If you ask me, nothing less than the total removal of all spamming should be acceptable. Filtering doesn't get it because you still have all of this spam and zombies wasting terabits of bandwidth. And you have spammers pwning all these clueless idiots' Windows boxes, turning them into spam zombies. Remove the ability to send spam without screwing yourself, and you'll solve all of the spam-related problems. Filtering is like putting makeup on a facial wound. Removing the ability to send spam in the first place is the cure. Sounds great... where do I sign up? but seriously. There are a number of problems with "Removing the ability to send spam in the first place" 1) What exactly is spam? -- Some people would say that spam is any e-mail they don't want. Others will say any e-mail they didn't ask for. yet others point to the dictionary and say "unsolicited usually commercial e-mail sent to a large number of addresses" This brings up the first problem... if we go with the last (and most technical) of those definitions, all a spammer has to do is start to "properly" personalize the messages (for some value of personalize) If we go with the first, how can you check on the sending end if the recipient wants it? if we go with the second, what about when I want to send e-mail to a friend I've lost touch with? he didn't ask for the e-mail, therefore my message is "spam"
Even if we, as the GP suggested, impose a technical restriction on e-mail such that it has to be authenticated as to who it's from, all that does is make the filtering easier. What is going to prevent the dedicated spammer from "registering" a new identity? where would everybody's identities be registered? would you trust a centralized registry of "registered senders"? for some reason i think not.
I've heard suggestions of using a "web-of-trust" method of "registering identities", but even with that idea, you're going to end up with many separate webs. and bog help you if you want to send e-mail between the webs, you'd be effectively unknown, and thus declared "SPAM".
All to often the way it seems with technology is that we put band-aids on everything. Endless patch-Tuesdays, etc. and that when a new system is proposed and agreed upon it (a) takes forever to get off the ground... IPv6 anyone?, or (b) is fored to be backwards compatible, which defeats the purpose.
Maybe I'll have to think of an algorithm to dynamically and auto-magically create a positive, and negative web-of-trust, both for senders and for servers... but that's more for another time
How is the New Yorker *NOT* MSM? it's practically on every newsstand from here to Moscow (and yes, I have traveled that far, and seen it there) It's lasted for over 80 years so far and has won more than just a handful of nationally and internationally recognized awards for journalism.
If anything the New Yorker is a good way to reach people that might not be quite as technically proficient or knowledgeable.
no... I schedule it to start up... Most BIOSs these days have that ability, or at least WOL... set up a server that sends out a magic packet 15 minutes before standard "Show up time"
This Old and very wise Guru had a young cat. Said cat had a habit of always coming in, and disturbing the Meditation sessions. So one day the Guru decided to tie his cat up before the meditation session. As was the idea, the cat was unable to disturb the session, and everything went like clockwork. From that day forward, just before the meditation session, the Guru tied his cat up. One day however, as things would happen, the Guru passed away. A new and much younger Guru was brought in, and told about the cat. Logically the Guru always tied up the cat before the meditation sessions. A few years later, the new Guru and the cat were both in an accident where they perished. A new Guru was immediately brought in. On his first day, just before the meditation session, one of the followers presented the new Guru with both a cat and a piece of rope. When asked why he responded "Before we can meditate we must tie up the Guru's Cat"
I hear you there. I used to live in Austria. Mid 90's there was a rather large rash of mail-bombs being sent around, both to "j-Random Foreigner" and to diplomats and government officials. A friend of the family actually lost his hand to one. Yeah, we were worried we might be next (Being both Foreigners and Diplomats), but did that stop us from checking out mail? Hell No! Did we avoid public places? Hell No! Did we hire bodyguard? Hell No! (Though the School and UN buildings did all have armed guards, it was the same number as before) Did we take the diplomatic License plates off of our car? Hell No!
My 8th Grade year, my school got firebombed because of NATO's involvement in Bosnia... We went to school, same as normal, the same day, the day after, and every day after that (Though students who suffered from smoke inhalation were excused)
Rule #1: The terrorists can only win if you let them Rule #2: The terrorists win by changing the way you live your live Rule #3: If someone is bound-and-determined to hurt/kill you, to the point where they are willing to kill themselves in the process, you can't do a darn thing about it Rule #4: One man's "Terrorist" is another man's "Freedom fighter" and until you realize that, you can't understand their motivation, and you have no chance at understanding the Why/Where/When/How or how to prevent
Given my, albeit rather unique, situation, I can't understand the current "OMG TERRORISTS" attitude, and why everything is being tied to terrorism. I lived within sight of the Iron Curtain. The soviets had tanks, and guard towers, and everything... The Austrians had fishing huts, or fields. They didn't care about border security... (Rule #3 above s/hurt\/kill you/cross the border/) Well, in the winter, we litterally went Ice-skating on a lake that crossed from Austria into Hungary In School, our parents had to sign paperwork at the beginning of the year allowing us to be injected with iodine in the case of a nuclear emergency (either upwind meltdown, or nuclear attack), we didn't run "Bomb Drills" or "Lockdown drills" My family was a target, as I mentioned above, but we still took public transportation almost every day. It all boils down to rules #1 & #2
Hence the second part of the "how will this effect" question: public sector, where the employer is the government? (I.E. IRS, FBI, State government, public School districts, Municipal Employees, etc.)
What I want to know though is: How does this jive with AUPs that explicitly state "There is no expectation of Privacy"? and specifically, with respect to private employers, and public sector employers?
Also, how does this work with State requirements that we (as a company) keep copies of everything sent over e-mail?
The other side of that is that Maine's PUC (Public Utilities commission) has balls! If people complain that their connection is being throttled, Dollars to Dough nuts the PUC will investigate, and file suit to fix it. (Until the federal guberment decides that throttleing is a matter of national security, and sues to stop them)
Ayuah, Maine sure is great, and honestly, This is one of those times that I'm proud to be from Maine. Even if I only make less than $30k a year. My wife, son, and I can still live comfortably on that and her teaching salary.
And I sure have to agree with you, as a rule Maine's congress-critters have a backbone. I might not agree with all that they do, but that's life. As for the tax rate, they're trying to lower it by re-organizing schools, as well as other things. we'll see how that goes.
But then you have to realize this is a space station with limits on how much space there is for tools that might otherwise go un-used. and you also have to realize that for that $50 UPS weighs about 5 pounds, which means that it costs $50,000 to lift it into orbit. ($10,000 per pound being the official number) and while NASA may be a government agency, $50k isn't exactly peanuts these days
Then there are perks like the shell and command line tools. The Unix shell and related tools (grep, awk, sed, sort,...) are incredibly powerful and IMHO unrivaled by anything on Windows. I have to use Windows at work, and almost every day I find myself doing some simple task that takes 3x longer than it should, simply because I don't have a decent shell. Being a *nix person myself, and also being forced to use windows at work. I have found cygwin to be a blessing, it makes my life so much easier, and I can use grep, awk, sed, sort, perl all day long, and it "just works"
Obviously the Ideal scenario for both criminals is neither talks, but if they don't talk and the other does, they get the slammer forever and a day. The logical result is for the criminal to talk (state to accept the "federal Funding" deal) Because that way they know they get at least a lighter sentence, and have no chance of maximum time.
Saying that GNU/Linux and Mac have the same problems Windoze does is a serious insult. I'm tired of hearing people tell me how much my OS needs an antivirus and spyware checker.
It's bullshit anyway. The pros can get through anything. Starting off with an OS that 99% of script kiddies can't own is a much better option than dragging down your computer's performance with snake oil. An OS like Debian, without Flash and other useless and insecure junk, is more appropriate for an office than Windoze with it's IE, Outlook and WMP burden. After that, AV can be done for mail servers and intrusion detection at the network level. Everything else is just so much busy work and waste of money.
While I will agree with you that Windows is fundamentally less secure than GNU/Linux||BSD haven't you ever heard of "Defense in Depth"?
Yes, AV can be done for mail servers, and hell also on proxy servers. But how do you protect against the user in room 314 with a USB Memory key that he likes to use? you need AV on individual systems (I like ClamAV for *nix, but that's my personal choice) Intrusion Detection at the network level, brilliant, and a useful tool, but not enough. How do you detect changes to important files on a local host? your NIDS isn't going to help you, a Host IDS might (Tripwire ring a bell?) Not only that, but you still have to perform regular audits to ensure that the systems are working properly. You also have to review the logs.
Good luck communicating 16 random letters and numbers over the phone to level-1 customer support. Thats why I almost always use a phonetic alphabet when I'm on the phone http://en.wikipedia.org/wiki/NATO_phonetic_alphabe t
Slashdot Mirror
MSM: Main Stream Media in this case
The rule I go by is "If I can see through it, it's not beer"
though I do have to say, as far as American beer goes, Sam Adams is very good
1) What exactly is spam? -- Some people would say that spam is any e-mail they don't want. Others will say any e-mail they didn't ask for. yet others point to the dictionary and say "unsolicited usually commercial e-mail sent to a large number of addresses"
This brings up the first problem... if we go with the last (and most technical) of those definitions, all a spammer has to do is start to "properly" personalize the messages (for some value of personalize)
If we go with the first, how can you check on the sending end if the recipient wants it?
if we go with the second, what about when I want to send e-mail to a friend I've lost touch with? he didn't ask for the e-mail, therefore my message is "spam"
Even if we, as the GP suggested, impose a technical restriction on e-mail such that it has to be authenticated as to who it's from, all that does is make the filtering easier. What is going to prevent the dedicated spammer from "registering" a new identity? where would everybody's identities be registered? would you trust a centralized registry of "registered senders"? for some reason i think not.
I've heard suggestions of using a "web-of-trust" method of "registering identities", but even with that idea, you're going to end up with many separate webs. and bog help you if you want to send e-mail between the webs, you'd be effectively unknown, and thus declared "SPAM".
All to often the way it seems with technology is that we put band-aids on everything. Endless patch-Tuesdays, etc. and that when a new system is proposed and agreed upon it (a) takes forever to get off the ground
Maybe I'll have to think of an algorithm to dynamically and auto-magically create a positive, and negative web-of-trust, both for senders and for servers... but that's more for another time
How is the New Yorker *NOT* MSM? it's practically on every newsstand from here to Moscow (and yes, I have traveled that far, and seen it there) It's lasted for over 80 years so far and has won more than just a handful of nationally and internationally recognized awards for journalism.
If anything the New Yorker is a good way to reach people that might not be quite as technically proficient or knowledgeable.
He did say "Beer" not "Watered down horse-piss"
If only I had mod-points
Great Idea... but please attribute it: Robert A. Heinlein, "The Moon Is A Harsh Mistress"
Vote Cthulhu in '08! Why pick the lessor of 2 evils?
okay, I'm done being off-topic
What about pointed sticks?
translate: Scum of the earth trying to stay 1 step ahead of kings horses & men
News at 11
no... I schedule it to start up... Most BIOSs these days have that ability, or at least WOL... set up a server that sends out a magic packet 15 minutes before standard "Show up time"
take a look at planeshift ahref=http://www.planeshift.it/rel=url2html-29749h ttp://www.planeshift.it/>
it's an open-source MMORPG, always looking for developers too
Sounds like the story of the "Guru's Cat"
This Old and very wise Guru had a young cat. Said cat had a habit of always coming in, and disturbing the Meditation sessions. So one day the Guru decided to tie his cat up before the meditation session. As was the idea, the cat was unable to disturb the session, and everything went like clockwork. From that day forward, just before the meditation session, the Guru tied his cat up.
One day however, as things would happen, the Guru passed away. A new and much younger Guru was brought in, and told about the cat. Logically the Guru always tied up the cat before the meditation sessions.
A few years later, the new Guru and the cat were both in an accident where they perished. A new Guru was immediately brought in. On his first day, just before the meditation session, one of the followers presented the new Guru with both a cat and a piece of rope. When asked why he responded "Before we can meditate we must tie up the Guru's Cat"
For the record: I am an American, living in Maine right now. I only grew up overseas because my father works for the UN
I hear you there. I used to live in Austria. Mid 90's there was a rather large rash of mail-bombs being sent around, both to "j-Random Foreigner" and to diplomats and government officials. A friend of the family actually lost his hand to one. Yeah, we were worried we might be next (Being both Foreigners and Diplomats), but did that stop us from checking out mail?
Hell No!
Did we avoid public places?
Hell No!
Did we hire bodyguard?
Hell No! (Though the School and UN buildings did all have armed guards, it was the same number as before)
Did we take the diplomatic License plates off of our car?
Hell No!
My 8th Grade year, my school got firebombed because of NATO's involvement in Bosnia... We went to school, same as normal, the same day, the day after, and every day after that (Though students who suffered from smoke inhalation were excused)
Rule #1: The terrorists can only win if you let them
Rule #2: The terrorists win by changing the way you live your live
Rule #3: If someone is bound-and-determined to hurt/kill you, to the point where they are willing to kill themselves in the process, you can't do a darn thing about it
Rule #4: One man's "Terrorist" is another man's "Freedom fighter" and until you realize that, you can't understand their motivation, and you have no chance at understanding the Why/Where/When/How or how to prevent
Given my, albeit rather unique, situation, I can't understand the current "OMG TERRORISTS" attitude, and why everything is being tied to terrorism. I lived within sight of the Iron Curtain. The soviets had tanks, and guard towers, and everything... The Austrians had fishing huts, or fields. They didn't care about border security... (Rule #3 above s/hurt\/kill you/cross the border/) Well, in the winter, we litterally went Ice-skating on a lake that crossed from Austria into Hungary
In School, our parents had to sign paperwork at the beginning of the year allowing us to be injected with iodine in the case of a nuclear emergency (either upwind meltdown, or nuclear attack), we didn't run "Bomb Drills" or "Lockdown drills"
My family was a target, as I mentioned above, but we still took public transportation almost every day. It all boils down to rules #1 & #2
meh enough ranting
Hence the second part of the "how will this effect" question: public sector, where the employer is the government? (I.E. IRS, FBI, State government, public School districts, Municipal Employees, etc.)
What I want to know though is: How does this jive with AUPs that explicitly state "There is no expectation of Privacy"? and specifically, with respect to private employers, and public sector employers?
Also, how does this work with State requirements that we (as a company) keep copies of everything sent over e-mail?
The other side of that is that Maine's PUC (Public Utilities commission) has balls! If people complain that their connection is being throttled, Dollars to Dough nuts the PUC will investigate, and file suit to fix it. (Until the federal guberment decides that throttleing is a matter of national security, and sues to stop them)
Ayuah, Maine sure is great, and honestly, This is one of those times that I'm proud to be from Maine. Even if I only make less than $30k a year. My wife, son, and I can still live comfortably on that and her teaching salary.
And I sure have to agree with you, as a rule Maine's congress-critters have a backbone. I might not agree with all that they do, but that's life. As for the tax rate, they're trying to lower it by re-organizing schools, as well as other things. we'll see how that goes.
Problem with that theory as applied to this. (It's a variation of "The Prisoner's Dilema") http://en.wikipedia.org/wiki/Prisoner's_dilemma
Obviously the Ideal scenario for both criminals is neither talks, but if they don't talk and the other does, they get the slammer forever and a day. The logical result is for the criminal to talk (state to accept the "federal Funding" deal) Because that way they know they get at least a lighter sentence, and have no chance of maximum time.
I'm not a Boy Scout, and I'm not ex-military... How does Son of a Ham sound?
That and it's a skill everybody should know
Saying that GNU/Linux and Mac have the same problems Windoze does is a serious insult. I'm tired of hearing people tell me how much my OS needs an antivirus and spyware checker.
It's bullshit anyway. The pros can get through anything. Starting off with an OS that 99% of script kiddies can't own is a much better option than dragging down your computer's performance with snake oil. An OS like Debian, without Flash and other useless and insecure junk, is more appropriate for an office than Windoze with it's IE, Outlook and WMP burden. After that, AV can be done for mail servers and intrusion detection at the network level. Everything else is just so much busy work and waste of money.
While I will agree with you that Windows is fundamentally less secure than GNU/Linux||BSD haven't you ever heard of "Defense in Depth"?Yes, AV can be done for mail servers, and hell also on proxy servers. But how do you protect against the user in room 314 with a USB Memory key that he likes to use? you need AV on individual systems (I like ClamAV for *nix, but that's my personal choice)
Intrusion Detection at the network level, brilliant, and a useful tool, but not enough. How do you detect changes to important files on a local host? your NIDS isn't going to help you, a Host IDS might (Tripwire ring a bell?)
Not only that, but you still have to perform regular audits to ensure that the systems are working properly. You also have to review the logs.
It's all about Layers! there is no "Magic Bullet"
it makes life so much easier
try AVG Free edition... I love it, and it does everything that an Anti-Virus program should do (And doesn't do what an AntiVirus program shouldn't do)
http://free.grisoft.com/