Slightly off-topic, but I'm in the process of perusing the job ads again, and based on the proliferation of J2EE/EJB and other Java stuff I'm seeing, I think that Java is the new COBOL. Not that the languages bear any similarity whatsoever, but Java seems to have found a niche as the new lingua franca of business apps. It has competition, to be sure, but based on the history of COBOL, I would be so bold as to put my pundit hat on and say, "Java programming will be a safe bet for long-term employment in the computing industry." The jobs aren't necessarily all that interesting, but they look a whole lot more secure than the bleeding edge tech jobs which come and go in a flash.
The whole C# and.Net thing is a potential competitor in the same arena, but I don't think that Microsoft's inclusion (or not) of Java is going to matter much. I always figured that Java was intended to allow cross-platform desktop app programming, but the niche it seems to be filling is a back-end role. Personally, I had expected Perl to fill this role as the new COBOL, but demand for Perl seems to be way down, except as one of those "we also expect you to know Perl" type things, which never actually turns out to be important in the job.
If your mail quota for the day included one legit mail and one hundred spams, do you think you might miss the legit mail anyhow? There comes a point at which false positives are no worse than manual filtering. Still, if "no false positives, ever" is one of your criteria for a spam filter, then so be it. It's not one of mine, as it happens.
I've often longed for a good "passive strikeback" tool. Every time I look at the tons of IIS-worm-crud in my Apache logs, or see spammers scanning for open proxies/relays, I yearn for such a tool.
By "passive strikeback", I mean a tool that does nothing more than respond to an active attacker in such a way that it turns the tables. I assume that most worms and spammer-tools are as poorly written as the buffer overruns and other assorted security holes they exploit. That being so, I would love some respectable white-hats to write open source tools which target weaknesses in the offending malware, so that when said malware comes a-knocking at my server, I might gently rip out its intestines and strangle it with its own entrails.
I'll settle for strikeback tools that do nothing more than neutralise the malware, although I'd be sorely tempted to do more in the case of spammer tools. Sending the malware into a flat spin, hang, or deadlock may be preferable to simple termination in many cases.
Most of my work was done on their developer board, which is not the multi-chip-module being discussed here, but I did see the actual honest-to-goodness MCMs just before I parted ways with my previous employer (on December 16th, 2002), although they were still having some issues making them work at that time. The CPU architecture is known as CRIS, and you can download the GCC CRIS cross-compiler from their website. They even have a DEB package which I installed without much difficulty under Debian/Woody.
All in all, it's a pretty cute little system, although you'll definitely need to plan to interface it with other bits and pieces. The place I was working at was mostly dealing with Voice over IP (VoIP) applications, and so interfaced it with some telephony-style audio chips via one of the synchronous serial interfaces.
The most important aspect of the process that created life is heridity. You only need get the 'chance' to stumble upon something that can replicate with the property of heridity. In our planet, it is in the form of DNA.
Bear in mind that your initial life form (which has this all-important property of heredity) must be simple enough to form by chance. I have heard of self-catalysing substances which are sufficiently simple to form by chance, but there is a world of difference between "self-catalysing" and "reproducing with heredity". There is no known DNA-based organism which is anywhere near simple enough to form by chance, so how does your explanation address the issue?
Your argument would be more compelling if spam were at all similar to file-sharing. In the case of spam, we have one party using the network to directly annoy thousands or millions of other network users. In the instance of file-sharing we have consensual communication between network users; a grievance only arises if the particular act of sharing infringes a copyright, and then the aggrieved party is typically a third party.
A closer analogy with regards to spamming would be to say that neither email nor file sharing are inherently wrong, but they become wrong when used to do certain things such as spam or infringe copyright. I'm sure that the university's AUP disallows both of these inappropriate uses of the facilities, and action is taken when they are notified of problems.
If the file-sharing side of things is bandwidth-limited, then that's a matter of practical resource management rather than morality.
I should point out that I don't necessarily consider infringing copyright to be an intrinsic "wrong" -- more of a "technical wrong". Any action which infringes copyright breaks the law -- but this has little bearing on whether the action is fair or unfair, right or wrong.
In other cost-cutting measures, Stargate SG1 will be canceled, but replaced with a spin-off series called "Wormhole eXtreme". Also, the network is considering breathing new life into the old BBC series "Doctor Who". Rumour has it that the renewed "Doctor Who" series would hold fairly true to its earlier incarnation, and less like the movie-length "pilot" episode that was produced a number of years ago. An anonymous inside source tells us, "we think the die-hard Who fans will like it: sets will wobble."
At best, the GPL inconveniences "embrace and extend" tactics, since you can't re-use the source, but there's nothing whatsoever to prevent someone re-implementing the program and performing embrace and extend on that. In fact, this is what happened with the "Kerberos" instance you cite: to the best of my understanding, Microsoft re-implemented the Kerberos software from scratch, rather than re-using existing code, despite the fact that it was developed under a "defensive" license ("do anything but sue us", or similar). If the Kerberos code had been licensed under the GPL instead, it would have made no difference whatsoever.
The GPL mostly prevents "free rider syndrome", where people use code in their own programs without contributing anything to the original authors. It only does this to a fairly limited extent, and the LGPL is even more limited (by design), but they both place more obligations on re-users of the code than the purely defensive licenses.
No truly "open source" license can defend against the tactic of "reimplement, embrace, and extend" though, which is what Microsoft did to Kerberos.
Get a subdomain wherever your site is hosted, and you'll be fine.
Fine, that is, until you change service providers, and are obliged to change domain names to the name of your new provider. At that point, you lose all the links that anyone ever created to your website, and your search engine rankings. Ditto for email addresses, as you have to tell everyone who ever emails you to update their address book.
What you've come up with here is not an argument for "get a subdomain wherever your site is hosted," but rather for, "there should be a very large number of meaningless top level domains, so that everyone everywhere can have a not-particularly-meaningful but permanent domain name which remains theirs in perpetuity."
Pluto has been fairly bitter about our attitude toward it in times past. The Brunching Shuttlecocks have interviewed Pluto on two previous occasions [first interview, second interview], on the second of which it complained about the lack of attention we've been giving it, and also claimed to support life. I wonder whether these latest developments will change its tune at all.
A survey of 1,574 adults found that 60 percent agreed or strongly agreed that some people possess psychic powers or extrasensory perception, a premise that is generally discarded as unproven by most scientists.
...and in news just to hand, approximately 81% of science graduates don't know the difference between "science" and "philosophical materialism".
I'm of the opinion that what most people call "ESP" or "psychic powers" probably has some basis in fact. Just because we don't have a strong scientific theory for it doesn't mean that it doesn't exist. The fact that scientists are more or less obliged to be materialist in order to garner any respect from their peers probably doesn't help. The safest attitude to take towards anything "psychic" is to ignore it as unworthy of study. The second safest attitude is to "debunk" it. Try to do any serious research on it, and you'll be branded a crank, I think.
And what's with this implied attitude that "you really shouldn't believe in that sort of thing, since we haven't proved it." Why is science the One True Epistemic Gatekeeper? Science is a useful tool, of course, but is it the best way of determining the truth of every possible question?
The Best Anti-Spy Software
on
Spy v. Spy
·
· Score: 2, Insightful
Theoretically speaking, the best anti-spy software would be an operating system with a good security model (to make life hard for spyware that runs on it) and publicly available source code (to assure that it is actually secure and not spyware itself).
I'm not trying to pat Linux or *BSD on the back here -- the Unix security model is far from ideal, actually -- but it's a good argument for open systems in general, even if they're not "free" as such.
I resigned over this very issue. I submitted two essays to the Wipout competition on the matter: The Intellectual Slave, and Current Thoughts on Intellectual Property. The first is the more relevant of the two: the only detail that the second adds is the fact that I did resign.
The Internet is public. I will repeat this. The Internet is PUBLIC.
Rather than repeating yourself, it would have been better to clarify which sense of "public" you meant. Open to all the people, like a public meeting? Maintained at the public expense, like a public library? Open to the view or knowledge of all, like when a fact goes public? I have a couple of servers permanently connected to the Internet, and only parts of them can be considered "public" in any of these senses (and not at all in the "funding" sense, alas). Perhaps you simply meant that you can't control what people do with information that you've disclosed (made public). I can agree with that, but I think "the Internet is public" is a poor way of expressing it.
I propose a simple and effective email charge system, where bulk mailers are FORCED to pay an appropriate amount in order to mail to a few thousand, tens of thousand, etc people.
Which bulk mailers will be forced how and by whom to comply with this?
If we can force them to conform to a business model that mimics the Real World and no longer lives in Fantasy Land...
Hate to burst your bubble, but at this moment in time the Internet exists in the real world, and your proposal exists in fantasy land. How were you intending to transpose them?
However, I can't say this enough: Attempting to legislate against this practice is not only ineffective, it is UNCONSTITUTIONAL and completely worthless.
To which constitution were you referring? The Internet does not have a "constitution" of which I'm aware. I take it that you're not proposing to legislate that ISPs should have to charge for bulk mail, then? Or would that be both constitutional and worthwhile? You mentioned forcing people to comply, so I assumed you meant law, but now I'm not so sure.
In short summary, legislating against spam is yet another of the giant wastes of time that government spends its time doing. It needs to be addressed from the economical model (reasonable ISP charges) or from the personal level (maintain public/private email addresses).
Oh, so you are against legislation in this case. You expect every ISP under the sun to spontaneously start charging for bulk mail. Well, if that's our only solution, then my guess is that spam is here to stay.
My bet is that an improved set of mail protocols will be the answer. That's why I'm working on them full time right now. Ask me about them in another four months or so.
Call me apathetic if you will, but so far my ICANN-at-large membership isn't worth the paper it's printed on. At-large membership is worth exactly what ICANN grants it, which is what, exactly?
Randy got it right: these people were meant to serve, and are trying to rule. They will be first against the wall when the revolution comes. Okay -- maybe second, after spammers.
I haven't read the article, but I intend to comment on something a little more general than just Google, so bear with me. Actually, the first time this practice really struck me was on eBay, but I've since realised it's way older than that.
The practice that I'm talking about here is that of selling relative rankings in an advertising medium. The beauty of the system is that the value of advertising really does "float free" in the marketplace, but at the same time empowers the seller of the ad space to keep prices up without looking greedy.
In the case of eBay, they keep adding new "features" you can use to increase the relative profile of your auction. Each of these features costs money, of course (other than a couple of basic ones which are included in the cost of a basic auction). Rather than ratchet up the prices on these features, eBay seems to prefer to add new, fancier features which cost more money. But note: these new features have the side effect of making the older features less valuable because they aren't the biggest eye-catchers on the block anymore. This means that the cost of the highest-profile feature keeps going up, even if all the prices of existing features are static.
In searching for precedents to this, I remembered the plain old printed White Pages (TM in various locations, no doubt) telephone directory. This doesn't accept ads, but over time they've gone from "every listing looks the same", to "pay extra for a bold entry", to "pay even more for a SUPERBOLD entry", and so on.
Cringely's done his punditing, and I'll counterpundit in return. I'll take the safe bet that Apple will do no such thing any time soon. No big deal; most people here seem to think that. I haven't seen anyone mention the reason why I think it's so, though.
Technical hurdles and business considerations aside, cast your memories back to 1997 when Jobs shocked the world by teaming up with Gates. Remember that $150 million in non-voting Apple stock purchased by Microsoft, and patent cross-licensing deal? Anyone? Here's the Apple Press Release in case you forgot. Apple was in bad shape, and Microsoft was up for monopolistic practices. Jobs agreed to make IE the default browser for the Mac, and Gates agreed to give Office better treatment on the Mac platform.
According to my vivid imagination, Jobs had a word in Gates' ear, saying words to the effect that Gates could crush Apple like a bug if he cared to, but then he'd have no real competitor to point at in defense of monopoly charges. Why not just let Apple have its little niche, whispers Jobs to Gates, and we'll agree not to get cocky and muscle in on your turf? The IE and Office deals merely consummated the marriage, as it were. Jobs is happy because Apple gets to survive, and Gates is happy because he has a harmless competitor that he can act all panikcy about.
This is pure speculation on my part, of course, but if there's much truth in it, you can expect Apple to be totally uninterested in the OSX for PC idea. I'm thinking that both Jobs and Gates would still prefer a no-compete situation.
Your proposal causes rather serious breakage in the SMTP email model, and I'm guessing it would probably be rejected if proposed to the IESG. It is currently valid for the "MAIL From:" address to be unrelated to the SMTP client performing the transmission, and your proposal requires that this no longer be the case. Unfortunately, it's necessary, as the following example shows.
Fred normally uses XYZ Internet Services and the email address fred@xyz.isp, but he's out of town in an area that XYZ do not service. He's arranged for temporary access through Convenient Local Internet Services so he can still access his mail. If he wants to send mail, he'll have to use the SMTP server at Convenient Local, since the SMTP server at XYZ would consider his mail an attempt at third party relay. Fred does not have (or want) an email address at Convenient Local, just IP access, so he continues to use his fred@xyz.isp address as the envelope address, so that bounce messages will be directed to his mailbox.
Alas, if it were as simple as verifying that the SMTP client was related to the "MAIL From:" address, then it would be possible to do this without the crypto-stuff: just have a new MX-like DNS record which specifies valid SMTP client addresses for each domain, and reject mail that does not come from a specified IP address.
I've been studying this, and I've come to the conclusion that SMTP is fundamentally flawed at the architectural level when it comes to dealing with spam. It's just too darn spam-friendly, and so far as I can tell, no additions to the protocol are going to help that.
What are the chances that MS will maintain compatibility with something that actually allows their applications to run on any OS platform? That's what they call "commoditization", and history shows that they are more interested in its opposite.
You mean like E-Stamps? Or perhaps you'd settle for a non-monetary payment like Hash Cash? I don't believe that either of these systems can prove to be very useful, because spammers simply won't adopt them. You can start refusing mail from everyone who doesn't support them if you like, and that will certainly solve your spam problem, because the chances are you won't get any mail anymore.
In my experience so far, the only way to run a fairly spam-proof SMTP server is to be utterly ruthless with blacklisting. Blacklist insanely large portions of IP space, but configure your SMTP server to produce a bounce message which describes a way around the block (like a postmaster address, or something). A legitimate sender should receive and read the bounce (unless they have one of those ghastly SMTP servers which discards error message text and "helpfully" translates it into "the user does not exist"), whereas a spammer is likely to ignore it. If someone responds to the bounce message in the manner described, whitelist the associated IP address. Spammers send out so much mail that they can't attend to every bounce message personally. (And contrary to some opinions I've seen expressed elsewhere in this article, I've yet to see any evidence that spammers remove addresses which consistently bounce.)
Another possibility is to use the "MAIL From:" address: construct a whitelist of names from whom you will accept mail, and bounce all the others with a similar "how to get around this" message. As before, add the address of any such person who reads the bounce message to your whitelist. Note that both of these techniques could, in principle, be automated. Note also that although a spammer can trivially forge the "MAIL From:" address, it's not nearly so trivial to match every "RCPT To:" address with a whitelisted "MAIL From:" address.
I don't pretend that the above approach to spam-blocking is polite, but rather that it's the only one I've found to be very effective, given the limitations of SMTP. Most people are quite horrified at the number of IP addresses I blacklist: one spam from an open relay is usually enough to convince me to blacklist that IP address at the class B level (approx 65,000 IP addresses in its neighbourhood). It's not about raw numbers, though: it's about the impact that it has on your mail service. If I'm never likely to receive a legitimate email from that IP range, then why not blacklist it?
Ultimately, though, the solution will be to replace SMTP with a protocol that recognises one simple fact that SMTP does not: parties engaging in mail exchange are potentially hostile to each other, and thus the protocol must only allow progress when there is mutual agreement between the parties that the transaction should go ahead. IM2000 is an interesting and potentially useful proposal, for example, albeit a bit short on details (and stagnant, judging by the recent lack of traffic on the mailing list). As it happens, I've chosen to make this problem (replacing SMTP) the subject of my Honours thesis, and that's due to be finished by July. Whether or not my proposals will actually be adopted by anyone is a different matter, of course.
I may well be a bit biased towards Open Source, but I think the evidence is there to support my view. The primary benefit of Open Source is not that the end users get to see the code, but rather that the operating system gets a much larger body of developers for free.
With a proprietary OS, the proprietor does all the coding, and the end users all pay for it. It's a simple sell/buy publish/subscribe produce/consume kind of relationship. The proprietor must make enough money out of it to be viable. Open Source isn't like that. The only question of viability in an Open Source project is whether there are enough individuals interested in using it and working on it.
Consumer needs include value for money, application availability, and reliability (both in the sense of no crashes and no viruses). Biased towards Open Source I may be, but that doesn't change the fact that both Windows and Linux (for entirely different reasons) beat the Amiga OS hands down in the "meets end user needs" stakes. If Amiga OS cost nothing (or nearly nothing), that would be a plus from the perspective of the consumer. There just wouldn't be much point making it free unless it were also Open Source, though.
I'm a fan of the Amiga. Not as vehement a fan as I used to be: my shelf-full of old Amigas goes largely unused, but not entirely unused. I can't help but wonder, though: no matter how cool any Amiga-related stuff may be, is it even possible for a proprietary OS to be successful in today's market? Look at Be -- it's the new Amiga: it will probably never die completely either. Apple has its little niche and is staying there thank you: it's not going away any time soon, but nobody is asking whether it will take over the world anymore.
And note: Linux is quite horrible in most regards as a desktop OS (which doesn't stop me using it as such, or even installing it on the machines of the clueless as a virus-proof alternative to Windows), but it's still the only system making real inroads on the desktop.
I find the empirical evidence too hard to ignore: unless you're Microsoft, the only way you're going to make significant advances in today's OS marketplace is to be Open Source. Proprietary releases of the Amiga OS for the PC platform might make a few old Amiga die-hards very happy, but is there really any future in it? Is history going to repeat itself again?
Slashdot Mirror
The whole C# and .Net thing is a potential competitor in the same arena, but I don't think that Microsoft's inclusion (or not) of Java is going to matter much. I always figured that Java was intended to allow cross-platform desktop app programming, but the niche it seems to be filling is a back-end role. Personally, I had expected Perl to fill this role as the new COBOL, but demand for Perl seems to be way down, except as one of those "we also expect you to know Perl" type things, which never actually turns out to be important in the job.
If your mail quota for the day included one legit mail and one hundred spams, do you think you might miss the legit mail anyhow? There comes a point at which false positives are no worse than manual filtering. Still, if "no false positives, ever" is one of your criteria for a spam filter, then so be it. It's not one of mine, as it happens.
By "passive strikeback", I mean a tool that does nothing more than respond to an active attacker in such a way that it turns the tables. I assume that most worms and spammer-tools are as poorly written as the buffer overruns and other assorted security holes they exploit. That being so, I would love some respectable white-hats to write open source tools which target weaknesses in the offending malware, so that when said malware comes a-knocking at my server, I might gently rip out its intestines and strangle it with its own entrails.
I'll settle for strikeback tools that do nothing more than neutralise the malware, although I'd be sorely tempted to do more in the case of spammer tools. Sending the malware into a flat spin, hang, or deadlock may be preferable to simple termination in many cases.
All in all, it's a pretty cute little system, although you'll definitely need to plan to interface it with other bits and pieces. The place I was working at was mostly dealing with Voice over IP (VoIP) applications, and so interfaced it with some telephony-style audio chips via one of the synchronous serial interfaces.
A closer analogy with regards to spamming would be to say that neither email nor file sharing are inherently wrong, but they become wrong when used to do certain things such as spam or infringe copyright. I'm sure that the university's AUP disallows both of these inappropriate uses of the facilities, and action is taken when they are notified of problems.
If the file-sharing side of things is bandwidth-limited, then that's a matter of practical resource management rather than morality.
I should point out that I don't necessarily consider infringing copyright to be an intrinsic "wrong" -- more of a "technical wrong". Any action which infringes copyright breaks the law -- but this has little bearing on whether the action is fair or unfair, right or wrong.
In other cost-cutting measures, Stargate SG1 will be canceled, but replaced with a spin-off series called "Wormhole eXtreme". Also, the network is considering breathing new life into the old BBC series "Doctor Who". Rumour has it that the renewed "Doctor Who" series would hold fairly true to its earlier incarnation, and less like the movie-length "pilot" episode that was produced a number of years ago. An anonymous inside source tells us, "we think the die-hard Who fans will like it: sets will wobble."
The GPL mostly prevents "free rider syndrome", where people use code in their own programs without contributing anything to the original authors. It only does this to a fairly limited extent, and the LGPL is even more limited (by design), but they both place more obligations on re-users of the code than the purely defensive licenses.
No truly "open source" license can defend against the tactic of "reimplement, embrace, and extend" though, which is what Microsoft did to Kerberos.
Fine, that is, until you change service providers, and are obliged to change domain names to the name of your new provider. At that point, you lose all the links that anyone ever created to your website, and your search engine rankings. Ditto for email addresses, as you have to tell everyone who ever emails you to update their address book.
What you've come up with here is not an argument for "get a subdomain wherever your site is hosted," but rather for, "there should be a very large number of meaningless top level domains, so that everyone everywhere can have a not-particularly-meaningful but permanent domain name which remains theirs in perpetuity."
Pluto has been fairly bitter about our attitude toward it in times past. The Brunching Shuttlecocks have interviewed Pluto on two previous occasions [ first interview, second interview ], on the second of which it complained about the lack of attention we've been giving it, and also claimed to support life. I wonder whether these latest developments will change its tune at all.
I'm of the opinion that what most people call "ESP" or "psychic powers" probably has some basis in fact. Just because we don't have a strong scientific theory for it doesn't mean that it doesn't exist. The fact that scientists are more or less obliged to be materialist in order to garner any respect from their peers probably doesn't help. The safest attitude to take towards anything "psychic" is to ignore it as unworthy of study. The second safest attitude is to "debunk" it. Try to do any serious research on it, and you'll be branded a crank, I think.
And what's with this implied attitude that "you really shouldn't believe in that sort of thing, since we haven't proved it." Why is science the One True Epistemic Gatekeeper? Science is a useful tool, of course, but is it the best way of determining the truth of every possible question?
I'm not trying to pat Linux or *BSD on the back here -- the Unix security model is far from ideal, actually -- but it's a good argument for open systems in general, even if they're not "free" as such.
I resigned over this very issue. I submitted two essays to the Wipout competition on the matter: The Intellectual Slave, and Current Thoughts on Intellectual Property. The first is the more relevant of the two: the only detail that the second adds is the fact that I did resign.
Rather than repeating yourself, it would have been better to clarify which sense of "public" you meant. Open to all the people, like a public meeting? Maintained at the public expense, like a public library? Open to the view or knowledge of all, like when a fact goes public? I have a couple of servers permanently connected to the Internet, and only parts of them can be considered "public" in any of these senses (and not at all in the "funding" sense, alas). Perhaps you simply meant that you can't control what people do with information that you've disclosed (made public). I can agree with that, but I think "the Internet is public" is a poor way of expressing it.
I propose a simple and effective email charge system, where bulk mailers are FORCED to pay an appropriate amount in order to mail to a few thousand, tens of thousand, etc people.
Which bulk mailers will be forced how and by whom to comply with this?
If we can force them to conform to a business model that mimics the Real World and no longer lives in Fantasy Land...
Hate to burst your bubble, but at this moment in time the Internet exists in the real world, and your proposal exists in fantasy land. How were you intending to transpose them?
However, I can't say this enough: Attempting to legislate against this practice is not only ineffective, it is UNCONSTITUTIONAL and completely worthless.
To which constitution were you referring? The Internet does not have a "constitution" of which I'm aware. I take it that you're not proposing to legislate that ISPs should have to charge for bulk mail, then? Or would that be both constitutional and worthwhile? You mentioned forcing people to comply, so I assumed you meant law, but now I'm not so sure.
In short summary, legislating against spam is yet another of the giant wastes of time that government spends its time doing. It needs to be addressed from the economical model (reasonable ISP charges) or from the personal level (maintain public/private email addresses).
Oh, so you are against legislation in this case. You expect every ISP under the sun to spontaneously start charging for bulk mail. Well, if that's our only solution, then my guess is that spam is here to stay.
My bet is that an improved set of mail protocols will be the answer. That's why I'm working on them full time right now. Ask me about them in another four months or so.
Randy got it right: these people were meant to serve, and are trying to rule. They will be first against the wall when the revolution comes. Okay -- maybe second, after spammers.
The practice that I'm talking about here is that of selling relative rankings in an advertising medium. The beauty of the system is that the value of advertising really does "float free" in the marketplace, but at the same time empowers the seller of the ad space to keep prices up without looking greedy.
In the case of eBay, they keep adding new "features" you can use to increase the relative profile of your auction. Each of these features costs money, of course (other than a couple of basic ones which are included in the cost of a basic auction). Rather than ratchet up the prices on these features, eBay seems to prefer to add new, fancier features which cost more money. But note: these new features have the side effect of making the older features less valuable because they aren't the biggest eye-catchers on the block anymore. This means that the cost of the highest-profile feature keeps going up, even if all the prices of existing features are static.
In searching for precedents to this, I remembered the plain old printed White Pages (TM in various locations, no doubt) telephone directory. This doesn't accept ads, but over time they've gone from "every listing looks the same", to "pay extra for a bold entry", to "pay even more for a SUPERBOLD entry", and so on.
Technical hurdles and business considerations aside, cast your memories back to 1997 when Jobs shocked the world by teaming up with Gates. Remember that $150 million in non-voting Apple stock purchased by Microsoft, and patent cross-licensing deal? Anyone? Here's the Apple Press Release in case you forgot. Apple was in bad shape, and Microsoft was up for monopolistic practices. Jobs agreed to make IE the default browser for the Mac, and Gates agreed to give Office better treatment on the Mac platform.
According to my vivid imagination, Jobs had a word in Gates' ear, saying words to the effect that Gates could crush Apple like a bug if he cared to, but then he'd have no real competitor to point at in defense of monopoly charges. Why not just let Apple have its little niche, whispers Jobs to Gates, and we'll agree not to get cocky and muscle in on your turf? The IE and Office deals merely consummated the marriage, as it were. Jobs is happy because Apple gets to survive, and Gates is happy because he has a harmless competitor that he can act all panikcy about.
This is pure speculation on my part, of course, but if there's much truth in it, you can expect Apple to be totally uninterested in the OSX for PC idea. I'm thinking that both Jobs and Gates would still prefer a no-compete situation.
Alas, if it were as simple as verifying that the SMTP client was related to the "MAIL From:" address, then it would be possible to do this without the crypto-stuff: just have a new MX-like DNS record which specifies valid SMTP client addresses for each domain, and reject mail that does not come from a specified IP address.
I've been studying this, and I've come to the conclusion that SMTP is fundamentally flawed at the architectural level when it comes to dealing with spam. It's just too darn spam-friendly, and so far as I can tell, no additions to the protocol are going to help that.
What are the chances that MS will maintain compatibility with something that actually allows their applications to run on any OS platform? That's what they call "commoditization", and history shows that they are more interested in its opposite.
In my experience so far, the only way to run a fairly spam-proof SMTP server is to be utterly ruthless with blacklisting. Blacklist insanely large portions of IP space, but configure your SMTP server to produce a bounce message which describes a way around the block (like a postmaster address, or something). A legitimate sender should receive and read the bounce (unless they have one of those ghastly SMTP servers which discards error message text and "helpfully" translates it into "the user does not exist"), whereas a spammer is likely to ignore it. If someone responds to the bounce message in the manner described, whitelist the associated IP address. Spammers send out so much mail that they can't attend to every bounce message personally. (And contrary to some opinions I've seen expressed elsewhere in this article, I've yet to see any evidence that spammers remove addresses which consistently bounce.)
Another possibility is to use the "MAIL From:" address: construct a whitelist of names from whom you will accept mail, and bounce all the others with a similar "how to get around this" message. As before, add the address of any such person who reads the bounce message to your whitelist. Note that both of these techniques could, in principle, be automated. Note also that although a spammer can trivially forge the "MAIL From:" address, it's not nearly so trivial to match every "RCPT To:" address with a whitelisted "MAIL From:" address.
I don't pretend that the above approach to spam-blocking is polite, but rather that it's the only one I've found to be very effective, given the limitations of SMTP. Most people are quite horrified at the number of IP addresses I blacklist: one spam from an open relay is usually enough to convince me to blacklist that IP address at the class B level (approx 65,000 IP addresses in its neighbourhood). It's not about raw numbers, though: it's about the impact that it has on your mail service. If I'm never likely to receive a legitimate email from that IP range, then why not blacklist it?
Ultimately, though, the solution will be to replace SMTP with a protocol that recognises one simple fact that SMTP does not: parties engaging in mail exchange are potentially hostile to each other, and thus the protocol must only allow progress when there is mutual agreement between the parties that the transaction should go ahead. IM2000 is an interesting and potentially useful proposal, for example, albeit a bit short on details (and stagnant, judging by the recent lack of traffic on the mailing list). As it happens, I've chosen to make this problem (replacing SMTP) the subject of my Honours thesis, and that's due to be finished by July. Whether or not my proposals will actually be adopted by anyone is a different matter, of course.
Amoeba Invaders was a nice piece of work. Very smooth. Well done.
With a proprietary OS, the proprietor does all the coding, and the end users all pay for it. It's a simple sell/buy publish/subscribe produce/consume kind of relationship. The proprietor must make enough money out of it to be viable. Open Source isn't like that. The only question of viability in an Open Source project is whether there are enough individuals interested in using it and working on it.
Consumer needs include value for money, application availability, and reliability (both in the sense of no crashes and no viruses). Biased towards Open Source I may be, but that doesn't change the fact that both Windows and Linux (for entirely different reasons) beat the Amiga OS hands down in the "meets end user needs" stakes. If Amiga OS cost nothing (or nearly nothing), that would be a plus from the perspective of the consumer. There just wouldn't be much point making it free unless it were also Open Source, though.
And note: Linux is quite horrible in most regards as a desktop OS (which doesn't stop me using it as such, or even installing it on the machines of the clueless as a virus-proof alternative to Windows), but it's still the only system making real inroads on the desktop.
I find the empirical evidence too hard to ignore: unless you're Microsoft, the only way you're going to make significant advances in today's OS marketplace is to be Open Source. Proprietary releases of the Amiga OS for the PC platform might make a few old Amiga die-hards very happy, but is there really any future in it? Is history going to repeat itself again?
(Yes, I'm Australian.)
"I'm an embedded developer."