sense...
iPad UK Pricing Confirmed; Apple UK Tax Applied
I think you are confusing the effort by some states to require companies to collect the use tax, and the requirement to pay the use tax in the first place. As far as I know, it is pretty clear that individual citizens are required to pay use taxes for items they purchase out of state. It has generally been up to the individual citizen to report and pay the use tax. States have recently attempted to get companies to collect and pay the use tax for citizens, because there is so much fraud when it comes to the use tax (people just don't voluntarily pay it, when is the last time you did, or know anyone who did?).
I may be mistaken. My understanding is that a use tax would be unconstitutional. States are not supposed to have import/export taxes for trade with other states. That is what the inter-state commerce clause is all about, not the twisted definition that the SCOTUS dreamed up many years ago. Rather, it is to make trade "regular" (occurring normally and without impediment of additional taxes or levies imposed by states).
Sony Update Bricks Playstations
I refuse to continue reading any article that uses the term Interweb
US Intelligence Planned To Destroy WikiLeaks
Yes, but you convienantly left out that the testimony that I linked to was in May, 2006, well after 1971 and 1979. The guy testifying is the:
Henry Salvatori Professor of Law & Community Service
Chapman University School of Law
Director, The Claremont Institute
Center for Constitutional Jurisprudence
Yale Law Student Wants Government To Have Everybody's DNA
You have it wrong. It's not being shoved to the right, it is being shoved more towards total government, rather than anarchy. This type of information can be used for ill by either the left or the right. The radical left may, in fact, want more data than the right. I could see them wanting a full genome in an effort to take care of the people by discovering who has what predisposition to what ailments, and beginning proactive treatment. As far as the right, I see the extremist on that end wanting pretty much was asked for here, a way to positively identify each citizen to be able to link them to crimes and such. Of course they could also use it to frame someone pretty easily (it's easy to get people's DNA, just take one garbage bag and you'd have enough to plant in any crime scene).
So the window is being shoved, but it's not being shoved left or right, it's being shoved towards a more totalitarian government.
US Intelligence Planned To Destroy WikiLeaks
Testimony before the U.S. House of Representatives Permanent Select Committee on Intelligence, contending that Section 798 of the Espionage Act, prohibiting the publication of classified information regarding U.S. communications capabilities, can constitutionally be applied to the media, for several reasons: 1) A majority of the Justices in the Pentagon Papers case recognized that prior restraints on publication of highly sensitive, classified information regarding ongoing military and communications operations would be permissible; 2) The prospect of post-publication liability for violating the Espionage Act was also recognized by a majority of the Justices; and 3) The Freedom of Press Clause of the First Amendment is equally applicable to citizens and the institutional media.
US Intelligence Planned To Destroy WikiLeaks
Proxies are supposed to embed the actual IP address of the end-client in the HTTP headers, so that load balancing can work properly. While there may be some that don't, most transparent proxies do. You do know that there are ISPs that have transparent proxies to cache the data and reduce their Internet exchange bandwidth, right? That's what happened in that story where people were getting into each others Facebook accounts on their cell phones - the cell phone company proxy was screwed up.
Ars Technica Inveighs Against Ad Blocking
I agree. A lot of people throw around the word right too, well, liberally. There are very few rights in this world. The right to view content without ads is non-existent. If there were such a right, and the people creating content didn't want to, or couldn't afford to, what would you do? Would you force them to create content? Would you enslave them, making them toil away at creating content for no pay? Of course not.
The content providers certainly have a right to say what they want, and to try and find an alternate business model that works for them. The content viewers, or consumers, have the right to choose what content they consume, or whether to consume any at all.
If the model that the providers use is not acceptable to the consumers, then the providers will just have to find something else to do, and the consumers will have to find a different provider. That's called the free market, which doesn't have anything to do with whether the content is free or not.
Independent Programmers' No-Win Scenario
Actually, it is my understanding that the law removes special exemptions that certain people had that allowed them to basically work for one company full-time, for very long periods, but still claim they were a contractor. You can't have it both ways. Either you are a contractor and do a bunch of short term jobs for a bunch of different companies, or you are a permanent employee of one company. See the other Slashdot article. It's just a scam.
fwr hasn't submitted any stories.
fwr has no journal entries.