The nonsense that gets modded +5 (Insightful) on Slashdot is at times truly astounding.
To wit:
I've said this before and I'll say it again, the first place is to rewrite RFC-821 and require valid reverse-name lookups before accepting mail.
No "rewrite" of any RFC is required to achieve this, as in fact many sites already do this. As a result, spammers now almost universally forge valid domains (and even valid usernames) in their spams, causing those innocent third parties to receive all the bounces. This has made matters worse, not better.
Incidentally, RFC 821 has been obsolete for some time. The current SMTP specification is RFC 2821.
Also permit as an authentication scheme that allows the administrator of the accepting mail system to set permissable trust levels. Example, mail that's verified (through an SSL certificate might be one way) as coming from gm.com is accepted, but mail coming from slashdot.org is set to a lower trust level (because they don't want to spend the money for a certificate). Mail from getyerviagra.com is immediately tossed into a review folder, trashed or denied because they don't reverse properly and they have a forged or self-signed certificate or simply don't have one.
What a nonsensical idea. It'd be a real boon for the spammers, though. This is like buying protection from the mafia. The spammers will buy their certificates and keep on spamming in the assurance their spam will be assigned a high "trust" level; the common man with his own home mail server will not be able to send mail to his friends without it getting trashed because he cannot/won't afford the certificate. Not only that, it allows the spammers to keep sending their spam. They don't care if it gets trashed - in fact, the spamming scumbags will always find enough suckers ready to respond to their bait, so they love it if people "just hit delete" instead of hunting them down and busting their asses, and your plan is simply an automated "just hit delete" scheme. This plan will thus only serve to legitimize spamming as well as increasing corporatization of the internet.
I happen to run a set of support/discussion mailing lists for people with a certain neurological handicap. I run my own mail server because I refuse to compromise my member's privacy to an ad-supported certified spamhaus such as Yahoo Groups. Under your plan I could forget about running my lists my way. Non-commercial discussion lists would cease to exist.
The LAST thing anyone here wants is ANY government telling us how to manage electronic mail. In the US, it'll be frought with hooks and back-doors so the feds can snoop your mail.
Hello? What planet did you just arrive from? On mine, the feds (and their equivalents in other countries) have been snooping mail for a long time. Do you really think any solution for spam would change that one way or the other? Or are you just spouting the usual slashbot anti-government drivel?
You might as well say that burglary should not be combatted by the government because you wouldn't want the government to tell you how to manage the locks on your front door. It'd make about as much sense.
Spam is a social problem, not a technical one. Real technical solutions nonetheless already exist and are pretty bloody effective for those who care to actually use them properly. That's because, rather than just deleting the spam, they prevent it from arriving into your system in the first place, and provide social pressure to internet providers to kick off their spammers. Without DNS-based blocklists, spam volume would have been growing several orders of magnitude faster than it has been.
In addition, dishonest marketers and at least some cell service providers are using SMS to send unwanted bulk marketing messages -- that is, they are spamming users.:/
Yes, this is a growing problem that has received a lot of publicity in Europe recently. This has relevance for e-mail spam as well, it neatly illustrates that charging for each message (as is done with SMS) will not stop spam.
Surffast.com is just a meta search engine, the FAST that is meant here is at alltheweb.com.
Re:Non-American users are redirected
on
HotBot Returns
·
· Score: 2
that is funny, I live in the Netherlands and get no such thing. I'm directed to hotbot.com
I have been using the same static IP address at Demon Internet since 1996, and as Demon is originally a UK ISP maybe that is why Hotbot thought I was in the UK. <shrug>
So, to revise my statement, it seems that generally users get automatically redirected from hotbot.com to their country specific version if such a version exists for their country, and the detection of the user's location is not always reliable.
Non-American users are redirected
on
HotBot Returns
·
· Score: 3, Informative
Note that the link to www.hotbot.com in the article redirects non-American users to the version for the country near them, and the versions of Hotbot for different countries don't include the meta-search feature. For example, here in the Netherlands, I'm redirected to www.hotbot.lycos.co.uk. Non-American users who want to see the search engine reviewed here should go directly to www.hotbot.lycos.com.
[...]
spammers have a harder time getting work addresses. They're a lot less likely to be on public web pages, they're not used in chat rooms and they're much harder to generate by brute force.
Huh? Most company e-mail addresses I have seen are trivially guessable. They username is almost always some combination of first name or initial and last name, with or without dots thrown in for good measure. If the spammers have not figured that out yet, that just proves Rule #3, but then again, it's probably just a matter of time.
Its nice to see that a spammer is getting in trouble for the annoyance that they've caused. However, its one spammer, in one state, in one country. There are so many other spammers, how can destroying even one really make a difference?
There are not actually that many significant spammers. The 100 or so top scumbags listed in Spamhaus' ROKSO list send more than 90% of American and European spam, according to Spamhaus. (Read some of those evidence files, very educational.) So catching a big fish does make a significant difference.
Actually, that 13 year old girl could still go to alt.sexual.abuse.recovery.moderated and find exactly what you described (the group is moderated for spam only, not for content).
Also, Usenet anti-spam systems have been developing. It *is* possible to run a spam-free newsserver without losing legitimate articles. Just for an experiment, try getting an account at the free-access news server news.cis.dfn.de, a fantastic service offered to you courtesy of the German taxpayer. This is my daily-use server and in most groups I find *no* spam ever - none. Even in alt.sexual.abuse.recovery only the very occasional one slips through.
I'd encourage anyone not to give up on Usenet just yet; it still has a lot of good stuff, and the spirit of freedom survives to this day. With a decent newsreader and a decent newsserver, it beats any web forum including/.
Re:Cranky, but not entirely off...
on
Mr Anti-Google
·
· Score: 1
In the meantime, anyone who would like to cover their tracks can use my cookie:
...or, of course, refuse google.com cookies altogether. Works for me.
IANAM, but I wonder what would have happened if who ever actually bound and transcribed the first copies of the Qur'an had declared publishing rights and refused to allow the distribution of low cost copies or even public prayer.
I got flash to work fine under k-meleon (Windoze mozilla derivative). Install it as if you have netscape, browse to the proper plug-in directory, ignore the complaint that it can't find the browser. They have documentation about that. I'd imagine it's the same with mozilla itself.
Yeah, great idea. Just now that the push for an accessible web is gaining momentum, let's design more sites that people with disabilities such as visual impairments can forget about ever entering. Not to mention people with outdated equipment, non-mainstream OS platforms, etc.
The article pinpointed some of the main causes behind insecurity well: bloat (integration of unrelated functions) in single programs exacerbating insecurity which is in turn exacerbated by integrating several bloated programs with each other.
I feel we need to return to the old Unix model of one program, one function. Small programs that do one thing well are a lot easier to debug and make secure.
"Integration" could be attained by making several small programs collaborate according to open standards. It's got to be possible somehow to do this *and* attain the level of user friendliness today's lusers expect.
[Before you all yell "UNIX pipe", it actually has to be usable by the average mouse-clicking Joe. The challenge is making this work well with a GUI. Nobody has managed this so far, but I believe it's got to be possible.]
For example, a GUI-based word processor would by itself include only the bare-bones functionality, such as text editing and basic layouting. It would not include a spell checker; the spell checker would be a separate GUI program which can collaborate with the word processor using an open protocol that would regulate permission to insert a menu item to invoke the spell checker and edit the text directly in the document, without the need to save it to disk first. (MacOS users might recognize Word Services in this description.)
Another obvious advantage, beyond security, is that power users could construct their own working environments from such applications - e.g. using a different spell checker or text editor. Using the different basic programs in various combinations would in turn expose more bugs, improving security.
To keep this user-friendly, collaborating programs could be bundled into application folders, much like Mac OS X does already with the files belonging to one application. Opening the folder would launch all the contained programs at once. (Or perhaps the user could define a "master" program that is launched in the front, with the "slave" programs launched in the background and invoked as needed.)
If open, GUI-based collaboration protocols exist for every imaginable type of functionality, you could combine ("integrate") as many small, well-tested and well-functioning programs of different manufacturers as you want, to give the impression of a big integrated package, without compromising security.
Of course, fat chance that such an idea would go mainstream in the near future, as it would mean the end of the Micro$oft business model. (Imagine! No need to upgrade the entire package and take loads of unwanted extra junk just to get that one function you want!)
Apple tried something rather like this once with OpenDoc, but it was not as open as the name suggested, plus it was bloated, plus the user was not ready for its extremely document-centric model (which is not part of my idea above), so it failed. I think this model deserves a second chance, done right this time - the Open Source way.
Mod me down at will, but as a citizen of the Netherlands I find it hard to bear seeing the spelling of this longtime Dutch national pride consistently mutilated.;-p
If, say, your prospective employer requires résumés to be M$ Word attachments, and you cannot or won't fulfill the requirement, there is a pragmatic solution.
Go into notepad, emacs, or whatever your favourite text editor is.
Write up your résumé in neatly formatted ASCII.
Save it on disk, making sure the file name extension is.doc, not.txt.
E-mail it off as an attachment to your prospective employer.
Any version of M$ Word will render your file neatly, without visible conversion steps -- in Courier New, a monospaced font, so that your neat ASCII formatting will not break. Your employer cannot complain because you did send a.doc file, right? and might even be happy about the efficient, no-frills formatting. And you are happy because you can use plain ASCII.
This might be a remnant of the old DOS days (before Word became the "standard"), when many software packages included documentation in ASCII format, with the.doc extension being an abbreviation of "documentation". So, in order to assimilate the.doc extension for their own proprietary format, M$ had to make sure to be backwards compatible and display ASCII.doc correctly, essentially making plain ASCII a subset of the M$ Word format.
In other words, faster processors are useful to increase bloat with impunity. Exactly how does this benefit users, hmm?
Proposal. To make a real high-quality, say, word processor (as opposed to M$ Word bloatware that thinks it knows what you want but doesn't), all the programmers should be limited to 486's, which are in themselves more than powerful enough for the task. And that would be generous. And performance should be snappy on those, and the software should have a modern feature set. The programmers would be forced to leave out unnecessary bloat and program efficiently. The effect on the overall quality, even on fast machines, would be astounding.
Using processor speed, component architectures, etc. as an excuse for messy and bloaty programming is degrading programming as a whole. Unix had it right - one program for one function, and that one program should do the task well.
Eventually, someone's going to have to take the plunge and reinvent the computer. Don't hold your breath.
The computer has been "reinvented" many times. (Can you say Macintosh? NeXT? BeBox?) It's not the lack of innovation, but the sheep herd mentality of the consumers that cause this mess to continue.
I don't like spam, but I don't want any laws against it. If you want freedom, you have to support everyone's freedom... even if you hate them.
Cool! Tomorrow I'll make use of my freedom to come to your house and dump a truckload of cow shit in your back yard. As a sign of my dedication to Freedom and the American Way, I'll even put a brand new US flag on top for you. How's that?
Don't like it? Sorry. If you want freedom, you have to support everyone's freedom, even if you hate them.
The only law I would support is one that mandated a way to get off a spammers list... AND the remove must work.
Yeah, that's reasonable I guess. I should stop dumping cow shit in your back yard if you tell me to stop, I can accept that. However, since you have now yelled at me, I now know for sure that you exist, and I'll be sure to sell your address to at least ten fellow cow shit dumpers as confirmed live!
Sure I hate spam with a passion, but why is everyone so up in arms about it? Phone solicitation is soooo much more annoying. Why don't people enact laws against that. At least I can automatically filter out spam.
Yeah, and you can screen your calls using Caller ID. That's hardly an argument, of course. Besides, automatic spamfilters are ineffective; they either let spam through or block legitimate mail. Companies cannot afford any risk of legitimate business mail being inadvertently caught in the filter, and therefore will not filter at all.
Here are some more reasons why people get up in arms:
You don't pay to receive phone solicitations. You pay (in Europe by the second) to receive spam. On the job, spam costs employee's time = money (lots of it). Spam is theft of service, comparable with unsolicited junk faxes. (Another way spammers commonly steal service is by hijacking open STMP relays.)
Because spam is paid for by the receiver and not the sender, spammers do not bother to target their spam properly. They randomly harvest e-mail addreses off the web and Usenet. They do not honor remove requests (these in fact lead to more spam because your e-mail address is re-sold as confirmed live).
Phone solicitation is easier to regulate. For example, there are no phone solicitors offering you pictures of teens fucking dogs, or the latest illegal pyramid scheme.
Would this have any use in an embedded system? [...]
Interestingly, Zilog just released a new eZ80 microprocessor specifically designed to be embedded in Internet-connected devices. Apparently it is code-compatible with the Z80, so porting CP/M should be a breeze.
A quote from the site: "The eZ80 executes Z80 code four times faster than traditional Z80s at the same clock speed, and can operate at speeds up to 50 MHz. Unlike most 8-bit microprocessors, which can only address 64 KB, the eZ80 can address 16 MB without a Memory Management Unit."
Might also be interesting for hobbyists wishing to build a super-CP/M machine, or maybe revive the MSX, that other CP/M derivative of Microsoft, a Z80-based home computer standard which never really made it to the US but became quite popular in Japan and Europe... but that is a whole 'nother story of its own.
Now, searching on Alta Vista with Signetics near "write only memory" yeilds 57 hits, all of which are direct references to what I am looking for (most of which are mirrors of ESR's jargon file entry). Adding and not ("jargon file") neatly removes those, leaving 43 hits.
The phrase search using double quotes works fine for me. I have no idea why it isn't for you. I also get more hits for the same queries than you.
Note that Google can include results for which the query words only appear in links pointing to that page, not on the page itself. You can verify that by viewing the cached entries, where it tells you exactly where the query words appear.
Slashdot Mirror
To wit:
No "rewrite" of any RFC is required to achieve this, as in fact many sites already do this. As a result, spammers now almost universally forge valid domains (and even valid usernames) in their spams, causing those innocent third parties to receive all the bounces. This has made matters worse, not better.
Incidentally, RFC 821 has been obsolete for some time. The current SMTP specification is RFC 2821.
What a nonsensical idea. It'd be a real boon for the spammers, though. This is like buying protection from the mafia. The spammers will buy their certificates and keep on spamming in the assurance their spam will be assigned a high "trust" level; the common man with his own home mail server will not be able to send mail to his friends without it getting trashed because he cannot/won't afford the certificate. Not only that, it allows the spammers to keep sending their spam. They don't care if it gets trashed - in fact, the spamming scumbags will always find enough suckers ready to respond to their bait, so they love it if people "just hit delete" instead of hunting them down and busting their asses, and your plan is simply an automated "just hit delete" scheme. This plan will thus only serve to legitimize spamming as well as increasing corporatization of the internet.
I happen to run a set of support/discussion mailing lists for people with a certain neurological handicap. I run my own mail server because I refuse to compromise my member's privacy to an ad-supported certified spamhaus such as Yahoo Groups. Under your plan I could forget about running my lists my way. Non-commercial discussion lists would cease to exist.
Hello? What planet did you just arrive from? On mine, the feds (and their equivalents in other countries) have been snooping mail for a long time. Do you really think any solution for spam would change that one way or the other? Or are you just spouting the usual slashbot anti-government drivel?
You might as well say that burglary should not be combatted by the government because you wouldn't want the government to tell you how to manage the locks on your front door. It'd make about as much sense.
Spam is a social problem, not a technical one. Real technical solutions nonetheless already exist and are pretty bloody effective for those who care to actually use them properly. That's because, rather than just deleting the spam, they prevent it from arriving into your system in the first place, and provide social pressure to internet providers to kick off their spammers. Without DNS-based blocklists, spam volume would have been growing several orders of magnitude faster than it has been.
Yes, this is a growing problem that has received a lot of publicity in Europe recently. This has relevance for e-mail spam as well, it neatly illustrates that charging for each message (as is done with SMS) will not stop spam.
Surffast.com is just a meta search engine, the FAST that is meant here is at alltheweb.com.
I have been using the same static IP address at Demon Internet since 1996, and as Demon is originally a UK ISP maybe that is why Hotbot thought I was in the UK. <shrug>
So, to revise my statement, it seems that generally users get automatically redirected from hotbot.com to their country specific version if such a version exists for their country, and the detection of the user's location is not always reliable.
Note that the link to www.hotbot.com in the article redirects non-American users to the version for the country near them, and the versions of Hotbot for different countries don't include the meta-search feature. For example, here in the Netherlands, I'm redirected to www.hotbot.lycos.co.uk. Non-American users who want to see the search engine reviewed here should go directly to www.hotbot.lycos.com.
is here (PDF format).
Also, Usenet anti-spam systems have been developing. It *is* possible to run a spam-free newsserver without losing legitimate articles. Just for an experiment, try getting an account at the free-access news server news.cis.dfn.de, a fantastic service offered to you courtesy of the German taxpayer. This is my daily-use server and in most groups I find *no* spam ever - none. Even in alt.sexual.abuse.recovery only the very occasional one slips through.
I'd encourage anyone not to give up on Usenet just yet; it still has a lot of good stuff, and the spirit of freedom survives to this day. With a decent newsreader and a decent newsserver, it beats any web forum including /.
We know. We have Scientology.
I got flash to work fine under k-meleon (Windoze mozilla derivative). Install it as if you have netscape, browse to the proper plug-in directory, ignore the complaint that it can't find the browser. They have documentation about that. I'd imagine it's the same with mozilla itself.
Yeah, great idea. Just now that the push for an accessible web is gaining momentum, let's design more sites that people with disabilities such as visual impairments can forget about ever entering. Not to mention people with outdated equipment, non-mainstream OS platforms, etc.
The article pinpointed some of the main causes behind insecurity well: bloat (integration of unrelated functions) in single programs exacerbating insecurity which is in turn exacerbated by integrating several bloated programs with each other.
I feel we need to return to the old Unix model of one program, one function. Small programs that do one thing well are a lot easier to debug and make secure.
"Integration" could be attained by making several small programs collaborate according to open standards. It's got to be possible somehow to do this *and* attain the level of user friendliness today's lusers expect.
[Before you all yell "UNIX pipe", it actually has to be usable by the average mouse-clicking Joe. The challenge is making this work well with a GUI. Nobody has managed this so far, but I believe it's got to be possible.]
For example, a GUI-based word processor would by itself include only the bare-bones functionality, such as text editing and basic layouting. It would not include a spell checker; the spell checker would be a separate GUI program which can collaborate with the word processor using an open protocol that would regulate permission to insert a menu item to invoke the spell checker and edit the text directly in the document, without the need to save it to disk first. (MacOS users might recognize Word Services in this description.)
Another obvious advantage, beyond security, is that power users could construct their own working environments from such applications - e.g. using a different spell checker or text editor. Using the different basic programs in various combinations would in turn expose more bugs, improving security.
To keep this user-friendly, collaborating programs could be bundled into application folders, much like Mac OS X does already with the files belonging to one application. Opening the folder would launch all the contained programs at once. (Or perhaps the user could define a "master" program that is launched in the front, with the "slave" programs launched in the background and invoked as needed.)
If open, GUI-based collaboration protocols exist for every imaginable type of functionality, you could combine ("integrate") as many small, well-tested and well-functioning programs of different manufacturers as you want, to give the impression of a big integrated package, without compromising security.
Of course, fat chance that such an idea would go mainstream in the near future, as it would mean the end of the Micro$oft business model. (Imagine! No need to upgrade the entire package and take loads of unwanted extra junk just to get that one function you want!)
Apple tried something rather like this once with OpenDoc, but it was not as open as the name suggested, plus it was bloated, plus the user was not ready for its extremely document-centric model (which is not part of my idea above), so it failed. I think this model deserves a second chance, done right this time - the Open Source way.
It's Philips, folks, with one "l", please. This is not a screwdriver or a petroleum company or an auction house, but a consumer electronics company née bulb factory headquartered in Eindhoven, Netherlands. Thank you.
- Go into notepad, emacs, or whatever your favourite text editor is.
- Write up your résumé in neatly formatted ASCII.
- Save it on disk, making sure the file name extension is
.doc, not .txt. - E-mail it off as an attachment to your prospective employer.
Any version of M$ Word will render your file neatly, without visible conversion steps -- in Courier New, a monospaced font, so that your neat ASCII formatting will not break. Your employer cannot complain because you did send aThis might be a remnant of the old DOS days (before Word became the "standard"), when many software packages included documentation in ASCII format, with the .doc extension being an abbreviation of "documentation". So, in order to assimilate the .doc extension for their own proprietary format, M$ had to make sure to be backwards compatible and display ASCII .doc correctly, essentially making plain ASCII a subset of the M$ Word format.
Proposal. To make a real high-quality, say, word processor (as opposed to M$ Word bloatware that thinks it knows what you want but doesn't), all the programmers should be limited to 486's, which are in themselves more than powerful enough for the task. And that would be generous. And performance should be snappy on those, and the software should have a modern feature set. The programmers would be forced to leave out unnecessary bloat and program efficiently. The effect on the overall quality, even on fast machines, would be astounding.
Using processor speed, component architectures, etc. as an excuse for messy and bloaty programming is degrading programming as a whole. Unix had it right - one program for one function, and that one program should do the task well.
Cool! Tomorrow I'll make use of my freedom to come to your house and dump a truckload of cow shit in your back yard. As a sign of my dedication to Freedom and the American Way, I'll even put a brand new US flag on top for you. How's that?
Don't like it? Sorry. If you want freedom, you have to support everyone's freedom, even if you hate them.
Yeah, that's reasonable I guess. I should stop dumping cow shit in your back yard if you tell me to stop, I can accept that. However, since you have now yelled at me, I now know for sure that you exist, and I'll be sure to sell your address to at least ten fellow cow shit dumpers as confirmed live!
Anti-spam legislation is intended to allow people to stop receiving information (?) they don't want.
This is not about control of the Internet. This is about control of my e-mail inbox, the one I pay for.
Yeah, and you can screen your calls using Caller ID. That's hardly an argument, of course. Besides, automatic spamfilters are ineffective; they either let spam through or block legitimate mail. Companies cannot afford any risk of legitimate business mail being inadvertently caught in the filter, and therefore will not filter at all.
Here are some more reasons why people get up in arms:
Interestingly, Zilog just released a new eZ80 microprocessor specifically designed to be embedded in Internet-connected devices. Apparently it is code-compatible with the Z80, so porting CP/M should be a breeze.
A quote from the site: "The eZ80 executes Z80 code four times faster than traditional Z80s at the same clock speed, and can operate at speeds up to 50 MHz. Unlike most 8-bit microprocessors, which can only address 64 KB, the eZ80 can address 16 MB without a Memory Management Unit."
Might also be interesting for hobbyists wishing to build a super-CP/M machine, or maybe revive the MSX, that other CP/M derivative of Microsoft, a Z80-based home computer standard which never really made it to the US but became quite popular in Japan and Europe... but that is a whole 'nother story of its own.
You can do this in Google, as follows: Signetics "write only memory" -"jargon file"
The phrase search using double quotes works fine for me. I have no idea why it isn't for you. I also get more hits for the same queries than you.
Note that Google can include results for which the query words only appear in links pointing to that page, not on the page itself. You can verify that by viewing the cached entries, where it tells you exactly where the query words appear.