I said: Most people do not sign their messages with gnupg; it's ordinary to accept unsigned messages. Thus, there's no way for me to prevent people from forging mail from me. Which is most annoying - I regularly have to wade through all the messages sent in reply to viruses/worms I supposedly emailed out.
SpaceLifeForm replied: If you signed *all* of your e-mails, and you made it your standard policy, then you can refute forgeries.
No, you missed my point. What I'm concerned about is these replies to forged messages wasting my time. Refuting forgeries would be a further waste of my time.
SPF is a much better solution. Unfortunately, the people sending the automated emails are going to be the slowest adopters (since they're incompetent). But SPF at least gives me a way to say "any message which does not satisfy these criteria is a forgery".
Why not use something like gnupg to sign email in order to prove the identity of the sender?
Because there is no standardized way to say "if there's no signature, the message did not come from me".
Most people do not sign their messages with gnupg; it's ordinary to accept unsigned messages. Thus, there's no way for me to prevent people from forging mail from me. Which is most annoying - I regularly have to wade through all the messages sent in reply to viruses/worms I supposedly emailed out.
I leave an unencrypted access point open in the no-mans-land between my broadband modem and my router, on purpose. I think a lot of people do something like that, or even keep their whole LAN open to the access point, in order to promote free WiFi.
I hope you at least block outbound port 25 (SMTP). Because this will be abused by spammers otherwise.
Legitimate people can still send mail through the submission port (see RFC 2476). This is a separate port that exists for MUAs to submit new mail; typically it requires SASL authentication. So they can connect to their own ISP's server and submit mail, but not send directly to the recipient's server, as a spammer would.
Advertisers were playing fair, years ago. The banner ad was the ubiquitous form of internet advertising, and it always stayed within the little bar at the top of the page, and maybe one at the bottom. That was still too much for people, and so the ad-blockers were created. Soon, those sites couldn't turn a profit, and so their advertising department/provider (in order to save themselves) had to come up with new ways of improving the click-thru on their ads. That led us to pop-ups, flash ads, interstitials, pop-unders, etc. The more people block, the more intrusive the adverts have to become. If people left the banner ads alone, we wouldn't be in this state.
I assert that the number of users with banner ad blockers is insignificant, and I challenge you to prove otherwise. (Note that I was very specific here. A banner ad blocker. Many people are using popup ad blockers. They are too intrusive to not stop.)
A more realistic reason for banner ads being unsuccessful is banner blindness. Essentially, people get so used to worthless banner ads that they don't even notice anything in that shape or clearly distinguished from the rest of the page. The study authors discovered this when users failed to note important navigation features of certain websites. So arguably banner ads not only have become ineffective, but they destroy website usability.
I am a practicing allergist and I have found that most people with multiple environmental allergies are just a little mental. Sorry, there is no other way of saying it.
Maybe true, but you have to understand what's going on. As an allergy patient, I can be a little crazy about controlling my environment sometimes. If I'm feeling crappy, I could work as scientifically as possible, changing one variable at a time, until I feel better. Or...I could just change everything, because I'm miserable now and want to feel better right away. Usually I go for the latter. So, okay, there's a little bit of voodoo involved in feeling better. When there's a new smell around, I just want to get rid of whatever is causing it. I don't know if it will affect me or not; I don't want to wait to find out.
We can skin test for almost every known allergic substance to man.
Not last I heard. For example, I'm allergic to one type of antibiotic...I think. I'm 99% sure; I had what was almost certainly a drug reaction, and that was the only unusual medication I was taking. But I can't be 100% sure, because according to my allergist, there is no test for it.
By the way, maybe you could answer a question for me. I read recently that you "can't" be allergic to cigarette smoke. And saw a poster that it was a "non-allergic trigger" for asthma. The article I read said that it was a chemical irritant. Does that preclude an allergic reaction to it? I certainly react more strongly to cigarette smoke than other people, and I was under the impression that there's nothing you "can't" be allergic to.
How is AM with their huge power and totally different band have anything to do with any of the PCS bands and their relative piddly power for health effects?
AM may transmit with more power, but likely more power enters your body from your cell phone than from the AM transmitting tower. Flux (and thus power through a specific area) falls off with the inverse square of distance. AM towers are typically far from you; your cell phone is typically very close to you. Thus, if it were shown that AM transmitting towers were harmful, it would warrant a close look at cell phones.
With that said, I'm not worried. This study is likely flawed, like all the others. When they dig a bit more deeply, they'll find that people who live right next to AM transmitting towers are very poor and have bad health care. Or something. Many people have tried to prove a link between EMF and cancer, but none have succeeded.
The internet was never a brand name, thus, there was no need to capitalize it.
Wow, you've been thoroughly commercialized. Brand names aren't the only things capitalized in English.
Proper nouns (also called proper names) are names and denote unique entities. [...] Proper nouns are capitalized in English and most or all other languages that use the Latin alphabet; this is one easy way to recognize them.
We refer to it as the Internet. Corporations have intranets. The capitalization conveys meaning. Wired's usage is wrong.
Re:Biologically speaking, how...
on
RGB to become RGBCMY
·
· Score: 2, Insightful
If one had the technology to vary the intensity of red, green, and blue over an infinite set of real values, then RGB would be able to perfectly replicate any color.
Not really. The thing is, everyone's eyes are different.
As you probably know, our rods respond to the intensity of red, green, and blue light. More specifically, each type of sensor has its peak sensitivity at approximately those colors. Our red sensor responds a little bit to blue light, our blue sensor responds a little to red light, etc. Our eyes "know" there's a given wavelength of light based on the output from all three sensors. Thus, we can duplicate the effects of any color just by using colors at these peak sensitivities.
But...everyone's sensitivity curves are a little different. In the extreme cases, we call it color-blindness. Here are some color-blindness sensitivity curves. There, the mapping is different. If we have RGB output that looks exactly like a physical object to us, it might not look the same to them. (The two will neither look how we see it, or like each other.)
All you need is a central signing authority a la SSL websites. Everyone has a copy of the CA's key hardcoded into their emergency receiver equipment.
See, that's a secure distribution channel. My point is that you simply can't have gotten all the keys through broadcast. And if you include one with the hardware, you're not.
The whole point of public key cryptography is you DON'T need to have a shared secret. It doesn't matter who gets hold of the public key so long as everyone keeps their private keys secure. Broadcasting public keys is fine.
It's not fine. It doesn't matter if an attacker gets your public key, but it does matter if your people get an attacker's key and think it's yours. They could only accept keys that have been signed by another key...but then how they get that key and know it is valid? You need to have a secure distribution channel.
In my opinon, Tom Hudson's way of dealing with these critters, is far more entertaining, than just ignoring them.
Of course, don't view the results of that script on any server you have login cookies on. Known attackers can trivially insert arbitrary HTML into the logs. Cross-site scripting vulnerability.
For Mac users there is Fire which since going 1.0 is quite nice and polished.
Looks like the Mac version is not vulnerable to this specific bug, as it deals with the way Windows has pluggable protocols for URLs. (Which is not to say that I'm confident the official Mac client has no security problems. I'm not.)
Also, as long as we're mentioning IM clients for the Mac: my favorite is Adium. I'm a little biased, but it has a great UI. (See the About page for screenshots.) libgaim backend, so support for many protocols.
We use 4 250Gig drives hooked together via
Raid 0 in order to get a large, cheap, sorta fast 1 Terabyte interim storage space for images from
image chips we make. We have two identical PCs configured this way in order to mirror the data
thru a private 1Gbit ethernet between the two.
You've got something more like RAID 0+1 then. The controller may not see it, and the performance characteristics may not be the same, but that's how it's stored across your disks.
Also note that while the subject line just says "RAID-0 is stupid", I qualified it more in the post with "on data [you] care about". Other people have posted some legitimate uses for RAID-0, basically all situations where the data just aren't very important or can be restored from other media quickly and easily. That's not often true.
Asymptotic behavior (linear vs. quadratic vs.... vs. exponential) is only important when talking about large values of n. Here n would be 1-4. No one's ever going to RAID-0 more than four drives.
When you're talking about a specific change in n, as in 1->2:
Remember, by adding that second drive, your chance of failure goes up *exponentially* which is something a lot of hardcore "tweakers" forget.
...asymptotic behavior is completely meaningless. Every time you say "exponentially" you should have a "with n" that follows it. There's no n left; you plugged in 1 and 2. You've got to make more concrete statements like "you square the probability of not-failure." (Which increases the probability of failure, since probabilities lie between 0 and 1.)
There are no exponentially increasing probabilities. They can be exponentially decreasing (approaching zero). But exponentially increasing functions approach infinity; probabilities are bounded at 1. Graph the function yourself. If it goes over 1, it's wrong. The function is not exponential. More precisely 1-(1-p)^n != omega(e^n). Check the definition of omega, specifically the bit that says you need a positive constant.
I agree with your broader point that RAID-0 is unreliable. But your supporting math is bad.
Hate to destroy your entire argument with one word but here it is. Backup.
Sure, you should always keep backups. But restoring from them is inevitably a pain. I keep nightly backups of the important files on my machine. If my hard drive were to fail, I'd still:
need to redo whatever local changes I'd made that day.
not be able to use the machine until I hunt down a replacement.
spend hours reinstalling software.
That's a pain. Why make that more likely with RAID-0, when you could make it unnecessary with real RAID?
Here's why no one in their right mind uses RAID-0 on data that they care about:
Unlike other RAID-levels, RAID 0 does not offer protection against drive failure in any way, so it's not considered 'true' RAID by some (the 'R' in RAID stands for 'redundant', which does not apply to RAID-0).
When you have multiple hard drives, it's more likely that one will fail than if you just have one. For the obvious statistical reasons. Plus because of heat problems in many systems.
In a non-RAID setup with multiple hard drives, when one fails, you lose whatever was on that drive.
With RAID-n (for non-zero n), you lose nothing. You say "oh well", put in a spare drive, and send the old one back for replacement. (In the other order if you're cheap.) The array rebuilds itself. Without even shutting down the machine, if you have the hot-swappable drive cages.
With RAID-0, you lose everything on all of your hard drives.
RAID-0 is considerably less reliable than a single hard drive.
That would be the rate of change of ! with respect to $. I think simply !/$ is more appropriate.
Or maybe you want to minimize d!/d$, as d$ will be negative. You want the most increase of your knowledge for the least decrease of your money. Still, deltas would be more important, as these are not infinitesimal quantities. d!/d$ would only be appropriate if you are continuously charged as you read the book.
The first amendment doesn't apply to this. A private entity has the right to restrict what is transmitted or stored on privately owned property.
I am not a lawyer, but this doesn't sound right.
The first amendment very much applies to this. Individuals can say whatever they want to, provided that it's not libelous. These posts don't sound libelous, so they are legal.
However, you aren't required to help someone else say something. So Yahoo could tell these people that their viewpoint is not welcome on the Yahoo forums. Then they'd have to find some other way to spread their ideas.
"Freedom of the press belongs to those who own presses." - Ben Franklin
This guy doesn't have that option. He doesn't own the forums in question, so he has no control over them.
But hopefully some of the 10-year-olds flaming away then with "no simple data file can open a door to a virus or have any security effect, cuz the contents aren't executed as code, l00zer" will get a bit of an education today. You only hope the contents aren't executed as code...
Indeed. I've noticed recently some.pdf files that can crash Apple's Preview.app. That makes me nervous, since often such crashes are exploitable. I wonder how long it is before someone makes malicious.pdfs...we're used to those being safe, but maybe they aren't.
Hey, we're typing twins, or something. Same results here. (On my PowerBook's keyboard. Probably would be better on my IBM Model M.)
I don't know about you, but typing this fast actually doesn't help me that much. I rarely compose anything faster than half that. When programming, much less. (I have to think about the program structure, after all.) So that speed only comes into play when copying something from paper. That's rare; I'm a programmer, not a secretary.
The Internet's email system basically does not have a forgery problem. People who need to send each other forgery-proof email are already able to do this using systems like PGP.
There is a forgery problem. You're right about PGP, but there's no way to say to the world at large "accept no email from me unless it is PGP-signed". Thus, people and automated systems accept email that they should not. This causes (at least) two big forgery problems:
Virus emails. Many, many of these claim to be sent from my address. Thus, I get vacation replies, bounce messages, and virus warnings filling my email account.
Joe Jobs. When someone pisses off a spammer enough, the spammer forges his or her name on a bunch of obnoxious spam emails. He/she then has to deal with the fallout from that.
And lastly, this is related to spam. If we (through a combination of technical and legal means) made it difficult to send email under a false name, I believe spam would a much smaller problem. I would then not even want any laws against spam; just social means. If we could link every email with a real person or company name, we could simply refuse to accept messages from people who spam. But we can't do that now. Both because of forged senders and because of the bogus domain contact info you mentioned.
The SSL connection with authentication should not be made over port 25. Port 25 is for standard (non-SSL, non-Auth) connections. While it might accept the other connections, it is not the preferred port for this.
The real distinction is this:
MTAs should continue connecting to other MTAs via port 25, regardless of whether or not they use SSL.
MUAs have a new option of connecting to port 587 (submission). MTAs, if they accept connections on this port, should not accept mail unless the connection is validated through SASL or by IP.
The point of the new port is to allow ISPs to block their dialup customer's outbound port 25 traffic, without preventing legitimate use. Spammers directly connect to port 25 to deliver mail, ISPs block it. Now legitimate users can connect to other ISP's mailservers through this new port. Spammers can't use it because it requires authentication.
SSL has nothing to do with it, except that certain (plain-text) SASL methods are typically not allowed unless SSL encryption has been activated. You enable SSL on a connection via the STARTTLS command, not by connecting to a different port.
Halfway tounge-in-cheek suggestion there. I know Linus' thoughts on microkernels. I also know that Mach sucks. Running a monolithic kernel image on top of Mach sucks even more, and there's no good reason to do it.
My thoughts also. The microkernel crowd in general seems to agree that Mach is not a good microkernel. (L4 is much better.) And writing a monolithic kernel on top of a microkernel, rather than taking advantage of the full microkernel flexibility...I don't see the point.
Can anyone explain to me why Apple did this with MkLinux, why NeXT did this with NeXTSTEP, and why Apple continued it with OS X? I love OS X's user interface and blend of Unix and old-school Apple stuff...but this one decision, it just seems so dumb.
You know just as well as me that there is a huge difference between truncating a huge amount of files to 0 bytes, and throwing a folder into the trash.
No, I don't. Are you saying that the latter is much more likely? Because I'm not sure about that. There are viruses floating around that do things like truncating random files. There are program bugs that do things like that to all open files. Better to have a solution that solves the broader problem, not just the specific one of throwing a folder into the trash.
The best solution is using Netware. It has both versioning and separated write/delete permissions.
I didn't realize Netware had versioning. That'd be a good solution. But I think Subversion would be also.
In general, I don't know why only programmers use revision control, and why even programmers only use it for source code. Part of the reason may be because many revision control products are not user-friendly. But that's solvable. In fact, Subversion's automatic versioning means you can use it without even knowing. (Presumably someone else has enough knowledge to pull an older version, should it be necessary.) TortoiseCVS and TortoiseSVN integrate into Windows Explorer; they're pretty good. So I don't know why it hasn't really caught on.
That's the problem with OS9 and OSX. The users need permission to delete stories in order to have permission to modify stories.
That's actually not quite true. But it might as well be, under any OS - you can always modify the file by truncating it to zero bytes. Just as effective. Someone will always be stupid or malevolent enough to do this. (Make it idiot-proof and someone will make a better idiot.)
The real solution? Revision control. Imagine if a day's paper were stored in a Subversion system. Make it accessible to everyone through WebDAV + automatic versioning. (OS X has slick native support for this.) They'd never notice the difference...but you could pull any old version you want, in case something like this happens. Or any number of more minor disasters.
Slashdot Mirror
SpaceLifeForm replied: If you signed *all* of your e-mails, and you made it your standard policy, then you can refute forgeries.
No, you missed my point. What I'm concerned about is these replies to forged messages wasting my time. Refuting forgeries would be a further waste of my time.
SPF is a much better solution. Unfortunately, the people sending the automated emails are going to be the slowest adopters (since they're incompetent). But SPF at least gives me a way to say "any message which does not satisfy these criteria is a forgery".
Because there is no standardized way to say "if there's no signature, the message did not come from me".
Most people do not sign their messages with gnupg; it's ordinary to accept unsigned messages. Thus, there's no way for me to prevent people from forging mail from me. Which is most annoying - I regularly have to wade through all the messages sent in reply to viruses/worms I supposedly emailed out.
I hope you at least block outbound port 25 (SMTP). Because this will be abused by spammers otherwise.
Legitimate people can still send mail through the submission port (see RFC 2476). This is a separate port that exists for MUAs to submit new mail; typically it requires SASL authentication. So they can connect to their own ISP's server and submit mail, but not send directly to the recipient's server, as a spammer would.
Advertisers were playing fair, years ago. The banner ad was the ubiquitous form of internet advertising, and it always stayed within the little bar at the top of the page, and maybe one at the bottom. That was still too much for people, and so the ad-blockers were created. Soon, those sites couldn't turn a profit, and so their advertising department/provider (in order to save themselves) had to come up with new ways of improving the click-thru on their ads. That led us to pop-ups, flash ads, interstitials, pop-unders, etc. The more people block, the more intrusive the adverts have to become. If people left the banner ads alone, we wouldn't be in this state.
I assert that the number of users with banner ad blockers is insignificant, and I challenge you to prove otherwise. (Note that I was very specific here. A banner ad blocker. Many people are using popup ad blockers. They are too intrusive to not stop.)
A more realistic reason for banner ads being unsuccessful is banner blindness. Essentially, people get so used to worthless banner ads that they don't even notice anything in that shape or clearly distinguished from the rest of the page. The study authors discovered this when users failed to note important navigation features of certain websites. So arguably banner ads not only have become ineffective, but they destroy website usability.
Maybe true, but you have to understand what's going on. As an allergy patient, I can be a little crazy about controlling my environment sometimes. If I'm feeling crappy, I could work as scientifically as possible, changing one variable at a time, until I feel better. Or...I could just change everything, because I'm miserable now and want to feel better right away. Usually I go for the latter. So, okay, there's a little bit of voodoo involved in feeling better. When there's a new smell around, I just want to get rid of whatever is causing it. I don't know if it will affect me or not; I don't want to wait to find out.
We can skin test for almost every known allergic substance to man.
Not last I heard. For example, I'm allergic to one type of antibiotic...I think. I'm 99% sure; I had what was almost certainly a drug reaction, and that was the only unusual medication I was taking. But I can't be 100% sure, because according to my allergist, there is no test for it.
By the way, maybe you could answer a question for me. I read recently that you "can't" be allergic to cigarette smoke. And saw a poster that it was a "non-allergic trigger" for asthma. The article I read said that it was a chemical irritant. Does that preclude an allergic reaction to it? I certainly react more strongly to cigarette smoke than other people, and I was under the impression that there's nothing you "can't" be allergic to.
AM may transmit with more power, but likely more power enters your body from your cell phone than from the AM transmitting tower. Flux (and thus power through a specific area) falls off with the inverse square of distance. AM towers are typically far from you; your cell phone is typically very close to you. Thus, if it were shown that AM transmitting towers were harmful, it would warrant a close look at cell phones.
With that said, I'm not worried. This study is likely flawed, like all the others. When they dig a bit more deeply, they'll find that people who live right next to AM transmitting towers are very poor and have bad health care. Or something. Many people have tried to prove a link between EMF and cancer, but none have succeeded.
Wow, you've been thoroughly commercialized. Brand names aren't the only things capitalized in English.
We refer to it as the Internet. Corporations have intranets. The capitalization conveys meaning. Wired's usage is wrong.
Not really. The thing is, everyone's eyes are different.
As you probably know, our rods respond to the intensity of red, green, and blue light. More specifically, each type of sensor has its peak sensitivity at approximately those colors. Our red sensor responds a little bit to blue light, our blue sensor responds a little to red light, etc. Our eyes "know" there's a given wavelength of light based on the output from all three sensors. Thus, we can duplicate the effects of any color just by using colors at these peak sensitivities.
But...everyone's sensitivity curves are a little different. In the extreme cases, we call it color-blindness. Here are some color-blindness sensitivity curves. There, the mapping is different. If we have RGB output that looks exactly like a physical object to us, it might not look the same to them. (The two will neither look how we see it, or like each other.)
See, that's a secure distribution channel. My point is that you simply can't have gotten all the keys through broadcast. And if you include one with the hardware, you're not.
It's not fine. It doesn't matter if an attacker gets your public key, but it does matter if your people get an attacker's key and think it's yours. They could only accept keys that have been signed by another key...but then how they get that key and know it is valid? You need to have a secure distribution channel.
Of course, don't view the results of that script on any server you have login cookies on. Known attackers can trivially insert arbitrary HTML into the logs. Cross-site scripting vulnerability.
Looks like the Mac version is not vulnerable to this specific bug, as it deals with the way Windows has pluggable protocols for URLs. (Which is not to say that I'm confident the official Mac client has no security problems. I'm not.)
Also, as long as we're mentioning IM clients for the Mac: my favorite is Adium. I'm a little biased, but it has a great UI. (See the About page for screenshots.) libgaim backend, so support for many protocols.
You've got something more like RAID 0+1 then. The controller may not see it, and the performance characteristics may not be the same, but that's how it's stored across your disks.
Also note that while the subject line just says "RAID-0 is stupid", I qualified it more in the post with "on data [you] care about". Other people have posted some legitimate uses for RAID-0, basically all situations where the data just aren't very important or can be restored from other media quickly and easily. That's not often true.
Asymptotic behavior (linear vs. quadratic vs. ... vs. exponential) is only important when talking about large values of n. Here n would be 1-4. No one's ever going to RAID-0 more than four drives.
When you're talking about a specific change in n, as in 1->2:
...asymptotic behavior is completely meaningless. Every time you say "exponentially" you should have a "with n" that follows it. There's no n left; you plugged in 1 and 2. You've got to make more concrete statements like "you square the probability of not-failure." (Which increases the probability of failure, since probabilities lie between 0 and 1.)
There are no exponentially increasing probabilities. They can be exponentially decreasing (approaching zero). But exponentially increasing functions approach infinity; probabilities are bounded at 1. Graph the function yourself. If it goes over 1, it's wrong. The function is not exponential. More precisely 1-(1-p)^n != omega(e^n). Check the definition of omega, specifically the bit that says you need a positive constant.
I agree with your broader point that RAID-0 is unreliable. But your supporting math is bad.
Sure, you should always keep backups. But restoring from them is inevitably a pain. I keep nightly backups of the important files on my machine. If my hard drive were to fail, I'd still:
That's a pain. Why make that more likely with RAID-0, when you could make it unnecessary with real RAID?
Unlike other RAID-levels, RAID 0 does not offer protection against drive failure in any way, so it's not considered 'true' RAID by some (the 'R' in RAID stands for 'redundant', which does not apply to RAID-0).
When you have multiple hard drives, it's more likely that one will fail than if you just have one. For the obvious statistical reasons. Plus because of heat problems in many systems.
In a non-RAID setup with multiple hard drives, when one fails, you lose whatever was on that drive.
With RAID-n (for non-zero n), you lose nothing. You say "oh well", put in a spare drive, and send the old one back for replacement. (In the other order if you're cheap.) The array rebuilds itself. Without even shutting down the machine, if you have the hot-swappable drive cages.
With RAID-0, you lose everything on all of your hard drives.
RAID-0 is considerably less reliable than a single hard drive.
Or maybe you want to minimize d!/d$, as d$ will be negative. You want the most increase of your knowledge for the least decrease of your money. Still, deltas would be more important, as these are not infinitesimal quantities. d!/d$ would only be appropriate if you are continuously charged as you read the book.
I am not a lawyer, but this doesn't sound right.
The first amendment very much applies to this. Individuals can say whatever they want to, provided that it's not libelous. These posts don't sound libelous, so they are legal.
However, you aren't required to help someone else say something. So Yahoo could tell these people that their viewpoint is not welcome on the Yahoo forums. Then they'd have to find some other way to spread their ideas.
This guy doesn't have that option. He doesn't own the forums in question, so he has no control over them.
Indeed. I've noticed recently some .pdf files that can crash Apple's Preview.app. That makes me nervous, since often such crashes are exploitable. I wonder how long it is before someone makes malicious .pdfs...we're used to those being safe, but maybe they aren't.
I don't know about you, but typing this fast actually doesn't help me that much. I rarely compose anything faster than half that. When programming, much less. (I have to think about the program structure, after all.) So that speed only comes into play when copying something from paper. That's rare; I'm a programmer, not a secretary.
There is a forgery problem. You're right about PGP, but there's no way to say to the world at large "accept no email from me unless it is PGP-signed". Thus, people and automated systems accept email that they should not. This causes (at least) two big forgery problems:
And lastly, this is related to spam. If we (through a combination of technical and legal means) made it difficult to send email under a false name, I believe spam would a much smaller problem. I would then not even want any laws against spam; just social means. If we could link every email with a real person or company name, we could simply refuse to accept messages from people who spam. But we can't do that now. Both because of forged senders and because of the bogus domain contact info you mentioned.
The real distinction is this:
The point of the new port is to allow ISPs to block their dialup customer's outbound port 25 traffic, without preventing legitimate use. Spammers directly connect to port 25 to deliver mail, ISPs block it. Now legitimate users can connect to other ISP's mailservers through this new port. Spammers can't use it because it requires authentication.
SSL has nothing to do with it, except that certain (plain-text) SASL methods are typically not allowed unless SSL encryption has been activated. You enable SSL on a connection via the STARTTLS command, not by connecting to a different port.
My thoughts also. The microkernel crowd in general seems to agree that Mach is not a good microkernel. (L4 is much better.) And writing a monolithic kernel on top of a microkernel, rather than taking advantage of the full microkernel flexibility...I don't see the point.
Can anyone explain to me why Apple did this with MkLinux, why NeXT did this with NeXTSTEP, and why Apple continued it with OS X? I love OS X's user interface and blend of Unix and old-school Apple stuff...but this one decision, it just seems so dumb.
No, I don't. Are you saying that the latter is much more likely? Because I'm not sure about that. There are viruses floating around that do things like truncating random files. There are program bugs that do things like that to all open files. Better to have a solution that solves the broader problem, not just the specific one of throwing a folder into the trash.
The best solution is using Netware. It has both versioning and separated write/delete permissions.
I didn't realize Netware had versioning. That'd be a good solution. But I think Subversion would be also.
In general, I don't know why only programmers use revision control, and why even programmers only use it for source code. Part of the reason may be because many revision control products are not user-friendly. But that's solvable. In fact, Subversion's automatic versioning means you can use it without even knowing. (Presumably someone else has enough knowledge to pull an older version, should it be necessary.) TortoiseCVS and TortoiseSVN integrate into Windows Explorer; they're pretty good. So I don't know why it hasn't really caught on.
That's actually not quite true. But it might as well be, under any OS - you can always modify the file by truncating it to zero bytes. Just as effective. Someone will always be stupid or malevolent enough to do this. (Make it idiot-proof and someone will make a better idiot.)
The real solution? Revision control. Imagine if a day's paper were stored in a Subversion system. Make it accessible to everyone through WebDAV + automatic versioning. (OS X has slick native support for this.) They'd never notice the difference...but you could pull any old version you want, in case something like this happens. Or any number of more minor disasters.