PDA

View Full Version : All Laptop? Why not!



mugaliens
2008-Sep-06, 06:09 PM
In the past I've suggested that using your laptop in lieu of a desktop is is about as briliant as towing your boat with your Harley. At the time, I had some pretty good reasons:

1. A laptop isn't designed for full-time use. Everything from it's hard drives, it's DVD/CD drive, and its tiny little fan are all designed for limited-duty use. Constant use will wear them out!

2. The screen is too small.

3. The keyboard is too small and the number pad is (usually) integrated into the keyboard. Just when you thought you'd mastered touch-typing...

4. Using the touchpad in lieu of a mouse is about as elegant as using a candle in lieu of a laser pointer.

5. The hard drive is puny, and slow. It has to be - it's a laptop, and it needs to conserve energy. Besides, cramming your storage into such a small space limits how much you can store.

6. The CPU and RAM are artificially slow to conserve your battery.

7. It's too expensive. That portability costs money, and you just can't get maximum performance from a laptop. Even a same-performance laptop would cost way more than a corresponding desktop.

Well, that's what I thought seven years ago, and I've been carrying around that list in my mental back pocket every since.

Then, something wonderful happened. My desktop system crashed.

I've built systems for years, so I began to fix it, but it was toast, and the two fixes I tried made me realize the bottlenecks would limit whatever I installed, unless I did a sweeping upgrade.

So, I began lining up mobos, power supplies, CPUs, RAM, GPUs and other components using my laptop, into which I'd plugged my monitor, keyboard and mouse.

Wow. 1920x1200x32 looked fantastic on my 22" widescreen monitor. I was using the same keyboard and mouse as always. My laptop, which I'd relegated to Saturday morning use at the coffeeshop, or watching DVDs while flying across the pond, took on new life.

Curious, I broke out the docking station I'd bought with my laptop a year ago, fiddled with some power management settings, hooked the docking station's S/PDIF jack into my hecto-watt 5.1 audio, and enjoyed a movie. Out of curiosity, I loaded a reasonably recent game and fired that up, too.

Admittedly, it was a few years newer than the desktop that I'd been using. But it was still way better. And it cost less. And it was portable.

I realized something: Laptops have come a long way since I wrote those first 7 objections.

First of all, Intel's SpeedStep technology has been around for several years. What this does is reduce the load on the processor unless it really needs some horsepower. When that happens, the processor simply churns out what it needs, and goes back into a minimal mode. Second, the graphics out isn't limited to the laptop's LCD resolution. Mine does 2048x1536, which is more than I can say for my new widescreen monitor.

And I have yet to hear that pesky fan turn on...

Does this mean I'm giving up my search for a well-optimized gaming platform to replace my most dead desktop? Not necessarily, although the urgency I felt is gone. I've got a terabyte storage unit plugged into the docking station, so my ripped multimedia is right there where I left it. If I'm going on the road I can copy a couple of movies and a dozen CDs to my laptop without taking a serious chunk out of it. My two printers and my scanner are all online, as is my Bamboo graphics tablet.

And sitting next to me, on a chair, is the opened carcass of my Antec case, cables hanging out, with an empty space where the now-defunct mobo used to sit.

Who needs a desktop?

What that's designed to do is to mimize power use until it's actually required. The benefit for a laptop which is used full-time, as both a laptop as well as a desktop replacement, is that the power efficiency is still there, which reduces heat buildup in the laptop. That becomes important in a minute.

The other major source of heat in a laptop is it's battery charging system. When your recharging your battery all the time, even just keeping it "topped off," it creates heat, which causes the fan to spin...

Modern laptops use only what it really needs, including hard drives, processor, and it's fan. When it doesn't need them, they're off, conserving power, as well as their longevity.

In short, evaluate your needs. If you can find a laptop+docking station combo which meets or exceeds your needs while remaining within your budget, you might consider going all-laptop. Not only can you take your home desktop with you in this way, but on those trips when you don't want to, when you leave it behind, you can always lock your laptop up in a safe, or drop it off at a trusted neighbors', for safe-keeping.

nauthiz
2008-Sep-06, 06:27 PM
If you can find a laptop+docking station combo. . .
Do they even make docking stations anymore? I thought that technology had been rendered obsolete by the adoption of PCMCIA, USB, and FireWire.


Anyway, I think for most of us who don't play video games, the only practical advantage of a desktop over a laptop is price. The performance benefit fails to impress, as computers are now fast enough that the practical difference tends to be something along the lines of "Quicken took 300ms to generate this report instead of 500ms," which isn't the kind of thing I think most people would ever even notice. And for those of us who do have a very compelling reason to have a laptop, even the price advantage is not really there: why spend the extra money to have two computers if you only need one?

ravens_cry
2008-Sep-06, 06:30 PM
One problem that may give guys reason to pause, especially if your in the habit of using a laptop on your lap, is that the waste heat emitted kills sperm when in that position.

nauthiz
2008-Sep-06, 06:50 PM
One problem that may give guys reason to pause, especially if your in the habit of using a laptop on your lap, is that the waste heat emitted kills sperm when in that position.

So maybe you put the laptop on a table or desk while you're working with it. I don't think that's such a big issue. It's not like you could have put the desktop on your lap if you had bought it instead.

ravens_cry
2008-Sep-06, 06:55 PM
I did say if your in the habit of using it on your lap.It is called a laptop after all, not a desktop. It isn't a big issue, it's just something to think about.

hhEb09'1
2008-Sep-06, 07:01 PM
For the last two years, all (700) the kids in our school have had tablets. Sure, there're problems... :)

tdvance
2008-Sep-06, 07:01 PM
I think the 7 reasons are still valid. Yep, there are cheap laptops, but they don't compare with a decent desktop. Even a moderately-expensive laptop is slow and hard to upgrade. I've yet to see a laptop that matches my desktop's 30in widescreen. It's not easy to find one with 2TB of disk drives like my desktop either.

My $2000 laptop, which I use mainly for traveling or astronomy, has some Intel graphics chip that is not compatible with lots of applications (e.g. Starry Night works with the chip's OpenGL mode, but with rendering errors--and not to mention it runs painfully slowly where you click and wait 15 seconds to see the screen move--and that's with a 3GHZ processor--I think micro disk drive speed is a large part of the problem).

No--a desktop gives you the computing power, and a laptop is useful only for portability.

eric_marsh
2008-Sep-06, 07:30 PM
It really depends on how much performance you need.

The machine I'm using as I type this is a 17" MacBook Pro with 2.5ghz Core 2 Duo processor, 250gb drive, 4gb ram, 1920 x 1200 pixel resolution, built in cam. Specs are at http://www.apple.com/macbookpro/specs.html.

Sounds pretty good. This was (when I bought it a few months ago) Apple's high end Laptop. I find it adequate to meet my computing requirements.

But what, in comparison, is the top end of Apple's desktop machines?

Up to four dual core of 3.2 ghz Xeon processors, 4 1tb drives, 32gb of ram, and a 30 inch display. http://www.apple.com/macpro/specs.html

So in comparison my laptop is a truly wimpy machine.

So again, the real question is, how much computer do you really need?

hhEb09'1
2008-Sep-06, 07:41 PM
It really depends on how much performance you need.Exactly. The OP may have topped out, but for instance, tdvance has not.

I've worked on problems for which even desktops are not yet sufficient. :)

tdvance
2008-Sep-06, 08:17 PM
Easy to do, actually--my project team was designing a chip a few years ago, and the "floor planning" software (the "floor" being the chip--it find ways to route connections of transistors while minimizing the number of crossings and keeping the "longest line" from being too long--since light speed is about a foot per nanosecond, every foot a signal has to travel is a wasted nanosecond) ran all day on a Sun Enterprise server (even on a Cray it would take some time) to find an "almost optimal" solution (since finding an optimal solution is probably NP hard and we don't have the age of the universe to wait for an answer--not a joke, an understatement actually).

pumpkinpie
2008-Sep-06, 10:03 PM
I did say if your in the habit of using it on your lap.It is called a laptop after all, not a desktop. It isn't a big issue, it's just something to think about.
More and more recently I've been hearing them called notebooks.

TrAI
2008-Sep-06, 11:00 PM
Do they even make docking stations anymore? I thought that technology had been rendered obsolete by the adoption of PCMCIA, USB, and FireWire.
...

Well, the real point of having a docking station is that it is easier to switch between portable and stationary use for people that use the portable as a desktop replacement, one button to release, drop in to connect. Without one you may have to plug in a lot of cables and devices, and perhaps switch profiles manualy. Personaly I have a docking station for my tablet machine, though usualy I only have an external mouse and CD-drive connected to it. But my primary computer is a portable too.


I think the 7 reasons are still valid. Yep, there are cheap laptops, but they don't compare with a decent desktop. Even a moderately-expensive laptop is slow and hard to upgrade. I've yet to see a laptop that matches my desktop's 30in widescreen. It's not easy to find one with 2TB of disk drives like my desktop either.

Hmmm... Of course, you could have 2 TB on a network or external drive. In my experience what people use big disks for is their video and audio collections, not for software, so really it isn't as big a problem as it may seem at first glance.

As for a big screen, the way I see it is that for most people it would be a waste of money to buy a good 30 inch screen and the hardware to use it, the 17 to 20 inch screens on desktop replacements is quite good for most uses. Most people will not organize screen area so that a large screen area pays of, but just maximize their applications and switch between them.


More and more recently I've been hearing them called notebooks.

Well, if it is called laptop and someone get burned by having it in his or her lap, it would be an added point in the favor of the claimant in court...

sarongsong
2008-Sep-06, 11:06 PM
...[Objection#] 2. The screen is too small...Laptops have come a long way since I wrote those first 7 objections...the graphics out isn't limited to the laptop's LCD resolution...Yes, the new screen technology is the big breakthrough tipping-point for me.

cjl
2008-Sep-07, 01:10 AM
My $2000 laptop, which I use mainly for traveling or astronomy, has some Intel graphics chip that is not compatible with lots of applications (e.g. Starry Night works with the chip's OpenGL mode, but with rendering errors--and not to mention it runs painfully slowly where you click and wait 15 seconds to see the screen move--and that's with a 3GHZ processor--I think micro disk drive speed is a large part of the problem).

No--a desktop gives you the computing power, and a laptop is useful only for portability.
I doubt that the speed problems have anything to do with the HDD - instead, it is entirely due to the Intel GMA (which are complete garbage). Most $2000 laptops come with significantly upgraded graphics, which will run circles around the intel integrated graphics.

tdvance
2008-Sep-07, 02:35 AM
I do have the Intel graphics adapter in the laptop--and I agree it's garbage, but I only know that after I got the laptop! Now the nVidia 8800Ultra in my desktop is pretty good--except I still get Timeout Detection Errors sometimes--and it seems to happen soon after a Windows Update and before the subsequent nVidia driver update.

As for "laptop is good enough"--this is for those who know what NP complete means: I attended an informal talk (10 people in audience) by a guy advocating all laptops for everybody at work, and no other computer. He said our dependence on the cray was a symptom of not wanting to optimize code.

I had to explain to him about NP complete problems....but didn't get through to him. He was sure that, say, the Graph Isomorphism Problem could be solved by writing tighter code. Gee--if he were right, actually our cryptography would be useless.

crosscountry
2008-Sep-07, 04:31 AM
I haven't turned on my desktop but once since moving in December. And that was just to connect to the network. Labtop all the way. I'm not sure if I could go back again.

Keys
2008-Sep-07, 05:24 AM
One problem that may give guys reason to pause, especially if your in the habit of using a laptop on your lap, is that the waste heat emitted kills sperm when in that position.

I don't think it is a good idea to rely on this form of birth control.

TrAI
2008-Sep-07, 05:39 AM
I do have the Intel graphics adapter in the laptop--and I agree it's garbage, but I only know that after I got the laptop! Now the nVidia 8800Ultra in my desktop is pretty good--except I still get Timeout Detection Errors sometimes--and it seems to happen soon after a Windows Update and before the subsequent nVidia driver update.

Actually, the Intel chipset is not garbage, it does it's job, but it isn't good for heavy 3d. I would think thats why more powerful portables often have Nvidia or ATI GPUs.


As for "laptop is good enough"--this is for those who know what NP complete means: I attended an informal talk (10 people in audience) by a guy advocating all laptops for everybody at work, and no other computer. He said our dependence on the cray was a symptom of not wanting to optimize code.

I had to explain to him about NP complete problems....but didn't get through to him. He was sure that, say, the Graph Isomorphism Problem could be solved by writing tighter code. Gee--if he were right, actually our cryptography would be useless.

It is an amusing anecdote, but isn't it a bit like trying to win a discussion of the comperative merits of a an SUV and a smaller car in favor of the SUV by saying that a train can move more stuff than the smaller car?

There is no one true solution to the issue we are discussing, but a Cray is the solution to another problem. You are hardly going to have a Cray at home, and I doubt that people would find it a good personal computer...

hhEb09'1
2008-Sep-07, 11:22 AM
As for "laptop is good enough"--this is for those who know what NP complete means: I attended an informal talk (10 people in audience) by a guy advocating all laptops for everybody at work, and no other computer. He said our dependence on the cray was a symptom of not wanting to optimize code.

I had to explain to him about NP complete problems....but didn't get through to him. He was sure that, say, the Graph Isomorphism Problem could be solved by writing tighter code. Gee--if he were right, actually our cryptography would be useless.To be fair, we're probably not going to solve NP complete problems on anything :)

eric_marsh
2008-Sep-07, 02:47 PM
I did say if your in the habit of using it on your lap.It is called a laptop after all, not a desktop. It isn't a big issue, it's just something to think about.

My wife was starting to develop a skin discoloration because of the constant heat of her MacBook on her lap. You can purchase heat barrier pads and we have but these machines really are becoming less suitable for laptop use. I think that's why the name change to notebook.

crosscountry
2008-Sep-07, 02:57 PM
the heat sure does get to me sometimes. I try to put it to my side when not actually typing.

Moose
2008-Sep-07, 07:00 PM
Chipset makers have done well closing the performance gaps between desktop and laptop computers, but they're not yet equivalent by any stretch.

A laptop driving a docking station setup (with optimal keyboard, mouse, and screen(s), for whatever value of optimal applies to you) can generally be considered equivalent to a desktop setup for typical everyday tasks: document editing, multimedia, internet use, email, etc.

tdvance has already pointed out where a laptop can't remotely be considered equivalent to specialized parallel processing hardware like a Cray, or even older high-end rendering equipment of the kind on which SGI built its reputation.

But sticking to the desktop vs laptop comparison for now, I've noticed that the laptop hard drives I'd encountered (5-10 years ago, grain of salt) appeared to perform poorly when handling massive numbers of small files, something standard IDE drives have always done quite well.

Also, while it's true that laptop heat dissipation isn't the issue it once was, throw in high-end graphics hardware (rather than that embedded crap SiS and Intel put out) and a GPU-intensive game, and you'll begin to discover why a real gaming rig (built into a roomy full tower with a good airflow design) is preferable for reliability under load.

mugaliens
2008-Sep-07, 08:21 PM
Do they even make docking stations anymore?

Yes - I'm using one now, as I mentioned in the OP.


I thought that technology had been rendered obsolete by the adoption of PCMCIA, USB, and FireWire.

If you routinely used your laptop as both a laptop and desktop replacement, which would you rather do - unplug one connector, or unplug five or more? (keyboard, mouse, monitor, printer (scanner, graphics tablet, other printer, joystick, webcam (laptop has one built-in, but the lid's closed when it's docked)).


...for those of us who do have a very compelling reason to have a laptop, even the price advantage is not really there: why spend the extra money to have two computers if you only need one?

I'm beginning to agree.


One problem that may give guys reason to pause, especially if your in the habit of using a laptop on your lap, is that the waste heat emitted kills sperm when in that position.

The setup was for a docking station, but thanks for the hot tip...


For the last two years, all (700) the kids in our school have had tablets.

Desktop prices for your "average" system have remained relatively steady over the last five years, while laptop prices have dropped. This probably explains the decline in desktop sales and the rise in laptop sales.


I think the 7 reasons are still valid. Yep, there are cheap laptops, but they don't compare with a decent desktop. Even a moderately-expensive laptop is slow and hard to upgrade. I've yet to see a laptop that matches my desktop's 30in widescreen. It's not easy to find one with 2TB of disk drives like my desktop either.

My $2000 laptop...

I'm typing this on a one year old sub-$1000 laptop, and earlier this evening I loaded MS FS IV, and had loads of fun at 1920x1200 resolution on my 22" widescreen (it's separate from my laptop - I could just as easily have plugged in your 30" widescreen).

My one year old laptop has a 1 GHz Core 2 duo and 2 GB RAM. I checked HP's website yesterday and for the same price I can get a 2.6 GHz Core 2 duo and 3 GB RAM.


No--a desktop gives you the computing power, and a laptop is useful only for portability.

Perhaps you ought to try a different vendor? :shifty:


More and more recently I've been hearing them called notebooks.

Me, too. Makes more sense, with ever-increasing power and battery life being crammed into a smaller and lighter space.


Hmmm... Of course, you could have 2 TB on a network or external drive. In my experience what people use big disks for is their video and audio collections, not for software...

Bingo.


As for a big screen, the way I see it is that for most people it would be a waste of money to buy a good 30 inch screen and the hardware to use it, the 17 to 20 inch screens on desktop replacements is quite good for most uses.

My 22" WS can't run at anything higher than 1920x1200. My laptop's VGA out can go all the way to 2048x1536. At 1920x1200, it's fairly peppy!


Most people will not organize screen area so that a large screen area pays of, but just maximize their applications and switch between them.

As I'm used to two monitors at work, from the start I'd have two windows up on my single WS at home.


Yes, the new screen technology is the big breakthrough tipping-point for me.

To reiterate this point, folks, I'm not talking about using the laptop's screen when it's docked. Or it's touchpad or keyboard. That's why it's docked - so I can use my normal monitor, mouse, and keyboard.

This is as per the OP.


I had to explain to him about NP complete problems....

Aren't some of the previous NP-complete problems being tackled by massively-parralel processing (http://en.wikipedia.org/wiki/Parallel_computing)? For example, a branching problem with n branch nodes, but with m total branches, where m >> n, being solved by a MPP computer with n or more processors?


You can purchase heat barrier pads and we have but these machines really are becoming less suitable for laptop use.

Every advance brings us both faster processing and less power draw (heat). Remember the Alpha chip? Slow as mollasses compared to my laptop's CPU, but it puts out approximately 20x the wattage (heat).


A laptop driving a docking station setup (with optimal keyboard, mouse, and screen(s), for whatever value of optimal applies to you) can generally be considered equivalent to a desktop setup for typical everyday tasks: document editing, multimedia, internet use, email, etc.

Since that's 95% of what I do...


I've noticed that the laptop hard drives I'd encountered (5-10 years ago, grain of salt) appeared to perform poorly when handling massive numbers of small files, something standard IDE drives have always done quite well.

My current laptop's hard drive benchmarks way better on all fronts than the PATA/66 I had in my workstation.


Also, while it's true that laptop heat dissipation isn't the issue it once was, throw in high-end graphics hardware (rather than that embedded crap SiS and Intel put out) and a GPU-intensive game, and you'll begin to discover why a real gaming rig (built into a roomy full tower with a good airflow design) is preferable for reliability under load.

Agreed. 3D work, physics, AA, trilinear shading... All those are best left to a GPU, which themselves churn out tons of heat.

I'll never argue that my laptop is a gaming rig, but it does very well at Chess, Risk, and Monopoly!

And FS 4...

cjl
2008-Sep-07, 10:04 PM
I doubt the Alpha is 20x the wattage of your laptop - it was rated at 30w, and current Intel notebook CPUs are rated at everything from 10W (ultra low voltage dual cores in the 1400MHz range) up to 45W (the new mobile quad). Typical chips like the T9300 are rated at 35W, which is actually higher than an Alpha.

TrAI
2008-Sep-07, 10:49 PM
...

My 22" WS can't run at anything higher than 1920x1200. My laptop's VGA out can go all the way to 2048x1536. At 1920x1200, it's fairly peppy!

Yes, the resolution is perhaps the important thing, if you have a small LCD and a big one, but both have the same native resolution, you could get the same over all effect by sitting closer to the small one, or farther from the large one.

In fact, the LCD panel on my primary machine is 17 inches and that has a native resolution of 1920x1200 too. Looks like the better 30 inchers have a resolution of 2560x1600



As I'm used to two monitors at work, from the start I'd have two windows up on my single WS at home.

When you have two screens, Windows will let you easily maximize one window on each display. With one big screen, it isn't that easy, the tiling function is a bit impractical to use, so in my experience most people will just maximize the windows. Perhaps it would be more useful if one could easily divide one high resolution display into tiled virtual desktops, and move windows between them... I think there are some tiling window managment utilities for windows out there, but most people do not install that sort of thing.

nauthiz
2008-Sep-08, 03:19 PM
My $2000 laptop, which I use mainly for traveling or astronomy, has some Intel graphics chip that is not compatible with lots of applications. . .

Integrated graphics is a largely orthogonal issue. There are desktops with integrated graphics chips, and there are laptops with dedicated graphics cards. When I was shopping for them a year ago, one of the computers I was looking at seriously was a laptop that was much cheaper than that and had an ATI card. Ended up deciding against it because I don't do anything that's 3D-heavy enough that an integrated chipset that shares the main memory wouldn't be just fine, but the option is certainly there.

nauthiz
2008-Sep-08, 03:25 PM
Aren't some of the previous NP-complete problems being tackled by massively-parralel processing (http://en.wikipedia.org/wiki/Parallel_computing)? For example, a branching problem with n branch nodes, but with m total branches, where m >> n, being solved by a MPP computer with n or more processors?
Ironically enough, multiprocessor scheduling is an NP-complete problem.

Abbadon_2008
2008-Sep-08, 05:33 PM
I hate the touchpad on my laptop. I plugged my mouse into it, instead.
My laptop's screen is about the same size as that of my old desktop.
Though the batteries don't last long, they're good in emergencies.

In, short, I've no complaints.

tdvance
2008-Sep-08, 05:51 PM
Ironically enough, multiprocessor scheduling is an NP-complete problem.



it is--and also MPP is used on (still, small cases of) NP complete problems.

Multiprocessing speeds things up by some factor at most equal to the number of processors (and usually less, if there needs to be any communication between the processors). Right now, "massive" means 100s or 1000s of processors, or 10,000s or more of really dumb processors. Perhaps several decades in the future my desktop will be a 5 TerraProc machine or something.

If I remember right, the human brain has several trillion cells--each cell is its own processor with memory, probably--so it's a terraproc machine with even more terrabytes (equivalent, since brain is mostly analog) memory. On the other hand, I recall a study that was not 100% conclusive but suggestive, that it's not each cell that's a processor, but each individual synapse--so it could be, what's the next one? a PetaProc machine?

(not to be confused with a PetaFlop, which is (just barely) achievable today with big and fast MPP systems).

nauthiz
2008-Sep-08, 06:22 PM
If I remember right, the human brain has several trillion cells--each cell is its own processor with memory, probably--so it's a terraproc machine with even more terrabytes (equivalent, since brain is mostly analog) memory. On the other hand, I recall a study that was not 100% conclusive but suggestive, that it's not each cell that's a processor, but each individual synapse--so it could be, what's the next one? a PetaProc machine?
I think this is a case where the brain-computer analogy starts to break down a bit. Each neuron does some processing and stores some state, but each synapse also has mechanisms that perform processing and state storage. (Desensitization, for example.)

jfribrg
2008-Sep-12, 03:37 PM
Aren't some of the previous NP-complete problems being tackled by massively-parralel processing? For example, a branching problem with n branch nodes, but with m total branches, where m >> n, being solved by a MPP computer with n or more processors?


It is always possible to trade exponential space for exponential time. That doesn't change it from being NP-complete. If the MPP computer can solve the problem in polynomial space and polynomial time, then it isn't an NP-complete problem. Perhaps the requirement that m>>n changes the problem from NP to P, or perhaps it is tractable only for small values of n. All NP-complete problems are tractable if you put a limit on the size of the input. If n is finite, then the problem has complexity O(1). By requiring m>>n, you in effect increase the size of the input that can be solved. How much memory is required in the MPP computer as a function of the input n? That will tell you if it is still NP-complete.


Back to the OP. About 15 years ago, I worked for a software consulting company. We were supposed to develop a program to efficiently schedule the loading of packages onto a delivery truck. My boss came up with a solution what worked great when you are dealing with just a few packages. I pointed out that the solution would not scale. He said that we would simply get a faster computer. I also pointed out that we were really dealing with the Knapsack problem, which is known to be NP-complete. The best we could do is some kind of probabilistic approach where would could usually get a decent solution, but in no way would it be provably optimal. I had done just such a program the year before using genetic algorithms. In the end, I convinced him by insisting on running the solution when we are dealing with 100 packages, which is still far smaller than the thousands that the customer handles daily. The program never did finish, and would not have for at least a couple of trillion years. It took a while, but he finally understood my point. The lesson is that if the program needs to be scalable, make sure that it really is before giving it to your client.

sarongsong
2008-Sep-17, 03:35 AM
From a travel advisory site motel review:
...BEWARE of their open, unsecured Wi-Fi connection that is preyed upon by local hacker(s) intent on obtaining your passwords, credit card data and anything else. I was not aware of this and, when shutting my system down, discovered two hidden programs running: a keystroke logger and a remote desktop capture program...How common are these and how can you determine whether you're on one or not?

HenrikOlsen
2008-Sep-17, 01:37 PM
With Wi-Fi, we're talking a broadcast medium, thus inherently snoopable, unless you know for absolutely sure that whoever's running it knows what they're doing and you know your safety is part of their job description, treat it as shouting all communication across the street with neighbors listening.

You can't really detect if your net is insecure unless you actively try to hack it; which, depending on jurisdiction, could well be a crime no matter the reason.

The thing to do is to treat all internet communication as if someone is snooping and consider all net connections as hostile all the way to the back of your computer.

This means understand the difference between http and https, and understand when it's relevant for the latter to be in use.

Basically the classic don't send any information unencrypted that you'd be uncomfortable to see in five foot letters on a billboard on Times Square.

sarongsong
2008-Sep-17, 03:34 PM
With Wi-Fi, we're talking a broadcast medium, thus inherently snoopable...the classic don't send any information unencrypted that you'd be uncomfortable to see in five foot letters on a billboard on Times Square.Thanks, that makes perfect sense, but is it actually possible for "them" to "secretly install a keystroke logger and a remote desktop capture program", per the warning cited above, via Wi-Fi to my laptop?

Moose
2008-Sep-17, 04:11 PM
Thanks, that makes perfect sense, but is it actually possible for "them" to "secretly install a keystroke logger and a remote desktop capture program", per the warning cited above, via Wi-Fi to my laptop?

Yes, it's possible to do, given certain less-than-secure setups, particularly when using, say, an XP installation prior to SP2, which you can safely assume will have been compromised long before the twenty minutes it takes to apply the Microsoft service packs, if you haven't set up a non-microsoft firewall before your very first connection.

It's entirely possible, however, that this victim you've heard of ate the keylogger and desktop capture program from a malicious website, and that the fact he/she had been on a hotel wi-fi network is coincidence.

Other than making sure your version of windows is fully patched, a good non-windows egress firewall (one that will report new outgoing connections) such as Zone Alarm or Comodo, malware detectors such as Ad-Aware and Avast!, are good ideas.

Avoiding the use of all-in-one security packages* and Microsoft software** where possible reduces the opportunities for malware to "escape", and drastically increases the likelihood that you will detect it.

* Why avoid all-in-one security packages in favor of multiple smaller, lightweight security programs? It's because the large all-in-one security packages have very large bullseyes painted on them, and a single flaw or successful attack can bring down the whole thing.

Having multiple systems offers extra security in the form of redundancy. If one of them gets taken down, the others stand a fair chance at detecting it. Home security isn't about tamper-proof. That can't be done on a family's resources. It's about tamper-evident, and tamper-resistance through defense-in-depth.

** If all-in-one security packages have big bullseyes, none have a bigger bullseye than Microsoft products. All Microsoft products. Worse, because of the overwhelming emphasis on interoperability, a successful attack on any Microsoft product can have drastically wide-ranging effects.

A solution is to ensure that no Microsoft software has by-default permission to make internet connections. Including Internet Explorer (set to "ask first"), Office (set to "deny by default"), Outlook (set to "ask first", or "deny by default" if you use a different mailer) or anything else you might use of theirs (set to "deny by default", generally).

Consider using Firefox (with the AdBlock Plus and NoScript plugins) or Opera as your browser and Thunderbird as your email client. You can still use office, just don't let it connect to the net without your permission.

sarongsong
2008-Sep-17, 07:48 PM
Thanks for spelling it out, HenrikOlsen and Moose! :)
...particularly when using, say, an XP installation prior to SP2...Consider using...Opera...Hee-hee; exactly what I have---this (originally Win98) Sony laptop was bought used and came to me with XP and SP1 installed by the previous owner. Can't get the SP2 download without paying MS the XP fees the PO apparently did not, and have no idea of the price. Zone Alarm also requires SP2, so may end up paying the XP fee just to stay in the game.
...Consider using...Thunderbird...This is the second recommendation from a respected source, so will look into it.

mugaliens
2008-Sep-17, 09:49 PM
From a travel advisory site motel review:How common are these and how can you determine whether you're on one or not?

Quote:
...BEWARE of their open, unsecured Wi-Fi connection that is preyed upon by local hacker(s) intent on obtaining your passwords, credit card data and anything else. I was not aware of this and, when shutting my system down, discovered two hidden programs running: a keystroke logger and a remote desktop capture program...

When you initiate a secure credit card transaction with a reputable online merchant, SSL is used to secure the transaction end to end. A keystroke logger will still capture your credit card number, though, as that's before it's encrypted using SSL.

If you're running a major, current, and up-to-date antivirus program, the liklihood of something being able to install programs undetected is exceedingly slim. If you are running a good AV, more than likely you picked those up when you installed some program you downloaded.

Moose
2008-Sep-17, 11:22 PM
If you're running a major, current, and up-to-date antivirus program, the liklihood of something being able to install programs undetected is exceedingly slim.

That actually goes very nicely to my point about defense-in-depth.

The virus checker has a strong likelihood of catching the keylogger getting injected onto your system, but if it doesn't catch it in time, the good egress firewall you've installed (with Microsoft software under restriction) will prevent the keylogger from sending out "the take", and will signal you that suspicious activity took place.

mugaliens
2008-Sep-18, 08:41 PM
That actually goes very nicely to my point about defense-in-depth.

To piggyback, defense in depth begins with user education, as no amount of antivirus software, firewalls, and communication monitoring schemes will replace common sense, which, when used properly, eliminates around 90% of all means by which others can breech your system in the first place!

TrAI
2008-Sep-19, 09:49 PM
With Wi-Fi, we're talking a broadcast medium, thus inherently snoopable, unless you know for absolutely sure that whoever's running it knows what they're doing and you know your safety is part of their job description, treat it as shouting all communication across the street with neighbors listening.

You can't really detect if your net is insecure unless you actively try to hack it; which, depending on jurisdiction, could well be a crime no matter the reason.

Hmmm... Generaly the times one hear about people getting in trouble for this sort of thing is when people outside a company discover a flaw in the company network by active means, and tries to warn the company about this. Sometimes the company may then proceed with actions against this individual, even though the actions were non-destructive and may have prevented the more serious problems that could result if a black hat type found it.

However, I do not see how it would be feasible to prevent people from hacking their own stuff, that would preclude any sort of active testing of a networks security, and leave all networks open to any malicious person. Not to speak of all the people that would have to be arrested for forgetting to turn of their capslock before entering passwords... ;)

However, in some cases it may be illegal to break certain sorts of security, like copy protection, license validation systems and so on, since the user often do not actualy own the software or data in question, but only have a license to use it.


The thing to do is to treat all internet communication as if someone is snooping and consider all net connections as hostile all the way to the back of your computer.

This means understand the difference between http and https, and understand when it's relevant for the latter to be in use.

Basically the classic don't send any information unencrypted that you'd be uncomfortable to see in five foot letters on a billboard on Times Square.

Yes, anything transfered over a wireless network could be snooped on, so someone may gather quite a bit of information about you by just passive monitoring.

Of course, if the network is open, or the assailant has cracked the keys, they may monitor not only the wireless network, but possibly the wired portions too. Since layer 2 switching is quite common in modern home networks(Most access points will do layer 2 switching to divide the wired and non-wired networks), some sort of ARP poisoning attack or other way to reroute or mirror packets will probably be required, but I hardly think most people would detect the attack.

mugaliens
2008-Sep-20, 10:41 PM
Sometimes the company may then proceed with actions against this individual, even though the actions were non-destructive and may have prevented the more serious problems that could result if a black hat type found it.

Such actions never stand up in court, as the company, whether by ignorance or neglect, allowed it's signal, unencrypted at that, into the "public domain (http://en.wikipedia.org/wiki/Public_domain)," just as assuredly as if it took it's records and dumped them on the city sidewalk.

Legally, those records do not belong to the public domain; the company retains legal right of ownership. However, again by ignorance or negligence, they have forfeited their right to privacy, as no information broadcast to the public meets any of the criteria for "reasonable expectation of privacy."

Now, if the company were using a reasonably secure encryption scheme which was then hacked by some bright youngin's, that would be a different story, provided the company could prove malicious intent on the part of the youngin's, such as intent to sell the info (corporate espionage), or intent to harm the company, perhaps by deleting data within their networks.

That's a lot more difficult to prove, and a simple signed letter by the hackers, sent to the company, indicating they found a loophole, where that security flaw is, and perhaps a remedy on how to fix it, is more than sufficient evidence to support the hackers' claim of benevolence.


However, I do not see how it would be feasible to prevent people from hacking their own stuff...

You're right - it's infeasible. Else how would one either test their own encryption scheme, or test the efficacy of one they'd purchased? After all, who doesn't give a tug or two on a lock they just put on the door of their storage facility to see if it's really locked?


However, in some cases it may be illegal to break certain sorts of security, like copy protection, license validation systems and so on, since the user often do not actualy own the software or data in question, but only have a license to use it.

Technically, under most law, including international law, it's not illegal, provided you own the right to view that movie. But it is illegal to distribute your methods, just as it's illegal to distribute the movie itself.


Of course, if the network is open, or the assailant has cracked the keys, they may monitor not only the wireless network, but possibly the wired portions too. Since layer 2 switching is quite common in modern home networks(Most access points will do layer 2 switching to divide the wired and non-wired networks), some sort of ARP poisoning attack or other way to reroute or mirror packets will probably be required, but I hardly think most people would detect the attack.

With WPA2-PSK, using a minimum of 16 randomly selected characters for both the SSID and the passphrase is generally sufficient to defeat brute-force attacks, as the encryption keys are rotated long before the exhaustion of the keyspace, and for when you use alphaneumerics, (ASCII), both the passphrase and the SSID are reduced via a hash into a 256 bit string which is then used as the pairwise master key (PMK), aka, the "pre-shared key."

In short, WPA2-PSK is, in my opinion, every bit as secure as SSL-3, provided one uses random characters for the full 63-character PSK as well as for the 32-octet SSID.

Yes, the SSID is given in cleartext even when the broadcast function is turned off. However, without the PSK, the random nature of the SSID tremendously improves security, as it's unlikely any previously hacked system (which would then be added to a dictionary) contains that randomized SSID.

TrAI
2008-Sep-21, 02:23 AM
Such actions never stand up in court, as the company, whether by ignorance or neglect, allowed it's signal, unencrypted at that, into the "public domain (http://en.wikipedia.org/wiki/Public_domain)," just as assuredly as if it took it's records and dumped them on the city sidewalk.

Legally, those records do not belong to the public domain; the company retains legal right of ownership. However, again by ignorance or negligence, they have forfeited their right to privacy, as no information broadcast to the public meets any of the criteria for "reasonable expectation of privacy."

Now, if the company were using a reasonably secure encryption scheme which was then hacked by some bright youngin's, that would be a different story, provided the company could prove malicious intent on the part of the youngin's, such as intent to sell the info (corporate espionage), or intent to harm the company, perhaps by deleting data within their networks.

That's a lot more difficult to prove, and a simple signed letter by the hackers, sent to the company, indicating they found a loophole, where that security flaw is, and perhaps a remedy on how to fix it, is more than sufficient evidence to support the hackers' claim of benevolence.

You're right - it's infeasible. Else how would one either test their own encryption scheme, or test the efficacy of one they'd purchased? After all, who doesn't give a tug or two on a lock they just put on the door of their storage facility to see if it's really locked?




Technically, under most law, including international law, it's not illegal, provided you own the right to view that movie. But it is illegal to distribute your methods, just as it's illegal to distribute the movie itself.

True, but still, most licenses state that your right to use a spesific software, movie or what ever is voided if you do not follow the aggrement, either you have to accept this or it is considered accepted if you use the media. Of course, several points in things like the EULA's may not be valid under all laws, it seems like they just use some standardized form to the effect that they disclaim everything, but yet retain all rights to do what they please about the software and licencing...



With WPA2-PSK, using a minimum of 16 randomly selected characters for both the SSID and the passphrase is generally sufficient to defeat brute-force attacks, as the encryption keys are rotated long before the exhaustion of the keyspace, and for when you use alphaneumerics, (ASCII), both the passphrase and the SSID are reduced via a hash into a 256 bit string which is then used as the pairwise master key (PMK), aka, the "pre-shared key."

In short, WPA2-PSK is, in my opinion, every bit as secure as SSL-3, provided one uses random characters for the full 63-character PSK as well as for the 32-octet SSID.

Yes, the SSID is given in cleartext even when the broadcast function is turned off. However, without the PSK, the random nature of the SSID tremendously improves security, as it's unlikely any previously hacked system (which would then be added to a dictionary) contains that randomized SSID.

Well, if the person attempting the cracking wants to monitor a spesific victim's network for some reason, they would probably try to crack the PSK(most people probably do not have that good password/ssid combinations), if they are just looking for an internet connection to download some stuff, they would probably not bother, and rather try one of those networks that is open, there are generaly a lot of them about, with dhcp and everything, no work to do, just connect and be online.

Of course, it is probably more likely that someone might want to monitor a company's or organisation's network than a private network, but who knows, if someone is already in, they may find it amusing to see what sort of thing the victim likes to look at on the net and perhaps pick up a few passwords and other useful tidbits. If the hacker realy hates the victim for some reason, it may be possible to use some attack or exploit to fill that persons machine with a spesific mix of stuff designed to disrupt that persons life...

On the other side, someone might just want an internet connection for downloading that new video or picture set with their favorite underage person, and conclude that using a closed network is more likely to divert attention away from the possibility of an outsider in case the police takes an interest in the activity, though it is probably going to be hard enough to track down a possible bandwith thief that came by several months ago anyway.

mugaliens
2008-Sep-21, 05:05 PM
The actual key is a hashed combination of the SSID, the passphrase, both MAC addresses, and some other stuff.

The SSID is cleartext, regardless. However, dictionaries have been compiled with common SSID's (like, "linksys" :doh:) and common passwords. If you're using a common SSID, you'd better have a full-length, randomized password.

On the other hand, if your SSID is also randomized, there are no dictionary attacks, so your passphrase can be a bit more memorable.

TrAI
2008-Sep-21, 05:55 PM
The actual key is a hashed combination of the SSID, the passphrase, both MAC addresses, and some other stuff.

The SSID is cleartext, regardless. However, dictionaries have been compiled with common SSID's (like, "linksys" :doh:) and common passwords. If you're using a common SSID, you'd better have a full-length, randomized password.

On the other hand, if your SSID is also randomized, there are no dictionary attacks, so your passphrase can be a bit more memorable.

It's amazing how many APs are set to the standard setup, really...

About 40% of the APs around here seems to have standard SSIDs, and 25-30% doesn't even have any encryption at all... There used to be an higher percentage of open networks a few years back, but I suppose the improvement is mostly due to the default settings being with encryption enabled...

HenrikOlsen
2008-Sep-21, 10:28 PM
Hmmm... Generaly the times one hear about people getting in trouble for this sort of thing is when people outside a company discover a flaw in the company network by active means, and tries to warn the company about this.
When I said "your network" I was referring to the network you're currently on which for the OP was referring to figuring whether you're on an insecure hotel network.
Trying to actively find a flaw in the network of a hotel you're staying at is probably a situation where you'll have trouble convincing a judge of your whitehatttedness.

sarongsong
2008-Sep-21, 11:43 PM
"Yes, Your Honor, that is correct; I was simply adjusting the Desk Clerk's undercharge to reflect the correct amount." http://www.bautforum.com/images/icons/icon10.gif

mugaliens
2008-Sep-22, 06:20 PM
Trying to actively find a flaw in the network of a hotel you're staying at is probably a situation where you'll have trouble convincing a judge of your whitehatttedness.

This is about what I read in the news. Unfortunately, most judges are relatively computer illiterate, and attempt to extend the "locked door" analogy further than it will reach.

Judge: "Was your hotel's wireless access point locked?

Owner: "Yes."

Judge: "And you had a password on it?"

Owner: "Yes."

Judge: "What was the password?"

Owner: "Yes."

Judge: "I mean what was the password you used for your WAP?"

Owner: "Yes."

Judge: "'Yes' was your password?"

Owner: "No, 'what' is my password."

Judge: "Look, now, I'm asking you what was your password!"

Owner: "Yes."

Judge: "Well? The password was... what?"

Owner: "Yes."

Judge: "Are you going to tell me the password, or not?"

Owner: "Absolutely."

Judge: "'Absolutely' is your password?"

Owner: "No."

Judge: "So now, 'no' is your password?"

Owner: "No."

Judge: "Ok, now we're getting somewhere. So 'no' is your password."

Owner: "No."

Judge: "'No,' it's not your password? Or, 'no' is your password?"

Owner: "The first one."

Judge: "But I thought you just told me 'no' was your password?"

Owner: "No."

Judge: "So 'no' is not your password?"

Owner: "No."

Judge: "Yes, 'no' is not your password - is this correct?"

Owner: "Yes."

Judge: "'Yes,' as in 'no' is not your password?"

Owner: "Yes."

Judge: "So what's you're password?"

Owner: "Yes."

Judge: "'Yes' is your password?"

Owner: "No."

Judge: "Will you cut that out!!!"

Nicolas
2008-Sep-23, 08:23 PM
At the moment, I'm without desktop. Long, long story.

So everything I do now, is on a laptop. Agreed, hooking it up to a monitor, keyboard and mouse makes it as good as, and pretty equal to in many aspects, a desktop. But there's at least one reason why I'm looking for another desktop PC: I've got some large cards (sound, most of them) which don't fit into a laptop and don't have a laptop equivalent...

Lianachan
2008-Sep-23, 11:40 PM
I just got a new laptop at work. It's a better spec than my home PC - which, admittedly, is getting on a bit now.

It also has a 17" widescreen display and a blu-ray drive. Should come in handy for those boring, long journeys and hotel stays.