In article ,
(Brian Kelly) writes:

(N2EY) wrote in message
.com...
S. Hanrahan wrote in message
...
On 2 Aug 2004 08:25:26 -0700, (Brian Kelly) wrote:

Wires for any type of communications purposes are already on their way
into history. BPL was stillborn from the gitgo.

The future is satellite. Wi-Fi will just be a fad like the laserdisc.

Wi-fi is already much bigger than the laserdisc was and it's growing
exponentially. The laserdisc died on the stores shelves from the
gitgo.

For reasons listed in another post.

Probably not - that is, if we're talking about customers directly
accessing the satellite.

It's the cost of consumer direct access to the satellites which is the
show-stopper and I don't see it coming down to dialup costs for years
if ever. 80% of the U.S. consumers with access are still using dialup
connections and most of 'em are not going to move to broadband until
the costs get a lot closer to dialup than they are.

Absolutely. This is where DSL can really get the market, because with DSL you
don't need a second phone line.

While there's definitely a future for satellite comms, the
"last mile" problem combined with the enormous bandwidth of fiber
limits its usefulness as a general-purpose broadband access method.

Say you orbit a new, state of the art satellite. How much bandwidth
can it provide to how many customers?

A whole bunch. Even the old birds which have been up for years can
repeat something like 900 TV channels and those are not considered
high-capacity satellites.

That means 900 customers can have 6 MHz of bandwidth each. Or maybe 5400 can
have 1 MHz each.

When the satellite repeats a channel, it doesn't matter how many people watch
it. Internet bandwidth is a completely different beast.

Compare that to what is
available in a single fiber. Also remember that once the duct is in
place, pulling another fiber isn't that expensive, and that new
technologies permit more bandwidth in existing fibers.

What "ducts"?? There aren't any ducts running into farms and vacation
lodges out in the boonies. They'll have the last mile problem for
years to come. Until the phone companies replace their twisted-pair
wiring with cable, fiber optic and otherwise.

I meant ducts that carry it to within a mile of the customer. Ducts that go
across the country, etc. Satellites can't create another RF spectrum.

Fiber and Wi-Fi...watch out...

One caveat!

A lot of folks are setting up their own little wireless networks. The stuff is
becoming cheaper than the cable it replaces!

But not enough folks understand the need to encrypt. Without good encryption of
your network, anybody can drive by with a lapper and access your network - and
your hard drives, etc. Your internet firewall won't help because your network
thinks the invader is *inside* your network, not outside. You need for the
network itself to be encrypted.

Where's my RJ-45 plugs?

73 de Jim, N2EY

73 de Jim, N2EY

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

"N2EY" == n2ey writes:

[...]

N2EY One caveat!

N2EY A lot of folks are setting up their own little wireless
N2EY networks. The stuff is becoming cheaper than the cable it
N2EY replaces!

And for good reason. In my new location, I'm terrified to drill
through the walls (it's an old *solid* house that predates cheap
sheetrock by decades) but I've no trouble using wireless.

N2EY But not enough folks understand the need to encrypt. Without
N2EY good encryption of your network, anybody can drive by with a
N2EY lapper and access your network - and your hard drives, etc. Your
N2EY internet firewall won't help because your network thinks the
N2EY invader is *inside* your network, not outside. You need for the
N2EY network itself to be encrypted.

If someone truly sets up their network in this manner, they are truly
running a serious risk, as you describe. I've just moved, so I have
to reinstall my network, and it will actually be set up with two
wireless access points: one for the "inside", which will be
MAC-restricted and locked down with WEP (until my operating system
fully supports TKIP in which case I'll go up to that protocol), and
one which is "outside" for any and all comers to sit in the nearby
park and reach the internet. No traffic goes to the inside from the
outside, and both sides can see the internet, so life is good.

N2EY Where's my RJ-45 plugs?

Put some time and effort into understanding exactly how to make it all
work properly, and you'll find that you need fewer RJ-45 plugs.

N2EY 73 de Jim, N2EY

Oh, and I get that you're not talking about setting up your own
network in the encryption-free manner in which you describe. I'm just
trying to show that there are many good ways to make wireless work
such that you can be friendly to your neighbors while protecting your
assets.

Jack.
(one of those paranoid computer security types)
- --
Jack Twilley
jmt at twilley dot org
http colon slash slash www dot twilley dot org slash tilde jmt slash
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (FreeBSD)

iD8DBQFBJAtEGPFSfAB/ezgRAtWqAJ9crOHo6IKrEZ089EPMgfeXTJpb+QCfUztP
Rtp9XKoV8+kiWCs4iL8r7O4=
=Fcq3
-----END PGP SIGNATURE-----

Jack Twilley wrote in message ...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Oh, and I get that you're not talking about setting up your own
network in the encryption-free manner in which you describe. I'm just
trying to show that there are many good ways to make wireless work
such that you can be friendly to your neighbors while protecting your
assets.

I use a very simple all-platforms bulletproof "security protocol"
Jack. I don't put anything of a sensitive nature on a hard drive in a
computer which is networked, particulary when the network includes the
Internet, *nothing*. Net result is that my sensitive info can't
possibly get hacked and I don't have to diddle with any contorted
encryption and firewall sorts of pushups. I could care less if this
computer gets hacked, there's nothing in it which is of any pecuniary
or "intelligence" value at all to anybody else. What do I care if
somebody taps into my antenna modeling files, e-mail to N2EY or my
..jpegs of family and such which are in this box?!

Of course in the process I'm giving up a lot of current-tech
conveniences like online banking, online shopping and others. But
that's OK where I come from, my telephone still works and I still dial
around to place orders with the plastic, the banks are still issuing
statements, the post office still sells stamps, yadda, yadda. I have
yet to run into a transaction or an instance of passing out any other
type of sensitive info which was stymied by doing it offline.

Depends on the tradeoffs you make between security and convenience,
I've taken the easy way out of the whole endless computer security
swamp.

Jack.

w3rv

(one of those paranoid computer security types)

(ya done it to yerself Jack)

Subject: BPL Powers Off
From: (Brian Kelly)
Date: 8/19/2004 7:40 AM Central Standard Time
Message-id:

Jack Twilley wrote in message
...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Oh, and I get that you're not talking about setting up your own
network in the encryption-free manner in which you describe. I'm just
trying to show that there are many good ways to make wireless work
such that you can be friendly to your neighbors while protecting your
assets.

I use a very simple all-platforms bulletproof "security protocol"
Jack. I don't put anything of a sensitive nature on a hard drive in a
computer which is networked, particulary when the network includes the
Internet, *nothing*. Net result is that my sensitive info can't
possibly get hacked and I don't have to diddle with any contorted
encryption and firewall sorts of pushups. I could care less if this
computer gets hacked, there's nothing in it which is of any pecuniary
or "intelligence" value at all to anybody else. What do I care if
somebody taps into my antenna modeling files, e-mail to N2EY or my
.jpegs of family and such which are in this box?!

Of course in the process I'm giving up a lot of current-tech
conveniences like online banking, online shopping and others. But
that's OK where I come from, my telephone still works and I still dial
around to place orders with the plastic, the banks are still issuing
statements, the post office still sells stamps, yadda, yadda. I have
yet to run into a transaction or an instance of passing out any other
type of sensitive info which was stymied by doing it offline.

Depends on the tradeoffs you make between security and convenience,
I've taken the easy way out of the whole endless computer security
swamp.

Jack.

w3rv

(one of those paranoid computer security types)

(ya done it to yerself Jack)

I still think that these "holes" in Windows are intentional.

And I am with you, Brian...If I need to do something that bad, I will make
the call with the plastic. Otherwise I'll keep Ben Franklin's ugly cousins
working another day!

73

Steve, K4YZ

Steve Robeson K4CAP wrote:

Subject: BPL Powers Off
From: (Brian Kelly)
Date: 8/19/2004 7:40 AM Central Standard Time
Message-id:

Jack Twilley wrote in message
...

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Oh, and I get that you're not talking about setting up your own
network in the encryption-free manner in which you describe. I'm just
trying to show that there are many good ways to make wireless work
such that you can be friendly to your neighbors while protecting your
assets.

I use a very simple all-platforms bulletproof "security protocol"
Jack. I don't put anything of a sensitive nature on a hard drive in a
computer which is networked, particulary when the network includes the
Internet, *nothing*. Net result is that my sensitive info can't
possibly get hacked and I don't have to diddle with any contorted
encryption and firewall sorts of pushups. I could care less if this
computer gets hacked, there's nothing in it which is of any pecuniary
or "intelligence" value at all to anybody else. What do I care if
somebody taps into my antenna modeling files, e-mail to N2EY or my
.jpegs of family and such which are in this box?!

Of course in the process I'm giving up a lot of current-tech
conveniences like online banking, online shopping and others. But
that's OK where I come from, my telephone still works and I still dial
around to place orders with the plastic, the banks are still issuing
statements, the post office still sells stamps, yadda, yadda. I have
yet to run into a transaction or an instance of passing out any other
type of sensitive info which was stymied by doing it offline.

Depends on the tradeoffs you make between security and convenience,
I've taken the easy way out of the whole endless computer security
swamp.


Jack.

w3rv


(one of those paranoid computer security types)

(ya done it to yerself Jack)


I still think that these "holes" in Windows are intentional.

Quite a few are, Steve. A lot are also that integration between the
browser, mailreader and system that was supposed to open up a new world
of computing ease for us.

And I am with you, Brian...If I need to do something that bad, I will make
the call with the plastic. Otherwise I'll keep Ben Franklin's ugly cousins
working another day!

My suggestions for computer security a

1. Buy a Mac

If you can't buy a Mac:

1. Zonealarm Pro (avoid version 5 - if you have to register it with
version 5 do it, then find the previous version)

2. Proxomitron (or some other proxy hardware or software)

3. Don't use Internet Explorer at all - ever.

4. Never ever ever use Outlook or Outlook Express.

5. Nortons of course.

6. Adaware don't hurt.


I have to do all that stuff for my home computer (a PC) but all I have
to do for my work computer - the Mac - is turn it on, download the
updates from Apple around once a month. Hundreds of hours saved per year.

- Mike KB3EIA -

=2D----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

"Brian" =3D=3D Brian Kelly writes:

Jack Oh, and I get that you're not talking about setting up your own
Jack network in the encryption-free manner in which you describe.
Jack I'm just trying to show that there are many good ways to make
Jack wireless work such that you can be friendly to your neighbors
Jack while protecting your assets.

Brian I use a very simple all-platforms bulletproof "security
Brian protocol" Jack. I don't put anything of a sensitive nature on a
Brian hard drive in a computer which is networked, particulary when
Brian the network includes the Internet, *nothing*. Net result is
Brian that my sensitive info can't possibly get hacked and I don't
Brian have to diddle with any contorted encryption and firewall sorts
Brian of pushups. I could care less if this computer gets hacked,
Brian there's nothing in it which is of any pecuniary or
Brian "intelligence" value at all to anybody else. What do I care if
Brian somebody taps into my antenna modeling files, e-mail to N2EY or
Brian my .jpegs of family and such which are in this box?!

It is interesting that your primary concern is to keep your
information secure -- that is indeed a very valid concern. The
approach you describe is the one that was followed at the defense
contractor where I started my career. It works very well for many
many cases and is "the right way" to handle most kinds of classified
information. However, there is a concern which isn't addressed by
your system, which is being a good Internet citizen and preventing
your computer from being used for Evil. You could care less if the
machine gets hacked, but if it gets hacked and used as an open proxy
for delivering spam or as part of a distributed denial of service
attack, your negligence leads directly to the economic losses of
others. That's something worth considering.

Brian Of course in the process I'm giving up a lot of current-tech
Brian conveniences like online banking, online shopping and
Brian others. But that's OK where I come from, my telephone still
Brian works and I still dial around to place orders with the plastic,
Brian the banks are still issuing statements, the post office still
Brian sells stamps, yadda, yadda. I have yet to run into a
Brian transaction or an instance of passing out any other type of
Brian sensitive info which was stymied by doing it offline.

In some ways it's harder to do business offline these days, but just
as you can still use a pulse telephone without Touch-Tone, you can
still use the phone instead of the Internet.

Brian Depends on the tradeoffs you make between security and
Brian convenience, I've taken the easy way out of the whole endless
Brian computer security swamp.
=20
That is indeed one approach, and other than the blind spot I described
above, it's a perfectly reasonable and consistent approach. You can
still send all your Internet traffic over AX.25[1] and I can't, which
is also a plus for you. But I've got a versatile tool, a profitable
source of income, an engaging hobby, and a space heater all in one,
and that doesn't completely suck.

Jack Jack.

Brian w3rv

Jack (one of those paranoid computer security types)

Brian (ya done it to yerself Jack)

Of course, and I'm totally okay with it -- just issuing a disclaimer
to let folks know that my perspective, while reasonable and consistent
=2D From where I sit, may be completely insane from another's point of
view.=20

Jack.
[1] ObTopicalReference
=2D --=20
Jack Twilley
jmt at twilley dot org
http colon slash slash www dot twilley dot org slash tilde jmt slash
=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (FreeBSD)

iD8DBQFBJOHqGPFSfAB/ezgRAliCAJ928F5+DAa1FYNE15xHITf36NJHdACg+mXR
kOD6x00BbZuDwOSvgkhaK4o=3D
=3D3vLr
=2D----END PGP SIGNATURE-----

Jack Twilley wrote in message ...



It is interesting that your primary concern is to keep your
information secure -- that is indeed a very valid concern. The
approach you describe is the one that was followed at the defense
contractor where I started my career. It works very well for many
many cases and is "the right way" to handle most kinds of classified
information. However, there is a concern which isn't addressed by
your system, which is being a good Internet citizen and preventing
your computer from being used for Evil. You could care less if the
machine gets hacked, but if it gets hacked and used as an open proxy
for delivering spam or as part of a distributed denial of service
attack, your negligence leads directly to the economic losses of
others. That's something worth considering.

In this respect I do what everybody else with any common sense does. I
have Norton Anti-Virus up, running and current and I trash e-mail
attachemnts from folk I don't know as they come thru the gate. If
after that I'm still considered negligent then so be it.



Brian sells stamps, yadda, yadda. I have yet to run into a
Brian transaction or an instance of passing out any other type of
Brian sensitive info which was stymied by doing it offline.

In some ways it's harder to do business offline these days, but just
as you can still use a pulse telephone without Touch-Tone, you can
still use the phone instead of the Internet.

No question about it. I got along just ducky for my first 55 years
without the Internet and I expect to squeek thru a few more years
without some of it's conveniences.



Jack.

Brian w3rv

In article , Jack Twilley
writes:

"N2EY" == n2ey writes:

[...]

N2EY One caveat!

N2EY A lot of folks are setting up their own little wireless
N2EY networks. The stuff is becoming cheaper than the cable it
N2EY replaces!

And for good reason. In my new location, I'm terrified to drill
through the walls (it's an old *solid* house that predates cheap
sheetrock by decades) but I've no trouble using wireless.

There's also the portability issue.

N2EY But not enough folks understand the need to encrypt. Without
N2EY good encryption of your network, anybody can drive by with a
N2EY lapper and access your network - and your hard drives, etc. Your
N2EY internet firewall won't help because your network thinks the
N2EY invader is *inside* your network, not outside. You need for the
N2EY network itself to be encrypted.

If someone truly sets up their network in this manner, they are truly
running a serious risk, as you describe. I've just moved, so I have
to reinstall my network, and it will actually be set up with two
wireless access points: one for the "inside", which will be
MAC-restricted and locked down with WEP (until my operating system
fully supports TKIP in which case I'll go up to that protocol), and
one which is "outside" for any and all comers to sit in the nearby
park and reach the internet. No traffic goes to the inside from the
outside, and both sides can see the internet, so life is good.

Are WEP and TKIP sufficiently secure?

N2EY Where's my RJ-45 plugs?

Put some time and effort into understanding exactly how to make it all
work properly, and you'll find that you need fewer RJ-45 plugs.

HAW! Well said!

N2EY 73 de Jim, N2EY

Oh, and I get that you're not talking about setting up your own
network in the encryption-free manner in which you describe.

No way! If I ever do go wireless, it'll be encrypted for sure!

I'm just
trying to show that there are many good ways to make wireless work
such that you can be friendly to your neighbors while protecting your
assets.

Jack.
(one of those paranoid computer security types)

Just because you're paranoid doesn't mean nobody's out to get you...

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

"N2EY" == n2ey writes:

[... wireless is cheap and portable but needs to be secured ...]

Jack If someone truly sets up their network in this manner, they are
Jack truly running a serious risk, as you describe. I've just moved,
Jack so I have to reinstall my network, and it will actually be set
Jack up with two wireless access points: one for the "inside", which
Jack will be MAC-restricted and locked down with WEP (until my
Jack operating system fully supports TKIP in which case I'll go up to
Jack that protocol), and one which is "outside" for any and all
Jack comers to sit in the nearby park and reach the internet. No
Jack traffic goes to the inside from the outside, and both sides can
Jack see the internet, so life is good.

N2EY Are WEP and TKIP sufficiently secure?

For my purposes, they are. WEP is known to be breakable, and TKIP
hasn't yet been properly tested, but those are the link-level
encrypted layers. 95% of what I do is done through a VNC session
tunneled through SSH -- the combination of WEP/TKIP and SSH is such
that I'm comfortable typing my GPG passphrase over the link.

Jack.
- --
Jack Twilley
jmt at twilley dot org
http colon slash slash www dot twilley dot org slash tilde jmt slash
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (FreeBSD)

iD8DBQFBKoi+GPFSfAB/ezgRAsx9AKDK6xFnjYZ8U27Pg28NiU9/R0YGzQCgzKc9
Roj2Viq0ikK3biziUqByKSE=
=jRtj
-----END PGP SIGNATURE-----

In article , Jack Twilley
writes:

"N2EY" == n2ey writes:

[... wireless is cheap and portable but needs to be secured ...]

Jack If someone truly sets up their network in this manner, they are
Jack truly running a serious risk, as you describe. I've just moved,
Jack so I have to reinstall my network, and it will actually be set
Jack up with two wireless access points: one for the "inside", which
Jack will be MAC-restricted and locked down with WEP (until my
Jack operating system fully supports TKIP in which case I'll go up to
Jack that protocol), and one which is "outside" for any and all
Jack comers to sit in the nearby park and reach the internet. No
Jack traffic goes to the inside from the outside, and both sides can
Jack see the internet, so life is good.

N2EY Are WEP and TKIP sufficiently secure?

For my purposes, they are. WEP is known to be breakable, and TKIP
hasn't yet been properly tested, but those are the link-level
encrypted layers. 95% of what I do is done through a VNC session
tunneled through SSH -- the combination of WEP/TKIP and SSH is such
that I'm comfortable typing my GPG passphrase over the link.


Thanks for the advice, Jack. Will keep it in mind if I ever go to wireless
networking.

73 de Jim, N2EY