Cobol programers, still needed for legacy applications, are mostly in their 40s.
Oh no! People in their 40s will only want to remain in the work force for another 20 years or so. What will the companies do then? Train people? Not in the U.S.! All employees must be hired with all needed skills. We wouldn't want to spend money training them because that investment would be wasted when we laid them off and shipped their job over to India.
Nobody gets upset that most CEOs are in their 50s. No one is concerned that corporate attorneys are usually over 40. You don't see a panic because the average charter boat captain is in his 40s.
Working in the computer field is like living the movie Logan's Run. Once you are out of your twenties, everyone from management to your fellow tech workers thinks your time is over.
Or is it simpler than that? Maybe companies realize that they can underpay and overwork young, naive, single people but that people in their 40's with experience, families, and responsibilities will expect fair pay, benefits, and working conditions.
What? Are you suggesting that when one sender (spammer) delivers mail for hundreds or thousands of recipients instead of issuing hundreds or thousands of C/Rs you issue only a few, and if a few are responded to you let the mail through to all hundred or thousand emails? Now THAT would definitely be vulnerable to spammers since they could just answer a few of the C/Rs and be happy knowing that was all it took to get their spam to the other hundreds or thousnads of emails.
I really should have been more clear. I meant that they only need to send one challenge if it bounces. After that, the messages can all be considered trash.
I'd submit the economics are not a problem since you can send more mail for little extra cost.
That's something that needs to be quantified. Many spammers are saturating outbound connections already. I know it's not cheap for me to quadruple my bandwidth and I don't think it is for them, either.
I agree that's a good idea--but I again stress that that isn't in itself C/R. That same technique can be applied to any spam filtering technique to make it even better.
Within limits. You can't assume that the sender domain and the address domain will match (as you know) unless it is a major corporation like Microsoft, IBM, etc. That's where one needs some tuned whitelisting.
But from what I understand the bigtime spammers aren't right on the edge, they're buying big houses and earning more money than I am...
They may be getting more money than you or I, but they are not earning it.
Bayesian is extremely effective, doesn't cause a hassle for the sender, requires very little effort on the part of the receiver once it starts getting "tuned", doesn't generate a swarm of C/R requests, and doesn't announce to the spammer what kind of system is in place to block his spam...
But can it be implemented at the ISP level? Every implementation I have seen has been at the client level, partially because it needs to learn what you, personally, consider spam. I may have signed up for a get-out-of-debt list server that delivers messages that you would consider spam. If it's at the ISP level, the accuracy will probably be unacceptable.
If the user must abandon their current e-mail client in order to use Bayesian filtering, then it is not low-hassle. If the user has to install software to perform the Bayesian filtering, it's not low hassle. If the user has to train the Bayesian filtering, it's not low-hassle -- and you will find that most will not do it or understand why they should.
One big problem with Bayesian filtering is that the end-user has to download the entire message and then, and only then, determine if it is spam. Another problem is that spammers will be able to rely on less than 100% client-side participation. There will be a large subset of users who just accept all e-mail, many even welcoming the spam and clicking on the links. If it is blocked by C/R or some other means before getting to the user, the ISP saves bandwidth, CPU cycles, storage, and admin costs.
This sounds like a risk for a denial of service attack. Spammer's already forge headers... The poor person who happened to have his email address forged might not only get deluded by tons of challenges...
I think that you meant "deluged.";-)
but would have to answer a lot of the challenges just to prevent their address from being black listed.
Good point. But only a bounce would automatically blacklist the user. If he did not answer the challenges and later sent messages, he would be challenged again and could respond appropriately.
Furthermore I imagine a responible time period would have to be selected before blacklisting... else you would block legitimate senders that didn't answer the challenge immediately.
I would not blacklist a user for not responding. I'd hold their e-mail for a week or two and then discard it if no response was received. If they later sent mail to my servers, the servers would again challenge them and if they responded, deliver their message.
I would also have the blacklists expire. If you are blacklisted, you would only remain so for maybe a week to thirty days. If you sent again, you'd get another shot at responding. You don't want a situation where a spammer forges bobsmith2004@yahoo.com, gets it blacklisted, and Bob Smith, who signs up next year, finds himself with an address from which no one will accept e-mail.
vacation(1), Lotus Notes, Exchange, autoresponders, new mail sent to C/R system from someone that goes on vacation and the challenge gets delayed. I leave you to figure out the implications of infinite loops.
Improper responses to the challenge address (e.g. challenge_response@yourISP.com) would be scrapped.
Bob sends e-mail to Tom before going on vacation. Tom's ISP sends a challenge. Bob's autoresponder sends an out-of-the-office e-mail. It's not a proper response, so it is discarded.
It's one thing to trust them to do data entry. It's another thing entirely to trust them as judge, jury, and executioner for spam violations. GoDaddy is not going to charge $7 a year for domain registration and then launch a multi-day inquiry to determine if you really spammed or if the people claiming you did are just out to get you.
And how would automated servers handle the sender verification without being bogged down? Or should my mother have to remember to whitelist companies she deals with before any server generated mail is sent?
I don't believe that Amazon.com would get 211,376 challenges just because they sent 211,376 e-mails to customers at your ISP. I think that the ISP would issue one challenge. It would be read by the customer service people at Amazon. They would respond. All automated e-mail from Amazon would then be delivered without further challenges. I also believe that ISPs will develop whitelists of trusted senders and that the quality of these lists will be instrumental in keeping customers satisfied.
I really do think that C/R can work and I really want to see if Earthlink can do it right. If they do, I think that the spam problem will start to go away. Other ISPs like Yahoo!, MSN, AOL, etc. will implement it and that will be the end.
Another advantage will be that most AOL users will be completely confused by the challenges sent to them and they will stop sending e-mails to the rest of us.;-)
That's not a challenge/response system. You're talking about a networked solution to spam where spam identified by one user is used to identify other people's spam. That's fine, but the same system can be implemented with Bayesian or pure filters without having to resort to generating C/R traffic for each spam.
Yes, it is C/R. A challenge is issued. The challenge bounces. All e-mail from that sender is deleted. (Maybe you would issue the challenge twice spaced 30 minutes apart in case technical problems that caused the first bounce.) There is nothing stopping the ISP from issuing only a single challenge when one sender delivers mail for hundreds, thousands, or more recipients. A single response could cause all of the mail to be delivered.
On what do you base that assumption?
Economics and need for a valid return address -- the latter of which you will not find on 99.99% of spam.
History has shown us that every time we make it harder for spammers to get their garbage to us they respond by mangling their spam, getting around the solution, and sending MORE spam, not by reducing it.
But what happens when you go from "harder" to basically impossible, which is what C/R does? There has always been fairly simple ways around the earlier forms of spam filtering. C/R has no simple, low-labor, low-bandwidth, low-exposure means to circumvent it.
Yes, but C/R is not the best way to keep spam out of customers' mailboxes for reasons that I and others have already explained here.
So you know more than all of the people at Earthlink who have investigated this problem? You know more than people at MailBlocks? I could believe that, but you couldn't know more than me.;-)
Oohh, I didn't realize I was dealing with royalty. Let me cower in my lack of knowledge because I am a commoner that doesn't run anti-spam.org.:)=
I was only trying to show you that I am someone who has done a lot of investigation into this problem. You may rise.;-)
You underestimate labor costs for the first one when using teen-labor and/or folks in 3rd-world countries
Any time that there is significant labor, no matter how cheap, it slows things down and the spammer is unlikely to be able to spam profitably -- even if he has a whole shop full of people in India creating Yahoo! accounts.
If they can send a million spam they can send 100 million spam to brute-force their way through commonly-unblocked email addresses.
Again, it's pretty easy to tell that "support@microsoft.com" is not going to be sending e-mail through the net.edu.cn domain, so that e-mail could be dropped without ever issuing a challenge.
Bandwidth is both time and money to spammers. Many of them have systems running 24/7 using all of their available bandwidth. While they may be able to cover the costs of their T1 bandwidth to send spam now, they won't cover the costs of the OC3 that they would need to handle the additional volume.
You seem to assume that it costs 100 times more to send 100 million emails than it does to send 1 million. I don't believe that is the case. In fact I KNOW it's not the case.
I agree. And whether it costs five times, ten time, or 50 times as much makes little difference. If the spammer is not rolling in dough now, he will be behind the curve when the costs go up substantially.
As is Bayesian which doesn't require legislation or a fundamental change to the e-mail structure of the Internet
But that costs CPU cycles and is less effective than C/R.
In essence, it could be tied to the DNS system, so that only MXes are allowed to propagate mail with reverse checking to prevent spoofing.
Many large organizations use different servers for sending e-mail than receiving it. The SMTP servers that send e-mail for an ISP may not be listed on the MX records at all because they don't handle incoming e-mail for the domain.
If found guilty of spamming, that license could be revoked.
By whom? What worldwide authority would you trust to pass judgement on whether a domain was spamming? Would you trust the registrars?
This would of course require fundamental changes in the way the internet is built
But challenge/response does not require those changes and I expect that it will be very successful. I was advocating it years before the company that's claiming patent rights on it ever existed.
No, increased load. Instead of dealing with one spam, you receive the spam, send out a useless C/R email (creating load on a third server), and then get a bounce back again requiring time to deal with on your mail server.
Then you delete all 142,675 copies of the spam, keeping it from being downloaded 142,675 times by your customers. Then spam decreases by 99.9% because spammers know that their messages don't get through. Use some foresight, man! Don't just look at the first 50 transactions. Consider the implications down the road. If spammers know that their messages will be blocked because of challenge/response mechanisms, then they will stop spamming that ISP.
Disk space is cheap compared to bandwidth and CPU load dealing with all of it.
There's a bandwidth and CPU cost for spam that is received. There's cost when it is received. There's cost when the customers retrieve it. There's cost when the e-mail clients retrieve images from the spammers' servers. ISPs like Earthlink recognize that keeping spam out of customers' mailboxes helps them attract more customers, keep the customers they have, and decreases their costs long-term due to the projected reduction in spam.
Either that or a spammer will set up an account at Yahoo, send an email to the targetted user, will receive the challenge, will respond, and then will spam the target using that "From" address--and maybe even pass the "unlocked" Yahoo address to other spams who will send in a ton of spam taking advantage of the fact that it is currently open. The target eventually logs in, downloads a ton of spam and nukes the newly-unlocked Yahoo address... but the spam still made it through.
Or, another possibility... Spammers may deduce commonly unlocked email addresses. Perhaps a full 1% of users have unlocked "Support@microsoft.com" and another 1% have unlocked "list@bigmailist.com." So instead of dealing with the challenge response, spammers will just send the same email to each user with a hundred different "commonly unlocked" email addresses. So you'll get spam with forged email addresses that are often unlocked, and instead of a spammer sending the user the email once he will attempt to send it 100 times.
I run the domain anti-spam.org. I understand how spammers work. I know that spam would be economically infeasible with either of the methods you describe above.
You ignore the fact that the receiving server could easily determine, by IP address, that the mail purporting to come from "support@microsoft.com" or "enlarge_your_penis@yahoo.com" was, instead, coming from an open relay in China. Drop that connection and the problem is gone.
So much worse than doubling spam (by sending a C/R response for each spam), you may have increased it by an order of magnitude by giving spammers an incentive to send the same spam multiple times from different forged addresses hoping that at least one is unlocked...
If you sharply increase the number of times that a spammer has to try to get a message through, you make spam unprofitable. While he may be making money with a.01% sales rate, he won't be making it at.001%
C/R is an unworkable solution to spam.
You are incorrect. It is, in fact, an elegant solution that does not require legislation or a fundamental change to the e-mail infrastructure of the Internet.
Or: the customer gets pissed off at the ISP for blocking their email confirmations.
-- and the customer leaves, going to an ISP that has a better, more comprehensive whitelist. This will encourage ISPs to actively try to keep their whitelists up to date and comprehensive.
Or: the company doing the emailing sues the ISP for interfering with their business.
On what grounds? Your ISP has no contractual obligation to to some business trying to send you something. They can accept or reject any e-mail that they choose. They could reject all e-mail from SCO just because they are pissed off about the recent lawsuits. They could reject all email from the RIAA because I don't like their lobbying efforts. Unless the RIAA and SCO had contracts with your ISP guaranteeing delivery of their e-mail, your ISP is within their legal rights.
Spamming is, unfortunately, not illegal. Would you feel that a spammer had grounds to sue an ISP that didn't deliver penis enlargement ads sent by the spammer? That's "interfering with their business", disreputable though that business may be.
And how do you propose this will work with businesses that deal with hundreds or thousands of customers each day? You have to come up with some way to deal with that little problem.
They call the ISPs and get put on the whitelists. No more challenges.
And if you have default whitelists, what's to prevent the spammers from forging a whitelisted sender?
The whitelist could be IP address list based (e.g., amazon's IP range would be whitelisted rather than Amazon's domain name). Also, the threat of tangling with, say, Amazon.com's attorney's would make most spammers hesitate to forge "customerservice@amazon.com".
I think a system where only servers with certificates are allowed to propagate mail would have a better chance of success.
And then Verisign could charge between $350 and $800 per year for a certificate -- like they do for SSL web server certificates now. Microsoft and Netscape would include only certificate authorities that paid them enough money to be included as "trusted." And mail servers run by individuals, small non-profits, and even some small businesses would disappear.
Who would police the list? Who would be authorized to revoke certificates? How would you handle it when someone forged spam in an effort to get the certificate pulled? How would you handle it when some small group in Ghana wanted to run a mail server? Who would vouch for them and say that the mail from there should be trusted? What happens when the small server in Ghana happens to be something that Ralsky set up, knowing that he could spam for days before being investigated by the certificate authority?
I hope that we never see an all-controlling entity that, in essence, "licenses" mail servers, presumably for a fee. That's way too much power to put in the hands of any organization.
Quick - list all of the businesses that all earthlink subscribers will do business with this year. Don't miss any.
I can't. No one can. In the short-term, ISPs will need to create lists with the big guys (amazon.com, walmart.com, ebay.com, etc.). As smaller businesses note that automated e-mail is being rejected, they will have to contact the ISPs to get on the whitelist.
It would be market-driven. ISPs that use challenge-response systems will have to develop good whitelists or customers will leave for ISPs that have better ones. Businesses will not want it to be difficult to communicate with customers and will actively try to get the ISPs to whitelist them.
I expect that companies like TRUSTe will eventually start handling the process of maintaining trusted business lists and the ISPs will use their services.
I have no doubt that, in the short run, there will be some problems. In the bigger scheme of things, I think that these problems will work themselves out.
No, decreased load on mail servers. Spam comes in. A challenge is sent and it bounces (due to the spammer having forged an address). The spam is discarded, saving space on the server. If the server is smart, it will automatically discard all bulk e-mail purporting to be from that address. The user retrieves their e-mail and that traffic does not included the discarded spam. Spammers, recognizing the futility of sending spam to challenge-response mail servers, will stop spamming that domain.
# everyone's challenge-response system will be different and incompatible
Since a human being has to follow the simple instructions in the message, that is not a problem. You don't want something that is easily scripted anyway.
# spammers will figure out how to reply to them
Only if the spammers give a legit return address. And how many of them do? Probably less than.001%. Most challenges will bounce.
# businesses won't be able to send legitimate automated email(shipping notifications, confirmations, etc.) because everyone will be using different challenge-response systems. You think the average earthlink user is going to be smart enough to even REALIZE they need to whitelist a business, much less what address?
That's a legitimate concern, but one which can be addressed by ISPs creating whitelists of trusted businesses. The businesses, in order to be able to continue getting legitimate e-mail through, will not spam and risk being removed from the list.
# Loops when dealing with any of the dozens upon dozens of mailing list software, autoresponders, and legitimate automated email systems.
That's a very legitimate concern. One way to deal with it is to send one challenge per sender/recipient. In other words, mailing list A sends e-mail to you. A challenge is sent. No response is received. Mailing list A continues to send e-mail to you. Because they are not whitelisted and because they did not reply to the original challenge, the e-mail is discarded/refused.
Challenge-response is a very good way to deal with spam, though I am sure that there will be some setbacks here and there. Overall, I think that it's a very reasonable idea.
I know its content over presentation, but come on...two typos in one sentence?
"Its" should be "it's" because it's a contraction for "it is." Also, "but come one" is an exclamation and should probably have an exclamation point following it. "Two typos in one sentence" is a separate sentence and should capitalized that way.
I suppose we'll just have to disagree about it's PDA-sizedness. The Axim is definately not the largest PDA I could find, though.
I happen to have my very own Apple Newton. This was one of the first devices ever to carry the name PDA.
The first computers to carry the name "laptop" are far too large by modern standards to define the term for today's devices. Heck, even Macworld referred to the Newton's "cumbersome size."
I have also owned a Psion Revo. I also have a Sharp Zaurus SL-5500.
Both of which are smaller (in cu. in.) than the new SL-C760
Let me make an analogy: Up until a while ago, I owned a 1985 Chevy Caprice Classic. It's much more than 25% larger than a Honda Civic. It is still car-sized. Yes, it's a big car, but it's still a car.
At what point does a portable computer go from being a big PDA to a small notebook? It has to happen somewhere. You can't just keep introducing bigger and bigger devices, each time saying "it's a PDA because it's only 25% bigger than the last one." If you do that, eventually you get a "PDA" that requires a raised floor and an air conditioning unit.
I do not consider it valid to say "A Caprice Classic isn't car-sized."
I do not, either. But, were someone to introduce a vehicle 25% larger than the Caprice Classic today, I would consider it valid to say that the new vehicle was not "car-sized." You have to draw the line somewhere.
And I guess that's really the definition of our disagreement. You are willing to accept a larger size for the moniker "PDA" than am I. And neither of us is "wrong" (despite our earlier claims to the contrary) because what we are talking about here is opinions.
You however said the Zaurus, isn't PDA-sized, and doesn't have a battery big enough to last for multiple days. Both statements are wrong.
It isn't PDA-sized. You found the biggest PDA that you could and the Zaurus was still 25% larger. So, when someone comes out with something 25% larger than the SL-C760, will that be PDA-sized, too? Just admit that you were wrong.
As to battery life, I should have been clearer. I never envisioned anyone equating a manufacturer-claimed maximum 8 hours of use to be "days." (By the way, the SL-C760 has a 1700mA battery while the SL-C750 has only a 950mA battery.)
Yeah, because 8 hours just isn't that much battery life.
No, 8 hours isn't much battery life for a handheld. A Handspring Visor will run about 20 hours on a pair of AAA cells. Besides, it appears that the 8 hours is with an optional, high-capacity Lithium-Ion battery.
Even at 4hrs/day, it does run for days between charges. You were wrong.
Two isn't what I meant when I said "days" and no reasonable person would interpret it that way. You're just being assinine. I meant "runs as long as a typical Palm, Handspring, Sony, etc." Christ, why do you have to be so petty?
Try not being such an asshat.
Try not being an ass.
The Zaurus is PDA-sized. Period Dell Axim: 5.0" x 3.2" x 0.7" Zaurus 760: 4.7" x 3.3" x.9"
So you found the biggest PDA that you could dig up and used that as a standard? This is the same PDA about which ZDNet said "The Axim's one shortcoming is its size". CNet wrote "This PDA is too large to slip easily into most pockets" and "The Axim is a bit large for a handheld.".
Okay, let's look at the numbers. The Dell Axim is 11.2 cubic inches and the Zaurus 750 is 14.0 The Zaurus 760 is still 25% larger than the bulky Dell Axim in your example.
Now try some normal PDAs:
Palm Zire: 4.4" x 2.9" x.6" (7.6 cu. in.) Palm m515: 4.5" x 3.1" x.5" (7.0 cu. in.) Handspring Visor: 4.8" x 3.0" x.8" (10.0 cu. in.) Handspring Visor Edge: 4.7" x 3.1" x 0.44" (6.4 cu. in.)
Someone doesn't like to be proven wrong, does he?
Obviously not, but maybe you can accept your error now that I've given you numbers.
I probably know more about race car design than you do, having wrenched on them myself.
You seem to be making the argument that helmets play an insignificant role in preventing death in auto racing accidents. That is, simply put, absurd. They were saving lives long before many of the safety innovations you cite were ever invented.
First of all, the cars are made to absorb energy. This means that big crash you see where the car gets torn apart, that's the car material sacrificing itself, taking in all the kinetic energy.
It's what they call "crumple zones" in passenger cars.
Then the driver is encased in a 5 point harness.
And in a passenger car, the speeds are lower and the driver has a lap/shoulder belt and an airbag.
Then there's the Han/Hutchens device, which prevents the whiplash effect (what killed Earnhardt, he could have used one).
Just simply wearing a helmet doesn't afford instant protection
Yes, it does. It may not be absolute, but it is instant. Helmets have saved the lives of thousands of motorcylcists over the years. The motorcyclists whose lives were saved had no roll cages, crumple zones, HANS-type devices, or five-point harnesses.
I never claimed that the use of helmets in automobiles would eliminate deaths, did I? It would just drastically reduce the number of deaths caused by brain injuries -- one of the leading causes of death in automobile accidents on public roads.
Why? I value not being made into a paraplegic in an accident. When in transport, I want a frame around me. In a battle of a head hitting the road, the road always wins.
Perhaps you should learn to drive/ride rather than playing bumper cars on the road. It's your kind of "bigger-is-better" mentality that has moms driving to the grocery store and post office in Chevy Suburbans.
If you are so concerned about safety, why don't you wear a helmet in your car? It would cut your chances of dying in an accident about in half. Why do you think they wear them in race cars and survive accidents at 200MPH+.
These are, dumbass. Just because it looks like a laptop, doesn't mean it's as big as one. Sheesh.
Hey moron, I didn't say that they were as large as a laptop. I said that they were too big to be PDAs. The SLC760 is 120mm x 83mm ×x 23.2mm (4.7" x 3.3" x.9"). Maybe you have room for something that size in the pockets of oversized Hawaiian shirts you wear to cover you man titties, but most of us have normal-sized pockets.
The SL-C760 is spec'ed at 8 hours continuous battery life.
And that's nothing. Many Palm PDAs will do over double that on a pair of AAA batteries.
These devices are not PDAs. They are notebook computers with inadequate screen resolution (640x480), no hard drive, short battery life, and a membrane keyboard that's too small to type on. A PDA is something the size of a calculator that you can put into a shirt pocket. You give up the convenience of a full-sized screen and keyboard and a fast CPU so that it fits in your pocket and runs for days between battery changes/charges.
This is right up there with 1998 Toshiba technology. Back then, Toshiba introduced the Libretto. It had 640x480 screen resolution, a real (though small) keyboard, and, unlike the new Sharp models mentioned here, had an actual hard drive. They were 8.3"x4.5"x1.3" and 1.8lbs. And Toshiba didn't try to pretend that the Librettos were PDAs.
I don't care that the Sharp units run Linux either. Being able to fsck the flash disk hardly makes up for the other inadequacies in these devices.
Maybe the documentation for their mail server is only in English and they only know some other language(s) so they can't find out about how to properly use the server. Supposedly this is part of the problem with open relays in Asia.
This is like saying "the documentation for the AK47 was only in Russian and that's why I accidentally shot my neighbor."
A mail server configured as an open relay could cost countless hundreds of thousands (maybe millions) of people time and money. If you can't read the English documentation that accompanies the mail server, then get a mail server with docs you can read. If you can't find one, then don't run a mail server.
Ho Lee Phuc's inability to read English does not mean that everyone else on the Internet should suffer the consequences.
Ooh, resorting to ad hominem attacks. I see you have lost all hope of winning this "argument" by legitimate means.
You are the one who accused me of having violated my ISP's Terms of Service. You are the one who asked "What could you possibly be smoking." You started the ad-hominem attacks, so don't give me shit for responding in kind.
As to winning the argument, I already have, you just won't admit it yet.
When you place a site on the Internet or make a server Internet accessible, you grant global permission for all entities to link to said site or access it for legitimate purposes.
Says who? Besides, I don't consider crashing a web server to be a "legitimate purpose." It's like running over a pedestrian and saying "but I was on a legitimate errand to the grocery store, so it's okay."
Let us recap: A DDoS is an attack designed to flood a site with non-legitimate data in an attempt to crash it or deny access to it.
Since we are making up our own definitions, here's mine: A DDoS attack is any one in which persons knowingly cause others to send so much data that a server goes down -- regardless of whether the data is "legitimate."
Are you illiterate?
Are you resorting to ad hominem attacks, again?
In answer to your question, I've been paid by national magazines for articles. I've consulted with Time-Life Books on their Understanding Computers series. I've got the credentials to decide who is reading-challenged here. One of us is, and I'll give you a hint: It's not me.
The POINT of that post is that it is LEGAL to link to other sites.
You can be legally liable without having committed a crime. Example: Store leaves water on the floor and patron slips and falls. The store may not have committed a crime, but they are still civilly liable for damages. Do you really not understand the difference between civil liability and criminal law? Don't bother with answering. You just demonstrated that you are not.
As the author notes, you can sue anyone you want for anything, it doesn't mean you'll win, or that it's morally right.
Where, in that article, does the author state that you can sue anyone for anything and that it doesn't mean that such a suit is morally right? Where? You are simply making shit up in an effort to convince people to lazy to read the article that you are right. Nice try.
Not even close to efficient enough. A good electric motor is about 50% efficient. That means that you would have to put in 4 hp worth of energy (about 1500 watts) to get 2hp of rotational energy out of it. Then there is the inefficiency of the generator.
Freight trains use diesel-electric power because they need incredibly high starting torque and the electric motor gives that. There's a saying about trains: A diesel (electric) locomotive can start a load that it can't pull and a steam locomotive can pull a load that it can't start. That's the difference between torque and horsepower.
Slashdot Mirror
Cobol programers, still needed for legacy applications, are mostly in their 40s.
Oh no! People in their 40s will only want to remain in the work force for another 20 years or so. What will the companies do then? Train people? Not in the U.S.! All employees must be hired with all needed skills. We wouldn't want to spend money training them because that investment would be wasted when we laid them off and shipped their job over to India.
Nobody gets upset that most CEOs are in their 50s. No one is concerned that corporate attorneys are usually over 40. You don't see a panic because the average charter boat captain is in his 40s.
Working in the computer field is like living the movie Logan's Run. Once you are out of your twenties, everyone from management to your fellow tech workers thinks your time is over.
Or is it simpler than that? Maybe companies realize that they can underpay and overwork young, naive, single people but that people in their 40's with experience, families, and responsibilities will expect fair pay, benefits, and working conditions.
What? Are you suggesting that when one sender (spammer) delivers mail for hundreds or thousands of recipients instead of issuing hundreds or thousands of C/Rs you issue only a few, and if a few are responded to you let the mail through to all hundred or thousand emails? Now THAT would definitely be vulnerable to spammers since they could just answer a few of the C/Rs and be happy knowing that was all it took to get their spam to the other hundreds or thousnads of emails.
I really should have been more clear. I meant that they only need to send one challenge if it bounces. After that, the messages can all be considered trash.
I'd submit the economics are not a problem since you can send more mail for little extra cost.
That's something that needs to be quantified. Many spammers are saturating outbound connections already. I know it's not cheap for me to quadruple my bandwidth and I don't think it is for them, either.
I agree that's a good idea--but I again stress that that isn't in itself C/R. That same technique can be applied to any spam filtering technique to make it even better.
Within limits. You can't assume that the sender domain and the address domain will match (as you know) unless it is a major corporation like Microsoft, IBM, etc. That's where one needs some tuned whitelisting.
But from what I understand the bigtime spammers aren't right on the edge, they're buying big houses and earning more money than I am...
They may be getting more money than you or I, but they are not earning it.
Bayesian is extremely effective, doesn't cause a hassle for the sender, requires very little effort on the part of the receiver once it starts getting "tuned", doesn't generate a swarm of C/R requests, and doesn't announce to the spammer what kind of system is in place to block his spam...
But can it be implemented at the ISP level? Every implementation I have seen has been at the client level, partially because it needs to learn what you, personally, consider spam. I may have signed up for a get-out-of-debt list server that delivers messages that you would consider spam. If it's at the ISP level, the accuracy will probably be unacceptable.
If the user must abandon their current e-mail client in order to use Bayesian filtering, then it is not low-hassle. If the user has to install software to perform the Bayesian filtering, it's not low hassle. If the user has to train the Bayesian filtering, it's not low-hassle -- and you will find that most will not do it or understand why they should.
One big problem with Bayesian filtering is that the end-user has to download the entire message and then, and only then, determine if it is spam. Another problem is that spammers will be able to rely on less than 100% client-side participation. There will be a large subset of users who just accept all e-mail, many even welcoming the spam and clicking on the links. If it is blocked by C/R or some other means before getting to the user, the ISP saves bandwidth, CPU cycles, storage, and admin costs.
This sounds like a risk for a denial of service attack. Spammer's already forge headers... The poor person who happened to have his email address forged might not only get deluded by tons of challenges...
;-)
I think that you meant "deluged."
but would have to answer a lot of the challenges just to prevent their address from being black listed.
Good point. But only a bounce would automatically blacklist the user. If he did not answer the challenges and later sent messages, he would be challenged again and could respond appropriately.
Furthermore I imagine a responible time period would have to be selected before blacklisting... else you would block legitimate senders that didn't answer the challenge immediately.
I would not blacklist a user for not responding. I'd hold their e-mail for a week or two and then discard it if no response was received. If they later sent mail to my servers, the servers would again challenge them and if they responded, deliver their message.
I would also have the blacklists expire. If you are blacklisted, you would only remain so for maybe a week to thirty days. If you sent again, you'd get another shot at responding. You don't want a situation where a spammer forges bobsmith2004@yahoo.com, gets it blacklisted, and Bob Smith, who signs up next year, finds himself with an address from which no one will accept e-mail.
vacation(1), Lotus Notes, Exchange, autoresponders, new mail sent to C/R system from someone that goes on vacation and the challenge gets delayed.
I leave you to figure out the implications of infinite loops.
Improper responses to the challenge address (e.g. challenge_response@yourISP.com) would be scrapped.
Bob sends e-mail to Tom before going on vacation.
Tom's ISP sends a challenge.
Bob's autoresponder sends an out-of-the-office e-mail.
It's not a proper response, so it is discarded.
No challenge would be issued. No infinite loop.
Enough to give them money for my domains.
;-)
It's one thing to trust them to do data entry. It's another thing entirely to trust them as judge, jury, and executioner for spam violations. GoDaddy is not going to charge $7 a year for domain registration and then launch a multi-day inquiry to determine if you really spammed or if the people claiming you did are just out to get you.
And how would automated servers handle the sender verification without being bogged down? Or should my mother have to remember to whitelist companies she deals with before any server generated mail is sent?
I don't believe that Amazon.com would get 211,376 challenges just because they sent 211,376 e-mails to customers at your ISP. I think that the ISP would issue one challenge. It would be read by the customer service people at Amazon. They would respond. All automated e-mail from Amazon would then be delivered without further challenges. I also believe that ISPs will develop whitelists of trusted senders and that the quality of these lists will be instrumental in keeping customers satisfied.
I really do think that C/R can work and I really want to see if Earthlink can do it right. If they do, I think that the spam problem will start to go away. Other ISPs like Yahoo!, MSN, AOL, etc. will implement it and that will be the end.
Another advantage will be that most AOL users will be completely confused by the challenges sent to them and they will stop sending e-mails to the rest of us.
That's not a challenge/response system. You're talking about a networked solution to spam where spam identified by one user is used to identify other people's spam. That's fine, but the same system can be implemented with Bayesian or pure filters without having to resort to generating C/R traffic for each spam.
;-)
:)=
;-)
Yes, it is C/R. A challenge is issued. The challenge bounces. All e-mail from that sender is deleted. (Maybe you would issue the challenge twice spaced 30 minutes apart in case technical problems that caused the first bounce.) There is nothing stopping the ISP from issuing only a single challenge when one sender delivers mail for hundreds, thousands, or more recipients. A single response could cause all of the mail to be delivered.
On what do you base that assumption?
Economics and need for a valid return address -- the latter of which you will not find on 99.99% of spam.
History has shown us that every time we make it harder for spammers to get their garbage to us they respond by mangling their spam, getting around the solution, and sending MORE spam, not by reducing it.
But what happens when you go from "harder" to basically impossible, which is what C/R does? There has always been fairly simple ways around the earlier forms of spam filtering. C/R has no simple, low-labor, low-bandwidth, low-exposure means to circumvent it.
Yes, but C/R is not the best way to keep spam out of customers' mailboxes for reasons that I and others have already explained here.
So you know more than all of the people at Earthlink who have investigated this problem? You know more than people at MailBlocks? I could believe that, but you couldn't know more than me.
Oohh, I didn't realize I was dealing with royalty. Let me cower in my lack of knowledge because I am a commoner that doesn't run anti-spam.org.
I was only trying to show you that I am someone who has done a lot of investigation into this problem. You may rise.
You underestimate labor costs for the first one when using teen-labor and/or folks in 3rd-world countries
Any time that there is significant labor, no matter how cheap, it slows things down and the spammer is unlikely to be able to spam profitably -- even if he has a whole shop full of people in India creating Yahoo! accounts.
If they can send a million spam they can send 100 million spam to brute-force their way through commonly-unblocked email addresses.
Again, it's pretty easy to tell that "support@microsoft.com" is not going to be sending e-mail through the net.edu.cn domain, so that e-mail could be dropped without ever issuing a challenge.
Bandwidth is both time and money to spammers. Many of them have systems running 24/7 using all of their available bandwidth. While they may be able to cover the costs of their T1 bandwidth to send spam now, they won't cover the costs of the OC3 that they would need to handle the additional volume.
You seem to assume that it costs 100 times more to send 100 million emails than it does to send 1 million. I don't believe that is the case. In fact I KNOW it's not the case.
I agree. And whether it costs five times, ten time, or 50 times as much makes little difference. If the spammer is not rolling in dough now, he will be behind the curve when the costs go up substantially.
As is Bayesian which doesn't require legislation or a fundamental change to the e-mail structure of the Internet
But that costs CPU cycles and is less effective than C/R.
In essence, it could be tied to the DNS system, so that only MXes are allowed to propagate mail with reverse checking to prevent spoofing.
Many large organizations use different servers for sending e-mail than receiving it. The SMTP servers that send e-mail for an ISP may not be listed on the MX records at all because they don't handle incoming e-mail for the domain.
If found guilty of spamming, that license could be revoked.
By whom? What worldwide authority would you trust to pass judgement on whether a domain was spamming? Would you trust the registrars?
This would of course require fundamental changes in the way the internet is built
But challenge/response does not require those changes and I expect that it will be very successful. I was advocating it years before the company that's claiming patent rights on it ever existed.
No, increased load. Instead of dealing with one spam, you receive the spam, send out a useless C/R email (creating load on a third server), and then get a bounce back again requiring time to deal with on your mail server.
.01% sales rate, he won't be making it at .001%
Then you delete all 142,675 copies of the spam, keeping it from being downloaded 142,675 times by your customers. Then spam decreases by 99.9% because spammers know that their messages don't get through. Use some foresight, man! Don't just look at the first 50 transactions. Consider the implications down the road. If spammers know that their messages will be blocked because of challenge/response mechanisms, then they will stop spamming that ISP.
Disk space is cheap compared to bandwidth and CPU load dealing with all of it.
There's a bandwidth and CPU cost for spam that is received. There's cost when it is received. There's cost when the customers retrieve it. There's cost when the e-mail clients retrieve images from the spammers' servers. ISPs like Earthlink recognize that keeping spam out of customers' mailboxes helps them attract more customers, keep the customers they have, and decreases their costs long-term due to the projected reduction in spam.
Either that or a spammer will set up an account at Yahoo, send an email to the targetted user, will receive the challenge, will respond, and then will spam the target using that "From" address--and maybe even pass the "unlocked" Yahoo address to other spams who will send in a ton of spam taking advantage of the fact that it is currently open. The target eventually logs in, downloads a ton of spam and nukes the newly-unlocked Yahoo address... but the spam still made it through.
Or, another possibility... Spammers may deduce commonly unlocked email addresses. Perhaps a full 1% of users have unlocked "Support@microsoft.com" and another 1% have unlocked "list@bigmailist.com." So instead of dealing with the challenge response, spammers will just send the same email to each user with a hundred different "commonly unlocked" email addresses. So you'll get spam with forged email addresses that are often unlocked, and instead of a spammer sending the user the email once he will attempt to send it 100 times.
I run the domain anti-spam.org. I understand how spammers work. I know that spam would be economically infeasible with either of the methods you describe above.
You ignore the fact that the receiving server could easily determine, by IP address, that the mail purporting to come from "support@microsoft.com" or "enlarge_your_penis@yahoo.com" was, instead, coming from an open relay in China. Drop that connection and the problem is gone.
So much worse than doubling spam (by sending a C/R response for each spam), you may have increased it by an order of magnitude by giving spammers an incentive to send the same spam multiple times from different forged addresses hoping that at least one is unlocked...
If you sharply increase the number of times that a spammer has to try to get a message through, you make spam unprofitable. While he may be making money with a
C/R is an unworkable solution to spam.
You are incorrect. It is, in fact, an elegant solution that does not require legislation or a fundamental change to the e-mail infrastructure of the Internet.
Or: the customer gets pissed off at the ISP for blocking their email confirmations.
-- and the customer leaves, going to an ISP that has a better, more comprehensive whitelist. This will encourage ISPs to actively try to keep their whitelists up to date and comprehensive.
Or: the company doing the emailing sues the ISP for interfering with their business.
On what grounds? Your ISP has no contractual obligation to to some business trying to send you something. They can accept or reject any e-mail that they choose. They could reject all e-mail from SCO just because they are pissed off about the recent lawsuits. They could reject all email from the RIAA because I don't like their lobbying efforts. Unless the RIAA and SCO had contracts with your ISP guaranteeing delivery of their e-mail, your ISP is within their legal rights.
Spamming is, unfortunately, not illegal. Would you feel that a spammer had grounds to sue an ISP that didn't deliver penis enlargement ads sent by the spammer? That's "interfering with their business", disreputable though that business may be.
And how do you propose this will work with businesses that deal with hundreds or thousands of customers each day? You have to come up with some way to deal with that little problem.
They call the ISPs and get put on the whitelists. No more challenges.
And if you have default whitelists, what's to prevent the spammers from forging a whitelisted sender?
The whitelist could be IP address list based (e.g., amazon's IP range would be whitelisted rather than Amazon's domain name). Also, the threat of tangling with, say, Amazon.com's attorney's would make most spammers hesitate to forge "customerservice@amazon.com".
I think a system where only servers with certificates are allowed to propagate mail would have a better chance of success.
And then Verisign could charge between $350 and $800 per year for a certificate -- like they do for SSL web server certificates now. Microsoft and Netscape would include only certificate authorities that paid them enough money to be included as "trusted." And mail servers run by individuals, small non-profits, and even some small businesses would disappear.
Who would police the list? Who would be authorized to revoke certificates? How would you handle it when someone forged spam in an effort to get the certificate pulled? How would you handle it when some small group in Ghana wanted to run a mail server? Who would vouch for them and say that the mail from there should be trusted? What happens when the small server in Ghana happens to be something that Ralsky set up, knowing that he could spam for days before being investigated by the certificate authority?
I hope that we never see an all-controlling entity that, in essence, "licenses" mail servers, presumably for a fee. That's way too much power to put in the hands of any organization.
Quick - list all of the businesses that all earthlink subscribers will do business with this year. Don't miss any.
I can't. No one can. In the short-term, ISPs will need to create lists with the big guys (amazon.com, walmart.com, ebay.com, etc.). As smaller businesses note that automated e-mail is being rejected, they will have to contact the ISPs to get on the whitelist.
It would be market-driven. ISPs that use challenge-response systems will have to develop good whitelists or customers will leave for ISPs that have better ones. Businesses will not want it to be difficult to communicate with customers and will actively try to get the ISPs to whitelist them.
I expect that companies like TRUSTe will eventually start handling the process of maintaining trusted business lists and the ISPs will use their services.
I have no doubt that, in the short run, there will be some problems. In the bigger scheme of things, I think that these problems will work themselves out.
# increased load on mail servers
.001%. Most challenges will bounce.
No, decreased load on mail servers. Spam comes in. A challenge is sent and it bounces (due to the spammer having forged an address). The spam is discarded, saving space on the server. If the server is smart, it will automatically discard all bulk e-mail purporting to be from that address. The user retrieves their e-mail and that traffic does not included the discarded spam. Spammers, recognizing the futility of sending spam to challenge-response mail servers, will stop spamming that domain.
# everyone's challenge-response system will be different and incompatible
Since a human being has to follow the simple instructions in the message, that is not a problem. You don't want something that is easily scripted anyway.
# spammers will figure out how to reply to them
Only if the spammers give a legit return address. And how many of them do? Probably less than
# businesses won't be able to send legitimate automated email(shipping notifications, confirmations, etc.) because everyone will be using different challenge-response systems. You think the average earthlink user is going to be smart enough to even REALIZE they need to whitelist a business, much less what address?
That's a legitimate concern, but one which can be addressed by ISPs creating whitelists of trusted businesses. The businesses, in order to be able to continue getting legitimate e-mail through, will not spam and risk being removed from the list.
# Loops when dealing with any of the dozens upon dozens of mailing list software, autoresponders, and legitimate automated email systems.
That's a very legitimate concern. One way to deal with it is to send one challenge per sender/recipient. In other words, mailing list A sends e-mail to you. A challenge is sent. No response is received. Mailing list A continues to send e-mail to you. Because they are not whitelisted and because they did not reply to the original challenge, the e-mail is discarded/refused.
Challenge-response is a very good way to deal with spam, though I am sure that there will be some setbacks here and there. Overall, I think that it's a very reasonable idea.
I know its content over presentation, but come on...two typos in one sentence?
"Its" should be "it's" because it's a contraction for "it is." Also, "but come one" is an exclamation and should probably have an exclamation point following it. "Two typos in one sentence" is a separate sentence and should capitalized that way.
I suppose we'll just have to disagree about it's PDA-sizedness. The Axim is definately not the largest PDA I could find, though.
I happen to have my very own Apple Newton. This was one of the first devices ever to carry the name PDA.
The first computers to carry the name "laptop" are far too large by modern standards to define the term for today's devices. Heck, even Macworld referred to the Newton's "cumbersome size."
I have also owned a Psion Revo.
I also have a Sharp Zaurus SL-5500.
Both of which are smaller (in cu. in.) than the new SL-C760
Let me make an analogy: Up until a while ago, I owned a 1985 Chevy Caprice Classic. It's much more than 25% larger than a Honda Civic. It is still car-sized. Yes, it's a big car, but it's still a car.
At what point does a portable computer go from being a big PDA to a small notebook? It has to happen somewhere. You can't just keep introducing bigger and bigger devices, each time saying "it's a PDA because it's only 25% bigger than the last one." If you do that, eventually you get a "PDA" that requires a raised floor and an air conditioning unit.
I do not consider it valid to say "A Caprice Classic isn't car-sized."
I do not, either. But, were someone to introduce a vehicle 25% larger than the Caprice Classic today, I would consider it valid to say that the new vehicle was not "car-sized." You have to draw the line somewhere.
And I guess that's really the definition of our disagreement. You are willing to accept a larger size for the moniker "PDA" than am I. And neither of us is "wrong" (despite our earlier claims to the contrary) because what we are talking about here is opinions.
You however said the Zaurus, isn't PDA-sized, and doesn't have a battery big enough to last for multiple days. Both statements are wrong.
It isn't PDA-sized. You found the biggest PDA that you could and the Zaurus was still 25% larger. So, when someone comes out with something 25% larger than the SL-C760, will that be PDA-sized, too? Just admit that you were wrong.
As to battery life, I should have been clearer. I never envisioned anyone equating a manufacturer-claimed maximum 8 hours of use to be "days." (By the way, the SL-C760 has a 1700mA battery while the SL-C750 has only a 950mA battery.)
Yeah, because 8 hours just isn't that much battery life.
.9"
.6" (7.6 cu. in.) .5" (7.0 cu. in.) .8" (10.0 cu. in.)
No, 8 hours isn't much battery life for a handheld. A Handspring Visor will run about 20 hours on a pair of AAA cells. Besides, it appears that the 8 hours is with an optional, high-capacity Lithium-Ion battery.
Even at 4hrs/day, it does run for days between charges. You were wrong.
Two isn't what I meant when I said "days" and no reasonable person would interpret it that way. You're just being assinine. I meant "runs as long as a typical Palm, Handspring, Sony, etc." Christ, why do you have to be so petty?
Try not being such an asshat.
Try not being an ass.
The Zaurus is PDA-sized. Period
Dell Axim: 5.0" x 3.2" x 0.7"
Zaurus 760: 4.7" x 3.3" x
So you found the biggest PDA that you could dig up and used that as a standard? This is the same PDA about which ZDNet said "The Axim's one shortcoming is its size". CNet wrote "This PDA is too large to slip easily into most pockets" and "The Axim is a bit large for a handheld.".
Okay, let's look at the numbers. The Dell Axim is 11.2 cubic inches and the Zaurus 750 is 14.0 The Zaurus 760 is still 25% larger than the bulky Dell Axim in your example.
Now try some normal PDAs:
Palm Zire: 4.4" x 2.9" x
Palm m515: 4.5" x 3.1" x
Handspring Visor: 4.8" x 3.0" x
Handspring Visor Edge: 4.7" x 3.1" x 0.44" (6.4 cu. in.)
Someone doesn't like to be proven wrong, does he?
Obviously not, but maybe you can accept your error now that I've given you numbers.
It's way smaller than a psion 5, which easily fits in a jacket pocket. Scruff!
So do you wear a jacket around your office? Most of us wear shirts. It's that whole "indoor jobs" thing.
I probably know more about race car design than you do, having wrenched on them myself.
You seem to be making the argument that helmets play an insignificant role in preventing death in auto racing accidents. That is, simply put, absurd. They were saving lives long before many of the safety innovations you cite were ever invented.
First of all, the cars are made to absorb energy. This means that big crash you see where the car gets torn apart, that's the car material sacrificing itself, taking in all the kinetic energy.
It's what they call "crumple zones" in passenger cars.
Then the driver is encased in a 5 point harness.
And in a passenger car, the speeds are lower and the driver has a lap/shoulder belt and an airbag.
Then there's the Han/Hutchens device, which prevents the whiplash effect (what killed Earnhardt, he could have used one).
No, there are two different devices and they are know as the HANS (Head and Neck Support) device and the Hutchens Device.
Just simply wearing a helmet doesn't afford instant protection
Yes, it does. It may not be absolute, but it is instant. Helmets have saved the lives of thousands of motorcylcists over the years. The motorcyclists whose lives were saved had no roll cages, crumple zones, HANS-type devices, or five-point harnesses.
I never claimed that the use of helmets in automobiles would eliminate deaths, did I? It would just drastically reduce the number of deaths caused by brain injuries -- one of the leading causes of death in automobile accidents on public roads.
Ah..but what will it do the quarter mile in?
If that quarter mile is on public roads with stop signs, stoplights, and other traffic -- about the same as your car.
Why? I value not being made into a paraplegic in an accident. When in transport, I want a frame around me. In a battle of a head hitting the road, the road always wins.
Perhaps you should learn to drive/ride rather than playing bumper cars on the road. It's your kind of "bigger-is-better" mentality that has moms driving to the grocery store and post office in Chevy Suburbans.
If you are so concerned about safety, why don't you wear a helmet in your car? It would cut your chances of dying in an accident about in half. Why do you think they wear them in race cars and survive accidents at 200MPH+.
These are, dumbass. Just because it looks like a laptop, doesn't mean it's as big as one. Sheesh.
.9"). Maybe you have room for something that size in the pockets of oversized Hawaiian shirts you wear to cover you man titties, but most of us have normal-sized pockets.
Hey moron, I didn't say that they were as large as a laptop. I said that they were too big to be PDAs. The SLC760 is 120mm x 83mm ×x 23.2mm (4.7" x 3.3" x
The SL-C760 is spec'ed at 8 hours continuous battery life.
And that's nothing. Many Palm PDAs will do over double that on a pair of AAA batteries.
Learn to read.
These devices are not PDAs. They are notebook computers with inadequate screen resolution (640x480), no hard drive, short battery life, and a membrane keyboard that's too small to type on. A PDA is something the size of a calculator that you can put into a shirt pocket. You give up the convenience of a full-sized screen and keyboard and a fast CPU so that it fits in your pocket and runs for days between battery changes/charges.
This is right up there with 1998 Toshiba technology. Back then, Toshiba introduced the Libretto. It had 640x480 screen resolution, a real (though small) keyboard, and, unlike the new Sharp models mentioned here, had an actual hard drive. They were 8.3"x4.5"x1.3" and 1.8lbs. And Toshiba didn't try to pretend that the Librettos were PDAs.
I don't care that the Sharp units run Linux either. Being able to fsck the flash disk hardly makes up for the other inadequacies in these devices.
Maybe the documentation for their mail server is only in English and they only know some other language(s) so they can't find out about how to properly use the server. Supposedly this is part of the problem with open relays in Asia.
This is like saying "the documentation for the AK47 was only in Russian and that's why I accidentally shot my neighbor."
A mail server configured as an open relay could cost countless hundreds of thousands (maybe millions) of people time and money. If you can't read the English documentation that accompanies the mail server, then get a mail server with docs you can read. If you can't find one, then don't run a mail server.
Ho Lee Phuc's inability to read English does not mean that everyone else on the Internet should suffer the consequences.
Ooh, resorting to ad hominem attacks. I see you have lost all hope of winning this "argument" by legitimate means.
You are the one who accused me of having violated my ISP's Terms of Service. You are the one who asked "What could you possibly be smoking." You started the ad-hominem attacks, so don't give me shit for responding in kind.
As to winning the argument, I already have, you just won't admit it yet.
When you place a site on the Internet or make a server Internet accessible, you grant global permission for all entities to link to said site or access it for legitimate purposes.
Says who? Besides, I don't consider crashing a web server to be a "legitimate purpose." It's like running over a pedestrian and saying "but I was on a legitimate errand to the grocery store, so it's okay."
Let us recap: A DDoS is an attack designed to flood a site with non-legitimate data in an attempt to crash it or deny access to it.
Since we are making up our own definitions, here's mine: A DDoS attack is any one in which persons knowingly cause others to send so much data that a server goes down -- regardless of whether the data is "legitimate."
Are you illiterate?
Are you resorting to ad hominem attacks, again?
In answer to your question, I've been paid by national magazines for articles. I've consulted with Time-Life Books on their Understanding Computers series. I've got the credentials to decide who is reading-challenged here. One of us is, and I'll give you a hint: It's not me.
The POINT of that post is that it is LEGAL to link to other sites.
You can be legally liable without having committed a crime. Example: Store leaves water on the floor and patron slips and falls. The store may not have committed a crime, but they are still civilly liable for damages. Do you really not understand the difference between civil liability and criminal law? Don't bother with answering. You just demonstrated that you are not.
As the author notes, you can sue anyone you want for anything, it doesn't mean you'll win, or that it's morally right.
Where, in that article, does the author state that you can sue anyone for anything and that it doesn't mean that such a suit is morally right? Where? You are simply making shit up in an effort to convince people to lazy to read the article that you are right. Nice try.
Not even close to efficient enough. A good electric motor is about 50% efficient. That means that you would have to put in 4 hp worth of energy (about 1500 watts) to get 2hp of rotational energy out of it. Then there is the inefficiency of the generator.
Freight trains use diesel-electric power because they need incredibly high starting torque and the electric motor gives that. There's a saying about trains: A diesel (electric) locomotive can start a load that it can't pull and a steam locomotive can pull a load that it can't start. That's the difference between torque and horsepower.