What I woulkd primarily ask, is, well, why? Why would they want to simply block AWS (or let's pick on Azure/Microsoft next? Maybe Google?) without a basic answer of why. Why is this person frustrated that they are paying for Prime twice, when there's no need (with a household setup). Why are they blocking AWS just to "stick it to the new imaginary bogey-man" when by her own admission, it screws up her own digital life. Is AWS Evil? Has she confused Bezos for the villain in Austin Powers?
Why?
If she's really committed to this experiment, I welcome their move move to Amish country, where with a suitable adherence to their traditional life "blocking" Amazon should be relatively simple. After all, once you dispense with the whole "electricity" thing success at this experiment is trivial. She won't be closer to answering the original question...of why.
Sounds like you've worked around quite a bit with similar efforts. These things are probably as useless as the Audreys and iOpeners.
If you've got a minute, email me at gioan@yahoo.com, I have a small project (wireless LED controller) I need some advice with or might be able to outsource if you're interested./g
Let's examine this given a tried-and-true formula:
1) Cheaper phone service = cut out middleman 2) Middle man = government tax and/or phone authority 3)... 4) Profit! 5) Slammed by The Man(tm), no more easy profit.
Until/unless somebody with clout realizes that encouraging free enterprise by letting business grow will yield collateral tax benefits elsewhere, then laws/bans like this this will continue to be an issue, regardless of whether it's Costa Rica or elsewhere.
So what do you think about using the employee's phone extension (even twice for doubled security!) as a prefix for the SecurID generated passcode? I work for a "global player" company that even technically enforces this policy (prefix cannot be changed by the user).
I would say you were working for a place that purchased a product and had either a) no clue what they were doing, or b) didn't care, so long as it met the audit requirement and/or bragging rights for the responsible manager and the "look what I implemented" factor.
It's pretty sad to see how much money gets thrown down the drain in the pursuit of security, only to see any gains falter when faced with either the immeasurale stupidity of the users, or that of the administrators themselves.
Your example has to be the worst use of SecurID (if you're referring to the RSA product) imaginable. Whoever paid for that equipment and implemented it so poorly should be fired for spending money and achieving no benefit.
The whole point to SecurIDs is that they provide you with easily manageable two-factor security, including for legacy applications without needing a hardware re-outfit of biometrics, smart cards, redesigning custom prompts, readers, etc. They have agents for most popular things you'll integrate to it if Radius or native SecurID isn't compatible. They have a stable, documented API.
You do however need to use your brain while deploying it. Specifically, you must inform the user they should pick a unique pin/password (which the admin has no access to by the way) to use with the code on the card that changes every 60 seconds. This ensures anyone logging in has either PIN+card code, or Pin + live video feed to fob, (insert other unrealistic scenarios here). The fact the PIN doesn't require frequent/regular changes allows the user to actually use something complex that they end up remembering.
For what it's worth, the system is based on public/private key encryption and timesyncs between the servers and fobs. No, you can't hack it, not unless you have access to the SecurID server and then your actions are likely to be more obvious. There is no realistic server-side known exploit for it that doesn't involve somehow stealing the fob keys from the server, then guessing the user's pin in order to make a similar one-way hash and response to the challenge from the system requesting login validation. Finding a card/fob gives you access to nothing. Keylogging the pin is useless without stealing the card. It's secure. It's easy to use. It does require work on the admin's side to integrate various authentication systems to the SecurID architecture, but then that's a lot more fun than complaining about users, right? There is a reason it's been used in the banking industry for a long time.
Of course, if the admin does the right thing, it also assumes the user isn't stupid enough to put their username, login URL (or relevant), and Pin on a Postit note on the back of the SecurID fob. But then, that's what HR departments and involuntary separations are for.
And no, I (no longer) sell the stuff. Simply a knowledgeable user.
The good and the bad...my take. Summary of article:
Blah, blah, child porn bad, piracy bad, encryption bad, we've done a lot against spam and spyware, you've done nothing, stop it or we'll bitchslap you. Lots of signatures of important people.
Right. Now on to the real world.
1) It is incredibly obvious to anyone but demented individuals that child porn is bad. AGs and police officers work hard to stop this plague, and certainly P2P networks don't help...they offer a wider distribution network and complicate surveillance. It is arguable that shutting down all common P2P networks wouldn't stop anything, just force it underground. Perhaps having the files in open sight and on a common network would simply allow police to find violators more easily? 2) P2P networks create a copyright enforcement nightmare. "If aforementioned AGs and police officers weren't so busy with chasing copyright infringers, they could spend more time on issue #1" would be the standard/. answer, but the reality is that this is a abstract morals issue. Let's not debate whether pirates wouldn't pay for the product if the free distribution methods weren't around...let's just agree the financial loss to the entertainment and software industry is real, and actual people are being harmed by the loss of revenue. Perhaps having the files in open sight and on a common network would simply allow police to find violators more easily? 3) The examples of users commonly sharing their full hard drives and being subject to identity theft is a violent defense for stupidity. If you're dumb enough to a) load a common P2P package, b) share your whole disk to the world, then c) you should reap the rewards of your stupidity, including identity theft, legal repercussions, etc.. Consequences should be faced by the people dumb enough to do this, not the software publishers (assuming the software doesn't abstract what it's doing). 3) Encryption being touted as bad, and comments about AG's successes with spam and spyware are downright laughable. Let's face reality; a) the law has failed miserably to stop or even deter spam, as has industry, b) the law has failed miserably to stop or even deter spyware, as has industry. In both cases, the laws of natural selection of "where there's a profit, there's an offending product" prevail. With regards to encryption on an open P2P network...the adjective "idiotic" comes to mind. Encryption on a publicly-available data set seems counterproductive, no? 4) How do we make a better world, where nobody starves, and all P2P is used for good, not evil? Difficult at best, impossible most likely. Forcing P2P vendors to magically "recognize" content as bad porn, good porn, grandma's home videos, free software versus pirated software is the stuff of fantasy only Disney could conjure up. The real world is otherwise, and that's what I'd like to see from the talented./ global community...solutions. How about this proposal: a) Force P2P software to support easy file "previews" that are easily downloadable, whereby the law enforcement community could discern whether movies are of grandma's birthday party--or grandpa molesting children--and let the law act accordingly. b) Let's leave encryption for where it belongs...and open share systems aren't one place. See point "a" above. c) Force people to suffer the consequences of their own stupidity--directly or indirectly--and without the recourse of whining to their state's AG. How about a federal law banning the installation of Internet-connected computers in the rooms of children where an adult is rarely present, has not installed some sort of content filters, and has not informed aforementioned children of the real threats that exist on the Internet? d) Let's apply some common principles to the whole affair while the law figures out this new technology stuff.. I mean, if you had a phone, and it was free for everyone to call you, would you gladly play your music for them (it's "sharing") or tell them yo
Woohoo! Now I can finally have the option of switching to even worse service! And, thanks to number portability, I can take my number with me!
Please, let's face it, our mobile market is idiotic. Competition with utterly incompatible standards in a public utility service is BAD. Europe, with the roaming/sharing agreements between everyone is definitely preferable.
And before you say "but my service with vendor X is great," trust me, I have all the major vendors. Yes, I have a Verizon phone cause it has the best coverage. Yes, I have a TMobile phone, cause I need an overseas number. Yes, I have an ATT Blackberry, with phone service cause I need a link to corporate email. Yes, my wife had a Sprint phone, and let me tell you how utterly useless it was (so bad I couldn't believe they sold the service). And yes, between all of these, there are still areas where the service sucks. Verizon, the best of the bunch in the US, still is useless when I travel overseas, since they decided to deploy only CDMA technology, which is useless everywhere but maybe Canada. Let's hear it for free market chaos!
Depending on product, you're looking at either having to enforce proxies on the client side, or split DNS with the native mode protocol session hijacking. Direct IM connectivity will have to be blocked at your firewall on the various ports that the client will resort to./g
I've been doing security/messaging work in the banking/brokerage area for about ten years, and here's the summary, since it's clear few replying are looking at it from the industry perspective.
There are no "daunting technical issues" to this, but rather cost concerns (and some functionality and implementation ignorance). It is relatively easy to satisfy the NASD/SEC requirements. Logging this locally (at whatever number of clients you have) is not practical (to put it tactfully). You need to log centrally, archive and ship offsite. Storage media varies, but the SEC/NASD still likes WORM due to its durability. There are offsite storage companies (like IronMountain) offering commercial storage options for this. The regulatory guidance until this memo has been fairly foggy, but essentially it's treated the same as other electronic client communications (specifically, email).
There are a number of solutions to this, including products from Facetime (AOL's corporate product is based on it), IMLogic, and Iconix. None of these is freeware/open-source, and never will be. The goals are stability, easy access to often-nontechnical legal and compliance divisions, and most of all, accuracy and the ability to retrieve content when needed. And believe me, none of this is a laughing matter or religious open-source-versus-Microsoft debate when facing a multi-million-dollar dispute over trading executions.
If I figured out how to run Linux on my Casio calculator (and destroyed the optimized calculus functions) would that make Slashdot?
Didn't your engineering profs teach you to consider the potential application before you become advocates? As others have said, the Nokia box without IPSO/VRRP/Checkpoint is basically a massively overpriced PC. Yes, you can run Linux on it; you could also probably hack XP to run on it (assuming you got video and enough RAM). But...why? What exactly are you gaining? "Why lookeey here Zeke, I got Linux to run on yet another thingamabob." Riiiight.
Linux on XBox, definite potential application. Linux on Nokia, utterly stupid. Another example of wasted engineering effort and Linux fanaticism.
Wonderful. People committing clear financial fraud have to "play nice in the future." Oh great. I feel so much better. It's clear that uce@ftc.gov has less productive output than/dev/null.
This isn't about free speech, or "corporate right to send me ads if I opt-in." Don't worry, those companies make sure they pay someone to remind your senators that their god-given-right to send you ads should be permitted. Too bad the rest of the spam won't really let you work part time from home making $10,000/month while watching a legal cable descrambler, happy with a clear credit record, a really large penis, limitless virility, instant weight loss on demand, and the occasional degree from a prestigious unaccredited school.
There are two reasons spam continues. Welcome to economics:
a) there's still no effective financial deterrent to sending spam, regardless of whether it's ambiguously relevant direct marketing, or utter fraud
b) there is some financial benefit for the senders, regardless of amount
There are plenty of other things you could debate...such as when did spam become accepted? Was it when you -- yes YOU! -- made the unconscious decision that "just deleting" the message is OK. You don't have the time to follow up on the headers. If you're in one of the states that actually ban it, you don't have the time to do something...hell it's not worth the effort. It's just an email, right? Think of this in another way: If random people each stole one cent out of your bank account every month, would you consider it worthwhile to pursue them? Would you want your bank to develop filters to block all small transactions? Would you think such a loss is unacceptable?
Quite honestly, the actions of civil libertarians and "we'll fix this with technology" advocates has not helped. I filter, you filter, we all delete. Guess what, spammers will continue to find ways around filters, so long as conditions A & B hold true. And every online provider will continue to spend lots of money trying to stop this crap. And every user will continue to hit delete. And people will constantly change email addresses to avoid it, spam filters will continue to mislabel valid email as spam. Stop dealing with the symptoms, deal with the problem!
This isn't a technology issue. You will never get every mail server, client, system, whatever to comply to a block-spam standard. Just look at how long it's taken to get even the basic don't-relay habits in place. This isn't a "but what if I want Amazon to send me my favorite buy-me-now specials." This is an issue that someone in power doesn't give enough of a damn to do something effective to create a financial deterrent that makes it preferrable for these people to steal your money some other way. And yes, unfortunately, we're talking legislation, otherwise you will not send a clear message or provide an effective deterrent. Inconsistency on this means ineffective.
Wow, looking back I'm feeling sorry for the rant. It's simply that this kind of cluelessness annoys me. Time to go delete a couple more messages.
The advent of digital media simply presents a new storage concern for the same old problem, archival. What do you archive? Same as always, what you find important. Whether this includes things one finds trivial today and tomorrow might be priceless to an archeologist, that is irrelevant. What do you consider priceless in your life? Bank statements? Your diary? How long is long enough?
Your average person knows and cares nothing about archival, and concerns themselves essentially not at all with true long term storage/archival. Why should they after all? Their data probably is far less long-term critical than the government's. Regardless of data source however, the storage medium is another issue.
Anyone who thought magnetic floppy disks would be a storage format for future generations was just plain senseless and knew nothing of basic electricity and magnetism. CDs are certainly more durable, but don't forget they're just a cheap little slice of foil, bonded to a slice of plastic. What is the lifetime...debatable. Care to lightly scratch the top of a CD and see how long it lasts? By far the most durable common system is MO (magneto optical) which requires a magnetic field and a laser to shift bits, and has at least a 30-50 year lifetime. The US Govt. has been archiving to MO for years. But these drives too (if you can even find them today) will be obsolete soon and new technologies will be unable to read old disks.
What is the solution? Good old printed microfiche? It's got a much longer lifetime, but far less storage density than new digital options (I don't have time to call Anacomp and get the latest numbers). Paper output to paper? Doubtful. The bottom line is filter your storage needs to something that can be regularly shifted to "upgraded" storage mediums as that space becomes cheaper. Near-line tape-to-tape or EMC Symmetrix-style solutions that get cycled regularly to new technology would seem preferrable.
Choose your data carefully, and archive it to multiple locations. Unfortunately, reality is that people will continue to store to floppy, take Polaroid photos and print dye-based inkjet digital solutions. We'll see what those memories look like in ten years.../g
I think we all remember that we've been dreaming about flying cars since we were kids, and warp-speed flights to our nearest galaxy since Star Trek became a regular show. I absolutely love the idea of a flight from NY to London in 1/2 hour...but it never seems to materialize. What will it take?
If this engine finally brings the Mach 6 flight we've all been waiting for (and at one point supposed to be available by 1990 or so), then why aren't we investing 100 billion $$$ in this idea, instead of the ISS/Alpha/whatever space station? Let's face it, hypersonic flight on Earth is a lot more useful and practical than anything the airborne guinea pigs could ever come up with!
Meanwhile, we're still sitting around where the fastest military jet (SR-71, mostly built in the early 60's) was decommissioned recently and the fastest commercial jet (Concorde, also vintage 60's design) just went down in a flaming wreck and may never fly again. Pathetic!
Yes, the problems are obvious. From what I gather, current commercial aircraft has gone along the trends of low-speed (subsonic) flight mainly because a) it's proven and relatively very reliable, b) it's the only thing most people can afford and c) no sonic boom to worry about. You can possibly fix 66.7% of the problem, but you'll have to get creative with the last one. Mass produce the stuff, go through the requisite crash tests, and make it happen?
You're apparently missing the point. Let me clarify:
Reality #1: There will always be idiots on the Internet (everywhere for that matter, but we have to limit the scope here).
Reality #2: In the absence of deterrents, a criminal element will take advantage of free resources to send fraud and garbage (i.e. spam).
How do you go about fixing this situation:
-Eliminate idiots on the net? impossible, how could you begin to create that filter?
-Eliminate open relays on the net? impossible, no way to search/justify filters. MAPS does a good job...but it doesn't do a damn thing to the throw-away dial-up account user
-Penalize open relays on the net? not likely, how could you justify a fine? This isn't exactly a gun-locks-in-the-presence-of-small-children issue
-Penalize spamming? difficult...but at least more relevant. In the absence of deterrents...
I find it shocking that some of you are "defending" this spammer. White hat hacking comparisons? You're way off base here. This isn't ethical, it isn't honorable, and certainly shouldn't be looked at with a tolerant attitude. Seven years in jail or a public stoning...I don't really care which. Set an example with a few and perhaps the rest of them will go back to stealing our money in other ways./g
Slashdot Mirror
What I woulkd primarily ask, is, well, why? Why would they want to simply block AWS (or let's pick on Azure/Microsoft next? Maybe Google?) without a basic answer of why. Why is this person frustrated that they are paying for Prime twice, when there's no need (with a household setup). Why are they blocking AWS just to "stick it to the new imaginary bogey-man" when by her own admission, it screws up her own digital life. Is AWS Evil? Has she confused Bezos for the villain in Austin Powers?
Why?
If she's really committed to this experiment, I welcome their move move to Amish country, where with a suitable adherence to their traditional life "blocking" Amazon should be relatively simple. After all, once you dispense with the whole "electricity" thing success at this experiment is trivial. She won't be closer to answering the original question...of why.
Sounds like you've worked around quite a bit with similar efforts. These things are probably as useless as the Audreys and iOpeners.
/g
If you've got a minute, email me at gioan@yahoo.com, I have a small project (wireless LED controller) I need some advice with or might be able to outsource if you're interested.
Let's examine this given a tried-and-true formula:
...
1) Cheaper phone service = cut out middleman
2) Middle man = government tax and/or phone authority
3)
4) Profit!
5) Slammed by The Man(tm), no more easy profit.
Until/unless somebody with clout realizes that encouraging free enterprise by letting business grow will yield collateral tax benefits elsewhere, then laws/bans like this this will continue to be an issue, regardless of whether it's Costa Rica or elsewhere.
I would say you were working for a place that purchased a product and had either a) no clue what they were doing, or b) didn't care, so long as it met the audit requirement and/or bragging rights for the responsible manager and the "look what I implemented" factor.
It's pretty sad to see how much money gets thrown down the drain in the pursuit of security, only to see any gains falter when faced with either the immeasurale stupidity of the users, or that of the administrators themselves.
Your example has to be the worst use of SecurID (if you're referring to the RSA product) imaginable. Whoever paid for that equipment and implemented it so poorly should be fired for spending money and achieving no benefit.
The whole point to SecurIDs is that they provide you with easily manageable two-factor security, including for legacy applications without needing a hardware re-outfit of biometrics, smart cards, redesigning custom prompts, readers, etc. They have agents for most popular things you'll integrate to it if Radius or native SecurID isn't compatible. They have a stable, documented API.
You do however need to use your brain while deploying it. Specifically, you must inform the user they should pick a unique pin/password (which the admin has no access to by the way) to use with the code on the card that changes every 60 seconds. This ensures anyone logging in has either PIN+card code, or Pin + live video feed to fob, (insert other unrealistic scenarios here). The fact the PIN doesn't require frequent/regular changes allows the user to actually use something complex that they end up remembering.
For what it's worth, the system is based on public/private key encryption and timesyncs between the servers and fobs. No, you can't hack it, not unless you have access to the SecurID server and then your actions are likely to be more obvious. There is no realistic server-side known exploit for it that doesn't involve somehow stealing the fob keys from the server, then guessing the user's pin in order to make a similar one-way hash and response to the challenge from the system requesting login validation. Finding a card/fob gives you access to nothing. Keylogging the pin is useless without stealing the card. It's secure. It's easy to use. It does require work on the admin's side to integrate various authentication systems to the SecurID architecture, but then that's a lot more fun than complaining about users, right? There is a reason it's been used in the banking industry for a long time.
Of course, if the admin does the right thing, it also assumes the user isn't stupid enough to put their username, login URL (or relevant), and Pin on a Postit note on the back of the SecurID fob. But then, that's what HR departments and involuntary separations are for.
And no, I (no longer) sell the stuff. Simply a knowledgeable user.
My bittorrent estimated completion time: 2 hours
/g
My Microsoft-hosted estimated completion time: 14 minutes.
So much for P2P helping "distribute files that are too large for centralized distribution to handle."
The good and the bad...my take. Summary of article:
/. answer, but the reality is that this is a abstract morals issue. Let's not debate whether pirates wouldn't pay for the product if the free distribution methods weren't around...let's just agree the financial loss to the entertainment and software industry is real, and actual people are being harmed by the loss of revenue. Perhaps having the files in open sight and on a common network would simply allow police to find violators more easily? ./ global community...solutions. How about this proposal:
Blah, blah, child porn bad, piracy bad, encryption bad, we've done a lot against spam and spyware, you've done nothing, stop it or we'll bitchslap you. Lots of signatures of important people.
Right. Now on to the real world.
1) It is incredibly obvious to anyone but demented individuals that child porn is bad. AGs and police officers work hard to stop this plague, and certainly P2P networks don't help...they offer a wider distribution network and complicate surveillance. It is arguable that shutting down all common P2P networks wouldn't stop anything, just force it underground. Perhaps having the files in open sight and on a common network would simply allow police to find violators more easily?
2) P2P networks create a copyright enforcement nightmare. "If aforementioned AGs and police officers weren't so busy with chasing copyright infringers, they could spend more time on issue #1" would be the standard
3) The examples of users commonly sharing their full hard drives and being subject to identity theft is a violent defense for stupidity. If you're dumb enough to a) load a common P2P package, b) share your whole disk to the world, then c) you should reap the rewards of your stupidity, including identity theft, legal repercussions, etc.. Consequences should be faced by the people dumb enough to do this, not the software publishers (assuming the software doesn't abstract what it's doing).
3) Encryption being touted as bad, and comments about AG's successes with spam and spyware are downright laughable. Let's face reality; a) the law has failed miserably to stop or even deter spam, as has industry, b) the law has failed miserably to stop or even deter spyware, as has industry. In both cases, the laws of natural selection of "where there's a profit, there's an offending product" prevail. With regards to encryption on an open P2P network...the adjective "idiotic" comes to mind. Encryption on a publicly-available data set seems counterproductive, no?
4) How do we make a better world, where nobody starves, and all P2P is used for good, not evil? Difficult at best, impossible most likely. Forcing P2P vendors to magically "recognize" content as bad porn, good porn, grandma's home videos, free software versus pirated software is the stuff of fantasy only Disney could conjure up. The real world is otherwise, and that's what I'd like to see from the talented
a) Force P2P software to support easy file "previews" that are easily downloadable, whereby the law enforcement community could discern whether movies are of grandma's birthday party--or grandpa molesting children--and let the law act accordingly.
b) Let's leave encryption for where it belongs...and open share systems aren't one place. See point "a" above.
c) Force people to suffer the consequences of their own stupidity--directly or indirectly--and without the recourse of whining to their state's AG. How about a federal law banning the installation of Internet-connected computers in the rooms of children where an adult is rarely present, has not installed some sort of content filters, and has not informed aforementioned children of the real threats that exist on the Internet?
d) Let's apply some common principles to the whole affair while the law figures out this new technology stuff.. I mean, if you had a phone, and it was free for everyone to call you, would you gladly play your music for them (it's "sharing") or tell them yo
Please, let's face it, our mobile market is idiotic. Competition with utterly incompatible standards in a public utility service is BAD. Europe, with the roaming/sharing agreements between everyone is definitely preferable.
And before you say "but my service with vendor X is great," trust me, I have all the major vendors. Yes, I have a Verizon phone cause it has the best coverage. Yes, I have a TMobile phone, cause I need an overseas number. Yes, I have an ATT Blackberry, with phone service cause I need a link to corporate email. Yes, my wife had a Sprint phone, and let me tell you how utterly useless it was (so bad I couldn't believe they sold the service). And yes, between all of these, there are still areas where the service sucks. Verizon, the best of the bunch in the US, still is useless when I travel overseas, since they decided to deploy only CDMA technology, which is useless everywhere but maybe Canada. Let's hear it for free market chaos!
www.facetime.com
/g
www.imlogic.com
www.aconix.com
Depending on product, you're looking at either having to enforce proxies on the client side, or split DNS with the native mode protocol session hijacking. Direct IM connectivity will have to be blocked at your firewall on the various ports that the client will resort to.
There are no "daunting technical issues" to this, but rather cost concerns (and some functionality and implementation ignorance). It is relatively easy to satisfy the NASD/SEC requirements. Logging this locally (at whatever number of clients you have) is not practical (to put it tactfully). You need to log centrally, archive and ship offsite. Storage media varies, but the SEC/NASD still likes WORM due to its durability. There are offsite storage companies (like IronMountain) offering commercial storage options for this. The regulatory guidance until this memo has been fairly foggy, but essentially it's treated the same as other electronic client communications (specifically, email).
There are a number of solutions to this, including products from Facetime (AOL's corporate product is based on it), IMLogic, and Iconix. None of these is freeware/open-source, and never will be. The goals are stability, easy access to often-nontechnical legal and compliance divisions, and most of all, accuracy and the ability to retrieve content when needed. And believe me, none of this is a laughing matter or religious open-source-versus-Microsoft debate when facing a multi-million-dollar dispute over trading executions.
If I figured out how to run Linux on my Casio calculator (and destroyed the optimized calculus functions) would that make Slashdot?
Didn't your engineering profs teach you to consider the potential application before you become advocates? As others have said, the Nokia box without IPSO/VRRP/Checkpoint is basically a massively overpriced PC. Yes, you can run Linux on it; you could also probably hack XP to run on it (assuming you got video and enough RAM). But...why? What exactly are you gaining? "Why lookeey here Zeke, I got Linux to run on yet another thingamabob." Riiiight.
Linux on XBox, definite potential application. Linux on Nokia, utterly stupid. Another example of wasted engineering effort and Linux fanaticism.
This isn't about free speech, or "corporate right to send me ads if I opt-in." Don't worry, those companies make sure they pay someone to remind your senators that their god-given-right to send you ads should be permitted. Too bad the rest of the spam won't really let you work part time from home making $10,000/month while watching a legal cable descrambler, happy with a clear credit record, a really large penis, limitless virility, instant weight loss on demand, and the occasional degree from a prestigious unaccredited school.
There are two reasons spam continues. Welcome to economics:
a) there's still no effective financial deterrent to sending spam, regardless of whether it's ambiguously relevant direct marketing, or utter fraud
b) there is some financial benefit for the senders, regardless of amount
There are plenty of other things you could debate...such as when did spam become accepted? Was it when you -- yes YOU! -- made the unconscious decision that "just deleting" the message is OK. You don't have the time to follow up on the headers. If you're in one of the states that actually ban it, you don't have the time to do something...hell it's not worth the effort. It's just an email, right?
Think of this in another way: If random people each stole one cent out of your bank account every month, would you consider it worthwhile to pursue them? Would you want your bank to develop filters to block all small transactions? Would you think such a loss is unacceptable?
Quite honestly, the actions of civil libertarians and "we'll fix this with technology" advocates has not helped. I filter, you filter, we all delete. Guess what, spammers will continue to find ways around filters, so long as conditions A & B hold true. And every online provider will continue to spend lots of money trying to stop this crap. And every user will continue to hit delete. And people will constantly change email addresses to avoid it, spam filters will continue to mislabel valid email as spam. Stop dealing with the symptoms, deal with the problem!
This isn't a technology issue. You will never get every mail server, client, system, whatever to comply to a block-spam standard. Just look at how long it's taken to get even the basic don't-relay habits in place. This isn't a "but what if I want Amazon to send me my favorite buy-me-now specials." This is an issue that someone in power doesn't give enough of a damn to do something effective to create a financial deterrent that makes it preferrable for these people to steal your money some other way. And yes, unfortunately, we're talking legislation, otherwise you will not send a clear message or provide an effective deterrent. Inconsistency on this means ineffective.
Wow, looking back I'm feeling sorry for the rant. It's simply that this kind of cluelessness annoys me. Time to go delete a couple more messages.
The advent of digital media simply presents a new storage concern for the same old problem, archival. What do you archive? Same as always, what you find important. Whether this includes things one finds trivial today and tomorrow might be priceless to an archeologist, that is irrelevant. What do you consider priceless in your life? Bank statements? Your diary? How long is long enough? Your average person knows and cares nothing about archival, and concerns themselves essentially not at all with true long term storage/archival. Why should they after all? Their data probably is far less long-term critical than the government's. Regardless of data source however, the storage medium is another issue. Anyone who thought magnetic floppy disks would be a storage format for future generations was just plain senseless and knew nothing of basic electricity and magnetism. CDs are certainly more durable, but don't forget they're just a cheap little slice of foil, bonded to a slice of plastic. What is the lifetime...debatable. Care to lightly scratch the top of a CD and see how long it lasts? By far the most durable common system is MO (magneto optical) which requires a magnetic field and a laser to shift bits, and has at least a 30-50 year lifetime. The US Govt. has been archiving to MO for years. But these drives too (if you can even find them today) will be obsolete soon and new technologies will be unable to read old disks. What is the solution? Good old printed microfiche? It's got a much longer lifetime, but far less storage density than new digital options (I don't have time to call Anacomp and get the latest numbers). Paper output to paper? Doubtful. The bottom line is filter your storage needs to something that can be regularly shifted to "upgraded" storage mediums as that space becomes cheaper. Near-line tape-to-tape or EMC Symmetrix-style solutions that get cycled regularly to new technology would seem preferrable. Choose your data carefully, and archive it to multiple locations. Unfortunately, reality is that people will continue to store to floppy, take Polaroid photos and print dye-based inkjet digital solutions. We'll see what those memories look like in ten years... /g
If this engine finally brings the Mach 6 flight we've all been waiting for (and at one point supposed to be available by 1990 or so), then why aren't we investing 100 billion $$$ in this idea, instead of the ISS/Alpha/whatever space station? Let's face it, hypersonic flight on Earth is a lot more useful and practical than anything the airborne guinea pigs could ever come up with!
Meanwhile, we're still sitting around where the fastest military jet (SR-71, mostly built in the early 60's) was decommissioned recently and the fastest commercial jet (Concorde, also vintage 60's design) just went down in a flaming wreck and may never fly again. Pathetic!
Yes, the problems are obvious. From what I gather, current commercial aircraft has gone along the trends of low-speed (subsonic) flight mainly because a) it's proven and relatively very reliable, b) it's the only thing most people can afford and c) no sonic boom to worry about. You can possibly fix 66.7% of the problem, but you'll have to get creative with the last one. Mass produce the stuff, go through the requisite crash tests, and make it happen?
You're apparently missing the point. Let me clarify: Reality #1: There will always be idiots on the Internet (everywhere for that matter, but we have to limit the scope here). Reality #2: In the absence of deterrents, a criminal element will take advantage of free resources to send fraud and garbage (i.e. spam). How do you go about fixing this situation: -Eliminate idiots on the net? impossible, how could you begin to create that filter? -Eliminate open relays on the net? impossible, no way to search/justify filters. MAPS does a good job...but it doesn't do a damn thing to the throw-away dial-up account user -Penalize open relays on the net? not likely, how could you justify a fine? This isn't exactly a gun-locks-in-the-presence-of-small-children issue -Penalize spamming? difficult...but at least more relevant. In the absence of deterrents... I find it shocking that some of you are "defending" this spammer. White hat hacking comparisons? You're way off base here. This isn't ethical, it isn't honorable, and certainly shouldn't be looked at with a tolerant attitude. Seven years in jail or a public stoning...I don't really care which. Set an example with a few and perhaps the rest of them will go back to stealing our money in other ways. /g