WU's primary business is transferring money. (Telegrams not much anymore). Their target market is people without bank accounts+credit cards , so not the most financially skilled population.
Go to your bank, and request to wire a large sum of money (a few k or more) to another account. You will get questioned "do you know the recipient?" etc, as a safety check to be sure you are not being scammed. I don't think I've ever used Western Union, but if they don't perform the same safety check, they are a part of the problem.
Well the server is long gone,so I can't prove it, but I think i tested it with telnet . It would 550 *during* the initial stmp connection. I was certain that to bounce email to the honeypot address,the spammer needed to be using an open relay .
That's exactly what it did. The script exited with the above message triggering the 550 message from postfix. To have sent mail to the Honeypot address, it would have taken an open relay to redirect the message. I wanted legitimate senders to see the error message.
Years ago I was running an email server, (Very low output 3 to 5 users personal email only, no lists) and we had some inbound addresses that were overloaded with spam, so we abandoned them. But rather than just discarding email sent to those addresses ( for fear that someone didn't get the new address) I set them up so (via a piped script in the aliases file ) to fail on receipt with the message "your message to abandoned@email can not be delivered, please use the webform here to send your message"
So we got blacklisted, and checking the logs we had *NO* outgoing email at the time of the accursed spam message(s). The blacklist service didn't give me the whole message, but it contained enough for me to find reference to it in my log.
Near as I can figure, some spammer sent email to us through an open relay, using a honeypot (you get classed as a spammer if you send email to this address ) as his spoofed 'from: address'. My mailer refused to accept the email to the abandoned address, so the relay returned the 'undelivered' message to the honeypot address.
Now I had several problems with this. First, to avoid blacklisting, I had to remove this helpful service. Now those messages go to/dev/null. second, I didn't actually send the email, but we got blacklisted simply because our IP adress was in the chain of Received headers in the email header.
More recently, I had newsletter messages sent to a members of a private club bounced by their local ISP. The sending IP address was not listed in any blacklist I could find. The ISP was just refusing connection, No message, nothing. (I could send email to that ISP from other services like gmail) They wouldn't take my call ( I'm not their customer) so I had some of their customers call and ask "Why am I not getting these newsletter messages?" . I wasn't on the call, but it sounded like they just played dumb. A few of the list members gave us non-local-isp addresses (gmail , yahoo) and now they get the newsletter there.
Again, legitimate email loses out.
And finally, Just about every time, my "password reset" messages end up in people's spam folder. This is one of my most common support calls. (this even after the page where they request the password reset says right on it "check your spam folder" )
There are lots of false positives on spam.
I wasn't complaining about the petition in itself, just a crappy website. What really steamed me was getting stuck in this "signed in" and also "not signed in" state. ( felt like a Douglas Adams book) I got it to work, but how many people would have given up sooner. The validation link should have *also* signed the petition. And if they are going to email a https link they should have wrapped it as html so my email client would see it as a link. ( I didn't know until now that my email clients wouldn't see https in the text and make it hot-link. ) I suspect , not enough testing was done.
and how is it worded, if we get 5000, they will consider responding to it.
OMFG what a terrible website experience... no wonder only 11 signatures at the moment.
requires sigin to vote.. ok
pop up form incompatible with android touch kybd. ( click text area , lose kybd focus)
use slide out kybd
Sends validation mail.... ok
It's not a link, I have to copy and paste
Drops me to 404 page
Move to laptop, try again
Still, not a link, but copy paste better on laptop, whitehouse.gov says:Validation already used.
Please login, requests email and password... ( I didn't ever get prompted for a password )
request lost password
New validation link, ( still not hot, copy paste)... OK validated, but link valid only once, please set password.
OK, logged in.. but *lost* is the link to the page I was on... where is that petition ?
back to/. re-click link page comes up,.. but "Sign Petition" is still greyed-out
click "signin" and my choices are "Sign out" and "Forgot Password"
Now I will try logout and log back in.. will see if that works
I get the feeling they don't actually want people to sign these things.
I'll bet the launch g-forces are way to high. ( the B in ICBM is balistic which I believe describes most of the flight ) plus, the thing probably doesn't nearly approach safety standards for human flight.
in reality any setting that can be changed by software, is open to modification by rogue software. If the secure boot *can* be disabled, then it's useless. ( if you had to click a hardware switch, that is a different story)
I thought M$ push was that this option couldn't be disabled. Or are they planing on the windows boot process to halting if it discovers that it wasn't booted securely? Like that wouldn't get hacked... ( assuming anybody actually wants the new M$ OS by then )
That specific article and its tone was the final straw that convinced me to cancel may SA subscription. I resent the presumption that asking for alternative points of view puts you on the lunatic fringe.
and demand that the all the facts be put on the table and have a court decide, where there is no reason to expect that a court would actually side with the facts?
He was right to settle. As much as I wish Sony could be forced to publicly admit they were wrong, Geohot was right to settle. The fact that Sony offered such a weak settlement, exposes either how weak the case really was..... or how much they figured it would cost them to buy the verdict they wanted.
Google could pull apps like trapster, and people could still get them from the amazon appstore. Amazon already has radardroid which isn't free but reports speed cameras etc. Not exactly the same but along the same idea. One more reason open is better.
However this only works if your carrier hasn't blocked sideloading ( at&t)
The app I know about "trapster" is totally based on user reports for speed traps and all versions of checkpoints.
I can't believe that with all of this discussion, I haven't seen anyanybody naming apps.
This whole discussion has overtones of byte8406. But this does get me thinking, if tech employees are considered old at 40, how much more common will the "I never saw a 25 pin rs232 port" type of mistake be in the future?
doesn't work for me either. Hybrid pages print only the streets.
But then, the same page crashes in IE 6.0.. no clue why, I just tested it now to see if it was different, and I can't even bring the page up in IE.
Simalar pages will print from MSN in mozilla, but it's like a screen shot, it doesn't reformat for the printer. Unless there is some print tool I can't find on the page ( printing via file->print)
It is hit and miss. For my house MSN is better, for my office Google is MUCH better. For one thing google has use color images which tell you more. MSN's appear to be IR images which are not as interesting to look at. Google's big advantage is closeups of the whole globe
PyramidsGreat wall of China.
MSN will not zoom in beyond the general globe image on these areas.
Also, for me MSN keeps failing to load images, I have to move away and back seveal times to view a whole page of images.
Can someone please hand me a penguin to bash this man over the head with?
Not sure why I need bashed. My point was that the harder it is to continue to use windows the more likely it becomes that the user might switch to something easier (penguin friendly).
From the doc linked to: >6. After downloading "GenuineCheck.exe", run it on the machine running a genuine copy of Windows XP. > It will generate a code which is used for WGA validation. Copy the code and use the same code to >validate a pirated copy of Windows XP and bypass the WGA.
But that's bogus, you still need "access" to a authentic copy to perform this hack. It's not really a hack at all.
But sadly this will only make it easier for people unwilling to pay for windows to continue to use it. It would be better if they had to find a cheeper (legal) solution.
Slashdot Mirror
WU's primary business is transferring money. (Telegrams not much anymore). Their target market is people without bank accounts+credit cards , so not the most financially skilled population.
Go to your bank, and request to wire a large sum of money (a few k or more) to another account. You will get questioned "do you know the recipient?" etc, as a safety check to be sure you are not being scammed. I don't think I've ever used Western Union, but if they don't perform the same safety check, they are a part of the problem.
Well the server is long gone ,so I can't prove it, but I think i tested it with telnet . It would 550 *during* the initial stmp connection. I was certain that to bounce email to the honeypot address ,the spammer needed to be using an open relay .
That's exactly what it did. The script exited with the above message triggering the 550 message from postfix. To have sent mail to the Honeypot address, it would have taken an open relay to redirect the message. I wanted legitimate senders to see the error message.
Yes it is a problem. But these are messages from a SPF domain. I suspect it's because the messages are short and mostly a url with a long hash in it.
It's not looks-legit.some.bogus.domain.ru. It's samedomainthatsentthemail.com/reset.php?code=longhash
Years ago I was running an email server, (Very low output 3 to 5 users personal email only, no lists) and we had some inbound addresses that were overloaded with spam, so we abandoned them. But rather than just discarding email sent to those addresses ( for fear that someone didn't get the new address) I set them up so (via a piped script in the aliases file ) to fail on receipt with the message "your message to abandoned@email can not be delivered, please use the webform here to send your message"
/dev/null. second, I didn't actually send the email, but we got blacklisted simply because our IP adress was in the chain of Received headers in the email header.
So we got blacklisted, and checking the logs we had *NO* outgoing email at the time of the accursed spam message(s). The blacklist service didn't give me the whole message, but it contained enough for me to find reference to it in my log.
Near as I can figure, some spammer sent email to us through an open relay, using a honeypot (you get classed as a spammer if you send email to this address ) as his spoofed 'from: address'. My mailer refused to accept the email to the abandoned address, so the relay returned the 'undelivered' message to the honeypot address.
Now I had several problems with this. First, to avoid blacklisting, I had to remove this helpful service. Now those messages go to
More recently, I had newsletter messages sent to a members of a private club bounced by their local ISP. The sending IP address was not listed in any blacklist I could find. The ISP was just refusing connection, No message, nothing. (I could send email to that ISP from other services like gmail) They wouldn't take my call ( I'm not their customer) so I had some of their customers call and ask "Why am I not getting these newsletter messages?" . I wasn't on the call, but it sounded like they just played dumb. A few of the list members gave us non-local-isp addresses (gmail , yahoo) and now they get the newsletter there.
Again, legitimate email loses out.
And finally, Just about every time, my "password reset" messages end up in people's spam folder. This is one of my most common support calls. (this even after the page where they request the password reset says right on it "check your spam folder" ) There are lots of false positives on spam.
Can you post the image links here?
Rail gun instead of cannon
Start way out at sea
I wasn't complaining about the petition in itself, just a crappy website. What really steamed me was getting stuck in this "signed in" and also "not signed in" state. ( felt like a Douglas Adams book) I got it to work, but how many people would have given up sooner. The validation link should have *also* signed the petition. And if they are going to email a https link they should have wrapped it as html so my email client would see it as a link. ( I didn't know until now that my email clients wouldn't see https in the text and make it hot-link. ) I suspect , not enough testing was done.
and how is it worded, if we get 5000, they will consider responding to it.
It's a small step, in a big fight.
OMFG what a terrible website experience ... no wonder only 11 signatures at the moment. :Validation already used. ... OK validated, but link valid only once, please set password. .. but *lost* is the link to the page I was on... where is that petition ? /. re-click link page comes up, .. but "Sign Petition" is still greyed-out
requires sigin to vote.. ok
pop up form incompatible with android touch kybd. ( click text area , lose kybd focus)
use slide out kybd
Sends validation mail.... ok
It's not a link, I have to copy and paste
Drops me to 404 page
Move to laptop, try again
Still, not a link, but copy paste better on laptop, whitehouse.gov says
Please login, requests email and password... ( I didn't ever get prompted for a password )
request lost password
New validation link, ( still not hot, copy paste)
OK, logged in
back to
click "signin" and my choices are "Sign out" and "Forgot Password"
Now I will try logout and log back in.. will see if that works
I get the feeling they don't actually want people to sign these things.
I'll bet the launch g-forces are way to high. ( the B in ICBM is balistic which I believe describes most of the flight ) plus, the thing probably doesn't nearly approach safety standards for human flight.
in reality any setting that can be changed by software, is open to modification by rogue software. If the secure boot *can* be disabled, then it's useless. ( if you had to click a hardware switch, that is a different story) I thought M$ push was that this option couldn't be disabled. Or are they planing on the windows boot process to halting if it discovers that it wasn't booted securely? Like that wouldn't get hacked... ( assuming anybody actually wants the new M$ OS by then )
That specific article and its tone was the final straw that convinced me to cancel may SA subscription. I resent the presumption that asking for alternative points of view puts you on the lunatic fringe.
and demand that the all the facts be put on the table and have a court decide, where there is no reason to expect that a court would actually side with the facts? He was right to settle. As much as I wish Sony could be forced to publicly admit they were wrong, Geohot was right to settle. The fact that Sony offered such a weak settlement, exposes either how weak the case really was..... or how much they figured it would cost them to buy the verdict they wanted.
Google could pull apps like trapster, and people could still get them from the amazon appstore. Amazon already has radardroid which isn't free but reports speed cameras etc. Not exactly the same but along the same idea. One more reason open is better. However this only works if your carrier hasn't blocked sideloading ( at&t)
The app I know about "trapster" is totally based on user reports for speed traps and all versions of checkpoints. I can't believe that with all of this discussion, I haven't seen anyanybody naming apps.
This whole discussion has overtones of byte8406. But this does get me thinking, if tech employees are considered old at 40, how much more common will the "I never saw a 25 pin rs232 port" type of mistake be in the future?
Right on the mark. They also made tactical nuclear war nearly impossible. (Global warming ) . It's supposed to be a game not a civics lesson.
it was "The Ensigns Of Command" google found it here I'm not enough of a geek that I knew it, but it did sound famliar to me as well.
doesn't work for me either. Hybrid pages print only the streets.
.. no clue why, I just tested it now to see if it was different, and I can't even bring the page up in IE.
But then, the same page crashes in IE 6.0
Simalar pages will print from MSN in mozilla, but it's like a screen shot, it doesn't reformat for the printer. Unless there is some print tool I can't find on the page ( printing via file->print)
It is hit and miss. For my house MSN is better, for my office Google is MUCH better. For one thing google has use color images which tell you more. MSN's appear to be IR images which are not as interesting to look at. Google's big advantage is closeups of the whole globe Pyramids Great wall of China.
MSN will not zoom in beyond the general globe image on these areas.
Also, for me MSN keeps failing to load images, I have to move away and back seveal times to view a whole page of images.
Isn't it a little odd that google is missing images about 2 miles from there ?
Can someone please hand me a penguin to bash this man over the head with?
Not sure why I need bashed. My point was that the harder it is to continue to use windows the more likely it becomes that the user might switch to something easier (penguin friendly).
From the doc linked to:
>6. After downloading "GenuineCheck.exe", run it on the machine running a genuine copy of Windows XP.
> It will generate a code which is used for WGA validation. Copy the code and use the same code to
>validate a pirated copy of Windows XP and bypass the WGA.
But that's bogus, you still need "access" to a authentic copy to perform this hack. It's not really a hack at all.
But sadly this will only make it easier for people unwilling to pay for windows to continue to use it. It would be better if they had to find a cheeper (legal) solution.
Much to my shock this works from the mirror, with the root password. (machtNix )
;-)
Disbelief that it works at all, then another level of disbelief that it works from the mirror.
Screw it up as bad as you like. It all comes back when you reload