Just include pornographic images in your captcha, anyone looking for porn will have no incentive to 'solve' it; They have porn, and failing to solve it will get them yet another porn image...
The only real solution I see to spam is e-stamps. If they have to pay a few cents per message, it will no longer be economical for most of them.
80% of spam is already sent from trojaned Windows machines. An e-stamp system would make no practical difference; users that get hit by assorted malware often get a huge bandwidth bill (in countries that pay per meg) or a huge phone bill (if they use dialup and get a 'dialler'). Those users tighten up security, but there is a never-ending supply of new users and new Windows boxes to 0wn. With e-stamps they'd also get a huge email bill. You think the spammers are going to feel any guilt about that? They certainly won't be the ones paying for it.
Re:Pure ignorance - please read the BSD license.
on
Why I Love The GPL
·
· Score: 1
But how many would be installing it on multiple machines (of their own; probably allowed by copyright, definately not allowed by the EULA) or on >2 CPU machines (not allowed by the EULA) or reselling an OEM copy after they replace it with something else (allowed by copyright, not allowed by the EULA) or using it in a server role with more than the EULA-authorised number of clients?
BTW; to the original fbsd supporter; sorry. I've never been quite clear on how much or how little the bsd licence allows; In my opinion MSFT are quite likely still using a large amount of BSD code, it's just less clearly identified. This may be in violation of copyright law and/or the BSD licence and they may have rewritten some, but I doubt they've completely rewritten it all. It wouldn't be the first time MSFT have stolen code, (many cases) and it also wouldn't be the first time BSD code has been 'stolen' (AT&T's use of BSD code with copyright stripped off, as mentioned on groklaw)
The BSD licence no longer includes the "advertising clause". It's quite possible that Microsoft is still using the exact same code, but simply removed all the copyright notices as allowed by the amended BSD licence.
You can get a pretty good idea of how much of the Windows TCP/IP stack has been rewritten by fingerprinting the TCP/IP packets that the code generates, as performed by nmap or p0f.
Re:Lazy IE Only Scripted Webpages...
on
Firefox In Print
·
· Score: 1
Bullshit.
I design pages to validate as XHTML 1.0 strict with CSS1. They always render perfectly (as I intended, and consistent with what the W3C documentation describes) in Mozilla, Firefox, and Opera. And MSIE consistently screws up the formatting. Every page I ever design I have to spend the same amount of time coding a special 'fixup' CSS for MSIE that gets loaded using IE-conditional-comments.
My current plan:
$69 per month
256K down, 128K up
10GB cap.
I originally signed up for a slightly different plan, $50/month on "UBS" (a weasel deal Telecom agreed with to avoid Local Loop Unbundling) starting in October. Telecom has managed to fuck us around for three months already so I now owe almost $180 to a company I didn't sign up with for a plan I never really agreed to.
In any sane universe I could tell them to just fuck off, but since they're also the only provider of phone service in about 95% of the country I have little choice but to pay them or have my phone disconnected.
If any significant percentage of legal installs end up with a 'pirated' key and a similar number of pirated installs end up with a key that Microsoft can't identify as being invalid, all without affecting the immediate operation of Windows, it would throw Microsoft's entire "Genuine Advantage" program in the crapper.
What we need is a virus that runs a keygen, replaces the local key (valid or otherwise) with a working keygen'd key, and then removes all traces of itself completely. Somewhere along the line I guess it wants to spread too, but it should do all of this with the smallest possible impact on the local machine and network connection..
Just for variations, it could also replace the key one time in ten with the 'devil's own' or one of the more popular keys off the web.
of COURSE the cop cameras won't have this feature.
The concern is that ordinary civilian cameras will, at some time in the future the cops will get caught 'on camera' beating the crap out of some guy just for being the wrong color but they'll get away with it because none of the cops involved will be identifiable.
Your wife has the same fettish as mine. Definately wax it, it's more painful at the time but not half as uncomfortable when the hair starts to grow back.
After about a week all the chip capacitors started breaking off. After a few months the chips thesmelves were wearing at the corners and eventually came off. And for the last three years I've had a bare circuitboard on my keychain. Now I have an anodized aluminium penguin which will hopefully be a little more robust.
To dial a three, for example, one clicks the receiver three times (within a second).
Except if you're in New Zealand or Sweden, in which case it's 1 click for 9, two clicks for 8, three clicks for 7, and so on.. but still 10 clicks for 0:)
Nitpick; using plaintext authentication on an insecure network _IS_ a security flaw. If the password got sniffed and subsequently used, you're just as 0wned as via any other kind of hack.
I'm a bit sore on this point; I recently had someone try to set up a BNC on my home PC after they managed to hack another box I have a shell on and brute-forced the shadow file. Fact is I ignored the important security precaution of using a unique password on every box, and it cost me a weekend rebuilding and making sure that any other passwords they may have had access to were changed as soon as possible.
Just wait til someone finally manages to overclock their watch:)
Unlike computers, there has been absolutely no progress in the field of clockmaking for a very long time. Clocks today run no faster than they did 20 years ago!!
I was generating tc-`date +s`@mydomain.co.nz email addresses about 6 years ago.. Recieve spam, convert address nack to date, find spammers IP in apache logs. It's also interesting to see how much spam is from mailing-list CD's and how much is scrape-send-throw away. Lots of those scraped addresses resulted in spam hours or days later but never got used again.. which means that removing or obfuscating your email address on the web even if it's previously been in the clear CAN significantly reduce the amount of spam you get now.
I'm in the process of migrating my sister-in-law's computer from 2K to XP as I type this (clean install, upgrades never go well for me). First step back up the existing drive. Windows always seems to have a problem with this (files in use, hidden and system folders that it just can't see, etc) so the first step is to boot knoppix and cp -a the windows drive (mounted ro so no need for captive) onto a network share.
I know in theory I should only need to back up the Documents and Settings directory.. but this is Windows, documents and settings seem to end up getting saved all over the filesystem!
Last week a friend came to me with a hacked mailserver. It wouldn't boot at all but using knoppix I could easily rescue/var/spool/cyrus and scp it to my own box, and from there I used IMAP to push the mail onto the new mail server.
Last month I moved Debian from a 20G drive to my bigger and slightly faster 40G drive. Copied all the files over but forgot to change/etc/fstab and lilo so rather than swapping the drives back I just booted knoppix and fixed it that way (lilo -r/mnt/hda1, etc)
Good reply, very informative! And good luck with your project. There are relatively few areas left where there's no viable OSS alternative to commercial software, and it's always good to see people attending to these!
What if there's a bug? If even a minor fraction of your end users are, because of a mistake you made, systematically undercalculating their tax the IRS is likely to be upset at the potential loss of revenue and/or the extra work required to find and correct these returns. I wouldn't want to be in that position.
Your suggestion is broken already; I use a link of http://www.windowsdownload.microsoft.com.mysite.or g/ or similar, and if the name is sufficiently long it'll get truncated to "http://www.windowsdownload.microsoft.com..."
My solution would be to put elipses (...) in the download window so that it's clear the name has been truncated, and show the full URL in the status bar when the user hovers over the link. Which means AFAIC this is a complete non-issue.
In a checkerboard display the screen looks approximately grey but a single dead pixel that should be white becomes a cluster of 5 black pixels, much more obvious than a single black pixel on a grey or white background.
Ditto a single hot pixel, it becomes part of a cluster of 5 lit pixels.
Invert the checkerboard to find the other dead pixels (hot pixels that ended up being on a lit pixel, and dead pixels that ended up unlit)
Slashdot Mirror
Just include pornographic images in your captcha, anyone looking for porn will have no incentive to 'solve' it; They have porn, and failing to solve it will get them yet another porn image...
The only real solution I see to spam is e-stamps. If they have to pay a few cents per message, it will no longer be economical for most of them.
80% of spam is already sent from trojaned Windows machines. An e-stamp system would make no practical difference; users that get hit by assorted malware often get a huge bandwidth bill (in countries that pay per meg) or a huge phone bill (if they use dialup and get a 'dialler'). Those users tighten up security, but there is a never-ending supply of new users and new Windows boxes to 0wn. With e-stamps they'd also get a huge email bill. You think the spammers are going to feel any guilt about that? They certainly won't be the ones paying for it.
But how many would be installing it on multiple machines (of their own; probably allowed by copyright, definately not allowed by the EULA) or on >2 CPU machines (not allowed by the EULA) or reselling an OEM copy after they replace it with something else (allowed by copyright, not allowed by the EULA) or using it in a server role with more than the EULA-authorised number of clients?
BTW; to the original fbsd supporter; sorry. I've never been quite clear on how much or how little the bsd licence allows; In my opinion MSFT are quite likely still using a large amount of BSD code, it's just less clearly identified. This may be in violation of copyright law and/or the BSD licence and they may have rewritten some, but I doubt they've completely rewritten it all. It wouldn't be the first time MSFT have stolen code, (many cases) and it also wouldn't be the first time BSD code has been 'stolen' (AT&T's use of BSD code with copyright stripped off, as mentioned on groklaw)
Or you could go with Morrison & Foerster
/. before suing spammers, and they have a cool domain name!
#13 of the top 250, they've been mentioned on
Perhaps. Perhaps not..
The BSD licence no longer includes the "advertising clause". It's quite possible that Microsoft is still using the exact same code, but simply removed all the copyright notices as allowed by the amended BSD licence.
You can get a pretty good idea of how much of the Windows TCP/IP stack has been rewritten by fingerprinting the TCP/IP packets that the code generates, as performed by nmap or p0f.
Bullshit.
I design pages to validate as XHTML 1.0 strict with CSS1. They always render perfectly (as I intended, and consistent with what the W3C documentation describes) in Mozilla, Firefox, and Opera. And MSIE consistently screws up the formatting. Every page I ever design I have to spend the same amount of time coding a special 'fixup' CSS for MSIE that gets loaded using IE-conditional-comments.
My current plan:
$69 per month
256K down, 128K up
10GB cap.
I originally signed up for a slightly different plan, $50/month on "UBS" (a weasel deal Telecom agreed with to avoid Local Loop Unbundling) starting in October. Telecom has managed to fuck us around for three months already so I now owe almost $180 to a company I didn't sign up with for a plan I never really agreed to.
In any sane universe I could tell them to just fuck off, but since they're also the only provider of phone service in about 95% of the country I have little choice but to pay them or have my phone disconnected.
And you think you're getting screwed over?!!
You miss the point;
If any significant percentage of legal installs end up with a 'pirated' key and a similar number of pirated installs end up with a key that Microsoft can't identify as being invalid, all without affecting the immediate operation of Windows, it would throw Microsoft's entire "Genuine Advantage" program in the crapper.
I suggested something like this a while back...
What we need is a virus that runs a keygen, replaces the local key (valid or otherwise) with a working keygen'd key, and then removes all traces of itself completely. Somewhere along the line I guess it wants to spread too, but it should do all of this with the smallest possible impact on the local machine and network connection..
Just for variations, it could also replace the key one time in ten with the 'devil's own' or one of the more popular keys off the web.
Sneeches, anyone?
of COURSE the cop cameras won't have this feature.
The concern is that ordinary civilian cameras will, at some time in the future the cops will get caught 'on camera' beating the crap out of some guy just for being the wrong color but they'll get away with it because none of the cops involved will be identifiable.
zcat@fluffy:~$ apt-cache search tn3270
hercules - System/370, ESA/390 and z/Architecture Emulator
And the problem is??
Your wife has the same fettish as mine. Definately wax it, it's more painful at the time but not half as uncomfortable when the hair starts to grow back.
It was pretty cool for a while.
After about a week all the chip capacitors started breaking off. After a few months the chips thesmelves were wearing at the corners and eventually came off. And for the last three years I've had a bare circuitboard on my keychain. Now I have an anodized aluminium penguin which will hopefully be a little more robust.
To dial a three, for example, one clicks the receiver three times (within a second).
:)
Except if you're in New Zealand or Sweden, in which case it's 1 click for 9, two clicks for 8, three clicks for 7, and so on.. but still 10 clicks for 0
Would it help if we shaved it?
1) Get broadband and set up cheap AP at home
2) Run dsniff
3) ???
4) Profit!!!
Nitpick; using plaintext authentication on an insecure network _IS_ a security flaw. If the password got sniffed and subsequently used, you're just as 0wned as via any other kind of hack.
I'm a bit sore on this point; I recently had someone try to set up a BNC on my home PC after they managed to hack another box I have a shell on and brute-forced the shadow file. Fact is I ignored the important security precaution of using a unique password on every box, and it cost me a weekend rebuilding and making sure that any other passwords they may have had access to were changed as soon as possible.
Just wait til someone finally manages to overclock their watch :)
Unlike computers, there has been absolutely no progress in the field of clockmaking for a very long time. Clocks today run no faster than they did 20 years ago!!
I was generating tc-`date +s`@mydomain.co.nz email addresses about 6 years ago.. Recieve spam, convert address nack to date, find spammers IP in apache logs. It's also interesting to see how much spam is from mailing-list CD's and how much is scrape-send-throw away. Lots of those scraped addresses resulted in spam hours or days later but never got used again.. which means that removing or obfuscating your email address on the web even if it's previously been in the clear CAN significantly reduce the amount of spam you get now.
I'm in the process of migrating my sister-in-law's computer from 2K to XP as I type this (clean install, upgrades never go well for me). First step back up the existing drive. Windows always seems to have a problem with this (files in use, hidden and system folders that it just can't see, etc) so the first step is to boot knoppix and cp -a the windows drive (mounted ro so no need for captive) onto a network share.
/var/spool/cyrus and scp it to my own box, and from there I used IMAP to push the mail onto the new mail server.
/etc/fstab and lilo so rather than swapping the drives back I just booted knoppix and fixed it that way (lilo -r /mnt/hda1, etc)
I know in theory I should only need to back up the Documents and Settings directory.. but this is Windows, documents and settings seem to end up getting saved all over the filesystem!
Last week a friend came to me with a hacked mailserver. It wouldn't boot at all but using knoppix I could easily rescue
Last month I moved Debian from a 20G drive to my bigger and slightly faster 40G drive. Copied all the files over but forgot to change
Good reply, very informative! And good luck with your project. There are relatively few areas left where there's no viable OSS alternative to commercial software, and it's always good to see people attending to these!
What if there's a bug? If even a minor fraction of your end users are, because of a mistake you made, systematically undercalculating their tax the IRS is likely to be upset at the potential loss of revenue and/or the extra work required to find and correct these returns. I wouldn't want to be in that position.
Your suggestion is broken already; I use a link of http://www.windowsdownload.microsoft.com.mysite.or g/ or similar, and if the name is sufficiently long it'll get truncated to "http://www.windowsdownload.microsoft.com..."
My solution would be to put elipses (...) in the download window so that it's clear the name has been truncated, and show the full URL in the status bar when the user hovers over the link. Which means AFAIC this is a complete non-issue.
Anyhow; I can already answer the first question.
In a checkerboard display the screen looks approximately grey but a single dead pixel that should be white becomes a cluster of 5 black pixels, much more obvious than a single black pixel on a grey or white background.
Ditto a single hot pixel, it becomes part of a cluster of 5 lit pixels.
Invert the checkerboard to find the other dead pixels (hot pixels that ended up being on a lit pixel, and dead pixels that ended up unlit)
And how does this differ from a simple 'mid-grey' display, which will also show up any dead or hot pixels instantly?