Re:Google doesn't want/need good outbound filterin
on
Spammers Choose GMail
·
· Score: 1
I apparently wasn't clear enough on something. To quote my own post:
"Google doesn't want to be known as the "source of doom" for spam, but as long as they're seen as making some effort against hosting spammers, they're fine."
They're not opening the floodgates because of exactly what you say, but they won't work really hard on filtering outbound email, when it's (a) difficult (as you say), (b) not as useful, and (c) counterproductive.
They'll filter outbound mail enough to keep spam from gmail down to a dull roar, and to maintain their "good internet neighbour" seal of approval, but no more than that.
As for outbound vs. inbound filtering, I know how hard it is (it's related to my work at a major ISP), but there are some things which are pretty easy to implement, and google doesn't do many of 'em. There are other things which could use some research for great benefit, but as long as spam from google hurts their competitors more than it hurts them, they'll put their research into inbound filtering.
Folks, it's not an OMG!!! THEY HID THE BUG AND NOW WE'RE GOING TO DIE!!! issue.
Security through obscurity, for those who remember the olden days, meant not disclosing code, not revealing algorithms, and relying on enforced ignorance on the part of the user/exploiter.
This ain't it. The code is there. The comments are there. Anyone can find it. What Linus is talking about is failing to aid and abet hackers in their attempts. It is simply not ACTIVELY ADVERTISING exploitable code. This is something that seems remarkably sensible.
Unfortunately, anything less "open" than having a courier deliver working exploit code to hackers is labeled "security through obscurity OMFG!!!" by idiots.
Google doesn't want/need good outbound filtering
on
Spammers Choose GMail
·
· Score: 1
OK, many people seem to be missing the point that this is mail _outbound_ from google. Google accounts are the originator.
Yeah, Google doesn't want to be known as the "source of doom" for spam, but as long as they're seen as making some effort against hosting spammers, they're fine. No more is needed, and in fact is counterproductive. Why? Because they want everyone on the planet to sign up for gmail as their primary email account, and the way they do that is by having the best damned INBOUND filters around! If the spam problem gets worse but they can filter it better than anyone else, then they win twice over. Reducing spam is NOT the goal of any email provider--reducing spam received by their customers is. In this case, it also increases spam to their competitors' customers.
Oh, except that google would never do that, because it's evil! Yeah, right.
"Many of you may have been as frustrated as myself by Micrsoft bowing to the RIAA and pressuring the soundcard manufacturers to remove the "What You Hear" feature from their drivers."
"Some believe that Dell, and several other computer manufacturers such as Gateway and Pac Bell, were pressured by the RIAA (Record Industry Association of America) into disabling the stereo mix functionality."...
"So that we are all clear, the evidence points to Dell appeasing the RIAA by disabling hardware, only to have their customer service reps turn around and offer a solution to their consumers that reverses the alteration they made in the first place at a premium price."
Yep, that's it. One guy claimed it with absolutely no evidence, and so it's apparently true. Another guy wilfully misinterpreted some random tech support guy's suggestion, and now we have a collusion between Dell and the RIAA. Wow, this is investigative reporting at its finest!
My Dell laptop at work didn't have a way of turning off the damned 'tap to click' feature of the touchpad. I spent ages looking for a downloadable driver to make that feature work. Based on the rules of logic illustrated above, this is clearly a sign of collusion between Dell and Logitech.
Honestly, aren't there enough examples of corporate bullshit that we don't have to invent false ones?
Geeks play games that run under XP. Housewives (househusbands, most of the rest of the universe) don't play games often, and when they do, they're browser-based or included in the OS.
Outside of ReiserFS and his programming abilities, how much do you know about the guy?
I read quite a bit of detailed information on the case--probably more than most people. Hans was a messed up individual, from the time he was a teenager. Possibly brilliant, but mostly an accident waiting to happen.
Firefox updates work like this: Updates download in the background. Magically. They apply. Magically. A notice tells you that a restart (NOT a reboot!) is required to make the updates effective. ONCE!!! (i.e. not every five #$&(@*$& minutes until you obey them, thank you very much Microsoft updater!).
When you decide to restart, you are taken back to the exact same place you were before the update. Tabs reopen, everything works magically.
Then, when it's all done, the browser continues to work as well as or better than it did before. Amazing, eh?
So in short, the update process: 1) is painless 2) is non-intrusive 3) is quick 4) doesn't break anything
If all software updated this easily and reliably, then most people would be FAR less resistant to updates and patches. Unfortunately, firefox is the exception, not the rule.
"If you have burning eyes with headaches then it's probably allergies. Most likely mold in the furniture or carpets."
Bollocks. That's almost the last thing that's likely to be a problem. Eye problems (prescription, dry eyes, etc.) are most likely. Bad lighting is second. Genuine eyestrain from bad colours/fonts is next. About six feet below those issues would be the likelihood of mold allergies.
"Since you're probably using a LCD you don't have any options on refresh rate so you're stuck there."
So what? When will people finally understand that REFRESH RATE ON LCDs IS NOT RELEVANT IN THE SAME WAY AS IT IS ON CRTS?!
"Don't use flourescent(sic) lighting. Great for the environment - crap for the eyes."
True enough. Well, they're not great for the environment--they're just lower energy consumers. For those of us in northern climes, good ol' incandescent bulbs are nearly 100% efficient anyways, since the waste energy just goes to heat our houses.
"I once had some prescription glasses that filtered out the yucky part of flourescent light."
Can you elaborate on this? I'm quite curious about what they filtered out.
Incidentally, green on black isn't the BEST choice--either green or amber on black were very good in their day. Black on green/amber is arguably a better combination, but redrawing that much real estate on vector screens was way too slow and flickery. However we can do better now, and should.
Someone here suggested black on wheat--a very good combination of readability and low eyestrain. If you like bright text on dark backgrounds, play around for a while with relatively low-contrast pairs. (lightblue on darkslategrey, for a Unix example).
You're making two incorrect assumptions here: 1) 5th Amendment protection holds sway in other countries. 2) 5th Amendment protection holds sway in the USA.
If they feel like it, the Russian government could go after these punks, and US law be damned. However, Russian crime gangs tend to make their own laws, and a lot of cops would likely end up dead.
Also, in the past decade the US government has definitively shown that they don't hold the 5th (or 4th) Amendment as valid. They have done this through both law (The Executive Order from July of last year, for instance, allowing seizure of property without due cause or process), and action (officially sanctioned torture of prisoners, in violation of signed treaties).
So good luck with that 5th Amendment thing. Hope it works for you.
I could say, "who cares about US law, since this is a UK case?" But I won't.:-)
There's an interesting and detailed argument from someone more familiar with UK law, which more or less confirms my point. ISPs in the US are not common carriers, by the letter of the law. In the UK and other countries (Canada, Australia), the ISPs are more likely to maintain CC status, due to the lack of DMCA and CDA laws.
However, as you state there is safe harbour in the US. The linchpin of safe harbour is that it's only valid for transport of third-party material. If an ISP inspects the content, then the assume partial ownership of it, and safe harbour no longer applies.
Of course, in the US, ISPs are no longer required to obey the law anyways. #$*)(#@$ retroactive immunity.
Thanks for the info. I'm not sure that your analogies would stand up in court, but they'd be an interesting defense.
Also, bandwidth-limiting is defensible, based on the terms of the contract--if an ISP says you're allowed to download 50GB/month, then they have the right to cut you off after that, without accountability for the content, because the limit was imposed impartially on unexamined content.
If they start to discriminate based on content, then they have entered into the content ownership battle. That's when they get in trouble.
OK, I've said this before, but it apparently bears repeating.
If a company assumes responsibility for inspecting your content, then THEY ARE NO LONGER A COMMON CARRIER!!! They are now gatekeepers, which means they are responsible for ALL content that goes through their network. If they fail to catch some illegal downloaders or kiddie-porn peddlers, then THEY ARE RESPONSIBLE FOR IT!
Sooner or later, this piece of shit will hit the fan, and when it does, the ISPs are going to get messy.
I read about 15 posts here, every one of them a joke about Reiser, ReiserFS, the missing body, or Unix in general.
Is there anyone here who remembers that a woman is missing and presumably murdered? There are two children who have done nothing wrong, but are now effectively parentless, living with their grandmother.
Yeah, I know this is/., and no I'm not new here (check the number). It still galls me that there is NOTHING BUT jokes about this case.
I hope everyone realises that Carl Icahn isn't a long-term shareholder upset with how the company is being run. He thought he could run it better when Jerry Yang rebuffed MS, and AS A RESULT, bought a significant number of shares. In other words, he bought into the company for the sole purpose of getting Yang tossed out.
In the world of billionaires, not always the most friendly of folks, Icahn is about as pleasant as a rabid shark with PMS. If he gets his way, he'll install a new board, sell Yahoo to MS at $40, help gut the company, and then leave with a few more dollars in his pockets. Yahoo staff will be out of work, the search engine market will become a battle of two titans, and basically everyone will lose except for Carl and his board.
Let's be clear on something here: There is no advantage to having 'realtime' quotes vs. 20-minute delayed quotes unless you're trading, and trading on tight schedules.
I'm not aware of any online brokerage which does NOT provide comparable realtime quotes.
Ergo, Google is looking to open up an online stock trading service. Free trades? Hard to say if they'll go that far. (Don't know if they'd be allowed, in fact.) But expect to see gtrade.com become a google property and service in the next year or so.
Why on earth would you think that realtime computing has any relevance here? What google is talking about is clearly NOT realtime computing. They can't provide that until they own your computer, the OS on it, and the link between them and you.
They're talking about realtime trading here, but as Doc Ruby points out, they're not _really_ doing that either. What they're doing is the same as all consumer-grade online trading services who promise "realtime quotes": They're presenting data directly to the end-user without deliberately introducing a delay (typically 20 minutes) in the feed. They're giving you the info as fast as they can present it. Not realtime, but not "quotes are delayed by at least 20 minutes."
Not realtime computing. not exactly realtime quotes either, but closer.
To quote: "It's amazing how organizations are sometimes willing to accept low-quality, unverified scans delivered over POTS as authoritative, when they won't take the same information in a high-resolution scan delivered over (relatively secure) email."
This is Timothy's comment, not Bruce's, and makes me think that Timothy missed the point. Scanned and emailed signatures have EXACTLY the same problems as faxed ones. The point isn't that we should encourage MORE bad security practices, but rather eliminate them. The faxed signature from McDonald's to release a prisoner could have been just as handily done by email if we accepted scans of signatures as attachments. In fact, it could have been done more easily because "relatively secure email" is easier to forge than fax sources.
Making email secure would require hashing which would involve cryptographic keys. At that point, we could actually eliminate visual signatures in all cases except for in-person, pen-and-ink signing of documents, by using digital signatures.
Faxed signatures are a bad idea. Scanned and emailed signatures are the same thing, but more democratic--let's bring a bad idea to a larger audience!
Well, OK. But having inline images and HREF tags was explicitly defined in the draft spec of early 1993. I remember our lab getting a beta copy of Mosaic around that time, and playing with the idea, so that was (presumably) before Mosaic 1.0 was release, in April of that year.
Dead on in every way, except that they won't charge a premium for the TVs with cable cards. They'll be the same price or close to it, and not having a settop box will be a "feature." This is always how objectionable technology becomes the norm.
Good luck with that. The cable boxes talk back and forth with the cable provider. Block the signal back, and the thing will quit working. Tragic but true.
Slashdot Mirror
I apparently wasn't clear enough on something. To quote my own post:
"Google doesn't want to be known as the "source of doom" for spam, but as long as they're seen as making some effort against hosting spammers, they're fine."
They're not opening the floodgates because of exactly what you say, but they won't work really hard on filtering outbound email, when it's (a) difficult (as you say), (b) not as useful, and (c) counterproductive.
They'll filter outbound mail enough to keep spam from gmail down to a dull roar, and to maintain their "good internet neighbour" seal of approval, but no more than that.
As for outbound vs. inbound filtering, I know how hard it is (it's related to my work at a major ISP), but there are some things which are pretty easy to implement, and google doesn't do many of 'em. There are other things which could use some research for great benefit, but as long as spam from google hurts their competitors more than it hurts them, they'll put their research into inbound filtering.
Folks, it's not an OMG!!! THEY HID THE BUG AND NOW WE'RE GOING TO DIE!!! issue.
Security through obscurity, for those who remember the olden days, meant not disclosing code, not revealing algorithms, and relying on enforced ignorance on the part of the user/exploiter.
This ain't it. The code is there. The comments are there. Anyone can find it. What Linus is talking about is failing to aid and abet hackers in their attempts. It is simply not ACTIVELY ADVERTISING exploitable code. This is something that seems remarkably sensible.
Unfortunately, anything less "open" than having a courier deliver working exploit code to hackers is labeled "security through obscurity OMFG!!!" by idiots.
OK, many people seem to be missing the point that this is mail _outbound_ from google. Google accounts are the originator.
Yeah, Google doesn't want to be known as the "source of doom" for spam, but as long as they're seen as making some effort against hosting spammers, they're fine. No more is needed, and in fact is counterproductive. Why? Because they want everyone on the planet to sign up for gmail as their primary email account, and the way they do that is by having the best damned INBOUND filters around! If the spam problem gets worse but they can filter it better than anyone else, then they win twice over. Reducing spam is NOT the goal of any email provider--reducing spam received by their customers is. In this case, it also increases spam to their competitors' customers.
Oh, except that google would never do that, because it's evil! Yeah, right.
OK, here is ALL of the evidence that the RIAA has been strongarming Dell into this behaviour:
(from http://www.eggheadcafe.com/software/aspnet/32286847/vista-audio-solution--wh.aspx)
"Many of you may have been as frustrated as myself by Micrsoft bowing to the RIAA
and pressuring the soundcard manufacturers to remove the "What You Hear" feature
from their drivers."
Oh, yeah, and there's the other article which points to it, on http://www.ripten.com/2008/07/07/bend-over-dude-youre-getting-a-dell/:
"Some believe that Dell, and several other computer manufacturers such as Gateway and Pac Bell, were pressured by the RIAA (Record Industry Association of America) into disabling the stereo mix functionality." ...
"So that we are all clear, the evidence points to Dell appeasing the RIAA by disabling hardware, only to have their customer service reps turn around and offer a solution to their consumers that reverses the alteration they made in the first place at a premium price."
Yep, that's it. One guy claimed it with absolutely no evidence, and so it's apparently true. Another guy wilfully misinterpreted some random tech support guy's suggestion, and now we have a collusion between Dell and the RIAA. Wow, this is investigative reporting at its finest!
My Dell laptop at work didn't have a way of turning off the damned 'tap to click' feature of the touchpad. I spent ages looking for a downloadable driver to make that feature work. Based on the rules of logic illustrated above, this is clearly a sign of collusion between Dell and Logitech.
Honestly, aren't there enough examples of corporate bullshit that we don't have to invent false ones?
Geeks play games that run under XP. Housewives (househusbands, most of the rest of the universe) don't play games often, and when they do, they're browser-based or included in the OS.
Nothing to see here.
"Some people have it coming."
No. They don't. Ever.
Outside of ReiserFS and his programming abilities, how much do you know about the guy?
I read quite a bit of detailed information on the case--probably more than most people. Hans was a messed up individual, from the time he was a teenager. Possibly brilliant, but mostly an accident waiting to happen.
I feel sorry for the kids. I hope they'll be OK.
Firefox updates work like this:
Updates download in the background. Magically. They apply. Magically. A notice tells you that a restart (NOT a reboot!) is required to make the updates effective. ONCE!!! (i.e. not every five #$&(@*$& minutes until you obey them, thank you very much Microsoft updater!).
When you decide to restart, you are taken back to the exact same place you were before the update. Tabs reopen, everything works magically.
Then, when it's all done, the browser continues to work as well as or better than it did before. Amazing, eh?
So in short, the update process:
1) is painless
2) is non-intrusive
3) is quick
4) doesn't break anything
If all software updated this easily and reliably, then most people would be FAR less resistant to updates and patches. Unfortunately, firefox is the exception, not the rule.
"If you have burning eyes with headaches then it's probably allergies. Most likely mold in the furniture or carpets."
Bollocks. That's almost the last thing that's likely to be a problem. Eye problems (prescription, dry eyes, etc.) are most likely. Bad lighting is second. Genuine eyestrain from bad colours/fonts is next. About six feet below those issues would be the likelihood of mold allergies.
"Since you're probably using a LCD you don't have any options on refresh rate so you're stuck there."
So what? When will people finally understand that REFRESH RATE ON LCDs IS NOT RELEVANT IN THE SAME WAY AS IT IS ON CRTS?!
"Don't use flourescent(sic) lighting. Great for the environment - crap for the eyes."
True enough. Well, they're not great for the environment--they're just lower energy consumers. For those of us in northern climes, good ol' incandescent bulbs are nearly 100% efficient anyways, since the waste energy just goes to heat our houses.
"I once had some prescription glasses that filtered out the yucky part of flourescent light."
Can you elaborate on this? I'm quite curious about what they filtered out.
Incidentally, green on black isn't the BEST choice--either green or amber on black were very good in their day. Black on green/amber is arguably a better combination, but redrawing that much real estate on vector screens was way too slow and flickery. However we can do better now, and should.
Someone here suggested black on wheat--a very good combination of readability and low eyestrain. If you like bright text on dark backgrounds, play around for a while with relatively low-contrast pairs. (lightblue on darkslategrey, for a Unix example).
You're making two incorrect assumptions here:
1) 5th Amendment protection holds sway in other countries.
2) 5th Amendment protection holds sway in the USA.
If they feel like it, the Russian government could go after these punks, and US law be damned. However, Russian crime gangs tend to make their own laws, and a lot of cops would likely end up dead.
Also, in the past decade the US government has definitively shown that they don't hold the 5th (or 4th) Amendment as valid. They have done this through both law (The Executive Order from July of last year, for instance, allowing seizure of property without due cause or process), and action (officially sanctioned torture of prisoners, in violation of signed treaties).
So good luck with that 5th Amendment thing. Hope it works for you.
Man, nails have been going into the SUV coffin since they first became popular in the cities. Hasn't that thing sunk yet?
I could say, "who cares about US law, since this is a UK case?" But I won't. :-)
There's an interesting and detailed argument from someone more familiar with UK law, which more or less confirms my point. ISPs in the US are not common carriers, by the letter of the law. In the UK and other countries (Canada, Australia), the ISPs are more likely to maintain CC status, due to the lack of DMCA and CDA laws.
However, as you state there is safe harbour in the US. The linchpin of safe harbour is that it's only valid for transport of third-party material. If an ISP inspects the content, then the assume partial ownership of it, and safe harbour no longer applies.
Of course, in the US, ISPs are no longer required to obey the law anyways. #$*)(#@$ retroactive immunity.
Thanks for the info. I'm not sure that your analogies would stand up in court, but they'd be an interesting defense.
Also, bandwidth-limiting is defensible, based on the terms of the contract--if an ISP says you're allowed to download 50GB/month, then they have the right to cut you off after that, without accountability for the content, because the limit was imposed impartially on unexamined content.
If they start to discriminate based on content, then they have entered into the content ownership battle. That's when they get in trouble.
OK, I've said this before, but it apparently bears repeating.
If a company assumes responsibility for inspecting your content, then THEY ARE NO LONGER A COMMON CARRIER!!! They are now gatekeepers, which means they are responsible for ALL content that goes through their network. If they fail to catch some illegal downloaders or kiddie-porn peddlers, then THEY ARE RESPONSIBLE FOR IT!
Sooner or later, this piece of shit will hit the fan, and when it does, the ISPs are going to get messy.
Today /. is hitting a new low.
/., and no I'm not new here (check the number). It still galls me that there is NOTHING BUT jokes about this case.
I read about 15 posts here, every one of them a joke about Reiser, ReiserFS, the missing body, or Unix in general.
Is there anyone here who remembers that a woman is missing and presumably murdered? There are two children who have done nothing wrong, but are now effectively parentless, living with their grandmother.
Yeah, I know this is
Hey, Cliff's back in print!
That is one genuinely oddball character. Interesting, nuts, and totally caught by random events around him. It's a good book.
Here you go. Nice and clean:
Yahoo's search page.
I hope everyone realises that Carl Icahn isn't a long-term shareholder upset with how the company is being run. He thought he could run it better when Jerry Yang rebuffed MS, and AS A RESULT, bought a significant number of shares. In other words, he bought into the company for the sole purpose of getting Yang tossed out.
In the world of billionaires, not always the most friendly of folks, Icahn is about as pleasant as a rabid shark with PMS. If he gets his way, he'll install a new board, sell Yahoo to MS at $40, help gut the company, and then leave with a few more dollars in his pockets. Yahoo staff will be out of work, the search engine market will become a battle of two titans, and basically everyone will lose except for Carl and his board.
Let's be clear on something here: There is no advantage to having 'realtime' quotes vs. 20-minute delayed quotes unless you're trading, and trading on tight schedules.
I'm not aware of any online brokerage which does NOT provide comparable realtime quotes.
Ergo, Google is looking to open up an online stock trading service. Free trades? Hard to say if they'll go that far. (Don't know if they'd be allowed, in fact.) But expect to see gtrade.com become a google property and service in the next year or so.
Why on earth would you think that realtime computing has any relevance here? What google is talking about is clearly NOT realtime computing. They can't provide that until they own your computer, the OS on it, and the link between them and you.
They're talking about realtime trading here, but as Doc Ruby points out, they're not _really_ doing that either. What they're doing is the same as all consumer-grade online trading services who promise "realtime quotes": They're presenting data directly to the end-user without deliberately introducing a delay (typically 20 minutes) in the feed. They're giving you the info as fast as they can present it. Not realtime, but not "quotes are delayed by at least 20 minutes."
Not realtime computing. not exactly realtime quotes either, but closer.
Funniest thing I've read on /. in ages! I haven't seen humourous truisms packed that densely for FAR too long.
To quote: "It's amazing how organizations are sometimes willing to accept low-quality, unverified scans delivered over POTS as authoritative, when they won't take the same information in a high-resolution scan delivered over (relatively secure) email."
This is Timothy's comment, not Bruce's, and makes me think that Timothy missed the point. Scanned and emailed signatures have EXACTLY the same problems as faxed ones. The point isn't that we should encourage MORE bad security practices, but rather eliminate them. The faxed signature from McDonald's to release a prisoner could have been just as handily done by email if we accepted scans of signatures as attachments. In fact, it could have been done more easily because "relatively secure email" is easier to forge than fax sources.
Making email secure would require hashing which would involve cryptographic keys. At that point, we could actually eliminate visual signatures in all cases except for in-person, pen-and-ink signing of documents, by using digital signatures.
Faxed signatures are a bad idea. Scanned and emailed signatures are the same thing, but more democratic--let's bring a bad idea to a larger audience!
Well, OK. But having inline images and HREF tags was explicitly defined in the draft spec of early 1993. I remember our lab getting a beta copy of Mosaic around that time, and playing with the idea, so that was (presumably) before Mosaic 1.0 was release, in April of that year.
Dead on in every way, except that they won't charge a premium for the TVs with cable cards. They'll be the same price or close to it, and not having a settop box will be a "feature." This is always how objectionable technology becomes the norm.
Good luck with that. The cable boxes talk back and forth with the cable provider. Block the signal back, and the thing will quit working. Tragic but true.