Subscribe: CircleID: Comments
Added By: Feedage Forager Feedage Grade A rated
Language: English
charles christopher  data  end end  end principle  end  google  internet  nov pst  nov  posted nov  posted  pst  service 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: CircleID: Comments

CircleID: Comments

Latest comments posted on CircleID


RE: UDRPs Filed - Brand Owners Take Note (Gerald M. Levine)


Good advice, Matt. I would add one more bullet point. Be sure to curate the content to avoid any possible association with mark owner or its competitors. The matter you referred to (reading the record carefully)failed to curate contents. The Panel found that "Complainant’s screenshot confirms [that] … the domain name contains various IMI related links and descriptions of the content located at the linked webpage." Now, if the Respondent had appeared… (but that's another story!)

Link | Posted on Nov 19, 2017 2:21 PM PST by Gerald M. Levine

RE: The Hack Back Bill in Congress is Better Than You'd Expect (Barry Raveendran Greene)


I've read the bill several times, thinking about the actions we've taken in the past to mitigate, remediate, traceback, and trackback malware systems to the source.  First, I don't see the point of the bill. It is not solving anything. All the items mention done now within the legal limits that are in place with existing legislation. Second, I can easily see people who do not have solid legal advice taking action which they perceived are "good," then the collateral consequence is 180 degrees opposite.

John, where are the new items fixing a problem with the existing legislation?

Are we ready for China to deploy malware removal tools on malware infected computer in the US? Removing malware through a discovered "remove" command does not damage the 'intermediary computer.' But, how does the victim know? They are under attack and they need "hack back."

Link | Posted on Nov 15, 2017 3:08 PM PST by Barry Raveendran Greene

RE: Google Now a Target for Regulation (Todd Knarr)


How am I paying for only a portion of the ride? Are you saying that I'd be given some Internet connectivity if I didn't pay for my service? I assure you, that's not the case. I pay for the entire ride, and I consider myself entitled to get the ride I paid for. If I paid for a ride for up to 10 people, I expect not to have the taxi company demanding more money from my destination because I had 8 people in the taxi instead of just 2. And if the taxi company's leasing the car from someone who adds mileage charges and such onto the bill each month, well, that's between the taxi company and whoever they're leasing the car from and it's simply Not My Problem beyond the fact that it's something the taxi company has to factor into their rates (and if they don't, still Not My Problem).

And no, the data isn't "my data" any more than what the receiving party on a phone call says belongs to me. But when I paid for the phone call I paid for a 2-way circuit and I expect to hear what the receiving party says without them having to pay an additional toll for their side of the call. And yes that applies to mobile calls too. If I call someone who has Verizon service when I'm on T-Mobile, the other person may have to use airtime minutes from their Verizon plan but they're not going to have to pay T-Mobile any extra for their half of the traffic on top of what they're paying Verizon.

Link | Posted on Nov 14, 2017 12:31 PM PST by Todd Knarr

RE: Former Yahoo CEO Marissa Mayer Apologizes for Data Breach, Blames Russian Agents (Alan Maitland)


If you have ever raised or observed children, you already know that it is a very human thing to try to blame others.  While Ms. Mayer has rightly apologized for the breaches at her former company during her watch, she also goes on to blame "the Russian agents for at least one of them".

Perhaps one day my words may come back to haunt me, but as the President of a huge tech company, Ms. Mayer must also accept the blame for the very circumstances allowing these breaches to occur in the first place at her company.  "Bad guys" have and always will exist, it is how we deal with them before and after attacks occur which matter most.

Though, depending upon the type and scope of information taken by the attackers, the fallout from this for Yahoo! and its users may actually be relatively small.  Certainly not even close to the scope of the far more serious and far reaching Equifax breaches.

Even so, three billion IDs compromised in two data breaches seem far beyond the fault of simply the attacker.  In this day and age of admiring Internet entrepreneurs who claim to have developed their now multi-billion dollar platforms "over a weekend", these kinds of events will certainly not be the last we encounter.

Before blaming others for these breaches, we need to look inward.  After the fact, we need to ask ourselves, was it a human failure, something our own code, standards we failed to implement properly (or at all), our business rule set or was it something else we did or could have prevented?

Ideally, those questions wouldn't be as important if we work to address them proactively. Through properly understanding, implementing and routinely reviewing best practices, we can minimize the likelihood of these events ever occurring in the first place.

In the final analysis, we must embrace that in every profession, especially so in technology, experience and fundamentals always matter.

Link | Posted on Nov 14, 2017 9:13 AM PST by Alan Maitland

RE: Google Now a Target for Regulation (Anthony Rutkowski)


The reality here doesn't seem disputed.  The assertion is that you are paying for a portion of the ride, therefore the selection of hitchhikers is your choice.  There are also almost certainly constraints found in the customer service agreement with your local provider.  There are also multiple "rides" at multiple layers on the path back to the source end point.

It is also not clear that the data provided pursuant to your request is "your data."

Lastly, it appears that ultimately the holy grail is to accumulate as much information about the end user as possible to meet every need.  The consumer protection, antitrust, and security challenges here are enormous, and it is not clear how that gets sorted out.

Link | Posted on Nov 14, 2017 5:41 AM PST by Anthony Rutkowski

RE: Google Now a Target for Regulation (Todd Knarr)


Where is the free ride? I pay my ISP to provide me access to the Internet, to carry the data I request (since I'm paying for a 2-way connection, not a one-way one). Why then should I not expect them to do exactly that regardless of which services on the Internet I request data from? And the service I request data from pays it's access provider for it's connection and it's data. Why should they not expect their data to be carried regardless of who's requesting it? I always hear about how Google is getting a free ride from my ISP by expecting them to carry Google's data for free. But they're not carrying Google's data. They're carrying my data that I requested from Google, and I'm paying them to do exactly that. So where is there a free ride? The only way I could see there being a free ride is if my ISP stopped sending me a bill every month and expected services like Google to pay for my connection. But they do send me a bill and they expect me to pay it, so I expect to get what I'm paying for: carriage both ways of the data I originate and request.

Now there's an issue with the imbalance of payments between my ISP and Google's access provider, but that's because my ISP limits it's subscribers to being clients only which means the data flow will be primarily from Google's access provider to my ISP. That, frankly, isn't Google's problem. It's my ISP's responsibility to make sure they charge a price that'll cover their costs. Not, mind you, that they're really having a problem with that right now. If you look at their financials, their complaint isn't that they aren't making a profit but that they're not making the kind of profit Google does. Well, they haven't gone out and created something people want more than Google, so what do they expect.

Link | Posted on Nov 13, 2017 8:03 PM PST by Todd Knarr

RE: Google Now a Target for Regulation (Anthony Rutkowski)


It began 40 years ago and hasn't stopped.  Providers higher on the stack want a free ride on top of providers at lower layers.  Arguing for Title II based regulation to further the free ride (a/k/a NetNeutrality) is an unwise tactic to do that.  Unconstrained end-to-end encryption to further the free ride is also an unwise tactic and similarly has both anti-competitive and security implications.  Agent software that reports commercially valuable user information back to the provider through encrypted tunnels also raises that concern duality.  Security and resilience of national infrastructures are also a proper role of government.

The most significant challenge, however, is when a Nation State actor employs massive resources to use content as a means of bringing about regime change in another Nation State - also known as information warfare.  Those implications are profound. 

So regulatory oversight of content has some significant conundrums and seems unlikely to go away.

Link | Posted on Nov 13, 2017 2:31 PM PST by Anthony Rutkowski

RE: Weaponizing the Internet Using the "End-to-end Principle" Myth (Charles Christopher)


There is money in enslaving others. Always has been, always will be.

So long as I can maneuver you into paying for my instantiation or your desired function, I win as you lose some more of your money to me ... One way or another. But that is not an issue of right and wrong, moral, values, or ethics, that is a game of predator and prey.

Predation is what it is, and I will respond by fighting back as well as making changes that can't easily be responded to. The real question then becomes, is that way we each want to waste our lives doing?

Like a registrar auctioning off a registrants domain name? I saw that coming long ago. So I became a registrar ... The law of unintended consequences, and wasted lives ......

Link | Posted on Nov 13, 2017 11:27 AM PST by Charles Christopher

RE: Weaponizing the Internet Using the "End-to-end Principle" Myth (Anthony Rutkowski)


Today the proposition is rather problematic and subject to many constraints and caveats.  The FSB loves those kinds of innovation opportunities today. :-)

It is clear from searches of patents, R&D;, standards activities, or any other metric, that one of the most significant network innovation sectors today is the design and innovation middleboxes - especially virtually as a cloud service.

Link | Posted on Nov 13, 2017 10:48 AM PST by Anthony Rutkowski

RE: Weaponizing the Internet Using the "End-to-end Principle" Myth (Charles Christopher)



Lets try a view from 30,000 feet, lets return for a moment to the post that originally caused us to email each other directly:

So here we have a domain name registrar that took the very position you are now arguing for, but were against in the link above. That being "the network" taking ownership of "the end point function" (aka domain name). That did not work out very well did it?

Or should I say it worked out great for "the network" as the registrar received registration and renewal fees and then a successful auction fee. But for the "end point", the original registrant, things did not work out so well.

What frustrates me most here is not these discussions related to the internet, its that such discussions are happening throughout most of society and culture. That it not what we are responsible for handing future generations. Enslaving ourselves to others.

So be careful what you wish for.

Your Friend,


Sam Lowry: Excuse me, Dawson, can you put me through to Mr. Helpmann's office?

Dawson: I'm afraid I can't sir. You have to go through the proper channels.

Sam Lowry: And you can't tell me what the proper channels are, because that's classified information?

Dawson: I'm glad to see the Ministry's continuing its tradition of recruiting the brightest and best, sir.

Sam Lowry: Thank you, Dawson.

Link | Posted on Nov 13, 2017 10:46 AM PST by Charles Christopher

RE: Weaponizing the Internet Using the "End-to-end Principle" Myth (Charles Christopher)


>Feel free to perform an exorcism.


"The function in question can completely and correctly be implemented only with the knowledge and help of the application standing at the end points of the communication system."

And since that function is known as the third party, which had no contractual or ethical need to describe my "function" before purchasing their service, that service provider is incapable of including it into their system as part of the offered service. That was in fact the intention of the relationship from the beginning.

Or put more simply, when I pay my gas tax paid for road maintenance there was no need or requirement for me to state the vehicle I was driving at the gas pump, or more specifically the brand and model of tire which I use to "interface" with that "service". The "service provider" provided as generic as service as possible for the anticipated needs. As the customer needs change so to does the service, example being increasing traffic on gravel roads then requiring that road to be paved. Back to cause and effect, the device provider changes based on my needs not theirs.

The service provider may attempt to anticipate my needs and offer alternatives (for example public transit), but so long as I have free will choice not to choose their offering they will never be able to precisely duplicate what I want into their system.

Its the implied "ownership" of the endpoint interface and endpoint user that is the issue. And if control is taken of that piece then there is no other word than "enslaved" to describe that relationship.

Or to be more politically correct, innovation denies moving the "function" from the endpoints, unless the desire is an end to innovation.

Link | Posted on Nov 13, 2017 10:17 AM PST by Charles Christopher

RE: Weaponizing the Internet Using the "End-to-end Principle" Myth (Anthony Rutkowski)


As the paper notes, it was prepared in the 1980s to deal with designs of distributed systems - especially the ARPANET which had just begun using TCP/IP at the time pursuant to the 23 Mar 1982 SECDEF memorandum on DOD Policy on Standardization of Host-to-Host Protocols for Data Communication Networks.  Ironically, the paper makes an argument for ARPANET security and trusted key management.  The paper's conclusion was sage for the day.

It is fashionable these days to talk about "layered" communication protocols, but without clearly
defined criteria for assigning functions to layers. Such layerings are desirable to enhance
modularity. End-to-end arguments may be viewed as part of a set of rational principles for
organizing such layered systems. We hope that our discussion will help to add substance to
arguments about the "proper" layering.

Feel free to perform an exorcism.  Also, reference comments of Cadzow, above.

Link | Posted on Nov 13, 2017 8:59 AM PST by Anthony Rutkowski

RE: Weaponizing the Internet Using the "End-to-end Principle" Myth (Charles Christopher)


"In the end, they wanted security more than they wanted freedom."
- Edward Gibbon (1737 - 1794) English Historian and Author of The History of the Decline and Fall of the Roman Empire

"The secret of Happiness is Freedom, and the secret of Freedom, Courage."
- Thucydides (460 BC - 395 BC), Greek Historian

2500 years of history.

"Nothing new, under the sun."
- Solomon

Link | Posted on Nov 13, 2017 8:23 AM PST by Charles Christopher

RE: Weaponizing the Internet Using the "End-to-end Principle" Myth (The Famous Brett Watson)


If you want to explain how those you criticise have failed to properly apply the lessons of Saltzer, then by all means do so. Goodness knows the "end-to-end principle" gets parroted inappropriately often enough. What you've given us here, however, is nothing but cheap, negative rhetoric, including jabs at the age of the paper. If that was "no snub", your snubs must be really something.

I'm not buying it. This is just soap-boxing for your particular ideology.

Link | Posted on Nov 13, 2017 8:06 AM PST by The Famous Brett Watson

RE: Weaponizing the Internet Using the "End-to-end Principle" Myth (Charles Christopher)


>Never mind that the notion is also founded on a kind of chaotic utopian dream where >running code somehow provides for unfettered communication and information >capabilities for every human and object on the planet If we have the right to walk out into a field by ourselves, and have a private conversation with each other while we are not carrying any electronic devices, then we have the right to talk using unbreakable encryption sitting in our homes. A private conversation does not become public just because electronics carried it between us. The right to privacy has always existed or it has not, and certainly if it has existed then manifestation of electronics on the surface of the earth did not change the fabric of existence to remove that right to privacy. And there is an example that rights/truth are independent of time and the opinions of man, they are of something else. We reject that at our peril, and the peril of our children, grandchildren, and beyond. >rather than business, legal, and economic systems. That is all there is? So I have no right to send a private message to my girl telling her every detail of my desire to make love to her on a secluded beach, and keep that message private between us? >To the extent that global internetworking capabilities have actually come into existence, >it has occurred first and foremost by commercial mobile providers and vendors using >their own internet protocols, combined with the telecommunication, commercial internet, >and cable providers and vendors worldwide. Do these companies serve the customers who paid their bills which then allowed those companies to develop that infrastructure? Or do those paying customers serve, and are enslaved to, those companies? Your statement seems to have cause and effect backwards. Your comments remind me of this pernicious modern idea of “Collective Moral Responsibility”. When I took ethics class in university this is what I was taught: Morals and values are defined by an individual, Ethics are defined by a group (aka “collective”). By definition, government can never define morals. There always has been, and always will be, evil in the world. The key here is that I NEVER allow evil people to define good people, doing that is an act of sorcery. Sadly it is a trap too many are falling into today because government power comes from fear. To government, fear is a powerful tool used to pay for salary raises and retirement benefits. It feeds the monster. Therefor using evil to define society has great financial benefit for those holding offices able to make these decrees, regulations, and man's laws. The reason the US founders protected minority views was this very reason, to acknowledge that two wolves and a sheep don’t get to vote on what is for dinner. To those who continue to think the US is a “democracy” and that democracy is so great, please recite the US pledge of allegiance. No where in the pledge is the word “democracy”, but there is another word ….. And that word refers to the opposite of collectivism, it refers to the group NOT defining the individual and how critical that is to the preservation of truth, rights, and freedom. “Within the next generation I believe that the world’s rulers will discover that infant conditioning and narcohypnosis are more efficient, as instruments of government, than clubs and prisons, and that the lust for power can be just as completely satisfied by suggesting people into loving their servitude as by flogging and kicking them into obedience.” - Aldus Huxley to George Orwell, October 1949 "The power to control language offers far better prizes than taking away pe[...]