I said: I think just about everyone will agree with you that our elections are too important to not guard.
greg_barton replied: Apparently, though, many Republicans and the makers of these machines do not agree. They resist the simple, proposed safety measures.
Can you say why that is?
I'd guess that it has more to do with them not understanding the proposed measures than not wanting to achieve this goal. Microsoft in particular has been slamming open source. Given all that rhetoric, it's difficult for these people to understand how much of a security benefit it would bring. They can be educated, but they'll stop listening altogether if you start saying they are involved in some vast conspiracy.
TedTschopp said: Bad code on a voting machine = potential to steal the election, but until you have proof please keep your fingerpointing to yourself.
greg_barton replied: We didn't need proof to attack that great threat to American democracy, Saddam Hussein. We need even less proof of bad code to mandate a paper trail for voting machines, and other basic security precautions.
I think there's an important distinction here.
I agree that you shouldn't need proof to call for additional precautions, since there is the potential of abuse. I think just about everyone will agree with you that our elections are too important to not guard. And just from an economic standpoint, this is one of those situations where a little money now (to add accountability) can save a lot later (for a huge investigation to dig up what should have been easily to see and for adding accountability for the future, once the need is clearly demonstrated). How expensive was the 2000 election investigation? I don't know how to get an answer, but I suspect it was quite expensive. And if in a future election, corruption on the part of the machine creators is suspected, it'd be even more expensive to investigate, whether the allegations turn out to be true or not.
But that's very different from claiming there is now a conspiracy to abuse the system. You can claim that all you want, but no one will listen unless you have some very compelling proof. Extraordinary claims require extraordinary evidence.
...whatever supposed usability problems Fedora has, there's some great new technology behind it.
For example: they've got a new and shiny version of the glibc & NPTL. This threading support is worlds better than anything I've seen in other distributions or most other operating systems. I wrote a small test for C++-safe thread cancellation support. It failed on pretty much every system I tried. Only Fedora Core 1 and Tru64 passed. This is a behavior more hinted at than mandated by the pthread standard at this point, but realistically, no one would ever use thread cancellation in a C++ program if it didn't work the way it does in Fedora.
There are lots of architectural improvements like that always thrown into a new RedHat release, and I think Fedora will be no different. It leads to their problems with x.0 releases, but I think it's worth it.
In my mind, Fedora Core 1 is RedHat 10 - the name + the community. It even upgraded from my RedHat 9 installation. That's a dead give-away.
Does everybody really need to store the same list of virus definitions on C: ?
Yes. Someone mentioned that McAfee Clinic stores virus definitions on the server. I don't really know what he means by that, but it has to at least store the signatures and an ID number for each detectable virus on the local machine. (Once it knows "you have virus ID 0xdeadbeef", it can request details and removal code from the server.) The alternative is to send all your hard drive contents to them to check every time you run the virus scanner. That would take much more bandwidth, be a huge load on their server, and raise horrible privacy concerns.
Are virus definitions the future of AV or will heuristics and other "AI" get good enough in the foreseeable future that the one-off approach of definitions will become obsolete?
I hope they're not the future, because they suck. (What if the human immune system only fought things you've been vaccinated for? We'd all be dead.) I've heard more intelligent scanners mentioned, but I don't know a lot of details.
There are certainly several methods for improving virus/worm security without scanning at all. (In fact, I don't run antivirus software on my own machines; I use these other methods.)
First, there's not clicking on whatever crap someone sends you. If we could train users and remind them with a dialog whenever they do a potentially-insecure action, it would go a long way toward solving this problem.
Worms can be dramatically reduced with patching, since most exploit old, well-known vulnerabilities. Recent efforts in making patching easier/more automated should pay off in the long run. (Remember, you can't expect immediate benefit from this, because it's generally the people running older versions who have the problems.)
Then there's restricting what applications can do once they're on your system. Have you seen Norton Personal Firewall? I'm a little pissed at it (its language makes you think it's a stateful firewall; it's not), but it does one thing well: it also restricts local software on a per-executable basis. So it will pop up a dialog box saying "Microsoft Word is trying to flood the net with packets. Bitchslap?" or similar. That's a good idea for the prevention of worms, viruses, and spyware.
Also in this vein is running most things as a user-level account and making people enter passwords to install software. Unfortunately, this doesn't work well on Windows now - it's not that way out of the box, and too much software depends on having privileges it should not. (For example, I think my DVD-playing software requires "Administrator" or at least "Power User" privileges. Why?)
> > And that's the real reason why Schrodinger's cat is both alive and dead until you peek in the box - it saves space when nobody's looking anyway. And you thought quantum mechanics was complicated.
If you want to start thinking that way, you can go further than that. There's the uncertainty principle, too - by knowing one thing more precisely, you can't know something else as precisely. (Keeps the memory requirements of the matrix down.) The space-momentum uncertainty relation is the most famous, but there are a bunch of them you can get from a more basic equation:
(delta A)^2(delta B)^2 >= 1/4<i[A,B]>^2
In other words, the product of the deviations of two quantum observables is greater than or equal to 1/4 of the square of the expectation value of their commutivity times i. (Crystal clear, right?;) But it leads to a lot of things like that.
In that case, Message -> Redirect will send a copy that is exactly the same as the original except for the addition of a few informational headers (Resent-date, Resent-from, and Resent-to).
You forgot additional Received: headers, and the Received: headers are the big prize. I don't see how it is to distinguish reliably between the ones added by my resending and the ones originally present. I haven't been able to try it (I think SpamCop drops all emails to my submit address where the From: email address is not mine), but I'm pretty confident that it wouldn't work anyway. SpamAssassin hasn't set up their system to accept messages in this format, and they couldn't do so properly because it's ambiguous. Other difficulties in sending through strict systems (duplicate Message-IDs, incorrect From/To lines) add insult to injury.
Face it: the forward-as-attachment feature is the best way to do what it does. It is an important feature, even if you don't like it.
Maybe the correct solution is for you to fix your mailer that doesn't expand email attachments inline; then you'd barely notice that someone has sent you a message in this more correct format. Mail.app and the Mozilla family all do. Outlook doesn't, but you shouldn't be using Outlook anyway.
Alright, I understand that this is false advertising, because the reviewed product is different from the actual product, but don't both products accurately describe the contrast? Like...the reviewed products are 700 to 1, and the consumer ones are 450 to 1...but aren't they both labelled as that? I think this would fall into one of those "check before you buy" categories...one of those common sense things maybe. As long as both products clearly indicate what their specs are, there is deception, but no actual lies.
Bah. They had the same model number on two different models. That's a lie.
Is the difference between an outright lie and a deception really that important here anyway? They were expected to send the same product real consumers get. They didn't. That's enough to condemn them in my book, whether there's an outright lie there or not.
Duh. View -> Show All Headers and then Message -> Forward. Presto, headers forwarded.
First of all, that's hardly intuitive. Your view settings affecting how you send it to other people? Ugh. I don't like it.
More importantly, it doesn't work. SpamCop is picky about the format and for good reason. Read their FAQ entry. They need a format that can unambiguously contain several whole emails exactly as they were. Full headers, text/html vs text/plain parts, etc.
More details: The in-line forward thing is intended for a human, and each mailer has a different format, usually containing ambiguity about where each message starts and ends (they are not fully rigorous about escaping the preamble). And it doesn't contain all the same information; the text/html parts might contain hyperlinks that SpamCop can analyze. It sends out emails to the upstreams of those sites that say their site was being spamvertised.[*] So a lot of important information is lost, and what is there is made more difficult - if not actually impossible - to parse correctly. I did actually try it, and SpamCop choked.
I am impressed that you managed to follow my hyperlink to something you'd claimed to have read anyway on only the second try. Keep it up.
[*] - They're a little more precise than that. The spamcop emails do mention that some people do Joe Jobs in which they spamvertise someone else's website to damage their reputation. And they contain either the actual spam or a hyperlink to it, so the administrators can decide for themselves.
I said:
So...you know how the feature would be useful, yet you hope it's never added because you're annoyed with how some people misuse it?
You said: No, I don't think it's useful at all. Where on earth did you get that from?
I got because you claimed to have read the related posts, in which I explained the utility of the feature. This is take two: follow the hyperlink. here.
So...you know how the feature would be useful, yet you hope it's never added because you're annoyed with how some people misuse it? You're really self-centered. And you have nothing to worry about from me anyway - I doubt I'll ever forward you an email, as an attachment or otherwise.
I hate message forwarding as attachments. it makes it a PAIN to see what the hell is going on and takes forever to click through multi-level forwards because the people who forward crap are stupid and send the entire forward nest.
Anything can be misused. The reason I want it is for SpamAssassin. The normal forward doesn't send full headers, so it's useless for spammer-hunting purposes.
1) Mozilla randomly forgets where its configuration files are, and of course has NO OPTION TO SET WHERE THEY ARE which means that I have to rebuild my e-mail settings over and over again.
Have you reported this? I've never heard of this bug. File the bug report, then whine all you want...but in that order.
3) Red Hat corrupts its own RPM database when other e-mail clients are installed, then just hangs.
Yeah, that's bug 73097. I (and several others) reported it during the beta period. I don't understand why they shipped with this bug or why they haven't issued an errata advisory. But there are fixed packages available; look at the bugzilla comments near the bottom. RedHat has a nice system, this bug aside.
4) mutt will take four months to configure correctly.
Probably true, but I don't really mind. My bigger complaint is that it lacks IMAP cache support, so it's really slow on big mailboxes.
Then I look at Mac OS X mail and I have to ask: why is there, after FIFTEEN YEARS, no reliable, working, nice, up-to-date e-mail client outside of Mac OS X?
Well, OS X didn't have one either until recently. Mail.app was barely usable until Panther added good thread support. It's still missing some features I want, like support for forwarding messages as attachments.
MS removes features in beta, release it and gauge reaction. If highly negative, say "That was only a beta" and add the support back. If no reaction, then go ahead with plan. The prophet has spoken.
You've just prophesized a tautology - "higly negative" is subjective. Whether they remove the support or not, you can say you were correct.
It might be worth doing the Select developer program for a lot of people here on Slashdot. For $500/year you get both prerelease and current versions of OSes and dev tools, PLUS you get one system a year at 10-20% off list.
ADC Student is definitely worth if if you're eligible and planning to buy hardware. It only costs $100. You don't get the pre-releases, but you do get the hardware discount. I saved ~ $500 this way on my 17" PowerBook (with extra RAM and an AirPort Extreme base station).
Jameth wrote: As opposed to the conservatives, that never make intrusions into your privacy with massive things such as the Department of Homeland Security and the PATRIOT Act. No, they would never try to decide what was best for you.
El replied: Gee, funny how those damn conservatives managed to pass all those with a Democrat majority in congress...
Gee, funny how that didn't happen. The Republicans have the majority in the House and the Senate now. When the PATRIOT Act was passed on 24 Oct 2001, they had the majority in the House and the Senate was evenly divided (see this page about the 107th congress).
I said: Whatever the reason, it doesn't take more than a glimpse at your logfiles to realize that a disproportional number of worm probes, virus emails, spam, etc. come from Asian IPs. (And then you realize it must be even higher, because most worms have algorithms that favor probing "local" IPs.)
An anonymous coward said: Not only are you prejudiced, you are also bigoted too. It's incredibly presumptious of you to believe that Asia is the sole source of all spam e-mail - as I remember, quite a few boxes get rooted in the U.S, Western Europe, Israel, Russia, what have you.
First, that's a straw man. I did not say that Asia is the sole source of all spam. Some of it comes from a lot closer to home. And it's also true that even when Asian open relays are used or Asian companies are employed to send it, it is often advertising American products. Read my original statement again. I was very precise, and you've ignored the distinctions.
Second, it is never prejudiced or bigoted to believe something because the evidence supports it, no matter how politically incorrect the resultant statement is.
Do you even know what "prejudiced" means? It means coming to conclusions without examining the evidence or in spite of good evidence to the contrary. That's what you've done.
My statement is supported well by my logfiles and those of other people I've talked to. A lot more malicious traffic comes from Asia than could be explained by their proportion of Internet usage. It's as simple as that. If you run the statistics on your own machines, I believe you'll find the same thing.
And bigoted? A bigot is "One who is strongly partial to one's own group, religion, race, or politics and is intolerant of those who differ." (American Heritage) Okay, I'm strongly partial to people who reply to polite emails, make some effort to understand what they're getting in to, and participate in the world community in general. I am intolerant of other people. That technically meets that definition of bigoted, but I don't think it meets the spirit of the word. I certainly didn't imply that all Asians have those undesirable characteristics; I noted that the noticeable ones do. Those are the ones who are important for affecting Linux's reputation, so that's sufficient to draw my conclusion.
I said: I've never gotten a decent response back from Asia when reporting these sorts of things to ISPs, and I do from elsewhere in the world.
An Anonymous Coward said: Maybe if you were less arrogant and condescending, you would get a response.
No, I use the same tone regardless of which continent the ISP belongs to. I've politely pointed out that they have a spammer or open relay on their network. I've tried giving various levels of information - from assuming they know what I mean by just that to spelling everything out. Nothing works. The only responses I've ever gotten back were bounce messages don't have abuse addresses (contrary to some advisory RFC I can't remember off the top of my head) and don't have postmaster addresses (contrary to RFC-82[23]). When that happens, APNIC's contact addresses for the IP range are worthless, too.
Flamebait away. The karma system exists for a reason. I have plenty of karma because I've said things in the past that people have found to be true, and so I can get away with saying unpopular things.
Not with games, especially first-person shooters. It's a problem of distributing the workload with limited server resources and limited bandwidth / high latency between nodes. To make the game playable, the clients have to know things and be trusted to do calculations that from a security standpoint they should not.
This really is unfortunate. It means you really can't stop cheating with this sort of game. It's especially easy when the source code is available, though it's still possible otherwise.
...there's a downside to the fact that much of Asia has switched or is in the process to switching to Linux: it may damage Linux's reputation.
Asia is filled with people who administer computers poorly. They may have poor English ability and thus don't understand the standards, they may just be apathetic, they may just be inexperienced with computers, etc. Whatever the reason, it doesn't take more than a glimpse at your logfiles to realize that a disproportional number of worm probes, virus emails, spam, etc. come from Asian IPs. (And then you realize it must be even higher, because most worms have algorithms that favor probing "local" IPs.) In the past, these people have been running Microsoft products poorly. Now they will be running Linux products poorly. This means Linux is likely to move up a lot in any list of most r00t3d systems, both by absolute numbers and by proportions.
If you're optimistic, you might hope that Linux's open source culture teaches them something about running machines properly, writing documentation in their native languages, etc. Then these attacks would decrease. But I'm not optimistic. I've never gotten a decent response back from Asia when reporting these sorts of things to ISPs, and I do from elsewhere in the world. I have a very low opinion of their technical competence, and I don't think a switch to Linux will fix that.
This statement is why data entry applications just shouldn't be HTML forms-based. That puts too many constraints on you to design a good user interface. There are alternatives. At work, the HR people in our department use two personnel systems:
The organization-wide one, which is a HTML form-based web application. It's awkward to navigate, and our people really hate it.
The one we designed for them. [*] It's Oracle Forms-based, which means they navigate to a web page and the Forms Java applet comes up. It has dialog boxes, auto-completion, quick response times, and sorts of other features you just can't put into a HTML form-based application. And it makes the difference; we get compliments on our application.
In general, I'd say something applet-based is superior for lots of data entry. Sure, it takes longer to start, and you need to make sure they have a decent JVM, but I think in a lot of data entry situations, those problems aren't that big.
[*] - You're probably asking why we make them use another one. It exists because the organization-wide one doesn't store everything they need and can't be updated as quickly as they need some information, and we can't change that; bureauracy. Unfortunately they still need to have the information in the main system, and it would be prohibitively difficult to have our system function as a complete interface to theirs. So, two systems.
If this is implemented, they must do this in a way that makes this optional. I don't want people reading my conversations. It's not that I have something to hide, but I want to have some privacy
Absolutely. But keep in mind that the people running your Jabber server will probably be the same people who already run your email server. If you don't trust them, you're in trouble. Whether or not the jabberd people implement this feature (and I'm talking about logs for you to view, with client support for viewing and searching), it would be easy for someone to hack together something crude to spy on you. You need to have someone you trust running the server, period.
Jabber is probably the biggest pain the ass to set up and administer and still not all of the clients support enough of the feature set (not even the daemons do) for it to be useful.
Agreed. But I think that will change. People are really starting to demand an alternative to the big centralized servers, with all these stupid games their owners are playing. And there is some good software out there:
As far as clients go:
For X11, gaim has Jabber support. It's a little crude, but it's coming along. gaim's UI is getting pretty good, so this will be a pretty friendly client.
For OS X, I've implemented crude Jabber support in Adium using the Nitro library and will work to improve it as I find time. Adium is an IM (mostly AIM) client that has a really good user interface, so if I just get the protocol-specific stuff working well, it will be worlds better than most Jabber clients out there.
For Windows, miranda has a Jabber plugin now. I haven't tried it out, but miranda has a pretty good UI also, once you install a few essential plugins.
The server still needs work, though, you're right. I haven't played with any of the commercial offerings, but jabberd is kind of lacking. jabberd2 looks promising, at least in its ability to support database-based storage stuff better. If someone wanted to contribute, I'm sure the jabberd people would welcome them in ironing out bugs, making the install process easier, and implementing new features. The killer feature I'd like to see is support for server-side logs. Then you could log in from anywhere and see all of your old chat logs. Storing them on the client just doesn't work for people who access it from several different places.
If you keep the letters in proximity to their origional location, it becomes much easier. [...] The quote from the post would be as follows:
"Acocrnidg to crad crraniyg lguniitscis peorsfsoalnis at an unnaemd, ueivnitsry in Birtsih Cuolmiba, and ctonrray to the dbuiuos clamis of the ucnietd reesrcah, a smilpe, mheacicnal ivneirson of ietnnral caahrtcers apperas sfufineict to cnofsue the erevadyy oonlkoer."
You're almost certainly right, but your proof is completely invalid, since we read your phrase after the original one. It was easy to read because we already knew what it said. If you took the two versions and gave them to two similar, untainted groups of people and determined that your group read the phrase faster (with statistically significant results), then you'd have proven it to my satisfaction.
But I don't think this is interesting enough to go to all that effort. The University of British Columbia people disproved the original statement by counterexample. It's pretty clear to me that some people got overly excited by the original phrase and made a hasty generalization. You've adjusted by making a weaker statement now, and it's not very interesting. (I'm not sure the original one was, either; it just had some novelty value.)
If KaZaA wins this, it will set a precedent that other proprietary networks can follow. I'm talking about instant messaging - AOL Instant Messenger, MSN Messenger, Yahoo!, etc. They could sue people for using Adium, gaim, and other clients.
Thinking about it, that's probably for the best in the long term. In the short term, I'm using an unauthorized third-party client (Adium), so I hope they don't start suing people. But they own the network and should be able to do whatever they want with it. And I've been working on support for Jabber in Adium, which is a distributed protocol, so I won't have to put up with this kind of silliness.
Slashdot Mirror
greg_barton replied: Apparently, though, many Republicans and the makers of these machines do not agree. They resist the simple, proposed safety measures. Can you say why that is?
I'd guess that it has more to do with them not understanding the proposed measures than not wanting to achieve this goal. Microsoft in particular has been slamming open source. Given all that rhetoric, it's difficult for these people to understand how much of a security benefit it would bring. They can be educated, but they'll stop listening altogether if you start saying they are involved in some vast conspiracy.
greg_barton replied: We didn't need proof to attack that great threat to American democracy, Saddam Hussein. We need even less proof of bad code to mandate a paper trail for voting machines, and other basic security precautions.
I think there's an important distinction here.
I agree that you shouldn't need proof to call for additional precautions, since there is the potential of abuse. I think just about everyone will agree with you that our elections are too important to not guard. And just from an economic standpoint, this is one of those situations where a little money now (to add accountability) can save a lot later (for a huge investigation to dig up what should have been easily to see and for adding accountability for the future, once the need is clearly demonstrated). How expensive was the 2000 election investigation? I don't know how to get an answer, but I suspect it was quite expensive. And if in a future election, corruption on the part of the machine creators is suspected, it'd be even more expensive to investigate, whether the allegations turn out to be true or not.
But that's very different from claiming there is now a conspiracy to abuse the system. You can claim that all you want, but no one will listen unless you have some very compelling proof. Extraordinary claims require extraordinary evidence.
...whatever supposed usability problems Fedora has, there's some great new technology behind it.
For example: they've got a new and shiny version of the glibc & NPTL. This threading support is worlds better than anything I've seen in other distributions or most other operating systems. I wrote a small test for C++-safe thread cancellation support. It failed on pretty much every system I tried. Only Fedora Core 1 and Tru64 passed. This is a behavior more hinted at than mandated by the pthread standard at this point, but realistically, no one would ever use thread cancellation in a C++ program if it didn't work the way it does in Fedora.
There are lots of architectural improvements like that always thrown into a new RedHat release, and I think Fedora will be no different. It leads to their problems with x.0 releases, but I think it's worth it.
In my mind, Fedora Core 1 is RedHat 10 - the name + the community. It even upgraded from my RedHat 9 installation. That's a dead give-away.
Yes. Someone mentioned that McAfee Clinic stores virus definitions on the server. I don't really know what he means by that, but it has to at least store the signatures and an ID number for each detectable virus on the local machine. (Once it knows "you have virus ID 0xdeadbeef", it can request details and removal code from the server.) The alternative is to send all your hard drive contents to them to check every time you run the virus scanner. That would take much more bandwidth, be a huge load on their server, and raise horrible privacy concerns.
Are virus definitions the future of AV or will heuristics and other "AI" get good enough in the foreseeable future that the one-off approach of definitions will become obsolete?
I hope they're not the future, because they suck. (What if the human immune system only fought things you've been vaccinated for? We'd all be dead.) I've heard more intelligent scanners mentioned, but I don't know a lot of details.
There are certainly several methods for improving virus/worm security without scanning at all. (In fact, I don't run antivirus software on my own machines; I use these other methods.)
First, there's not clicking on whatever crap someone sends you. If we could train users and remind them with a dialog whenever they do a potentially-insecure action, it would go a long way toward solving this problem.
Worms can be dramatically reduced with patching, since most exploit old, well-known vulnerabilities. Recent efforts in making patching easier/more automated should pay off in the long run. (Remember, you can't expect immediate benefit from this, because it's generally the people running older versions who have the problems.)
Then there's restricting what applications can do once they're on your system. Have you seen Norton Personal Firewall? I'm a little pissed at it (its language makes you think it's a stateful firewall; it's not), but it does one thing well: it also restricts local software on a per-executable basis. So it will pop up a dialog box saying "Microsoft Word is trying to flood the net with packets. Bitchslap?" or similar. That's a good idea for the prevention of worms, viruses, and spyware.
Also in this vein is running most things as a user-level account and making people enter passwords to install software. Unfortunately, this doesn't work well on Windows now - it's not that way out of the box, and too much software depends on having privileges it should not. (For example, I think my DVD-playing software requires "Administrator" or at least "Power User" privileges. Why?)
> > And that's the real reason why Schrodinger's cat is both alive and dead until you peek in the box - it saves space when nobody's looking anyway. And you thought quantum mechanics was complicated.
If you want to start thinking that way, you can go further than that. There's the uncertainty principle, too - by knowing one thing more precisely, you can't know something else as precisely. (Keeps the memory requirements of the matrix down.) The space-momentum uncertainty relation is the most famous, but there are a bunch of them you can get from a more basic equation:
(delta A)^2(delta B)^2 >= 1/4<i[A,B]>^2
In other words, the product of the deviations of two quantum observables is greater than or equal to 1/4 of the square of the expectation value of their commutivity times i. (Crystal clear, right? ;) But it leads to a lot of things like that.
You forgot additional Received: headers, and the Received: headers are the big prize. I don't see how it is to distinguish reliably between the ones added by my resending and the ones originally present. I haven't been able to try it (I think SpamCop drops all emails to my submit address where the From: email address is not mine), but I'm pretty confident that it wouldn't work anyway. SpamAssassin hasn't set up their system to accept messages in this format, and they couldn't do so properly because it's ambiguous. Other difficulties in sending through strict systems (duplicate Message-IDs, incorrect From/To lines) add insult to injury.
Face it: the forward-as-attachment feature is the best way to do what it does. It is an important feature, even if you don't like it.
Maybe the correct solution is for you to fix your mailer that doesn't expand email attachments inline; then you'd barely notice that someone has sent you a message in this more correct format. Mail.app and the Mozilla family all do. Outlook doesn't, but you shouldn't be using Outlook anyway.
Bah. They had the same model number on two different models. That's a lie.
Is the difference between an outright lie and a deception really that important here anyway? They were expected to send the same product real consumers get. They didn't. That's enough to condemn them in my book, whether there's an outright lie there or not.
First of all, that's hardly intuitive. Your view settings affecting how you send it to other people? Ugh. I don't like it.
More importantly, it doesn't work. SpamCop is picky about the format and for good reason. Read their FAQ entry. They need a format that can unambiguously contain several whole emails exactly as they were. Full headers, text/html vs text/plain parts, etc.
More details: The in-line forward thing is intended for a human, and each mailer has a different format, usually containing ambiguity about where each message starts and ends (they are not fully rigorous about escaping the preamble). And it doesn't contain all the same information; the text/html parts might contain hyperlinks that SpamCop can analyze. It sends out emails to the upstreams of those sites that say their site was being spamvertised.[*] So a lot of important information is lost, and what is there is made more difficult - if not actually impossible - to parse correctly. I did actually try it, and SpamCop choked.
I am impressed that you managed to follow my hyperlink to something you'd claimed to have read anyway on only the second try. Keep it up.
[*] - They're a little more precise than that. The spamcop emails do mention that some people do Joe Jobs in which they spamvertise someone else's website to damage their reputation. And they contain either the actual spam or a hyperlink to it, so the administrators can decide for themselves.
You said: No, I don't think it's useful at all. Where on earth did you get that from?
I got because you claimed to have read the related posts, in which I explained the utility of the feature. This is take two: follow the hyperlink. here.
Maybe I'm your boss. Or your next boss.
I wouldn't worry about that if I were you.
So...you know how the feature would be useful, yet you hope it's never added because you're annoyed with how some people misuse it? You're really self-centered. And you have nothing to worry about from me anyway - I doubt I'll ever forward you an email, as an attachment or otherwise.
Don't you people read related posts before posting redundant, stupid comments? Read this
Don't you people read related posts before posting redundant, stupid comments? Read this
Anything can be misused. The reason I want it is for SpamAssassin. The normal forward doesn't send full headers, so it's useless for spammer-hunting purposes.
Have you reported this? I've never heard of this bug. File the bug report, then whine all you want...but in that order.
3) Red Hat corrupts its own RPM database when other e-mail clients are installed, then just hangs.
Yeah, that's bug 73097. I (and several others) reported it during the beta period. I don't understand why they shipped with this bug or why they haven't issued an errata advisory. But there are fixed packages available; look at the bugzilla comments near the bottom. RedHat has a nice system, this bug aside.
4) mutt will take four months to configure correctly.
Probably true, but I don't really mind. My bigger complaint is that it lacks IMAP cache support, so it's really slow on big mailboxes.
Then I look at Mac OS X mail and I have to ask: why is there, after FIFTEEN YEARS, no reliable, working, nice, up-to-date e-mail client outside of Mac OS X?
Well, OS X didn't have one either until recently. Mail.app was barely usable until Panther added good thread support. It's still missing some features I want, like support for forwarding messages as attachments.
You've just prophesized a tautology - "higly negative" is subjective. Whether they remove the support or not, you can say you were correct.
ADC Student is definitely worth if if you're eligible and planning to buy hardware. It only costs $100. You don't get the pre-releases, but you do get the hardware discount. I saved ~ $500 this way on my 17" PowerBook (with extra RAM and an AirPort Extreme base station).
El replied: Gee, funny how those damn conservatives managed to pass all those with a Democrat majority in congress...
Gee, funny how that didn't happen. The Republicans have the majority in the House and the Senate now. When the PATRIOT Act was passed on 24 Oct 2001, they had the majority in the House and the Senate was evenly divided (see this page about the 107th congress).
An anonymous coward said: Not only are you prejudiced, you are also bigoted too. It's incredibly presumptious of you to believe that Asia is the sole source of all spam e-mail - as I remember, quite a few boxes get rooted in the U.S, Western Europe, Israel, Russia, what have you.
First, that's a straw man. I did not say that Asia is the sole source of all spam. Some of it comes from a lot closer to home. And it's also true that even when Asian open relays are used or Asian companies are employed to send it, it is often advertising American products. Read my original statement again. I was very precise, and you've ignored the distinctions.
Second, it is never prejudiced or bigoted to believe something because the evidence supports it, no matter how politically incorrect the resultant statement is.
Do you even know what "prejudiced" means? It means coming to conclusions without examining the evidence or in spite of good evidence to the contrary. That's what you've done.
My statement is supported well by my logfiles and those of other people I've talked to. A lot more malicious traffic comes from Asia than could be explained by their proportion of Internet usage. It's as simple as that. If you run the statistics on your own machines, I believe you'll find the same thing.
And bigoted? A bigot is "One who is strongly partial to one's own group, religion, race, or politics and is intolerant of those who differ." (American Heritage) Okay, I'm strongly partial to people who reply to polite emails, make some effort to understand what they're getting in to, and participate in the world community in general. I am intolerant of other people. That technically meets that definition of bigoted, but I don't think it meets the spirit of the word. I certainly didn't imply that all Asians have those undesirable characteristics; I noted that the noticeable ones do. Those are the ones who are important for affecting Linux's reputation, so that's sufficient to draw my conclusion.
I said: I've never gotten a decent response back from Asia when reporting these sorts of things to ISPs, and I do from elsewhere in the world.
An Anonymous Coward said: Maybe if you were less arrogant and condescending, you would get a response.
No, I use the same tone regardless of which continent the ISP belongs to. I've politely pointed out that they have a spammer or open relay on their network. I've tried giving various levels of information - from assuming they know what I mean by just that to spelling everything out. Nothing works. The only responses I've ever gotten back were bounce messages don't have abuse addresses (contrary to some advisory RFC I can't remember off the top of my head) and don't have postmaster addresses (contrary to RFC-82[23]). When that happens, APNIC's contact addresses for the IP range are worthless, too.
Flamebait away. The karma system exists for a reason. I have plenty of karma because I've said things in the past that people have found to be true, and so I can get away with saying unpopular things.
Not with games, especially first-person shooters. It's a problem of distributing the workload with limited server resources and limited bandwidth / high latency between nodes. To make the game playable, the clients have to know things and be trusted to do calculations that from a security standpoint they should not.
This really is unfortunate. It means you really can't stop cheating with this sort of game. It's especially easy when the source code is available, though it's still possible otherwise.
Asia is filled with people who administer computers poorly. They may have poor English ability and thus don't understand the standards, they may just be apathetic, they may just be inexperienced with computers, etc. Whatever the reason, it doesn't take more than a glimpse at your logfiles to realize that a disproportional number of worm probes, virus emails, spam, etc. come from Asian IPs. (And then you realize it must be even higher, because most worms have algorithms that favor probing "local" IPs.) In the past, these people have been running Microsoft products poorly. Now they will be running Linux products poorly. This means Linux is likely to move up a lot in any list of most r00t3d systems, both by absolute numbers and by proportions.
If you're optimistic, you might hope that Linux's open source culture teaches them something about running machines properly, writing documentation in their native languages, etc. Then these attacks would decrease. But I'm not optimistic. I've never gotten a decent response back from Asia when reporting these sorts of things to ISPs, and I do from elsewhere in the world. I have a very low opinion of their technical competence, and I don't think a switch to Linux will fix that.
This statement is why data entry applications just shouldn't be HTML forms-based. That puts too many constraints on you to design a good user interface. There are alternatives. At work, the HR people in our department use two personnel systems:
In general, I'd say something applet-based is superior for lots of data entry. Sure, it takes longer to start, and you need to make sure they have a decent JVM, but I think in a lot of data entry situations, those problems aren't that big.
[*] - You're probably asking why we make them use another one. It exists because the organization-wide one doesn't store everything they need and can't be updated as quickly as they need some information, and we can't change that; bureauracy. Unfortunately they still need to have the information in the main system, and it would be prohibitively difficult to have our system function as a complete interface to theirs. So, two systems.
Absolutely. But keep in mind that the people running your Jabber server will probably be the same people who already run your email server. If you don't trust them, you're in trouble. Whether or not the jabberd people implement this feature (and I'm talking about logs for you to view, with client support for viewing and searching), it would be easy for someone to hack together something crude to spy on you. You need to have someone you trust running the server, period.
Agreed. But I think that will change. People are really starting to demand an alternative to the big centralized servers, with all these stupid games their owners are playing. And there is some good software out there:
As far as clients go:
The server still needs work, though, you're right. I haven't played with any of the commercial offerings, but jabberd is kind of lacking. jabberd2 looks promising, at least in its ability to support database-based storage stuff better. If someone wanted to contribute, I'm sure the jabberd people would welcome them in ironing out bugs, making the install process easier, and implementing new features. The killer feature I'd like to see is support for server-side logs. Then you could log in from anywhere and see all of your old chat logs. Storing them on the client just doesn't work for people who access it from several different places.
"Acocrnidg to crad crraniyg lguniitscis peorsfsoalnis at an unnaemd, ueivnitsry in Birtsih Cuolmiba, and ctonrray to the dbuiuos clamis of the ucnietd reesrcah, a smilpe, mheacicnal ivneirson of ietnnral caahrtcers apperas sfufineict to cnofsue the erevadyy oonlkoer."
You're almost certainly right, but your proof is completely invalid, since we read your phrase after the original one. It was easy to read because we already knew what it said. If you took the two versions and gave them to two similar, untainted groups of people and determined that your group read the phrase faster (with statistically significant results), then you'd have proven it to my satisfaction.
But I don't think this is interesting enough to go to all that effort. The University of British Columbia people disproved the original statement by counterexample. It's pretty clear to me that some people got overly excited by the original phrase and made a hasty generalization. You've adjusted by making a weaker statement now, and it's not very interesting. (I'm not sure the original one was, either; it just had some novelty value.)
Thinking about it, that's probably for the best in the long term. In the short term, I'm using an unauthorized third-party client (Adium), so I hope they don't start suing people. But they own the network and should be able to do whatever they want with it. And I've been working on support for Jabber in Adium, which is a distributed protocol, so I won't have to put up with this kind of silliness.