Slashdot Mirror
Slashback: Spambots, Retroism, VoIPhooey
Let's find the spamsters and turn them over to Hormel. Neil Gunton writes: "Further to my previous article about stopping Spambots with Apache, Perl, MySQL and ipchains, it appears that the spambots have evolved somewhat. They seem to come in using a search engine to find promising pages, and then spoof the User-Agent field and generally try to behave as much like a real person as possible. Here is an update to my original article. This is something that anyone who runs a website and dislikes spambots should be aware of..."
If I ever have children I might let it go at that. jamie writes: "'If I ever have children,' says Rich Dreher, 'I would want them to see and touch one of the very first 'real' personal computers, not some simulation of an Apple in a window on a Pentium VIII running Windows 2012.' Over the last few months he's put together a CompactFlash/IDE adapter card for the Apple //e and IIgs, and now he's taking orders. The largest hard drive that ProDOS supports, as flash RAM, costs $14! Seeing the card really brought back memories..."
We mentioned this a while ago, before the pressing need of Apple ][ owners was quite so evident.
What's a little $80 million mistake among friends? Sinjun writes: "In what is believed to be one of the first prison sentences given to the creator of a virus, David L. Smith of the infamous Melissa plague recieves 20 months in federal lockup. I would have thought he would recieve more, seeing the massive amount of money lost by corporate America resulting from Melissa. Oh well, this is the precedent that has been set."
Smith should be grateful that his victims weren't allowed to each pluck one hair from his body per Melissa message received.
But what about the GBA? bobbydigitales writes: "A while back someone suggested porting linux to Samsungs GP32 handheld games console. As I own one, I did a bit of 'googling' and found a post from a guy at Samsung about a problem he was having with his linux port to the s3c2400x chip (this constitutes most of the GP32's hardware). It seems he finished his port as he sent me all the patches and instructions needed to compile the kernal for the s3c2400x.
As I dont have any experience porting linux i thought I'd share this information with the world and see if anyone could offer help and/or suggestions on how to proceed. Here are the files and info.
Samsung have completed the following drivers:
- LCD
- Serial
- USB Host (with mouse driver),
- Sound
- Keyboard
- Network (not actually on the GP32 chip)
Things that are missing:
- bootloader,
- SmartMedia Card driver"
I knew I should have ordered a few. Alex Law writes "Only days after Slashdot's article about Creative Labs great deal on VoIP Blasters, it appears that they are no longer in production or available from Creative's web site. Shame; mine arrived yesterday, and we were all quite impressed."
From the Mozilla front: Lots of good reports and an oops.
The good stuff -- reaper20 writes "With 1.0 around the corner, it seems like the folks over at Mozilla.org have their hands full. Between interviews and last minute security bug fixes, it seems like the Mozilla is poised for the big push to 1.0.
David Hyatt brings up the IE Advantage, and the death of user-experince based browsers. Mozilla.org itself has stood firm on some of these marketing driven issues - yet some changes have caused some interesting developments in the Mozilla community. The recent context menu revisions and personal toolbar recommendations by Netscape have caused a bit of controversy. (Bugzilla entries ommitted for obvious reasons)
Recently, the mozilla/browser and Chimera projects have been started to address certain usability problems and the desire for OS X native widgets. With Galeon and other Mozilla derivatives getting better and better, it seems that Mozilla 'proper' will serve as a platform for derivative browsers customized for the target platform.
Lots of standards-compliant clients each tailored to user needs, sounds like what web was originally designed for."
And the oops -- An Anonymous Coward writes: "An Israeli software firm has discovered a flaw in Netscape and Mozilla software that allows code hidden in a Web page to read files from the user's PC. The bug is a more serious variant of one patched in Microsoft's Internet Explorer in February."
Could someone summarize what the story is here? About the only thing that annoys me about the current crop of fresh Mozilla installs is that it keeps changing my default search engine away from Google and back to Netscape.
Schwab
Editor, A1-AAA AmeriCaptions
Why not pay users to collect e-mail addresses? Just create a 'plugin' (not unlike the google tool bar) so that where ever users go, the plugin automatically collects the e-mail addresses on the page. The user could get paid in some way (money? otherwise?), and there could even be a space in the tool bar to enter e-mail addresses obscured, as in an email addresses displayed as an image, as to avoid detection.
It would be almost perfectly undetectable.
The VoIP Blaster had huge potential, IMHO, because it was easy for non-internet-telephony-experts to plug in their POTS telephones and place a call. I was preparing to buy more when I discovered there were no more available.
In a desperate effort to find out how to buy more VoIP Blasters, I called Creative Labs. Yes, it's official, they have discontinued sales of this product. That explains why they were blowing them out at $10 a pop. But, it goes deeper than this.
I discovered that Creative Labs didn't manufacturer the VoIP Blaster. They were value added resellers of the InnoMedia InfoAccel USB. I decided to send a message to InnoMedia to find out who else resold their units.
My Question to InnoMedia, made through their "contact us" page:
"Creative Labs has now officially discontinued the VoIP Blaster (the repackaged InfoAccel USB). Are there other OEM partners who are repackaging the InfoAccel USB I can purchase from? Is InnoMedia considering releasing a consumer version of the InfoAccel USB?"
Short yet concise response from Kelly Zhang, Director of Sales, InnoMedia:
"We do not intend to release any more version of InfoAccel USB."
Now that the VoIP Blaster party is officially over, what other inexpensive hardware platforms look promising to allow Grandma to pick up a phone and place a call without a Ph.D in Internet Telephony?
My car gets 40 rods to the hogshead, and that's the way I likes it!
One of the complaints about spambots was that they either ignored, or read and then flouted, robots.txt. But, Google is well behaved - so won't the new generation of spambots implicitly obey robots.txt?
Seems you could use robots.txt to keep Google out of your email address pages, and still keep your other spambot defenses.
My amazing wife - Artist, Author, Philosopher - Laurie M
I really don't understand the levels spammers goe to. I'm an intelligent person, and if I want something, I know where to go to get it. I've been around on the net long enough to know where the best sites are, be they news, computer sales, money matters, or even porn. It's gotten[sic] so ridiculous that I often want to scream. On a technology forum I post on(very private, mostly real life friends, but still public THCNET)about once a week someone will come in a make a damn spam post on the board. This is utterly pathetic. For one, if I know you circumvented security features for your email to get through, I'm going to be so angry I would never, ever desire to give you one red cent. Most likely, I would find some way of retribution, be it legal avenues or guerilla tactics on your servers.
This has got to stop. It's been proven time and time again that if you want consumers money make the best product/offer the best service, and do it in a helpful, non-pushy way.
Finally, math books without any of that base 6 crap in them.
A major problem with mozilla is their "improved" handling (i.e. hiding) of referers in certain new situations, like from one HTTPS page to another accross domains. This is preventing people from placing orders with websites that use at least one major credit card processing service. We've been getting lots of complaints because mozilla/netscape users cannot place orders and have to tell these customers to use IE, as much as we hate doing that!
And, yes, I know it's easy to fake referers, but it's just one of a variety of checks the credit card processing company uses and if any of them fail - no order!
I'm guessing that they feel that this is a browser security issue, but it is really a website security issue. Any website that has critical info in the URL is itself a security hazard...someone could just walk by the system to oggle that info directly. Hiding the referer isn't going to fix the site. For the browser to cripple its ecommerce applications for this is a truly bad decision.
That web page linked to has a demo of their security flaw. It appears to be targeted at Windows users, trying to read from c:\.. but if you try to read this file under the Linux build, it crashes Mozilla.
Using your sig line to advertise for friends is lame.
Interestingly enough, one of my former roommates went to college with David Smith, when he was at UNC. She said he was a quiet, but rather odd man. She was very adamant about her impression that he wasn't really a bad guy.
On a related note, how many people actually picked apart one of their copies of Melissa? The really nasty bit of code was only maybe 10 lines long. Doesn't seem like he had to go through all that much trouble to write the thing. For years I've been thinking that Microsoft should really be held accountable for building that capability into Outlook in the first place. Then just a couple weeks ago someone said that is like holding gun makers accountable for murders. Now I'm not so sure that MS is to blame - they had their reasons for building it in, dubious as they may be, and I'm sure people besides the virus writers have made use of this feature. Would calling for Microsoft to remove it be the same as calling for file sharing networks to be torn down just because people use them illegally?
It's funny that I didn't notice how much of a hypocrite I was until it was pointed out to me.
(I was only an egg, but then I cracked)
I could well be wrong about this - it's been many years since I've used a ][... I seem to remember that very little of the early Apple software would work with ProDOS. All the little BASIC games were no problem, but most of the commercial titles would boot directly from the floppy (not the System Master disk with DOS 3.3 or whatever it was). I don't recall having a way to save them to my hard disk.
So anyway, if I get this card and put ProDos on the drive, is there some way I can just load all my floppies onto there as images, and run them after booting into ProDos?
I'm just glad mine came in via fedex today.
since when do you use plastic? oil? drive a car? eat something produced by Kraft (and subsidies)
I don't think you understand... these companies lost money due to this virus, the money figures come from when an email server goes down because it's been innundated with email, taking out the company's resources... imagine... an office full of salaried workers doing absolutely nothing because their email/file server is dead...
and who pays for it? we do... we pay $.02 more for a box of mac & cheese... $.05 more for a gallon of oil because Texaco's cross-country communications were taken down, and a couple freighters had to stop in the middle of the pacific.
We shouldn't blame the guy who wrote the virus, right? just like we shouldn't blame the script kiddies that DDoS our web sites...
I *think* that what cdf12345 is getting at by saying:
"By the way, why not jail the programmers at Microsoft for writing an e-mail client that allows "billions and billions of damage""
Is that money losses are being caused by Microsoft as they are also caused by the email virus, AND maybe just as intentially- just phrased better: It isn't cost effective to [make the computer crash less] [provide better secturity] [etc] so we wont do it, this sounds reasonable to everyone but it is just as intentially causing loss money as someone who writes the virus.
What I do is include on every web page I produce an invisible 1x1 gif with a mailto: to a special e-mail address. My goal is not to prevent SPAMBOTS or even try to confuse them. I want them to scarf up the special e-mail address. When SPAM is sent to this address, I have scripts on my Mac OS X system that downloads the e-mail and scans it for headers, subject and body message. Once it collects this information, it sends a copy to SpamCop and then it sends the info to my postfix e-mail server to scan other accounts for the same message and then updates my postfix configuration to block further e-mails. I give my "special e-mail address" a name that will alphabetically sort before any other e-mail addresses in my domain. I have noticed SPAMMERS tend to send SPAMs out in alphabetical order to my domain so this works fairly well. I have never had a false positive with this method.
The great thing about this system is that 90% of the time I report SPAM to SpamCop, it says its a fresh SPAM. So not only am I helping to prevent SPAM to my users, I am hopefully helping others that are using SpamCop's RBL.
Strange women lying in ponds distributing swords is no basis for a system of government.
My system is very tuned to the systems I have available to me. Disclosing my rag-tag collection of Perl scripts, AppleScripts, postfix configurations and e-mail programs that I have cobbled together would compromise my security and most likely would never work on anyone else's setup.
However, take the concept and run with it. If I can do it, most sysadmins could figure it out -- I am a hack programmer. I find that Postfix is a great alternative to Sendmail and makes SPAM killing a snap.
I also cheat by blocking China, Korea and Taiwan off from my mail server. My company is USA focused and never does business with non-English speaking countries. No offense folks in Asia, I lived and worked there for 3 years and enjoyed my time. Its just an easy way to whack 1/2 the SPAM sent to my servers.
Strange women lying in ponds distributing swords is no basis for a system of government.
Let me see if I understand you. Basically you are saying that writing words is free speech.
Ok, granted.
But if I spray paint a "LOVE THE WORLD!" on the side of your car is that protected by the 1st amendment?
If your interested in what the scum that sell spam software have to say check this out
http://Lenny.com
4 great justice!