Slashdot Mirror
US Congress gets Spammed by Self
Doug Muth writes "There is an
article on MSNBC's website
that talks about a recent bout of spam that seriously bogged down some
of the mailservers delaying message delivery for some users by "several hours". Maybe
now that they got hit in the face with a spamming incident Congress will
finally try to write some decent anti-spam legislation. " Heh - an aide to Rep. Alcee hastings (D-FL) sent out an e-mail to hundreds, potentially thousands of people on an internal mailing list - no BCC or majordomo, so when people hit "Reply All"...well. You can imagine the fun that ensued. The great part is that the letter was apparently recommending a weight loss pill.
I feel your pain.. I have the same feelings about this from a tech support job. I cringe when I heard people hitting Reply To All: GET ME OFF THIS LIST.
jeeze These people where the ones causing the problem by hitting RTA: Of course the message gets longer and longer! Then someone else does the same thing and the same people whip off another RTA.
Linux is only free if your time has no value. Windows is only free if you threaten to use Linux.
I've never seen a spam with anything constructive in it. Most of the ones I've recieved have been for illegal pyramid schemes. Never have I recieved a spam with a valid return address. Often even the domain from which the spam "Originated" is also not valid (That practise has waned in popularity with the advent of mail filters that eat mail with invalid domain names.) Legitimate companies quickly realize that spam alienates potential customers and quickly drop the advertising model for a passive one where the customers seek them out.
Someone once said that your right to swing your fist ends where my nose begins. If I were to use your logic, I'd claim that your protesting my right to hit your nose is hypocracy because I'm allowed to swing my fist almost right up to it.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
>Maviglio said that the anti-spam bill, known as >the Can Spam Act , had picked up a half-dozen >additional sponsors in a 48-hour time span.
Can you say knee-jerk reaction? What if some of these half-dozen sponsors saw their first porn page on the net? Yikes! These people are making the rules for us!
Oxryly
I cringe when I heard people hitting Reply To All: GET ME OFF THIS LIST.
;) The list even sent out the standard instruction sheet to the... victim... yet still the list was full of 'HOW DO I GET OFF THIS LIST?' and 'UNSUBSCRIBE ME' mails. It generated quite an amount of spam, and was fitting punishment for people that don't RTFM ;)
Hehe... that reminds me of the good old days of 'lame-list'. It was basically an open-subscribe majordomo list where you could subscribe other people that you felt were worthy of this dubious honor.
----
Dave
All hail Discordia!
- Dave
This is a great idea. Let's install the most byzantine operating system imaginable. Congress and tHoR will grind to a halt. Libertarianism through bad software! Bad UI coders of the world unite!
But, I do think that Microsoft should change it's business practices, and perhaps a little less of the diversity training and a little more ethics training is in order, hmmmm?
On linux and the complexity of the command line interface. In last month's issue of Linux Magazine there was an interview with Alan Cox, and he said the following about the future of Linux:
"...the user interface is going to be as easy to use as Windows. But that isn't good enough. Windows is still the Black and Decker power tools of the computing world. We need to have something much simpler than that. A lot of people don't want to learn how to use the computer: you shouldn't ever have to read a manual. You shouldn't have to deal with file managers. Why should you have to understand all this file stuff?"
So, clearly, there's going to be a movement away from the command line interface, thou I'm sure it'll still be an option to run Linux with no GUI...
If a contract programmer reads Freshmeat, without proper authorization, they are liable to be sacked at best, and face the threat of court action from the DOJ for gross misuse of Government-furnished Equiptment.
;)
What if they can prove a job-related reason, like researching for low-cost solutions to a government problem? And doesn't the Gov't maintain strict proxy log analysis procedures for just this eventuality?
Afraid I'm going to have to disagree with you on this point, Steve. The two points that nahdude812 made are related. Spam is a form of internet communication, albeit a noxious one (like me after eating Taco Hell). Nahdude is pointing out that most people here don't want any kind of restriction on the kinds of communications they can send on the internet, but yet they want to restrict one form of internet communication: spam. He calls it hypocrisy; I call it typical human behavior. Don't touch what I love, but squash that thing I hate.
In that thread I started (Anti-spam legislation is unnecessary) we did dance around the issue of judicial expansion of traditional law into the computer/internet sphere (oh lord, I'm starting to sound like a lawyer).
Nahdude has a point, even if you don't agree with it.
*My* elected representatives *do* listen. If your congressmen are ignoring your letters, perhaps you should vote for somebody else next time...
geez, people can be dumb.
Demonstrant's Open Source Tools
Somewhere in the back of my brain, I remember how the Congressional Outlook Express server couldn't handle the volume of angry e-mail which ensued after the first incarnation of the CDA was passed.
But barring that, I found an old link to a site which can automatically e-mail all elected officials.
http://www.hoboes.com/html/Politics/electednet/
Tell them to get a mail solution that doesn't SUCK.
J.
damned vulpine http://sb.drtwister.com/
The "Can Spam Act" merely allows ISP's to enforce their "no spam" policies by making it illegal for a spammer to spam to/via an ISP that expressly forbids UCE.
They're not regulating at all, they're just giving ISP's the express ability to sue.
Anyway, to get the headers in the microsoft mishmash (as per the subject line), open the mail in its own window. Under the "View" menu, select "Options". A small window there will provide you with full headers. Note, you have to perform this series of operations for *every* single email. I don't like microsoft.
Demonstrant's Open Source Tools
One of my projects was to develop a networked database/application server. This was to be demonstrated at a major company, the other side of the US. The firewalls at each end, though, made a direct connection impossible, so they considered shipping some rather old, fragile Sparcstations over, but nobody was keen on the idea.
I used Freshmeat and Slashdot to do some research, and showed that the entire system - database, applications, everything - could be put onto some cheap Linux boxes instead. This would avoid risking expensive, vital equiptment, reduce downtime if a problem occured, demonstrate portability, and actually improve performance.
As far as I was concerned, independent research couldn't get any more job-related than that. My boss saw it otherwise, and construed my efforts as gross misuse of GFE. AFAIK, the proxy logs were never examined.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Unfortunately, this operation will *only* work for SMTP-type mail... for Microsoft Mail/Exchange Server-type mail, there *are* no headers, folks, at least none that Billy-boy wants you to know about...
Sig broken, watch for
I also think a clause in an ISP contract stating that the user agrees to pay a cash penalty if he/she/it ever spams would be cool - and well justified given the administrative cost in tracking down the spammer. I'd be proud to take my business to an ISP that had such a strong anti-spam policy.
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
The one legitimate concern I see is that the rules should be completely content-neutral -- thus, "commercial" should be no part of the definition of spam. The offense should be the sending of UBE (Unsolicited Bulk E-mail), of whatever type.
/.
/. If the government wants us to respect the law, it should set a better example.
I work for one of the big five consulting firms.
some loser managed to spam tens of thousands
of our employees by sending a scam to several
internal mailing lists.
of course, other losers within our organization
had to check it out and announce to the list
that the scam was a scam. (what a surprise)
then, as pressure on the original losers increased,
they sent out several retraction notices to
basically the whole firm, again. to top it off,
still other losers chimed in to complain
about all the mails, urging them to stop.
(but of course they were too dumb to realize
that they added to the problem themselves).
i seriously hope this experience is either
followed by an intense education effort or
a blocking of these international distribution
lists for normal staff.
For example, if a vendor sends you an unsolicited (but desirable) notice about an upgrade to a software product that you previously purchased from them, they could be liable for a penalty of up to $25,000.
I am in favor of penalties for such behavior. If I want to hear broadcasts from a vendor, I will inform them by checking a box or subscribing to a list. Otherwise I want them out of my face. If I receive a message like this, I usually contact the vendor's upstream provider to ask if they are violating an AUP by sending unsolicited bulk mail, and emit complaints.
Vendors, or anyone else for that matter, should not have the right to use my CPU, disk and bandwidth resources to promote their products, scams, causes, or other bulk-mail foolishness, and I am in favor of penalties for exactly the kind of behavior you describe.
Because the language is so broad, the result will effectively ban from the net all e-mail with even a remotely commercial whiff. Is this what we really want?
Yes. All unsolicited opt-out spam, commercial or no, is an intrusion on my computing resources, time, and attention. A majority of it is fraudulent. A small portion of it is Endless September cluelessness.
I do beleive that the technical solution described is misguided. It should be the other way around: Criminal penalties for sending unsolicited broadcast mail to any machine that does not specifically indicate that UBE is acceptable.
I own my SMTP port. I believe I should have the right to seek prosecution for its misuse. I define misuse as requesting delivery of UBE.
How can a group of lamers like congress make good decisions about complicated tech issues like cryptography when they spam each others mail box? My representatives can't even reply to email, they send out snail mail, (and usually a form letter).
âoeIn theory, theory and practice are the same. In practice, they are not." â Albert Einstein
I have 20 e-mails. It totally filled up my in-box
Of course. His inbox is probably 20 lines - so 20 messages "filled" it. Probably haven't grasped the concept of scrollbars completely. When deleting one of the 20 messages makes another appear: "Oh - more arrived just now!"
rather than troll? In any case, the answer is obviously "false", unless, of course, you speak about Hoover's new model.
I was able to bring down part of my company's email system, while I was on holiday.
Before taking vacation, I set my email to autoreply the fact that I was on vacation and would not be able to respond to any emails.
While I was away, and automatic system sent me an email saying that there was something that required my attention. This system was also able to retrieve information requested via email, so it was set up to receive emails as well.
My mail system duly sent my 3 line autoreply back to the automatic system. The automatic system tried to parse the email for what it was supposed to do, but since it wasn't in the format it expected, for each line it sent an email saying it didn't understand what it was supposed to do. To each of these emails, my mail duly sent the 3 line autoreply, and so on.
Within a couple of days, the tens of thousands of email messages generated brought our email server to its knees.
MrCreosote Meow!Thump!Meow!Thump!Meow!Thump! "You're right! There isn't enough room to swing a cat in here!"
This exact same thing happened at my company some month ago.
We have something around 2000-3000 users in the network.
So one day someone created her own mailing alias, called it "Group" and sent off a test message.
But unfortunately that alias wasn't created right and instead of being a small alias it consisted of all the users in the whole system. This person didn't know much about computers at all so obviously it was an easy mistake to do.
Now people received an email saying something like To: Group Msg: "asdfsdaf"
And ofcourse what do people do... they hit Reply All saying "Huh?". After a little while a small discussion came up even blaming things on viruses.
Needless to say the servers didn't have much choice but to go to sleep.
Why did it happen?
1. The alias for all users was too easy to create.
2. The "header" (the part that is displayed) showed To: Group, which didn't give any info.
3. People didn't know what they replied to.
I'm a linux user and I'm used to being able to see exactly what the headers look like in a mail. However I still haven't figured out how to get the full header or at least see what that Group was in this system.
What are the company (I refuse to use the word "we" here) running? Outlook & MS Exchange servers.
The problem with things such as the RTBL (and address/host filters in general) is that it doesn't catch spammers the first time. Some `plug-pulling' here: I've made a tool that actually looks at the message to determine if it's spam or not. Mail me (remove the obvious part, of course) to get a prerelease version, if you're interested. (It catches 98% or so of my spam, and close to nothing of `real' messages.)
/* Steinar */
(This comment is of course GPLed.)
"Wanna bet they're using Micro$oft?" Well, let's see... (from a real message, trimmed for brevity and their privacy (beats me why))
Received: from (something1).house.gov by (something2).house.gov (8.9.1b+Sun/8.9.1) with ESMTP id (etc.)
Received: by (something1).house.gov with Internet Mail Service (5.5.2539.1) id (etc.)
In those samples I've got there are 4 different "Internet Mail Service" machines, and two different Sendmail machines. I suspect that the political apointees are given their own network to play with and trash as they like, while the real sysadmins keep the backend networks running with a "Real OS".
That had nothing to do with it. Late revisions of the Newton's OS had very good handwriting recognition. The Palm has gotten where it is because it is very cheap and simple to use for the limited number of tasks it does. The Newton died because of Apple (surprise!) pricing it too high - although the technology itself was somewhat prohibitively priced at the time.
/. actually enjoy the idea of software being unintuitive.
Right now, for little the Palm aims to do, it does very well. When something comes out that can do three times as much as what the current Palm can do, at the same price, without trying to fit a square peg into a round hole (ie. WinCE) then the Palm will die. Don't worry though, my bet is that it very well could be a complete revision of the current Palm technology.
It boggles the mind how many people on
- Darchmare
- Axis Mutatis, http://www.axismutatis.net
- Jeff
heh!
Oh yes, I can imagine this:
"Sorry for all these crappy laws, but we were busy reading Linux documentation for half of the legislative period."
Your argument rests upon a definitional switch, like the old fallacy: 1)No cat has two tails, 2)A cat has one more tail than no cat, ergo 3)A cat has three tails.
Your argument mutates the definition of "communication" in the same way the above example mutates the definition of "no cat". In the first usage ("most people here don't want any kind of restriction on the kinds of communications"), it refers to content -- people quite properly think that governments have no legitimate authority to interfere with access to politics, pr0n, crypto software, etc. In the second usage ("yet they want to restrict one form of internet communication: spam"), it refers to manner of transmission -- spam may be properly prohibited for the same reason we prohibit the tossing of note-bearing bricks through windows, so long as the prohibition is content-neutral.
/.
/. If the government wants us to respect the law, it should set a better example.
Nope. Sorry, but we are nowhere near that organized. Actually, the 3 letter agency I work for uses linux for our top level domain DNS servers. I just bought 100 servers from Dell and did not get NT, instead we went with Solaris X86 (the product we are going to use them for does not support linux.. yet) But we are required to use MS Exchange and I suspect that is what they were using also...
Can't sleep, clowns will eat me....
Congressional aides are usually in their twenties.
- Have a picture
It occurs to me that if a congresscritter can notice a mere 20 e-mails extra in their inbox, we citizens must not be doing our job!
:)
Congress should be getting thousands of emails each day, making 20 more unnoticeable. Clearly, they don't read their e-mail from us, or we aren't mailing them often enough!
Or maybe they only read "important" mail - those whose subject and body are all caps?
Weight loss? Sounds more like job loss :-)
See, where I went to college, everyone had two email accounts: one on the unix system, which was used mostly by the CompSci students and faculty; and one on the NT system, whis was used mostly by the luzers who were too stupid to understand that you don't point and click in pine.
A favorite pasttime of the CompSci guys was to set both email accounts to foward all received email to the other. Once someone set this up, usually with one of the guest or intro accounts (or that of some freshman with an easy password), he'd spread the word, and both email accounts would fill up with "hello there" messages.
Now, the network traffic alone was enough of a hassle for the admins,but the nifty bit was the way the mail servers were set up.
The unix mailboxes had a set maximum size. When this was reached, the incoming mails would still be fowarded, but not saved to the account's mailbox. But the funny part was that the NT mail server had no set limit on mailbox size, so that one mailbox would eventually take over all the disk space on the NT server. Thus, one peoson could easily bring down the email for the entire campus.
Except, of course, for those of us who were intelligent enough not to use NT in the first place. We'd laugh our fool heads off every time this happened. Cause while everyone else was whining about email being down, it would be business as usual for everyone in CompSci.
Best part was, IT didn't figure it out until the last semester before I graduated. And when they did, they just whined to the unix admin (who worked for the CompSci dept., NOT IT), who promptly told the IT weasels to take a hike (only in less diplomatic terms).
IT couldn't do anything to the unixx guys because that network was owned and run by the CompSci department, whilst IT only had jurisdiction over the NT network. And they couldn't touch the unix admin, as he taught an "advanced unix" class and was thus considered faculty, automatically higher in the food chain than IT, who were only "support staff".
He was a cool old unix wizard who despised mocrosoft and those IT idiots who kept trying to encroach on his territory. And he didn't mind a little extra network traffic so long as it inconvinenced mostly the windiots, and didn't cause undue problems with "his" network. All around an awesome guy.
By my last semester, IT had finally figured out how it was done and put size limits on mailboxes tho. So the pasttime of crashing the windiots email every couple of weeks regretably came to an end.
But it sure was funny while it lasted, and of course, there're plenty of other ways to play with NT networks.
Imagine all the people...
you mean NT 3.51? Bad UI coders of the world unite!
And these are elected leaders.
Its everywhere. I host a website and act as webmaster for a local organization. The president of this organization, an intelligent, well read woman in her 40's, experiences total brain abandonment when 'operating' her PC. Yesterday she bombarded me with 2 dozen copies of a message, along with another half dozen messages bitching and accusing me of incompetence. She had sent an email to webmaster@herdomain (which is me) and it "came back" to her. She sent it over 24 times, interspersed with the complaint messages. She bitched loud and long about how mail to webmaster should NEVER go to her. The To: field CLEARLY showed that she had not only addressed the messages to webmaster, but also TO HERSELF AT HER OWN ISP MAILBOX. This normally bright person had sent and resent numerous times, AND NEVER ONCE BOTHERED TO LOOK AT WHAT SHE WAS DOING.
I very politely explained this to her, and added that in general, where there is WRITING, there is an intent that READING and COMPREHENSION also occur. And what do you know, there is a LOT OF WRITING ON HER SCREEN, AND IN HER EMAIL CLIENT WINDOW, AND THE SOONER SHE STARTED TO READ AND COMPREHEND THE WRITING SHE ENCOUNTERS THE BETTER OFF THE WORLD WILL BE!
(My work for this organization is charitable and without remuneration, so I could 'afford' to speak to the 'boss' this way!)
======
"Cyberspace scared me so bad I downloaded in my pants." --- Buddy Jellison
Sacred cows make the best burgers.
Use a third party's server without their permission (Again noone would complain if the post office refused to deliver letters without stamps).
This one is different. The post office may refuse to deliver, but there is no punishment. A well-configured email server will also refuse to deliver some sorts of forged email.
Making email forging as illegal as other document forging would be useful though.
Wow. Sneaky. Underhanded. I like it.
Glory be! I've been spammed by Slashdot....
Here's an email exchange I had with your sales and marketing people. I thought I'd let the pointyhaired folks at SD/Andover at least take a stab at it before post this, but I have heard nothing:
Hi,
Because I have little time to browse Slashdot, I was enjoying having the headlines emailed to me. I regret to say that I have unsubscribed from your service after getting five ads in a row emailed to me. All headlines were discontinued. I'm just letting you marketing folks know this as a courtesy, as I suspect nobody intended this. Who in their right mind would want to subscribe to ad spam? If you rotated the companies, it might even be interesting, if you really liked reading ads. But the same company over and over again?
Very sincerely
[me]
previously...
Hi {friendly chatty first name address to marketing minion of feminine gender suppressed to protect the guilty}, I have been subscribing to Slashdot Headlines and have been getting real articles. Now all I get is the same crap from MacMillan, day after day. Is this the new policy now that Andover.Net bought you? I think not. No articles-- just the same advertisement every day! I am giving you folks one chance to fix the problem, or I will unsubscribe.
Please look into this.
Thank you.
The majority of Hill offices run Microsoft Outlook (I worked there for quite awhile). In the TO: field, you can select from almost all House offices, leadership, and committee staff.
Personally, I don't buy it. You have to go out of your way to e-mail the entire House e-mail list. While there are only 440 members (5 delegates) there are thousands of staffers. It's not like there is one button that says "everyone" that you hit by accident (if that was the case, this wouldn't have been the first time).
By default, you are set to your own office, but many users change that to a personal e-mail listing). I think the "mistake" was a cover up for a real spam.
Anyway, the House system has a pretty good firewall against the outside, but once you are on the inside, it is, well, "possible" to get into a bunch of systems around the Hill. The encryption isn't that tough and with a dictionary, you can do wonders.
The passwords on a lot of Hill offices are a joke. At one time, I had nearly 300 user ID's w/ passwords onto the old HIS system (they shut it down due to Y2K). With a staff turnover of something like 40% a year (yes, it's that high) system security often falls by the wayside. Amazing how many Intern accounts have passwords of "Intern" "Intern2" "Monica" etc.
which is why there's a delete button in your email reader. Anyone abusing these security holes is already committing a felony, especially if they're in a different state than the server. But, if I choose to send an email out without committing one of the pre-established cracking crimes, that should be my right. As much as it sucks, that's the way it is.
Slay a dragon... over lunch!
You're right. The problem here isn't really spam, it's user ignorance. The unfortunate thing is, these are ignorant users with legislative power.
And what good is legislation against spamming going to do? So you're forced to spam though an out of country relay site, big deal. It will be as fruitless as trying to legislate web page content - if anyone, anywhere permits spamming, then everyone can get spammed.
>And to all the people whom this makes angry, do >you really think MS is your enemy? Look at all >the people who fought IBM as the evil Big >Brother
I wouldn't trust IBM, Sun or any other commercial company to rescue us computer users. There have been plenty of articles criticizing Microsoft for subsidizing (infiltratiing) universities, grade schools etc. Guess what? IBM used to do the very same thing.
My CS professor just told me that IBM used to sell *mainframes* to schools for $1 back in the mid 70s. Their thinking was that when graduates went into the real world that they would only know one system - IBM.
Sound familiar? Microsoft is doing the same thing today infiltrating the formerly-unixcentric universities with NT servers and Win98 desktops etc. Don't blame them for trying to rule the world - many companies have come and gone after doing the very same thing.
Keep the faith - open source works.
This post brought to you by your friendly neighborhood MBA.
Read this guy's response, he summs it up nicely:
RE: Hyppocricy
Slay a dragon... over lunch!
I absolutely agree with you. In fact, wouldn't it be a very good idea to enable a rating system driven by ISP's? Say I'm an ISP, and I have a No-Spam rating of 25. I can bestow a similar rating on my subnets, but not greater. Then my ISP notices a lot of SPAM comming out of my account, warns me, and I still do nothing, so they drop me down to a 20. Now I can only rate those below me as a maximum of 20. Pretty soon, those sites where SPAM come from will get rated down to 1, and will probably fail most people's email client filters (which have been specially modified to destroy messages less than a rating of 5). You wouldn't be able to forge any of that since say i put out a message and my ISP tries to cheat by giving it a rating of 40. His ISP is going to put a rating on it based upon its database of spam-likelihood from that cheating ISP. My mail client just pays attention to the lowest number. ISP's aren't going to want to have a low rating, and so will do their best to prevent SPAM from being generated by their subnets. Suddenly we live in a world where those who generate SPAM are branded, and I can have almost complete certainty that I am uninterrested in a message which has a low rating, and comes from an email address that's not in my address book. Novel idea, I just came up with it, but I'm sure that if it were implemented, the generation of SPAM would still not be blocked, but its annoying me at read time dissapears.
Slay a dragon... over lunch!
This statement is repeated on all login screens on all Government computers.
I think you're getting a bit carried away in your assumptions. Perhaps that was the policy where you worked, but I can assure you that "all Government computers" do not have that message, and that that policy is not anything that applies to all federal employees.
I work for the federal government, and our system usage policy explicitly allows us to use the government's computers for personal use on our own time (which can mean after work, lunch break, etc.)
Thanks for playing, though.
Anon Cow
You deserved to be spammed to death and then beaten with your own shoe!
Odds are the client was outlook -- The older versions don't make it obvious who mail is to/from sometimes. One of the reasons I've made eudora my email client when I'm doing windows.
First of all most of these people have already been the victims of spam at some point. Second of all I doubt many of them want the guy who sent the original message (who didn't seem to be aware that it was inappropriate) to be punished that severely. It was a only minor annoyance.
More than anything it demonstrates how careful you need to be in setting up large listservs, and things of the sort.
A moderated listserv would do far more to solve their problem than an anti-spam bill.
God does not play dice - Einstein
Not only does God play dice, he sometimes throws them where they
Suck what? Hard drive space? Yeah it sucks up hard drive space, but I can always trash windows for more.
--Have a Johsonville brat.
Here's the actual article from RollCall (congressional newsletter).
Text of the actual mail:"IF YOU'RE LOOKING TO LOSE WEIGHT PERMANENTLY AND YOU DON'T HAVE TIME TO SEEE AN EXPERT HERE'S THE PERFECT OPPORTUNITY. MY FRIEND LOSS 40 LBS. READ THIS! [sic]"
Yeah, uh, real important stuff...
--
This incident is a laser pointer at the crux of the problem: our old guard politicians just aren't capable of handling today's technological world.
We need to get some geeks elected soon, or at the very least get the 18-24 demographic group into the polls.
Here's some amusing quotes from the article in RollCall.
Wanna bet they're using Micro$oft?
--
Does anyone know what systems they run for their email? For curiousity's sake...
Any insiders out there reading /.?
--
Congress is apparently not capable of dealing with the technology. Someone needs to take their E-Mail server away until they make an effort to learn something.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Maviglio said that the anti-spam bill, known as the Can Spam Act , had picked up a half-dozen additional sponsors in a 48-hour time span.
hmm..It might be possible that the aide deliberately sent out the spam to gain support for the anti-spam bill.
That last post by me made absolutely no sense. It's late, and i'm tired, that's my only excuse.
--Have a Johsonville brat.
well i hope some good comes out of this. personally i think it was a relatively honest mistake.
:)
maybe not only acts of defiance start change? maybe mistakes do too
Isn't that what the X-Loop header is for?
Besides, most smart autoresponders keep a short list of who they've responded to recently, and won't send a second response to them. (Hell, even president@whitehouse.gov will only send one message per day)
Build it, and they will come^Hplain.
The whole problem here seems to be one or two (thousand) misinformed individuals using their email the only way they've ever done before.
I'd like to see some people read this in to the whole story:
"It's all Microsoft's fault. They try to make it so easy for total newbies to use a PC and Windoze that that at least one of the uneducated fools is bound to f*ck up from time to time, and every now and then, in a very big way".
Because basically that's how I see it. That MS guy said "I wan't my mother to be able to use it" when reviewing the W95 OS. Quite frankly I wouldn't trust my mother on my PC. Why? because there is too much that can go wrong when left in uneducated hands.
Same goes here. A little bit of education can prevent a whole lot of trouble.
Dan. -- So what if it's spelt wrong, nobody's perfect
Remember, this plan depends on your honesty to work!
/.
/. If the government wants us to respect the law, it should set a better example.
Wouldnt it be easier if our politicians would just listen to the constituents. That way we wouldnt have to wait for them to inflict the problem on themselves before they realize that we are right.
I started with nothing and I still have most of it.
Come to think of it, people's brains need to get amended a bit, too. Those may be the age limits, but how many under-30 Representatives are there? I'd say probably not very many. The youngest president we've ever had was IIRC 41, and he wasn't elected -- he was a VP who succeeded a Prez who got shot (T.R., who became President after McKinley's death.)
Even when Clinton/Gore ran for the first time, "are they too young?" was a big campaign issue even though they were in their mid-40s. Sheesh. For all the "Don't Trust Anyone Over 30" buttons, it seems like in practice "Don't Trust Anyone Under 50" is the way politics are REALLY played.
"Somebody exploded a letter-bomb today
You can't stop all spam. Sysadmin ignorance (preventing relaying through sites, for example)
and the lack of legislation abroad makes effective
anti-spam legislation impossible.
To all of you who scream for no legislation tethering the Internet, no censorship, blue ribbon campaign, etc., I cry "Hypocrisy"
Although I hate spam as much as anyone else, can we as conscience-wielding citizens actually state from the left side of our mouths that spam should be illegal while with the right side we state that there should be absolutely no restriction on internet communications? Do you see what I'm getting at?
I expect to be able to express my views over the internet in an uncoltrolled forum. The Internet has demonstrated it's usefulness as an unbound, unfettered learning and experimentation environment. Its exactly this characteristic that has made things like Linux and open source what it is today. When I need to research a paper for school, I can go to the internet to view the unbounded oppinions of others.
But do I really need to explain the benefits of online rights to all you slashdotters? The nearly bi-weekly articles about "Your rights Online" attest to the oppinions of most slashdotters, an oppinion that I share.
But what I'm getting at in the end is that anyone who can say that they want to legislate SPAM while simultaneously stating that there should be no internet censorship of any kind is simply a fool. It's like stating "I hate all apples" and then stating "I like Granny Smith apples."
Slay a dragon... over lunch!
Do you really want Congress to regulate e-mail? Wasn't their last couple of attempts a good enough indication of what kind of law you'd get (COPA and CDA)?
(1) basically it means "you used my stuff without my permission"
The problem has historically been that the people
in Congress have no idea that spam is a problem.
Now some of them have an *inkling* of an idea.
I'm not sure I want Congress getting involved,
admittedly, but I'm beginning to despair of seeing
the backbones get some backbone.
My blog: http://www.seebs.net/log/ --- My iPhone/iPad app: http://www.seebs.net/seebsfrac/
You're missing something...
Unrestricted internet communication IS NOT THE SAME AS HARRASSMENT.
SPAM == HARRASSMENT.
Harrassment is illegal - freedom of speech does not give you the right to scream into your neighbor's windows at 4:AM with a megaphone.
The people who are crying for anti-spam legistlation are only trying to clearly define what spam is, so that existing legal principles can be applied.
But what I'm getting at in the end is that anyone who can say that they want to legislate SPAM while simultaneously stating that there should be no internet censorship of any kind is simply a fool.
So... by this logic, anyone who says "there should be no internet censorship", and also says "kiddie porn should be illegal" is also a hypocrite? Not likely. One has absolutely nothing to do with the other.
Anti-spam legislation sounds great, I mean we all hate spam right? The devil is in the details. The Can Spam Act defines spam so broadly that virtually any commercial e-mail message would fall under it. For example, if a vendor sends you an unsolicited (but desirable) notice about an upgrade to a software product that you previously purchased from them, they could be liable for a penalty of up to $25,000.
The proposed law bans the delivery of all unsolicited commercial e-Mail (UCE) to any sendmail server that contains the string "UCE" in the HELO banner. In other words, your ISP can opt-out for the entire site. (Note the legislation originally had an opt-out for individuals.)
Within months every single ISP will put "UCE" in their banner. Heck, Eric Allman will probably hardcode it into the next Sendmail 9 release. Because the language is so broad, the result will effectively ban from the net all e-mail with even a remotely commercial whiff. Is this what we really want?
Agreed.
This problem could/would easily have happened regardless of the chosen platform of the recipients. This has nothing at all to do with evil Microsoft and everything to do with a lack of training.
Perhaps when you click on the "Reply To All" button and there's more than a handfull of recipients the mail client should pop up a suitable warning?
And these are elected leaders.
No, they're the fresh-faced aids.
but also TO HERSELF AT HER OWN ISP MAILBOX. This normally bright person had sent and resent numerous times, AND NEVER ONCE BOTHERED TO LOOK AT WHAT SHE WAS DOING.
In many e-mail clients there's a setting to automatically add your own e-mail address to the list of recipients on all outgoing messages. It sounds like this is enabled in her e-mail client. She likely made no conscious effort to send this to herself (in all likelyhood the To: line in her client didn't even have her own address in it) and it's understandable that she was confused.
I do agree that if she had been better trained in the e-mail software, this probably would have been averted, but I don't think this was due as much to incompetance as you think. I know lots of educated people that would be just as confused if this setting were enabled and would also make the assumption that they were receiving e-mail via the recipient address they were using. *shrug*.
These are people YOU elected into office. It is your RESPONSIBILITY to see to it that they are educated with respects to matters that affect you, the constituent.
Write a letter. Make the world better.
This reminds me of something that happened at my University last semester. The geniuses at the school newspaper decided to send out an email to the whole campus and neglected to put the list in the BCC field, thus giving everyone on campus a quick and dirty method to spam the rest of the campus. Not that this list would be very hard to compile if you wanted (the school email directory will just spit it out for you) but it's lead to a fair amount of campus wide spam since then. I'd hope that the offenders would lose their email privlidges but somehow I doubt that's happened.
The old cc:Mail client the way things were set up at a former employer of mine for the made it obcenely easy to bcc all. When someone replied to such a message the reply went to all by default. Once someone did this discussing the aptitude of a certain employee and their chances of passing certain tests. Not good.
It just strikes me how profoundly STUPID the originating email was, and the fact that so many people are so STUPID that they don't know the functional difference between Reply and Reply All.
There's no reason for a sig here.
I'm not sure about Congress, but I know that the Department of Energy and the Park Service both run Novell 3.10... maybe the PS had 3.12.
I also know that the DOE is still using cc:Mail, as are quite a few other agencies, such as at least parts of the DOD and EPA.
46. The Hobo smiles, his eyes glaze over, and he burps. "Beware the man who has lived longer than the Wasteland."
Seriously, I'm too cynical to believe that the Congress will do much of anything for computer geeks. Technology changes very quickly, and Congress and the court system are both INCREDIBLY slow. In order to write relevant polciy governing computers, the computer industry, and such, you have to have a degree of foresight. This is where Congress REALLY fails. There is an election every two years and the parties are both trying to get/keep their guys in office. So all they really care about is the nearest election. Obviously, we can't really count on them to do anything. Any we can't count on industry to look out for us either, because all industry leaders care about is making money for their shareholders.
That's why I think Free Software is so cool -- it empowers people to take care of themselves. Of course, it won't help us fight spam, but eventually high quality free software might provide all users with an alternative to crappy software.
Take care,
Steve
Actually, Newton OS v2 had excellent recognition. The real reason that Palm won is that the Newton was too heavy, didn't fit in your pocket (or a small hand), cost too much, and did more than most people needed. If Apple had made a Newton Jr...well that's Palm in a nutshell.
Of course, this entire thread is irrelevant to the Congressional spam question. No matter what email app the end users had, this still would have happened because 1) the original spam was sent off-topic to a large mailing list and 2) the list was an auto-reflector, causing a counter-spam cascade. It's a design that's bound to incur spam flooding every so often.
I love to blame M$ and spammers for the world's evils as much as anyone here, but this case was really just a dumb accident. On the bright side, it gave a boost to anti-spam bills.
This statement is repeated on all login screens on all Government computers.
If a contract programmer reads Freshmeat, without proper authorization, they are liable to be sacked at best, and face the threat of court action from the DOJ for gross misuse of Government-furnished Equiptment.
If a Government employee violates privacy, misuses a list of e-mail addresses, sends spam that's illegal in several States, recklessly puts Congress' e-mail system in jeapordy, advocates a product that may be a severe health risk, violates European privacy law (which may adversely impact relations between the US and the EU), has triggered a scandal in the media which could damage the image of the US Government (if that's still possible), they get a minor telling-off.
You'd never guess I'm a bit pissed-off over this.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Ah, it's so humerous reading the comments of dimwitted apes.
There's no reason for a sig here.
There's no reason for a sig here.
I wonder if it's displayed in a "collapsible" list, or is just being truncated, for display purposes....but it also means that the original spammer probably put them in the to: or cc: instead of bcc:.
I'm glad that some folks are putting their poli-sci degrees to good use.
_______________________
Anybody at MS remember this?
. . . so my congress-person can buy a clue.
But seriously, I think there is an even bigger issue here. I suspect that email isn't the only subject about which the average politician has no clue. For the most part, his or her experience is in politics, law, maybe business management and little else. Helluva way to run a country. Like it says in the Federalist papers,"No man can be a competent legislator who does not add to an upright intention and a sound judgment a certain degree of knowledge of the subjects on which he is to legislate." But these days too many laws deal with so much technical knowledge (The Internet, Economics, Ecology) that even if most legislators weren't career politicians with no desire to learn these things, it would be too much for anyone to handle.
The US Congress needs more than a rebooting with a fresh set of pliticians, it needs some serious hacking to remove two centuries of crufty policy patches that just can't handle the system load any more, something that would shift our "design model" to better exploit the "open source" architechture laid out in our Constitution.
I'd be curious to hear if other countries have done anything in this direction.
I use linux.
.rc files and command line tools?
:)
I try to get people to use it, and I try to use subliminal messages to sedate rabid linux fanatics to not write stuff they think is really witty or accurate, but which ultimately consists of blaming MS for all the woes in the computing world (usually decorated with a dollar sign to make it really funny, and it gets funnier every thousandth time you see it).
Do you know for sure if the person was using an MS product? Do you think it matters? - Netscape on Linux has a "reply all" button. If user friendliness is to blame, is your solution that we should make products so dense and obsure that every user must use
I'm not sure what your point is - but I get tired of hearing this "Fsck Microsoft! They are to blame!" thing over and over and over.
As for not letting your mom trust your PC because she's too uneducated...This is the dumbest argument I've ever heard - "don't make the product better, condition the user". If you produce any kind of software that interfaces with a human user, go do the world a favor and dunk yourself in a well.
And to all the people whom this makes angry, do you really think MS is your enemy? Look at all the people who fought IBM as the evil Big Brother - look how obsolete their ideology is (now IBM is almost a hero in the open source community). If you spend so much energy hating a company, after 20 years, you'll feel like a complete idiot, and be wishing you'd picked a better target. Because the Evil Company(TM) always changes its name every 20 years.
I wonder how the guys who ranted against Wang feel these days.