I for one plan to download a copy of Episode III off the net to boycott it sucking.
And if it somehow ends up being good, I will then go see it in the theatre.
This is how I use piracy to get rid of that silly geek factor that allowed Episodes 1 and 2 to make 400 million+. I will not support a movie by paying for it if it's not any good.
d00d!!! I hate HTML 4.0. Like everything was right in HTML 1.0. Then they had to rewrite crap so that you could do more with it, and that make it slow. It was kind of........ (wait for it).... a bummer.
And...
d00d!!! Why did they have to do Windows 95? Windows 3.11 was perfectly stable and secure.
What the hell is this guy thinking? There's usually a reason that people do complete rewrites: because future versions of this software will have features that would be nearly impossible to manage using the old version.
Continuing to build feature after feature in an old codebase is like building a tower on sand. And for any of you people who want to know what the effect of that is, I suggest you visit Pisa sometime.
And for those of you not willing to sacrifice security / stability / etc, wait until the new version shakes out. And realize that the world doesn't cater to your 450 MHz AMD K6-II anymore.
Why do Slashdotters insist on bastardizing this guy's name in submission after submission?
It's because I love pissing people off with poor grammar and capitalization. I was just *waiting* for a post like this to show up after submitting the story.
Please read the entire post before refering to me as an anti-spam kook. Especially that next to the last sentence that goes:
This method is not 100% in eliminating spam.
It's amazing that most of the responses that I've had to this deal with people that don't read the entire post before jumping to a conclusion. What? Is it too long? Or somehow skimming a line that has two words (Digital Certificates) end up somehow summing up that this involves everyone getting a certificate from Thawte attached to their email. Ugh.
This is NOT about that. The primary idea is simply having the receiving mail server check the domain's MX to see if it's legitimate.
You started looking for the FUSSP (Final Ultimate Solution to the Spam Problem) after observing that it is impossible to filter more than 99% of spam with fewer than 0.1% false positives by currently available mechanisms.
I'm sick of hearing about the glory of Bayesian mail filters. 99% blockage of email with 0.1% false positives is B.S. I run SpamAssassin and Razor on my machine, and still receive about 5 emails a day that aren't filtered out by either. Sure, I could change my point threshhold on SpamAssassin down to 5.0 from 7.5, but that's when the false positives start showing up. They do their job well. But they don't do it perfectly.
My above idea isn't perfect either. It does not / will not stop spam 100%. But it will force some level of accountability from those who do send spam by identifying emails / domains where they are sending it from. That's all. Combining it with something like Razor would be a Good Thing.
You are describing the sender permitted from system
Not quite. SPF only does an IP check against the sender. This would instead get a public key from the MX server and decrypt some information about it.
I really do like the idea of STARTTLS to some degree. I don't like signed certificates though, because they cost money, and deal with hierarchy.
I do like the idea of these certificates to be self-signed. After all, the only thing the receiving server would have to do is establish a connection with the MX server of the domain address the email is coming from. Kind of like Reverse DNS, but instead with MX.
Thanks Anonymous Coward. This comment was interesting.
Note: I did some thinking earlier on spam, and I figured I would post this the next time slashdot does a story on spam... You can find a link to this at:
This is my writing... I just want some feedback on it from the slashdot crowd.
Okay...
One of the things that I've been tired of recently is dealing with lots and lots of spam in my inbox. I've become even more tired of hearing about how there's a lack of solutions for dealing with it. It's one of the things that slashdot has been endlessly parading about.
To me, the primarily problem with spam is that emails are too easily spoofable. Solve this, and spam will become *much* more managable.
So, what technology is there right now that deals with certifying legitimacy?
Digital Certificates!
When you go to a site that's protected with https, the owners of the site usually have to get a certificate from a trusted source (Verisign, Thawte, etc) signifying that the site is legitimate (so that you don't end up giving credit card information to someone fronting for that company).
You actually *can* get a digital certificate for your email, but it costs money. Plus, to make something like that mandatory, each user would have to set up a certificate individually. Evil.
Why not move authentication to the domain itself? When accounts are setup on a user's machine, create an RSA public / private key per account. Simple enough.
When a user sends an email, force this user to relay the email through the mail server rather than directly from his/her computer. Force the user to authenticate their email / password to send the message. Some servers already force this, I believe.
When the user authenticates him/herself, encode a confirmation id using some elements of the email (first xx characters of message, subject, date, etc) using the RSA private key and attach it to the message.
Here's what should change with the receiving server... When a mail server receives the message, the mail server should initiate a separate connection that looks up the domain's MX server, and communicates with it.
This MX server should then provide the RSA public key for the account listed. The public key will then be used to decrypt the stamp that the MX server included with the message. If the stamp is legitimate, deliver the message to the inbox.
If a stamp is not legitimate, or there's no stamp, simply don't deliver the message. Simple enough.
This method has its series of strengths:
There would be absolutely no point in spammers taking over people's machines with viruses in order to send email if email must be sent through a qualified mail server. It's possible that worms could be written to auto-send messages through these relays, but at least then the mail server could detect it and shut the person out.
If mail sent is authenticated from a domain, people would then have the option to blacklist domains that aren't responsible for keeping tabs on its users.
Mail *will* come from where it says it's coming from. If not from the exact user on the domain, it'll come from that particular machine.
Of course, there are possible weaknesses to this strategy too.
If the mail server is hacked, hackers would be able to still send mail from it using the private key. Fortunately, they would only be able to send from email addresses listed under domains they own.
Spam software like SpamCop / Spamassassin / etc would be able to keep tabs on servers that exhibit hacked behavior, and temporarily blacklist these servers until resolved.
This doesn't necessarily stop users with legitimate email addresses from sending spam. Someone with a legitimate email address can still be spammed.
But at least when you block their email address or domain, it'll be a real email address, and a real domain name.
This method is not 100% in eliminating spam. But it's a damn good start.
In every article I read about satellite radio, the one part that really pushes me back from purchasing one is this:
Is there censorship???
That's the one thing that bugs me more than anything else about an AM / FM radio. When I listen to songs, I'm tired of the FCC regulating stations, and butchering songs I would otherwise appreciate into beeps, buzzes, silent space, and otherwise crap FX.
Maybe I'm the only one, but I couldn't care less about having a radio station that I could bring with me across the country. I'm more concerned about
a) Having a radio station not play the same thing 20x a day and
b) Having them NOT butcher the song.
Of course, I've been to all the places, Best Buy, etc and ask them. They don't know. I don't have any friends with this device.
So for now, it's a no go. Not until I know that it's uncensored, and always will be that way.
why not pair it with an always-on RFID in your wallet
Why? So that when people steal your wallet, they automatically steal your identity as well.
It's bad enough having fake IDs floating around. Doesn't this become worse when RFID tags within your wallet confirm / spoof one's identity without the cashier even having to look at a picture?
As Cringley pointed out in his voting writeup, throwing technology at a problem is not always the solution.
Slashdot Mirror
I can imagine the caption too.
Torn anus? Our V1@gr@ and other medications may help your ailment.
You guys have no idea how the glimmer in your eyes can scare the average CEO, especially when holding a set of garden shears.
Darl would be proud!
Fight on, brave righteous patent warriors!
And if it somehow ends up being good, I will then go see it in the theatre.
This is how I use piracy to get rid of that silly geek factor that allowed Episodes 1 and 2 to make 400 million+. I will not support a movie by paying for it if it's not any good.
And...
d00d!!! Why did they have to do Windows 95? Windows 3.11 was perfectly stable and secure.
What the hell is this guy thinking? There's usually a reason that people do complete rewrites: because future versions of this software will have features that would be nearly impossible to manage using the old version.
Continuing to build feature after feature in an old codebase is like building a tower on sand. And for any of you people who want to know what the effect of that is, I suggest you visit Pisa sometime.
And for those of you not willing to sacrifice security / stability / etc, wait until the new version shakes out. And realize that the world doesn't cater to your 450 MHz AMD K6-II anymore.
Dipshit.
If anyone decides to name the next spacecraft "Bilbo", I am personally driving to Pasadena to kick someone's ass.
Agreed... I think that is worth making a friend over.
It's because I love pissing people off with poor grammar and capitalization. I was just *waiting* for a post like this to show up after submitting the story.
Being deliberate is fun :)
He figures that anyone who is willing to buy the song off of Weed will want to get other people to buy it to recoupe the costs of purchasing the song.
That's how a pyramid scheme works: by getting all your friends to buy into it.
Thinking about DOSemu and DOSbox remind me of an old article in Wired about the Turbo Switch on computers.
"Having a turbo switch on your computer is kind of like saying 'I have this really cool ferrari that when I press a button it turns into a pinto'".
I downloaded Dosbox and played some of the old classics at a sluggish pace... They say that an XP 1800 with DosBox is the equivalent of a 386SX-25.
"Look ma! I have this cool little program that makes my Athlon 64 3200 into a 386SX-40! Isn't that swell?"
The sad thing is... I don't think I've ever been so happy about finding a program online.
I suck.
I don't see of SCO's employees here dreaming about doing that to Darl Mcbride.
Which will be promptly replaced with:
Kill these lawyers, but treat all others with decency and respect.
Damn Slashdot... I was about to come out in my penguin outfit to show my Linux Pride.
Oh well... There goes my faith in Tom's Networking Ability (Tm)
Please read the entire post before refering to me as an anti-spam kook. Especially that next to the last sentence that goes:
This method is not 100% in eliminating spam.
It's amazing that most of the responses that I've had to this deal with people that don't read the entire post before jumping to a conclusion. What? Is it too long? Or somehow skimming a line that has two words (Digital Certificates) end up somehow summing up that this involves everyone getting a certificate from Thawte attached to their email. Ugh.
This is NOT about that. The primary idea is simply having the receiving mail server check the domain's MX to see if it's legitimate.
You started looking for the FUSSP (Final Ultimate Solution to the Spam Problem) after observing that it is impossible to filter more than 99% of spam with fewer than 0.1% false positives by currently available mechanisms.
I'm sick of hearing about the glory of Bayesian mail filters. 99% blockage of email with 0.1% false positives is B.S. I run SpamAssassin and Razor on my machine, and still receive about 5 emails a day that aren't filtered out by either. Sure, I could change my point threshhold on SpamAssassin down to 5.0 from 7.5, but that's when the false positives start showing up. They do their job well. But they don't do it perfectly.
My above idea isn't perfect either. It does not / will not stop spam 100%. But it will force some level of accountability from those who do send spam by identifying emails / domains where they are sending it from. That's all. Combining it with something like Razor would be a Good Thing.
Not quite. SPF only does an IP check against the sender. This would instead get a public key from the MX server and decrypt some information about it.
I really do like the idea of STARTTLS to some degree. I don't like signed certificates though, because they cost money, and deal with hierarchy.
I do like the idea of these certificates to be self-signed. After all, the only thing the receiving server would have to do is establish a connection with the MX server of the domain address the email is coming from. Kind of like Reverse DNS, but instead with MX.
Thanks Anonymous Coward. This comment was interesting.
Note: I did some thinking earlier on spam, and I figured I would post this the next time slashdot does a story on spam... You can find a link to this at:
http://sillygoth.com/journal/21669
This is my writing... I just want some feedback on it from the slashdot crowd.
Okay...
One of the things that I've been tired of recently is dealing with lots and lots of spam in my inbox. I've become even more tired of hearing about how there's a lack of solutions for dealing with it. It's one of the things that slashdot has been endlessly parading about.
To me, the primarily problem with spam is that emails are too easily spoofable. Solve this, and spam will become *much* more managable.
So, what technology is there right now that deals with certifying legitimacy?
Digital Certificates!
When you go to a site that's protected with https, the owners of the site usually have to get a certificate from a trusted source (Verisign, Thawte, etc) signifying that the site is legitimate (so that you don't end up giving credit card information to someone fronting for that company).
You actually *can* get a digital certificate for your email, but it costs money. Plus, to make something like that mandatory, each user would have to set up a certificate individually. Evil.
Why not move authentication to the domain itself? When accounts are setup on a user's machine, create an RSA public / private key per account. Simple enough.
When a user sends an email, force this user to relay the email through the mail server rather than directly from his/her computer. Force the user to authenticate their email / password to send the message. Some servers already force this, I believe.
When the user authenticates him/herself, encode a confirmation id using some elements of the email (first xx characters of message, subject, date, etc) using the RSA private key and attach it to the message.
Here's what should change with the receiving server... When a mail server receives the message, the mail server should initiate a separate connection that looks up the domain's MX server, and communicates with it.
This MX server should then provide the RSA public key for the account listed. The public key will then be used to decrypt the stamp that the MX server included with the message. If the stamp is legitimate, deliver the message to the inbox.
If a stamp is not legitimate, or there's no stamp, simply don't deliver the message. Simple enough.
This method has its series of strengths:
There would be absolutely no point in spammers taking over people's machines with viruses in order to send email if email must be sent through a qualified mail server. It's possible that worms could be written to auto-send messages through these relays, but at least then the mail server could detect it and shut the person out.
If mail sent is authenticated from a domain, people would then have the option to blacklist domains that aren't responsible for keeping tabs on its users.
Mail *will* come from where it says it's coming from. If not from the exact user on the domain, it'll come from that particular machine.
Of course, there are possible weaknesses to this strategy too.
If the mail server is hacked, hackers would be able to still send mail from it using the private key. Fortunately, they would only be able to send from email addresses listed under domains they own.
Spam software like SpamCop / Spamassassin / etc would be able to keep tabs on servers that exhibit hacked behavior, and temporarily blacklist these servers until resolved.
This doesn't necessarily stop users with legitimate email addresses from sending spam. Someone with a legitimate email address can still be spammed.
But at least when you block their email address or domain, it'll be a real email address, and a real domain name.
This method is not 100% in eliminating spam. But it's a damn good start.
Hey, that's my line, fucker!
You can get 4 "obsolete" opterons for that price, but you can't have them working together..
The cheapest 4x Opteron chip you *can* buy is the Opteron 840 for $744.00. And at that, consider the price of a quad motherboard too.
If I'm not mistaken, doesn't standard windows limit the # of CPU's to 2 on a standard copy, and charge more for 4x systems?
Yeah, I know this is a linux site, but not everyone in corporate culture has adopted yet. :D
If you're going against the P4-EE, wouldn't a dual 244 be a better option?
So does that make the Blaster worm and others like them a virtual suppository?
Is there censorship???
That's the one thing that bugs me more than anything else about an AM / FM radio. When I listen to songs, I'm tired of the FCC regulating stations, and butchering songs I would otherwise appreciate into beeps, buzzes, silent space, and otherwise crap FX.
Maybe I'm the only one, but I couldn't care less about having a radio station that I could bring with me across the country. I'm more concerned about
a) Having a radio station not play the same thing 20x a day and
b) Having them NOT butcher the song.
Of course, I've been to all the places, Best Buy, etc and ask them. They don't know. I don't have any friends with this device.
So for now, it's a no go. Not until I know that it's uncensored, and always will be that way.
Who cured cancer with the common cold.
Sometimes life reflects some kind of sick little Dr. Seuss tale, doesn't it?
Subtitled: When too much viagra causes a heart attack.
Why? So that when people steal your wallet, they automatically steal your identity as well.
It's bad enough having fake IDs floating around. Doesn't this become worse when RFID tags within your wallet confirm / spoof one's identity without the cashier even having to look at a picture?
As Cringley pointed out in his voting writeup, throwing technology at a problem is not always the solution.
The Wrath of Don?