messing things up by talking about the lovely shade of charcoal first, before asking about the utility features of the product
acting in an aggravated manner to start with because they expect that they're going to be treated poorly (the Othello syndrome), thus causing the salesman to be put off-side
using small words when talking to the (obviously stupid, since he's male) salesman, and receiving small words in reply, thus assuming that the salesman is being patronising (when in fact the woman started it)
talking like a giggly barbie-doll, and wondering why the salesman is using small words
flirting to try to get a better deal, and get surprised when the salesman flirts back
Yes, I'm probably a misogynist. All of these are based on my own experience.
I find it hard to be polite to some woman who comes up to me and says, "I don't expect you to be nice to me since you hate women, but I just want you to answer three simple questions for me, can you do that?" - this is a fair dinkum statement that some woman started off our "conversation" with. Heck, I'm a guy, so obviously I hate women and can't handly polysyllabic words, right?
Then there's the women who think they're players - they come up to you dressed all girly (pig-tails with huge bows on them, frilly dresses and cute socks, that kind of thing) talking to me as though they've had a combined hit of Nitrogen and Helium (giggly and squealing). They act dumb and ask me to repeat simple phrases (like "auto-loader" or "multi-disc random play"). Then they go away and come back a few minutes later, dressed in army fatigues and loudly proclaim (within the manager's hearing) that they're not buying product from me because I treated them poorly. A hint to anyone wanting to try this scam - don't do it twice in the same shopping complex. They may be competitors, but the store managers know each other. And they talk about problem customers all the time.
It doesn't surprise me at all that 40% of women in the survey perceive that they are treated better when in the company of a man - it's probably because they've already vented their mishoministic rage on their male partner, and can talk civilly to the salesman.
C'mon, tell me you haven't been thinking about this already?
We send 14 men and women to Mars, and we watch every waking moment of everyone's lives through cameras in every conceivable location. As tensions rise, Big Brother gets to vote them off the island, and they go to... the... um... other side of the island.
The programme could start on Earth, in Mars simulations and "team building" exercises. We should start now to develop the techniques that will be needed to help 14 people cope with each others' company for 2 years at a time. Starting with day-long "Mars on Earth" expeditions (camping in the desert, in the arctic, in underwater habitats, etc) and work up to the final pre-mission selection camp - 6 months in Anchorage, Alaska.
Imagine the advances we'd be able to make in psychology when we have access to situations where we could experiment with stress handling and counselling techniques? Wouldn't that pay for itself?
As a lead-up to the Mars expedition, move all those robot-vs-robot competitions to the desert, then the Moon. The only entry criteria for the Moon and Mars robot-vs-robot competitions would be that you get there. The robot that retrieves the most useful scientific data wins - the competition being the Lunar/Martian environment (and other robots).
Wouldn't you love to be one of the first owners of domestic robots who have "Moon Muscle 1" as their ancestors? Not only does it vacuum the carpet and prune the roses, but it can kick the Roomba's arse...
Perhaps there could also be "lifestyle" shows, where people come up with new and amazing ways to decorate a 2m x 2m x 2m bunk module, cook in an all-electric kitchen module, grow exciting (and mind-altering) herbs in the garden module, and do make-overs of each others' recreation modules. We'd also have the "adult" segment - voyerism to the extreme as we explore sex in low-G, and find new and exciting ways of pleasuring the person we've been bonking non-stop for 18 months... and then we can redefine that stupid "wife swap" show. The mind boggles and the hedonistic opportunities presented.
And don't forget the opportunity for current affairs programs such as, "A Mars Affair", "The Late Show: Starring Martian Letterman".
But we should be careful to send people other than scientists to Mars. Sure, absolutely include geologists, microbiologists (for the "practical science" on Mars), chemists and physicists (for the "research science"), but they'll need horticulturists, photographers, cameramen, a poet and a singer/songwriter. Don't let Spirit and Opportunity get all the credit for being the "Ansel Adams of Mars" - get some human photographers up there who can do lanscape shots for the sake of art, rather than navigation.
I can't wait till I can have such contrasting pictures as Little Fisher Falls (a Tasmanian waterfall) sitting right next to a Gusev Crater panorama. Wow.
So there we go - an entire pantheon of entertainment prospects that would allow the space program to be entirely funded from pay-per-view media.
The next step will be to find some resources that the Moon and Mars can provide that are unique - the cheesy souvenir rock pets for starters. I wonder if herbs grown on Mars would have unique flavour properties compared to those grown here on Earth? Imagine parsley that's twice as expensive as Terran saffron;)
So there you go - start off with all the robot-geek shows where we slice, dice and experiement our way to the top of the survival heap. Boost rocketry and extra-Terrestrial manufacturing to the scale required for consumer launches (manufacturing robots in space would be cheaper than building them on Earth and launching them to the Moon or Mars).
Once we get space elevators or sling-rides up and running, we can start with the human voyagers.
What do you reckon? Any grain of sense in my babbling?
Sorry to pick on your specific post, this is directed at you in particular.
"salt the earth" means to plough salt into the soil so that nothing will grow there. This was one form of "scorched earth" policy - it's too hard to keep the land once it's been taken, so just render it unusable. Talk to any farmer about what the effects of soil salinity are on crops and flocks.
I sincerely hope that IBM would never "salt the earth" in any way shape or form.
Perhaps a better phrase would have been, "IBM is going to stomp all over them and scatter their bloody remains to the corners of the Earth."
Not that any SCO employee actually has blood - that would imply that they have souls, too.
OMG! I had 5 moderator points yesterday! Why didn't you post this YESTERDAY?
+1 Insightful - in fact, a science fiction work of its own:) After all, Sci fi is all about "What if...?" questions, isn't it?
Though I must confess, I don't know if I'll think that your response is so amazing once I've sobered up and finally got this stupid computer to do what I want so I can go celebrate Christmas with my folks...
Though how to address the question of defending the machine city from the lone "hovercraft" containing Neo and Trinity. Would there have been better ways to handle the situation - such as (for example) remotely disabling the "hover" pads (what are they anyway - antigrav? electromagnetic levitation?). Certainly hurling high explosive sentient bombs at them wasn't the optimal approach to satisfying the three laws of robotics. I guess by moving the focus from from the singular ("A robot shall not harm a human") to the collective ("A robot shall not harm humanity"), the explanation becomes obvious. Zion is already the holding place for the "negative elements" of the human stability equation - Neo and Trinity would have been treated as excessively hazardous to the machines and humanity in general, right up until the point where Neo tells the machines that he can solve their little virus problem. (Did Asimov ever address the issue of a robot being caught up in a hostage or terrorist situation?)
And it makes you wonder - was "the conflict" actually between humans and machines directly, or between the technophiles and the technophobes, with the machines as a neutral third party? And what happens to the factions who splinter off from the Zionist collective in the new era of human and machine cohabitation? Not to mention, are the machines not pursuing other sources of power (eg: fission/fusion/solar/etc) simply because the risk to humans would be too great? And do the people "in" the Matrix actually have a meaningful existence? Or are the machines simply obeying the letter of the law - preventing humans coming to harm - without concern to quality of living (the Matrix is 3-Laws safe, which doesn't mean it's actually good for you).
Thankyou for giving me something to mull over with my friends while we're passing out in front of the air conditioner tonight. My Christmas long weekend is going to be very Wachowski and Tolkien heavy, I can tell.
I wouldn't respond to the questionnaire on the simple grounds that filling it out would give Microsoft grounds to advertise their next revision of OS as, "better than Linux, according to Linux users"
No matter how you answer their questions, you're still answering their questions.
Pardon me for being cynical and expecting Microsoft to spin the results to their favour.
The "you can't copy my database" law covers the content, not the context.
Thus it doesn't matter if you got your version of the building code from some musty tome - the fact that you are publishing the information in any form at all means that you've "stolen" the information that the database compiler "owns". This isn't a case of copyright infringement - it's not the presentation of the information, it's the information itself that is covered.
Think about that the next time you write your friend's name and address on a parcel.
The fact that the initial complaint got as far as it has, is painful evidence that the bureacracy has no means of controlling its own process. There must have been at least three or four levels at which some single member of the bureacracy had the opportunity to say, "this is a frivolous complaint - it will cost us more social standing to pursue this claim that to quell it!"
Or perhaps the misunderstanding was amplified by a bureacracy composed of ill-educated WASPs who were unable or unwilling to look past the complaint to see the deeper issues behind it, or the dire consequences of allowing it to be considered as more than a joke. Perhaps the county is simply so financially stretchered that all they have left to do is legislate - there being no money left to act.
The "misunderstanding" of the master/slave terminology is entirely the fault of the bureacracy at LA county.
Master/slave has been used to describe clocks and oscillators since before timezones were invented.
Are we to stop using the term "Head Master" to describe the person (male or female or whatever gender they identify themselves as) responsible for guiding the curriculum and discipline of a school? The term "Master" implies more knowledge and control than, say, "Shepherd" - I want my children to be taught, not herded.
Changing the term "master" and "slave" on hard disk drives is relatively easy to do, as long as the buyer is willing to pay for custom labelling and rewritten documentation. I'm sure the state would welcome spending twice as much money on their IT purchases, since they are obviously rolling in the surplus from not spending money on power or firefighting equipment.
Though I think the money would be better spend on providing certain county staff with a few history books dealing with slavery through the course of human history (my favourite slave stories come from the books of the Old Testament of the Christian Bible), as well as some technological history, especially dealing with timekeeping.
And perhaps a poster should be made up of the dictionary definitions of "master", including such choice phrases as, "highly skilled or proficient", "directs the work of another" (which is the sense used in clocks, as is the case in master/slave on the ATA bus). Perhaps for "slave" they could include, "a machine or component controlled by another machine or component".
I would avoid using definitions from the Merriam-Webster dictionary, since they are all tainted by the typical American white/male bias - implying that a "Master" is always a male, which is poppycock.
Rather than refusing to use these terms, the county should probably turn its efforts to mastering its native language. Or end up a slave to political busy work and filibustering.
I really, really want to see this event - it's one of those "mustn't be missed" extravaganzas.
Linus Torvalds and Richard Stallman in the same court room? With IBM lawyers too! No doubt Eric Moglen will be present in some capacity.
Please tell me where I can buy tickets to this show? This is going to be a demonstration of The American Way at its finest, I'm sure - forget the shallow charades involved in the Microsoft antitrust case - this is the real thing!
1. A method for asset management utilizing the World Wide Web, comprising:
The author of a Debian package prepares the information required to install that package as-is on a new machine. This package is uploaded to the Debian archive (a WWW site).
2. The method of claim 1 wherein said computer-related hardware device is selected from the group...
Debian GNU/Linux is available for many different platforms.
3, 4, 5: Method of accessing repository is over Internet or LAN, perhaps with encryption.
Public Debian archive or private copy (eg: CDs mounted on loopback, published through Apache server).
6. The method of claim 1 wherein said information is converted to formatted data files for ease of storage and transfer prior to said transmission to said new computer-related hardware device.
The Debian Packages file and friends are exactly covered by this claim.
7. The method of claim 1 wherein said information is stored on said remote storage medium in a relational database.
The depends/suggests relations turn the dpkg database into a relational database.
8. The method of claim 1 wherein said information is continuously updated on a real-time basis.
If you subscribe to the security updates, you match this claim. If you are using unstable or testing, you match this claim.
9. The method of claim 1 wherein said method includes means for generating a report of said information after said user's new computer-related hardware device has been updated.
What detail of report are they looking at? Debian's apt-get utility will provide interactive reports of how far through the update you've come. Right at the end, it gives a summary of how long the process took.
Other tools allow generation of reports of how many files are installed and managed by the apt utils, what status any of the known packages are in, and there's even a report which allows you to install exactly the same set of selected packages on a different machine.
10. The method of claim 1 wherein said means for transferring information from said computer-related hardware device through said World Wide Web to said remote storage medium includes a method for filtering unwanted or redundant information.
dpkg can put packages on hold - that's a means of filtering out unwanted packages. tasksel can filter out unwanted packages. The web server itself might have spam filters in place - just because they don't affect the download, doesn't mean the filters aren't in place.
11. The method of claim 1 wherein said updating of said user's settings consists of the steps of: [getting remote settings, filling in the blanks]
When performing an installation or update, the Debian package management system allows the user to read about changes to configuration files as suggested by the package maintainer. eg: decisions about running suid programs, adding new options.
12. The method of claim 1 wherein said method has the ability to monitor, update and control versions of software resident on said computer-related hardware device.
That's exactly what a package management tool is for. That's exactly what dpkg and the apt utilities do.
13. The method of claim 1 wherein said method provides a means for translating said information into a common language.
"Internationalisation" is what it's called everywhere else. Debian has many options for local languages - you can have all of your software configured for English or even German, for example. One common language for the whole system.
Claims 14 through 35 reiterate the above.
The only point I can find where Debian is not exactly covered by the patent is where the patent talks about the entire process being carried out by the one person (in claim 1 the user is mentioned, then in subsequent claims, reference is made to "said user") or at least on that person's "new computer-related hardware device."
I use Handyshopper for PalmOS: http://www.freewarepalm.com/database/handyshopper- english.shtml
I keep track of the last price I paid for each item, and the aisle I found the item in.
The only thing that would make life easier for me is if the shop would regularly publish a complete list of what items are in which aisles. Especially when they change their aisle layout every 6 months to "enhance the shopping experience" (ie: make you walk past everything again in order to con you into a few impulse purchases).
It's frightening to think that the shop would want to keep track of which items I buy - as other people have pointed out, the store could optimise their prices for maximum profit from each customer. Though I wonder how easy it would be for them to distinguish between the buyers who always buy the one brand, regardless of price, and buyers who "comparison shop" and buy the cheapest product that they trust to be of adequate quality.
Existing employees should just be careful to write meaningful reports, instead of emotive rants such as the "Cyberinsecurity" report.
What a load of twaddle! Have you read it?
Each chapter jumps from point to point, launching into a new "argument" before they've actually given any weight to the previous one. Reading through that document is like walking through an abandoned castle, seeing all of Dr. Frankenstein's failed experiements. The authors make grand statements, then fail to back them up. They start talking about "assigning bad communications a negative number" then never get around to showing how big a negative number things like SOBIG and SWEN get to, in comparison with the positive numbers that I would assume "legitimate" or "good" communications build to.
What a mess! I think the guy was fired because he's lost his edge. In fact, I don't think it's just his *edge* that he's lost. He's just "lost it".
I rate the "Cyberinsecurity" report at -1 Offtopic, and I fully support @stake's decision to let the dud go.
Spam filtering based on DNS records is usually along the lines of (a) RBLs or (b) address validation.
The Verisign SiteFinder (denial of) service doesn't mess with RBLs at all (that I know of). The RBLs will either return a positive or negative, in their own domain space.
The Verisign SiteFinder (denial of) service absolutely messes with address validation.
Before SiteFinder, if you got email from massmailer@1234.verisignsucks.com, you'd be able to look that hostname up and get an NX record (ie: authoritative NO!). So you could discard the message because it was illegitimate.
After SiteFinder, if you get an email from massmailer@1234.verisignsucks.com, you'd be able to resolve the hostname to the SiteFinder address. Thus your MTA would assume that the email wsa legitimate, and forward or deliver it as the case may be.
That alone has cost my company many megabytes of traffic per day, simply from spam that we would have previously discarded.
As wrong as it is to do so, I'll be "upgrading" my name servers (BIND, Verisign Countermeasures - http://www.imperialviolet.org/dnsfix.html) to reject wildcard-style responses. This will break sites like.museum, but it will mean my spam filtering works again.
These compression services are only really viable for dialup, because dialup is so slow.
the idea is that they download the bulky graphics for you at super-high speed, compress all meaning out of them, then send them to you over the modem connection.
Since they can take no time at all to compress the images by a factor of 3x to 10x, they reduce the time that you wait for graphics to load.
Say it takes you 30 seconds to download a page over your modem - this is 5 seconds for the HTML, 25 seconds for the graphics.
The compression services grab the images, reduce them by a factor of three, and in two seconds you start downloading the images. It then only takes you a total of 5 seconds for the HTML, 2 seconds delay for the images (which probably started their compression during the 5 seconds it took to download the HTML), and 6 seconds for the compressed images. Total time 13 seconds - they've half the latency for that web page.
convince xyz company to install a router/firewall with custom ACL's on a per customer basis. watch the bottleneck.
Unless they're doing something really screwy with the firewall, the bottleneck is going to be upstream bandwidth, as it always has been. If anything, the firewall will reduce the contention on the upstream bandwidth, since all email will be forwarded out through the one mail relay, which has the opportunity to smooth out the email traffic. Even better, if they're doing spam filtering, there's less mail to download in the first place, which increases available bandwidth for dial-up customers.
if i am told for whatever reason that i have to use your proxy for everything i do then your techs have access to all of my information... right now they do not have access to my mail
Your ISP already has the ability to snoop on any transmissions through their network. If you don't trust them, you don't trust them - a firewall or mandatory proxy won't change the trust situation. So your personal mail server is in a different geographical location - your traffic still goes through the ISPs network in some form or another. For all the consumer level customers it makes no difference, since their email is already stored on the ISPs machines.
not to mention that the firewall still wont stop traffic on the internet
That was never the intention of the original paper - or any of my suggestions. The intention of port blocking at the ISP level is to prevent the ISPs clients' machines from being compromised by external attacks (or attacks from one compromised client to another). The firewalled ISP thus becomes a "harbour" of sorts, where inexperienced Internauts can operate in relative safety. If the outside world is being brought down by a new Code Red/Nimda/Sobig/Sircam virus, the clients of that ISP can just sit back and wait it out, while watching the Internet Storm Centre's graph drop from Red to Green.
... how long until the script kiddies start finding ways around, or through the firewall
There are way through and around every firewall. Most of them that I'm aware of rely on social engineering, rather than programmatic attacks - so I expect that script kiddies will be the least of my problems. I just have to watch out for clients who start sharing their passwords with random fools on IRC.
so now they are blocking outbound requests period?
Not all outbound requests, only those on certain ports - for example 137-139 and 445. If some client really, absolutely has to have their MS-SQL server open for a client of theirs to get access to it, then I'd arrange for that port to be open for that client to connect to that server - whether that's an incoming or outgoing connection, I'd handle it the same way.
sorry i encrypt my mail.
And that prevents you using the authorised mail relay how? You don't need to be able to access port 25 on remote systems in order to be able to send encrypted email. If you were my responsibility, I'd still ask you send your mail through the relay unless we make other arrangements.
a semi-clueless person who works in CS for xyz company sending a confirmation email with my credit card number in it would make you liable
I've clearly missed something here. How do I, as your ISP, become liable for someone else's stupid actions? Please provide examples of cases which support your claim.
if you only have one broadband ISP in your area and they do something stupid what are you going to do if you rely on that service to make money ?
Take them to court, and show how they breached the contract that you'd agreed with them. If what they've done hasn't broken any contract (or if you were foolish enough to run a business from a consumer account), then you're SOL.
it will slow down internet speeds for consumers
I can't understand that one. Cutting out spam, blocking email viruses at the source will slow the Internet down how? AFAIK, if a consumer's machine stays up for longer without rebooting, wouldn't that mean that they end up being happier with their Internet experience?
i am not interested in some whiny windows people making the decision for me.
Then good luck running an ISP. 95% of your customers will be clueless Windows users, who wouldn't know what a security patch was if it bit them on the nose. ISPs need those clueless Windows users to keep forking out the dosh so that the business can stay afloat.
they are all VERY dense
That's called "Tiered Call Center". And that's part of life when you do business with big companies. If you want good service, go with a smaller company where the technical guy who can help solve your problem is likely to be sitting next to the "level 1" help desk girl who's bored out of her brain reading the same "restart, reinstall the app, reinstall Windows" script to the same clueless users every day and pretending to enjoy it;)
Sour grapes and a big tar brush... what a mixture!
well firstly the internet was not intended to have one way connections
That's an opinion, not a fact. A simple fact that counters that opinion is the existence of UDP - it's specifically designed for sending packets one-way, without a care as to whether it gets to its destination or not.
Certainly, state that you don't see the utility of an Internet where end-user machines are only able to make outgoing connections. There are many people who would find the Internet perfectly usable for their purposes.
secondly alot of services such has media and games require a verification connection or a udp connection on some random port
Diablo II, Quake III Arena, Homeworld Cataclysm - these are three games that I play that don't require connections to the client machine. Game writer need to learn about SOCKS, and use it. SOCKS means that client software can open up ports on the firewall for making direct client to client connections.
I especially pick on games here because, although it would be easy to not block port 6112, I wonder about the safety of such an environment. I play Diablo II quite happily on the Battle.Net realms (where, oh where, did bnetd go?), and I don't have any port forwarding happening. Server based games should have no problems except where "anti-cheat" programs cause them. Direct peer-to-peer or server-to-client connections aren't necessarily going to be firewalled unless they're a proven vector for infection.
i do ssh into my network at home while im at work
I do the same with my network. I have no reason to distrust SSH - in fact, of all the ports in the world, SSH (TCP port 22) is the most sacred. I see no reason why anyone would ever want to block port 22 at the firewall (except in extreme cases where someone's abusing the network by running several simultaneous X-Windows sessions over an SSH forwarded tunnel;) Remember - the article was proposing the idea that the ISP should block known "bad" ports. There is no reason for ports 137-139 to be open to the Internet - there are better ways to share your company's confidential documents with the world.
the internet is privately owned, the point still stands
No, I believe the point is moot - the Internet is privately owned, therefore the only privileges you have to use it are defined by Terms and Conditions which are part of the contract that you signed. As long as your/the ISP doesn't breach the T&C, they're pretty much free to do what they want.
on a road i rely on other people to not do stupid shit, i have no way of protecting myself
The ISP putting up firewalls isn't interested in protecting you from other people. It's the other way around - they're interested in protecting other people from you. Or, more importantly, your poorly administered network of Windows machines that have never been patched since they were installed from the original media. Firewalls that block ports incoming or outgoing are meant to be the brakes, air-bags and safety barriers of the Internet. They try to avoid accidents in the first place (removing the vector of infection), or at least mitigate the damage once the accident has occurred.
In addition, attempting to drop packets at your end of the link is futile - by the time the packets arrive at your firewall, your bandwidth has already been used, and your quota is very quickly disappearing.
putting up a firewall will not clean the internet
The original article never claimed that firewalls will clean the Internet. The article only claimed that firewalls will help reduce the spread of infection. For example, blocking port 80 incoming and port 25 outgoing would have eliminated the damage done by Code Red and Sircam. My own firewall is currently recording 10 to 15 attempts per minute to connect to ports 137 and 445. These packets
my terms of service say nothing about them having the right to block content regardless of what it is or where it is located, if they do i will sue.
Sue, on what grounds?
Check your terms and conditions. That little part that says "no servers". That effectively gives the ISP the right to block all incoming connections. This has the effect that you are forced to use the 'net the way they were planning you to - browsing the web and checking email. If you want something more, negotiate a deal with the ISP. You might have to spend some money though, because bandwidth isn't cheap.
secondly there are actually very few safe gaurds in place to protect me from assholes who drive
That's right. Crumple zones, seat belts, traffic lights, ABS brakes, laminated windshields, collapsible steering columns, softer compounds for tyres, independent suspension - all these things have nothing at all to do with making cars safer in emergency situations. There are no safeguards people. Concrete dividers, Armco on the cliffside, Cateye reflectors, street lights. Nope, no safeguards. The world's a dangerous place people.
As for "no surcharges to drive on roads" - bollocks. The money to maintain them comes from somewhere. The money to fund the highway patrol comes from somewhere. The money to fund the hospital comes from somewhere. You pay for all those services, in the hope you won't have to use them.
Why shouldn't the ISP take action to defend itself from loss of revenue? I think you'll find that the people who will leave "en masse" given a port blocking policy will be far outnumbered by those who just don't give a damn. Or even those who migrate to the ISP because they're told it's safer. Port blocks, spam-catchers and traffic monitors are the safety standards, registration checks and speed limits of the Internet. When used correctly, they will make the Internet safer for everyone - inside and outside the ISP.
Would you prefer to drive on roads that are only used by roadworthy vehicles? Why don't you want an Internet that is only accessible by Internet-worthy operating systems and administrators?
Ahh... I see. Well, here in Australia - most litigious country in the world - the fallback positions would be:
Ask nicely
Send threatening letter
Sue
If you're paying for a service, they should provide it. If they don't provide the service, don't pay for it. In some cases, sue them for lost income and damages. If they insist that port blocking is good because you're dumb, sue for defamation, slander or libel (depending on the media used and the message contained).
Though I guess it's a bit much to sue for damages over an $80/month ADSL connection, there are agencies such as Consumer Affairs and the Australian Consumer and Competition Commission which Australians can use as big sticks when needed. Though I must admit I have no faith in the new head of the ACCC - he's a business man from a business background, so how fairly is he going to represent consumers against businesses?
Port filtering should be covered in some way by SLAs (for business lines) or at least by Terms and Conditions (for everyone). Guess I'll have to make that a feature of my ISP - make the T&C prominent, so that our customers are aware that we will take action to protect them from their operating systems' flaws, and if they ask us nicely we can let them have unfettered access to the virusnet... I mean.. Internet.
As an ISP, we're the ones who will cop the flak should one of our customers turn out to be a spammer or virus lab. Therefore not only is it in my best interests to protect the customers from the Internet (reduce support calls), but it's in my best interests to protect the Internet from my customers. My firewall works both ways - since the buck stops here, the s**t will stop here too.
I might wander off to my journal now, and start writing up a code of conduct for ISPs wrt firewalls:)
I do aspire to be as twisted and Machiavellian though:)
Since I run an ISP, I'm interested in making money. You can't make money from customers who don't use your services. You make even less money from customers who complain.
Perhaps you and I are enemies - you desperately want to get the fools off the Internet, and I desperately want to separate them from their money.
My ISP (the one I run) is looking at ADSL soon. One of the things I'd like to be able to offer is a "DIY package". This would consist of a preconfigured NAT router (which BLOCKS PORTS! and only allows comms upstream, not with peers) which we ship out to the user. All they do is plug it in to the phone line, then plug their computer into the router, and with any luck, it just works.
Ideally, the NAT router would be able to handle restoring a "factory default" (my factory default) when required. I'd love to have the ability for genuinely advanced users to mess with the settings (they paid for it, after all) - with the option to restore from my config when they hose their setup.
Hmm... we could even make it a wireless doodad, and have a WISP running. That way the customer could sign up all their neighbours to help pay for the ADSL connection:) The catch is, more people on the one ADSL means higher contention ratio, which means more upstream bandwidth required, which means more moolah.
I've had too much experience in an ISP helpdesk to allow such an ill-educated opinion to go uncorrected.
There's an old saying in Engineering - make a system fool-proof, the world builds a bigger fool. Those bigger fools are being stored in stasis on the Internet. They plague my life on a daily basis. Even something as "simple" as ZoneAlarm - with it's various warnings about what is recommended and what is not - leaves room for some inexperienced user to totally hose their dialup connection.
Putting up warnings, "THIS OPTION FOR ADVANCED USERS ONLY" is just asking for trouble. Half the population are going to want to think they're better than they are, they'll mess with the "advanced" settings and hose the system. The other half will be scared by such warnings, and end up hosing the system out of fear. I don't know how they manage it, but that's the way it goes.
The only way to stop a consumer messing with "advanced settings" is to not give them buttons to click on or fields to fill in.
If removing a "feature" is what it takes to become secure, then so be it! Blocking a small proportion of ports will end up removing a large proportion of support costs, while simultaneously protecting the time that many Internet consumers have invested in their computers.
If someones being packeted with syns from random source with a static dest port of 113, they should be able to make their isp drop all of them.
That's actually a good idea. Perhaps the Webmin IPTables module could be modified for use by an ISP?
And what's with all the negativity? Unless you try and frame things in a constructive mode, how's the world going to be improved by your comment?
Slashdot Mirror
I wonder what percentage of those 40% are
Yes, I'm probably a misogynist. All of these are based on my own experience.
I find it hard to be polite to some woman who comes up to me and says, "I don't expect you to be nice to me since you hate women, but I just want you to answer three simple questions for me, can you do that?" - this is a fair dinkum statement that some woman started off our "conversation" with. Heck, I'm a guy, so obviously I hate women and can't handly polysyllabic words, right?
Then there's the women who think they're players - they come up to you dressed all girly (pig-tails with huge bows on them, frilly dresses and cute socks, that kind of thing) talking to me as though they've had a combined hit of Nitrogen and Helium (giggly and squealing). They act dumb and ask me to repeat simple phrases (like "auto-loader" or "multi-disc random play"). Then they go away and come back a few minutes later, dressed in army fatigues and loudly proclaim (within the manager's hearing) that they're not buying product from me because I treated them poorly. A hint to anyone wanting to try this scam - don't do it twice in the same shopping complex. They may be competitors, but the store managers know each other. And they talk about problem customers all the time.
It doesn't surprise me at all that 40% of women in the survey perceive that they are treated better when in the company of a man - it's probably because they've already vented their mishoministic rage on their male partner, and can talk civilly to the salesman.
C'mon, tell me you haven't been thinking about this already?
;)
We send 14 men and women to Mars, and we watch every waking moment of everyone's lives through cameras in every conceivable location. As tensions rise, Big Brother gets to vote them off the island, and they go to... the... um... other side of the island.
The programme could start on Earth, in Mars simulations and "team building" exercises. We should start now to develop the techniques that will be needed to help 14 people cope with each others' company for 2 years at a time. Starting with day-long "Mars on Earth" expeditions (camping in the desert, in the arctic, in underwater habitats, etc) and work up to the final pre-mission selection camp - 6 months in Anchorage, Alaska.
Imagine the advances we'd be able to make in psychology when we have access to situations where we could experiment with stress handling and counselling techniques? Wouldn't that pay for itself?
As a lead-up to the Mars expedition, move all those robot-vs-robot competitions to the desert, then the Moon. The only entry criteria for the Moon and Mars robot-vs-robot competitions would be that you get there. The robot that retrieves the most useful scientific data wins - the competition being the Lunar/Martian environment (and other robots).
Wouldn't you love to be one of the first owners of domestic robots who have "Moon Muscle 1" as their ancestors? Not only does it vacuum the carpet and prune the roses, but it can kick the Roomba's arse...
Perhaps there could also be "lifestyle" shows, where people come up with new and amazing ways to decorate a 2m x 2m x 2m bunk module, cook in an all-electric kitchen module, grow exciting (and mind-altering) herbs in the garden module, and do make-overs of each others' recreation modules. We'd also have the "adult" segment - voyerism to the extreme as we explore sex in low-G, and find new and exciting ways of pleasuring the person we've been bonking non-stop for 18 months... and then we can redefine that stupid "wife swap" show. The mind boggles and the hedonistic opportunities presented.
And don't forget the opportunity for current affairs programs such as, "A Mars Affair", "The Late Show: Starring Martian Letterman".
But we should be careful to send people other than scientists to Mars. Sure, absolutely include geologists, microbiologists (for the "practical science" on Mars), chemists and physicists (for the "research science"), but they'll need horticulturists, photographers, cameramen, a poet and a singer/songwriter. Don't let Spirit and Opportunity get all the credit for being the "Ansel Adams of Mars" - get some human photographers up there who can do lanscape shots for the sake of art, rather than navigation.
I can't wait till I can have such contrasting pictures as Little Fisher Falls (a Tasmanian waterfall) sitting right next to a Gusev Crater panorama. Wow.
So there we go - an entire pantheon of entertainment prospects that would allow the space program to be entirely funded from pay-per-view media.
The next step will be to find some resources that the Moon and Mars can provide that are unique - the cheesy souvenir rock pets for starters. I wonder if herbs grown on Mars would have unique flavour properties compared to those grown here on Earth? Imagine parsley that's twice as expensive as Terran saffron
So there you go - start off with all the robot-geek shows where we slice, dice and experiement our way to the top of the survival heap. Boost rocketry and extra-Terrestrial manufacturing to the scale required for consumer launches (manufacturing robots in space would be cheaper than building them on Earth and launching them to the Moon or Mars).
Once we get space elevators or sling-rides up and running, we can start with the human voyagers.
What do you reckon? Any grain of sense in my babbling?
Pity they're all quoting the same source ;)
Sorry to pick on your specific post, this is directed at you in particular.
"salt the earth" means to plough salt into the soil so that nothing will grow there. This was one form of "scorched earth" policy - it's too hard to keep the land once it's been taken, so just render it unusable. Talk to any farmer about what the effects of soil salinity are on crops and flocks.
I sincerely hope that IBM would never "salt the earth" in any way shape or form.
Perhaps a better phrase would have been, "IBM is going to stomp all over them and scatter their bloody remains to the corners of the Earth."
Not that any SCO employee actually has blood - that would imply that they have souls, too.
OMG! I had 5 moderator points yesterday! Why didn't you post this YESTERDAY?
:) After all, Sci fi is all about "What if...?" questions, isn't it?
+1 Insightful - in fact, a science fiction work of its own
Though I must confess, I don't know if I'll think that your response is so amazing once I've sobered up and finally got this stupid computer to do what I want so I can go celebrate Christmas with my folks...
Though how to address the question of defending the machine city from the lone "hovercraft" containing Neo and Trinity. Would there have been better ways to handle the situation - such as (for example) remotely disabling the "hover" pads (what are they anyway - antigrav? electromagnetic levitation?). Certainly hurling high explosive sentient bombs at them wasn't the optimal approach to satisfying the three laws of robotics. I guess by moving the focus from from the singular ("A robot shall not harm a human") to the collective ("A robot shall not harm humanity"), the explanation becomes obvious. Zion is already the holding place for the "negative elements" of the human stability equation - Neo and Trinity would have been treated as excessively hazardous to the machines and humanity in general, right up until the point where Neo tells the machines that he can solve their little virus problem. (Did Asimov ever address the issue of a robot being caught up in a hostage or terrorist situation?)
And it makes you wonder - was "the conflict" actually between humans and machines directly, or between the technophiles and the technophobes, with the machines as a neutral third party? And what happens to the factions who splinter off from the Zionist collective in the new era of human and machine cohabitation? Not to mention, are the machines not pursuing other sources of power (eg: fission/fusion/solar/etc) simply because the risk to humans would be too great? And do the people "in" the Matrix actually have a meaningful existence? Or are the machines simply obeying the letter of the law - preventing humans coming to harm - without concern to quality of living (the Matrix is 3-Laws safe, which doesn't mean it's actually good for you).
Thankyou for giving me something to mull over with my friends while we're passing out in front of the air conditioner tonight. My Christmas long weekend is going to be very Wachowski and Tolkien heavy, I can tell.
I wouldn't respond to the questionnaire on the simple grounds that filling it out would give Microsoft grounds to advertise their next revision of OS as, "better than Linux, according to Linux users"
No matter how you answer their questions, you're still answering their questions.
Pardon me for being cynical and expecting Microsoft to spin the results to their favour.
The "you can't copy my database" law covers the content, not the context.
Thus it doesn't matter if you got your version of the building code from some musty tome - the fact that you are publishing the information in any form at all means that you've "stolen" the information that the database compiler "owns". This isn't a case of copyright infringement - it's not the presentation of the information, it's the information itself that is covered.
Think about that the next time you write your friend's name and address on a parcel.
The fact that the initial complaint got as far as it has, is painful evidence that the bureacracy has no means of controlling its own process. There must have been at least three or four levels at which some single member of the bureacracy had the opportunity to say, "this is a frivolous complaint - it will cost us more social standing to pursue this claim that to quell it!"
Or perhaps the misunderstanding was amplified by a bureacracy composed of ill-educated WASPs who were unable or unwilling to look past the complaint to see the deeper issues behind it, or the dire consequences of allowing it to be considered as more than a joke. Perhaps the county is simply so financially stretchered that all they have left to do is legislate - there being no money left to act.
The "misunderstanding" of the master/slave terminology is entirely the fault of the bureacracy at LA county.
Master/slave has been used to describe clocks and oscillators since before timezones were invented.
Are we to stop using the term "Head Master" to describe the person (male or female or whatever gender they identify themselves as) responsible for guiding the curriculum and discipline of a school? The term "Master" implies more knowledge and control than, say, "Shepherd" - I want my children to be taught, not herded.
Changing the term "master" and "slave" on hard disk drives is relatively easy to do, as long as the buyer is willing to pay for custom labelling and rewritten documentation. I'm sure the state would welcome spending twice as much money on their IT purchases, since they are obviously rolling in the surplus from not spending money on power or firefighting equipment.
Though I think the money would be better spend on providing certain county staff with a few history books dealing with slavery through the course of human history (my favourite slave stories come from the books of the Old Testament of the Christian Bible), as well as some technological history, especially dealing with timekeeping.
And perhaps a poster should be made up of the dictionary definitions of "master", including such choice phrases as, "highly skilled or proficient", "directs the work of another" (which is the sense used in clocks, as is the case in master/slave on the ATA bus). Perhaps for "slave" they could include, "a machine or component controlled by another machine or component".
I would avoid using definitions from the Merriam-Webster dictionary, since they are all tainted by the typical American white/male bias - implying that a "Master" is always a male, which is poppycock.
Rather than refusing to use these terms, the county should probably turn its efforts to mastering its native language. Or end up a slave to political busy work and filibustering.
I really, really want to see this event - it's one of those "mustn't be missed" extravaganzas.
Linus Torvalds and Richard Stallman in the same court room? With IBM lawyers too! No doubt Eric Moglen will be present in some capacity.
Please tell me where I can buy tickets to this show? This is going to be a demonstration of The American Way at its finest, I'm sure - forget the shallow charades involved in the Microsoft antitrust case - this is the real thing!
I can't wait for the director's cut DVD...
The author of a Debian package prepares the information required to install that package as-is on a new machine. This package is uploaded to the Debian archive (a WWW site).
Debian GNU/Linux is available for many different platforms.
Public Debian archive or private copy (eg: CDs mounted on loopback, published through Apache server).
The Debian Packages file and friends are exactly covered by this claim.
The depends/suggests relations turn the dpkg database into a relational database.
If you subscribe to the security updates, you match this claim. If you are using unstable or testing, you match this claim.
What detail of report are they looking at? Debian's apt-get utility will provide interactive reports of how far through the update you've come. Right at the end, it gives a summary of how long the process took.
Other tools allow generation of reports of how many files are installed and managed by the apt utils, what status any of the known packages are in, and there's even a report which allows you to install exactly the same set of selected packages on a different machine.
dpkg can put packages on hold - that's a means of filtering out unwanted packages. tasksel can filter out unwanted packages. The web server itself might have spam filters in place - just because they don't affect the download, doesn't mean the filters aren't in place.
When performing an installation or update, the Debian package management system allows the user to read about changes to configuration files as suggested by the package maintainer. eg: decisions about running suid programs, adding new options.
That's exactly what a package management tool is for. That's exactly what dpkg and the apt utilities do.
"Internationalisation" is what it's called everywhere else. Debian has many options for local languages - you can have all of your software configured for English or even German, for example. One common language for the whole system.
Claims 14 through 35 reiterate the above.
The only point I can find where Debian is not exactly covered by the patent is where the patent talks about the entire process being carried out by the one person (in claim 1 the user is mentioned, then in subsequent claims, reference is made to "said user") or at least on that person's "new computer-related hardware device."
Am I casting a long line here?
I use Handyshopper for PalmOS: http://www.freewarepalm.com/database/handyshopper- english.shtml
I keep track of the last price I paid for each item, and the aisle I found the item in.
The only thing that would make life easier for me is if the shop would regularly publish a complete list of what items are in which aisles. Especially when they change their aisle layout every 6 months to "enhance the shopping experience" (ie: make you walk past everything again in order to con you into a few impulse purchases).
It's frightening to think that the shop would want to keep track of which items I buy - as other people have pointed out, the store could optimise their prices for maximum profit from each customer. Though I wonder how easy it would be for them to distinguish between the buyers who always buy the one brand, regardless of price, and buyers who "comparison shop" and buy the cheapest product that they trust to be of adequate quality.
Existing employees should just be careful to write meaningful reports, instead of emotive rants such as the "Cyberinsecurity" report.
What a load of twaddle! Have you read it?
Each chapter jumps from point to point, launching into a new "argument" before they've actually given any weight to the previous one. Reading through that document is like walking through an abandoned castle, seeing all of Dr. Frankenstein's failed experiements. The authors make grand statements, then fail to back them up. They start talking about "assigning bad communications a negative number" then never get around to showing how big a negative number things like SOBIG and SWEN get to, in comparison with the positive numbers that I would assume "legitimate" or "good" communications build to.
What a mess! I think the guy was fired because he's lost his edge. In fact, I don't think it's just his *edge* that he's lost. He's just "lost it".
I rate the "Cyberinsecurity" report at -1 Offtopic, and I fully support @stake's decision to let the dud go.
Spam filtering based on DNS records is usually along the lines of (a) RBLs or (b) address validation.
.museum, but it will mean my spam filtering works again.
The Verisign SiteFinder (denial of) service doesn't mess with RBLs at all (that I know of). The RBLs will either return a positive or negative, in their own domain space.
The Verisign SiteFinder (denial of) service absolutely messes with address validation.
Before SiteFinder, if you got email from massmailer@1234.verisignsucks.com, you'd be able to look that hostname up and get an NX record (ie: authoritative NO!). So you could discard the message because it was illegitimate.
After SiteFinder, if you get an email from massmailer@1234.verisignsucks.com, you'd be able to resolve the hostname to the SiteFinder address. Thus your MTA would assume that the email wsa legitimate, and forward or deliver it as the case may be.
That alone has cost my company many megabytes of traffic per day, simply from spam that we would have previously discarded.
As wrong as it is to do so, I'll be "upgrading" my name servers (BIND, Verisign Countermeasures - http://www.imperialviolet.org/dnsfix.html) to reject wildcard-style responses. This will break sites like
Which one do you think is more important to me?
These compression services are only really viable for dialup, because dialup is so slow.
the idea is that they download the bulky graphics for you at super-high speed, compress all meaning out of them, then send them to you over the modem connection.
Since they can take no time at all to compress the images by a factor of 3x to 10x, they reduce the time that you wait for graphics to load.
Say it takes you 30 seconds to download a page over your modem - this is 5 seconds for the HTML, 25 seconds for the graphics.
The compression services grab the images, reduce them by a factor of three, and in two seconds you start downloading the images. It then only takes you a total of 5 seconds for the HTML, 2 seconds delay for the images (which probably started their compression during the 5 seconds it took to download the HTML), and 6 seconds for the compressed images. Total time 13 seconds - they've half the latency for that web page.
Unless they're doing something really screwy with the firewall, the bottleneck is going to be upstream bandwidth, as it always has been. If anything, the firewall will reduce the contention on the upstream bandwidth, since all email will be forwarded out through the one mail relay, which has the opportunity to smooth out the email traffic. Even better, if they're doing spam filtering, there's less mail to download in the first place, which increases available bandwidth for dial-up customers.
Your ISP already has the ability to snoop on any transmissions through their network. If you don't trust them, you don't trust them - a firewall or mandatory proxy won't change the trust situation. So your personal mail server is in a different geographical location - your traffic still goes through the ISPs network in some form or another. For all the consumer level customers it makes no difference, since their email is already stored on the ISPs machines.
That was never the intention of the original paper - or any of my suggestions. The intention of port blocking at the ISP level is to prevent the ISPs clients' machines from being compromised by external attacks (or attacks from one compromised client to another). The firewalled ISP thus becomes a "harbour" of sorts, where inexperienced Internauts can operate in relative safety. If the outside world is being brought down by a new Code Red/Nimda/Sobig/Sircam virus, the clients of that ISP can just sit back and wait it out, while watching the Internet Storm Centre's graph drop from Red to Green.
There are way through and around every firewall. Most of them that I'm aware of rely on social engineering, rather than programmatic attacks - so I expect that script kiddies will be the least of my problems. I just have to watch out for clients who start sharing their passwords with random fools on IRC.
Not all outbound requests, only those on certain ports - for example 137-139 and 445. If some client really, absolutely has to have their MS-SQL server open for a client of theirs to get access to it, then I'd arrange for that port to be open for that client to connect to that server - whether that's an incoming or outgoing connection, I'd handle it the same way.
And that prevents you using the authorised mail relay how? You don't need to be able to access port 25 on remote systems in order to be able to send encrypted email. If you were my responsibility, I'd still ask you send your mail through the relay unless we make other arrangements.
I've clearly missed something here. How do I, as your ISP, become liable for someone else's stupid actions? Please provide examples of cases which support your claim.
Take them to court, and show how they breached the contract that you'd agreed with them. If what they've done hasn't broken any contract (or if you were foolish enough to run a business from a consumer account), then you're SOL.
I can't understand that one. Cutting out spam, blocking email viruses at the source will slow the Internet down how? AFAIK, if a consumer's machine stays up for longer without rebooting, wouldn't that mean that they end up being happier with their Internet experience?
Then good luck running an ISP. 95% of your customers will be clueless Windows users, who wouldn't know what a security patch was if it bit them on the nose. ISPs need those clueless Windows users to keep forking out the dosh so that the business can stay afloat.
That's called "Tiered Call Center". And that's part of life when you do business with big companies. If you want good service, go with a smaller company where the technical guy who can help solve your problem is likely to be sitting next to the "level 1" help desk girl who's bored out of her brain reading the same "restart, reinstall the app, reinstall Windows" script to the same clueless users every day and pretending to enjoy it ;)
Sour grapes and a big tar brush... what a mixture!
That's an opinion, not a fact. A simple fact that counters that opinion is the existence of UDP - it's specifically designed for sending packets one-way, without a care as to whether it gets to its destination or not.
Certainly, state that you don't see the utility of an Internet where end-user machines are only able to make outgoing connections. There are many people who would find the Internet perfectly usable for their purposes.
Diablo II, Quake III Arena, Homeworld Cataclysm - these are three games that I play that don't require connections to the client machine. Game writer need to learn about SOCKS, and use it. SOCKS means that client software can open up ports on the firewall for making direct client to client connections.
I especially pick on games here because, although it would be easy to not block port 6112, I wonder about the safety of such an environment. I play Diablo II quite happily on the Battle.Net realms (where, oh where, did bnetd go?), and I don't have any port forwarding happening. Server based games should have no problems except where "anti-cheat" programs cause them. Direct peer-to-peer or server-to-client connections aren't necessarily going to be firewalled unless they're a proven vector for infection.
I do the same with my network. I have no reason to distrust SSH - in fact, of all the ports in the world, SSH (TCP port 22) is the most sacred. I see no reason why anyone would ever want to block port 22 at the firewall (except in extreme cases where someone's abusing the network by running several simultaneous X-Windows sessions over an SSH forwarded tunnel ;) Remember - the article was proposing the idea that the ISP should block known "bad" ports. There is no reason for ports 137-139 to be open to the Internet - there are better ways to share your company's confidential documents with the world.
No, I believe the point is moot - the Internet is privately owned, therefore the only privileges you have to use it are defined by Terms and Conditions which are part of the contract that you signed. As long as your/the ISP doesn't breach the T&C, they're pretty much free to do what they want.
The ISP putting up firewalls isn't interested in protecting you from other people. It's the other way around - they're interested in protecting other people from you. Or, more importantly, your poorly administered network of Windows machines that have never been patched since they were installed from the original media. Firewalls that block ports incoming or outgoing are meant to be the brakes, air-bags and safety barriers of the Internet. They try to avoid accidents in the first place (removing the vector of infection), or at least mitigate the damage once the accident has occurred.
In addition, attempting to drop packets at your end of the link is futile - by the time the packets arrive at your firewall, your bandwidth has already been used, and your quota is very quickly disappearing.
The original article never claimed that firewalls will clean the Internet. The article only claimed that firewalls will help reduce the spread of infection. For example, blocking port 80 incoming and port 25 outgoing would have eliminated the damage done by Code Red and Sircam. My own firewall is currently recording 10 to 15 attempts per minute to connect to ports 137 and 445. These packets
Not too subtle - just too old ;)
Sue, on what grounds?
Check your terms and conditions. That little part that says "no servers". That effectively gives the ISP the right to block all incoming connections. This has the effect that you are forced to use the 'net the way they were planning you to - browsing the web and checking email. If you want something more, negotiate a deal with the ISP. You might have to spend some money though, because bandwidth isn't cheap.
That's right. Crumple zones, seat belts, traffic lights, ABS brakes, laminated windshields, collapsible steering columns, softer compounds for tyres, independent suspension - all these things have nothing at all to do with making cars safer in emergency situations. There are no safeguards people. Concrete dividers, Armco on the cliffside, Cateye reflectors, street lights. Nope, no safeguards. The world's a dangerous place people.
As for "no surcharges to drive on roads" - bollocks. The money to maintain them comes from somewhere. The money to fund the highway patrol comes from somewhere. The money to fund the hospital comes from somewhere. You pay for all those services, in the hope you won't have to use them.
Why shouldn't the ISP take action to defend itself from loss of revenue? I think you'll find that the people who will leave "en masse" given a port blocking policy will be far outnumbered by those who just don't give a damn. Or even those who migrate to the ISP because they're told it's safer. Port blocks, spam-catchers and traffic monitors are the safety standards, registration checks and speed limits of the Internet. When used correctly, they will make the Internet safer for everyone - inside and outside the ISP.
Would you prefer to drive on roads that are only used by roadworthy vehicles? Why don't you want an Internet that is only accessible by Internet-worthy operating systems and administrators?
Ahh... I see. Well, here in Australia - most litigious country in the world - the fallback positions would be:
If you're paying for a service, they should provide it. If they don't provide the service, don't pay for it. In some cases, sue them for lost income and damages. If they insist that port blocking is good because you're dumb, sue for defamation, slander or libel (depending on the media used and the message contained).
Though I guess it's a bit much to sue for damages over an $80/month ADSL connection, there are agencies such as Consumer Affairs and the Australian Consumer and Competition Commission which Australians can use as big sticks when needed. Though I must admit I have no faith in the new head of the ACCC - he's a business man from a business background, so how fairly is he going to represent consumers against businesses?
Port filtering should be covered in some way by SLAs (for business lines) or at least by Terms and Conditions (for everyone). Guess I'll have to make that a feature of my ISP - make the T&C prominent, so that our customers are aware that we will take action to protect them from their operating systems' flaws, and if they ask us nicely we can let them have unfettered access to the virusnet... I mean.. Internet.
As an ISP, we're the ones who will cop the flak should one of our customers turn out to be a spammer or virus lab. Therefore not only is it in my best interests to protect the customers from the Internet (reduce support calls), but it's in my best interests to protect the Internet from my customers. My firewall works both ways - since the buck stops here, the s**t will stop here too.
I might wander off to my journal now, and start writing up a code of conduct for ISPs wrt firewalls :)
Sadly, I'm not as evil as you are.
:)
I do aspire to be as twisted and Machiavellian though
Since I run an ISP, I'm interested in making money. You can't make money from customers who don't use your services. You make even less money from customers who complain.
Perhaps you and I are enemies - you desperately want to get the fools off the Internet, and I desperately want to separate them from their money.
My ISP (the one I run) is looking at ADSL soon. One of the things I'd like to be able to offer is a "DIY package". This would consist of a preconfigured NAT router (which BLOCKS PORTS! and only allows comms upstream, not with peers) which we ship out to the user. All they do is plug it in to the phone line, then plug their computer into the router, and with any luck, it just works.
Ideally, the NAT router would be able to handle restoring a "factory default" (my factory default) when required. I'd love to have the ability for genuinely advanced users to mess with the settings (they paid for it, after all) - with the option to restore from my config when they hose their setup.
Hmm... we could even make it a wireless doodad, and have a WISP running. That way the customer could sign up all their neighbours to help pay for the ADSL connection :) The catch is, more people on the one ADSL means higher contention ratio, which means more upstream bandwidth required, which means more moolah.
I've had too much experience in an ISP helpdesk to allow such an ill-educated opinion to go uncorrected.
There's an old saying in Engineering - make a system fool-proof, the world builds a bigger fool. Those bigger fools are being stored in stasis on the Internet. They plague my life on a daily basis. Even something as "simple" as ZoneAlarm - with it's various warnings about what is recommended and what is not - leaves room for some inexperienced user to totally hose their dialup connection.
Putting up warnings, "THIS OPTION FOR ADVANCED USERS ONLY" is just asking for trouble. Half the population are going to want to think they're better than they are, they'll mess with the "advanced" settings and hose the system. The other half will be scared by such warnings, and end up hosing the system out of fear. I don't know how they manage it, but that's the way it goes.
The only way to stop a consumer messing with "advanced settings" is to not give them buttons to click on or fields to fill in.
If removing a "feature" is what it takes to become secure, then so be it! Blocking a small proportion of ports will end up removing a large proportion of support costs, while simultaneously protecting the time that many Internet consumers have invested in their computers.
That's actually a good idea. Perhaps the Webmin IPTables module could be modified for use by an ISP?
And what's with all the negativity? Unless you try and frame things in a constructive mode, how's the world going to be improved by your comment?