I have found that while DS1 was more like the SSI type DnD games, DS2 is *much* more like Diablo 2. The craziest lacking thing is the ability to control single characters. So you can't make a picket line and send one guy to pull the baddies in. It's either "everyone do what i click" (mirror mode) or "everyone kinda do what i click" (rampage mode).
It's taken almost ALL of the strategy away, but the result is much faster paced combat, including massive explosions and lots of gibs.
Instead of runes (ala D2), there are Reagents which an NPC can enchant into enchantable items. But these reagents are typically not so powerful compared to the set based and uniqe items. Some of which are pretty awe-inspiring.
One new feature (?) is the autocast section in the spellbooks. Each mage may have 2 spells (not direct fire ones, more like curses or monster summons) that automatically cast at appropriate times.
The super-linear plotline and map is kind of annoying after playing so much D2 with a more area-based (vs linear) approach, but the maps are nice.
However, I have not seen the same beautiful landscapes that actually sometimes wowed me in DS1.
Anyways, the game was a good buy. It's super long, and some of the sub-missions are pretty cool.
One thing though, would this be admissible with regards to hearsay laws?
If I make a list of random IP addresses and add random movie titles, can I be subpoenaed and those logs used to sue people?
It's not like the police came to someone's house and found a movie on their computer - an internet lowlife had that person's IP address on their server. Was it created by a bot?
Where's the proof? Does there need to be any? I understand that civil cases have a lower standard of guilt, but does anyone know for sure?
While what you say may be true regarding radar guided missiles, where the nose may be covered with a reflective material of thickness small than the skin depth of the radar waves, it will be *highly* effective against infrared homing missiles whose sensors typically require optical access to the target. Oh, and other planes.
And I don't think it's quite as simple as painting the missile silver - cracks, joints, dirt or otherwise will absorb the laser light and catch fire / break / whatever.
Wow. From the very link you cite: Warm surface currents invariably flow from the tropics to the higher latitudes, driven mainly by atmospheric winds, as well as the earth's rotation.... Cold surface currents come from polar and temperate latitudes, and they tend to flow towards the equator. Like the warm surface currents, they are driven mainly by atmospheric forces
Hence, the ocean currents are driven by rotating coordinate systems and fluid mechanics. The freezing at the poles has to do with nutrient mixing, NOT generating the rotation of the ocean through some sort of coriolis effect, as you seem to be implying.
They say they exposed the eye tissue to 2.2 mW of radiation at 1.1 GHz. But 2.2 mW over what area? the room? One micron? The ~100cm^2 device in their setup? The important unit is *intensity*.
How much energy per area hits my eye from my cell phone in comparison? They don't say. That's a very important free parameter that they can vary to cause sensationalism where there may indeed be no danger.
It would be more useful if someone calculated this in burnt Libraries of Congress per century per square cubit.
Also, looking back at the article, they have the eye tissue sample in some sort of transmission line resonator. They don't go into specifics, but such a device could increase the power density of the microwaves by several orders of magnitude over that of a point emitter.
Peltier coolers use electricity, which is generated by the horribly inefficient internal combustion engine which produces greenhouse gasses and other toxins by the boatload.
Not to nitpick, but the compression cycle of regular car AC is also powered by the motor...
Plus, if your alternator can handle it, the peltier is probably much lighter, and certainly much smaller, further improving your engine efficiency.
They say that a couple hundred micrograms of antimatter contains about as much energy as 3100kg of fuel, right? So what's the difference if either one explodes? Well, brushing aside the higher reaction speed of antimatter/matter and the random radiation flying around...
Containment of positrons is also *super* easy. Just use a Penning trap - a big magnet and two electrodes. And you could make it so small that it would be virtually indestructible. It would really be much safer than a giant fuel tank with all kinds of leaks and whatnot.
Anitmatter batteries would also be awesome. And probably better for the environment. People are also scaremongering about "what if the terrorists collected all the batteries in the world and made a planet destroying bomb!". So what? That's so far from possible it's laughable. You can make an antimatter container that's pretty much impossible to open without ruining it.
The problem is generating all that antimatter in the first place. Some nasty radioactive decays or a particle accelerator. And it's hard to make even "micrograms" of it when you pretty much create it one atom at a time.
would be to use a high refresh rate display and LCD shutter glasses. if you have a 120 Hz refresh rate then you can have three independent images viewed at 40 Hz. from any angle, mind you. they might appear a little dim, and 40 Hz is kind of annoying to stare at, but it would work.
and for two people, 60 Hz is definitely reasonable, especially for gaming. it wouldn't work on a refular television, but on good computer monitors it would be great.
and probably cheaper than the crazy monitors they have on that page. and you can do it all with drivers and currently available LCD shutter glasses.
lol! this site is such a scam it's ridiculous. all these vague "timelines" and talking about "feynman". he might as well be talking about the "color of energy" and "the uncertainty principle is untenable!"
it kind of gives your plan away when the whole front page of the site screams (in red) "buy special shares of stock!"
i hope that you are Mr. Rainer Partenan himself. if not, i have some *great* technologies for you to invest in.
Well, sure. "Quad" from quadrant means 4, and i said "5 quadrant". But allow me to explain.
Take a four quadrant photodiode and make the center region be a circular fifth detector. Like a pie in four slices with a cookie in the middle. The four arc shapes are used to initiate tracking movement, and the center indicates a lock.
From dictionary.com:
quadrant n.
1. Mathematics.
1. A circular arc of 90°; one fourth of the circumference of a circle.
2. The plane area bounded by such an arc and two perpendicular radii.
3. Any of the four areas into which a plane is divided by the reference axes in a Cartesian coordinate system, designated first, second, third, and fourth, counting counterclockwise from the area in which both coordinates are positive.
so if it's in 90 degree arcs, it's in quandrants. and if i add that extra central zone, you could call it five quadrant. maybe.
So what's unclear, but probable, is that the thing just sits pointing in one direction (presumably at the door), and just fires when the motion detector is triggered.
But what would be *awesome* is if the thing actually tracked the motion of the target. Although this kind of image processing/sensor power is not likely to be so affordable.
Maybe a 5-quadrant motion detector would work pretty sweet. Although it might be pretty slow.
>The disaster was caused partly by one engineer previously over-riding automatic safety protection in order to increase reactor power to levels needed to run a safety test.
Uh, IIRC the reason the thing blew is that the power levels were decreased to too low a level to sustain stable reaction.
I'm not a nuclear physicist, but I believe in that style of reactor, the presence of the particular water they were using decreased the reaction speed, instead of increasing it as it is done in modern, western reactors. So they had the control rods pulled all the way out, and the water flow super low.
Then the water started to boil a little, and that boiling caused bubbles in the moderating water, which allowed the reaction speed to launch into some nasty exponential power spike that could not have been prevented in the time it took to see the spike.
I'm pretty sure what I just wrote was mostly right. I'm just too lazy to find links. But I am sure that the power level was super super low, and the control rods were pulled all the way out. Bad idea.
What they did appears to be just flipping the spin (and detecting the flip) of a single electron.
Creating and measuring the quantum state of a single particle is *not* new. Or that hard. The neat thing is that they did it with a commercial transistor.
Oh, and some sort of fridge that goes to -400 F.
The really hard part in quantum computing (as far as I can tell) is (a) creating and (b) maintaining a coherence between many particles.
The problem is that useful coherences between particles are *very* easily destroyed. If you can hold coherent mixtures one the order of milliseconds, consider yourself lucky. Much less creating the state and performing the operations and then reading out the state...
Thanks for the honest appraisal. It's nice to get feedback instead of flaming.
Ho, i haven't designed a PKI before (obviously), I was just trying to put up an idea.
Hell, Joe Schmoe could be the root authority. he signs keys for MIT, AOL, Earthlink, icrosoft, Apple, UC Berkeley, the federal government, etc. Then they sign whoever the heck they want and he puts his key up on a bunch of web pages for verification.
Maybe I used SSL in the wrong sense. I mostly just meant that every email accepted by a server from another server would be signed by a tree of trust.
Sure it would add some size to each email, but it would have nested series of signatures with the root auth being the top. And a URL in each sig where the full public key could be downloaded if it wasn't cached locally.
As for revocation, I guess it would have to be some sort of a nightly thing where you poll your regional (?) copy of the master server. Or something. Like DNS i guess. And if the keys expired every year (or so), the revocation database might be kept at a reasonable size.
And if your users didn't care about _receiving_ spam, you wouldn't have to poll for revocation at all!
So a 0-minute compromised key would be able to generate spam, sure. But for not much longer than a day, and the resulting punishment would remind the upstream key signers to be more diligent in the future.
Muerte
ps. i don't know if i clicked the right link i'm not trying to reply directly to my own comment.:)
Well, I think it's probably impossible to actually eliminate every single last piece of spam.
As for infringing people's rights - you as a spammer have no rights to use my SMTP. As an ISP I would provide mail services for my paying customers. If one of my customers wants to run their own SMTP server, I can threaten them with their life, then sign their cert. If they spam, their cert gets revoked and my cert takes a "reputation hit". Or something like that. My honest users can send email to whoever they like.
But it's absolutely ridiculous to continue with the notion that anybody anywhere can run an open SMTP relay and expect the rest of the world to be responsible to blacklist them when they start spamming.
And there doesn't have to be necessarily one cert authority. Just an angreement on who constitutes root authority.
I think it would scale reasonably well. If each email contains the signature chain, then the server only has to have a copy of the public keys of the root authorites in order to verify the chain of trust. The sub-signers can attatch their keys to the email.
And who says we have to get rid of normal SMTP? If you wanna have some vanilla server that doesn't use SSL, there's no stopping you. You just can't send email to someone who only accepts trusted SSL connections.
The key here is the idea is that you can sign sub-keys. This removes the absolute control from the central authority, but puts the responsiblity on the server admins. And a very mini-PKI gets sent along with each email. Or available upon request from the originating server. Or something like that.
Sure you would still get spam at first as unwise people sign bogus certs, but then these get revoked and eventually it settles down.
Why not change so that SMTP servers ONLY accept connections over SSL? And then only accept certificates that are signed either by a central authority or by people whose certificates are signed by those people...
Then you could have a distributed revocation authority where people could send copies of spams (still over the SSL network to eliminate fake spam for DDoS purposes). You don't want to get your certificate revoked, so maintain your server!
This makes the system more or less secure, and puts the burden onto mail server admins. You want your regular users to be able to send mail? Then don't let random people send spam.
Individual servers could then implement whatever authentication they liked for their users to be able to send. Maybe a C/R system or authenticated logins. Whatever.
well, the idea is that spammers would never be able to get spam onto the trusted network. and people would not be able to forge fake spams for reporting - they would all be cryptographically signed.
so i couldn't make some random spam and send it to the revocation site - it would have to be sent first through a trusted server which should not allow people to spam in the first place.
does that explain it better? the point being that if your server accepts a mail from a user to send, they sign the email with their key, and the signatures of all their trusted signers. then it contacts the destination server which only allows trusted key chains.
so it's like a RBL, but instead of blacklisted IPs you have whitelisted SSL certificate chains. and it would be mathematically improbable to ruin.
I posted this yesterday, but i was way too late for it to get read. I know it's poor form to repeat yourself, but i just wanted some feedback.
So what about this:
You start with a central certificate authority. I know, I know, bottlenecks. But you only need them to issue keys to (or sign the keys of) about 100 (or 1000?) servers. The signing authority has to be central, but the *revocation* authority does not. That's the key here.
So those servers can sign the keys of 1000 servers of their own and so on.
So my mail server tries to send your server an email. Your server checks if my key is signed by someone who is signed by someone who is signed by the CA. It also checks against its nightly downloaded revocation list. If everything is good, the mail goes through. Very little processor time, and very little bandwidth.
It is robust against DoS attacks because the CA doesn't have to sign every email. They only sign keys that sign keys that connect servers. Or something like that.
Suppose someone issues a key to a dishonest server? Well, enough people issue complaints and the issuer's key gets revoked. Or some automatied spamassasin type thing that auto-revokes the key after enough spams get spotted. No more spam from them, and maybe next time the admins are more careful.
In this scenario some spammer hijacks an honest user's Outlook and spams 1000 messages. If the ISP is not checking outgoing mail for spam levels, then they risk getting their certificate revoked. Maybe ISPs could even sign the emails with the account info of the person who is trying to send - thus producing an exact record of the email chain.
This totally eliminates (i think) the threat of zombie SMTP servers on DSL and open relays.
Think of it where SMTP only accepts connections over SSL and only with certificates that it trusts.
Then the ball is in the park of the ISPs and server hosters (those with their own email keys) to keep spammers out locally. SLL login for SMTP? sure. C/R for each email sent through them? Whatever. Send anything over their open relay? Not for long.
Sounds reasonable to me. It makes it easier for the end user I think, and minimizes spam.
This totally eliminates zombie SMTP servers on cable lines spewing spam.
You start with a central certificate authority. I know, I know, bottlenecks. But you only need them to issue keys to (or sign the keys of) about 100 (or 1000?) servers. The signing authority has to be central, but the *revocation* authority does not. That's the key here.
So those servers can sign the keys of 1000 servers of their own and so on.
So my mail server tries to send your server an email. Your server checks if my key is signed by someone who is signed by someone who is signed by the CA. It also checks against its nightly downloaded revocation list. If everything is good, the mail goes through. Very little processor time, and very little bandwidth.
Suppose someone issues a key to a dishonest server? Well, enough people issue complaints and the issuer's key gets revoked. Or some automatied spamassasin type thing that auto-revokes the key after enough spams get spotted. No more spam from them, and maybe next time the admins are more careful.
This totally eliminates (i think) the threat of zombie SMTP servers on DSL and open relays.
Then the ball is in the park of the ISPs and server hosters (those with their own email keys) to keep spammers out locally. SLL login for SMTP? sure. C/R for each email sent through them? Whatever. Send anything over their open relay? Not for long.
Sounds reasonable to me. It makes it easier for the end user I think, and minimizes spam.
Any suggestions?
Muerte This totally eliminates zombie SMTP servers on cable lines spewing spam.
actually, your passphrase has much lower entropy than your random password. assuming there are about 10K words in common vocabulary, and you use 10 words, that's about 10,000^10. pretty large, but only about 23 bits. now consider the deterministic ordering of words in an english sentence, and you knock off a few more bits.
but your 20 character password has a huge entropy. you have 26 lowercase letters, 26 uppercase letters, 10 numbers and about 10 punctuation marks. that's 66 possibilities per character. now 72^20 is a lot. that's about 26 bits.
so it may be easier to remember, but it's not more secure.
You mean the ones that deal with facts, and actual forces of nature?
If you read to the end of the wired article, he talks about a controlled nasa experiment that showed that the effect doesn't work in vacuum.
Also, it's not high amounts of electrical current as stated in the headline, it's high voltage. A high voltage (~20kV) wire on top ionizes air molecules which are accelerated downward toward an oppositely charged wire. Action, reaction, upward force.
No anti gravity here. But maybe enough voltage to kill yourself. Maybe soon we will get a darwin award for an anti gravity attempt that never actually leaves the ground...
Slashdot Mirror
immanent (?m'?-n?nt)
adj.
Existing or remaining within; inherent: believed in a God immanent in humans.
Restricted entirely to the mind; subjective.
imminent (?m'?-n?nt)
adj.
About to occur; impending: in imminent danger.
from answers.com. spellcheck doesn't pick up definition errors.
m
I have found that while DS1 was more like the SSI type DnD games, DS2 is *much* more like Diablo 2. The craziest lacking thing is the ability to control single characters. So you can't make a picket line and send one guy to pull the baddies in. It's either "everyone do what i click" (mirror mode) or "everyone kinda do what i click" (rampage mode).
It's taken almost ALL of the strategy away, but the result is much faster paced combat, including massive explosions and lots of gibs.
Instead of runes (ala D2), there are Reagents which an NPC can enchant into enchantable items. But these reagents are typically not so powerful compared to the set based and uniqe items. Some of which are pretty awe-inspiring.
One new feature (?) is the autocast section in the spellbooks. Each mage may have 2 spells (not direct fire ones, more like curses or monster summons) that automatically cast at appropriate times.
The super-linear plotline and map is kind of annoying after playing so much D2 with a more area-based (vs linear) approach, but the maps are nice.
However, I have not seen the same beautiful landscapes that actually sometimes wowed me in DS1.
Anyways, the game was a good buy. It's super long, and some of the sub-missions are pretty cool.
m
One thing though, would this be admissible with regards to hearsay laws?
If I make a list of random IP addresses and add random movie titles, can I be subpoenaed and those logs used to sue people?
It's not like the police came to someone's house and found a movie on their computer - an internet lowlife had that person's IP address on their server. Was it created by a bot?
Where's the proof? Does there need to be any? I understand that civil cases have a lower standard of guilt, but does anyone know for sure?
m
While what you say may be true regarding radar guided missiles, where the nose may be covered with a reflective material of thickness small than the skin depth of the radar waves, it will be *highly* effective against infrared homing missiles whose sensors typically require optical access to the target. Oh, and other planes.
And I don't think it's quite as simple as painting the missile silver - cracks, joints, dirt or otherwise will absorb the laser light and catch fire / break / whatever.
m
Wow. From the very link you cite:
...
Warm surface currents invariably flow from the tropics to the higher latitudes, driven mainly by atmospheric winds, as well as the earth's rotation.
Cold surface currents come from polar and temperate latitudes, and they tend to flow towards the equator. Like the warm surface currents, they are driven mainly by atmospheric forces
Hence, the ocean currents are driven by rotating coordinate systems and fluid mechanics. The freezing at the poles has to do with nutrient mixing, NOT generating the rotation of the ocean through some sort of coriolis effect, as you seem to be implying.
m
Do you really have any idea what causes the ocean to circulate the way it does, or do you just believe what you see in the movies?
Try "Fluid Mechanics" and "Rotating Coordinate Systems" for starters. At least I give you credit for not buying totally into the alarmist hype.
cheers.
They say they exposed the eye tissue to 2.2 mW of radiation at 1.1 GHz. But 2.2 mW over what area? the room? One micron? The ~100cm^2 device in their setup? The important unit is *intensity*.
How much energy per area hits my eye from my cell phone in comparison? They don't say. That's a very important free parameter that they can vary to cause sensationalism where there may indeed be no danger.
It would be more useful if someone calculated this in burnt Libraries of Congress per century per square cubit.
Also, looking back at the article, they have the eye tissue sample in some sort of transmission line resonator. They don't go into specifics, but such a device could increase the power density of the microwaves by several orders of magnitude over that of a point emitter.
m
Peltier coolers use electricity, which is generated by the horribly inefficient internal combustion engine which produces greenhouse gasses and other toxins by the boatload.
Not to nitpick, but the compression cycle of regular car AC is also powered by the motor...
Plus, if your alternator can handle it, the peltier is probably much lighter, and certainly much smaller, further improving your engine efficiency.
m
this is not a sig
They say that a couple hundred micrograms of antimatter contains about as much energy as 3100kg of fuel, right? So what's the difference if either one explodes? Well, brushing aside the higher reaction speed of antimatter/matter and the random radiation flying around...
Containment of positrons is also *super* easy. Just use a Penning trap - a big magnet and two electrodes. And you could make it so small that it would be virtually indestructible. It would really be much safer than a giant fuel tank with all kinds of leaks and whatnot.
Anitmatter batteries would also be awesome. And probably better for the environment. People are also scaremongering about "what if the terrorists collected all the batteries in the world and made a planet destroying bomb!". So what? That's so far from possible it's laughable. You can make an antimatter container that's pretty much impossible to open without ruining it.
The problem is generating all that antimatter in the first place. Some nasty radioactive decays or a particle accelerator. And it's hard to make even "micrograms" of it when you pretty much create it one atom at a time.
m
this is not a sig.
would be to use a high refresh rate display and LCD shutter glasses. if you have a 120 Hz refresh rate then you can have three independent images viewed at 40 Hz. from any angle, mind you. they might appear a little dim, and 40 Hz is kind of annoying to stare at, but it would work.
and for two people, 60 Hz is definitely reasonable, especially for gaming. it wouldn't work on a refular television, but on good computer monitors it would be great.
and probably cheaper than the crazy monitors they have on that page. and you can do it all with drivers and currently available LCD shutter glasses.
m
lol! this site is such a scam it's ridiculous. all these vague "timelines" and talking about "feynman". he might as well be talking about the "color of energy" and "the uncertainty principle is untenable!"
it kind of gives your plan away when the whole front page of the site screams (in red) "buy special shares of stock!"
i hope that you are Mr. Rainer Partenan himself. if not, i have some *great* technologies for you to invest in.
m
Take a four quadrant photodiode and make the center region be a circular fifth detector. Like a pie in four slices with a cookie in the middle. The four arc shapes are used to initiate tracking movement, and the center indicates a lock.
From dictionary.com:so if it's in 90 degree arcs, it's in quandrants. and if i add that extra central zone, you could call it five quadrant. maybe.
muerte
So what's unclear, but probable, is that the thing just sits pointing in one direction (presumably at the door), and just fires when the motion detector is triggered.
But what would be *awesome* is if the thing actually tracked the motion of the target. Although this kind of image processing/sensor power is not likely to be so affordable.
Maybe a 5-quadrant motion detector would work pretty sweet. Although it might be pretty slow.
Muerte
>The disaster was caused partly by one engineer previously over-riding automatic safety protection in order to increase reactor power to levels needed to run a safety test.
Uh, IIRC the reason the thing blew is that the power levels were decreased to too low a level to sustain stable reaction.
I'm not a nuclear physicist, but I believe in that style of reactor, the presence of the particular water they were using decreased the reaction speed, instead of increasing it as it is done in modern, western reactors. So they had the control rods pulled all the way out, and the water flow super low.
Then the water started to boil a little, and that boiling caused bubbles in the moderating water, which allowed the reaction speed to launch into some nasty exponential power spike that could not have been prevented in the time it took to see the spike.
I'm pretty sure what I just wrote was mostly right. I'm just too lazy to find links. But I am sure that the power level was super super low, and the control rods were pulled all the way out. Bad idea.
Muerte
I love it when people spew out their theories of why quantum mechanics is wrong - just because they can't understand it.
When you say things like this you sound like the guys trying to sell "Zero Point Energy" and the like.
Go read a book. For starters, I recommend Griffiths.
Muerte
What they did appears to be just flipping the spin (and detecting the flip) of a single electron.
Creating and measuring the quantum state of a single particle is *not* new. Or that hard. The neat thing is that they did it with a commercial transistor.
Oh, and some sort of fridge that goes to -400 F.
The really hard part in quantum computing (as far as I can tell) is (a) creating and (b) maintaining a coherence between many particles.
The problem is that useful coherences between particles are *very* easily destroyed. If you can hold coherent mixtures one the order of milliseconds, consider yourself lucky. Much less creating the state and performing the operations and then reading out the state...
Muerte
Thanks for the honest appraisal. It's nice to get feedback instead of flaming.
:)
Ho, i haven't designed a PKI before (obviously), I was just trying to put up an idea.
Hell, Joe Schmoe could be the root authority. he signs keys for MIT, AOL, Earthlink, icrosoft, Apple, UC Berkeley, the federal government, etc. Then they sign whoever the heck they want and he puts his key up on a bunch of web pages for verification.
Maybe I used SSL in the wrong sense. I mostly just meant that every email accepted by a server from another server would be signed by a tree of trust.
Sure it would add some size to each email, but it would have nested series of signatures with the root auth being the top. And a URL in each sig where the full public key could be downloaded if it wasn't cached locally.
As for revocation, I guess it would have to be some sort of a nightly thing where you poll your regional (?) copy of the master server. Or something. Like DNS i guess. And if the keys expired every year (or so), the revocation database might be kept at a reasonable size.
And if your users didn't care about _receiving_ spam, you wouldn't have to poll for revocation at all!
So a 0-minute compromised key would be able to generate spam, sure. But for not much longer than a day, and the resulting punishment would remind the upstream key signers to be more diligent in the future.
Muerte
ps. i don't know if i clicked the right link i'm not trying to reply directly to my own comment.
Well, I think it's probably impossible to actually eliminate every single last piece of spam.
As for infringing people's rights - you as a spammer have no rights to use my SMTP. As an ISP I would provide mail services for my paying customers. If one of my customers wants to run their own SMTP server, I can threaten them with their life, then sign their cert. If they spam, their cert gets revoked and my cert takes a "reputation hit". Or something like that. My honest users can send email to whoever they like.
But it's absolutely ridiculous to continue with the notion that anybody anywhere can run an open SMTP relay and expect the rest of the world to be responsible to blacklist them when they start spamming.
And there doesn't have to be necessarily one cert authority. Just an angreement on who constitutes root authority.
I think it would scale reasonably well. If each email contains the signature chain, then the server only has to have a copy of the public keys of the root authorites in order to verify the chain of trust. The sub-signers can attatch their keys to the email.
And who says we have to get rid of normal SMTP? If you wanna have some vanilla server that doesn't use SSL, there's no stopping you. You just can't send email to someone who only accepts trusted SSL connections.
The key here is the idea is that you can sign sub-keys. This removes the absolute control from the central authority, but puts the responsiblity on the server admins. And a very mini-PKI gets sent along with each email. Or available upon request from the originating server. Or something like that.
Sure you would still get spam at first as unwise people sign bogus certs, but then these get revoked and eventually it settles down.
Muerte
Why not change so that SMTP servers ONLY accept connections over SSL? And then only accept certificates that are signed either by a central authority or by people whose certificates are signed by those people...
Then you could have a distributed revocation authority where people could send copies of spams (still over the SSL network to eliminate fake spam for DDoS purposes). You don't want to get your certificate revoked, so maintain your server!
This makes the system more or less secure, and puts the burden onto mail server admins. You want your regular users to be able to send mail? Then don't let random people send spam.
Individual servers could then implement whatever authentication they liked for their users to be able to send. Maybe a C/R system or authenticated logins. Whatever.
Muerte
ps. i keep posting this idea. ha!
well, the idea is that spammers would never be able to get spam onto the trusted network. and people would not be able to forge fake spams for reporting - they would all be cryptographically signed.
so i couldn't make some random spam and send it to the revocation site - it would have to be sent first through a trusted server which should not allow people to spam in the first place.
does that explain it better? the point being that if your server accepts a mail from a user to send, they sign the email with their key, and the signatures of all their trusted signers. then it contacts the destination server which only allows trusted key chains.
so it's like a RBL, but instead of blacklisted IPs you have whitelisted SSL certificate chains. and it would be mathematically improbable to ruin.
muerte
muerte
I posted this yesterday, but i was way too late for it to get read. I know it's poor form to repeat yourself, but i just wanted some feedback.
So what about this:
You start with a central certificate authority. I know, I know, bottlenecks. But you only need them to issue keys to (or sign the keys of) about 100 (or 1000?) servers. The signing authority has to be central, but the *revocation* authority does not. That's the key here.
So those servers can sign the keys of 1000 servers of their own and so on.
So my mail server tries to send your server an email. Your server checks if my key is signed by someone who is signed by someone who is signed by the CA. It also checks against its nightly downloaded revocation list. If everything is good, the mail goes through. Very little processor time, and very little bandwidth.
It is robust against DoS attacks because the CA doesn't have to sign every email. They only sign keys that sign keys that connect servers. Or something like that.
Suppose someone issues a key to a dishonest server? Well, enough people issue complaints and the issuer's key gets revoked. Or some automatied spamassasin type thing that auto-revokes the key after enough spams get spotted. No more spam from them, and maybe next time the admins are more careful.
In this scenario some spammer hijacks an honest user's Outlook and spams 1000 messages. If the ISP is not checking outgoing mail for spam levels, then they risk getting their certificate revoked. Maybe ISPs could even sign the emails with the account info of the person who is trying to send - thus producing an exact record of the email chain.
This totally eliminates (i think) the threat of zombie SMTP servers on DSL and open relays.
Think of it where SMTP only accepts connections over SSL and only with certificates that it trusts.
Then the ball is in the park of the ISPs and server hosters (those with their own email keys) to keep spammers out locally. SLL login for SMTP? sure. C/R for each email sent through them? Whatever. Send anything over their open relay? Not for long.
Sounds reasonable to me. It makes it easier for the end user I think, and minimizes spam.
This totally eliminates zombie SMTP servers on cable lines spewing spam.
Any suggestions?
Muerte
So what about this:
You start with a central certificate authority. I know, I know, bottlenecks. But you only need them to issue keys to (or sign the keys of) about 100 (or 1000?) servers. The signing authority has to be central, but the *revocation* authority does not. That's the key here.
So those servers can sign the keys of 1000 servers of their own and so on.
So my mail server tries to send your server an email. Your server checks if my key is signed by someone who is signed by someone who is signed by the CA. It also checks against its nightly downloaded revocation list. If everything is good, the mail goes through. Very little processor time, and very little bandwidth.
Suppose someone issues a key to a dishonest server? Well, enough people issue complaints and the issuer's key gets revoked. Or some automatied spamassasin type thing that auto-revokes the key after enough spams get spotted. No more spam from them, and maybe next time the admins are more careful.
This totally eliminates (i think) the threat of zombie SMTP servers on DSL and open relays.
Then the ball is in the park of the ISPs and server hosters (those with their own email keys) to keep spammers out locally. SLL login for SMTP? sure. C/R for each email sent through them? Whatever. Send anything over their open relay? Not for long.
Sounds reasonable to me. It makes it easier for the end user I think, and minimizes spam.
Any suggestions?
Muerte
This totally eliminates zombie SMTP servers on cable lines spewing spam.
actually, your passphrase has much lower entropy than your random password. assuming there are about 10K words in common vocabulary, and you use 10 words, that's about 10,000^10. pretty large, but only about 23 bits. now consider the deterministic ordering of words in an english sentence, and you knock off a few more bits.
but your 20 character password has a huge entropy. you have 26 lowercase letters, 26 uppercase letters, 10 numbers and about 10 punctuation marks. that's 66 possibilities per character. now 72^20 is a lot. that's about 26 bits.
so it may be easier to remember, but it's not more secure.
You mean the ones that deal with facts, and actual forces of nature?
If you read to the end of the wired article, he talks about a controlled nasa experiment that showed that the effect doesn't work in vacuum.
Also, it's not high amounts of electrical current as stated in the headline, it's high voltage. A high voltage (~20kV) wire on top ionizes air molecules which are accelerated downward toward an oppositely charged wire. Action, reaction, upward force.
No anti gravity here. But maybe enough voltage to kill yourself. Maybe soon we will get a darwin award for an anti gravity attempt that never actually leaves the ground...
Muerte
LabView will also run on Linux, and they are porting it to OS X. So at least it's half-free?
Muerte
ps. sorry for being such a troll to reply to my own post.