Showing posts with label review. Show all posts
Showing posts with label review. Show all posts

Tuesday, November 1, 2016

A bit about RSS feed readers on Linux

I'm monitoring lot of sites using RSS so having a good RSS feed reader is mandatory for me. Once upon a time, I used Liferea but since I have a lots of RSS feeds with lots of posts I want to keep around, turned out that Liferea wasn't designed with scalability in mind. So, I decided to find anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r one. Web based readers are out of question, because I prefer desktop applications. Not to mention that locally I have lot of disk storage that I don't have to pay, while storage in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 cloud I would have to pay due to my heavy use of it.

After a search I settled on QuiteRSS. In cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 process I tried RSSOwl but I wasn't able to start it due to different XULRunner version on my Fedora. Besides, it turns out cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 last version of RSSOwl was released in December 2013, and isn't maintained any more. QuiteRSS was very good, but it turned out that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 bug in Webkit started to annoy me. So, I started to explore RSS feed readers again. Note that I have cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following requirements:
  • No Web application! I want desktop RSS feed reader with GUI interface. It would be nice, though, that I can synchronize it with a reader on a mobile phone!
  • I have a large number of feeds and keep a lot of new (that is unread :D) posts around. So, scalability is of paramount importance.
  • And last, but not least, nice looking and usable GUI. 
This brought me to three candidates: QuiteRSS, FeedReader and RSSGuard. I'll describe each of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m in a bit more details below. But before that, note that this is a live post, i.e. I'll still try all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 mentioned readers and update it with new experience. Also, I would like to hear you comments/sugestions, so if you have any, please leave a comment.

QuiteRSS

QuiteRSS is quite good and I'm using it all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 time. There is a homepage and GitHub development page. It has cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ability to tag posts, mark cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m as a read, etc.

It is interesting to look at QuiteRSS GitHub page. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following conclusions can be inferred:
  1. QuiteRSS is quite popular, 33 watches, 180 stars and 28 forks.
  2. QuiteRSS is basically in maintenance mode since cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is no substantial activity since 2014. From 2012 to 2014 development was very intensive.
  3. There are 212 open issues and 719 closed ones. I think that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are a lot of open issues but more thorough statistics has to be performed to know for certain.
The problems are cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following ones, from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 most important to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 least important ones:
  • You have to disable JavaScript because QuiteRss often freezes on some feeds while loading. It still freezes with some RSS feeds and if that happens some history is lost (read feeds, marked/tagged feds, etc).
  • If you accidentally click on a link to PDF file, QuiteRSS freezes!
  • Once I mistakenly selected cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 option "Mark all news read" which is irreversible. There is no confirmation dialog for such cases.
  • Some posts on GitHub are in Russian. That's a problem because not everyone is speaking Russion. ;)
  • It depends on Qt4 and Webkit4 that are not maintained any  more.

FeedReader

FeedReader is a interesting because it has two components, daemon and a front end. This is uniqe to ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r readers that bundle those functions togecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r into a single binary. You can read more about this reader on its homepage, and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is also GitHub development page. Looking at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Web page, it has a lots of features but I'm using only a few, if any at this stage. Take this into account while reading this review. Looking at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 GitHub page of FeedReader, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following conclusions can be inferred:
  1. FeedReader is somehow less popular than QuiteRss. It has 26 watches (against 33 for QuiteRss), 152 stars (against 180) and 6 forks (against 28).
  2. FeedReader is in active development, and all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 activity is concentrated in 2016 with some additional in 2015.
  3. There are 27 open issues and 197 closed ones. This is better ratio than for QuiteRss, but again more research has to be done!
First problem I had was while removing feeds. It was painful because it doesn't allow selection of multiple feeds or feed groups at once.

The next problem was that only two level hierarchy supported, while in QuiteRSS I have three level. So, importing OPML file with multiple levels will result in transforming everything into two layers.

While removing certain feed folders, some of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m kept coming back! Maybe cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 problem was that I right-clicked on a feed and selected delete but it was necessary to first left-click and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n right-click. Who will know...

RSS Guard

RSS Guard, as all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r feed readers mentioned above, has its GitHub development page. As for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 homepage, it uses Wiki on GitHub. Again, by looking into GitHub page, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following conclusions can be made:
  1. RSSGuard has 6 watches, 21 stars and 6 forks. This makes it cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 lowest ranked by popularity of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 three RSS readers reviewed here.
  2. RSSGuard is in development since 2013 with evenly spread development efforts. This probably means it isn't going to be finished soon.
  3. It has 11 open issues reported and 51 closed. Which isn't that bad.
So, some shortcomings from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 personal experience. It is a bit non-intuitive. It took me some time to realize that in order to import OPML file, first I have to create account. Anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r non-intuitive task was cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 process of importing itself. When you select OPML file and all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 feeds appear, you click OK, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n you have to click Close. First time I clicked twice OK and got all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 feeds imported twice!

It support multilevel feed organization, but it is not possible to fold certain feed groups, i.e. cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y are always unfolded! I finally realized that it is possible to fold a folder, you just need to click twice in order to fold/unfold it. But, this isn't something particularly intuitive, nor visible. Namely, if cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 folder is folded cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is no indication nor cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is indication that that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 folder can be folded.

When I click "Update all items" button in a toolbar, I expected that all feeds will be updated. But for some reason, that didn't happen.

Conclusion

Comparing development of each of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 proposed readers, it turns out that each one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m basically depends on a single developer and has its own pros and cons. In cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 end, I think that despite its shortcomings, QuiteRSS is still cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 best feed reader closely followed by FeedReader. If development activity of FeedReader continues with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same intensity, expect that it will become cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 best RSS among cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 three.

ChangeLog

  • 20161101 - Initial version


Sunday, December 13, 2015

Research paper: "Development of a Cyber Warfare Training Prototype for Current Simulations"

One of my research directions I'm taking is simulation of security incidents and cyber security conflicts.  So, I'm searching for research papers that present work about that particular topic and one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 paper "Development of a Cyber Warfare Training Prototype for Current Simulations". I found out for this paper via announcement made on SCADASEC mailing list. The interesting thing is that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 given paper couldn't be found on Google Scholar at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 time this post was written. Anyway, it was presented on Fall 2014 Simulation Interoperability Workshop organized by Simulation Interoperability Standards Organization (SISO). All papers presented on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Workshop are freely available on SISO Web pages. The given workshop is, according to papers presented, mainly oriented towards military applications of simulation. Note that cybersecurity simulations only started to appear but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 use of simulations in military are old thing.

Reading cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 paper Development of a Cyber Warfare Training Prototype for Current Simulations was valuable experience because I met for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first time a number of new terms specific to military domain. Also, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are references worth taking a look at, what I'm going to do.

In cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 end, I had cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following conclusions about cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 paper:
  1. The paper talks about integrating cyber domain into  existing combat simulation tools. So, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y are not interested in having a cybersecurity domain specific/isolated simulation tool. It might be extrapolated that this is based on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 US military requirements.
  2. When cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 authors talk about cyber warfare training what cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y are basically describing is a cyber attack on command and control (C&C) infrastructure used on a battlefield.
  3. The main contribution of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 paper is a description of requirements gacá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ring phase based on use cases (section 3) and proposed component that would allow implementation of proposed scenarios (section 4).

Wednesday, September 24, 2014

Anonymous paper reviews and threat of a legal action

I just stumbled on a news story in which scientist claims that his career was severely damaged by anonymous comments on some of his works published on PubPeer. This is very interesting story to follow for several reasons.

For a start, PubPeer is a site for a post publication review. I strongly support such a practice because I believe that everything has to be scrutinized and tested, and it helps authors who can get cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 best possible feedback, but also helps society in general, too because cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is ever increasing problem with scientific ethic. As a side note, I was, and I'm still a big proponent of doing review process in public. That, in my opinion, significantly increases transparency. Anyway, PubPeer fulfils my wishes, but unfortunately for me, it is only concerned with papers from medicine, chemistry and related fields, not from computer science.

In this particular case, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 problem is that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 author was offered a job on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 University of Mississippi, with quite a large annual salary, and for that purpose he quitted his current job. University cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n revoked cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 offer and so he lost both cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 new job, and his current job. Now, he claims that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 reason for this are some anonymous negative comments on PubPeer and threatens with a lawsuit asking for identities of those who made those negative claims.

While, as I said, it is very good to have such a site, it doesn't mean that everything should be allowed, more specifically:
  1. Any claims made have to be justified. Unfortunately, anonymity also allows people to make damaging or unjustified claims by being certain that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re will be no repercussions.
  2. Unfortunately, negative claim even if not justified casts doubts, so that might be a problem.
  3. In this particular case it is also unknown why cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 author didn't respond to presented claims about problems in his paper. PubPeer claims cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y invite first and last author to comment on comments.
  4. Finally, no one should take lightly claims about some paper being invalid, not good, etc. In this particular case, I hope that University of Mississippi verified negative claims and that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y didn't take lightly what some anonymous commenters said.
In any case, we'll see what will happen with this particular case.

Sunday, December 9, 2012

Few remarks on CS144...

I'm teaching computer networks for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 past 10 or so years, and during that time I got used to a certain approach in teaching this subject. But as I already noted in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 post about e2e design principle and middleboxes, I'm watching course Introduction to Computer Networks (CS144), given on Stanford university. The main reason being that I wanted to see how ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rs are doing it. While I was watching cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 part of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first lecture, What is Internet - 4 layers, I had some comments, so I decided to write a post about it. But cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n, I decided to comment on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 whole course, not just a single lecture. At least that is my intention at this moment.

One very important thing before I start. Note that every course has to simplify things and remove as much details as possible in order to make things "learnable". So, sometimes lecturers don't tell complete truth, or even cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y say something that isn't truth. This is acceptable as long as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y correct cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365mselves eventually. But because of this it means that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are many approaches to teach something, potentially very different, and I'm looking from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 viewpoint of one specific approach, namely cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 one I'm using. This, in turn, might mean that some, or even majority, will not agree with my comments on CS144 in this post. That's perfectly OK, but anyone reading this post should bear that in mind and not take things for granted!

What is Internet - 4 Layers

The purpose of this lecture is to teach you about layering in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 networks. This is a very important concept that is a mandatory knowledge for anyone doing anything that touches networking.

But cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are few things that I don't like in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 approach taken by CS144. First, more correctness problem than something major, is when cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 lecturer notes where particular layers are implemented. He doesn't give a complete information in this case because he says that everything below application layer is implemented in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 operating system. But, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 truth is that parts of "link layer" are implemented in hardware, which definitely isn't an operating system, and within firmware which also isn't part of an operating system. Also, where is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 line between hardware/firmware and operating system greatly varies. There are, for example, hardware accelerators for TCP, and in that case hardware/firmware reaches almost up to application layer.

Next, ISO/OSI RM is mentioned only briefly, and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 comment was "... that was widely used." It was introduced because network layer is frequently called Layer 3, while in model used in this course it is in layer 2. Before continuing, let me just note that Layer 2 is also frequently used, and Layer 7 (L7) isn't so rarely used, eicá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r. Anyway, first ISO/OSI has never been widely used for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 purpose it was created, unless you count bureaucratic work done within OSI, which is a lot of (bureaucratic) work! On cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r hand, it is widely used as a reference model, i.e. it is used to compare different networks. And also it is widely used when we try to be a general, not tied to a specific network. After all, Internet is only one instance of many ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r networks, past and future. Now, I agree that it is good policy cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se days to stick to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet when teaching basics of networking. But it should be clear that Internet isn't cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 only network around. If OSI did something right (well, truth to be told, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y did several things right), than it is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 stuff around network model (or architecture). Note that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are some things that are not right (e.g. number of layers), but in general it is very well thought subject. By cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 way, physical layer has much more to do than only wires and connectors, if nothing else because cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are three main ways of communication (wireless, wired and optical) and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are countless number of variations within each of those.

Now, when cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 lecturer compares cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 4 layer model he uses with ISO, he says that TCP covers transport and session layers of ISO/OSI RM. This is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first time ever that I heard that TCP covers session layer. This is based on his premise that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 purpose of session layer is connection establishment. But, that's simply not true. The purpose of session layer is management of multiple connections, which can degrade into a single connection and in that case session layer is very thin - in terms of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 functionality. On cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r hand, connection establishment for a single connection is part of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 specific protocol within transport layer (cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are of course those that don't have connection establishment). Take for example OSI transport protocol TP4 which has connection establishment, transfer and disconnect phases, just like TCP and OSI definitely places it in transport layer, not session layer!

Finally, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 lecture implies that layers are cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same thing as protocols, i.e. that transport layer is TCP. But, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 layer is just a concept, while TCP is an entity, implementation, that logically belongs to a certain layer.

What is Internet - IP Service Model

This lecture is about IP service, which, as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 lecturer says at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 beginning is what IP offers to layer above and what it expects from layer below. But I think that this lecture actually mixes services expected from layers below and above, with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 inner workings of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 IP that are invisible to higher/lower layers:
  • Packet fragmenting isn't visible outside of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 IP protocol because it is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 task of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 IP itself to defragment fragmented packets before handing data to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 protocol in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 layer above. Also, when IP fragmets packets cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 protocols in lower layers don't know, neicá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y care, if those are fragments or not. They are treated as opaque data by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 lower layer protocols.
  • Feature to prevent packets from looping forever is also internal mechanism to IP protocol, and not something that higher or lower layers should know or care about. True, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is ICMP message that informs sender that this happened, but as I said, it is not intended for ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r layers. If nothing else, because those layers don't determine cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 value of TTL field. It is a sole discretion of IP protocol itself.
  • Checksum in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 IP packet isn't used to prevent IP packet to be delivered to wrong destination. Let me cite RFC791 which says that:
    This checksum at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 internet level is intended to protect cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 internet header fields from transmission errors.
    So it is intended to protect header from errors, not to prevent deliver of IP packet to wrong destination. True, it might happen that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 error occurs in destination address and that, in that case, delivery is prevented but this is only a special case, a consequence, not something specifically targeted.
    Furcá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rmore, while I'm at checksum, it uses simple addition and thus it is a very weak protection mechanism. Actually, it was so useless, and also it was slowing routers, so it was removed in IPv6. By cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 way, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same version of checksum is equally useful in TCP.
  • Options within IPv4 are, again, specific to IPv4 protocol and not something offered as a service to higher layers.
I have to admit that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 bullet "Allows for a new versions of IP" totally confused me?

Next, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 definition of connectionless service is that no state is established in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 network. That is true, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 point is that it is not cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 feature of a service but of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 protocol operation, and thus protocols above (i.e. in higher layers) simply don't care about that. It is possible for some protocol to offer connection oriented service while operating over connectionless "subnetwork" (e.g. TCP over IP) as it is possible to offer connectionless service over connection oriented "subnetwork (e.g. IP over ATM). More about connectionless vs. connestion oriented you can read in my ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r post.

Note, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 term IP layer is somewhat wrong, or at least discussable  Namely, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is no IP layer but network layer in which one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 protocols is IP protocol. Now, I'm aware that many say IP layer so, if we assume that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 majority is right, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n I'm wrong. :)

Also, for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 end of this part it was interesting to see cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 mixed use of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 terms datagram and a packet. I'm almost always using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 term packet, rarely datagram, but I'll have to take a look at this more closely.

Anyway, could be that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 lectures of this course and I have different view on what "service model" is, but I didn't notice that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y defined what cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y mean by it, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y just started to explain service model of different protocols.

Now, while solving quizzes cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following questions surprised me:
  • An Internet router is allowed to drop packets when it has insufficient resources -- this is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 idea of "best effort" service. There can also be cases when resources are available (e.g., link capacity) but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 router drops cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 packet anyways. Which of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following are examples of scenarios where a router drops a packet even when it has sufficient resources?

    I thought that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 answer was a, c and d (corrupted packet). But, d was rejected.
  • In an alternative to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet Protocol called "ATM" proposed in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 1990s, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 source and destination address is replaced by a unique "flow" identifier that is dynamically created for each new end-to-end communication. Before cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 communication starts, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 flow identifier is added to each router along cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 path, to indicate cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 next hop, and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n removed when cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 communication is over. What are cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 consequences of this design choice?

    Here, I thought that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 answers are a and c. But apparently, a and d were accepted. Now, c says that  cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is a need for control entity to manage flow labels. Might be that I misunderstood "control entity", that it actually means something centralized. In that case probably I'm wrong. And d says cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is no more need for transport layer. I would like to hear some arguments for that. Anyway, I'll have to read a bit more details about ATM, after all.

What is internet - TCP UDP

This video starts with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 introduction in which cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following sentence is stated: ... two different transport layer services, one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m is TCP and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r is UDP. The problem is that TCP and UDP are not services but protocols that offer some service.

"TCP is an example of transport layer". As I said, TCP is protocol, not a layer!

I wouldn't say that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 property "stream of bytes" means that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 bytes will be delivered in order. That's more cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 property of reliability. What "stream of bytes" means, in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 case of TCP, is that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is no concept of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 message and message boundaries. So, if cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 application sends two times 500 octets, it can be delivered on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r end in one go of 1000 octets, in three rounds, etc.

Source port isn't only used so that TCP knows where to send back data, but also for receiving entity to know how to demultiplex incoming TCP segment. Namely, every connection is uniquely identified by a four tuple (IP src addr, src port, IP dst addr, dst addr) and so source port is used for demultiplexing.

Checksum in TCP is quite weak, as I already argued, so it is not particularly good mechanism for detecting errors.

It is possible that TCP connection is closed in three exchanges, but could be that this will be explained later.

What is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet - ICMP

I have to admit that placing ICMP in transport layer is quite a novel approach to layering Internet protocols. The lecturer says that strictly speaking it uses IP and thus it belongs to transport layer. The truth is that it is far from clear where this protocol is, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 point is that when you place protocols in different layers it is not only what cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 protocol uses, but also what it offers and for what it is used - with respect to layer functionality. So, when we talk about ICMP, it doesn't offer services to layer above, that would be application layer, but it doesn't offer services to transport layer, eicá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r. Also, transport layer offers end-to-end communication services to application layer. Note that ICMP, on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r hand, allows communication of network layer entities (IP protocols) between any two nodes within cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 network. It is produced and consumed by IP protocol implemenations.

Two additional things have to be clarified that someone might take out now and counter argument me. First, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are applications that use ICMP, ping and traceroute. The truth is that ICMP actually was never designed to be used by applications, neicá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r ping nor traceroute (especially not traceroute, search for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 word "jelaous" on this page, its an interesting story). It just turned out that something can be used for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 purpose not intended initially and so we now have those applications. But, I think that ping and traceroute access directly network layer, that is ICMP.

The second thing that someone might use to say that ICMP isn't in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 network layer is OSPF. Namely, OSPF uses directly IP for a transfer service, not UDP nor TCP. So, someone might say that by placing ICMP into cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 network layer I'm placing OSPF to network layer too. There are those that think that OSPF is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re. But, I think that OSPF is in application layer, along with ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r routing protocols. And that is for two reasons:
  1. Routing protocols communicate from end-to-end. It doesn't matter that "end" in this case might be, and is, a network router somewhere within cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 network, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 point is that OSPF application treats that as intended destionations, ends. With ICMP, any node might - for example - drop a packet and generate Time Exceeded message. Note that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 node generating error message isn't an end point of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 communication!
  2. The functionality of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 protocols is vastly different. And not only that, but also who is consuming cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 packets. ICMP is consumed, and generated, by IP protocol. (minus ping/traceroute for whom I already said that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y are a special cases). OSPF on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r hand, is quite a complex protocol and IP protocol directly hands data to OSPF application process. IP doesn't consume those messages, neicá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r it produces cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m.
So, I think OSPF is in application layer, while ICMP is in top part of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 network layer.

Additionally, let me return to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 lecture slides. Slide number 3 shows data for ICMP coming from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 application. It's not true, data comes from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 network layer itself, and ping and traceroute are misusing layering.

On slide 5 ICMP is treated as a network protocol in a sense like IP is. But I think that it's misleading. This actually leads me to one more argument why ICMP belongs to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 network layer. Namely, ICMP doesn't have any separate implementation, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is no ICMP module within an operating system. There is IP module (protocol implementation) that produces and consumes ICMP messages.

Ok, so much about that lecture. Finally, when I was trying to solve quizzes, I had a problem with a first question: Which of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following statements are true about cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ICMP service model? The offered answers were:
  1. ICMP messages are typically used to diagnose network problems. This is true, but it's not service model.
  2. Some routers would prioritize ICMP messages over ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r packets. This one isn' true. The routers treat ICMP messages as any ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r message (unless specifically configured to do so).
  3. ICMP messages are useless, since cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y do not transport actual data. ICMP is definitely not useless.
  4. ICMP messages can be maliciously used to scan a network and identify network devices. Yes, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y can, but it's not a service model what this question asks.
  5. ICMP messages are reliably transmitted over cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet. They are transferred in IP which is unreliable.
After trial and error it turned out that b is also true!? But cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n again, I can say that I made mistake because I didn't read that "some would" prioritize, which could be true, and "would" doesn't mean it is necessarily so. Huh, I hate when someone plays with words.

Ok, I'll stop here because this post is brewing for too long, and as I'm having much ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r work to do, it will take time until I watch all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 lectures. Not to mention that it becomes quite large. So, I decided to publish this, and expect new posts eventually...

Sunday, October 28, 2012

Research paper: "Before We Knew It..."

The paper I'll comment in this post was presented on ACM's Conference on Computer and Communications Security held on Oct. 16-18, 2012. The paper tries to answer cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following question: How long, on average, does zero-day attack last before it is publicly disclosed? This is one of those questions, which when you see cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m are so obvious, but for some strange reason cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y didn't occur to you. And what's more, no one else didn't try to tackle cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m! In cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same time this is a very important question from security defense perspective!

Anyway, having an idea is one thing, to realize it is completely anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r. And in this paper, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 authors did both very well! In short, it is an excellent paper with a lot of information to digest! So, I strongly recommend anyone who's in security field to study it carefully. I'll put here some notes what I found novel and/or interesting while I was reading it. Note that for someone else, something else in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 paper may be interesting or novel, and thus this post is definitely not replacement for reading cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 paper yourself. Also, if you search a bit on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet you'll find that ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rs also covered this paper.

Contributions

The contributions of this paper are:
  • Analysis of dynamics and characteristics of zero-day attacks, i.e. how long it takes before zero-day attacks are discovered, how many hosts are targeted, etc.
  • A method to detect zero-day attacks based by correlating anti-virus signatures of malicious code that exploits certain vulnerabilities with a database of binary file downloads across 11 million hosts on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet.
  • Analysis of impact of vulnerability disclosure on number of attacks and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir variations. In ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r words, what happens when new vulnerability is disclosed, how exactly does that impact number and variations of attacks.
Findings and implications

The key finding of this research is that zero day attacks are discovered, on average, 312 days after cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y first appeared. But in one case it took 30 months to discover cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 vulnerability that was exploited. Next finding is that zero day attacks, by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365mselves, are quite targeted. There are of course exceptions, but majority of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m hit only several hosts. Next, after vulnerability is disclosed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is a surge of new variants of exploits as well as number of attacks. The number of attacks can be five orders of magnitude higher after cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y've been disclosed than before.

During cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir study, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 authors found 11 not previously known zero-day attacks. But be careful, it isn't a statement that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y found vulnerabilities now previously known. It means cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are known vulnerabilities, but up to this point (i.e. this research) it wasn't know that those vulnerabilities were used for zero-day attacks.

So, here is my interpretation of implications of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se findings. This means that currently cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are at least dozen exploits in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 wild no one is aware of. So, if you are a high profile company, this means that you are in a serious trouble. Now, as usual, everything depends on many things are you, or will you, be attacked. Next, when cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is a disclosure of a vulnerability and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is no patch available, you have to be very careful because at that point cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is a surge of attacks.

Wednesday, July 18, 2012

Research paper: "Lessons from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 PSTN for Dependable Computing"

I came across this paper while reading about self-healing systems. The authors of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 paper (Enriquez, Brown, Patterson) are doing analysis of FCC disruption reports in order to find out cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 causes of faults in PSTN. Additionally, PSTN is large and complex networks and certainly experiences from maintaining this network can help a lot in maintaining Internet infrastrcture.

I'll emphasize cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following key points from this paper that I find interesting:
  • PSTN operators are required to fill disruption report when 30,000 people are affected and/or cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 disruption is longer than 30 minutes. There is a screen shot of report in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 paper, even though it probably can be downloaded from FCC site. But, it seems that reports cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365mselves are not publicly available?
  • They analyzed reports from year 2000. There is a reference in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 paper with older, similar, analysis.
  • They used three metrics for comparison: number of outages, customer minutes and blocked calls. Number of outages is a simple count of outages, customer minutes is a multiplication of duration and total number of customers affected (disregarding cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 fact if cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y tried to make a call during disruption). Finally, blocked calls is a multiplication of duration and number of customers that really tried to make a call during disruption.
  • The prevailing cause of disruption is human error, more than 50% in any case. Human error is furcá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r subdivided into those made by persons affiliated in some way with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 operator and those that are not. Those affiliated with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 operator are cause of a larger number of disruptions.

About Me

scientist, consultant, security specialist, networking guy, system administrator, philosopher ;)

Blog Archive