You can download it and test out all your existing hardware.
The FUD is fake.
One download, one reboot, all your questions are answered.
And if you don't like it, nothing on your computer has changed.
I think you might do better reading the article instead of just typing your uninformed rants.
In the ARTICLE, he stated that he tried a bit, but then resorted to VIRTUALIZING software.
The bug might have been in Linux, or the bug might have been in the software he was using to virtualize his hardware. When he could have just booted the Knoppix CD on his machine.
Personally, I've had almost 100% success with booting Knoppix, including sound.
All you Linux-hating 'bots are the same. BASIC troubleshooting would indicate that you boot WITHOUT the virtualization layer.
If the bug was in the virtualization software, then NONE of the Linux distributions would have worked. (Hmmmm, that seems to be exactly what he said happened.)
The easy solution would be to try Linux on the machine itself. But no one can do that because he didn't say what his hardware was. I wonder why someone would skip over such a BASIC item. Maybe because he wanted to write an article about how bad Linux was?
Despite my very positive first impressions, I couldn't get XYZ to work with my sound card at all, even though I was testing XYZ on a brand new PC from a major vendor. The system was based on an utterly mainstream Intel motherboard with an on-board Intel sound system. This isn't some weird, off-brand system using unknown components: It's about as mainstream as it gets.
It sounds as if he's running it on hardware, not some virtualized system. Also....
Maybe it's me, but that oft-cited suggestion has always seemed a little odd. I can see where a new operating system might require new hardware, but why should a new operating system require old hardware? And if the hardware was to blame, how could XP handle it out of the box, with no special drivers or setup?
Again, the reference is towards hardware, not some virtualized box.
But I try to keep an open mind, so I entertained the thought: Maybe there was something truly strange about the hardware.
Again, hardware.
THEN he switches to virtualized hardware.
Right..............
At which point, you can't tell whether the problem is with the Linux drivers or the virtualization software. So he has no case.
The problem could very well have been in how the virtualization software presents the virtual system to Linux.
I can crash my VMWare sessions with DMA calls to a CD burner even when I'm running Win2K guest on Win2K host.
I don't blame Win2K for that.
I don't blame the CD burner for that (AOpen).
I believe the "blame" is with VMWare, but so what? It isn't important to me and I can still use the burner fine with either Win2K or Linux as the host.
Because ONE "journalist" had trouble getting ONE sound card to work, even though he tried SEVERAL distributions (but not Red Hat or Mandrake, but he included TWO versions of SlackWare).
Linux SUCKS on sound support and that is why Linux has problems?
Now, if the "journalist" ran a real test, say of a DOZEN differnt sound cards, across a DOZEN different distributions, and identified which distributions worked with which sound cards, then I'd believe him.
To me, this reads like someone who found ONE piece of hardware that Linux has problems with, but which works well with Windows, and then tried to find out how MUCH of a problem Linux has with that ONE piece of hardware.
I don't expect anyone to try 9 different distributions to get the sound working. Sound cards are $10. If you want sound, it would be easier to spend th $10 and get one that is well supported rather than waste your time and effort trying to see if that ONE PIECE OF HARDWARE is supported in any other distribution.
Or, you could, gasp!, do some RESEARCH and find out if there is a distribution that supports that ONE piece of hardware.
There will ALWAYS (until Linux hits 51% of the desktops) be hardware that does not play well with Linux. This is not a disaster nor will it prevent anyone from migrating to Linux.
Even if Linux supported 99%+ of the hardware out there, that article would still be as correct as it is now. But it would be worthless, just as it is now.
Insurance is competitive. The companies have to look at all kinds of information to determine the lowest price they can charge while still earning enough to pay claims. With fire and such, a lot of the data is statistical. They can look at the statistics of how many homes burned in an area and how much the settlement was for.
The same with auto insurance. They look at your driving record and compare your stats with others in that area.
This "insurance" doesn't fit the standard model. What is the likelyhood of a distribution being sued?
We can tell how many homes per 1,000 will catch fire for any area. But no distributions have ever been sued before. We don't know the likelyhood OR the settlement history. So how can they determine the premiums (the money you pay to be insured)?
You have to take in enough money to pay the claims (plus paying the people working for you). If you don't know how big the claims will be, how can you know how much to charge?
I hope it's just Egger looking for some income and hiring PJ and Perens to do "work" as an excuse to exploit their name-recognition.
You see OSRM, you see PJ mentioned. Yet she is not the lawyer and not the driving force behind this and not fronting the cash. She does RESEARCH. She's a PARA-LEGAL.
She isn't an insurance genius.
She isn't a hot-shot lawyer.
She isn't massively wealthy.
But she always gets mentioned. To me, that means someone is trying to trade on her name. I hope it is Egger and not PJ herself.
They do NOT have access to all the millions of lines of proprietary code out there.
There is no way for them to tell whether some code was stolen or not.
The best thing anyone can do is to keep doing exactly what they have done before. Write the code. Document who submitted it and when and who submitted patches for it and when and so forth.
All I see here is a lawyer trying to make money off of Linux.
A. Either no will will ever be successfully sued, in which case you've wasted your money... -or- B. Violations will be found and EVERYONE will be sued and the insurance company will go broke paying all the claims.
Now, think about which (A or B) the lawyer will WANT to be on and then think about paying for any "insurance".
Sniffing only works when on that network.
on
Port Knocking in Action
·
· Score: 4, Insightful
You can only sniff packets on a network you are attached to.
What that means in real life is that someone would have to be connected somewhere along the route from your machine to the server you're knocking on.
I am in Seattle, I can knock on my server from another location in Seattle. Someone in Canada will not be able to capture any of my packets.
Port knocking allows me to run a service on the Internet and not worry about just anyone from anywhere connecting to it.
May I also point out that such is the case with the existing "anti-virus" market?
We see "patches" every week for the latest round of viruses. And we will continue to, until Microsoft addresses the actual vulnerabilities in their software (and the security model upon which it is based).
A virus or a worm (and, to a less extent, trojans) are all FAILURES in the security of a system. How many failures of an almost identical nature does it take before people realize that the model is flawed?
I'll pick on Microsoft because they're an easy target.
#1. Poor security model. They install EVERYTHING by default and turn it on. You're running vulnerable services that you don't even know about.
#2. Patches that break working systems. There was the problem with the patch for the Blaster worm that broke RPC on NT4.0 servers.
#3. Which leaves it up to the administrators to constantly check for new patches and test those patches in their non-production network and deploy those tested patches to production machines in a timely manner.
And, just as you've noted, that only covers the patches that a vendor actually releases AFTER admitting to the vulnerability.
The current system (the one the author of the article is crying about) places undue dependence upon the LEAST reliable segment; the PERSON doing the administration.
His "solution" also gives the most latitude to the segment that should be working the hardest to solve this problem; the VENDOR of the buggy software.
Under no circumstances do I believe that extending the window of vulnerability would be a "good" thing.
The entire focus SHOULD be on making the admin's job as effortless as possible.
A. An easy way to determine what is installed on your system AND THE PATCH LEVEL.
B. An easy way to see if there are any security patches for everything in "A".
C. An easy way to deploy the patches in "B" to a test environment (because we always test).
D. An easy way to deploy the patches in "B" to the vulnerable systems.
My favorite is Debian because I can already do most of that, easily.
First, let's define zero-day exploit. An exploit is a method devised to take advantage of a specific software vulnerability using a software virus, Trojan horse or worm. When the exploit is done without a virus, Trojan or worm, it's using an undocumented feature.
Undocumented feature? WTF?
It's a security hole! Not an "undocumented feature".
Hahahahahahahahaha!
If you don't have any questions, then no one will tell you to RTFM.
If you have a question, then you RTFM.
If your question is NOT answered in TFM, then you ask it.
Actually, lots of people have thought of using a GUI to put together a command line statement. Lots of people have even thought of using a GUI to import/export text based config files.
If it costs time and money to review code, then, all other conditions being equal, the code with fewer lines will take less time and money to review.
On the other hand, there is nothing stopping any Linux-based vendor from stripping out any non-applicable code from Linux before submitting it for a government application.
The real issues I see here are:
#1. He is in competition with a Linux-based vendor for specific governmental applications.
#2. He has to pay to have ALL of his code written and tested while the Linux-based vendors can take what is already available and pay to write fewer lines of code.
#3. Given #1 & #2, he tries to spread FUD in an attempt to scare people away from Linux in governmental applications because he cannot compete on price or reliability.
We've all seen this before and we'll see it again.
But if it is only applied to the IP/sender/recipient then it will be vulnerable to random generation of senders. Example: bob1@crackedhost.com to me@mycompany.com (blocked) bob2@crackedhost.com to me@mycompany.com (passed) bob3@crackedhost.com to me@mycompany.com (passed) bob4@crackedhost.com to me@mycompany.com (passed)
I think a different way to approach it would be to link the firewall and the MTA.
#1. Any site that you have sent mail to will not be greylisted.
#2. Any site that sends any mail to your bogus accounts will be greylisted, unless it is also part of #1.
#3. Any mail identified as spam by a person can be dropped into a mail folder that will be processed and those sites greylisted (unless it is also part of #1).
#4. Your firewall rules will be updated on-the-fly to drop/deny smtp connections from any sites in #2 or #3 that are not referenced in #1.
This won't completely eliminate spam. But it should cut down on the spam from cracked home machines and such.
Eventually, all the spammers will have to host at sites that you actually send legitimate email to. At which point, the above model would be expanded to also check domain name to further filter the spam.
The drawback is that you'll need some decent amount of fast memory in your firewall to be able to process the list of bad addresses. An alternative might be to also build a list of "known good" addresses and check incoming connections against those first. Most legitimate email in my case seems to be sent to and from the same small sub-set of addresses.
If the spammer sends to a bogus address, but the spammer sends from earthlink or AOL.
You don't want to "greylist" earthlink or AOL.
I use a less effective method of this by simply dropping bogus addresses around and setting up a rule in SpamAssassin to +20 anything sent to that address which then triggers the auto-learn feature of SpamAssassin.
But you idea will work great when it comes to filtering out spam from cracked home machines.
Because people will COMPLAIN that they can't send email to people whom they could email yesterday.
What company wants to get all those irritated AOL customers calling them because they can't email Aunt Sally anymore and why did they break the Internet?
No solution will work until it can be implemented WITHOUT annoying real-live people sending email.
Which means that it will always come down to improving the filters on YOUR server and so forth before even suggesting that anyone change anything on their servers. Including changing the protocol.
So, the "solution" is to work with the existing protocol and find a way to reduce the spam on your server. I don't think that any single method will work. And it doesn't have to be 100% perfect, initially. Killing spam will probably be an evolutionary process.
Most of the spam I see is from domains that we have not sent mail to. Just setting up a system to check that would flag a lot of it.
Also, you'd want a way for your firewall to deny connections from verified spam sites. This will cut down on some of the traffic. The question is, how to verify that they are spam sites? Can it be done automatically?
I'd suggest "seeding" the spammers with fake addresses that your email server would then identify and have the firewall drop in the future. Unless you had sent email to one of those sites (that way earthlink and AOL don't get banned).
Multiple levels is the only way I can see this being improved. Spam has to get through your firewall, then the spam filter. You distribute deceptive addresses to actively identify spammers and cracked machines/relays.
Eventually, all the spammers will end up sending single line spams from AOL/earthlink accounts. At least they would be contained.
"Offshoring creates wealth for U.S. companies and consumers and therefore for the United States as a whole: that is why companies choose to follow this course."
No, the reason they choose to follow that course is because it SAVES THEM MONEY.
"Offshoring is just one more example of the innovation that keeps U.S. companies at the leading edge of competitiveness across multiple sectors."
It was INNOVATION that enabled them to move the work offshore. But moving the work offshore is NOT innovative.
Example: Driving to work is no more innovative than riding a horse to work or walking to work. But the car was an innovation.
"If it did not benefit U.S. businesses, they would not offshore."
This is correct. But it is irrelevent.
"The more companies innovate, the more competitive they become and the more benefits are passed on to consumers."
Again, this is correct, but irrelevent. They are trying to link their incorrect claim that offshoring is "innovative" with the fact that innovation helps consumers.
All of their "benefits" are phrased as "potential" and based upon previous, NON-OFFSHORING, changes.
"None of this may seem too convincing to someone who has lost their jobs, but it's worth reflecting that the number of jobs outsourced is a tiny number compared to those created and lost as part of the normal economic cycle."
It isn't just about the numbers. It is about the JOBS.
A software company starts up, hires people, goes broke and fires people. That's normal. Another company can start up an attempt to fill that niche.
But when a company starts up and then hires offshore, the cycle is NOT the same. The niche is being filled. Those JOBS are gone.
"The lack of jobs now owes more to the current adminsitration's reckless economic policies than to outsourcing."
I believe those are linked. Their economic policy makes offshoring so much more attractive. It is possible to work an economic policy so that offshoring will be less attractive.
But in reality, someone making $500,000 a year already spends as much as he is likely to spend on goods and services. Adding $50,000 to his income doesn't mean another $50,000 in circulation.
But hiring someone who does not have a job and paying him $50,000 means that most of that money will be circulated back through the economy.
I believe you are correct about the profits portion of the equation. But you forgot to include the support costs of floppies.
There are a limited number of moving parts in those computers. A floppy drive is a moving part and the only one (other than the CD) that the user is expected to jam things into.
Not including it does boost profits. -and- Not including it means one less thing that is likely to break and result in a phone call and/or replacement.
When you're looking at profits that small per unit, you do NOT want to waste any of it on a support call because someone jammed a floppy disk in upside down or put in a floppy with a bent metal slide.
#1. The guy who claims he was with Bush claims that Bush was there when Bush was not there. If he sees Bush when Bush isn't there, then his account is not verification of your claims. I can find people who have seen space aliens land here.
#2. No, it does not matter what other presidents have done. The issue was whether Bush attended any funerals and you claimed he had. You were wrong. But now you're trying to claim that you weren't wrong because other presidents didn't attend funerals.
The fact is that Bush sent these people over there to be killed and doesn't even attend their funerals. Sad, very sad.
#3. I do not claim to speak for "most" of the troops. All I do is look at the statistics. You are the one that claims to know what "most" of the troops believe. The statistics say that the troops over there are suffering from low morale and suicide. Those are NOT items normally associated with supporting the mission.
#4. I'm sure that Clinton and Bush both believed in Santa Clause when they were kids. Belief means nothing. Actions are what matter. Clinton kept up the sanctions and held daily anti-terrorist meetins. Bush did not. Bush invaded Iraq without an exit strategy and without a plan for how to turn over the country. Bush created this disaster and all the dead in Iraq are because of Bush.
#5. No, none of your "evidence" "proves" anything. The White House is leaking bits and pieces of information and the CONTEXT cannot be verified. So Clarke wants ALL 6 HOURS DECLASSIFIED AND RELEASED.
That does NOT sound like someone who thinks that the information will not support his position. You have not shown that he is a liar. Which is why I support his claim to have all 6 hours of his testimony declassified and released.
#6. He didn't ask for a Democratic ballot. He asked for a Republican ballot. He voted for McCain. He's a Republican. He is not a Democrat.
#7. What do you mean "conspired"? Aren't you aware of the process involved? Halliburton legally won those contracts. The problem is that "legal" in this instance is NOT the same as "best" or even "better". It would have been BETTER to have pulled in OTHER ARAB COMPANIES to do the work. I never said there was a "conspiracy". Again, that is the reason I'm not bothering to debate this because you have enough trouble with established facts. Attempting to explain why having other local companies work on the infrastructure would be too difficult.
This is EXACTLY the kind of thing that will be "legalized" if this passes.
The enemy of your enemy is NOT your friend.
I'm sure that Baystar would leave their money with SCO if Microsoft could find a way to funnel $20 million to Baystar.
SCO wants money.
Baystar wants money.
Darl wants media attention.
Microsoft wants to cripple Linux.
We'll see how this plays out.
Don't invest your money in some other company's war.
Baystar will be out $20 million because their people were persuaded by Microsoft's people to fund SCO's attack on Linux.
Some Baystar people need to be fired for that one.
"Which is the OS users feel most comfortable with?"
That would be whatever is running their Macs. Why do you ask?
You can download it and test out all your existing hardware.
The FUD is fake.
One download, one reboot, all your questions are answered.
And if you don't like it, nothing on your computer has changed.
I think you might do better reading the article instead of just typing your uninformed rants.
In the ARTICLE, he stated that he tried a bit, but then resorted to VIRTUALIZING software.
The bug might have been in Linux, or the bug might have been in the software he was using to virtualize his hardware. When he could have just booted the Knoppix CD on his machine.
Personally, I've had almost 100% success with booting Knoppix, including sound.
All you Linux-hating 'bots are the same. BASIC troubleshooting would indicate that you boot WITHOUT the virtualization layer.
If the bug was in the virtualization software, then NONE of the Linux distributions would have worked. (Hmmmm, that seems to be exactly what he said happened.)
The easy solution would be to try Linux on the machine itself. But no one can do that because he didn't say what his hardware was. I wonder why someone would skip over such a BASIC item. Maybe because he wanted to write an article about how bad Linux was?
And you Linux-haters just eat that shit up.
Despite my very positive first impressions, I couldn't get XYZ to work with my sound card at all, even though I was testing XYZ on a brand new PC from a major vendor. The system was based on an utterly mainstream Intel motherboard with an on-board Intel sound system. This isn't some weird, off-brand system using unknown components: It's about as mainstream as it gets.
It sounds as if he's running it on hardware, not some virtualized system. Also....
Maybe it's me, but that oft-cited suggestion has always seemed a little odd. I can see where a new operating system might require new hardware, but why should a new operating system require old hardware? And if the hardware was to blame, how could XP handle it out of the box, with no special drivers or setup?
Again, the reference is towards hardware, not some virtualized box.
But I try to keep an open mind, so I entertained the thought: Maybe there was something truly strange about the hardware.
Again, hardware.
THEN he switches to virtualized hardware.
Right..............
At which point, you can't tell whether the problem is with the Linux drivers or the virtualization software. So he has no case.
The problem could very well have been in how the virtualization software presents the virtual system to Linux.
I can crash my VMWare sessions with DMA calls to a CD burner even when I'm running Win2K guest on Win2K host.
I don't blame Win2K for that.
I don't blame the CD burner for that (AOpen).
I believe the "blame" is with VMWare, but so what? It isn't important to me and I can still use the burner fine with either Win2K or Linux as the host.
Because ONE "journalist" had trouble getting ONE sound card to work, even though he tried SEVERAL distributions (but not Red Hat or Mandrake, but he included TWO versions of SlackWare).
Linux SUCKS on sound support and that is why Linux has problems?
Now, if the "journalist" ran a real test, say of a DOZEN differnt sound cards, across a DOZEN different distributions, and identified which distributions worked with which sound cards, then I'd believe him.
To me, this reads like someone who found ONE piece of hardware that Linux has problems with, but which works well with Windows, and then tried to find out how MUCH of a problem Linux has with that ONE piece of hardware.
I don't expect anyone to try 9 different distributions to get the sound working. Sound cards are $10. If you want sound, it would be easier to spend th $10 and get one that is well supported rather than waste your time and effort trying to see if that ONE PIECE OF HARDWARE is supported in any other distribution.
Or, you could, gasp!, do some RESEARCH and find out if there is a distribution that supports that ONE piece of hardware.
There will ALWAYS (until Linux hits 51% of the desktops) be hardware that does not play well with Linux. This is not a disaster nor will it prevent anyone from migrating to Linux.
Even if Linux supported 99%+ of the hardware out there, that article would still be as correct as it is now. But it would be worthless, just as it is now.
Insurance is competitive. The companies have to look at all kinds of information to determine the lowest price they can charge while still earning enough to pay claims. With fire and such, a lot of the data is statistical. They can look at the statistics of how many homes burned in an area and how much the settlement was for.
The same with auto insurance. They look at your driving record and compare your stats with others in that area.
This "insurance" doesn't fit the standard model. What is the likelyhood of a distribution being sued?
We can tell how many homes per 1,000 will catch fire for any area. But no distributions have ever been sued before. We don't know the likelyhood OR the settlement history. So how can they determine the premiums (the money you pay to be insured)?
You have to take in enough money to pay the claims (plus paying the people working for you). If you don't know how big the claims will be, how can you know how much to charge?
I hope it's just Egger looking for some income and hiring PJ and Perens to do "work" as an excuse to exploit their name-recognition.
You see OSRM, you see PJ mentioned. Yet she is not the lawyer and not the driving force behind this and not fronting the cash. She does RESEARCH. She's a PARA-LEGAL.
She isn't an insurance genius.
She isn't a hot-shot lawyer.
She isn't massively wealthy.
But she always gets mentioned. To me, that means someone is trying to trade on her name. I hope it is Egger and not PJ herself.
They do NOT have access to all the millions of lines of proprietary code out there.
There is no way for them to tell whether some code was stolen or not.
The best thing anyone can do is to keep doing exactly what they have done before. Write the code. Document who submitted it and when and who submitted patches for it and when and so forth.
All I see here is a lawyer trying to make money off of Linux.
A. Either no will will ever be successfully sued, in which case you've wasted your money...
-or-
B. Violations will be found and EVERYONE will be sued and the insurance company will go broke paying all the claims.
Now, think about which (A or B) the lawyer will WANT to be on and then think about paying for any "insurance".
You can only sniff packets on a network you are attached to.
What that means in real life is that someone would have to be connected somewhere along the route from your machine to the server you're knocking on.
I am in Seattle, I can knock on my server from another location in Seattle. Someone in Canada will not be able to capture any of my packets.
Port knocking allows me to run a service on the Internet and not worry about just anyone from anywhere connecting to it.
http://www.eeye.com/html/Research/Advisories/index .html
Looks like a whole bunch of those holes were reported to Microsoft by eeye and Microsoft FINALLY got around to patching them.
Some of them had been reported over 6 months ago.
You are completely correct.
May I also point out that such is the case with the existing "anti-virus" market?
We see "patches" every week for the latest round of viruses. And we will continue to, until Microsoft addresses the actual vulnerabilities in their software (and the security model upon which it is based).
A virus or a worm (and, to a less extent, trojans) are all FAILURES in the security of a system. How many failures of an almost identical nature does it take before people realize that the model is flawed?
I'll pick on Microsoft because they're an easy target.
#1. Poor security model. They install EVERYTHING by default and turn it on. You're running vulnerable services that you don't even know about.
#2. Patches that break working systems. There was the problem with the patch for the Blaster worm that broke RPC on NT4.0 servers.
#3. Which leaves it up to the administrators to constantly check for new patches and test those patches in their non-production network and deploy those tested patches to production machines in a timely manner.
And, just as you've noted, that only covers the patches that a vendor actually releases AFTER admitting to the vulnerability.
The current system (the one the author of the article is crying about) places undue dependence upon the LEAST reliable segment; the PERSON doing the administration.
His "solution" also gives the most latitude to the segment that should be working the hardest to solve this problem; the VENDOR of the buggy software.
Under no circumstances do I believe that extending the window of vulnerability would be a "good" thing.
The entire focus SHOULD be on making the admin's job as effortless as possible.
A. An easy way to determine what is installed on your system AND THE PATCH LEVEL.
B. An easy way to see if there are any security patches for everything in "A".
C. An easy way to deploy the patches in "B" to a test environment (because we always test).
D. An easy way to deploy the patches in "B" to the vulnerable systems.
My favorite is Debian because I can already do most of that, easily.
First, let's define zero-day exploit. An exploit is a method devised to take advantage of a specific software vulnerability using a software virus, Trojan horse or worm. When the exploit is done without a virus, Trojan or worm, it's using an undocumented feature.
Undocumented feature? WTF?
It's a security hole! Not an "undocumented feature".
Hahahahahahahahaha!
Seems to work for me.
If you don't have any questions, then no one will tell you to RTFM.
If you have a question, then you RTFM.
If your question is NOT answered in TFM, then you ask it.
Actually, lots of people have thought of using a GUI to put together a command line statement. Lots of people have even thought of using a GUI to import/export text based config files.
If it costs time and money to review code, then, all other conditions being equal, the code with fewer lines will take less time and money to review.
On the other hand, there is nothing stopping any Linux-based vendor from stripping out any non-applicable code from Linux before submitting it for a government application.
The real issues I see here are:
#1. He is in competition with a Linux-based vendor for specific governmental applications.
#2. He has to pay to have ALL of his code written and tested while the Linux-based vendors can take what is already available and pay to write fewer lines of code.
#3. Given #1 & #2, he tries to spread FUD in an attempt to scare people away from Linux in governmental applications because he cannot compete on price or reliability.
We've all seen this before and we'll see it again.
But if it is only applied to the IP/sender/recipient then it will be vulnerable to random generation of senders. Example:
bob1@crackedhost.com to me@mycompany.com (blocked)
bob2@crackedhost.com to me@mycompany.com (passed)
bob3@crackedhost.com to me@mycompany.com (passed)
bob4@crackedhost.com to me@mycompany.com (passed)
I think a different way to approach it would be to link the firewall and the MTA.
#1. Any site that you have sent mail to will not be greylisted.
#2. Any site that sends any mail to your bogus accounts will be greylisted, unless it is also part of #1.
#3. Any mail identified as spam by a person can be dropped into a mail folder that will be processed and those sites greylisted (unless it is also part of #1).
#4. Your firewall rules will be updated on-the-fly to drop/deny smtp connections from any sites in #2 or #3 that are not referenced in #1.
This won't completely eliminate spam. But it should cut down on the spam from cracked home machines and such.
Eventually, all the spammers will have to host at sites that you actually send legitimate email to. At which point, the above model would be expanded to also check domain name to further filter the spam.
The drawback is that you'll need some decent amount of fast memory in your firewall to be able to process the list of bad addresses. An alternative might be to also build a list of "known good" addresses and check incoming connections against those first. Most legitimate email in my case seems to be sent to and from the same small sub-set of addresses.
If the spammer sends to a bogus address, but the spammer sends from earthlink or AOL.
You don't want to "greylist" earthlink or AOL.
I use a less effective method of this by simply dropping bogus addresses around and setting up a rule in SpamAssassin to +20 anything sent to that address which then triggers the auto-learn feature of SpamAssassin.
But you idea will work great when it comes to filtering out spam from cracked home machines.
Because people will COMPLAIN that they can't send email to people whom they could email yesterday.
What company wants to get all those irritated AOL customers calling them because they can't email Aunt Sally anymore and why did they break the Internet?
No solution will work until it can be implemented WITHOUT annoying real-live people sending email.
Which means that it will always come down to improving the filters on YOUR server and so forth before even suggesting that anyone change anything on their servers. Including changing the protocol.
So, the "solution" is to work with the existing protocol and find a way to reduce the spam on your server. I don't think that any single method will work. And it doesn't have to be 100% perfect, initially. Killing spam will probably be an evolutionary process.
Most of the spam I see is from domains that we have not sent mail to. Just setting up a system to check that would flag a lot of it.
Also, you'd want a way for your firewall to deny connections from verified spam sites. This will cut down on some of the traffic. The question is, how to verify that they are spam sites? Can it be done automatically?
I'd suggest "seeding" the spammers with fake addresses that your email server would then identify and have the firewall drop in the future. Unless you had sent email to one of those sites (that way earthlink and AOL don't get banned).
Multiple levels is the only way I can see this being improved. Spam has to get through your firewall, then the spam filter. You distribute deceptive addresses to actively identify spammers and cracked machines/relays.
Eventually, all the spammers will end up sending single line spams from AOL/earthlink accounts. At least they would be contained.
"Offshoring creates wealth for U.S. companies and consumers and therefore for the United States as a whole: that is why companies choose to follow this course."
No, the reason they choose to follow that course is because it SAVES THEM MONEY.
"Offshoring is just one more example of the innovation that keeps U.S. companies at the leading edge of competitiveness across multiple sectors."
It was INNOVATION that enabled them to move the work offshore. But moving the work offshore is NOT innovative.
Example: Driving to work is no more innovative than riding a horse to work or walking to work. But the car was an innovation.
"If it did not benefit U.S. businesses, they would not offshore."
This is correct. But it is irrelevent.
"The more companies innovate, the more competitive they become and the more benefits are passed on to consumers."
Again, this is correct, but irrelevent. They are trying to link their incorrect claim that offshoring is "innovative" with the fact that innovation helps consumers.
All of their "benefits" are phrased as "potential" and based upon previous, NON-OFFSHORING, changes.
"None of this may seem too convincing to someone who has lost their jobs, but it's worth reflecting that the number of jobs outsourced is a tiny number compared to those created and lost as part of the normal economic cycle."
It isn't just about the numbers. It is about the JOBS.
A software company starts up, hires people, goes broke and fires people. That's normal. Another company can start up an attempt to fill that niche.
But when a company starts up and then hires offshore, the cycle is NOT the same. The niche is being filled. Those JOBS are gone.
"The lack of jobs now owes more to the current adminsitration's reckless economic policies than to outsourcing."
I believe those are linked. Their economic policy makes offshoring so much more attractive. It is possible to work an economic policy so that offshoring will be less attractive.
It works fine, in theory.
But in reality, someone making $500,000 a year already spends as much as he is likely to spend on goods and services. Adding $50,000 to his income doesn't mean another $50,000 in circulation.
But hiring someone who does not have a job and paying him $50,000 means that most of that money will be circulated back through the economy.
I believe you are correct about the profits portion of the equation. But you forgot to include the support costs of floppies.
There are a limited number of moving parts in those computers. A floppy drive is a moving part and the only one (other than the CD) that the user is expected to jam things into.
Not including it does boost profits.
-and-
Not including it means one less thing that is likely to break and result in a phone call and/or replacement.
When you're looking at profits that small per unit, you do NOT want to waste any of it on a support call because someone jammed a floppy disk in upside down or put in a floppy with a bent metal slide.
#1. The guy who claims he was with Bush claims that Bush was there when Bush was not there. If he sees Bush when Bush isn't there, then his account is not verification of your claims. I can find people who have seen space aliens land here.
#2. No, it does not matter what other presidents have done. The issue was whether Bush attended any funerals and you claimed he had. You were wrong. But now you're trying to claim that you weren't wrong because other presidents didn't attend funerals.
The fact is that Bush sent these people over there to be killed and doesn't even attend their funerals. Sad, very sad.
#3. I do not claim to speak for "most" of the troops. All I do is look at the statistics. You are the one that claims to know what "most" of the troops believe. The statistics say that the troops over there are suffering from low morale and suicide. Those are NOT items normally associated with supporting the mission.
#4. I'm sure that Clinton and Bush both believed in Santa Clause when they were kids. Belief means nothing. Actions are what matter. Clinton kept up the sanctions and held daily anti-terrorist meetins. Bush did not. Bush invaded Iraq without an exit strategy and without a plan for how to turn over the country. Bush created this disaster and all the dead in Iraq are because of Bush.
#5. No, none of your "evidence" "proves" anything. The White House is leaking bits and pieces of information and the CONTEXT cannot be verified. So Clarke wants ALL 6 HOURS DECLASSIFIED AND RELEASED.
That does NOT sound like someone who thinks that the information will not support his position. You have not shown that he is a liar. Which is why I support his claim to have all 6 hours of his testimony declassified and released.
#6. He didn't ask for a Democratic ballot. He asked for a Republican ballot. He voted for McCain. He's a Republican. He is not a Democrat.
#7. What do you mean "conspired"? Aren't you aware of the process involved? Halliburton legally won those contracts. The problem is that "legal" in this instance is NOT the same as "best" or even "better". It would have been BETTER to have pulled in OTHER ARAB COMPANIES to do the work. I never said there was a "conspiracy". Again, that is the reason I'm not bothering to debate this because you have enough trouble with established facts. Attempting to explain why having other local companies work on the infrastructure would be too difficult.