A agree with the parent post. And also, government always try to confuse you with the word privacy. Often, we have stupid sentences like: "why should you care about privacy? Do you have something to hide?". That's not the point. Privacy isn't about hiding things, it's about CHOOSING what you want to make public or not. It's the right to decide what you want to keep for yourself.
People updating their status 24h per day on twitter, telling everything they do, are deciding that this isn't private, and make it public. It's their right. As much as it's mine to not reveal it. I have nothing to hide, yet it's not a reason to put a camera in my home and spy every single of my moves. The very same applies to the right to anonymity on the Internet. It's not because I have nothing to hide that someone has the rights to spy on me.
And in this day and age, there's so many evil companies that are spying on everyone all the time, that we got to react to it, and protect our right to keep things private. I may well decide for example to decide to hide my IP to google who might otherwise do statistics about my search, which really, I don't want to. And there's all sorts of valid examples like that, where privacy and anonymity makes sense.
And also completely different from "Openstack is ditching Hyper-V" as this/. title is trying to let us believe! It's removed from the next release only, but we'd be happy to see it come back.
Frankly, you'd better read the Openstack dev list thread about "dead wood cutting" on launchpad, because that's where the article is taking information from (where else could this info be?). It has *never* been said that OpenStack is "ditching" Hyper-V by the way, but that it's just being removed from the Essex release, because it's currently in frozen state (currently only bugfix are accepted, until Essex is released), and Hyper-V isn't up-to-shape.
Remove the website - which must be hosted *somewhere* and the spam ceases to be profitable.
It's more on the line of: remove the website - which isn't easy because it's most of the time hosted by a company that is accomplice - and another one pops up in a mater of hours.
It's easy to just ditch any Microsoft technology. But for once, Hyper-v isn't totally crap. It's a way better than ESXi, and comparable to Xen (in fact, they got their inspiration from working with Xen guys, and the architecture is the same as for Xen). The issue here, btw, wasn't hyper-v itself, just its support inside OpenStack.
The if you don't know, don't ASSUME that this is propaganda. The reality is that there's not enough contribution to have Hyper-v support up to shape for a release. Though it might work through libvirt. It's just that the hyper-v specific driver is getting away, not the full of hyper-v support. Also, it might well come back if someone cares. Openstack is really open in its development and governance, and contributions (even from Microsoft) are more than welcome!
What exactly is your problem w/ marketplace, commercial linux or vendor?
They only care about making money, and have their agenda which is totally different from the one of the users. The kind of result is the infamous Android market place with GPL violations all over the place, or Canonical displeasing all of their users with Unity, or RedHat destroying a once good Gnome, simply because they have money. Such thing wouldn't have happened if these projects were community driven.
Problem w/ Linux is that no company has figured out a way to make money out of GPL software
You're a funny guy. First, it's quite the opposite. The problem is that so many company does, and don't contribute back. See how many are violating the GPL and not releasing the kernel sources (for example, in the Android side...).
Apple, otoh, made an XNU based FreeBSD which they've customized for only a few closed platforms, but which has an ecosystem adequate enough to support what their customers need. The OS is affordable, but they're not stupid enough to throw open control of it to the 'community'.
How much you are distorting reality is fascinating. What happened is that they used to have an open Darwin (the kernel of MacOS), but after few years, they realized that absolutely no contribution were made, and probably never would in the foreseeable future, so they decided to go back to a closed source model. And what Apple did, mind you, is quite a bit more than just "customization"...
That's not a post as silly as it seems. Reading words like marketplace, commercial linux, or vendor makes me sick, when it comes to distributions, and which is why I will always choose Debian.
Seriously, what you are asking for above is DKIM, since there would be no point into having a different signature for each users if they aren't the only one holding the private key... With DNSSEC, you wouldn't need Gmail/Yahoo/Hotmail/whathaveyew to have their key signed, but just a record like this:
would simply be trust-able. So, DKIM + DMARC + DNSSEC == authenticated From: domain. If you need the user@ part, then use PGP (and don't ask for your provider to host/provide you a private key, that's simply wrong!).
Sending from not DKIM/SPF authenticated servers will be somewhat deprecated.
Wake up. IT IS already deprecated. Try for example to send a mail to Yahoo without using DKIM... It's been years it's like that by the way, and there for, it's been years I maintain the dkimproxy package in Debian for that reason...
Except that DKIM isn't there to authenticate HUMANS but SERVERS. So the protocol does what it should, and solves it well (well... if you use DNSSEC, that is...). If you want to authenticate users, then use PGP.
GAME OVER ! The topic is *not* about SPAM, but about make sure it's impossible to forge a fake From (I should write "envelope-from", but you don't seem to be a technical person, so I wont confuse you too much...), when you don't own the domain. This, DKIM and DMARC (and I'd add: with DNSSEC) really can do it now. Please try to understand the topic before writing too much about it and exposing yourself. Maybe also, next time, you'll read the title of the slashdot headline? Because it clearly is about phishing, and *not* about SPAM (sorry to insist, but you've really missed the obvious...).
After 20 years of PGP existence, we still get this stupid answer that it's the fault of Microsoft? Come on! Move on, that excuse is not acceptable anymore. If you have stupid contacts that don't understand, either send then a link to wikipedia (I'm sure it explains well what PGP does and how to use it), or just ignore the complains, for the benefits of all the others who aren't using retarded software!
DMARC solves a problem that real world DKIM deployments have - merely signing your mail is not enough. You need to tell people what to do if signature checks fail.
Note only that. With DKIM, when you receive a mail, basically, its header are telling that the mail is signed, and that you can go ahead and check the DNS for the key. But if there's no such thing in the email, then no further check will be made. With DMARC, you will finally have a way to tell if a domain requires DKIM or SPF checks, which wasn't in the specs before.
some random guerilla marketing team contracted a third party provider and told them to send as "campaign@foo.com", even though it's not being sent via foo.coms servers
DMARC will force M. marketing to send his emails correctly, because now it's going to be really impossible to send emails without the foo.fr servers.
DKIM has other problems, like the number of mail relays that think it's OK to modify mail in transit whilst claiming it comes from the original sender
I haven't seen any relay explicitely deleting DKIM signatures. They even can add their own, and you'd receive a mail signed multiple times (which is fine in the DKIM specs). The issue with relaying (in fact, forwarding) is more with SPF, which is a stupid technology that DKIM supersedes.
The question would more be: did you manually check the fingerprint he gave you on a paper, before sending you signed emails, when you thought that receiving signed emails was safer? If you didn't, then it was as good as if they were not signed.
This is totally irrelevant to the topic of DMARC. Here, we're talking about authenticating SERVERS, not HUMANS, to make sure that you aren't receiving spam from any random robot, part of any random botnet / hacked servers. Plus there's all sorts of reason why you don't want to receive only PGP signed emails, one of them is that you still want to receive emails from people you don't know, in which case they wont be authenticated (because you *DO* manually check the fingerprint of the PGP public key you download before you send emails, right?). There's no certificate authorities for PGP...
not only has a data centre within their jurisdiction, but is also owned by an organisation based in that jurisdiction.
That sentence is really silly. If you have a hosting service in EU, and want to sell in the EU, then you need to be in the VAT system, which means that having a company registered in EU is quite mandatory (I quite know because we had to form GPLHost UK in order to sell in EU...). So the sentence is redundant and stupid.
I was replying to the parent regarding the USA being "one of the worst" regarding "human rights". Yes, they do horrific things, but they're nowhere near as bad as other places, and that's the only point I was trying to make.
They are. One of the worst countries, for sure. FACE IT! There's not so many countries in this world with laws like the Patriot Act and the NDAA. I really hope you wont be one of these jack a** stupid enough to tell that the NDAA wont ever be implemented! Also, as a live example of what USA can do (eg: jail forever without trial, torture, you name it...), there's Guantanamo bay! Now, if you're on the ground that we can find worse, yeah, sure, North Korea, Syria, Iran and China might be. But what's the point? See who's worse? That wont make you go very far. And USA is still not in a position to make any critic about anyone.
They're not gunning down their populations for wanting political change
It's been a long long time that there wasn't a decade without the USA being at war somewhere. USA is gunning in other countries for geopolitical reasons, that's not better.
Making a competition of who's the most aggressive state is a total non-sense. That's what you are diving into. No one is entitled to the depravity of others. Yes, US gov. is evil, recognize it and fight it, and stop making a competition to see who's the worst. That was more or less the idea, but you didn't get it this way, it seems. And again, I can state once more: it's going to be very difficult for the president to have human rights talks with countries like China. USA is simply *NOT* in the position of doing that, when it's killing people by the thousands in Iraq, Afghanistan, and putting its own people in jail, or even foreigners, for no valid reason, with or without due trial (Guantanamo anyone?). To give lessons on human rights, you should be totally clean, that's not at all what defines USA.
CDS are only a part of the fraud. Another is selling derivatives knowing that they were/are junks, because you make money when buying, then reselling them for more expensive, whatever the actual real value of them.
Slashdot Mirror
A agree with the parent post. And also, government always try to confuse you with the word privacy. Often, we have stupid sentences like: "why should you care about privacy? Do you have something to hide?". That's not the point. Privacy isn't about hiding things, it's about CHOOSING what you want to make public or not. It's the right to decide what you want to keep for yourself.
People updating their status 24h per day on twitter, telling everything they do, are deciding that this isn't private, and make it public. It's their right. As much as it's mine to not reveal it. I have nothing to hide, yet it's not a reason to put a camera in my home and spy every single of my moves. The very same applies to the right to anonymity on the Internet. It's not because I have nothing to hide that someone has the rights to spy on me.
And in this day and age, there's so many evil companies that are spying on everyone all the time, that we got to react to it, and protect our right to keep things private. I may well decide for example to decide to hide my IP to google who might otherwise do statistics about my search, which really, I don't want to. And there's all sorts of valid examples like that, where privacy and anonymity makes sense.
Why is it remotely interesting to use Hyper-V with Openstack even in theory?
For all sorts of reasons, one of them having a full support for EC2 and S3 APIs.
And also completely different from "Openstack is ditching Hyper-V" as this /. title is trying to let us believe! It's removed from the next release only, but we'd be happy to see it come back.
If you continue, you'll go to Folcom. :)
(if you don't get this joke, search online...)
As I read the article
Frankly, you'd better read the Openstack dev list thread about "dead wood cutting" on launchpad, because that's where the article is taking information from (where else could this info be?). It has *never* been said that OpenStack is "ditching" Hyper-V by the way, but that it's just being removed from the Essex release, because it's currently in frozen state (currently only bugfix are accepted, until Essex is released), and Hyper-V isn't up-to-shape.
Remove the website - which must be hosted *somewhere* and the spam ceases to be profitable.
It's more on the line of: remove the website - which isn't easy because it's most of the time hosted by a company that is accomplice - and another one pops up in a mater of hours.
It's easy to just ditch any Microsoft technology. But for once, Hyper-v isn't totally crap. It's a way better than ESXi, and comparable to Xen (in fact, they got their inspiration from working with Xen guys, and the architecture is the same as for Xen). The issue here, btw, wasn't hyper-v itself, just its support inside OpenStack.
The if you don't know, don't ASSUME that this is propaganda. The reality is that there's not enough contribution to have Hyper-v support up to shape for a release. Though it might work through libvirt. It's just that the hyper-v specific driver is getting away, not the full of hyper-v support. Also, it might well come back if someone cares. Openstack is really open in its development and governance, and contributions (even from Microsoft) are more than welcome!
What exactly is your problem w/ marketplace, commercial linux or vendor?
They only care about making money, and have their agenda which is totally different from the one of the users. The kind of result is the infamous Android market place with GPL violations all over the place, or Canonical displeasing all of their users with Unity, or RedHat destroying a once good Gnome, simply because they have money. Such thing wouldn't have happened if these projects were community driven.
Problem w/ Linux is that no company has figured out a way to make money out of GPL software
You're a funny guy. First, it's quite the opposite. The problem is that so many company does, and don't contribute back. See how many are violating the GPL and not releasing the kernel sources (for example, in the Android side...).
which is why even Red Hat is struggling
The stock exchange doesn't agree with your view, with a doubling of market value in 2 years only: http://www.google.com/finance?q=red+hat
Apple, otoh, made an XNU based FreeBSD which they've customized for only a few closed platforms, but which has an ecosystem adequate enough to support what their customers need. The OS is affordable, but they're not stupid enough to throw open control of it to the 'community'.
How much you are distorting reality is fascinating. What happened is that they used to have an open Darwin (the kernel of MacOS), but after few years, they realized that absolutely no contribution were made, and probably never would in the foreseeable future, so they decided to go back to a closed source model. And what Apple did, mind you, is quite a bit more than just "customization"...
That's not a post as silly as it seems. Reading words like marketplace, commercial linux, or vendor makes me sick, when it comes to distributions, and which is why I will always choose Debian.
What exactly does this do to stop all of that spam
It's not an anti-spam tool, so you are right: nothing. But ...
or that the spam didn't come from Yahoo when it most clearly did?
... DMARC does something for that.
Seriously, what you are asking for above is DKIM, since there would be no point into having a different signature for each users if they aren't the only one holding the private key... With DNSSEC, you wouldn't need Gmail/Yahoo/Hotmail/whathaveyew to have their key signed, but just a record like this:
$origin _domainkey.example.com.
postfix TXT "k=rsa\;p=an-rsa-key-that-slashdot-dont-let-me-post"
would simply be trust-able. So, DKIM + DMARC + DNSSEC == authenticated From: domain. If you need the user@ part, then use PGP (and don't ask for your provider to host/provide you a private key, that's simply wrong!).
Mod parent up, and the stupid ticks in the form down. All answers are indeed wrong, and we're talking about anti-phishing, not anti-spam...
Sending from not DKIM/SPF authenticated servers will be somewhat deprecated.
Wake up. IT IS already deprecated. Try for example to send a mail to Yahoo without using DKIM... It's been years it's like that by the way, and there for, it's been years I maintain the dkimproxy package in Debian for that reason...
Except that DKIM isn't there to authenticate HUMANS but SERVERS. So the protocol does what it should, and solves it well (well... if you use DNSSEC, that is...). If you want to authenticate users, then use PGP.
approach to fighting spam
GAME OVER ! The topic is *not* about SPAM, but about make sure it's impossible to forge a fake From (I should write "envelope-from", but you don't seem to be a technical person, so I wont confuse you too much...), when you don't own the domain. This, DKIM and DMARC (and I'd add: with DNSSEC) really can do it now. Please try to understand the topic before writing too much about it and exposing yourself. Maybe also, next time, you'll read the title of the slashdot headline? Because it clearly is about phishing, and *not* about SPAM (sorry to insist, but you've really missed the obvious...).
After 20 years of PGP existence, we still get this stupid answer that it's the fault of Microsoft? Come on! Move on, that excuse is not acceptable anymore. If you have stupid contacts that don't understand, either send then a link to wikipedia (I'm sure it explains well what PGP does and how to use it), or just ignore the complains, for the benefits of all the others who aren't using retarded software!
DMARC solves a problem that real world DKIM deployments have - merely signing your mail is not enough. You need to tell people what to do if signature checks fail.
Note only that. With DKIM, when you receive a mail, basically, its header are telling that the mail is signed, and that you can go ahead and check the DNS for the key. But if there's no such thing in the email, then no further check will be made. With DMARC, you will finally have a way to tell if a domain requires DKIM or SPF checks, which wasn't in the specs before.
some random guerilla marketing team contracted a third party provider and told them to send as "campaign@foo.com", even though it's not being sent via foo.coms servers
DMARC will force M. marketing to send his emails correctly, because now it's going to be really impossible to send emails without the foo.fr servers.
DKIM has other problems, like the number of mail relays that think it's OK to modify mail in transit whilst claiming it comes from the original sender
I haven't seen any relay explicitely deleting DKIM signatures. They even can add their own, and you'd receive a mail signed multiple times (which is fine in the DKIM specs). The issue with relaying (in fact, forwarding) is more with SPF, which is a stupid technology that DKIM supersedes.
The question would more be: did you manually check the fingerprint he gave you on a paper, before sending you signed emails, when you thought that receiving signed emails was safer? If you didn't, then it was as good as if they were not signed.
This is totally irrelevant to the topic of DMARC. Here, we're talking about authenticating SERVERS, not HUMANS, to make sure that you aren't receiving spam from any random robot, part of any random botnet / hacked servers. Plus there's all sorts of reason why you don't want to receive only PGP signed emails, one of them is that you still want to receive emails from people you don't know, in which case they wont be authenticated (because you *DO* manually check the fingerprint of the PGP public key you download before you send emails, right?). There's no certificate authorities for PGP...
apt-get install enigmail. Done... Do you have another stupid question?
not only has a data centre within their jurisdiction, but is also owned by an organisation based in that jurisdiction.
That sentence is really silly. If you have a hosting service in EU, and want to sell in the EU, then you need to be in the VAT system, which means that having a company registered in EU is quite mandatory (I quite know because we had to form GPLHost UK in order to sell in EU...). So the sentence is redundant and stupid.
I was replying to the parent regarding the USA being "one of the worst" regarding "human rights". Yes, they do horrific things, but they're nowhere near as bad as other places, and that's the only point I was trying to make.
They are. One of the worst countries, for sure. FACE IT! There's not so many countries in this world with laws like the Patriot Act and the NDAA. I really hope you wont be one of these jack a** stupid enough to tell that the NDAA wont ever be implemented! Also, as a live example of what USA can do (eg: jail forever without trial, torture, you name it...), there's Guantanamo bay! Now, if you're on the ground that we can find worse, yeah, sure, North Korea, Syria, Iran and China might be. But what's the point? See who's worse? That wont make you go very far. And USA is still not in a position to make any critic about anyone.
They're not gunning down their populations for wanting political change
It's been a long long time that there wasn't a decade without the USA being at war somewhere. USA is gunning in other countries for geopolitical reasons, that's not better.
Making a competition of who's the most aggressive state is a total non-sense. That's what you are diving into. No one is entitled to the depravity of others. Yes, US gov. is evil, recognize it and fight it, and stop making a competition to see who's the worst. That was more or less the idea, but you didn't get it this way, it seems. And again, I can state once more: it's going to be very difficult for the president to have human rights talks with countries like China. USA is simply *NOT* in the position of doing that, when it's killing people by the thousands in Iraq, Afghanistan, and putting its own people in jail, or even foreigners, for no valid reason, with or without due trial (Guantanamo anyone?). To give lessons on human rights, you should be totally clean, that's not at all what defines USA.
CDS are only a part of the fraud. Another is selling derivatives knowing that they were/are junks, because you make money when buying, then reselling them for more expensive, whatever the actual real value of them.