Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:FINALLY (Score 2) 43

Depends on the technology. The failure mode for a lot of aircraft is that they simply glide to the ground. Even helicopters / autogyros do something similar - there's still a lot of momentum in the rotors and you sycamore down to the ground. It's not like the antigravity suddenly fails and you're back to having weight again.

When I was learning to fly, engine failure was one of the things that I had to practice a lot. Engine failure immediately after takeoff is potentially dangerous, because you don't have an engine and you don't have enough speed or altitude to go very far. You typically have to land in a field (or, if you don't want to damage your aircraft in a training exercise, you throttle the engine back and feather the prop, then line up your emergency landing and turn the engine back to maximum late in the approach so that you stay in the air).

Comment Re:No, they didn't. (Score 1) 930

Well, you've got the USA and Russia which have thousands of warheads -- they can fuck everyone, even have enough to play silly bugger games like preemptive attack.

Then you've got France and Britain which have enough to take out either the US or Russia, but not enough for any actual "war fighting".

Then you've got China, that could probably take out Russia, and maybe the US, but is more vulnerable to a first strike.

And Israel, India or Pakistan, could probably fuck up their neighbours.

And North Korea could probably blow themselves up.

(P.S. I don't think any of the "war fighting" plans would actually work -- If anyone attacks at least one of the 5 declared nuclear states then MAD is the way it will go).

Comment Re:No, they didn't. (Score 1) 930

Britain doesn't have any ICBMs.

It has about 16 SLBMs available at any one time -- Trident. Somewhere between 6 and 8 MIRVs per missile, so I'm conservatively counting 96 targets (some places get more than one bomb). There are 96 cities in Russia with more than 190 thousand population. The smallest target would be Armavir, population 188,832.

Comment IPv6 deployment (Score 1) 189

And I'm telling you :
- you DO NOT need to be on an unaddressable private address (192.x.y.z or fxxx:::) to not receive any traffic.

No shit. Then again, how many "average joe 6-pack" users get assigned anything bigger than a /32 (i.e. a single address) for IPv4, or anything at all for IPv6?

Here around on our side of the pond ?
Let me count :

- Most of the ISP here around in Europe that I know of (Switzerland, France, Germany) are providing IPv6.
Usually they are 6RD (rapid deployment), i.e.: their network (fiber, xDSL, etc.) is still legacy IPv4,
but their router automatically establish a 6to4 tunnel to the ISP's IPv6 access point,
Usually, most 6rd deployment offer /60 or /56 prefix, so each (IPv6-enabled) device on the home network can get its very own 64bits suffix based on the MAC-Address (and the router get a few extra 4 or 8 bits of headroom for its internal management).

So anyone plugging "the box" they've received from their ISP is automatically on IPv6.
And automatically getting sensible IPv6 packet filtering on said box (to go back to the subject of this discussion)
(And hopefully also getting sensible default passwords for amdin and Wifi in the form of long random base32 strings printed on the backside of the box)

- Lots of 3G/4G wireless providers are moving to IPv6 (well, obviously as 4G is a purely packet-switched network. IPv6 is more or less an unofficial requirement)

(Though usually, a smartphone will get a publicly addressable IPv4 and IPv6 on lots of networks. Not all though, some wireless providers are moving to NATed IPv4 and only publicly addressable for the IPv6 prefix)

(3G/4G to USB+Wifi routers do work similarily to above-mentionner xDSL/FITH routers. They advertise a publicly accessible IPv6 prefix and provide packet-filtering).

- Most universities I've seen also provide both IPv4 and IPv6 (but usually provide publicly addressable IPs on both).
(Though not necessarily on the "eduroam" shared wireless network. They used to be on IPv4 on some universities, and as of lately, all univesrities I've been in seem to move their eduroam on a different special IPv4-only subnet).
(And though to go back to the current discussion, universities here around seldom do any filtering. As soon as you plug in your laptop, your start to see failed login attempts in your SSHD logs)

- If you want your very own special IPv6 prefix, you can get one from SiXXS over a 6in4 or AYIAY tunnel.
(But then again that's not average joe).

And with only a single globally routable address, you do NEED to be on RFC1918 network.

Obviously this isn't the only way one can do NAT, but it's the only way joe sixpack's router does it.

Most users in a non backwater countries will get a 6rd publicly addressable IPv6 prefix, too.
By default, the box they've received from their ISP and they've plugged into the wall will filter the packets by default.

So please stop with this "NAT increases security".

And I'm telling you, the extra security provided to joe sixpack DOES come from the fact that he's being NATted, since he's still unreachable when any other packet filtering is disabled.

(emphasis mine)
Yup. We've reached a conclusion.
We both agree that for security, you need packet filtering.
You need a "magic box" standing between the wild wide interweb and the home network that does this filtering.
Usually this box is the xDSL/Cable/FITH/whatever router that the user has recieved from the ISP.
NAT'ing, is one of the peculiar types of packet filtering that happens on this box and provides some form of security (simply because of the reason it's a type of packet filtering).

IPv6 by itself isn't usually subject to NAT'ing (not needed, nearly every deployment I've encountered - include at home of random non-techie users - gets a publicly addressable prefix), but still isn't any less secure BECAUSE IT NEEDS TO GO THROUGH THE EXACT SAME MAGIC BOX (the router) THAT STILL DOES PACKET-FILTER NO MATTER WHAT (which happens *not* to be NAT in this exact context).

The joe six pack himself doesn't care, he just plugs the "magic box" that he got from his ISP, painstakingly copies the overly long password from the sticker on the back of the magic box (while cursing why isn't he allowed to use "Passw0rd!" as a passwrod. Com'on, there's even an uppercase and number), or simply flashes the QR-code from the OLED mini-screen (for the lastest generation of router that have one for that purpose).



They used to be a time when users did connect to the wild wide interwebs over an Analog Modem (those screeching boxes that you use to plug into your computer's COM port), or later ISDN Modem (no screenching, but basically the same). Back at the time, a computer thus connected was completely exposed to anything coming at it (Ah, the joys of a time when you could "winnuke" any computer on the net), and lots of software (FTP, IRC, direct file send in IM, P2P file sharing) counted on it.

So when xDSL arrived, I've seen lots of weird setups.
- xDSL *modem*. That plug straight into the USB port of the computer, and the computer gets a public address just like in the time of Analog/ISDN connections.

And that also includes weird routers :
- Router with USB (as a network device) and a single Ehternet port,
that did hand out a private address over DHCP to the computer,
BUT THEN DID A 1:1 STRAIGHT MAPPING between the public IP address and the private address of the computer.
(What was the name of this already? "cone NAT" ?)

- Same as above. Except that now the DHCP can hand out 3 other adresses (to plug a networked printer ?)
But still does straight 1:1 Mapping with the first address (printer doesn't need to have internet access at all, and the whole internet needs to be able to win-nuke the windows machine).
I still have such a useless junk from ZyXel collecting dust somewhere - it got used only a couple of hours, the time it took me to go buy something better.

So the reason current NAT'ing does security is because in addition of employing private address, it does sensible packet filtering (block inboud traffic, allows on-demand outbound traffic for all parties, requires manual TCP-forwarding configuration or UPnP to allow inboud traffic), but there exist asinine ways to do unsecure private addresse that used to actually exist in the wild.

Comment Re: Sociopaths gonna sociopath. What's new? (Score 3, Insightful) 185

Yep, GP loses at bad-research bingo. Also, he missed the actual problem with this research: the subjects are divided into classes by self-reporting. So the headline should read, "People who consider themselves above other people pay less attention to others." It's not an un-interesting result, but it is not quite as interesting when you put it that way.

I've worked with people of all classes, and anecdotally at least I've found that F. Scott Fitzgerald was right: the rich aren't like you and me; they have more money. Old money at least lives a little bit like the people you read about in Jane Austen books; a lot of their energy goes into socializing with others of their class. So it would be interesting to look at old money/new money this way. Another interesting confounding factor is urban/rural. Rural people tend to be poorer. Urban people actually get more human interaction per time while participating in less per person encountered.

In most interesting social science research it's not the first and obvious way of dividing up people that draws your attention (e.g. rich/poor, young/old, male/female); it's the second cut. That's because most of our pop-psych deals in the first cuts (men are from Mars, women from Venus); the second cut tells us the ways our intuitions are limited.

Comment Re:No, they didn't. (Score 1) 930

If you look at the size of the British (and French) deterrents, both have one 16-missile submarine available, they have enough firepower to more or less destroy either Russia or the US but not enough for any fancy shit like attacking hardened targets. I doubt Putin would have much "political support" if the 96 largest cities in Russia were nuked.

The threat is -- attack us and your population dies. It's the only thing we can do.

Comment Re:Something's fishy (Score 1) 214

I don't know how you can possibly read anything about EU subsidies into anything I've written here, but if it makes you feel any better, my businesses have never taken any form of EU subsidy. In fact, from the point of view of my own businesses, the EU probably does more harm than good as things stand today, and in isolation we'd be a bit better off without it. But of course we're not operating in isolation, so the interesting questions are really about whether the EU is a net win or net loss in the big picture, and those are much harder to answer (despite the number of people who seem to think it's an easy question and if you voted the other way from them you're obviously some sort of clueless idiot).

Comment Re:Something's fishy (Score 1) 214

It's not quite that simple, unfortunately.

The EU operates what is termed a "single market" or "internal market", which actually includes the EU member states plus a few others via separate international agreements. This is a region in which the "four freedoms" apply: goods, services, labour and capital may be moved freely between the participating states as if within their own country.

This relatively close relationship is generally seen as good for trade between members of that single market. It means there are no government-imposed tariffs on imports/exports, there are common standards and regulations for what you're allowed to sell throughout the market, and so on. This is why some people in the UK are currently arguing that on leaving the EU as a whole, we should seek an agreement to remain within the single market (a form of "soft Brexit").

However, membership of that single market isn't necessarily a win in all respects.

One issue is that the freedom of movement of labour means member states can't limit immigration from other member states. This has been controversial recently for a number of reasons. In the UK specifically, some people argue that immigration is putting an unsustainable burden on our national infrastructure. Others argue that immigrants are both helpful and in some cases necessary to keep our economy running and support that very infrastructure. Some point out that while we receive many immigrants from elsewhere in the single market, many of our own citizens also choose to work or retire abroad, and that travelling within the EU without visas is beneficial. Across the EU more widely, there is an issue at the moment with the number of refugees from elsewhere in the world who are entering member states close to troubled areas but then able to move around within the EU relatively freely. And on top of all of this, there are all the "free movement, but with strings attached" arrangements where the politicians and diplomats have been trying to dance around the problems without giving up the benefits.

There has probably been more objectively wrong nonsense said about immigration than any other issue around Brexit, but unfortunately it's long been a difficult subject and a certain part of the population in most EU states, including the UK, isn't very nice when it comes to foreigners. And just to throw one more ingredient into the mix, of course the UK also has people moving to and from non-EU states, but our visa and immigration system is overcomplicated, dysfunctional and a huge burden on those people and businesses involved. The natural assumption is that the same currently awful system would apply to those coming from the EU in the event of a "hard Brexit" where we cut ties like single market membership as part of leaving the EU, which some people see as too high a price to pay pragmatically, even if they don't in principle mind immigration from the EU being subject to the same rules as from anywhere else.

Another issue with the single market is that it is also what is called a "customs union". That means that while trade within the market is free, any member state importing from outside the market is required to impose a certain level of tariffs, regulations, and so on. That is usually seen as bad for trade with partners outside the EU single market, for much the same reasons that trade within the market is good. For the UK specifically, although it does a lot of trade with the EU, it actually does a bit more now with other partners outside the EU, and the external trade is also growing a bit faster. And of course a lot of goods and services are both provided and consumed internally within the UK. As long as the UK is within the scope of the EU arrangements, it therefore has to apply the EU rules even to internal matters and to trade with non-EU partners. Depending on who you ask and what line of business they're in, this is either no big deal or a crippling burden on trade and our national economy.

Crucially, the UK is also not free to negotiate its own trade deals for more favourable terms with non-EU partners, because the rules say that only the EU itself can negotiate trade deals on behalf of the bloc as a whole. This goes along with the whole single market/customs union deal, but if you're looking at increasing trade with, say, North America or Asia, it's a big barrier. And as we've seen recently with proposed trade deals like TTIP and CETA, being in the EU is no guarantee that your diplomats will actually close good trade deals on behalf of the member states. Apparently negotiating on behalf of the whole EU bloc, when in the real world those member states naturally have different priorities and goals and when they also have varying levels of veto powers, isn't always easy!

In the end, a lot of the controversy around Brexit is whether the known, established benefits of being an EU member state outweigh (and would continue to outweigh) the potential benefits of being free to negotiate independently with non-EU partners and to set our own rules for our home market. It's not really about "losing access to the single market" or "preventing immigration". Trade between the UK and EU member states would still happen even if the UK left the single market, just as obviously the UK trades with many other nations around the world. Likewise, people would still come and go. But there would potentially be significant extra barriers to trade and movement within the EU, and potentially lower barriers to trade and movement elsewhere, and the long term pros and cons of those arrangements are hard to predict.

Comment Re:and if I shoplift a rack full of CD's it's just (Score 4, Insightful) 96

Because copyright law is bunch of crude analogies hacked together that used the physical encodings of information as a proxy for a creator's financial interests in a work. It worked great in the age of print when mainly you were talking about books which were cheap to mass produce but expensive to copy.

But today, conceptualizing an author's rights to a work as a monopoly on copying leads to nonsensical results. Suppose I download a song to the same computer twice, as can easily happen. Technically because the thing I did wrong was copying, I infringed *twice*; however it hardly does twice the harm to the author's interests. On the other hand if I copy that song once but listen to it a thousand times, you could reasonably argue I'm doing more harm to the author's interest than if I downloaded it a thousand times but *never* listened to it.

It's all just a way to get content creators paid; a ridiculously complex and arcane way, but it's familiar because it's traditional. You can't expect it to make sense, especially by trying to draw subtly different analogies.

Slashdot Top Deals

To program is to be.