I had said: "#1. ISP's block port 25 by default. That gets rid of all the zombie machines.
Now you only have to deal with 50% of the spam."
Now YOUR "counter" to that was: "Spam did not increase by 50% the day that zombie machines came into existence."
Lie number... oh hell, I've lost count." That was a blatant, outright, despicable, lie. Here's the actual context of that reply:
Well, what they did BEFORE they had the zombies was SEND OUT LESS SPAM!
Spam did not increase by 50% the day that zombie machines came into existence. It's stayed on a steady increase and some of the spammers simply shifted from open relays to zombie machines for economic reasons. It was cheaper to steal bandwidth from some numb-nuts user than pay for it themselves.
And here is a link to the message where I made that statement, thus proving that you are a liar. Since you quoted the text word-for-word, I know that you went back to find the text and, therefore, you purposely fabricated that exchange by pulling your statement and mine two separate messages!
Hey, I didn't say ANYTHING about "the day". YOU were the one that inserted that.
Since I had NOT said it, but you tried to imply I had said it, that was a LIE.
Another of your lies and an attempt to change the subject. First you said that the spam increased by 50% the week that zombies came into existence and then you claimed that you had said that the 50% increase was "likely the week that they came on line." First a flat-out assertion and then a lie that you couched it with the term "likely."
So you found a tech writer who used flawed logic to spice up a story! There's a first. I know people who run mail servers on Comcast and they send no spam and I think that it's pretty unlikely that I have met every Comcast user who runs their own mail server.
Since I don't believe you administer any domains, I really don't care what your claims are.
Unlike you, I am not a liar. I also administer domains for commercial clients, but it would be improper to reference them by name in this discussion and without their permission. Now what domains do you run? Show me little man!
My experience shows that blocking open relays removes 15% of the spam. Since my reply to was to claim that "You make up numbers", referencing my experience is a valid citation.
But you didn't reference your experience. You made a blanket statement that if *I* blocked open relays at the firewall, *I* would see a 15% decrease in spam. This is why chronic liars like you should avoid people with good memories.
#1. Block port 25 - no more zombies - spam is reduced to 50%. You have yet to show that this is impossible.
Yes, I have. As I have told you repeatedly, there are many business accounts at ISPs and those accounts need to have port 25 open. Since I have received spam sent through zombies on commercial accounts (one was even the company's web server), and that disproves your claim that there will be "no more zombies."
All you can do is claim that the spammers will now spam mailing lists and send a fraction of the spam through legit servers.
No, I said that they would also go to open relays and foreign ISPs just like they did before the zombies came on the scene. People were bombarded by spam long before the zombie machines ever existed. The amount of spam will hardly decrease at all. It did not, despite your lies to the contrary, go up 50% the week that spammers started using zombies. It's also idiotic to claim that something requiring almost every IS
Lies obviously make you feel better...
on
CAN-SPAM Is A Bust
·
· Score: 1
I said that I wouldn't reply, but it's just too good to pass up...
No, YOU are the one that went on about that. I am the one that said that 50% of the spam I receive is from zombie machines.
Lie number one. You wrote:
Start with 100% of the spam.
#1. ISP's block port 25 by default. That gets rid of all the zombie machines.
Now you only have to deal with 50% of the spam.
You stated that zombie machines accounted for 50% of my spam (and by implication, all spam), not yours.
You tried to imply that I had claimed that there was a 50% increase in spam the DAY the zombies went on line. I said that that was incorrect. It was more likely the week that they came on line.
Lie number two. You wrote:
"Spam did not increase by 50% the day that zombie machines came into existence."
Not that day, but that week.
You didn't say that it was "likely" that it did. You stated, flat out, that it did increase that much in one week, something which is a blatant lie in and of itself.
"...a "billion" pieces a day from 1,000 zombies,..."
Comcast has stats showing that 800 million pieces of mail come from their network BUT only 100 million come from their servers. That's 700 million pieces of email (spam) from them.
Lie number three. All e-mail from Comcast's network is spam unless it went through Comcast's servers; there are no mail servers run by non-spamming users.
Lie number four. There are 700 zombies sending spam on Comcast's network (because you have declared that each zombie sends 1 million per day (1 billion per 1000 zombies).
"...open relays account for 15% of spam,..."
Again, from the spam I get, that is correct.
Lie number five. You wrote:
#2. Block the open relays at your firewall.
Now you only have to deal with 15% of the spam.
You asserted that it would block 15% of the spam at my domains if I blocked open relays at the firewall. You didn't say 15% of your spam is from open relays.
I didn't attack the numbers.
Lie number six. You wrote:
Again, you cite numbers whose ONLY support is an "anonymous coward"'s posting on/.:D
Again, your ONLY "support" for this statement has been an "anonymous coward" posting on/.
Again, you attempt to "support" your position with un-supported references to what an "anonymous coward" posted on/.
You didn't ask what the source of the number was. You didn't question how I knew that the number was right. You attacked the number as being unreliable.
I attacked how you were using them AND I supported that with references to their FAQ.
Lie number eight. You attacked me, not how I used the numbers and you did not "support" anything. You also tried to claim, without evidence, that many of the ORDB entries were no longer open relays but that no one had requested their removal. Note that you did not mention that there could be many open relays are not in there because they haven't been reported yet.
I'm sure that you will come back with some kind of weasel-words to try to save face, but you, I, and anyone reading this thread will recognize that you have lied, made false assertions, and pulled numbers out of your ass throughout this exchange.
If you have to lie to support your self-image, well, I guess that's what you have to do.
I'm tired of your trolling. You're so busy trying to prove that you are right that you refuse to listen to reason. You make up numbers (50% increase in spam the week zombies became available, a "billion" pieces a day from 1,000 zombies, open relays account for 15% of spam, etc.) and then attack the numbers that I get from reputable sources like ORDB.
If you want to dance around proclaiming victory, go for it. I am not willing to waste any more time replying to your trolls.
Re:Don't hate me because I'm beautiful.
on
CAN-SPAM Is A Bust
·
· Score: 1
Or maybe you just strung together a bunch of words in an attempt to impress me.
Could be, since you apparently lack the technical expertise to evaluate the terminology.
Well, what they did BEFORE they had the zombies was SEND OUT LESS SPAM!
Spam did not increase by 50% the day that zombie machines came into existence. It's stayed on a steady increase and some of the spammers simply shifted from open relays to zombie machines for economic reasons. It was cheaper to steal bandwidth from some numb-nuts user than pay for it themselves.
And you STILL have not provided ANY specifics on what they would do to send out the same amount of spam without the zombies.
They would go back to open relays and foreign ISPs. It costs a bit more, but it's still economically viable (explaining why they did that before zombies existed).
"There are 225K+ open relay sites (see the post from the other guy who smacked you down hard)."
Yet no one has provided ANY support for that statement. While MY research shows fewer than 100 sending me spam. And Netcraft shows only 53,341,867 domains (buy only around 22 million active sites). Given that a large portion of these are HOSTED, the 225K+ would mean an incredibly large percentage of email servers were configured incorrectly.
Oh, did I use too many numbers there? Are you confused again?
Astounded, yes. Confused, no.
"a. Open relays. These show up on a regular basis due to new, misconfigured mail servers coming on line. There are already over 225K of them known and for every one that goes away, another one comes online."
Again, you cite numbers whose ONLY support is an "anonymous coward"'s posting on/.:D
If you weren't so fscking stupid, you could have looked up the numbers just like I did. Go to the link that I provided.
What was that about C2 security?:)
You wouldn't understand.
"b. Foreign spam-friendly ISPs who will give them outgoing e-mail for a handsome price."
Which destroys the economics of spam AND is easily handled by spamassassin.
Chinese and Brazillian ISPs, for example, already sell services to spammers. They send the spam. They host the domains. Obviously that disproves your claims about the economics.
"c. List servers (topica, Yahoo!, etc.)."
Only applicable if you have specifically opted in to those lists.:D (Remember where I said your DEMONSTRATED level of knowledge was ZERO?)
Dearest Dumbfuck, If I "opt-in" to receive e-mail from a large computer security mailing list and some spammer sends an "herbal v1agra" ad to the list, I haven't opted in to see his e-mail. It's a constant problem with mailing lists and why many have gone to manually moderation systems. Again, that you are unaware of this shows just what a newbie you are.
"d. Distributed mass mailings with Zombie machines going through their ISPs' mail servers. If the ISP limits e-mail to one every 30 seconds and there are 1,000 machines, that's 120,000 pieces of spam per hour."
Yep. That's what is called "reduction". Instead of a thousand machines sending a total of a BILLION messages a day, the spam load is reduced to 120,000 an hour.
So what? You didn't solve the the spam problem through technological means. (Nice try at mixing up days and hours to try to make your brown number look more impressive.)
Not to mention that the ISP's email server would show up in services like SpamCop and the RBL's and the ISP could then take action as Comcast has done in the past and cut off service to those machines until they're cleaned.
No major ISP is going to blacklist MSN, Earthlink, Comcast, etc. while those ISPs are playing whack-a-mole with their constantly changing in
His idea of a mail server is something that he set up under Windows for himself and two buddies. He actually said that there are only about 100 open relays sending spam to his server, so that should tell you what a piddly-assed domain that is.
He thinks that getting rid of zombie machines will cut the spam in half. I guess he figures those spammers will just give up rather than going back to another delivery route.
He honestly thinks that it's feasible to block 225K (thanks for that research) open relays at a firewall and has no idea how one would get the addresses in there in the first place, much less maintain them.
He thinks that rate-limiting outbound e-mail at ISPs is going to have a big effect, like ISPs in Thailand, China, Brazil, Korea, and everywhere else in the world are going to all join hands as one big happy family to implement this idea.
The Technology You Need Is Shock Treatments
on
CAN-SPAM Is A Bust
·
· Score: 1
Strange, it seems that you're the one that can't count, doesn't understand what port 25 is and has problems with basic firewalls. Yet you think you're smarter than I am?
I know that I am smarter than you are. I headed up a team getting a C2 evaluation on a network, have set up encrypted, tunneling links, and have configured more routers and firewalls than you'll ever see. I'm also smart enough to know that SMTP is outbound TCP traffic on port 25, not just "port 25."
But WHAT would they do instead?
What did they do before there were zombie machines, or were you still in jr. high then?
What is your basis for saying that a firewall couldn't handle it?
Professional experience installing and configuring hardware and software firewalls from the biggest names in the business (Cisco, for example). How do you propose that an ISP keep such a firewall up to date? Are they supposed to have a team of 100 people constantly testing, entering, and removing IP addresses?
From my server, there are fewer than 100 open relays sending me spam. It's easy to block 100 sites.
There are 225K+ open relay sites (see the post from the other guy who smacked you down hard). MSN, AOL, Hotmail, Yahoo!, or any major ISP has thousands of open relays sending them spam and they have to block the ones that haven't sent yet. You're coming up with hobbyist solutions that don't scale.
I'll try to make this simple enough for you to understand it:
1. Zombie machines are just one spam conduit. Take them away through outbound port 25 TCP blocking and the spammers will revert to the methods that they used before. Those include:
a. Open relays. These show up on a regular basis due to new, misconfigured mail servers coming on line. There are already over 225K of them known and for every one that goes away, another one comes online. b. Foreign spam-friendly ISPs who will give them outgoing e-mail for a handsome price. c. List servers (topica, Yahoo!, etc.). d. Distributed mass mailings with Zombie machines going through their ISPs' mail servers. If the ISP limits e-mail to one every 30 seconds and there are 1,000 machines, that's 120,000 pieces of spam per hour.
2. You can't block open relays at a firewall because the targets are constantly moving and there are far too many of them.
3. You can rate-limit outgoing e-mail for residential users, but that does nothing to stop the hundreds of thousands of open relays that you couldn't block (remember number 2?).
"Polite"? You're dumber than a box of rocks. How can you tell what "polite" is?
If you doubled your IQ, you might be my equal. Right now, you're just a little kid trying to play with the big boys and you are hopelessly out of your league.
#1. ISP's block port 25 by default. That gets rid of all the zombie machines.
If that happened, the spammers would stop using zombie machines and go to different methods. Unlike you, they are smart enough to stop doing something when it stops working.
#2. Block the open relays at your firewall.
Your lack of reading comprehension is doing you in again. As I wrote before:
If you generated a rule to exclude every open relay on the Internet, the firewall, if it had the storage for that many IP addresses, would slow to a crawl. If the relay opens at 2:10AM and the spammer starts blasting your domain at 2:14AM, then I guess that relay wasn't in the list, was it?
#3. ISP's rate limit email.
The spammer won't go through an ISP rate-limited e-mail server, as I've tried to tell you repeatedly. They will go through open relays at small businesses. They will contract with ISPs in other countries. They will get business-class service with no ports blocked (since businesses need to run mail servers, they don't get services with port 25 blocked).
There, 99.9% of the spam never gets to you AND all the bandwidth is saved.
So all it requires is the cooperation of every domain on the Internet to block port 25, rate-limit e-mail, and never create an open relay without blacklisting it first. BWAHAHAHAHAHAHA!
I gave you the technological solution to the spam problem.
No you didn't. A whitelist as a technological approach to fighting spam is like cutting off your hands to keep from biting your nails. You broke the entire concept of e-mail and you call that a solution?
You didn't like it that it required the ISP's to implement it.
So you gave new criteria that YOU would NEVER receive ANY spam AND that it be something that YOU only had to implement on YOUR side.
Now you're changing your criteria, again.
Have your mommy read the original post to you again:
So invent the technology, get support for it, get it deployed, and solve the problem.
See, four things: Invent, get support, deploy, solve. The original criteria hasn't changed.
You came up with half-baked solutions that could not be implemented -- like every ISP in the world blocking outgoing TCP port 25 regardless of whether the user was a consumer on a residential dial-up or a business on a T1 line. You suggested absurd things like programming every IP address of every open relay in the world into your firewall. Yeah, that's real practical -- assuming that your firewall has infinite speed, infinite memory, and you are clairvoyent so that you can tell when an open relay comes online. How is an ISP supposed to rate-limit e-mail coming from a business customer's server?
Why don't you take a little nap and have some cookies and milk and try to collect your thoughts and grow up a little before you show off your ignorance in a public forum next time?:)
You make a fool of yourself with stupid recommentations that are destined to fail for technical, practical, and business reasons and then claim that I'm ignorant? Hell, even after I shoot your idiotic ideas down, you just keep repeating them. Try again.
Re:And yet again! Technology has solved it.
on
CAN-SPAM Is A Bust
·
· Score: 1
I don't like your rude, smart-assed tone. So don't expect this to be polite like my previous reply.
It's called a "firewall". You can update the "firewall" to reject connections that come from known open relays.
Don't even talk about firewalls. You know nothing about them. If you generated a rule to exclude every open relay on the Internet, the firewall, if it had the storage for that many IP addresses, would slow to a crawl. If the relay opens at 2:10AM and the spammer starts blasting your domain at 2:14AM, then I guess that relay wasn't in the list, was it?
So they spontaniously appear? That's amazing. I though auto-genesis was disproven years ago. Imagine my surprise.
Who said anything about spontaneously appearing? It's the result of human error or malice (like your birth). Some dipshit at a small business brings a server on-line configured as an open relay. Or they switch from Microsoft Exchange to MailEnable and misconfigure the new software. Poof! The open relay appears.
Meanwhile, I thought I covered that in the portion about ISP's locking down port 25 on their networks. Silly me.
You are mistaking silliness for ignorance. An ISP providing business-class service can't lock down port 25 or the businesses to which they provide connectivity can't run mail servers.
You do know what port 25 is, don't you?
My knowledge of computers, computer security, and protocols far exceeds yours. Unlike you, I run mail servers and firewalls for multiple domains while you probably rely on AOL or MSN to deliver your e-mail.
You haven't heard of the "usenet death penalty", have you?
What the hell does Usenet have to do with e-mail? You don't even understand how the Usenet Penalty Works, do you? When a UDP is issued, any messages posted to Usenet from that domain will be cancelled. What the hell good does that do when someone spam e-mails? Is AOL going to "cancel" the e-mail that some Chinese spammer sends to MSN? Many ISPs don't even provide Usenet services anymore. See how upset Chinanet is with your threats of a Usenet Death Penalty.
Been over that. It's called "rate limits".
How do you propose to enforce a rate limit on a business customer who runs his own mail server?
Sure there is, it's called a "white list". You configure the firewall to ONLY allow email access from sites you completely trust. If you've configured it correctly, you'll never get any spam. If you haven't configured it correctly, well, that's a failing on your part.
What a stupid suggestion! That's like saying that cancellation of your ISP service is a technological solution to the spam problem. If it breaks e-mail or causes you to have to spend man-years configuring and maintaining it, then it's not a technological solution. If I post my resume on a job site and can't receive e-mail from prospective employers, then e-mail is broken.
That's like saying that a whitelist of phone numbers is a technological solution to telemarketing. Nevermind the fact that your wife is trying to reach you from a payphone in a dark parking lot where her car battery is dead.
Go back to your AOL chat room and leave e-mail and firewalls to us pros.
Re:todays debt is $7,305,957,273,110.85
on
CAN-SPAM Is A Bust
·
· Score: 1
There is only one way to FAKE/SCAM your way out of massive debt, and thats MASSIVE inflation, you simply make the 7trillion devalue so much that its worth barely the price of 1 weeks taxes, instead of 7 years taxes. You just runup general inflation faster than official bank interest rates and before you know it, youve devalued your debt faster than it would have done so by just paying it back, until you have to revalue the currency and call $1000USD, $1NEWDOLLAR, or $1EARTHDOLLAR. This way all the banks are scammed out, and so are most investors who 'lent' that money.
Interesting theory, but it won't work. Much of the federal debt is held by foreign investors and banks. They want interest paid to them in their currency, which only grows in value if there is inflation in the U.S. There are countless other flaws with that "plan," but it was a nice try.
There are lots of reasons why people will resist implementing the technological fixes, but that does not mean that they do not exist.
As I described before, there is no technological fix for other domains having open relays. They pop up on a constant basis. They aren't static and could not compose a list of them today that would be valid next week. There's no fix if some Chinese ISP chooses to temporarily uncap some spammer's outgoing e-mail rates for a fee. There's no fix for a spammer buying IP space in Brazil, blasting out a spam run, and then moving to another IP address, maybe at a different ISP.
A technological solution to the spam problem means that I implement it and get no more spam at my domain. If it requires the cooperation of almost every ISP and domain on the Internet, it's not a solution.
To really solve this, we would have to make spamming economically unattractive to the spammers. And we can do this by everyone always repying to all spam.
Spammers don't use their e-mail addresses on spam. My domain was flooded with bounces, complaints, and threats because some spammer sent out spam with a forged From: address on my domain. All that replying does is further harm innocent third parties.
Re:Technology has already solved the problem.
on
CAN-SPAM Is A Bust
·
· Score: 1
The vast majority of spam I see is from zombies.
Technological solution: ISP's block outgoing port 25 service from their networks, except for their mailservers.
That's what I ask them to do when I complain but many don't see that as viable because of support headaches from customers who have laptops configured to use their mail servers at work. They don't want XYZ corporation telling its employees to change ISPs. XYZ corporation may require that the e-mail pass through their servers for virus scanning, content scanning, adding on disclaimers, etc.
The next largest segment is from open relays.
Technological solution: Block those addresses.
They pop up constantly due to servers coming online, misconfigurations of previously closed SMTP servers, switching mail server software, etc. Spammers find them and sometimes blast out millions of messages before the blacklists catch up. You also ignore the fact that various blacklists have been the subject of DoS attacks, so you can't rely on them being up.
Which leaves spammers with their own accounts on ISP's.
Technological solution: ISP's put rate limits on outgoing email.
Nice, simple and easy to implement.
There will be a few issues with that, such as mailing lists, but those should be easy to handle on a case by case basis from the ISP.
That's actually not so easy to implement on many mail servers. There are also other issues like 'I'm out of the office' autoreplies. If all I have to do to get your e-mail shut down is send you 100 messages in rapid succession, that's asking for abuse.
Technology has solved the problem. But getting the ISP's to implement the technology isn't easy. Some of those ISP's are very happy to host spammers for a price.
If ISP's haven't implemented the technology, then the problem isn't solved. The problem is only solved when people stop receiving spam.
Technology hasn't stepped up to the plate...
on
CAN-SPAM Is A Bust
·
· Score: 5, Interesting
I really think my tax dollors could be spent on something better..like maybe giving it back to me.
I don't want to hear any more right-wing whining about getting tax dollars back until the federal debt is paid down. I don't want my taxes to be wasted to pay for interest on a debt accrued largely by fiscally irresponsible Republicans like Reagan, Bush, and the younger Bush.
spam is a techinical problem that can be solved through technical means.
THEN FUCKING SOLVE IT ALREADY! We've had this problem for a decade and people like you keep saying that technology can solve it. So invent the technology, get support for it, get it deployed, and solve the problem. You're watching people drown in spam and you keep telling us that the government should do nothing because you're planning to pull a technical solution out of your ass. Some day.
Anything else is just an excuse to have government regulate computer use.
I think that the government should regulate computer use so that idiot conspiracy theories like yours don't waste bandwidth and storage on the net.
This, ironically, shows why the average person should not be allowed to cast votes on most issues. It is alarming to consider that, on a referendum to adopt electronic voting, people who couldn't successfully configure an e-mail client have votes that count just as much as those of skilled computer professionals.
The reason that so many people despised the original Dragon's Lair was its unresponsiveness. If you were a millisecond early or late (their definition of the proper time was the key) in hitting a control, you died. You had no real control over the game. It was a long movie with the ability to fork off into numerous death scenes.
I'll date myself (something I couldn't convince others to do at the time) and say that I was a video game fanatic when Dragon's Lair came out. I loved the classics like Missile Command, Defender, Aliens, Galaga, and Asteroids, as well as liking less-well-known games like Moon Cresta, and Sundance. I drained about $5 into Dragon's Lair before the horrible gameplay made the graphics annoying rather than astounding. I could play Missile Command and it was skill, not memorization, that decided the score. Same with Defender, Asteroids, and most of the other classics. Sure, there were some people who memorized patterns for some games, but we serious players viewed them as losers with quarters (or tokens).
There will be people who say that memorizing the Dragon's Lair game requires skill, too. Well so does playing polka music, but you won't find Eric Clapton high-fiving an accordion player and giving him backstage passes anytime soon. Just because something requires skill doesn't mean that it deserves praise.
Of course, I don't wear them at night. I've never met an eye doctor who thought that was anything but stupid.
What do you mean "of course"? Many ophthalmologists have no problem recommending overnight wear. That's the whole idea behind the "extended" portion of "extended wear." The FDA has approved many extended wear lenses for 7 day periods and two have been approved for 30 day continuous wear -- and the FDA employs doctors, you know.
These reshaping contacts are rigid ones you wear at night. Sounds like a recipe for serious problems.
I wore extended-wear contacts for a couple of years (no, not two years straight, smartasses) but finally had to give up on them. I had problems with my eyes drying out too much at night. I'd wake up to find the contact on the pillow or I'd blink and it would pop out. Sometime's they'd pop out after a long day as my eyes dried out. I got eye infections from the irritation and even had problems with the surface of my cornea being torn. That was with properly fit, state of the art, extended wear soft lenses of multiple types provided by my ophthalmologist.
I recognize that my experience is atypical, but it's not extremely unusual either. You may or may not have problems with the lenses, but don't ignore problems and assume that they will go away if you undergo that treatment. It sounds like the lenses that you would get would be less comfortable and forgiving than extended wear soft lenses.
Umm. No. If your OS has a security problem (IE: A Bug) then you need to update it because it's broken. Downloading Anti-Virus Definition Lists is not updating, it's keeping your virus definitions current. Totally different than updating the firmware on a piece of hardware.
Don't you realize that "firmware" on a piece of "hardware" is the "OS" and that the "hardware" is nothing more than a computer? "Keeping your virus definitions current" is "updating." Update definition -- To bring up to date: update a textbook; update the files.
Does your router have a bug or security problem? How do you know? Have you hooked the engineers who wrote it up to a polygraph? For all you know, they quietly fixed a horrible, gaping security hole when they bumped the rev level of the software. You have to remember that this is a for-profit business. If D-Link were to publish a security flaw that they discovered, all of their customers who had not updated would be vulnerable -- and that would hurt their reputation and future sales.
Now if there was a problem with the hardware, then updating the firmware is fine.
Updating firmware does not fix hardware problems. If your router is randomly resetting as a result of a defective capacitor, updating the firmware won't fix it. If one of the ports is fried, new firmware won't fix it.
I didn't say that you should not update if there isn't a problem. But you should not update for the sake of updating is all I'm saying.
In general, you should update any time there is a new version. You don't know what fixes are included or whether there is a serious security flaw or bug in your firmware that you just haven't personally encountered yet.
I've never seen a hardware router that could sniff packets or would divulge any personal information, or connect to other computers on the network in file retreival mode (the closest thing to this is passive upload TFTP). The best they could do is shut the internet off.
[Sound of clue-stick whacking SinaSa on the head] If I had a backdoor password to your router that let me control it (as per the one described in the article above), I could turn on port forwarding such that I could send data to your machines. I could put them in a DMZ, effectively disabling the firewall. I could, depending on how open your network was, enable Windows file sharing between my network and yours. I could use the connection to send spam through your ISP. I could post kiddie porn to web sites and newsgroups over your connection. I could get on Kazaa and share gigabytes of copyrighted music. All of which you would be blamed for.
1. What feature did you NEED, when you flashed the firmware.
The one that stops Ukranian hackers from using a backdoor to access his router, Internet connection, and his personal network.
2. Why didn't you buy hardware that had that feature to begin with.
You will find that the vast majority of routers are sold with damned little information. Look at the boxes and web sites and tell me which routers let you forward a range of ports rather than individual ports. Tell me which ones have hard-coded IP addresses for time servers, which ones have a drop-down list of time servers, and which ones let you enter the IP address freely. Tell me which ones let you limit wireless access by MAC address while letting you have open access on hardwired Ethernet. Tell me which ones have a problem with the web-based admin that causes it to not work properly with Mozilla. Gee, maybe it's not so easy after all.
First: don't fix it if it isn't broken. Never upgrade the firmware unless your having problems.
That's like saying that you should never install OS security patches until someone has broken into your PC and that you should never update your anti-virus software unless your computer has become infected with a virus.
We are talking about a router with a firewall. It's the only thing between his computers and the rest of the world. Linksys may have discovered a serious security flaw and the update includes a correction for it (no, I don't trust them, or any other for-profit company, to disclose such flaws rather than quietly fix them). Maybe the wireless section has a flaw which lets people hack into it. Maybe there is a backdoor that has been closed off by the new firmware.
I don't buy the idea that you shouldn't update the firmware until you, personally, discover some horrible flaw that may already exist in it.
Meh. I'm British so I was technically wrong in the subject:)
I was just feeling frisky, so I figured I'd give some random stranger a hard time and you happened to be on the receiving end. Now back your your regularly scheduled "programme."
No, they are analog. "Analogue" is a British spelling using unnecessary letters at the end which serve no purpose and lead to confusion about pronunciation for those learning English. That's why Americans have dropped that archaic affectation of British spelling. At least you got it right in the subject line.
Some (esp *cough* power users *cough* of some commercial *cough* operating system *cough*) users simply cannot grasp the concept that skimming through headers and comments in sources is the best documentation there is.
If you weren't just pretending to be a "l33t h4ck3R" to impress your little Slashdot buddies, you would recognize that an open source project like OpenOffice encompasses about 30,000 files and 9 million lines of source code. Yeah, it will be really practical to skim the comments and headers in that, won't it? You can't write software, so quit pretending. If you actually could write software, you would have recognized that many open source projects consist of millions of lines of code and tens of thousands of files -- and you would have never said anything so absurd.
Slashdot Mirror
I had said:
"#1. ISP's block port 25 by default. That gets rid of all the zombie machines.
Now you only have to deal with 50% of the spam."
Now YOUR "counter" to that was:
"Spam did not increase by 50% the day that zombie machines came into existence."
Lie number... oh hell, I've lost count." That was a blatant, outright, despicable, lie. Here's the actual context of that reply:
And here is a link to the message where I made that statement, thus proving that you are a liar. Since you quoted the text word-for-word, I know that you went back to find the text and, therefore, you purposely fabricated that exchange by pulling your statement and mine two separate messages!
Hey, I didn't say ANYTHING about "the day". YOU were the one that inserted that.
Since I had NOT said it, but you tried to imply I had said it, that was a LIE.
Another of your lies and an attempt to change the subject. First you said that the spam increased by 50% the week that zombies came into existence and then you claimed that you had said that the 50% increase was "likely the week that they came on line." First a flat-out assertion and then a lie that you couched it with the term "likely."
Reference:
http://news.com.com/Attack+of+Comcast' s+Internet+z ombies/2010-1034_3-5218178.html
Deal with it.
So you found a tech writer who used flawed logic to spice up a story! There's a first. I know people who run mail servers on Comcast and they send no spam and I think that it's pretty unlikely that I have met every Comcast user who runs their own mail server.
Since I don't believe you administer any domains, I really don't care what your claims are.
Unlike you, I am not a liar. I also administer domains for commercial clients, but it would be improper to reference them by name in this discussion and without their permission. Now what domains do you run? Show me little man!
My experience shows that blocking open relays removes 15% of the spam. Since my reply to was to claim that "You make up numbers", referencing my experience is a valid citation.
But you didn't reference your experience. You made a blanket statement that if *I* blocked open relays at the firewall, *I* would see a 15% decrease in spam. This is why chronic liars like you should avoid people with good memories.
#1. Block port 25 - no more zombies - spam is reduced to 50%.
You have yet to show that this is impossible.
Yes, I have. As I have told you repeatedly, there are many business accounts at ISPs and those accounts need to have port 25 open. Since I have received spam sent through zombies on commercial accounts (one was even the company's web server), and that disproves your claim that there will be "no more zombies."
All you can do is claim that the spammers will now spam mailing lists and send a fraction of the spam through legit servers.
No, I said that they would also go to open relays and foreign ISPs just like they did before the zombies came on the scene. People were bombarded by spam long before the zombie machines ever existed. The amount of spam will hardly decrease at all. It did not, despite your lies to the contrary, go up 50% the week that spammers started using zombies. It's also idiotic to claim that something requiring almost every IS
No, YOU are the one that went on about that. I am the one that said that 50% of the spam I receive is from zombie machines.
Lie number one. You wrote:You stated that zombie machines accounted for 50% of my spam (and by implication, all spam), not yours.
You tried to imply that I had claimed that there was a 50% increase in spam the DAY the zombies went on line. I said that that was incorrect. It was more likely the week that they came on line.
Lie number two. You wrote: You didn't say that it was "likely" that it did. You stated, flat out, that it did increase that much in one week, something which is a blatant lie in and of itself.
"...a "billion" pieces a day from 1,000 zombies,..."
Comcast has stats showing that 800 million pieces of mail come from their network BUT only 100 million come from their servers. That's 700 million pieces of email (spam) from them.
Lie number three. All e-mail from Comcast's network is spam unless it went through Comcast's servers; there are no mail servers run by non-spamming users.
Lie number four. There are 700 zombies sending spam on Comcast's network (because you have declared that each zombie sends 1 million per day (1 billion per 1000 zombies).
"...open relays account for 15% of spam,..."
Again, from the spam I get, that is correct.
Lie number five. You wrote: You asserted that it would block 15% of the spam at my domains if I blocked open relays at the firewall. You didn't say 15% of your spam is from open relays.
I didn't attack the numbers.
Lie number six. You wrote: You didn't ask what the source of the number was. You didn't question how I knew that the number was right. You attacked the number as being unreliable.
I attacked how you were using them AND I supported that with references to their FAQ.
Lie number eight. You attacked me, not how I used the numbers and you did not "support" anything. You also tried to claim, without evidence, that many of the ORDB entries were no longer open relays but that no one had requested their removal. Note that you did not mention that there could be many open relays are not in there because they haven't been reported yet.
I'm sure that you will come back with some kind of weasel-words to try to save face, but you, I, and anyone reading this thread will recognize that you have lied, made false assertions, and pulled numbers out of your ass throughout this exchange.
If you have to lie to support your self-image, well, I guess that's what you have to do.
Apparently that's what you have to do.
I'm tired of your trolling. You're so busy trying to prove that you are right that you refuse to listen to reason. You make up numbers (50% increase in spam the week zombies became available, a "billion" pieces a day from 1,000 zombies, open relays account for 15% of spam, etc.) and then attack the numbers that I get from reputable sources like ORDB.
If you want to dance around proclaiming victory, go for it. I am not willing to waste any more time replying to your trolls.
Or maybe you just strung together a bunch of words in an attempt to impress me.
/. :D
:)
:D (Remember where I said your DEMONSTRATED level of knowledge was ZERO?)
Could be, since you apparently lack the technical expertise to evaluate the terminology.
Well, what they did BEFORE they had the zombies was SEND OUT LESS SPAM!
Spam did not increase by 50% the day that zombie machines came into existence. It's stayed on a steady increase and some of the spammers simply shifted from open relays to zombie machines for economic reasons. It was cheaper to steal bandwidth from some numb-nuts user than pay for it themselves.
And you STILL have not provided ANY specifics on what they would do to send out the same amount of spam without the zombies.
They would go back to open relays and foreign ISPs. It costs a bit more, but it's still economically viable (explaining why they did that before zombies existed).
"There are 225K+ open relay sites (see the post from the other guy who smacked you down hard)."
Yet no one has provided ANY support for that statement. While MY research shows fewer than 100 sending me spam. And Netcraft shows only 53,341,867 domains (buy only around 22 million active sites). Given that a large portion of these are HOSTED, the 225K+ would mean an incredibly large percentage of email servers were configured incorrectly.
Here is the support for that number.
Oh, did I use too many numbers there? Are you confused again?
Astounded, yes. Confused, no.
"a. Open relays. These show up on a regular basis due to new, misconfigured mail servers coming on line. There are already over 225K of them known and for every one that goes away, another one comes online."
Again, you cite numbers whose ONLY support is an "anonymous coward"'s posting on
If you weren't so fscking stupid, you could have looked up the numbers just like I did. Go to the link that I provided.
What was that about C2 security?
You wouldn't understand.
"b. Foreign spam-friendly ISPs who will give them outgoing e-mail for a handsome price."
Which destroys the economics of spam AND is easily handled by spamassassin.
Chinese and Brazillian ISPs, for example, already sell services to spammers. They send the spam. They host the domains. Obviously that disproves your claims about the economics.
"c. List servers (topica, Yahoo!, etc.)."
Only applicable if you have specifically opted in to those lists.
Dearest Dumbfuck, If I "opt-in" to receive e-mail from a large computer security mailing list and some spammer sends an "herbal v1agra" ad to the list, I haven't opted in to see his e-mail. It's a constant problem with mailing lists and why many have gone to manually moderation systems. Again, that you are unaware of this shows just what a newbie you are.
"d. Distributed mass mailings with Zombie machines going through their ISPs' mail servers. If the ISP limits e-mail to one every 30 seconds and there are 1,000 machines, that's 120,000 pieces of spam per hour."
Yep. That's what is called "reduction". Instead of a thousand machines sending a total of a BILLION messages a day, the spam load is reduced to 120,000 an hour.
So what? You didn't solve the the spam problem through technological means. (Nice try at mixing up days and hours to try to make your brown number look more impressive.)
Not to mention that the ISP's email server would show up in services like SpamCop and the RBL's and the ISP could then take action as Comcast has done in the past and cut off service to those machines until they're cleaned.
No major ISP is going to blacklist MSN, Earthlink, Comcast, etc. while those ISPs are playing whack-a-mole with their constantly changing in
He's a fucking idiot.
His idea of a mail server is something that he set up under Windows for himself and two buddies. He actually said that there are only about 100 open relays sending spam to his server, so that should tell you what a piddly-assed domain that is.
He thinks that getting rid of zombie machines will cut the spam in half. I guess he figures those spammers will just give up rather than going back to another delivery route.
He honestly thinks that it's feasible to block 225K (thanks for that research) open relays at a firewall and has no idea how one would get the addresses in there in the first place, much less maintain them.
He thinks that rate-limiting outbound e-mail at ISPs is going to have a big effect, like ISPs in Thailand, China, Brazil, Korea, and everywhere else in the world are going to all join hands as one big happy family to implement this idea.
Strange, it seems that you're the one that can't count, doesn't understand what port 25 is and has problems with basic firewalls. Yet you think you're smarter than I am?
I know that I am smarter than you are. I headed up a team getting a C2 evaluation on a network, have set up encrypted, tunneling links, and have configured more routers and firewalls than you'll ever see. I'm also smart enough to know that SMTP is outbound TCP traffic on port 25, not just "port 25."
But WHAT would they do instead?
What did they do before there were zombie machines, or were you still in jr. high then?
What is your basis for saying that a firewall couldn't handle it?
Professional experience installing and configuring hardware and software firewalls from the biggest names in the business (Cisco, for example). How do you propose that an ISP keep such a firewall up to date? Are they supposed to have a team of 100 people constantly testing, entering, and removing IP addresses?
From my server, there are fewer than 100 open relays sending me spam. It's easy to block 100 sites.
There are 225K+ open relay sites (see the post from the other guy who smacked you down hard). MSN, AOL, Hotmail, Yahoo!, or any major ISP has thousands of open relays sending them spam and they have to block the ones that haven't sent yet. You're coming up with hobbyist solutions that don't scale.
I'll try to make this simple enough for you to understand it:
1. Zombie machines are just one spam conduit. Take them away through outbound port 25 TCP blocking and the spammers will revert to the methods that they used before. Those include:
a. Open relays. These show up on a regular basis due to new, misconfigured mail servers coming on line. There are already over 225K of them known and for every one that goes away, another one comes online.
b. Foreign spam-friendly ISPs who will give them outgoing e-mail for a handsome price.
c. List servers (topica, Yahoo!, etc.).
d. Distributed mass mailings with Zombie machines going through their ISPs' mail servers. If the ISP limits e-mail to one every 30 seconds and there are 1,000 machines, that's 120,000 pieces of spam per hour.
2. You can't block open relays at a firewall because the targets are constantly moving and there are far too many of them.
3. You can rate-limit outgoing e-mail for residential users, but that does nothing to stop the hundreds of thousands of open relays that you couldn't block (remember number 2?).
Now you try counting to three.
If you doubled your IQ, you might be my equal. Right now, you're just a little kid trying to play with the big boys and you are hopelessly out of your league.
#1. ISP's block port 25 by default. That gets rid of all the zombie machines.
If that happened, the spammers would stop using zombie machines and go to different methods. Unlike you, they are smart enough to stop doing something when it stops working.
#2. Block the open relays at your firewall.
Your lack of reading comprehension is doing you in again. As I wrote before: #3. ISP's rate limit email.
The spammer won't go through an ISP rate-limited e-mail server, as I've tried to tell you repeatedly. They will go through open relays at small businesses. They will contract with ISPs in other countries. They will get business-class service with no ports blocked (since businesses need to run mail servers, they don't get services with port 25 blocked).
There, 99.9% of the spam never gets to you AND all the bandwidth is saved.
So all it requires is the cooperation of every domain on the Internet to block port 25, rate-limit e-mail, and never create an open relay without blacklisting it first. BWAHAHAHAHAHAHA!
I gave you the technological solution to the spam problem.
No you didn't. A whitelist as a technological approach to fighting spam is like cutting off your hands to keep from biting your nails. You broke the entire concept of e-mail and you call that a solution?
You didn't like it that it required the ISP's to implement it.
So you gave new criteria that YOU would NEVER receive ANY spam AND that it be something that YOU only had to implement on YOUR side.
Now you're changing your criteria, again.
Have your mommy read the original post to you again:See, four things: Invent, get support, deploy, solve. The original criteria hasn't changed.
You came up with half-baked solutions that could not be implemented -- like every ISP in the world blocking outgoing TCP port 25 regardless of whether the user was a consumer on a residential dial-up or a business on a T1 line. You suggested absurd things like programming every IP address of every open relay in the world into your firewall. Yeah, that's real practical -- assuming that your firewall has infinite speed, infinite memory, and you are clairvoyent so that you can tell when an open relay comes online. How is an ISP supposed to rate-limit e-mail coming from a business customer's server?
Why don't you take a little nap and have some cookies and milk and try to collect your thoughts and grow up a little before you show off your ignorance in a public forum next time?
You make a fool of yourself with stupid recommentations that are destined to fail for technical, practical, and business reasons and then claim that I'm ignorant? Hell, even after I shoot your idiotic ideas down, you just keep repeating them. Try again.
I don't like your rude, smart-assed tone. So don't expect this to be polite like my previous reply.
It's called a "firewall". You can update the "firewall" to reject connections that come from known open relays.
Don't even talk about firewalls. You know nothing about them. If you generated a rule to exclude every open relay on the Internet, the firewall, if it had the storage for that many IP addresses, would slow to a crawl. If the relay opens at 2:10AM and the spammer starts blasting your domain at 2:14AM, then I guess that relay wasn't in the list, was it?
So they spontaniously appear? That's amazing. I though auto-genesis was disproven years ago. Imagine my surprise.
Who said anything about spontaneously appearing? It's the result of human error or malice (like your birth). Some dipshit at a small business brings a server on-line configured as an open relay. Or they switch from Microsoft Exchange to MailEnable and misconfigure the new software. Poof! The open relay appears.
Meanwhile, I thought I covered that in the portion about ISP's locking down port 25 on their networks. Silly me.
You are mistaking silliness for ignorance. An ISP providing business-class service can't lock down port 25 or the businesses to which they provide connectivity can't run mail servers.
You do know what port 25 is, don't you?
My knowledge of computers, computer security, and protocols far exceeds yours. Unlike you, I run mail servers and firewalls for multiple domains while you probably rely on AOL or MSN to deliver your e-mail.
You haven't heard of the "usenet death penalty", have you?
What the hell does Usenet have to do with e-mail? You don't even understand how the Usenet Penalty Works, do you? When a UDP is issued, any messages posted to Usenet from that domain will be cancelled. What the hell good does that do when someone spam e-mails? Is AOL going to "cancel" the e-mail that some Chinese spammer sends to MSN? Many ISPs don't even provide Usenet services anymore. See how upset Chinanet is with your threats of a Usenet Death Penalty.
Been over that. It's called "rate limits".
How do you propose to enforce a rate limit on a business customer who runs his own mail server?
Sure there is, it's called a "white list". You configure the firewall to ONLY allow email access from sites you completely trust. If you've configured it correctly, you'll never get any spam. If you haven't configured it correctly, well, that's a failing on your part.
What a stupid suggestion! That's like saying that cancellation of your ISP service is a technological solution to the spam problem. If it breaks e-mail or causes you to have to spend man-years configuring and maintaining it, then it's not a technological solution. If I post my resume on a job site and can't receive e-mail from prospective employers, then e-mail is broken.
That's like saying that a whitelist of phone numbers is a technological solution to telemarketing. Nevermind the fact that your wife is trying to reach you from a payphone in a dark parking lot where her car battery is dead.
Go back to your AOL chat room and leave e-mail and firewalls to us pros.
There is only one way to FAKE/SCAM your way out of massive debt, and thats MASSIVE inflation, you simply make the 7trillion devalue so much that its worth barely the price of 1 weeks taxes, instead of 7 years taxes. You just runup general inflation faster than official bank interest rates and before you know it, youve devalued your debt faster than it would have done so by just paying it back, until you have to revalue the currency and call $1000USD, $1NEWDOLLAR, or $1EARTHDOLLAR. This way all the banks are scammed out, and so are most investors who 'lent' that money.
Interesting theory, but it won't work. Much of the federal debt is held by foreign investors and banks. They want interest paid to them in their currency, which only grows in value if there is inflation in the U.S. There are countless other flaws with that "plan," but it was a nice try.
There are lots of reasons why people will resist implementing the technological fixes, but that does not mean that they do not exist.
As I described before, there is no technological fix for other domains having open relays. They pop up on a constant basis. They aren't static and could not compose a list of them today that would be valid next week. There's no fix if some Chinese ISP chooses to temporarily uncap some spammer's outgoing e-mail rates for a fee. There's no fix for a spammer buying IP space in Brazil, blasting out a spam run, and then moving to another IP address, maybe at a different ISP.
A technological solution to the spam problem means that I implement it and get no more spam at my domain. If it requires the cooperation of almost every ISP and domain on the Internet, it's not a solution.
To really solve this, we would have to make spamming economically unattractive to the spammers. And we can do this by everyone always repying to all spam.
Spammers don't use their e-mail addresses on spam. My domain was flooded with bounces, complaints, and threats because some spammer sent out spam with a forged From: address on my domain. All that replying does is further harm innocent third parties.
The vast majority of spam I see is from zombies.
Technological solution: ISP's block outgoing port 25 service from their networks, except for their mailservers.
That's what I ask them to do when I complain but many don't see that as viable because of support headaches from customers who have laptops configured to use their mail servers at work. They don't want XYZ corporation telling its employees to change ISPs. XYZ corporation may require that the e-mail pass through their servers for virus scanning, content scanning, adding on disclaimers, etc.
The next largest segment is from open relays.
Technological solution: Block those addresses.
They pop up constantly due to servers coming online, misconfigurations of previously closed SMTP servers, switching mail server software, etc. Spammers find them and sometimes blast out millions of messages before the blacklists catch up. You also ignore the fact that various blacklists have been the subject of DoS attacks, so you can't rely on them being up.
Which leaves spammers with their own accounts on ISP's.
Technological solution: ISP's put rate limits on outgoing email.
Nice, simple and easy to implement.
There will be a few issues with that, such as mailing lists, but those should be easy to handle on a case by case basis from the ISP.
That's actually not so easy to implement on many mail servers. There are also other issues like 'I'm out of the office' autoreplies. If all I have to do to get your e-mail shut down is send you 100 messages in rapid succession, that's asking for abuse.
Technology has solved the problem. But getting the ISP's to implement the technology isn't easy. Some of those ISP's are very happy to host spammers for a price.
If ISP's haven't implemented the technology, then the problem isn't solved. The problem is only solved when people stop receiving spam.
I really think my tax dollors could be spent on something better..like maybe giving it back to me.
I don't want to hear any more right-wing whining about getting tax dollars back until the federal debt is paid down. I don't want my taxes to be wasted to pay for interest on a debt accrued largely by fiscally irresponsible Republicans like Reagan, Bush, and the younger Bush.
spam is a techinical problem that can be solved through technical means.
THEN FUCKING SOLVE IT ALREADY! We've had this problem for a decade and people like you keep saying that technology can solve it. So invent the technology, get support for it, get it deployed, and solve the problem. You're watching people drown in spam and you keep telling us that the government should do nothing because you're planning to pull a technical solution out of your ass. Some day.
Anything else is just an excuse to have government regulate computer use.
I think that the government should regulate computer use so that idiot conspiracy theories like yours don't waste bandwidth and storage on the net.
This, ironically, shows why the average person should not be allowed to cast votes on most issues. It is alarming to consider that, on a referendum to adopt electronic voting, people who couldn't successfully configure an e-mail client have votes that count just as much as those of skilled computer professionals.
The reason that so many people despised the original Dragon's Lair was its unresponsiveness. If you were a millisecond early or late (their definition of the proper time was the key) in hitting a control, you died. You had no real control over the game. It was a long movie with the ability to fork off into numerous death scenes.
I'll date myself (something I couldn't convince others to do at the time) and say that I was a video game fanatic when Dragon's Lair came out. I loved the classics like Missile Command, Defender, Aliens, Galaga, and Asteroids, as well as liking less-well-known games like Moon Cresta, and Sundance. I drained about $5 into Dragon's Lair before the horrible gameplay made the graphics annoying rather than astounding. I could play Missile Command and it was skill, not memorization, that decided the score. Same with Defender, Asteroids, and most of the other classics. Sure, there were some people who memorized patterns for some games, but we serious players viewed them as losers with quarters (or tokens).
There will be people who say that memorizing the Dragon's Lair game requires skill, too. Well so does playing polka music, but you won't find Eric Clapton high-fiving an accordion player and giving him backstage passes anytime soon. Just because something requires skill doesn't mean that it deserves praise.
Of course, I don't wear them at night. I've never met an eye doctor who thought that was anything but stupid.
What do you mean "of course"? Many ophthalmologists have no problem recommending overnight wear. That's the whole idea behind the "extended" portion of "extended wear." The FDA has approved many extended wear lenses for 7 day periods and two have been approved for 30 day continuous wear -- and the FDA employs doctors, you know.
These reshaping contacts are rigid ones you wear at night. Sounds like a recipe for serious problems.
On that we can agree.
I wore extended-wear contacts for a couple of years (no, not two years straight, smartasses) but finally had to give up on them. I had problems with my eyes drying out too much at night. I'd wake up to find the contact on the pillow or I'd blink and it would pop out. Sometime's they'd pop out after a long day as my eyes dried out. I got eye infections from the irritation and even had problems with the surface of my cornea being torn. That was with properly fit, state of the art, extended wear soft lenses of multiple types provided by my ophthalmologist.
I recognize that my experience is atypical, but it's not extremely unusual either. You may or may not have problems with the lenses, but don't ignore problems and assume that they will go away if you undergo that treatment. It sounds like the lenses that you would get would be less comfortable and forgiving than extended wear soft lenses.
Umm. No. If your OS has a security problem (IE: A Bug) then you need to update it because it's broken. Downloading Anti-Virus Definition Lists is not updating, it's keeping your virus definitions current. Totally different than updating the firmware on a piece of hardware.
Don't you realize that "firmware" on a piece of "hardware" is the "OS" and that the "hardware" is nothing more than a computer? "Keeping your virus definitions current" is "updating." Update definition -- To bring up to date: update a textbook; update the files.
Does your router have a bug or security problem? How do you know? Have you hooked the engineers who wrote it up to a polygraph? For all you know, they quietly fixed a horrible, gaping security hole when they bumped the rev level of the software. You have to remember that this is a for-profit business. If D-Link were to publish a security flaw that they discovered, all of their customers who had not updated would be vulnerable -- and that would hurt their reputation and future sales.
Now if there was a problem with the hardware, then updating the firmware is fine.
Updating firmware does not fix hardware problems. If your router is randomly resetting as a result of a defective capacitor, updating the firmware won't fix it. If one of the ports is fried, new firmware won't fix it.
I didn't say that you should not update if there isn't a problem. But you should not update for the sake of updating is all I'm saying.
In general, you should update any time there is a new version. You don't know what fixes are included or whether there is a serious security flaw or bug in your firmware that you just haven't personally encountered yet.
Firstly, it was a freaking wireless music player, not a router.
i ty/holes/story/0,10801,92015,00.html
I stand corrected on that.
Secondly, even if it was, how does that give "Ukranian" hackers access to his personal network?
http://www.computerworld.com/securitytopics/secur
I've never seen a hardware router that could sniff packets or would divulge any personal information, or connect to other computers on the network in file retreival mode (the closest thing to this is passive upload TFTP). The best they could do is shut the internet off.
[Sound of clue-stick whacking SinaSa on the head] If I had a backdoor password to your router that let me control it (as per the one described in the article above), I could turn on port forwarding such that I could send data to your machines. I could put them in a DMZ, effectively disabling the firewall. I could, depending on how open your network was, enable Windows file sharing between my network and yours. I could use the connection to send spam through your ISP. I could post kiddie porn to web sites and newsgroups over your connection. I could get on Kazaa and share gigabytes of copyrighted music. All of which you would be blamed for.
You suckue!
Don't you mean "sucque"?
1. What feature did you NEED, when you flashed the firmware.
The one that stops Ukranian hackers from using a backdoor to access his router, Internet connection, and his personal network.
2. Why didn't you buy hardware that had that feature to begin with.
You will find that the vast majority of routers are sold with damned little information. Look at the boxes and web sites and tell me which routers let you forward a range of ports rather than individual ports. Tell me which ones have hard-coded IP addresses for time servers, which ones have a drop-down list of time servers, and which ones let you enter the IP address freely. Tell me which ones let you limit wireless access by MAC address while letting you have open access on hardwired Ethernet. Tell me which ones have a problem with the web-based admin that causes it to not work properly with Mozilla. Gee, maybe it's not so easy after all.
First: don't fix it if it isn't broken. Never upgrade the firmware unless your having problems.
That's like saying that you should never install OS security patches until someone has broken into your PC and that you should never update your anti-virus software unless your computer has become infected with a virus.
We are talking about a router with a firewall. It's the only thing between his computers and the rest of the world. Linksys may have discovered a serious security flaw and the update includes a correction for it (no, I don't trust them, or any other for-profit company, to disclose such flaws rather than quietly fix them). Maybe the wireless section has a flaw which lets people hack into it. Maybe there is a backdoor that has been closed off by the new firmware.
I don't buy the idea that you shouldn't update the firmware until you, personally, discover some horrible flaw that may already exist in it.
Meh. I'm British so I was technically wrong in the subject :)
I was just feeling frisky, so I figured I'd give some random stranger a hard time and you happened to be on the receiving end. Now back your your regularly scheduled "programme."
Aren't laserdiscs actually analogue?
No, they are analog. "Analogue" is a British spelling using unnecessary letters at the end which serve no purpose and lead to confusion about pronunciation for those learning English. That's why Americans have dropped that archaic affectation of British spelling. At least you got it right in the subject line.
You actually wrote:
Some (esp *cough* power users *cough* of some commercial *cough* operating system *cough*) users simply cannot grasp the concept that skimming through headers and comments in sources is the best documentation there is.
If you weren't just pretending to be a "l33t h4ck3R" to impress your little Slashdot buddies, you would recognize that an open source project like OpenOffice encompasses about 30,000 files and 9 million lines of source code. Yeah, it will be really practical to skim the comments and headers in that, won't it? You can't write software, so quit pretending. If you actually could write software, you would have recognized that many open source projects consist of millions of lines of code and tens of thousands of files -- and you would have never said anything so absurd.