Spam generators have been trying to hash-bust these kinds of filters for years now. A four year spam generator automatically appends random junk at the end of the Subject header or at the tail end of the message, in order to defeat the early hash-based spam filters.
This is probably a 'fuzzy' hash function that should ignore minute variations. However, it goes without saying that if this hash-based spam filter becomes widespread, then the spammers will simply figure out how to hash-bust their way past it.
To have any hope of working over the long term, this kind of an approach must include the ability to distribute not just the hashes themselves, but the hash function as well, so that the hash function itself can be adjusted, when needed.
This one is actually the latest sock puppet of scumbag Sam Khuri, the "Benchmark Print Supply" spambag.
As "Benchmark Print Supply", Khuri nearly went to jail for spewing out of his spamhole, and is really under a court order that prohibits him from spamming. He's just hoping that nobody would notice that it's really him.
If you're going to write your congresscritter about this, here's a good question to ask in your letter: whether writing a 'wrong' computer program should carry a longer jail term than getting drunk, getting behind the wheel, and running over pregnant women with your minivan.
Around the same time that Dimitri Sklyarov was arrested, there was another incident in Brooklyn, NY that received some local (and a little bit of national) publicity around here. An off-duty cop spent all night drinking beer in a parking lot. In the morning, he got behind the wheel, and ran into a pregnant woman with his minivan, killing her, her unborn child, and her teenage sister.
In my letter to my elected representatives, I briefly described both incidents. I also observed that Dimitri could potentially spend more time in jail than that drunk driver. In my letter I asked my representatives if they agree that delivering a speech at a conference should potentially carry a longer jail term than vehicular manslaughter. I mailed the letters last week, so I won't receive any replies for a little while, but it should be interesting to see what they say. I also mentioned SSSCA, and I asked them to help me find out more information about that bill. I wanted to know whether using non-compliant computer hardware will send me to jail for a longer period of time than if I ran over a pregnant woman, while drunk.
I think that this is probably the strongest point to criticize these bills with, and the one that is the easiest to communicate. Arguing the main subject SSSCA/DMCA is going to be a little bit difficult, since you'll have to fight the computer H4X0R stereotype. Pointing out that the penalties in these bills are completely out of whack looks to be a more productive approach. If anyone has an opportunity to talk to their congresscritter in person, just ask them point blank whether you should spend more time in jail for viewing DVDs with an unlicensed program, than for driving drunk.
I can't imagine how they'd argue this point. I won't be surprised if they do (nothing about Congress surprises me any more) but even if they do they'll still be very uncomfortable doing that.
Only a few short weeks ago I walked a couple of times across the Brooklyn and Manhattan bridges, to get some fresh air. I took a bunch of pictures of the evening New York City skyline. Amongst them were a couple of shot of the WTC towers. Little did I know that this would be the last time I'd see them.
Please see my short tribute to the World Trace Center towers:
Yesterday's News For Nerds, stuff that doesn't matter any more.
This was reported by Reuters (as seen on CNET) on August 3rd, and pretty much on every news web site I read (except that I'm too lazy to hunt down the links).
I just thought that folks might want to know that/. is simply republishing week-old Reuters dispatches, and pretending that it's breaking news.
If my memory serves me correctly, some years ago Prodigy was sued over some defamatory content that was posted to their online service. They lost the suit primarily because the plaintiff was able to demonstrate that because Prodigy excersized some form of editorial control over their online content. The judge ruled that because Prodigy edited some their published content, they automatically assumed liability for ALL of their published content.
Go ahead, and let @Home fold like a cheap camera a few more times, bending over backwards and taking it up the ass from MPAA and RIAA. Then, someone's gonna defame someone else on their newsgroup, and @Home will get sued. They'll certainly try to claim that some act that was passed a few years ago (the name escapes me) exempted ISPs from liability for published content. But I think that by instead excersizing editorial control a succesful argument can be made that @Home has assumed the role of a publisher, like Prodigy did. They can't have it both ways: claim that they're an ISP, a passive conduct, and cannot be liable for content carried on their service, but then turn around and excersize editorial control over the same content.
It's just a matter of time before they get nailed on this.
This is going to affect mostly Windoze folks. I don't think there's much of anything popular out there, other than EZ CD creator, that people use for burning MP3s on Windoze. I don't really care -- cdrecord works fine for me.
There's still a small part of me that tries to remain optimistic, and believes that when Roxio begins messing around with EZ CD Creator then someone else will come out with a burner that's not crippled. I don't know -- I haven't been at Win shareware sites in years -- but there just might be some shareware burners that can also be used.
I really don't see any reason to panic. Life goes on.
I'm not so sure that AOL really needs MS to preinstall AOL in XP. AOL has, what, 30 million subscribers, by now?
I think that the market for "newbie Internet surfer" is at, or near, the saturation point anyway, so I don't think it's that important for AOL to be preloaded on XP, any more.
Also, take into account slowing PC sales; the expected lackluster uptake of XP; constant rumors of AOL coming out with a standalone AOL network appliance, and suddenly the Win desktop doesn't look as important to AOL as it once did before.
I think MS is being stupid for haggling over the Media Player issue. Suddenly having 30 million desktops running Mozilla doesn't really do much good for the "embrace and extend" project...
The issue isn't whether they have the right do control traffic on their private network, which they do, but whether they have an obligation to be up-front to their customers about such blocking, which I believe they should.
NOTE: The MAPS RBL is used by AboveNet to help reduce the amount of spam received by customers. AboveNet cannot remove you, your customers, or remote sites from the RBL. Please contact the RBL workers at rbl@mail-abuse.org with RBL-related questions.
Gee whiz, that is even linked from their home page.
...does above.net lose any possible status as a common carrier?...
above.net has nothing to lose. The notion that ISPs are common carriers is an urban legend. You do not become a "common carrier" simply by proclaiming yourself to be one. The common carrier status is something that has to be explicitly granted by the FCC, and it comes with stringent standards and regulations. Neither above.net, nor consumer ISPs are common carriers. There is some confusion whether or not ISPs operated by RBOCs (Verizoff, USWorst, PacHell) are common carriers, or not, but that's about it.
And just to clear up another popular misconception: above.net does not have any legal obligation to uphold anyone's First Ammendment rights. The 1st Ammendment only applies to the government. Unless above.net is a federal, state, or local, government agency, they are under no legal obligation to carry anyone's packets.
Although I am not familiar with the details of this particular situation, I strongly support above.net's right to firewall anyone and everyone they choose to firewall for any reason whatsoever. What those pseudo-libertarians around here who are shaking with righteous indignation, right now, are failing to realize is that civil liberties go both ways. If you would like to have your civil liberties respected, you'll just have to respect everyone else's civil liberties too. Blocking network traffic to/from netblocks that you don't want to route traffic to is conceptually identical to not being able to tell people to stop driving on your front lawn. This is above.net's network, their private properties, they have every right to tell anyone that they cannot use it, just like you have the civil right to tell anyone that they cannot drive on your private property too.
Finally someone with a brain came along, a few days later and reopened it and bumped it to severity=major.
Browsing through the other referenced bugs I see that junruh's modus operandi is to pretty much close every bug as WORKSFORME right away, and then have someone else reopen it, after ripping him a new asshole.
They closed it as WORKSFORME. Of course, they didn't mention whether it WORKSFORME on their RPM build on RH 7.1, only that it WORKSFORME on their own tree.
My experience with reporting Mozilla bugs was that it was a major waste of time. The only thing one can do is wait and hope that somehow it gets independently fixed.
... is totally borked. None of the standard root CAs show up. Loading https://sourceforge.net results in mozilla whining because it doesn't recognize the root CA.
... and the dialog box is too small, resizing it doesn't refresh it the exposed portion, and without the Ok widget exposed, there's does not appear to be a way to close the dialog box.
... I'm going back to 20010417, the last build (AFAIK), where SSL over a socks5 proxy actually worked right...
So what do I do? I spoof a portscan from the last hop between you and me. Lo, you block that IP. Lo, you lose your entire upstream.
Now you won't. You don't know what you're talking about. Yes, you're going to drop all packets FROM THAT SOURCE IP ADDRESS ONLY. Unfortunately, there are a few billion other IP addresses on the Internet that your firewall will be happy to accept packets from.
Feel free to ipchain-away your own first hop out, and see if it affects your ability to load, say, www.yahoo.com. Of course it won't.
You're not really as an 3I33T4 H4X0R as you think you are. Leave this kind stuff to the professionals, please.
This is the only thing I can think of that can explain all the crap that was posted today. Yes, we know, it's April 1. We get the point. Haw-haw-haw.
At least think of something funny to post. Like the Co$ deciding to press on with their lawsuit, for/. posting their sekret scriptures, but willing to drop the case if every registered user agreed to buy a copy of "Battlefield Earth". Or, RMS and ESR announcing a charity boxing match, with the proceeds going to the EFF to pay for 2600's legal bills.
I don't know, maybe it's the combination of April 1, and daylights savings time going into effect, that makes everything seem so lame. I can't wait for this day to be over.
Jamie, listen up. You've got it all wrong. If you wanted to do this right, you should've followed a few simple rules.
Well, not make it so obvious, of course. "Anyone standing up for them will be tarred as defending mass murder," yeah, right...
Try to actually make some kind of a point, instead of coming off as a raving left-wing fringe extremist loon. You'll definitely find some sympathetic ears around here, of course. There's no shortage of politically-correct liberal wackos around here. But most folks are really getting pretty tired of the same tiresome creed, preaching doom and gloom with John Ashcroft breaking into everyone's homes, and confiscating their copies of Playboy and Penthouse. You liberals are so sad. You have absolutely nothing left in terms of ideas and beliefs, and must instead resort to scaring people with right-wing censoring boogey-men, in order to promote your bankrupt political agenda. All that left-wing drivel could, of course, have been part of the april fool's bait, but I don't think so.
Actually talk about something people understand. You know, not everyone around here has watched every Voyager episode, and would know what you are babbling about.
According to the document, ANY section of aim.exe, of ANY length can be checksummed on demand. Now, I don't know how long aim.exe is, but let's assume that it's at least 1 megabyte. Therefore, the checksum request can be for an offset of between 1 and a megabyte, and a length of between 1 and a megabyte. Each combination will resolve to a different checksum.
Therefore, it would be necessary to keep track of 1,000,000,000,000 different md5 checksums (well, technically it's a little bit less than that, but you get the idea). I'm not sure that there are hard drives big enough to store all that data.
How to work around this? Well, here's one possibility. Put up a server in Timbuktu, or some other place that can tell a US-based corporation to go and fuck itself. Install three items of interest on that web server:
1. A complete copy of aim.exe
2. A small CGI that calculates the checksum, appropriately.
2. A small patch for the aim transports that add the support for this packet, which would go out and run that CGI.
Now, there are some logistical problems that need to be solved (mainly, the expected load on the server, that something like this can certainly end up generating). But these are solvable issues, if it ever comes to this.
... Scrap that idea. Here's a better one. Instead of a web server, use DNS, which will solve the load problem due to natural load balancing in DNS. Say that AOL wants a checksum for starting byte 5000, 100 bytes length? Fine, issue a DNS request for 5000.100.fuckaol.int. Read the result in the response to your DNS lookup. Can be easily implemented pretty much on any OS/platform that already knows how to talk DNS.
Beautiful, isn't it? Just jury-rig a custom DNS server that is set as authoritative for the fuckaol.int zone, operated from a geographical location that doesn't care much for AOL's landsharks, and which calculates a checksum on the fly. The natural implementation of DNS will cache the checksum automatically, placing very little load on the server.
LS-120 "superdisk" IS NOT a proprietary format. LS-120 is an open format. I have right here an LS-120 drive made by Matsushita, reading Imation 100mb disks.
The nice thing about LS-120 drives is that they are 100% backwards compatible with 3.5" 1.44MB floppies, and in fact they'll read and write to them between 5-10 times faster (depending on the drive) than the legacy floppy drive. And pretty much all motherboards made in the last two years will boot off LS-120 drives just like legacy floppy drives (you'll have to know how to twiddle the BIOS settings right, though).
Yes, I know, you can't help people who don't RTFM, but does the install screen at least display that information too?
If people want to fuck up their machines, there's nothing in the world that will stop them. If people want to be spoon-fed with pablum, they can go ahead and install W2K pro.
You can put a warning in 20pt letters, in flashing red font, and you'll still have cl00bies clicking away. Now what?
The default workstation install has some nice firewall options that slam the door shut, hard. You can't really ask for more than that.
That's because IMAP originally came about as a remote access protocol for the Pine mail client.
A lot of junk that you see in RFC 2060 is really designed to support Pine's little idiosynchronies.
Slashdot Mirror
This is probably a 'fuzzy' hash function that should ignore minute variations. However, it goes without saying that if this hash-based spam filter becomes widespread, then the spammers will simply figure out how to hash-bust their way past it.
To have any hope of working over the long term, this kind of an approach must include the ability to distribute not just the hashes themselves, but the hash function as well, so that the hash function itself can be adjusted, when needed.
As "Benchmark Print Supply", Khuri nearly went to jail for spewing out of his spamhole, and is really under a court order that prohibits him from spamming. He's just hoping that nobody would notice that it's really him.
Around the same time that Dimitri Sklyarov was arrested, there was another incident in Brooklyn, NY that received some local (and a little bit of national) publicity around here. An off-duty cop spent all night drinking beer in a parking lot. In the morning, he got behind the wheel, and ran into a pregnant woman with his minivan, killing her, her unborn child, and her teenage sister.
In my letter to my elected representatives, I briefly described both incidents. I also observed that Dimitri could potentially spend more time in jail than that drunk driver. In my letter I asked my representatives if they agree that delivering a speech at a conference should potentially carry a longer jail term than vehicular manslaughter. I mailed the letters last week, so I won't receive any replies for a little while, but it should be interesting to see what they say. I also mentioned SSSCA, and I asked them to help me find out more information about that bill. I wanted to know whether using non-compliant computer hardware will send me to jail for a longer period of time than if I ran over a pregnant woman, while drunk.
I think that this is probably the strongest point to criticize these bills with, and the one that is the easiest to communicate. Arguing the main subject SSSCA/DMCA is going to be a little bit difficult, since you'll have to fight the computer H4X0R stereotype. Pointing out that the penalties in these bills are completely out of whack looks to be a more productive approach. If anyone has an opportunity to talk to their congresscritter in person, just ask them point blank whether you should spend more time in jail for viewing DVDs with an unlicensed program, than for driving drunk.
I can't imagine how they'd argue this point. I won't be surprised if they do (nothing about Congress surprises me any more) but even if they do they'll still be very uncomfortable doing that.
Only a few short weeks ago I walked a couple of times across the Brooklyn and Manhattan bridges, to get some fresh air. I took a bunch of pictures of the evening New York City skyline. Amongst them were a couple of shot of the WTC towers. Little did I know that this would be the last time I'd see them.
Please see my short tribute to the World Trace Center towers:
/ farewelltowtc/index.html.
http://www.geocities.com/SiliconValley/Peaks/5799
God have mercy on these souls.
And if you actually bothered to read the Reuters story, you'd find out that it is.
This was reported by Reuters (as seen on CNET) on August 3rd, and pretty much on every news web site I read (except that I'm too lazy to hunt down the links).
I just thought that folks might want to know that /. is simply republishing week-old Reuters dispatches, and pretending that it's breaking news.
Go ahead, and let @Home fold like a cheap camera a few more times, bending over backwards and taking it up the ass from MPAA and RIAA. Then, someone's gonna defame someone else on their newsgroup, and @Home will get sued. They'll certainly try to claim that some act that was passed a few years ago (the name escapes me) exempted ISPs from liability for published content. But I think that by instead excersizing editorial control a succesful argument can be made that @Home has assumed the role of a publisher, like Prodigy did. They can't have it both ways: claim that they're an ISP, a passive conduct, and cannot be liable for content carried on their service, but then turn around and excersize editorial control over the same content.
It's just a matter of time before they get nailed on this.
---
There's still a small part of me that tries to remain optimistic, and believes that when Roxio begins messing around with EZ CD Creator then someone else will come out with a burner that's not crippled. I don't know -- I haven't been at Win shareware sites in years -- but there just might be some shareware burners that can also be used.
I really don't see any reason to panic. Life goes on.
---
I'm not so sure that AOL really needs MS to preinstall AOL in XP. AOL has, what, 30 million subscribers, by now?
I think that the market for "newbie Internet surfer" is at, or near, the saturation point anyway, so I don't think it's that important for AOL to be preloaded on XP, any more.
Also, take into account slowing PC sales; the expected lackluster uptake of XP; constant rumors of AOL coming out with a standalone AOL network appliance, and suddenly the Win desktop doesn't look as important to AOL as it once did before.
I think MS is being stupid for haggling over the Media Player issue. Suddenly having 30 million desktops running Mozilla doesn't really do much good for the "embrace and extend" project...
---
No shit, Sherlock?
http://www.above.net/anti-spam.html
Gee whiz, that is even linked from their home page.
---
above.net has nothing to lose. The notion that ISPs are common carriers is an urban legend. You do not become a "common carrier" simply by proclaiming yourself to be one. The common carrier status is something that has to be explicitly granted by the FCC, and it comes with stringent standards and regulations. Neither above.net, nor consumer ISPs are common carriers. There is some confusion whether or not ISPs operated by RBOCs (Verizoff, USWorst, PacHell) are common carriers, or not, but that's about it.
And just to clear up another popular misconception: above.net does not have any legal obligation to uphold anyone's First Ammendment rights. The 1st Ammendment only applies to the government. Unless above.net is a federal, state, or local, government agency, they are under no legal obligation to carry anyone's packets.
Although I am not familiar with the details of this particular situation, I strongly support above.net's right to firewall anyone and everyone they choose to firewall for any reason whatsoever. What those pseudo-libertarians around here who are shaking with righteous indignation, right now, are failing to realize is that civil liberties go both ways. If you would like to have your civil liberties respected, you'll just have to respect everyone else's civil liberties too. Blocking network traffic to/from netblocks that you don't want to route traffic to is conceptually identical to not being able to tell people to stop driving on your front lawn. This is above.net's network, their private properties, they have every right to tell anyone that they cannot use it, just like you have the civil right to tell anyone that they cannot drive on your private property too.
---
Pop quiz: who's the better actor: whatsherface, or William Shatner?
---
Read it and weep.
Finally someone with a brain came along, a few days later and reopened it and bumped it to severity=major.
Browsing through the other referenced bugs I see that junruh's modus operandi is to pretty much close every bug as WORKSFORME right away, and then have someone else reopen it, after ripping him a new asshole.
---
They closed it as WORKSFORME. Of course, they didn't mention whether it WORKSFORME on their RPM build on RH 7.1, only that it WORKSFORME on their own tree.
My experience with reporting Mozilla bugs was that it was a major waste of time. The only thing one can do is wait and hope that somehow it gets independently fixed.
---
---
---
Now you won't. You don't know what you're talking about. Yes, you're going to drop all packets FROM THAT SOURCE IP ADDRESS ONLY. Unfortunately, there are a few billion other IP addresses on the Internet that your firewall will be happy to accept packets from.
Feel free to ipchain-away your own first hop out, and see if it affects your ability to load, say, www.yahoo.com. Of course it won't.
You're not really as an 3I33T4 H4X0R as you think you are. Leave this kind stuff to the professionals, please.
---
---
At least think of something funny to post. Like the Co$ deciding to press on with their lawsuit, for /. posting their sekret scriptures, but willing to drop the case if every registered user agreed to buy a copy of "Battlefield Earth". Or, RMS and ESR announcing a charity boxing match, with the proceeds going to the EFF to pay for 2600's legal bills.
I don't know, maybe it's the combination of April 1, and daylights savings time going into effect, that makes everything seem so lame. I can't wait for this day to be over.
---
---
Therefore, it would be necessary to keep track of 1,000,000,000,000 different md5 checksums (well, technically it's a little bit less than that, but you get the idea). I'm not sure that there are hard drives big enough to store all that data.
How to work around this? Well, here's one possibility. Put up a server in Timbuktu, or some other place that can tell a US-based corporation to go and fuck itself. Install three items of interest on that web server:
1. A complete copy of aim.exe
2. A small CGI that calculates the checksum, appropriately.
2. A small patch for the aim transports that add the support for this packet, which would go out and run that CGI.
Now, there are some logistical problems that need to be solved (mainly, the expected load on the server, that something like this can certainly end up generating). But these are solvable issues, if it ever comes to this.
... Scrap that idea. Here's a better one. Instead of a web server, use DNS, which will solve the load problem due to natural load balancing in DNS. Say that AOL wants a checksum for starting byte 5000, 100 bytes length? Fine, issue a DNS request for 5000.100.fuckaol.int. Read the result in the response to your DNS lookup. Can be easily implemented pretty much on any OS/platform that already knows how to talk DNS.
Beautiful, isn't it? Just jury-rig a custom DNS server that is set as authoritative for the fuckaol.int zone, operated from a geographical location that doesn't care much for AOL's landsharks, and which calculates a checksum on the fly. The natural implementation of DNS will cache the checksum automatically, placing very little load on the server.
---
MPAA must be pissed off.
= 17,400 CD's (presuming 650MB per CD)
So is RIAA.
---
The nice thing about LS-120 drives is that they are 100% backwards compatible with 3.5" 1.44MB floppies, and in fact they'll read and write to them between 5-10 times faster (depending on the drive) than the legacy floppy drive. And pretty much all motherboards made in the last two years will boot off LS-120 drives just like legacy floppy drives (you'll have to know how to twiddle the BIOS settings right, though).
---
If people want to fuck up their machines, there's nothing in the world that will stop them. If people want to be spoon-fed with pablum, they can go ahead and install W2K pro.
You can put a warning in 20pt letters, in flashing red font, and you'll still have cl00bies clicking away. Now what?
The default workstation install has some nice firewall options that slam the door shut, hard. You can't really ask for more than that.
---
---