* The U.S. is where the money is or * The U.S. is where the stupid people are
Well, this is kind of interesting.
You see, I have, basically, 4 e-mail domains I use.
- 1.org address
- 1.org domain
- 3.br addresses at a major ISP domain
- 1.br address at my work
Even though something like 80% of the e-mails I receive is at my work address, I still have the following percentage of spam:
- 1.org address -> 3%
- 1.org domain -> 50%
- 3.br addresses at a major ISP domain -> 90%
- 1.br address at my work -> 3%
So, as you can see from my Completly Unacurate Statistcs Study(tm), it seens to me that your
domain is more relevant to the amount of spam you receive then the country of it
Just to give an additional data, my.org domain is the most widely known of them. My address e-mail is the second best. My addresses from the ISP
are the least known, and are the ones that received (percentage) the most spam.
Something like 15 spams reach my e-mail boxes
every day, which amounts for something like 5475 spams/year. Considering that my evasive measures and filters get something like 80% of all the spam directed to me, we can consider that I have around 30000 spams/year target at me.
And I live in Brazil.
So not, it's not something only Americans are subject to.
As long as people buy things from spammers, it will never end.
You see, if the spammers get 0.0001% response, it's still a good deal for them. Spamming costs almost nothing.
As a matter of principle, I never buy anything from a spammer (not even other products they are not offering). Even if it's better or cheaper then everywhere else.
Also, I do well known trick. I got a domain, and use a single e-mail address on each place. The first spam I get at a given address, I redirect the address to/dev/null. That keeps the spam level pretty low. I know they keep arriving, but at least they do not annoy me.
And, besided that, to be on the safe side, I still have a good bunch of procmail rules to filter the rest that still passes.
I know that, and that was on my original comment.
The problem is that we are not talking about Joe hacker, but about a terrorist group with an agenda of its own. So, we have to question what a use they could make of somethine like that.
If this is really another buffer overflow, people would say: "Heck, another nasty MS bug", and go on with their mediocre lives.
Terrorits commits acts to make an statement. You see, however distorted it is, they have a goal. If they simply put something in the code that creates just the same kind of havok Win users have at least once a month, it would give then no advantage. I never heard of a terrorist that attacked out of pure pleasure.
I don't think we will ever see a terrorist using CFC sprays just to hurt the ozone layer, just making noises on NY. That is already there, nothing they can gain with it.
Re:not as easy as you might think
on
al Qaeda Hacks XP?
·
· Score: 3, Interesting
After some obtuse comments on my post, I stopped to think what I would do if I was a terrorist and decided to do this kind of stuff (sabotage WinXP).
That lead me to some considerations:
1- The sabotage would have to be enough so it's usage (or saying I would use it) would cause terror
2- The sabotage would have to be small enough it would pass quality assurance without arousing a flag
3- The sabotage would have to be generic enough so nobody would spot it at a first glance
4- The exploit would have to be complicated enough so nobody else would be able to exploit it before I do
5- This sabotage would have to take a form, or permit some kind of use, that would let me claim responsability for the terrorist act
6- If I could do something misleading, so that when I first attacked, the the original sabotage
would not be found, even after the attack, the better
So, considering all this point, I want to reduce my rating from "Very Probable" to simply "Technicaly Factible".
Unless they are very stupid. Which maybe they are, just like me posting this kind of thing with the FBI sensors and such monitoring everything.
If they arest me for this post, please, let the slashdotters know about it.
Or could it be I'm simply violating the DMCA ?
Re:not as easy as you might think
on
al Qaeda Hacks XP?
·
· Score: 5, Insightful
I'm not sure.
You see, I work for a not so big software company right now, but I used to.
It's not that hard to sneak some malicious code into the final product. Quality Arrusance is usualy made only by using the software, not by analising the code. And even if they do analise the code, it's quite trivial to introduce some obscure buffer overflow.
Also, we are forced to remember about that hacking of microsoft internal network some time ago, which they "claimed" give the hackers no access to the code base.
I hate bin Laden as much as the next guy, and think he should die. But, even being a fanactic, the guy is inteligent. And has recources, both personel and money. I think it's very likely he would attempt something like this. I know, in his shoes, I would.
You are still talking extremes. The question is about the middle point, where the line is drawn.
Is it okey to filter the content of a kid ? What about 2 ? A library ? A company ? A state ? A country ? You can move to other countries.
And don't tell that, for instance, chineses can't. I know a lot of chineses that came to the ocident in the last 10 years.
Have you noticed that people are talking about ENFORCING americans way of things to other countries ? What about their liberties. DO you really think people here is happier ? The avegare John Doe ?
I say, let they have their freedom. At least in Arabi, this kind of filtering is what the population wants.
It's not freedom when it's enforced. There is no such thing as enforced freedom.
Yes, it could. Actualy, it very trivial to do.
I actualy tried to search for my credit card number, but only searched for 8 digits, in various forms (always the same digits, mind you), like:
"XXXX XXXX"
"XXXX-XXXX"
"XXXXXXXX"
Thanks god, nothing...
This is something I sugest you people to do. I would sugest using the last 8 digits, onde the "last 4 digits" are commonly used, but you won't be exposing something that is probably already everywhere.
Actually, they are making money.
First, they are disrupting a very important user base M$ has. Second, these are the people that will recomend RedHat.
On a last note, doesn't it get them some kind of tax deduction ?
Just out of curiosity, WindowsMaker's developer, Alfredo Kojima, works at Conectiva, and is also the main developet behing the APT-RPM implementation (the port of apt to work with RPM).
Well, in my own experience, the easiest way to start is getting a support position. Expecialy if you are new to the trade. That is where I started, and where most of the admins I know started.
On a side note, I have some specific informations that may not hold true for the USA market, so excuse me if this doesn't apply. I'm now kind of a head hunter in this field here in Brazil. Here are
some facts:
- You age does not matter. It may influence your
salary, but not if you get the position.
- Your formation does not matter. Again, it can
incluence your salary. There are so few good administrators avaliable on the market, the companies are looking for knowledge and experience
- Past experience with various platforms is a must. The more the better.
- English knowledge is a basic requisite. Of course this is not the case in USA, but spanish may eventualy be, expecialy on a support position
- TWO WORDS: CONTACT NETWORK. You must know people. This is a good way to get a good review, if someone can question about you to a known and
respected administrator
there are ways an ISP can setup a proxy so that it is completely transparent to the users.
Actualy, that is not true. I can testify for that once I'm one of the victims of the so called "Transparent Proxy". The only thing transparent about it is that you don't have to configure your browser to use it. Also, you have no option about NOT using it. So, we have problems trying to check if a site is up, or if the proxy server overloads. Or even if it crashes.
I, for once, I totaly agains these monsters.
Maybe, but I don't see why I have to assign 512MB of swap space (reccommended in Red Hat's 7.2 install) on a desktop system with 256MB of memory.
Actually, you don't. This is just the usual "make the swap twice as big as the physical memory" methodology. Old school, but a good recomendation if you don't want to have to calculate how much swap you will need in a case by case bases.
This is a dangerous, double-edged argument. Remember, the whole nation is actualy "Government" property. Follow my lead: the nation belongs to its inhabitants, the government represents the inhabitants. So, acording to your argument, the government can do random search at anytime, anywere.
This is not a "corporation" or "job contract" problem. It's a civil rights (and liberties) violation. Expecialy if you did not sign any kind of document authorizing this kind of search.
Lets not forget to mention XStations. I know, dedicated XStations are really dying out, but we have a lot of 486 (with 16Mb of RAM) running as XStations. Expecialy here in BRazil, this is a great plus, and one of the reasons lots of companies are moving for Linux, so they can reuse some old hardware.
Another good effect of these XStations is that they don't need movable hardware (CDRoms, Floppy, HD's), which are the parts that demand most maintance.
That said, I don't think that this project will kill XFree86. I think it will only be an option, and a good one at that.
Maybe he is trying to also protect the US members of the list. Just remember that as far as DMCA is concerned, nothing can be taken for sure. Maybe they will prossecute people for just receiving the information, even tho that is not the case YET.
Why ? I really don't gasp all this obsolecence happening. The only ones that have some real reason for this to happen are the hardware makers and or dear friend Gatus of Borg.
I still have some 486 machines running pretty well here (and pretty fast, so you can guess what OS I DON'T use). I have a really nice K6-II as my network server, with something like 70% of idle cpu.
I know it really gives a kick to have the ultimate, state of the art, machine to play with, but is it really needed ?
What is happening is not really obsolecence, as far as I'm concerned. It's only market economy, and companies trying to sell new models based on ego, not on need.
I think it's time for us to review all our concepts of computer obsolecence and requirements.
I surely hope so. Otherwise, companies such as RedHat and Conectiva are in for a big trouble.
Actualy, once the GPL enforces the copyright, the author can change the license to whatever it likes at any time. Of course, versions already released under the GPL must be kept open. But there is nothing to hold the author from releasing a new version (based on the GPL version) under whichever license he chooses. He is the copyright holder, anyway.
But, again, versions already released onder the GPL can not have their licenses changed.
There is nothing ilegal about what VA/Linux is doing. Actualy, I see it as a source of money to pay for the Source Forge Open Edition development.
What is most amazing is that a judge accepted this case.
Oh, come on... So I own a gun shop, and I get sued couse someone who bought a gun from me kills someone else ? This is really ridicule.
Okey, if they are suing mp3.com on basis that they made copies and put them on its other servers (a stupid complain, in any case), then I can imagine a judge accepting it. But, lemme see if I got this right: they are being sued couse their users posted the musics on Napster ?
But wait, I can see the scenary. Netscape allow users to download its navigator (but not to redistribute it). So, if a use redistribute it, Netscape can sue Netscape for viral copyright infrigement ?...
I'm getting dizzy... Or is it simply that our judges are getting more stupid by the second ?
Slashdot Mirror
* The U.S. is where the money is or * The U.S. is where the stupid people are
.org address .org domain .br addresses at a major ISP domain .br address at my work
.org address -> 3% .org domain -> 50% .br addresses at a major ISP domain -> 90% .br address at my work -> 3%
.org domain is the most widely known of them. My address e-mail is the second best. My addresses from the ISP
are the least known, and are the ones that received (percentage) the most spam.
Well, this is kind of interesting.
You see, I have, basically, 4 e-mail domains I use.
- 1
- 1
- 3
- 1
Even though something like 80% of the e-mails I receive is at my work address, I still have the following percentage of spam:
- 1
- 1
- 3
- 1
So, as you can see from my Completly Unacurate Statistcs Study(tm), it seens to me that your domain is more relevant to the amount of spam you receive then the country of it
Just to give an additional data, my
Something like 15 spams reach my e-mail boxes every day, which amounts for something like 5475 spams/year. Considering that my evasive measures and filters get something like 80% of all the spam directed to me, we can consider that I have around 30000 spams/year target at me. And I live in Brazil. So not, it's not something only Americans are subject to.
As long as people buy things from spammers, it will never end. /dev/null. That keeps the spam level pretty low. I know they keep arriving, but at least they do not annoy me.
You see, if the spammers get 0.0001% response, it's still a good deal for them. Spamming costs almost nothing.
As a matter of principle, I never buy anything from a spammer (not even other products they are not offering). Even if it's better or cheaper then everywhere else.
Also, I do well known trick. I got a domain, and use a single e-mail address on each place. The first spam I get at a given address, I redirect the address to
And, besided that, to be on the safe side, I still have a good bunch of procmail rules to filter the rest that still passes.
I know that, and that was on my original comment.
The problem is that we are not talking about Joe hacker, but about a terrorist group with an agenda of its own. So, we have to question what a use they could make of somethine like that.
If this is really another buffer overflow, people would say: "Heck, another nasty MS bug", and go on with their mediocre lives.
Terrorits commits acts to make an statement. You see, however distorted it is, they have a goal. If they simply put something in the code that creates just the same kind of havok Win users have at least once a month, it would give then no advantage. I never heard of a terrorist that attacked out of pure pleasure.
I don't think we will ever see a terrorist using CFC sprays just to hurt the ozone layer, just making noises on NY. That is already there, nothing they can gain with it.
After some obtuse comments on my post, I stopped to think what I would do if I was a terrorist and decided to do this kind of stuff (sabotage WinXP).
That lead me to some considerations:
1- The sabotage would have to be enough so it's usage (or saying I would use it) would cause terror
2- The sabotage would have to be small enough it would pass quality assurance without arousing a flag
3- The sabotage would have to be generic enough so nobody would spot it at a first glance
4- The exploit would have to be complicated enough so nobody else would be able to exploit it before I do
5- This sabotage would have to take a form, or permit some kind of use, that would let me claim responsability for the terrorist act
6- If I could do something misleading, so that when I first attacked, the the original sabotage
would not be found, even after the attack, the better
So, considering all this point, I want to reduce my rating from "Very Probable" to simply "Technicaly Factible".
Unless they are very stupid. Which maybe they are, just like me posting this kind of thing with the FBI sensors and such monitoring everything.
If they arest me for this post, please, let the slashdotters know about it.
Or could it be I'm simply violating the DMCA ?
I'm not sure.
You see, I work for a not so big software company right now, but I used to.
It's not that hard to sneak some malicious code into the final product. Quality Arrusance is usualy made only by using the software, not by analising the code. And even if they do analise the code, it's quite trivial to introduce some obscure buffer overflow.
Also, we are forced to remember about that hacking of microsoft internal network some time ago, which they "claimed" give the hackers no access to the code base.
I hate bin Laden as much as the next guy, and think he should die. But, even being a fanactic, the guy is inteligent. And has recources, both personel and money. I think it's very likely he would attempt something like this. I know, in his shoes, I would.
Sorry about that. Didn't notice Newbyte belongs to the Washington Post ...
My mistake.
Does anyone have the link to the fore mentioned Washington Post article ?
Conectiva has an office in Santiago, Chile.
I think that can help you a lot, once you can phone then.
URL: http://www.conectiva.cl/
Phone: (562) 3790930
Fax: (562) 3790626
You are still talking extremes. The question is about the middle point, where the line is drawn.
Is it okey to filter the content of a kid ? What about 2 ? A library ? A company ? A state ? A country ? You can move to other countries.
And don't tell that, for instance, chineses can't. I know a lot of chineses that came to the ocident in the last 10 years.
Have you noticed that people are talking about ENFORCING americans way of things to other countries ? What about their liberties. DO you really think people here is happier ? The avegare John Doe ?
I say, let they have their freedom. At least in Arabi, this kind of filtering is what the population wants.
It's not freedom when it's enforced. There is no such thing as enforced freedom.
Yes, it could. Actualy, it very trivial to do.
...
I actualy tried to search for my credit card number, but only searched for 8 digits, in various forms (always the same digits, mind you), like:
"XXXX XXXX"
"XXXX-XXXX"
"XXXXXXXX"
Thanks god, nothing
This is something I sugest you people to do. I would sugest using the last 8 digits, onde the "last 4 digits" are commonly used, but you won't be exposing something that is probably already everywhere.
Actually, they are making money.
First, they are disrupting a very important user base M$ has. Second, these are the people that will recomend RedHat.
On a last note, doesn't it get them some kind of tax deduction ?
but a number of companies run by very smart people failed the same way.
:-)
You would be surprised how often smart people do stupid things
Just out of curiosity, WindowsMaker's developer, Alfredo Kojima, works at Conectiva, and is also the main developet behing the APT-RPM implementation (the port of apt to work with RPM).
Well, in my own experience, the easiest way to start is getting a support position. Expecialy if you are new to the trade. That is where I started, and where most of the admins I know started.
On a side note, I have some specific informations that may not hold true for the USA market, so excuse me if this doesn't apply. I'm now kind of a head hunter in this field here in Brazil. Here are
some facts:
- You age does not matter. It may influence your
salary, but not if you get the position.
- Your formation does not matter. Again, it can
incluence your salary. There are so few good administrators avaliable on the market, the companies are looking for knowledge and experience
- Past experience with various platforms is a must. The more the better.
- English knowledge is a basic requisite. Of course this is not the case in USA, but spanish may eventualy be, expecialy on a support position
- TWO WORDS: CONTACT NETWORK. You must know people. This is a good way to get a good review, if someone can question about you to a known and
respected administrator
Hope this helps
there are ways an ISP can setup a proxy so that it is completely transparent to the users.
Actualy, that is not true. I can testify for that once I'm one of the victims of the so called "Transparent Proxy". The only thing transparent about it is that you don't have to configure your browser to use it. Also, you have no option about NOT using it. So, we have problems trying to check if a site is up, or if the proxy server overloads. Or even if it crashes.
I, for once, I totaly agains these monsters.
I really don know him. I used to work (sort of) with him. He is a guy that likes to arrive to work at 10pm. Eats a lot of junk food.
He is a very nice guy, but he is geekish as hell lol.
Maybe, but I don't see why I have to assign 512MB of swap space (reccommended in Red Hat's 7.2 install) on a desktop system with 256MB of memory.
Actually, you don't. This is just the usual "make the swap twice as big as the physical memory" methodology. Old school, but a good recomendation if you don't want to have to calculate how much swap you will need in a case by case bases.
Nah, what they are trying to do is to make it more difficult to write "I Hate Microsoft" texts :-)
Humm, yeah, you are right, of course. So the DMCA can not be unconstitutional, can it ? After all, it has not been overturned.
But, even if it IS overturned, can you imagine how much damage it can do before that ? That is the main point, not if it can be overturned or not.
This is a dangerous, double-edged argument. Remember, the whole nation is actualy "Government" property. Follow my lead: the nation belongs to its inhabitants, the government represents the inhabitants. So, acording to your argument, the government can do random search at anytime, anywere.
This is not a "corporation" or "job contract" problem. It's a civil rights (and liberties) violation. Expecialy if you did not sign any kind of document authorizing this kind of search.
Lets not forget to mention XStations. I know, dedicated XStations are really dying out, but we have a lot of 486 (with 16Mb of RAM) running as XStations. Expecialy here in BRazil, this is a great plus, and one of the reasons lots of companies are moving for Linux, so they can reuse some old hardware.
Another good effect of these XStations is that they don't need movable hardware (CDRoms, Floppy, HD's), which are the parts that demand most maintance.
That said, I don't think that this project will kill XFree86. I think it will only be an option, and a good one at that.
Maybe he is trying to also protect the US members of the list. Just remember that as far as DMCA is concerned, nothing can be taken for sure. Maybe they will prossecute people for just receiving the information, even tho that is not the case YET.
And now I have to step in and comment.
Why ? I really don't gasp all this obsolecence happening. The only ones that have some real reason for this to happen are the hardware makers and or dear friend Gatus of Borg.
I still have some 486 machines running pretty well here (and pretty fast, so you can guess what OS I DON'T use). I have a really nice K6-II as my network server, with something like 70% of idle cpu.
I know it really gives a kick to have the ultimate, state of the art, machine to play with, but is it really needed ?
What is happening is not really obsolecence, as far as I'm concerned. It's only market economy, and companies trying to sell new models based on ego, not on need.
I think it's time for us to review all our concepts of computer obsolecence and requirements.
Is it allowed under the GPL to make money?
I surely hope so. Otherwise, companies such as RedHat and Conectiva are in for a big trouble.
Actualy, once the GPL enforces the copyright, the author can change the license to whatever it likes at any time. Of course, versions already released under the GPL must be kept open. But there is nothing to hold the author from releasing a new version (based on the GPL version) under whichever license he chooses. He is the copyright holder, anyway.
But, again, versions already released onder the GPL can not have their licenses changed.
There is nothing ilegal about what VA/Linux is doing. Actualy, I see it as a source of money to pay for the Source Forge Open Edition development.
What is most amazing is that a judge accepted this case.
... So I own a gun shop, and I get sued couse someone who bought a gun from me kills someone else ? This is really ridicule.
...
Oh, come on
Okey, if they are suing mp3.com on basis that they made copies and put them on its other servers (a stupid complain, in any case), then I can imagine a judge accepting it. But, lemme see if I got this right: they are being sued couse their users posted the musics on Napster ?
But wait, I can see the scenary. Netscape allow users to download its navigator (but not to redistribute it). So, if a use redistribute it, Netscape can sue Netscape for viral copyright infrigement ?
I'm getting dizzy... Or is it simply that our judges are getting more stupid by the second ?