The collection agency will also try a number of illegal tactics also, don't give them any bank account information. These people need to get some real prison time, 10+ years, so the word gets out.
Sadly, law enforcement rarely even punishes them for trying to collect a "debt" illegally.
Using DomainKeys, a spammer can send an email from a throw-away gmail account to another email account, pick up a copy of the spam with the correct domainkeys signatures, and then blast it out to everyone. I can't see any way to prevent this with domainkeys.
You could insist that the signed To: header match the envelope to.
When you see people in places like Venezuela registering "secure-usbank.com," it sorta makes you wonder whether there should be stricter controls over domain registration.
Why not allow each potential domain name registration to be reviewed by anyone, and allow for some sort of challenge before the name is given out?
Maybe because it would cost a lot of money, raise the price of domains, and not offer any significant benefits. (There's also the question of who enforces the controls, and do we really want them to have more power)
IMO, the problem is with people who put their trust in a name, not with the ease of obtaining it.
Even if the worst FUD claims of the anti electronic voting crowd are true electronic voting is no more vulnerable to tampering than paper ballot voting.
There's at least one significant difference.
Fraud with paper ballots involves much larger numbers of people.
A single hacker could theoretically change every vote.
Measurements of CO2 in the atmosphere have been continuous for almost 50 years at Mauna Loa Observatory, 12,000ft up a mountain in Hawaii, regarded as far enough away from any carbon dioxide source to be a reliable measuring point.
Did they check with any of the other CO2 monitoring stations in the world?
where did you get that 1/2 kW figure for average consumption?
My 814 sq ft 1 bdrm apt in Dallas used 1.53 kW last month. (1104 kWh)
Do I need to start yelling at someone around here?
It's an old figure from a Sacramento Municipal Utility District study. Reviewing the study, a key point is that only homes with gas heating are considered. Googling shows a US national average closer to 1Kwh, though obviously YMMV
1.5kWh is not necessarily unreasonable, but I'd still check the appliances in the apartment. (The kill a watt meter is great for tracking down power guzzlers.) It's possible you could save money buying a new fridge even if you ended up giving it to the apartment complex.
How big would a Wind Turbine have to be to power a house? Some people already have solar panels on their roofs, why not a small Wind Turbine?
Average household electric consumption is around 1/2 a Kilowatt. (your monthly electric bill probably has KWH on it - divide by 720)
But the wind doesn't always blow, so you need more/bigger turbines and some way to store the excess.
If you want to be off grid or just more eco-friendly, your best return on investment is in efficiency. CFL/LED lighting, passive solar heating, solar hot water heating... anything that avoids investing too much in PV modules and batteries is probably a good bet.
Non-compact fluorescents (the 4 foot tubes) are much better, and cheaper. T8 is the best, but even the "standard" T12 is more efficient than CFL.
typical T8 fluorescent lamp - 85 lumens per watt.
typical T12 fluorescent lamp - 65 lumens per watt.
typical compact fluorescents - 50 lumens per watt.
60W Incandescent A19 Bulb - 15 lumens per watt.
LEDs have great potential, but they're still not more efficient (yet). - unless you talking about bulbs under 40 watts, in which case your not saving much electricity.
Skylights are way better than any electrical lighting system. If you want high tech, how about a mirror that redirects sunlight into a solar-tube?
How on earth the EU can contemplate bringing this braindead patent system to Europe is beyond me.
The US patent office is extremely successful at generating revenue for the US patent office. So much so, that the US government now steals about 85% of it.
So you see it's very simple - the legislators in favor of it are corrupt.
Software patents have harmed some software developers by forcing them into costly litigation. Perhaps true, perhaps not. Please give examples of software deveolpers which have been harmed by software patents.
Earthlink (Mailblocks v. Earthlink), and Microsoft (Microsoft v. Eolas) are two high profile examples. Mailblocks sued two others before attacking Earthlink.
Please provide examples of software patents preventing costly litigation.
Software patents have a chilling effect on development. Knowing that a piece of software you are writing might be patented makes it less likely that you will work on it. Completely ridiculous. It is exactly the other way around -- knowing that my software *will* be patented makes me *more* motivated to work on it. However, I don't work for a big corporation -- I'm an independent.
No, knowing that you will hold the patent on a piece of software increases your motivation to work on it. Knowing that someone else will hold the patent on a piece of software greatly decreases your motivation to work on it. The problem is, there's a reasonable chance that the software you are writing is patented or is going to be patented by someone else. Even if you think the risk is small, it's still a risk, and risks are a disincentive.
What good thing has happened as a result of software patents? Knowing that my intellectual fruit is worth something in the open market and that it *is* protected better than by copyright. Furthermore, *all* software patents expire eventually, and then the software is in the public domain.
The last statement isn't much of an argument in favor. If we didn't have patents at all, they would all start out "in the public domain".
The rationalization for patents is that they give an incentive to the inventor, and therefore cause more invention. To me, that sounds suspiciously like "the ends justify the means".
Patents cause harm to the innovation process by preventing people from using the idea, even when they develop it independently. In the physical world independently arriving at the same invention happens rarely, and it's much easier to pretend that the harm is justified by the imagined benefit. In software, independently creating the same invention happens constantly, and the harm is not as easy to justify. And it's far less clear that there is any benefit.
You only found 2 issues with SPF? How about a few more
I agree with most of the comments, but I don't quite understand the "No sane firewall is going to let TXT records through" one.
I don't know of any firewall that blocks a specific type of UDP packet. To a firewall all DNS replies look alike. Sure, it could parse the data part of a DNS packet in the firewall, but AFAIK no firewall actually does.
Software patents do not promote science and the useful arts.
Software patents have not caused an increase in the amount of software being written.
Software patents have harmed some software developers by forcing them into costly litigation.
Software patents have a chilling effect on developement. Knowing that a piece of software you are writting might be patented makes it less likely that you will work on it.
What good thing has happend as a result of software patents?
Software patents should not be allowed to start, and in countries where they've already started, they should be abolished.
I can tell 300 DPI from 600 DPI on a printout, but above that it looks about the same to me.
At a normal "reading" distance, most people can distinguish between 600 and 1200 DPI when they have the two side by side. (Look at the round parts of letters, or small 'o')
I remember a story about an irate worker who broke into HR and took a balance sheet with everyone's salary. They made a few dozen copies and posted them in conspicuous place about the office. Supposedly, two weeks later the company went out of business.
While I think that's an urban legend, I'm certain I've never worked at a company that disclosed how much they were paying anybody to anybody else unless it was absolutely necessary. (In some cases, not even then.) I predict this will either quickly turn into a secret auction, or die altogether.
I'd actually like to hear a proponent of SPF deal with the complaints made about it here.
I'm not exactly a proponent, but I can respond to most of his points;
* SPF breaks pre-delivery forwarding. SPF doesn't break pre-delivery forwarding at all, you just need to include the machine forwarded to in your SPF record. post-delivery forwarding is a problem, but at least in theory, it can be solved by only checking SPF records at the first receipt point, or by having a smart checker that knows about your forwarding.
I.e. if Alice is sending to Bob, then there's a point at which the message leaves Alice's control, and enters Bobs. Before that point, Alice can adjust her SPF record to include all possible point of egress. After that point, Bob needs to check based only on the IP that entered his realm of control. This may be hard for Bob to do, or beyond his understanding, but that doesn't mean it's impossible.
* SPF hijacks existing DNS mechanisms. Bullshit. SPF uses TXT records. It's even RFC 1464 compliant, so it won't interfere with other TXT records (unless someone's already created the "v" tag) It could have been made less likely to collide by using "spf1=" instead, but it doesn't hijack anything.
* SPF gives ISPs a "lock-in" weapon against their customers. This one baffles me. If you're using the address bob@example.com, then example.com already has you by the balls. If you're using bob@vanitiydomain.tld then you are in control of your own SPF record, and can switch it to anything you like.
* SPF is useless for several entire classes of people. That would be anyone who sends direct-to-mx email from random IPs. Those people will have to change. Sorry, sucks to be you.
The percentage of people in this class is very near zero.
* SPF relies upon DNS for security, but DNS isn't a security service. Yeah, so? No one said SPF was perfect, they said it was better than what we currently have (nothing.) Spoofing DNS, while possible, is considerably harder than forging a from address. If this were really a concern, we'd already have adopted one of the many "secure" dns alternatives.
* SPF is vulnerable to race conditions during database changes. Yeah, so? So is email in general.
* SPF creates new categories of third class citizenship. Sheese - time to break out the tin foil hat. The purpose is to discriminate against people who forge addresses. I suppose some people will try and push all kinds of crap into, around, and on to SPF - but it's really innocuous as these things go.
* SPF doesn't actually address unsolicited bulk mail at all. That is correct. SPF is a tool against forgeries only. It doesn't directly prevent email delivery at all.
* SPF hands Verisign its next unwelcome "innovation" on a platter. If that's the worst thing you can think of for Verisign to do when they have complete control of the DNS system, then I have no respect for your imagination. Verisign could create SPF records for existing domains. Verisign could make resolving TXT records a "premium" service which costs money. Hell, Verisign could just raise the fees for owning a domain name in.com. Yes, Verisign is an evil monopoly with near total control over the domain name system, and they can fuck you over at any time. Get over it.
SPF didn't make them that way, nor will it contribute to their general evilness.
If they spent time and resources coming up with such a superior idea, why SHOULDN'T they be allowed to patent it and reap the rewards?
Because the penalties associated with allowing them do so out weigh the benefits. Software patents have a net negative effect on science and the useful arts.
In general, no. Authentication is based on a random key locked inside each chip which you are forbidden to see. Every chip has a different key. That random key is signed by the manufacturer, and it is effectively impossible for you to forge that signature.
So I do a "man in the middle" attack on my own computer.
...if that evidence confirmed what Kerry, the official naval record, and the eyewitnesses say, would you then demand even more proof, and still not demand the same level of proof from the swiftvets?
Absolutely.
I suggest you re-examine that part of yourself which caused you to believe a webpage and a TV ad had more credibility than multiple eyewitness accounts, the sworn testimony of the physician of record, and the physical evidence.
What would you accept as sufficient evidence of their untruth?
Two things: 1) Release all of his war journal that he kept. 2) Sign the release form for ALL of his military records.
So you would accept that the swiftvets are lying if Kerry did that, regardless of what the reports say?
Or would you only accept that the swiftvets are lying if Kerry did that, and the new documentation said the same thing as the current offical navy record, the eyewitnesses, and Kerry himself?
Or if that evidence confirmed what Kerry, the official naval record, and the eyewitnesses say, would you then demand even more proof, and still not demand the same level of proof from the swiftvets?
With SMTP, it's easy to forge identities. That's something that could at least theoretically be solved cleanly with a new system. Only if all mail servers are trustworthy. The problem is that they aren't, and won't be for the forseeable future.
The server's don't need to be trustworthy, in theory at least. One could require all messages to be digitally signed with a public key.
A new system could provide for things like pennyblack, hashcash, challenge/response, or sender risks. Any system that tries to force the sender to invest something valuable into the mail transaction requires a unified system of email administration across the planet. We don't have this, and aren't likely to any time soon. Most implementations I've heard about also require that mail servers be trustworthy, which we don't have, and won't have any time soon.
Uh, yes, that's why I said "new system" and "in theory"
The point being that the problems with email could, in theory be dealt with by junking the current system and replacing it with something better. (Which is after all, the premise of the article)
I didn't comment on whether the system discussed in the article would do this, just on the assumption that it was inherently impossible.
Slashdot Mirror
Sadly, law enforcement rarely even punishes them for trying to collect a "debt" illegally.
Which language is better for telling stories; French, German, English, or Greek?
Don't they teach you youngin's about turing equivilancy in programmer school?
A real programmer can write FORTRAN in any language.
Good code is about thinkin' not writin'
-- should you believe authority without question?
You could insist that the signed To: header match the envelope to.
-- Should you belive authority without question?
"I wasn't trying to predict the future, I was trying to prevent it." - Ray Bradbury.
Why not allow each potential domain name registration to be reviewed by anyone,
and allow for some sort of challenge before the name is given out?
Maybe because it would cost a lot of money, raise the price of domains, and not offer any significant benefits.
(There's also the question of who enforces the controls, and do we really want them to have more power)
IMO, the problem is with people who put their trust in a name, not with the ease of obtaining it.
-- Should you believe authority without question?
There's at least one significant difference.
Fraud with paper ballots involves much larger numbers of people.
A single hacker could theoretically change every vote.
-- should you believe authority without question?
Did they check with any of the other CO2 monitoring stations in the world?
If they did, then why didn't they mention that?
And if the didn't, then why should I believe it?
-- Should you believe authority without question?
It's an old figure from a Sacramento Municipal Utility District study.
Reviewing the study, a key point is that only homes with gas heating are considered.
Googling shows a US national average closer to 1Kwh, though obviously YMMV
1.5kWh is not necessarily unreasonable, but I'd still check the appliances in the apartment.
(The kill a watt meter is great for tracking down power guzzlers.)
It's possible you could save money buying a new fridge even if you ended up giving it to the apartment complex.
-- not a
Average household electric consumption is around 1/2 a Kilowatt.
(your monthly electric bill probably has KWH on it - divide by 720)
But the wind doesn't always blow, so you need more/bigger turbines and some way to store the excess.
Non-compact fluorescents (the 4 foot tubes) are much better, and cheaper.
T8 is the best, but even the "standard" T12 is more efficient than CFL.
typical T8 fluorescent lamp - 85 lumens per watt.
typical T12 fluorescent lamp - 65 lumens per watt.
typical compact fluorescents - 50 lumens per watt.
60W Incandescent A19 Bulb - 15 lumens per watt.
LEDs have great potential, but they're still not more efficient (yet).
- unless you talking about bulbs under 40 watts, in which case your not saving much electricity.
Skylights are way better than any electrical lighting system.
If you want high tech, how about a mirror that redirects sunlight into a solar-tube?
-- not a
The US patent office is extremely successful at generating revenue for the US patent office.
So much so, that the US government now steals about 85% of it.
So you see it's very simple - the legislators in favor of it are corrupt.
-- Should you believe authority without question?
Earthlink (Mailblocks v. Earthlink), and Microsoft (Microsoft v. Eolas) are two high profile examples.
Mailblocks sued two others before attacking Earthlink.
Please provide examples of software patents preventing costly litigation.
No, knowing that you will hold the patent on a piece of software increases your motivation to work on it.
Knowing that someone else will hold the patent on a piece of software greatly decreases your motivation to work on it.
The problem is, there's a reasonable chance that the software you are writing is patented or is going to be patented by someone else.
Even if you think the risk is small, it's still a risk, and risks are a disincentive.
The last statement isn't much of an argument in favor.
If we didn't have patents at all, they would all start out "in the public domain".
The rationalization for patents is that they give an incentive to the inventor, and therefore cause more invention.
To me, that sounds suspiciously like "the ends justify the means".
Patents cause harm to the innovation process by preventing people from using the idea, even when they develop it independently.
In the physical world independently arriving at the same invention happens rarely,
and it's much easier to pretend that the harm is justified by the imagined benefit.
In software, independently creating the same invention happens constantly, and the harm is not as easy to justify.
And it's far less clear that there is any benefit.
-- not a
You only found 2 issues with SPF?
How about a few more
I agree with most of the comments, but I don't quite understand the "No sane firewall is going to let TXT records through" one.
I don't know of any firewall that blocks a specific type of UDP packet.
To a firewall all DNS replies look alike.
Sure, it could parse the data part of a DNS packet in the firewall, but AFAIK no firewall actually does.
-- Should you question authority?
There is nothing right with software patents.
Software patents do not promote science and the useful arts.
Software patents have not caused an increase in the amount of software being written.
Software patents have harmed some software developers by forcing them into costly litigation.
Software patents have a chilling effect on developement. Knowing that a piece of software you are writting might be patented makes it less likely that you will work on it.
What good thing has happend as a result of software patents?
Software patents should not be allowed to start, and in countries where they've already started, they should be abolished.
-- Should you question authority?
At a normal "reading" distance, most people can distinguish between 600 and 1200 DPI when they have the two side by side.
(Look at the round parts of letters, or small 'o')
-- should you question authority?
IMO, it should have been
"spf1=
or perhaps
"spf=v1
If you read RFC 1464 I think it will be clear why.
I remember a story about an irate worker who broke into HR and took a balance sheet with everyone's salary.
They made a few dozen copies and posted them in conspicuous place about the office.
Supposedly, two weeks later the company went out of business.
While I think that's an urban legend, I'm certain I've never worked at a company that disclosed how much they were paying anybody to anybody else unless it was absolutely necessary. (In some cases, not even then.)
I predict this will either quickly turn into a secret auction, or die altogether.
-- should you question authority?
I'm not exactly a proponent, but I can respond to most of his points;
* SPF breaks pre-delivery forwarding.
SPF doesn't break pre-delivery forwarding at all, you just need to include the machine forwarded to in your SPF record.
post-delivery forwarding is a problem, but at least in theory, it can be solved by only checking SPF records at the first receipt point,
or by having a smart checker that knows about your forwarding.
I.e. if Alice is sending to Bob, then there's a point at which the message leaves Alice's control, and enters Bobs.
Before that point, Alice can adjust her SPF record to include all possible point of egress.
After that point, Bob needs to check based only on the IP that entered his realm of control.
This may be hard for Bob to do, or beyond his understanding, but that doesn't mean it's impossible.
* SPF hijacks existing DNS mechanisms.
Bullshit. SPF uses TXT records.
It's even RFC 1464 compliant, so it won't interfere with other TXT records (unless someone's already created the "v" tag)
It could have been made less likely to collide by using "spf1=" instead, but it doesn't hijack anything.
* SPF gives ISPs a "lock-in" weapon against their customers.
This one baffles me.
If you're using the address bob@example.com, then example.com already has you by the balls.
If you're using bob@vanitiydomain.tld then you are in control of your own SPF record, and can switch it to anything you like.
* SPF is useless for several entire classes of people.
That would be anyone who sends direct-to-mx email from random IPs.
Those people will have to change.
Sorry, sucks to be you.
The percentage of people in this class is very near zero.
* SPF relies upon DNS for security, but DNS isn't a security service.
Yeah, so?
No one said SPF was perfect, they said it was better than what we currently have (nothing.)
Spoofing DNS, while possible, is considerably harder than forging a from address.
If this were really a concern, we'd already have adopted one of the many "secure" dns alternatives.
* SPF is vulnerable to race conditions during database changes.
Yeah, so?
So is email in general.
* SPF creates new categories of third class citizenship.
Sheese - time to break out the tin foil hat.
The purpose is to discriminate against people who forge addresses.
I suppose some people will try and push all kinds of crap into, around, and on to SPF - but it's really innocuous as these things go.
* SPF doesn't actually address unsolicited bulk mail at all.
That is correct.
SPF is a tool against forgeries only.
It doesn't directly prevent email delivery at all.
* SPF hands Verisign its next unwelcome "innovation" on a platter.
If that's the worst thing you can think of for Verisign to do when they have complete control of the DNS system, then I have no respect for your imagination.
Verisign could create SPF records for existing domains.
Verisign could make resolving TXT records a "premium" service which costs money.
Hell, Verisign could just raise the fees for owning a domain name in
Yes, Verisign is an evil monopoly with near total control over the domain name system, and they can fuck you over at any time.
Get over it.
SPF didn't make them that way, nor will it contribute to their general evilness.
-- should you question authority?
Because the penalties associated with allowing them do so out weigh the benefits.
Software patents have a net negative effect on science and the useful arts.
-- should you question authority?
So I do a "man in the middle" attack on my own computer.
-- less is better.
I suggest you re-examine that part of yourself which caused you to believe a webpage and a TV ad had more credibility than multiple eyewitness accounts, the sworn testimony of the physician of record, and the physical evidence.
-- should you question authority?
So you would accept that the swiftvets are lying if Kerry did that, regardless of what the reports say?
Or would you only accept that the swiftvets are lying if Kerry did that, and the new documentation said the same thing as the current offical navy record, the eyewitnesses, and Kerry himself?
Or if that evidence confirmed what Kerry, the official naval record, and the eyewitnesses say, would you then demand even more proof, and still not demand the same level of proof from the swiftvets?
-- should we question authority?
What would you accept as sufficient evidence of their untruth?
-- should we question authority?
The server's don't need to be trustworthy, in theory at least.
One could require all messages to be digitally signed with a public key.
Uh, yes, that's why I said "new system" and "in theory"
The point being that the problems with email could, in theory be dealt with by junking the current system and replacing it with something better.
(Which is after all, the premise of the article)
I didn't comment on whether the system discussed in the article would do this, just on the assumption that it was inherently impossible.
-- Should you question authority?
Give them a range instead of a number.
"The project will be done in 1 to 1000 weeks"
If they demand a single number, insist they use the worst one.
If they ask for a better estimate (i.e. smaller range) tell them you can have one in 1 to 10 days.
-- less is better.