A coworker sent me a link to RFC 1375, Suggestion for New Classes of IP Addresses, where a few new series of address space are broken out to handle /30’s and such. Compare this to CIDR, where we finally treat IP addresses as a 32 bit integer and move completely classless. What would the Internet look like today if we’d have chosen to stay classful?

For those interested in the stuff, here are a couple of good papers/reports about address space:

IPv4 - How long have we got?
The CIDR Report. Who’s abusing the system? I check here every so often to make sure my AS doesn’t inadvertantly show up!

$699 for a uniprocessor licence? No way.

Sean

Even though I live in the socialist haven of Canada, I’m a strong believer in the free market.

If it is true that SCO has a right to charge licencing fees on Linux, then the SCOX market capitalization should include both the value of SCO and the “value” of Linux.

Today, the market cap is almost $160M. Before the whole fiasco hit, it was at less than $30M.

So, a gain of $130M is likely the value the market is assigning to SCO’s holding in Linux (assuming SCO hasn’t done anything drastic to increase their value otherwise in the same period). One way of looking at it would be the percentage chance of success times the value of the trademarks. That is, if (for sake of argument), the market sees the value of Linux as $1.3 billion, and SCO having a 10% chance of succeeding, then the value of SCO should increase $130M.

Now, I think the value of the right to licence Linux is worth a fair bit, at least into the $1.5B area, which would correspond to the market thinking there is a ~10% chance that SCO is right.

Just thinking out loud.

Still a work in progress, but I’ve joined the BlogRoll. Took a bit of work to get the BlogRoll plugin going, though. As it turns out the line

$$html .= "
".$site->{title}."
\n";

should really have been

$$html .= "
".$site->{title}."
\n";

(Note that the url tag changed). Special thanks to the Data::Dumper module for helping me find that one.

The output looks hideous, and since I know perl way better than I know CSS, I’ll be tweaking that instead.

Just a question to the MT & Blogroll elite… What do you use for integrating blogroll? I’ve seen much nicer implementations (such as Tony’s page)

Blogroll Me!

Off to clean the room.

Sean

“Solution” is a strong word, but what can we do to reduce spam? Craig from Securely Speaking asked if using a public list of open relays as input to a firewall ACL was a good idea? I think not, but what is?

One of the problems with reducing spam is determining the identity of the sender. SMTP provides no security, the message from president@whitehouse.gov could just as easily be coming from the president as it could be from a viagra dealer.

Most spam is sent through open relays, that is, a mail server that is misconfigured such that anyone can send email through it. This makes it more difficult to trace the source of spam. There are various projects to track these things, but ultimately, it doesn’t solve the problem.

No, the solution resides either with the recipients of the email, or their email server.

Fax effect: The value of a technology/item becomes greater as more people adopt it.

The idea here is to make the solution work only when both sides implement the technology. Just like the humble fax machine, if you want to receive faxes, you must have a fax machine yourself.

So, I present two possible solutions:

The first is to authenticate the MTA-MTA communication. Each MTA has a certificate signed by a Certificate Authority that states the name of the operator. Messages from a signed MTA are not spam. Anything else is suspect.

Here’s how sendmail does it

Certificates can either be issued by the existing CAs, or by a new CA for this specific purpose. ISPs can then sign customer certificates with their keys, which would help to reducing the cost.

The idea behind certificates is to assign responsibility of an MTA to a person or business. If spam is received from an MTA, there is someone that can be held accountable.

The second idea is simpler, but not as effective. Encrypt and sign your email using something like GnuPG. (I gave a presentation on this a while ago)

As more people encrypt their email, anything that isn’t encrypted can be considered suspect (the side effect of privacy is of course, a bonus). With the web of trust, there is no need for a CA, so this option is free. However, this only works per user, rather than per site as the first option.

Stopping spam will only happen when we become more careful about who we communicate with, and establish a system for verifying identities.

Sean

Pretty painless… Not so sure how much I like this Bluecurve, but hey, this is Linux, I can change it if I want.

Tony’s latest post has me wondering about that world of online Linux content. My newsletter was cancelled by Cramsession three months ago, and now Tony’s. I’m no longer aware of any Linux newsletters that provide solid information and tutorials. Most of the ones that I’ve seen (and have, for the most part, unsubscribed from) are a couple of paragraphs of information, a few links, and that’s that.

Is it Linux in particular, or is this a trend in the email newsletter business? If it’s Linux, then why? If it’s newsletters, then what next?

After deciding not to fill out the surveys to keep my Red Hat Network subscription active, I decided “What the hell?” and did it. Oh well.

Take a peek at this article for more information on how the scheduler works, and the improvements coming in 2.6. Even if you’re not a programmer, it’s an interesting bit of information to know.

Here is an article on encrypted file systems in both NT and Linux. It has actual implementation details, so if you want to create an encrypted partition, here’s the place.

Red Hat 9 is out. Am I running it? No. I can’t even download it.

Normally this is to be expected, it’s the first day. But Red Hat has been on a big campaign – “Become a RHN subscriber and get it a week early!” Now, yours truly isn’t an idiot and wouldn’t think about paying $60US to get RH 9 a week earlier than he could download it for free, but the gist of the marketing campaign seemed to be at people who would (not that the $60 isn’t worth it for patch management service, but that wasn’t mentioned in the emails).

Since we use a fair bit of Red Hat at work, our boxen are on RHN meaning I can access RH9 early. I try at 6:40AM CST today, and get a notice that “RHN is currently down”. I get to work around 7:50CST and I can’t even get in to RHN. A little over an hour later and I’m in, but downloading the images is pathetically slow (according to the time projections, I’d be able to get it off a mirror before it finished). Part of the problem seems to be that the url is an HTTPS one, which is fixed a couple of hours later.

Two things piss me off here. The first is that Red Hat hyped up the “instant ISO” part of RHN in preparation for this rollout, and it fell flat on its nose. If I’d have paid $60 in anticipation of having RH 9 a week early, I’d be furious.

Secondly, for those of us who use RHN to keep our boxes in shape, if a major patch had come out at the same time, there’s no way I’d get it rolled out. The RHN interface has been either unavailable or absurdly slow, not to mention download speeds.

Red Hat’s Instant ISO page tells you how to use curl to download the image, even saying that you can do download resumptions. It works, but the URL you get is time limited. You can’t just push “up” and hit enter, instead you have to go back to RHN, log in, and get the new url.

I’ve been a staunch supporter of Red Hat for a while, but it won’t take many more of these incidents to make me find a new favourite for my boxes, and my wallet.