Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re: Good grief... (Score 1) 676

by gustgr (#49109789) Attached to: Bill Nye Disses "Regular" Software Writers' Science Knowledge

Learning facts don't make anyone knowledgeable of science. I think what really means is that your regular software writer (and CS bachelor, IMHO) has no contact whatsoever with the scientific method and with how science actually works. That is, they are unaware of how to develop an hypothesis, test it against experiment, place the phenomenon under a broader context, etc.

A really simple test to see if someone has at least a minimum understand of how science works is asking them about what a theory is. I've seem plenty of college educated people think that, say, Theory of Relativity and Theory of Evolution are mere guesses that haven't still been properly verified and one have not only the right, but the moral obligation to chose whether to believe them or not based on their on personal logic. Actually, most people say things like "this and that haven't actually been proved by science", thinking that there are actually "proofs" of anything in science.

I disagree with how they picture Nye's position as a prominent science educator, but his opinion is right on the dime.

Comment: Re:Maybe it's because the music industry has adapt (Score 1) 196

by Xelios (#48960163) Attached to: Music Doesn't Feature In the Pirate Bay's Top 100 Biggest Torrents
I stopped downloading music and picked up a sub to Spotify instead simply because it's more convenient. I share the same music library on my home PC, work PC and smartphone without having to fiddle with anything. When I'm in the car I plug the smartphone into the deck and listen to the playlists that I've downloaded. Even my AV receiver at home can stream from Spotify. It all just works and I'm always stumbling across new music that I end up liking a lot.

I've even set up a few collaborative playlists with friends. When one of us finds something new we add it to the list, then the others can have a listen and add it to their own private playlists if they like it.

Only two things bother me: not everything is available and some things that were available will simply disappear one day. Same old licensing BS that just doesn't work in a digitally connected world.

One thing is clear though. Previously the music industry made no money at all off me, now they do. Not because of some anti-piracy campaign but because someone was finally able to provide an acceptably priced product that's more convenient than pirating. Funny how that works.

Comment: Re:Secret Ballot? (Score 3, Insightful) 480

by Xelios (#48795083) Attached to: How Bitcoin Could Be Key To Online Voting
That's possible yes. I guess you could already snap a photo of your completed election ballot to show to those thugs, but you're right that it'd be easier for them to verify votes if they can coerce you into giving up your ID.

If you ask me having those kinds of thugs around in the first place is a pretty good sign of a broken system, but it's a fair point anyway.

Comment: Re:Secret Ballot? (Score 4, Interesting) 480

by Xelios (#48794545) Attached to: How Bitcoin Could Be Key To Online Voting
Voter shows ID to election worker. Worker checks a box. Voter reaches into a giant lottery box full of generated IDs and uses that ID to vote. Later the voter can inspect the blockchain, find his ID and verify that his vote went to the right candidates.

I'm not saying it's a better system but I think there are ways to keep voter anonymity while also allowing the public to audit the result.

Comment: #JeSuisCharlie? (Score 5, Insightful) 1350

by Xelios (#48754849) Attached to: Gunmen Kill 12, Wound 7 At French Magazine HQ
Maybe instead of representing solidarity with a silly hashtag it'd better for us all to exercise free speech by posting a picture of Muhammad. Not an overly offensive picture either, a simple stick man would do.

This craziness isn't going to stop until the media and us people in general start standing up for the things that we're always claiming to hold dear.

Comment: Wrong threat maybe? (Score 1) 580

by Xelios (#48625767) Attached to: Reaction To the Sony Hack Is 'Beyond the Realm of Stupid'
Maybe this has more to do with the threat of releasing more information "if their demands aren't met" than it does the threat of physical attacks? Maybe there really was some backroom discussion between Sony and the big theater chains to scrap the release because of this?

Or maybe not. It's probably just stupidity.

Comment: Different kind of risk (Score 1) 151

by Xelios (#48458647) Attached to: Kim Dotcom Regrets Not Taking Copyright Law and MPAA "More Seriously"
Maybe there wasn't a legal risk that would have held up in court. What all that legal council evidently failed to mention is the very real threat of crippling litigation that, while ultimately unsuccessful, could still wipe you out in the process.

I guess that's one thing separating the 'good' legal council from the 'best'. The former will stop at examining the laws, the latter will also examine all the ways the laws could be abused to achieve the same result.

Comment: Re:just ask carriers. (Score 1) 248

by kasperd (#47701493) Attached to: The IPv4 Internet Hiccups

because we couldn't possibly have good service from an ISP.

Don't most ISPs sell good service at a premium? I think that was the entire point with having poor service in the first place. The only other reason I could imagine would be to drive customers to the competitors, and that doesn't seem to make sense from a business point of view.

I have no imagination, so I have no idea what we might get in the future if we actually had the infrastructure to support it.

I can come up with a couple of additional usages for some /64s. One /64 could be used to harden your recursive DNS resolver against poisoning. The 16 bit transaction ID in DNS is way too small. The entropy you can get from randomizing port numbers help a lot. But you will still only get a total of 32 bits of entropy that way. Some have gone to great lengths to squeeze extra entropy into a DNS request, for example by mixing lower case and upper case in the domain. But that doesn't give a lot of bits. If you allocate a /64 to the recursive DNS resolver, you can put 64 bits of entropy into the client IP, which instantly gives you more than a doubling of entropy almost for free.

A modern OS is a multi user system, imagine if each user could get their own IP address. You could allow users to use privileged port numbers on their own IP address, and all port numbers on their IP address would be protected from usage by other users. You could do this by responding to neighbor discovery for as many IPs in your link prefix as you have users on the node. But a more secure and more efficient approach would be to route a prefix to each node.

Comment: Re:IPv6 won't fix this problem (Score 1) 248

by kasperd (#47701435) Attached to: The IPv4 Internet Hiccups

a prefix that just got compressed might get split quickly, and vice versa

There is no need to combine the routes, if there is still free entries in the CAM. Once the CAM is full and another entry need to be inserted, the pair which has been a candidate for combining for the longest time can then be updated. That algorithm would keep the number of updates down.

However as the number of routes approach the limit of what can be handled, even with combination of routes, the frequency of updates needing to combine and split entries will go up. It may be they are already doing this, some sources say the problem did cause reduced performance, which would be consistent with such behavior.

Comment: Re:just ask carriers. (Score 1) 248

by kasperd (#47699217) Attached to: The IPv4 Internet Hiccups

all Comcast needed to do was write "56" in their config files rather than "60"...

One has got to wonder if that's how it happened. Did some admin arbitrarily decide to write 60 in a configuration file, where he could/should have written 56, and then that was how it was going to be? Or did a lot of bean counters get together and decide on a policy (possibly not even based on real data), and then admins had to implement it like that without asking questions.

But that's not what we should be targeting. We should be targeting "enough for pretty much everybody", and "for the foreseeable future" -- including for any new, fun things that become possible because of easily-available address space.

Even in many areas where there is tough competition among ISPs, it is hard to find even one trying to capture those customers, who want IPv6. That's how bad it looks today. And that's why I would happily take a /60. Hopefully once IPv6 is the norm (which it likely will be before the end of the decade), the ISPs will start competing on prefix lengths as well.

I can't yet imagine what I would use more than a /60 for. But if I get a /60, I might soon come up with ideas on how to use a /56. All it takes to get that competition among ISPs started is two people independently of each other coming up with something really cool you can do to put your entire /60 to use.

Comment: Re:IPv6 would make the problem worse (Score 1) 248

by kasperd (#47697957) Attached to: The IPv4 Internet Hiccups

Next, IPv6 addresses are of course 4 times larger than IPv4 addresses. Even if your IPv6 routing table has 5 times fewer entries, you're not getting a 5 times saving in memory. You're only getting a 5/4 times saving or tables that are 80% of the IPv4 - nowhere near as dramatic.

In IPv4 all 32 bits are used for routing, though on the backbone you tend to only accept /24s. In IPv6 the first 64 bits are used for routing, though on the backbone you tend to only accept /48s.

Either way, you only need twice as many bits in the CAM to handle an IPv6 route compared to IPv4. So what you call a 20% saving is more like a 60% saving. The picture is a bit more complicated, because two CAM entries at half the size is not the same as one of the full size. So you may have to decide at design time, how you are going to use that CAM.

Routing tables growing with the size of the network, in terms of # of entries - even if not at all fragmented.

I'd love to take part in solving that problem. Any realistic solution is going to start with a migration to IPv6. And I don't see how we could expect the solution to be deployed any faster, so if we start now, we could probably have it in production by 2040.

it is possible that IPv6 is actually too small to be able to solve routing scalability.

That algorithm has a major drawback. The address of a node depends on which links are up and which are not. You'd have to renumber your networks and update DNS, every time a link changing somewhere cause your address to change. If we assume that issue can be fixed, it doesn't really imply that addresses would have to be larger.

The algorithm in the paper assigns two identifications to each node. The first one could very well be the IPv6 address assigned to the node. The second address is computed based on the first address and structure of the network. However their routing looks awfully similar to source routing. So really the solution might just be to make source routing work.

I can think of a couple of other reasons to consider IPv6 addresses to be too short. That paper isn't one.

Teredo and 6to4 are two "automatic" tunnel protocols. Both embed IPv4 addresses inside IPv6 addresses. Due to the use of NAT, Teredo needs to embed two IPv4 addresses and a port number inside the IPv6 address. That doesn't leave room for a site-level-aggregator or host part. If you wanted one unified protocol which could replace both Teredo and 6to4, you'd need at least 192 bits in the IPv6 address.

After IPv6 showed up, people realized that it is sometimes convenient to embed cryptographic information inside the IP address. That was unthinkable with IPv4. With IPv6 it is doable, but you have to chose cryptographic primitives that are not exactly state of the art, due to 128 bits being a bit short for cryptographic values, and not all of them even being available for that purpose.

"Kill the Wabbit, Kill the Wabbit, Kill the Wabbit!" -- Looney Tunes, "What's Opera Doc?" (1957, Chuck Jones)