I also suspsect that the community is not ready to transition to
liquid-cooled systems.
I rather assumed 'at room temperature' implied a standard heat sink
and fan.
Perhaps there's not enough information in that article to draw a
conclusion from.
There are a few bits that folks
On Jun 20, 2006, at 11:11 PM, Tony Li wrote:
The breakthrough that we're looking for is a high speed, high density,
low power transistor that can be commercially scaled with good yield.
Not there quite yet.
In comparison to early-80s ECL, how do you think the scaling curve
might match? I
On Tue, Jun 20, 2006 at 05:18:20PM -0700, Randy Bush wrote:
The added cost for CPU-bound systems is that they have to try
(potentially) multiple keys before getting the **right** key
but in real life this can be easily mitigated by having a rating
system on the key based on the
The added cost for CPU-bound systems is that they have to try
(potentially) multiple keys before getting the **right** key
but in real life this can be easily mitigated by having a rating
system on the key based on the frequency of success.
This mitigates the effect of authenticating valid
At 04:23 PM 6/20/2006 -0700, Bora Akyol wrote:
...The DOS is a concern whether you have a valid key or not, correct?
Yes, People who do NOT have a valid key can certainly launch
DOS attacks.
I can DOS the router with fake packets that it needs to verify as long
as I want.
Yes, but the
At 07:29 PM 6/20/2006 -0400, Richard A Steenbergen wrote:
On Tue, Jun 20, 2006 at 05:06:27PM -0400, Ross Callon wrote:
...I'd still like someone to explain why we're wasting man hours, CPU time,
filling up our router logs, and potentially making DoS easier, for an
attack that doesn't exist
All the multiple keys do is to decrease the cost of the DOS.
Yes
let's try to remember that, in reality, this is all about allowing
two bgp peers to move to a new key without having the operators on
the phone to keep the bgp session from resetting. i.e.,
o it will be uncommon that there is
--- Ross Callon [EMAIL PROTECTED] wrote:
Another potential attack is an attempt to insert
information
into a BGP session, such as to introduce bogus
routes, or
to even become a man in the middle of a BGP
session. One
issue that worries me about this is that if this
allows routing to
just so one can see how deep in a hole things can go if no
grownups are present, look at what ghana is about to do to
kill the goose that laid the golden egg
http://rip.psg.com/~randy/ghana-insanity.pdf
randy
Could you be more specific? Are you talking about Part VIII
DOMAIN NAME REGISTAR or something else?
rsw.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Randy Bush
Sent: Wednesday, June 21, 2006 12:59 PM
To: [EMAIL PROTECTED]
Subject: insane
On 6/20/06, Lionel Elie Mamane [EMAIL PROTECTED] wrote:
You don't do your financial transactions over HTTPS? If you do, by
the very design of SSL, the tor exit node cannot add any HTTP
header. That would be a man-in-the-middle attack on SSL.
Which, for an anonymizing network, could be a
Could you be more specific? Are you talking about Part VIII
DOMAIN NAME REGISTAR or something else?
rsw.
I like Part XIII, Subsecton 115. Thing. myself.
-Jerry
On Wed, 21 Jun 2006 12:21:34 CDT, Jerry Pasker said:
I like Part XIII, Subsecton 115. Thing. myself.
Actually, that serves a very important purpose - it codifies the concept
that a string of ones and zeros can represent something with actual value.
If it wasn't there, a defendant could argue
Could you be more specific? Are you talking about Part VIII
DOMAIN NAME REGISTAR or something else?
the whole thing as a piece. it looks to be a, likely well-meaning,
attempt by a gang of bureaucrats and a fancy consultant to put the
universe in a glass jar and preserve it. from end user, to
On Wed, 21 Jun 2006, Randy Whitney wrote:
Could you be more specific? Are you talking about Part VIII
DOMAIN NAME REGISTAR or something else?
Not presuming to answer for Randy, just for myself:
This follows one of the typical failure-modes of technical legislation,
which is
On Wed, Jun 21, 2006 at 01:14:52PM -0400, Todd Vierling wrote:
On 6/20/06, Lionel Elie Mamane [EMAIL PROTECTED] wrote:
You don't do your financial transactions over HTTPS? If you do, by
the very design of SSL, the tor exit node cannot add any HTTP
header. That would be a man-in-the-middle
Are there anyone on the list from these organizations that could possibly
put me in contact with the postmasters please?
Thank you
On Jun 21, 2006, at 12:43 PM, Lionel Elie Mamane wrote:
If the proxy is not at the Tor exit node, how can the tor network
enforce the addition of the this connection went through tor HTTP
header that Kevin Day was asking for? Fundamentally, if you rely on a
program sitting on the user's
On Wed, Jun 21, 2006 at 10:36:04AM -0700, Randy Bush wrote:
the whole thing as a piece. it looks to be a, likely well-meaning,
attempt by a gang of bureaucrats and a fancy consultant to put the
universe in a glass jar and preserve it. from end user, to net
operations, to infrastructure, to
That's going to be fun to watch.
from the outside, not from the inside
randy
On 6/21/06, Lionel Elie Mamane [EMAIL PROTECTED] wrote:
Here's where your misunderstanding is evident. The filtering proxy
is not at the Tor exit node; it's at the *entry*.
If the proxy is not at the Tor exit node, how can the tor network
enforce the addition of the this connection went
On 6/21/06, Kevin Day [EMAIL PROTECTED] wrote:
Failing that, having an exit node look at HTTP headers back from the
server that contained a X-No-Anonymous header to say that the host
at that IP shouldn't allow Tor to use it would work.
What's to stop one or more exit node operators from
On Wed, Jun 21, 2006 at 05:02:47PM -0400, Todd Vierling wrote:
If the point of the technology is to add a degree of anonymity, you
can be pretty sure that a marker expressly designed to state the
message Hi, I'm anonymous! will never be a standard feature of said
technology. That's a pretty
On Jun 21, 2006, at 2:53 PM, Jeremy Chadwick wrote:
On Wed, Jun 21, 2006 at 05:02:47PM -0400, Todd Vierling wrote:
If the point of the technology is to add a degree of anonymity, you
can be pretty sure that a marker expressly designed to state the
message Hi, I'm anonymous! will never be a
On Jun 21, 2006, at 4:08 PM, Todd Vierling wrote:
On 6/21/06, Kevin Day [EMAIL PROTECTED] wrote:
Failing that, having an exit node look at HTTP headers back from the
server that contained a X-No-Anonymous header to say that the host
at that IP shouldn't allow Tor to use it would work.
Folks -
Since sometime early this morning, some traffic through Global Crossing
in Ashburn has been experiencing packet loss and varying latency
consistent with congestion. Global crossing's NOC confirms there is an
multiple customer issue, but can't/won't/doesn't-know anything with
respect
Since sometime early this morning, some traffic through Global Crossing
in Ashburn has been experiencing packet loss and varying latency
consistent with congestion. Global crossing's NOC confirms there is an
multiple customer issue, but can't/won't/doesn't-know anything with
respect to
Wow - so many private messages surrounding this. I'll summarize and
group the comments across the predictions below, but first answer some
of the questions I received.
One suggestion was to bury these in a timevault to be opened at NANOG
in 2010. Another suggestion was to bury these where I
Another potential attack is an attempt to insert information
into a BGP session, such as to introduce bogus routes, or to
even become a man in the middle of a BGP session. One issue
that worries me about this is that if this allows routing to
be compromised, then I can figure out how
john:
on ops channel, gx senior eng says:
o gx backbone crew knows of no multi-cust outage
o gx noc knows of nomulti-cust outage
so i very much doubt anyone on this list will have an eta
for something no one seems to know about.
maybe, rather than a public slam with no content, post some
This one is hard to pull off. I think the general conclusion
a couple years ago in the study that Sean Convery and Matt Franz
did was that it was less work to try to own the router or buy your
own AS ;)
this is the you don't have to run faster than the lion, you
just have to run faster than
Randy -
I actually intentionally didn't post the details or ticket number,
as I was looking for other folks already involved (once their NOC
said it was a multiple customer issue with the ar2.dca2 router).
If you're also affected or engaged on the problem, let me know.
Thanks!
/John
On Wed, Jun 21, 2006 at 05:55:21PM -0700, Randy Bush wrote:
when low-hanging fruit is unavailable, or when they see a
really cool way to exploit the higher fruit, it would be
prudent to have done something about it. who cares about
openly recursive dns servers? there are easier ways to
Jeremy Chadwick wrote:
On Wed, Jun 21, 2006 at 05:02:47PM -0400, Todd Vierling wrote:
If the point of the technology is to add a degree of anonymity, you
can be pretty sure that a marker expressly designed to state the
message Hi, I'm anonymous! will never be a standard feature of said
34 matches
Mail list logo
