The core Internet protocols have not changed significantly in more than a decade, in spite of exponential growth in the number of Internet users and the speed of the fastest links. The requirements placed on the net are also changing, as digital convergence finally occurs.

Will the Internet cope gracefully with all this change, or are the cracks already beginning to show?

In this paper I examine how the Internet has coped with past challenges resulting in attempts to change the architecture and core protocols of the Internet.

Unfortunately, the recent history of failed architectural changes does not bode well. With this history in mind, I explore some of the challenges currently facing the Internet.

Why the Internet only just works

I want to propose a simple question. The end of the reign of mass media means the end of the reign of mass culture. People's interests become more diverse as they are able to access to wider array of things. Ultimately, this causes some disassembly of their shared sense of identity. People who have different identities tend to fight. Republicans and Democrats, Israelis and Palestinians... Hell, Americans and Canadians talk shit about each other, although I imagine people from Manitoba and North Dakota have more in common that either has with people from Georgia.

Is diversity the opposite of peace? Will the Internet bring an era of ever expanding conflict, some of it violent, among an ever expanding and complex milieu of identity groups?

Graduate student Kirsten Sterrett at the University of Colorado in the US wrote a thesis on fermentation in space, with support from US beer behemoth Coors. She sent a miniature brewing kit into orbit aboard a space shuttle several years ago and produced a few sips of beer.

This is a fun article.

Beer in space: A short but frothy history - space - 31 July 2007 - New Scientist Space

BS: I don't want to even think about how much C4 I can strap to my legs and walk through your magnetometers. Or search the Internet for "BeerBelly." It's a device you can strap to your chest to smuggle beer into stadiums, but you can also use it smuggle 40 ounces of dangerous liquid explosive onto planes. The magnetometer won't detect it. Your secondary screening wandings won't detect it. Why aren't you making us all take our shirts off? Will you have to find a printout of the webpage in some terrorist safe house? Or will someone actually have to try it? If that doesn't bother you, search the Internet for "cell phone gun."

I think they'd notice both of these things. Thats why you show your boarding pass to the guy on the other side of the magnetometer. He's not really looking at the boarding pass. Lots of interesting hyperlinks in this one though. Don't miss the Wine Rack. Ladies, now security screeners have an excuse for staring at your chest!

Schneier on Security: Conversation with Kip Hawley, TSA Administrator (Part 2)

Kip Hawley: Screening ideas are indeed thought up by the Office for Annoying Air Travelers and vetted through the Directorate for Confusion and Complexity, and then we review them to insure that there are sufficient unintended irritating consequences so that the blogosphere is constantly fueled.

He actually said that. The purpose of the TSA is to fuel the blogosphere. They annoy you with unreasonable travel regulations in order to get you to talk about it on the Internet, which helps drive ad revenue and ultimately leads to greater consumption of consumer products, which, of course, causes increased incomes, and therefore, tax revenue, which the TSA spends on new annoyances. Its called Keynesian economics, bitches!

Schneier on Security: Conversation with Kip Hawley, TSA Administrator (Part 1)

flynn23 says:

In PBS's epidose of Frontline entitled "Spying on the Home Front", a good primer is developed for anyone who is interested in just one example of how the executive branch has ram shod over the Constitution and used every IT trick in the book to help them do it. If you haven't seen this episode, you need to watch it and think long and hard about the next time you use a credit card, do a search online, or browse alt.binaries.pictures.preteen. If you are already up to date on this topic, I still suggest you watch the episode for some interesting interviews. There's even additional footage that should make up anyone's mind about whether Al Gonzales is a slimeball or not.

Ironically, I'm not in the infosec biz, not even tangentially, but I counted no less than three people in this program that I know personally. Cindy Cohn, from the EFF, who was very helpful to us at the Tennessee Digital Freedom Network when we resisted some MPAA injected legislation back in 2003. Jeff Jonas, who's now at IBM, but had developed some of the best pattern recognition software in the world which we've used in health care claims analysis. And my good ole friend Steve Bannerman, now at Narus, but formerly at Apple Computer back in the day. Such a small world, even more painfully obvious after watching this program.

I've been told to watch this. The first few seconds of the linked additional footage are apropos to the present Gonzales controversy. I'm not sure whether or not it means that Gonzales is a slimeball. What is seems to mean is that Comey was not talking about the Terrorist Surveillance Program. He was talking about some other program. Something so serious that a large number of DOJ officials were ready to resign over it.

Bin Laden is laughing and so am I

If you attempted to use the system most of today, you saw a message from me explaining that the system was broke...

Immediately after my earlier post explaining the situation with the OIDs Rattle and I leapt into action with a major overhaul of the database schema and software. Oh how this brought back memories of being an admin. Totally unexpected computer work when you're supposed to have the day off and you have to get it done before you can do anything else. Waiting on development systems to reload while sitting on a speaker phone.... that disconnected manner of teleconferences that span hours while work is getting done.... Random breaks to grab coffee, or dinner, without hanging up the phone... Your eyes getting heavy as you strain your ears to make out the details of the television news which the party on the other end of the line is using for background noise...

We got it done. About 200 lines of new code written and 650 modified. Rattle even managed to work a fix in for the redirection on login and some problems with creating a new account, and I cleaned up some annoyances with the circle interface.

MemeStreams is back. Thank you for your patience, and please let us know if you notice anything strange about the way the site works (or doesn't work) over the next few days.

Things should be back to working normally, and in some places a little better than normal.

Everyone will need to log into the system again. If there are any problems with login, let us know. Since we were trying to push this fix out as soon as possible, it's entirely possible bugs have been missed.

(Soon we'll fix the problem where you can't reply to your own posts. I hope to have that gone within a month.)

MemeStreams is OK again

For the next 4 1/2 hours I was interviewed about who exactly I am, why I am coming to the US, what the nature of my contract with Blackhat is, and why my trainings class is not performed by an American citizien. After 4 hours, it became clear that a decision had been reached that I was to be denied entry to the US, on the ground that since I am a private person conducting the trainings for Blackhat, I was essentially a Blackhat employee and would require an H1B visa to perform two days of trainings in the US.

U.S. Customs needs a 24/7 process where their agents can escallate a disagreement to someone who is not a complete fucking moron.

Halvar Flake tossed by U.S. Customs on way to BlackHat

This morning a few links popped up on MemeStreams that don't work if you click on them. You get an error message which says "I could not find the proper URL based on the OID. You may have reached this page due to an error."

We realize that this is a serious problem. Unfortunately, it is not a simple to fix and it is going to take time.

When we first started working on this project back in 2001 we were completely green at relational database design, and we made a poor decision, which was to use a feature of Postgresql called "OID" which at the time was defined as globally unique for an entire database. Unfortunately, the Postgres team later decided that this was impossible, and change the definition of OID. In newer versions of the database, which we are running due to numerous performance enhancements, OIDs aren't globally unique, or even unique to a table.

At this point, unfortunately, we had a hell of a lot of code invested in OIDs. We figured it would be a long, long time before OIDs would end up repeating in our database, and so we could wait to change all of that code. Unfortunately, today, OIDs appear to have started repeating in the blog table far in advance of when we thought this was likely, as this table only has 44,000 entries. There are about 500 references to OIDs in our code, and in order to fix this problem, we'll likely have to change them all.

This is going to require time from us, and hopefully patience from you.

A sampling:

Most of it doesn’t matter.

Waiting to do something until you can be sure of doing it exactly right means waiting for ever.

Trying to please other people is largely a futile activity.

Everything takes twice as long as you plan for and produces results about half as good as you hoped.

See also Augustine's Laws.

Things I wish I’d known when I was younger