I have been begging my bank to require some sort of physical token for authorization - even if only at customer request. The obvious example is a smart card or i-Button. I would be glad to pay up to $50 to opt-in to such a feature. A low tech example for online security I've heard some non-US banks use is to issue a printed sheet of one-time passwords. The customer needs to visit a branch to get a new sheet.
If the thief has to steal your token in addition to your info, he is at least prevented from doing it all from his comfy arm-chair.
Microsoft should have handled broken apps like SysV did with null pointer derefence. Make the default policy to do immediate free. But provide a flag, settable by application, that can disable immediate free for that app only. Require the users to add a registry entry to work around the broken app. Be sure to name the registry key something that makes it clear to an end user that the app is broken, and the OS is just working around the problem.
We have a lot of server only machines, and although we have been using RedHat plus yum plus our own RPMS, trustix looks interesting. I couldn't tell from the web pages whether swup is the equivalent of yum/rc/yup/apt, or whether they have yet another low level package format. We don't care much what the high level interface looks like, but don't want to rewrite all our RPM specs.
Absolutely nothing. That is not what the lawsuit was about. All the com.ms.*
stuff that Microsoft produced was appropriate - and very welcome for those wanting to write Windows specific apps.
The lawsuit was about adding proprietary extensions to the core libraries - the java.* libraries. That was specifically forbidden in the contract. Microsoft's excuse in court was that the contract didn't mention future versions.
The problem with extensions to core libraries was that the unwary would be fooled into writing non-portable programs that only run on Windows. It is obvious (or should be to the clueful) when importing com.ms.* that your program will only run on Windows. Having the compiler accept bogus java.lang.* features was a not so subtle attempt by Microsoft to trick people into writing non-portable programs without knowing it. The 100% pure Java program was an attempt to undo the damage by providing a program that checks all imported classes, methods, and fields, to check for the use of non-portable extensions.
Actually, all his "stupid" points fit in with the "trusted" computing paradigm.
Let's look at the points from that point of view:
Default deny instead of default allow.
When users are annoyed by questions they don't understand, support costs
go up. Windows users really can't answer questions about whether to
allow various TCP connections. Since only programs we approve can be
installed on the "users" machine, there is no point in default deny.
Enumerating Badness.
Just like currency security doesn't try to identify all the different kinds
of forgery, so the idea of "trusted" computing is that all programs are
bad except the ones signed directly or indirectly by Microsoft.
Penetrate and Patch.
To be effective, "trusted" computing must be airtight against workarounds
by end users. That is why hardware enforcement is an integral part of
the picture. The XBox project has been very effective in eliminating
holes in the "trusted" computing hardware, thanks to the many volunteer
hackers attacking it.
Hacking is cool.
Currency security experts don't spend time on basement printing presses. They
spend time on creating currency features that are expensive to reproduce
on a small scale. End-user freedom is not an issue in the "trusted" computing
paradigm. We simply want an airtight system that allows *only* Microsoft
approved programs to execute, and a hardware enforced way to retroactively
delete content when Microsoft makes a "mistake".
We want to ensure that defeating the hardware interlock on our machines
requires resources way beyond what an individual or small company can
muster. It doesn't matter if organized crime or Chinese corporations
have the resources. Their exploits give us justification to tighten the
screws on our captive users.
Educating Users.
One of the main real selling points of our software is that we aim it
at users who don't know or care about computing. They just want to use some
applications. If our users had any desire or aptitude to learn about
security, they would have defected to that "competitor" that shall not
be named. Once we succeed in legally banning un-"trusted" hardware,
any talk of user "education" will be banished to dark alleyways.
You say, "never let users install their own applications or plug-ins". Darn
tootin. The whole point of "trusted" computing is to prevent users from
installing their own applications or plug-ins. That is 99% of the
security problem with Windows. If a user doesn't know whether to allow
a TCP connection, they certainly have no idea whether some no-name (i.e.
non-Microsoft) program is safe to install.
Action is better than Inaction.
We have 100s of millions of machines running our software in the field. We
have a nearly complete monopoly on desktop software. Knee-jerk actions
are simply out of the question. The damage done by an insufficiently
tested patch is far worse than the damage done by the nastiest malware -
because our users will blame it on *us*. (The rebels blame the malware
on us, but that is irrelevant.)
That is what I tell non-techie family and friends. I don't talk about how "evil" such media companies are, I just explain that calling their purchase a "sale" is a "stretcher" - something average folk are very familiar with in advertising.
When you "buy" a DVD, you do not actual own the copy, you have merely purchased a long term rental. The rental agreement lets you play it at home for an indefinite period (basically as long as the current type of player is still produced and/or yours still works) - subject to certain restrictions on some titles (e.g. being forced to watch the previews).
Instead of breaking the law wherever feasible, I think our crowd would be much more successful helping to enforce it. If the EFF could bring suit simply to force media companies to stop calling what they do "selling copies", and call them "long term rentals" instead, then the market would take care of the rest. There would still be a market for long term rentals - but you would also be able to actually buy a copy for more money than a long term rental (probably something around what video rental stores pay for their copy).
The best way to get rid of a bad law is to enforce it vigorously.
I don't know of any extreme of weather where man battles and wins. The destructive power of nature is truly awesome - in the traditional rather than the watered-down Californian meaning. In my opinion, if there is doubt over the probabilities, we ought to be minimising the risk *anyway*, and that means trying to combat global warming (in as much as we are capable of it). Burying our head in the sands is sort of like sitting, waiting for the tidal wave to hit, rather than running to high-ground to try and stay alive. And just as foolish.
You premise is good. Your conclusion doesn't follow. If man can't battle nature and win, then trying to combat global warming is like piling sand bags to try and stop a tsunami. Running to high ground would be like getting ready to move from places like Florida and Netherlands (put under water by rising seas) to places like Siberia (made more habitable by rising warmth).
Low thrust is different. Low thrust spacecraft thrust all or most of the time during the trip and the trajectory is more complicated. It is not usable for manned flight because it is too slow but is useful for unmanned spacecraft sometimes.
I find recent work on low thrust trajectories the most fascinating. I was made aware of it in Science News a few months ago. Although the combined influence of the Sun and all the planets form a chaotic system (in principle not predictable beyond certain time limits), there exist stable transfer lanes which function like chaotic attractors (thanks mainly to the stabilizing influence of Jupiter). Once you get your unmanned craft into the lane, it needs only to apply corrections now and then to stay in the lane - and gravity will take it all the way to its destination! The time required is measured in years rather than months, but it makes unmanned missions much more economical.
The "slingshot" trajectories of earlier out planet explorers were similar, but had to be calculated in full for each mission. This new technique creates a 3D (orbital plane plus time) map of the space lanes - which looks like a maze of twisting tubes of varying diameters. To plan your trip, you find a lane near earth that goes to your destination. You need fuel for getting to the lane, course corrections while travelling, and exiting the lane.
As described in the Novel Oxygen, we could send unmanned supply ships to Mars via the economical low thrust space lane routes. The manned mission would come later, when the supplies have and/or will have arrived, and will be lighter and cheaper since it will only need food, water, etc for the trip, and not for the extended stay required by Holman transfer trajectories for the speedier manned trip. Fuel for the return trip would also be sent ahead. (Clearly, I would want some reduncancy, and robot surveillance to ensure that said supplies have truly arrived safely.)
Re the novel: of *course* something goes wrong. Think Apollo 13, but on a *much* longer trip. That's all I'll say.
I read the book years ago. I remembered the image of Sulva (the moon, which in the story is barren on the side facing earth but verdant and fruitful on the side facing deep heaven) and the idea of sex with images (while Lewis clearly envisioned latex robots, virtual reality fits even better) which Lewis correctly foresaw as the logical conclusion of birth control. I fetched the book from my shelf to type in the quote.
I have never pirated any music, and yet all the CD's we listen to are on recordable media. I've downloaded dozens of CDs from Magnatune, and when I buy a disc, I make a copy and play that. The kids have this habit of handling discs after coating their hands with a honey/dirt mixture, and I like to be able to replace them. I've even copied my favorite cassette tapes to CD (complete with tape hiss). When my daughter comes home with a CD-R from a friend, I immediately destroy it along with a lecture about how when the RIAA sues us, the settlement will come out of her savings. She has to borrow the original. (Of course her friend just keeps the CD-R copy, but I can't help that.) In short, I go out of my way to avoid copyright violations. Furthermore, I record my own and my daughter's music and have that on CD-R.
Would my recordable media count in this study? I notice they don't mention how much of that recordable media represents actual illegal copying. I guess you're supposed to assume that anyone with a CD-R is a criminal.
On similar lines, my dad has been archiving all of our family 8mm movie film to DVD.
FTFA: You'll meet a couple who have been married for years and have never seen each other's real-life faces.
In
That Hideous Strength, Merlin asks Ransom, "Who is called Sulva? What road does she walk? Why is the womb barren on one side? Where are the cold marriages?"
In part, Ransom replies, "... the womb is barren and the marriages cold. There dwell an accursed people, full of pride and lust. There when a young man takes a maiden in marriage, they do not lie together, but each lies with a cunningly fashioned image of the other, made to move and to be warm by devilish arts, for real flesh will not please them, they are so dainty in their dreams of lust. Their real children they fabricate by vile arts in a secret place."
At first, I thought "call-center" meant the jerks who call me while I'm in the shower to offer to refiniance my (non-existent) mortgage. But instead, you are one of those wonderful people whom *I* can call 24/7 (or 8/5) when I have a stupid question about a product or service.
I called last night about a dimmer I had just purchased. Before opening the package, it looked like the leads might be aluminum. A quick call to the Lutron 24/7 tech line and with the product number in hand, a nice man assured me they were tin coated copper. And when I opened the package they were.
Seriously, I love product support guys that know about the product - even if their knowlege isn'[t exhaustive. Keep up the good work.
You are absolutely correct. There are those who are pro-life, and also against the death penalty (like most Catholic leaders), but are not in principle against the death penalty for the guilty. The prerequisite for just administration of the death penalty is that the innocent are protected. (In fact protection of the innocent is part of the purpose of the death penalty.) But we live in a culture of death where the courts sanction the brutal execution of over 1 million human lives every year, in the full and certain knowledge that every one of those lives was innocent of any crime. Statistics about black vs white executions pale in comparison with this vast holocaust (and are usually misused to draw invalid conclusions anyway).
How can those courts claim to be diligent and unbiased in their determination that the evidence of a crime points to the guilt of the accused beyond the shadow of a doubt, when those same courts sanction the execution of those never even accused of any crime. They have gone so far as to begin not just allowing but *ordering* the execution even of adults who have not even been accused. (And Terri Schiavo was not the first - just the first with national attention.)
The UK courts have now
announced that any one who is "terminally ill" may be starved to death - a moniker that could be applied to every one of us, it is just a matter of how long.
Another solution to the cancer risk is to send older astronauts. The older you get, the lower the risk that a cancer is going to significantly shorten your life. That is why the treatment for slow growing prostate cancers is often to do nothing. Someone in their 50s, in good shape, would be up to the rigors, but not going to (or at least shouldn't) feel cheated when cancer strikes 15 years later.
The value of a CD isn't in the bit of plastic, but in the music it contained and in the freedom it granted for you to listen to it whenever you wanted.
And since copy-protected media don't provide you the freedom to listen to it whenever you want, there is no point in buying them.
Case in point. I only started buying DVDs 6 months ago - when I finally got around to getting libdvdcss installed and player software working. I sure won't be buying any DVD Audio until its copy protection is equally as pointless.
The copy protection does nothing to stop pirates. In fact, large scale pirates can just copy the bits - no decryption needed! All it does is stop paying customers like me from buying your stuff until there is a simple and painless work-around so I can use it.
It is worse than the author states. Not only are the relative number of patents decreasing, but the patents that are granted are completely stupid. (At least the software patents are, since that is my field of expertise. Perhaps there are still some decent patents in other fields.) Oh for the days when you had to have a working prototype to file a patent.
Ah, getting n digits does work fine out of the box. I was trying to compute the n'th digit, and apparently that is "tricky". I don't feel so bad. Empirically, it looks like you need only about 4 bits more precision than you want in the answer.
The formula certainly is simple, and easy to memorize. But I must be dense. I'm still trying to figure out how to use it to create an actual program that outputs digits of pi given only arbitrary precision integer arithmetic. The longer algorithm is "ready to use".
I suppose I'll have to cheat now and google on "BBP implementation".
define atan(m,b,n) { t = m s = b * b d = 3 while (d < n * 2) { x = s * d t = t * x - m b *= x m *= d d += 2 x = s * d t = t * x + m b *= x m *= d d += 2 } return (t/b) }
pi = 8*atan(1/3) + 4*atan(1/7)
This is much shorter to memorize, and is easily used to produce as many digits of Pi as needed in minutes with any automatic execution language supporting large integers. Somewhat more time is required when arbitrary precision integers are not already available via library or builtin. This actually came up when implementing Blowfish required 4096 hex digits of pi.
Now, I sure that there are plenty of Math Geeks reading this who can suggest smaller/more time efficient/more memory efficient/otherwise superior pi algorithms to memorize.
Both are supposed to be anti-forgery. SPF classic prevents forgery of MAIL FROM. Sender-ID prevents forgery of PRA - a synthetic identity derived from existing rfc2822 headers by selecting one according to a patented algorithm.
Sender-ID could be another forgery prevention tool. But Microsoft is not content to be "another". The maliciously evil thing they are doing with this hotmail rollout is that to evaluate Sender-ID, they are reading a domains SPF classic record.
Yes, you heard me right. Almost no one has published Sender-ID records, so they are interpreting records that say which IPs a MAIL FROM can originate from as if they said which IPs a PRA can originate from instead. This guarrantees large numbers of both false FAIL and false PASS.
The false PASS is particularly mean to their users, since phishing scammers can how have their forged rfc2822 From get a nice VALIDATED stamp of approval from SenderID when the domain they are forging has SPF but not sender-ID records (it is possible to prevent this with careful design taking into account how the SPF record might be interpreted by Sender-ID).
Reading a full length book online will give you hemmorhoids and eyestrain. Printing a book of this length one off will cost you more that the $19 street price. Printing large enough quantities of a full length book to be economical is a blatant copyright violation (unless the license explicitly allows this). There are excerpts available online.
One of our customers gets DSL service from a spam friendly ISP that is blacklisted by Spews. Spews is correct: the ISP is a spam friendly bastard. Unfortunately, it is also a monopoly in the area. There is no other broadband service available at any price (well, I suppose if you wanted to set up your own ISP...).
Our solution is to relay mail through another MTA (via VPN) for recipients that check Spews. But this illustrates yet another reason why the "blacklist the entire ISP" strategy is not good.
The solution to the IP abandoned by a spammer problem is simple: don't blacklist IP addresses. Instead, use SPF to validate the MAIL FROM, and base your blacklists on the MAIL FROM domain instead of the IP. Yes, spammers can also do SPF, and already have throwaway domains. But the namespace is *much* bigger, and their automated throwaway domains are not ones you would want anyway, (e.g. ajfkc.com).
Can an ISP comply with the law by simply recommending a 3rd party filtering service that uses the government list in a compliant manner? Or does the filtering actually have to occur on the ISPs physical servers?
If this law just sets minimum standards for optional filtering that every ISP has to offer, then it is no worse than the government setting minimum standards for restaurant food safety. (There are restaurants in our area that pass county standards that I won't eat at.)
Suppose the filtering service has a "parent" mode as well as a "child" mode, where the parent mode allows more access as set by the parent. Is this service still compliant?
FWIW, I use a squid whitelist for my daughters. I have a simple command to add more sites as they are encountered in google, etc. I wouldn't trust a blacklist to effectively protect my kids because of throwaway domains. So, as with restaurants, the government minimum standards are pretty low.
Slashdot Mirror
If the thief has to steal your token in addition to your info, he is at least prevented from doing it all from his comfy arm-chair.
Microsoft should have handled broken apps like SysV did with null pointer derefence. Make the default policy to do immediate free. But provide a flag, settable by application, that can disable immediate free for that app only. Require the users to add a registry entry to work around the broken app. Be sure to name the registry key something that makes it clear to an end user that the app is broken, and the OS is just working around the problem.
We have a lot of server only machines, and although we have been using RedHat plus yum plus our own RPMS, trustix looks interesting. I couldn't tell from the web pages whether swup is the equivalent of yum/rc/yup/apt, or whether they have yet another low level package format. We don't care much what the high level interface looks like, but don't want to rewrite all our RPM specs.
Absolutely nothing. That is not what the lawsuit was about. All the com.ms.* stuff that Microsoft produced was appropriate - and very welcome for those wanting to write Windows specific apps.
The lawsuit was about adding proprietary extensions to the core libraries - the java.* libraries. That was specifically forbidden in the contract. Microsoft's excuse in court was that the contract didn't mention future versions.
The problem with extensions to core libraries was that the unwary would be fooled into writing non-portable programs that only run on Windows. It is obvious (or should be to the clueful) when importing com.ms.* that your program will only run on Windows. Having the compiler accept bogus java.lang.* features was a not so subtle attempt by Microsoft to trick people into writing non-portable programs without knowing it. The 100% pure Java program was an attempt to undo the damage by providing a program that checks all imported classes, methods, and fields, to check for the use of non-portable extensions.
When users are annoyed by questions they don't understand, support costs go up. Windows users really can't answer questions about whether to allow various TCP connections. Since only programs we approve can be installed on the "users" machine, there is no point in default deny.
Just like currency security doesn't try to identify all the different kinds of forgery, so the idea of "trusted" computing is that all programs are bad except the ones signed directly or indirectly by Microsoft.
To be effective, "trusted" computing must be airtight against workarounds by end users. That is why hardware enforcement is an integral part of the picture. The XBox project has been very effective in eliminating holes in the "trusted" computing hardware, thanks to the many volunteer hackers attacking it.
Currency security experts don't spend time on basement printing presses. They spend time on creating currency features that are expensive to reproduce on a small scale. End-user freedom is not an issue in the "trusted" computing paradigm. We simply want an airtight system that allows *only* Microsoft approved programs to execute, and a hardware enforced way to retroactively delete content when Microsoft makes a "mistake".
We want to ensure that defeating the hardware interlock on our machines requires resources way beyond what an individual or small company can muster. It doesn't matter if organized crime or Chinese corporations have the resources. Their exploits give us justification to tighten the screws on our captive users.
One of the main real selling points of our software is that we aim it at users who don't know or care about computing. They just want to use some applications. If our users had any desire or aptitude to learn about security, they would have defected to that "competitor" that shall not be named. Once we succeed in legally banning un-"trusted" hardware, any talk of user "education" will be banished to dark alleyways.
You say, "never let users install their own applications or plug-ins". Darn tootin. The whole point of "trusted" computing is to prevent users from installing their own applications or plug-ins. That is 99% of the security problem with Windows. If a user doesn't know whether to allow a TCP connection, they certainly have no idea whether some no-name (i.e. non-Microsoft) program is safe to install.
We have 100s of millions of machines running our software in the field. We have a nearly complete monopoly on desktop software. Knee-jerk actions are simply out of the question. The damage done by an insufficiently tested patch is far worse than the damage done by the nastiest malware - because our users will blame it on *us*. (The rebels blame the malware on us, but that is irrelevant.)
so that when someone actually invents it, they can collect royalties. That's the new USPTO business model.
When you "buy" a DVD, you do not actual own the copy, you have merely purchased a long term rental. The rental agreement lets you play it at home for an indefinite period (basically as long as the current type of player is still produced and/or yours still works) - subject to certain restrictions on some titles (e.g. being forced to watch the previews).
Instead of breaking the law wherever feasible, I think our crowd would be much more successful helping to enforce it. If the EFF could bring suit simply to force media companies to stop calling what they do "selling copies", and call them "long term rentals" instead, then the market would take care of the rest. There would still be a market for long term rentals - but you would also be able to actually buy a copy for more money than a long term rental (probably something around what video rental stores pay for their copy).
The best way to get rid of a bad law is to enforce it vigorously.
You premise is good. Your conclusion doesn't follow. If man can't battle nature and win, then trying to combat global warming is like piling sand bags to try and stop a tsunami. Running to high ground would be like getting ready to move from places like Florida and Netherlands (put under water by rising seas) to places like Siberia (made more habitable by rising warmth).
I find recent work on low thrust trajectories the most fascinating. I was made aware of it in Science News a few months ago. Although the combined influence of the Sun and all the planets form a chaotic system (in principle not predictable beyond certain time limits), there exist stable transfer lanes which function like chaotic attractors (thanks mainly to the stabilizing influence of Jupiter). Once you get your unmanned craft into the lane, it needs only to apply corrections now and then to stay in the lane - and gravity will take it all the way to its destination! The time required is measured in years rather than months, but it makes unmanned missions much more economical.
The "slingshot" trajectories of earlier out planet explorers were similar, but had to be calculated in full for each mission. This new technique creates a 3D (orbital plane plus time) map of the space lanes - which looks like a maze of twisting tubes of varying diameters. To plan your trip, you find a lane near earth that goes to your destination. You need fuel for getting to the lane, course corrections while travelling, and exiting the lane.
As described in the Novel Oxygen , we could send unmanned supply ships to Mars via the economical low thrust space lane routes. The manned mission would come later, when the supplies have and/or will have arrived, and will be lighter and cheaper since it will only need food, water, etc for the trip, and not for the extended stay required by Holman transfer trajectories for the speedier manned trip. Fuel for the return trip would also be sent ahead. (Clearly, I would want some reduncancy, and robot surveillance to ensure that said supplies have truly arrived safely.)
Re the novel: of *course* something goes wrong. Think Apollo 13, but on a *much* longer trip. That's all I'll say.
I read the book years ago. I remembered the image of Sulva (the moon, which in the story is barren on the side facing earth but verdant and fruitful on the side facing deep heaven) and the idea of sex with images (while Lewis clearly envisioned latex robots, virtual reality fits even better) which Lewis correctly foresaw as the logical conclusion of birth control. I fetched the book from my shelf to type in the quote.
Would my recordable media count in this study? I notice they don't mention how much of that recordable media represents actual illegal copying. I guess you're supposed to assume that anyone with a CD-R is a criminal.
On similar lines, my dad has been archiving all of our family 8mm movie film to DVD.
In That Hideous Strength , Merlin asks Ransom, "Who is called Sulva? What road does she walk? Why is the womb barren on one side? Where are the cold marriages?"
In part, Ransom replies, "... the womb is barren and the marriages cold. There dwell an accursed people, full of pride and lust. There when a young man takes a maiden in marriage, they do not lie together, but each lies with a cunningly fashioned image of the other, made to move and to be warm by devilish arts, for real flesh will not please them, they are so dainty in their dreams of lust. Their real children they fabricate by vile arts in a secret place."
Lewis had modernism pegged way back in the '40s.
I called last night about a dimmer I had just purchased. Before opening the package, it looked like the leads might be aluminum. A quick call to the Lutron 24/7 tech line and with the product number in hand, a nice man assured me they were tin coated copper. And when I opened the package they were.
Seriously, I love product support guys that know about the product - even if their knowlege isn'[t exhaustive. Keep up the good work.
How can those courts claim to be diligent and unbiased in their determination that the evidence of a crime points to the guilt of the accused beyond the shadow of a doubt, when those same courts sanction the execution of those never even accused of any crime. They have gone so far as to begin not just allowing but *ordering* the execution even of adults who have not even been accused. (And Terri Schiavo was not the first - just the first with national attention.)
The UK courts have now announced that any one who is "terminally ill" may be starved to death - a moniker that could be applied to every one of us, it is just a matter of how long.
Another solution to the cancer risk is to send older astronauts. The older you get, the lower the risk that a cancer is going to significantly shorten your life. That is why the treatment for slow growing prostate cancers is often to do nothing. Someone in their 50s, in good shape, would be up to the rigors, but not going to (or at least shouldn't) feel cheated when cancer strikes 15 years later.
And since copy-protected media don't provide you the freedom to listen to it whenever you want, there is no point in buying them.
Case in point. I only started buying DVDs 6 months ago - when I finally got around to getting libdvdcss installed and player software working. I sure won't be buying any DVD Audio until its copy protection is equally as pointless.
The copy protection does nothing to stop pirates. In fact, large scale pirates can just copy the bits - no decryption needed! All it does is stop paying customers like me from buying your stuff until there is a simple and painless work-around so I can use it.
It is worse than the author states. Not only are the relative number of patents decreasing, but the patents that are granted are completely stupid. (At least the software patents are, since that is my field of expertise. Perhaps there are still some decent patents in other fields.) Oh for the days when you had to have a working prototype to file a patent.
Ah, getting n digits does work fine out of the box. I was trying to compute the n'th digit, and apparently that is "tricky". I don't feel so bad. Empirically, it looks like you need only about 4 bits more precision than you want in the answer.
I suppose I'll have to cheat now and google on "BBP implementation".
This is much shorter to memorize, and is easily used to produce as many digits of Pi as needed in minutes with any automatic execution language supporting large integers. Somewhat more time is required when arbitrary precision integers are not already available via library or builtin. This actually came up when implementing Blowfish required 4096 hex digits of pi.
Now, I sure that there are plenty of Math Geeks reading this who can suggest smaller/more time efficient/more memory efficient/otherwise superior pi algorithms to memorize.
Sender-ID could be another forgery prevention tool. But Microsoft is not content to be "another". The maliciously evil thing they are doing with this hotmail rollout is that to evaluate Sender-ID, they are reading a domains SPF classic record.
Yes, you heard me right. Almost no one has published Sender-ID records, so they are interpreting records that say which IPs a MAIL FROM can originate from as if they said which IPs a PRA can originate from instead. This guarrantees large numbers of both false FAIL and false PASS.
The false PASS is particularly mean to their users, since phishing scammers can how have their forged rfc2822 From get a nice VALIDATED stamp of approval from SenderID when the domain they are forging has SPF but not sender-ID records (it is possible to prevent this with careful design taking into account how the SPF record might be interpreted by Sender-ID).
Reading a full length book online will give you hemmorhoids and eyestrain. Printing a book of this length one off will cost you more that the $19 street price. Printing large enough quantities of a full length book to be economical is a blatant copyright violation (unless the license explicitly allows this). There are excerpts available online.
Our solution is to relay mail through another MTA (via VPN) for recipients that check Spews. But this illustrates yet another reason why the "blacklist the entire ISP" strategy is not good.
The solution to the IP abandoned by a spammer problem is simple: don't blacklist IP addresses. Instead, use SPF to validate the MAIL FROM, and base your blacklists on the MAIL FROM domain instead of the IP. Yes, spammers can also do SPF, and already have throwaway domains. But the namespace is *much* bigger, and their automated throwaway domains are not ones you would want anyway, (e.g. ajfkc.com).
If this law just sets minimum standards for optional filtering that every ISP has to offer, then it is no worse than the government setting minimum standards for restaurant food safety. (There are restaurants in our area that pass county standards that I won't eat at.)
Suppose the filtering service has a "parent" mode as well as a "child" mode, where the parent mode allows more access as set by the parent. Is this service still compliant?
FWIW, I use a squid whitelist for my daughters. I have a simple command to add more sites as they are encountered in google, etc. I wouldn't trust a blacklist to effectively protect my kids because of throwaway domains. So, as with restaurants, the government minimum standards are pretty low.
Actually, the guy has to be pretty buff to demonstrate that atomic "wristwatch". Lots of girls like a buy with both brains *and* brawn.