Slashdot Mirror


User: squiggleslash

squiggleslash's activity in the archive.

Stories
0
Comments
12,547
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,547

  1. Re:Obligatory on Lead Developer of SPF Anti-Spam Scheme Interviewed · · Score: 3, Informative
    The other guy responded debunking some of these (although occasionally they were relevent.) However, a more important issue is that your checklist is specific to anti-spam solutions.

    SPF is not an anti-spam system. SPF is an anti-joe-job system. It happens that the most frequent joe jobs tend to come from spammers, however:

    1. Not all joe jobs are spam.
    2. Most spam (looking at my bulk mail folder on Yahoo) doesn't involve joe jobs.

    A number of people are equating this with anti-spam systems, and that's just wrong. I thought one of the most revealing answers in the interview above was:

    CircleID: Who is using SPF today and what level of success has it achieved in the fight against spam?

    Meng Wong: In the six months since we declared a spec freeze, 20,000 domains have self-reported at the online registry; that's probably a fraction of the true total. Lots of domains have published records, including AOL, Amazon, Google, O'Reilly, SAP, TicketMaster, Mail.com, w3.org, Earthlink and Verizon. And the ones who haven't published are working on it.

    We expect adoption to pick up exponentially; according to some estimates, the number of sites checking SPF doubles every three weeks. SPF plugins are available for all the major Mail Transfer Agents (MTAs).

    What's signficant about this answer? It's that it doesn't answer the question. More specifically, it answers the first part of the question, but (rightfully) ignores the second part, because the second part of the question is a "Why are you still beating your wife?" question (a question based upon a false assumption.)

    Proper anti-spam systems are based upon dealing with unwanted email, not dealing with non-relevent characteristics. If you create a system that makes it easier to control who gets your email address (such as my solution, Yahoo!'s AddressGuard(tm), and TMDA), then you're implementing a relevent solution, because dealing with spam is about controlling who sends you email. Likewise, if you operate Bayesian, CRM114, Mail.app, etc, AI filters based upon spam, then you're coming up with a relevent (if imperfect) solution, and the solution can work if combined with a whitelist, especially if you can automate the generation of the whitelist through systems like Camram.

    SPF isn't such a system, it's designed to deal with a totally different issue. Arguably, given that it breaks mailing lists and forwarding and has many other documentable faults, it really ought to be being used as a measure of last resort, though it's a good idea for mail receipients to implement the logic so that domains that are having these issues can make the choice when they find themselves being targetted.

    It'd be nice if every solution to every problem on the net wasn't always promoted as an anti-spam solution...

  2. Re:Just doesn't sound like Google to me... on Affinity Engines Says Google Stole Orkut Code · · Score: 1
    (This post disappeared.)

    Except that Google has launched a commercial service on the back of this code whose copyright, allegedly, belongs to AE.

    It's arguable that AE should sue Google, and Google should in turn sue Orkut Buyukkokten, assuming these allegations are true, and assuming there are no other mitigating circumstances unmentioned in the article.

  3. Re:Just doesn't sound like Google to me... on Affinity Engines Says Google Stole Orkut Code · · Score: 0, Troll
    Except that Google has launched a commercial service on the back of this code whose copyright, allegedly, belongs to AE.

    It's arguable that AE should sue Google, and Google should in turn sue Orkut Buyukkokten, assuming these allegations are true, and assuming there are no other mitigating circumstances unmentioned in the article.

  4. Re:not prosecuted for defacement on Reverse Graffiti · · Score: 1
    Perhaps you'd like to elicidate about what part of my message was relevent to your "response" given I wasn't, anywhere, comparing spam to street vendors. I was making a rather obvious point about the lunacy of believing that market forces will lead to a reasonable balance when it comes to marketing.

    I stand by that, and find your attempt to change the subject so laughable I'm not even going to embarass you by asking you to come up with a relevent rebuttal.

  5. Re:Fox News' stellar unbiased reporting on Supreme Court Rules Against Anti-Porn Law · · Score: 0, Troll
    especially if you think Kerry has an education plan and that it's the news media's job to publicize his campaign for free in the form of "news".
    I'd say it's definitely the media's job to publicise a major Presidential candidate's Education Plan, preferably analytically and critically.

    We're not talking about Coke vs Pepsi here. We're talking about someone who, if people make the choice, will become the next Commander in Chief, who'll have veto-power over every piece of legislation, who'll appoint the leaders of the most powerful institutions in our nation.

    The media has a moral responsibility to inform and to keep our elected officials accountable. I'm saddened how little we see of that these days.

  6. Re:Hey Clueless !! on Impoverish a Spammer Today · · Score: 1

    Why don't you reread what I wrote?

  7. Re:they should get a clue on Court Says Customers May Take IPs Away From ISP · · Score: 1

    I think I figured it out, he runs a FPS game server, right?

  8. Re:not prosecuted for defacement on Reverse Graffiti · · Score: 1
    That's right, after all, it works for spam.

    Oh wait, it doesn't.

    Did it occur to you that the economics of selling on the street might not necessarily have anything to do with the degree to which the numbers become antisocial and a nuisance? Indeed, selling on the street is going to be most economically efficient in areas where a lot of pedestrians need to use an already crowded thoroughfare (because they'll be practically forced to encounter you.)

  9. Re:obligatory paranoia against the "State"? on Reverse Graffiti · · Score: 1

    But could quantum computing be just around the corner?

  10. Re:Okay on Jobs Previews Displays, Tiger at WWDC · · Score: 1
    Yeah, but they also have AppleScript which, supposedly, is OS X's native scripting language. And, of course, OS X has Ruby and Python included too (though probably not with the right hooks in the right places for this kind of application.)

    Not that I'm complaining. Call me perverted if you will, but I actually like JavaScript - most people I hear complaining about it tend to be more annoyed at it in the context of a webbrowser rather than the language itself.

    But it's a bit of a surprise. It also makes it look like a clone (klone) of Konfabulator, which in some respects it is, even if it's the natural evolution of Apple's own Desk Accessories (and/or Hypercard.)

  11. Re:Okay on Jobs Previews Displays, Tiger at WWDC · · Score: 5, Insightful
    They're things like calculators, notepads, etc. Little applications designed to complement the application you're running.

    This is a completely Apple-created innovation and is not a rip-off. Oh no. Definitely not.

    No, I'm serious. Really. Because despite all the talk of it being a clone of Konfabulator, it appears, in essense, to be Apple's original Desk Accessories brought into the 21st Century. Which is nice.

  12. Re:XIne, Mplayer... on Real adds GPL to Helix Player, RedHat/Novell Join In · · Score: 4, Informative
    In some ways, yes. Xine and MPlayer will continue to be popular because they support features that Helix doesn't and never will, most specifically anything to do with DVDs (beyond the ability to play CSS-free DVDs that are not region locked. Oh wait, that violates the patents on MPEG2. Well, ok, then it's still "anything to do with DVDs", at least as far as US residents are concerned.) Helix can't because of the legal issues.

    However, this is also Helix's strength. The fact Helix is playing strictly by the book means it will gain a lot of commercial support. Distros will be able to bundle Helix without being worried about legal issues, unlike XFree86. (Ooer, little bit of Open Source politics there, little bit of politics)

    So expect the rise of Helix and survival of the others. Of course, I prefer VLC to either Xine or MPlayer for playing DVDs... ;-)

  13. Re:SImple... but annoying on Impoverish a Spammer Today · · Score: 1
    I implore you to reread this proposal. This is not a pay-for-email proposal in the sense commonly described, and it only applies to the first email a person sends to another specific individual. Remember, the only "payment" involved is an initial amount of CPU time involved in generating a "stamp" - that's it. No money. Only something that says "I really actually want to communicate with YOU specifically, and I'm prepared to do something on my computer that involves no effort on my part but that if I was trying to communicate with a hundred-thousand people, not just you, would be impossible to do in a reasonable period of time.

    I don't believe any of the downsides popularily attributed to paying for email apply to this system. There's no money involved, no central authority, nothing that would deter an ordinary mail user, mailing lists can be seperately whitelisted (the effort being needed by the person receiving the list, not the mailing list operator), no need to upgrade the software of everyone on the planet.

  14. Re:SImple... but annoying on Impoverish a Spammer Today · · Score: 1
    There is nothign inherently bad with the idea of stamps, what is bad is when it distracts efford from much needed authentication of email senders.
    Since when hasn there been a "much needed authentication of email senders"? Other than destroying privacy on the 'net, how does that help anything?

    The problem we have with spam is not that we don't know who's sending it. Nor does any authentication system proposed beyond draconian international efforts by governments solve the issue that spammers will be able to invent identities in any case, so identity checking will only help counter spam - I'll repeat that ONLY HELP COUNTER SPAM (there are NO other circumstances in which it will help) - for people running WHITELISTS.

    Systems like SPF may help reduce Joe Jobs. They do nothing to counteract spamming. And for the most part they break things, they don't fix things.

    What we want are systems that make it difficult for spammers. I run one myself, similar to the popular TMDA efforts and Yahoo's new system, where every entity I do business with gets a unique email address to contact me by. And you know what - I don't have a problem with spam (at my home address), spamming is rare, I never get messages lost thanks to false positives, it works. Likewise, this system looks like it will actually work.

    It may not fit your agenda, but from the sounds of things, you lost sight of the aim a long time ago and got too wedded to a "solution" to some minor irrelevence - and that's assuming you're anti-spam at all.

    Sorry if I sound angry, but I am. Anti-spam zealots are destroying the 'net in a way that the spammers never did.

  15. Re:Agree on Impoverish a Spammer Today · · Score: 1

    It doesn't drop email, it only passes email. Any email it can't pass goes to your regular spam filtering system.

  16. Re:I hope it's better than their phone service on Cingular To Offer Mobile High-Speed Internet · · Score: 1
    I'm a bit of a GSM phone geek. I have several GSM mobile phones, including a Motorola T720, Nokia 9290, Seimens S46, and others. All phones I have are calling AT&T's signal "AT&T Wireless". Additionally, if I roam onto Cingular, then they'll report Cingular or Cingular Wireless as the carrier. If I do a network search, three networks come up: AT&T Wireless, T-Mobile, and Cingular Wireless. As a last resort, I checked with a fairly ancient Ericsson I own, the most straight-GSM of all my phones, it too said "AT&T Wireless".

    BTW, GSM towers don't transmit a name, they transmit a carrier ID which is converted to a name by the SIM card. AT&T Wireless has the code 310-380, for example, Cingular has 310-150, 310-170, and 310-410.

    It's possible that your ATTWS employee friends are saying that in new SIMs, the ID associated with the ATTWS signal is being displayed as Cingular, but I doubt it. I suspect the individual concerned is just confused.

    You might want to take a look at the AT&T forums, where issues are still arising because of roaming, the major one being the "The minutes you use while roaming on Cingular this month may be taken out of next month's minutes".

  17. Re:SImple... but annoying on Impoverish a Spammer Today · · Score: 1
    First time contacts mailing me a pointer to info I may want to write about form a very important part of my email.
    And for them, for that group that chooses not to stamp their email, how is their situation any worse with this system than it is today?

    (I'm assuming you read the whole thread and know what this system actually involves.)

  18. Re:SImple... but annoying on Impoverish a Spammer Today · · Score: 3, Insightful
    Bayesian, CRM114, etc, filters are systems that aren't perfect, and over time spammers will find ways of getting past them. This will, in turn, cause the buttons to be twiddled to filter out more and more mail, getting rid of a significant amount of legitimate email at the same time.

    Your example of "Email from nonspammer - not going to get filtered, if it does, will send again." is somewhat flawed. Do you think a (reasonable) spam filter will not detect two similar emails from apparently the same source and draw the obvious conclusion? Looking at my Yahoo! Mail Bulk Folder, the spammers are sending me the same emails every day, often with the same From: lines.

    Ultimately, yes, they'll find a way to contact you for the first time, but it'll take a little trying and they will not necessarily know they failed at all. Or they can send you a stamp with their first email, and everything will just work.

    What this system does is provide a mechanism that guards against the destruction of legitimate email and ensures you are always easily contactable by anyone making the effort to contact YOU specifically. If the time comes that your filters are useless, you can turn off those filters, turning them on again for those occasions you're expecting legitimate non-stamped email.

    As far as the last sentence goes, the economics are all wrong. Spammers want to send email to everyone. If this idea has widespread adoption, they'll need a few billion dollar's worth of Apple G5s to get a single message out. If this idea doesn't, well, they're not going to even care much about not being able to contact you. It's a win-win situation for you, and a lose-lose situation for the spammers.

  19. Re:I hope it's better than their phone service on Cingular To Offer Mobile High-Speed Internet · · Score: 1
    That just means that Cingular's signal is stronger where they are (or that there's no AT&T GSM coverage where they are)

    Tell them to be wary. If you use more minutes while roaming than on network for three months in a row, AT&TWS may (and has in the past) throw you off their network, and make you pay a disconnection fee if your contract hasn't expired.

  20. Re:Found one on Cingular To Offer Mobile High-Speed Internet · · Score: 1
    Actually, throughout time, I've used one2one, Orange, AT&TWS PCS (IS-136), Sprint PCS, Cingular (IS-136), AT&TWS GSM, and T-Mobile. Of the non-UK operators, T-Mobile was most definitely the highest quality and most reliable. Sprint PCS was probably worst, followed by Cingular.

    That was in this area. Like I said, service varies from area to area. T-Mobile's GSM service on the Treasure Coast is very, very, good, and almost as good as one2one and Orange.

  21. Re:SImple... but annoying on Impoverish a Spammer Today · · Score: 5, Informative
    That's actually what this system does.

    The algorithm appears to be:

    Does it have a stamp? If so, add to white list and PASS
    Is it on the white list? If so, PASS
    Does it pass a CRM114 check? If so, PASS
    Otherwise, FAIL.

    The information is on the configuration page. It ought, I think, to be in their FAQ.

  22. Re:The problem is... on Impoverish a Spammer Today · · Score: 0, Redundant
    For one thing, most spam I get is claiming to be from a known source (ie someone who knows me has a worm and is spamming from their address book).
    I think your experience is abnormal in that regard. Yahoo!'s bulk folder for my Yahoo address generally never contains names I'm familiar with except the occasional misdirected email (ie something Yahoo marked as spam that wasn't.) I haven't heard anyone make such complaints.
    Also, white lists dont deal with the fact that a lot of email is from first time corresponders such as online retail outlets.
    The system falls back to CRM114 for those emails that do not pass the white list. Generally the thing seems to be designed as much as possible to prevent legitimate email from being dropped. One might even describe it as a way to fix the holes the various anti-spam systems are creating in the integrity of the email system.
  23. Re:Hey Clueless !! on Impoverish a Spammer Today · · Score: 4, Informative
    Actually, much as I find this checklist amusing, in this case I think most of your checkboxes are misplaced.

    The first is semicorrect, but remember the system falls back to whitelisting and CRM114 if an email arrives without a stamp. You can always whitelist mailing lists even if you feel confident enough to turn off the CRM114.

    (x) It is defenseless against brute force attacks
    Yes, but to perform a useful brute force attack, from the point of view of a spammer, you'd need to hijack more computers than exist on Earth.
    (x) Users of email will not put up with it
    Again this goes back to the fall-back. This is a "only if both parties choose to play will they benefit, and if one chooses not to they lose nothing" scheme. So users of email will put up with it.
    (x) Requires immediate total cooperation from everybody at once
    No it doesn't. Again, players benefit, those who opt out lose nothing, they end up back with their sent emails screened by users with whitelists and CRM114, which is no different to the situation right now.
    (x) Many email users cannot afford to lose business or alienate potential employers
    Again...
    (x) Lack of centrally controlling authority for email
    Doesn't require a centrally controlling authority. In fact, this is touted by the proposal's proponents as being one advantage it has over the stupid identity verification systems proposed by anti-spam zealots.
    (x) Unpopularity of weird new taxes
    This proposal has nothing to do with taxes.
    (x) Public reluctance to accept weird new forms of money
    No money is sent. Look, it's quite simple. You have an email client that, on sending email to someone for the first time from a particular email addresses, generates a "stamp" which is computationally difficult to generate - ie it'll take some time. There's no money involved, except in that people wanting to send huge amounts of email may - may mind you, not will, depending on how they send the email - have to invest a few billion in Apple twin G5s.
    (x) Dishonesty on the part of spammers themselves
    No, spammers can be as dishonest as they wish. They'll have to be unbelievably smart to get around this.
    (x) Blacklists suck
    What blacklists?
    (x) Sending email should be free
    It still will be.
    (x) This is a stupid idea, and you're a stupid person for suggesting it.
    I think this is a remarkable idea, and is the first rational anti-spam system I've seen proposed for a while. It solves the false-positive problems inherent in AI filters like Bayesian and CRM114. It doesn't hurt innocent parties. It's interesting, I'd like to see more analysis but I think it actually has a chance of working.

    Which presumably means the anti-spam zealots will fight it with all they can muster...

  24. Re:AT&T on 429,000 Do-Not-Call Complaints · · Score: 4, Funny
    No they're not.

    They're exempt from FTC enforcement because they come under the FCC's jurisdiction. The FCC issued a ruling that requires companies under their jurisdiction follow the Do Not Call list too with the same penalties.

    As that stupid two minute thing has kicked in, here's another joke shamelessly copied from Guardian Talk's Haven's Any Good Jokes thread:

    An American tourist in London found himself needing to take a leak something terrible.

    After a long search he just couldn't find any public bathroom to relieve himself.

    So he went down one of the side streets to take care of business.

    Just as he was unzipping, a London police officer showed up. "Look here, old chap, what are you doing?" the officer asked.

    "I'm sorry," the American replied, but I really gotta take a leak." "You can't do that here," the officer told him. "Look, follow me."

    The police officer led him to a beautiful garden with lots of grass, pretty flowers, and manicured hedges. "Here," said the policeman, "whiz away."

    The American tourist shrugged, turned, unzipped, and started pissing on the flowers.

    "Ahhh," he said in relief. Then turning toward the officer, he said, "This is very nice of you. Is this British courtesy?"

    "No," retorted the policeman. "It's the French Embassy."

  25. Re:AT&T on 429,000 Do-Not-Call Complaints · · Score: 1
    Spammers are (usually) spamming legally too. Indeed, the FTC actually rejected getting laws passed against spamming recently citing how unenforcable they'd be.

    Telemarketing and spamming is antisocial and obnoxious, legal or otherwise. They're both at the same level as far as I'm concerned.