1. In your book, "Ending Spam" you are pretty harsh on commercial filters and basically anything that's not statistical filtering. You make very good points in favor of statistical filtering, but I feel that you've missed a major fact about spam. Statistical filtering requires that the end-user get actively involved in the spam filtering process. What happens when they don't (because, in general, they won't) How does that affect the attacks you described in chapter 7 and what techniques would you recommend to mitigate apathetic users? A lot of the mitigation strategies for the attacks delineated require (at least somewhat) active end-users.
2. Why did you give so much coverage to Marty Lamb's TarProxy? The project appears to have died long before your book came out and I can't find reference to anyone who actually used it in production. I am surprised that you gave so much berth to a project that was basically unproven, especially in the face of proven, commercial technologies that are in the same space, such as the SMS 8160.
I am a real Matrix fan. I couldn't sleep at all last night, knowing I was going to watch Revolutions at 9AM today. However, I felt it was a disappointing failure for several reasons:
1. Trinity dies for no reason, as they don't use her death in any meaningful way. 2. The scene with the machines entering the outer hull of Zion was drawn out needlessly, as it contained no switching between the fight at Zion and Neo's plight (think: middle/end of ROTJ) 3. The fight scene with Smith/Baines and Neo in the Logos was completely extraneous. 4. Neo's death in the end leaves the humans without a powerful weapon against the machines if they were to decide to attack the humans again. Contrast this with Star Wars and LotR, where the playing field is leveled at the end, or slightly in favor of the protagonists. 5. Keanu Reeves performance was subpar, even for him. In the climactic battle with Smith at the end, he looked drugged and was not convincing as the leader of the free world. He had no fire, and it was the machines and the Oracle that actually spurred him on to defeat Smith (esp. the machines, as they revived him after being consumed by Smith). 6. In the beginning, he was trapped in the train station for no conceivable reason but to lengthen the movie. It served no purpose, benefitted the movie naught and did not lead to any great discoveries that were used later in the film. Likewise, how we could be jacked in without being jacked in was never satisfactorily addressed.
If you are a Matrix fan, I urge you to watch this movie with the blinders off and see for yourself what a bad job the Wachowski bros. did with this, what could have been the end of the best sci-fi movie trilogy in history.
I was in your shoes about two years ago. I was out of computers, thinking the curriculum at my school was bogus and my professors were know-nothing morons. I stopped using a computer for about 15 months. But then, I switched schools, and got back into it, little by little, when I discovered UNIX and all the wonderful things it had to offer. Then I found out about Open Source and it was like my most secret desires had been answered. Coming up on first an Atari and then DOS and Windows-based PCs, I never thought I would get to see implementations of really hard problems, such as they don't talk about in CS classes. So I picked things that I was interested in, and used up all 5 of my CS electives doing independent studies with the only professor here worth a damn. That was what really got me back into it:
a) I could do what I was really interested in,
b) I had a professor who knew C and UNIX very well,
and,
c) I had a massive online store of "sample" code through which to "pick the brains" of other world-class developers.
All you have to do is find the part of CS you are most interested in, and work on that. Forget those boring assignments of making ERDs and computing the effeciencies of two sorting algorithms: think of them as paying your dues.
And for God's sake, stop using Windows. That gets me down, too.:-D
I disagree in one, and only one, case. The book entitled Transaction Processing: Concepts and Techniques is the ultimate book on it's topic. And Jim Gray, author, just happens to work for Microsoft Research. Sucks for him, but this is an absolutely essential book for anyone doing transaction processing work on a large-scale. But, we can rest assured that anything that comes out of MS Press is a piece of s*** and not worth the paper that it's printed on, so at least we'll always have that;-)
For my money, there are only a couple:
Database: Principles, Programming and Performance by O'neil and O'neil
Applied Cryptography by Bruce "O.G. Pimp Daddy" Schneier
Programming Perl by Larry "The Man" Wall
A Book on C by Al Kelley and Ira Pohl...and last, but not least...
Linux Kernel Internals (too many authors to list)
These are the essentials right here folks. No question.
I just usually go where I please and if they call me on the road, I ssh/VNC in and do what's required, while charging them my normal rate for the trouble. I also do not have a pager for that specific reason.
Slashdot Mirror
Just a couple for now:
1. In your book, "Ending Spam" you are pretty harsh on commercial filters and basically anything that's not statistical filtering. You make very good points in favor of statistical filtering, but I feel that you've missed a major fact about spam. Statistical filtering requires that the end-user get actively involved in the spam filtering process. What happens when they don't (because, in general, they won't) How does that affect the attacks you described in chapter 7 and what techniques would you recommend to mitigate apathetic users? A lot of the mitigation strategies for the attacks delineated require (at least somewhat) active end-users.
2. Why did you give so much coverage to Marty Lamb's TarProxy? The project appears to have died long before your book came out and I can't find reference to anyone who actually used it in production. I am surprised that you gave so much berth to a project that was basically unproven, especially in the face of proven, commercial technologies that are in the same space, such as the SMS 8160.
I am a real Matrix fan. I couldn't sleep at all last night, knowing I was going to watch Revolutions at 9AM today. However, I felt it was a disappointing failure for several reasons:
1. Trinity dies for no reason, as they don't use her death in any meaningful way.
2. The scene with the machines entering the outer hull of Zion was drawn out needlessly, as it contained no switching between the fight at Zion and Neo's plight (think: middle/end of ROTJ)
3. The fight scene with Smith/Baines and Neo in the Logos was completely extraneous.
4. Neo's death in the end leaves the humans without a powerful weapon against the machines if they were to decide to attack the humans again. Contrast this with Star Wars and LotR, where the playing field is leveled at the end, or slightly in favor of the protagonists.
5. Keanu Reeves performance was subpar, even for him. In the climactic battle with Smith at the end, he looked drugged and was not convincing as the leader of the free world. He had no fire, and it was the machines and the Oracle that actually spurred him on to defeat Smith (esp. the machines, as they revived him after being consumed by Smith).
6. In the beginning, he was trapped in the train station for no conceivable reason but to lengthen the movie. It served no purpose, benefitted the movie naught and did not lead to any great discoveries that were used later in the film. Likewise, how we could be jacked in without being jacked in was never satisfactorily addressed.
If you are a Matrix fan, I urge you to watch this movie with the blinders off and see for yourself what a bad job the Wachowski bros. did with this, what could have been the end of the best sci-fi movie trilogy in history.
I was in your shoes about two years ago. I was out of computers, thinking the curriculum at my school was bogus and my professors were know-nothing morons. I stopped using a computer for about 15 months. But then, I switched schools, and got back into it, little by little, when I discovered UNIX and all the wonderful things it had to offer. Then I found out about Open Source and it was like my most secret desires had been answered. Coming up on first an Atari and then DOS and Windows-based PCs, I never thought I would get to see implementations of really hard problems, such as they don't talk about in CS classes. So I picked things that I was interested in, and used up all 5 of my CS electives doing independent studies with the only professor here worth a damn. That was what really got me back into it:
:-D
a) I could do what I was really interested in,
b) I had a professor who knew C and UNIX very well,
and,
c) I had a massive online store of "sample" code through which to "pick the brains" of other world-class developers.
All you have to do is find the part of CS you are most interested in, and work on that. Forget those boring assignments of making ERDs and computing the effeciencies of two sorting algorithms: think of them as paying your dues.
And for God's sake, stop using Windows. That gets me down, too.
I disagree in one, and only one, case. The book entitled Transaction Processing: Concepts and Techniques is the ultimate book on it's topic. And Jim Gray, author, just happens to work for Microsoft Research. Sucks for him, but this is an absolutely essential book for anyone doing transaction processing work on a large-scale. But, we can rest assured that anything that comes out of MS Press is a piece of s*** and not worth the paper that it's printed on, so at least we'll always have that ;-)
For my money, there are only a couple: Database: Principles, Programming and Performance by O'neil and O'neil Applied Cryptography by Bruce "O.G. Pimp Daddy" Schneier Programming Perl by Larry "The Man" Wall A Book on C by Al Kelley and Ira Pohl ...and last, but not least...
Linux Kernel Internals (too many authors to list)
These are the essentials right here folks. No question.
I just usually go where I please and if they call me on the road, I ssh/VNC in and do what's required, while charging them my normal rate for the trouble. I also do not have a pager for that specific reason.