Not everyone has a credit card. Not everyone has a debit card. Furthermore, many people, despite the fact they could have one of these wallet size icons of mass consumerism, don't want one.
Then use a micropayment service that doesn't require one. Perhaps your ISP could offer one? Or maybe your Telco, Bank, University, anyone who you're already paying for services could, and just add it to your bill. Maybe you could buy $5 prepay micropayment cards at the gas station...
In other words, they see pay-as-you-go as a benefit to the consumer. Problem is, the consumer does not view it as a benefit; rather the opposite.
Which consumer? I see pay-as-you-go as beneficial in many, although not all, situations.
A number of studies have shown that people greatly prefer a fixed-cost structure over use-based payment - even when they demonstrably would save significant amounts of money by switching over.
So when you go out to dinner you always go to the same restaurant where you pay a yearly subscription?
Or when you buy a soft drink or a chocolate bar
you don't pay anything because you have a monthly subscription to Cadbury and Pepsico ?
Or when you catch an occasional ferry to visit some friends, you don't have the hassle of fiddling with coins because you have an annual season ticket?
Where is the fundamental difference between those things, and buying an occasional online comic issue?
Clearly no-one will pay even a dime for content that they can get elsewhere for free.
I think that depends on what you mean by "free". For example, I don't consider my time and effort to be worth nothing. Maybe all the hassle of clicking on a "pay 15c" button is more useful to me than 20 minutes spend poring through search engine results?
If I'm downloading a large piece of software, for example, I likely would pay 10c if it meant I'd get a faster download.
Or webcomics... there are free ones, and there are pay ones. That doesn't mean the free ones are the same as the pay ones. Different comics. And if the artist want 15c for his troubles, that's absolutely fine by me.
I have no problem handing over lots of small amounts of cash if it improves things for me.
What's missing in the micropayment world are two things, AFAICS. One is government support to mandate norms and standards backed up with legislation and consumer/supplier protection.
Perhaps I'm biased by not living in the US, but *which* government?
And what kind of new laws and standards would be needed?
Two is support from the banking industry in the form of accessible implementations available to small vendors.
Why does it need to be the banking industry?
What's wrong with many small independent vendors offering services to providers and consumers?
With a standard protocol (w3c anyone?), consumers could choose "wallet providers" based on preference and features. Paypal was hardly a huge financial institute when they started, and as far as I can see they seem to be doing fine. (perhaps need a bit of competition though)
Hrm, could this have been one of the hidden advantages we lost when we switched from bang-path addressing to DNS based ?
Under the old "route it took to get here" method, were addresses forgeable? Sure, you could pretend you were only a relay rather than the originator, but you'd still get the bounces.
I really doubt that, considering how different Novell OS is. Windows an Linux are similar when it comes to native filesystems etc. In Linux we have rwx permissions, deny overrides allow for inherited rights etc. Windows has the above plus a little more. Novell on the other hand has tons of permissions and rights. For example you can give a user the rights to rename a file but not to do anything else in the folder etc.
Linux *does* support many other types of access control. It's just that most distros seem to go for the traditional UNIX model because that's what all the tools support.
There's no reason someone making a new distro couldn't use one of the ACL based systems, especially if they were providing their own user space tools.
- Muggins the Mad
Re:Check out Internet Mail 2000
on
Replacing SMTP?
·
· Score: 2, Insightful
The problem is spammers can write their own software to give them the ability to store 1 email and billions of aliases to that one email used for spamming.
It's not so much the storage, it's the bandwidth that costs, I think.
Sure, they can store one email and send out millions of notifications from "different" addresses.
But as soon as people start reading it, those networks are going to start getting really busy.
A self-slashdotting type effect.
- Muggins the Mad
Re:Check out Internet Mail 2000
on
Replacing SMTP?
·
· Score: 1
I believe we need a trusted protocol. This might be as simple as having all emails PGP signed and everything else being sent to the bit-bucket (if you want to be aggressive) or only passed through to the user if the unsigned message had an extremely low spam score.
Ah, and those of us who've been trying to get people to use PGP for years can finally be publically smug:)
But if everyone were to use Bayesian I swear we wouldn't even have to propose a new protocol, talk about new legislation, etc.
Among other things, I do use Bayes, I've tried several different implementations of it (currently the Moz Thunderbird one seems to work best).
Most do a very good job, but the problem is they don't work perfectly. For those of us who use email
for work, *one* missed email can cause a lot of trouble and, occasionally, risk of job loss.
I get maybe three messages a week that look like spam from the header, get classified as spam by the filter, but which are important messages that I can get in a lot of trouble for if I don't read.
Mail from an semi-literate customer using a random hotmail account really has to be looked at by a person.
The other thing I've noticed is that some spammers are obviously trying to reword their junk so it can pass the filters. They're not very good at it yet, but I can see they'll get there.
I really can't see any solution that keeps the spam flowing working.
I do like the idea of storing the sent mail on the senders (ISPs?) mail server. It's simple, practical, and consumes the senders resources. And if the ISP cuts off a spammers account, then all the unread spam is *gone*.
Those who host big mailing lists are just in the same situation as those who host big web sites. I'm sure a system of mirror feeds could be implemented to help out.
I think it depends what you mean by "Enterprise application".
If you mean this is for a company intranet or something where you can control the browser they're using, then having to install a plugin for SVG or Flash wouldn't seem to be a problem. Neither would dictating IE5+, although you might find that limits the companies options later.
If you mean it to be "professional looking" for as many customers as you can, then obviously going IE only is about as short sighted as you can get (remember Mac users are about to be excluded) leaving you with probably 10-20% unable to use your application. Requiring a plugin might be a hassle but if it works on everyones browser choices then maybe that's still ok.
But I don't understand why Java is the wrong answer here? Most people have it, it really isn't slow to start and run unless you're doing something boneheaded with it like sending many megabytes of libraries you don't need.
You can even do some surprisingly powerful things with Javascript, although coding them to work in buggy browsers (all of them, especially IE) can be a real pain.
I'm seeing many different opinions of what roleplaying *is*. So I guess it's no surprise that no game seems to be able to live up to everyone's expectations.
To me, a shining example of good roleplaying is when the character does something that the *player* knows will be really bad for them, but the character wouldn't have. I've almost never seen that happen in online games.
But to me, the biggest problem with nearly every online game I've tried is mentioned in the article, but I don't think it's a "roleplaying" thing. It's language.
One of the reasons I like games is... immersion. Escapism. I can come home after a bad day at work and go into a world where magic works, where the good are rewarded, and where I can slay great evil beasts.
That is almost *totally* destroyed when there is a continuous scroll of "lol!!!!! I 0wn3d j00r k177!!!!" type stuff. To me, it destroys the immersion and snaps me back into the real world I'm trying to escape when I meet an elven princess who immediately says "greetz!! grp me!!! grp me!!!"
That's one of the main reasons I abandoned EQ and DAoC (the other being time). Take away the immersability, and I find it hard to see why anyone would play any of the MMORPGs.
> could this be the title to finally turn the public on to the NOLF games?
By removing most of what made NOLF fun?
They are still two of my favourite games, and everyone I've shown them to has run out and bought their own copies and become hooked.
I honestly don't understand why they haven't sold a lot better.
But I think it was the stealth, the 60's feel, and Cate Archer that made them fun.
I guess maybe if they do more of the superb "different" levels (space station, sinking ship, skydiving, tornado, etc) and keep the humour it could still be worth it.
Ok, to bring another level to it. Why is running an unknown executable dangerous?
Because at some point, you need something that actually uses raw machine code, unless you want a very limited system. Not having this option, and having to run everything through a VM is not a very good option from either a performance or functionality standpoint.
There's no reason raw machine code needs to be dangerous at all. Modern computers (even PCs) have decent memory protection that'll stop user programs from having direct access to hardware and force them to go through the OS.
The OS can decide what the user program is allowed to do. Whether it's opening network connections, allocating more memory, writing to screen or file, it *already* goes through the OS anyway. So it's not much of a step to put a few security checks in there.
Raw machine code executables are bad because they aren't cross platform, but I don't see why they are necessarily a security issue under a secure OS
People need to be trained to only open safe file-types they get from untrusted sources.
Only in the current climate of insecure operating systems.
I *want* people to be able to send me cute little applications or games, or interactive data files. Why should we be limited in what we can do because people are so used to the inadequacies of current mass products when there isn't really a technical limitation at all?
UNIX permissions do not allow random writing, deleting, spamming whatever.
Um, yes they do.
Pretty much any program can read your mail settings from.mutt or.netscape or.whatever, pick a bunch of juicy.doc and.jpg files from your home directory and email them to a few million people. Then delete all the files in your home dir.
Projects like SELinux can pretty much solve this, but until they're integrated in the major distros, we're a lot more vulnerable than we like to believe.
Welcome to.NET - I know I'll be flamed, but this is what Microsoft's new technology is about
Yes, and god forbid they actually get it right.
The free software world needs to snap out of it's smug "UNIX is secure" stance and do something to bring it
into this millenium. I want to run executables from random places. As part of my job I actually need to. I don't currently have an OS where I can do that. I would hate for the first one that lets me to be from MS.
Look, security has been afterthought with MS every time. NTFS is a little more protected but not much.
Look up permissions on Unix and even AmigaOS (which had 32-bit preemptive multitasking 10 years before win95 and almost 20 years before MacOS X).
Unfortunately UNIX permissions are still woefully out of date. It doesn't really matter these days that malware can't reformat your drive. It can still send all your files out on the 'net, send a couple of million spam, and delete all your work.
Sun, bless their little evil hearts, actually got something right with the Java OS idea. (lots of other things wrong, but the security architecture was good).
We *really* need projects like SELinux, RSBAC, even LIDS to reach fruition so we can start building decent sandboxes. The higher end commercial UNIXen seem to be doing good things with ACLs and better privilege seperation, but we can't all run those.:)
And I mean built into common dists, not as some obscure kernel patch that breaks all your daemons:)
IMHO, email is not a file transfer medium; sure you can send little things with it, but it's just not useful for any real kinds of file transfer.
The problem in this case is that some viruses don't actually need email to propogate. This particular one just needs someone to open it and run it. Doesn't matter if it came in via FTP, Email, or Kazaa.
Actually, the virus he talks about only works through social engineering. You have to manually open the zip file and click the.exe file.
Ok, to bring another level to it. Why is running an unknown executable dangerous?
It's pretty safe running unknown Java Applets in our browsers these days, barring the occasional VM bug. Why can't we run random executables without worrying that they'll delete everything/spam/etc.
Why the assumption that running a random executable is dangerous?
If you do block ZIP files, how do you give the people who need to sends files the ability to do so?
I think if people insist on running software that is vulnerable to these kinds of attacks then yes, you do need to stop these people using attachments completely.
If we do need to send files to each other as part of our business then surely that's a major feature that our application environment needs. If our chosen solution doesn't let us do that without an enormous amount of hassle and risk, then maybe it's time to make other tradeoffs and choose a client that does.
And if we have to choose between an email client with nice scheduling/calendaring and one that lets us receive file attachments safely, then that's a *decision* that must be made based on business needs. Which is more important to your task? Is
there a way to have both? Will we accept the risk and hassle of virii to get nice calendaring, or will we use clumsier calendaring and have safe file attachments?
Only when people start making these conscious decisions en masse will we start seeing applications (including OS/hardware/whatever) that provide all the features we need to do our jobs.
The current climate of "how do we shore up the inadequacies of our chosen software?" isn't helping things improve.
Nice calendering *or* safe file attachments. Choose. If someone offers a product that does both. Cool. We all win.
This whole having to look "professional" thing really bugs me.
I really don't see the link between dressing in a suit and being *competent*. I don't comprehend it. And while I don't like tattoos and piercings, I can't understand that someone with a full body tattoo and a green mohawk is automatically considered incompetent and useless.
But in the corporate world it seems to be the way things are.
well after spending months waiting in drooling hope for the previous Buffy game only to find they changed their minds about a PS2 release and were only releasing on X-Box (I will never support the MS reign), I have to not think about this one until I actually see it on the shelves in a non-Xbox case.
> Isn't Trusted Solaris basically just this? At an OS level, you associate trust levels that permeate throughout your network.
I think this kind of approach is better than creating virtual machine sandboxes that still run the old weak UNIX security model. If someone 0wns your sandboxed apache, they can still likely cause a DoS with it, or propogate worms, or pretty much anything really.
Good use of iptables and linux "capabilities" can help a lot with limiting what an application can do, but still don't go far enough, IMHO.
Look at projects like SELinux, LIDS, RSBAC, LOMAC
for examples of "free software" alternate security models.
And yeah, they're a pain for development, but then so is trying to program securely:)
> I found an unprotected (i.e., no WEP, no MAC-address protection) WLAN and sucked down that file at over 200Kb/sec. Was I wrong to steal?"
If you'd done that using my (hypothetical) work connection, you'd have cost us somewhere around US$1 in straight volume charges.
So here, it'd be like stealing a dollar.
I think there needs to be some standard developed for advertising wireless services. Terms and conditions, etc. So if you run a public free-for-all service, people can feel confident using it. If you're not intending it to be used by others, it'd be fairly obvious.
Maybe the URL of a "terms and conditions" page could be served with the DHCP reply or something.
Slashdot Mirror
Then use a micropayment service that doesn't require one. Perhaps your ISP could offer one? Or maybe your Telco, Bank, University, anyone who you're already paying for services could, and just add it to your bill. Maybe you could buy $5 prepay micropayment cards at the gas station...
- Muggins the Mad
Which consumer? I see pay-as-you-go as beneficial in many, although not all, situations.
So when you go out to dinner you always go to the same restaurant where you pay a yearly subscription?
Or when you buy a soft drink or a chocolate bar you don't pay anything because you have a monthly subscription to Cadbury and Pepsico ?
Or when you catch an occasional ferry to visit some friends, you don't have the hassle of fiddling with coins because you have an annual season ticket?
Where is the fundamental difference between those things, and buying an occasional online comic issue?
- Muggins the MadI think that depends on what you mean by "free". For example, I don't consider my time and effort to be worth nothing. Maybe all the hassle of clicking on a "pay 15c" button is more useful to me than 20 minutes spend poring through search engine results?
If I'm downloading a large piece of software, for example, I likely would pay 10c if it meant I'd get a faster download.
Or webcomics... there are free ones, and there are pay ones. That doesn't mean the free ones are the same as the pay ones. Different comics. And if the artist want 15c for his troubles, that's absolutely fine by me.
I have no problem handing over lots of small amounts of cash if it improves things for me.
Perhaps I'm biased by not living in the US, but *which* government?
And what kind of new laws and standards would be needed?
Why does it need to be the banking industry? What's wrong with many small independent vendors offering services to providers and consumers? With a standard protocol (w3c anyone?), consumers could choose "wallet providers" based on preference and features. Paypal was hardly a huge financial institute when they started, and as far as I can see they seem to be doing fine. (perhaps need a bit of competition though)
- Muggins the Mad> Where I live, DSL is $30 a month and cable is $40 a month. How can you argue with that?
Um, because I don't live where you live?
- MugginsM
> Please, please stop bouncing email viruses!
Hrm, could this have been one of the hidden advantages we lost when we switched from bang-path
addressing to DNS based ?
Under the old "route it took to get here" method,
were addresses forgeable? Sure, you could pretend
you were only a relay rather than the originator,
but you'd still get the bounces.
- MugginsM
Well, I hope that all good CTO's are doing
their jobs and factoring the cost of all this cleaning up into the TCO of their chosen computer system.
- Muggins
Linux *does* support many other types of access control. It's just that most distros seem to go for the traditional UNIX model because that's what all the tools support.
There's no reason someone making a new distro couldn't use one of the ACL based systems, especially if they were providing their own user space tools.
- Muggins the MadIt's not so much the storage, it's the bandwidth that costs, I think.
Sure, they can store one email and send out millions of notifications from "different" addresses.
But as soon as people start reading it, those networks are going to start getting really busy.
A self-slashdotting type effect.
- Muggins the Mad
Among other things, I do use Bayes, I've tried several different implementations of it (currently the Moz Thunderbird one seems to work best).
Most do a very good job, but the problem is they don't work perfectly. For those of us who use email for work, *one* missed email can cause a lot of trouble and, occasionally, risk of job loss.
I get maybe three messages a week that look like spam from the header, get classified as spam by the filter, but which are important messages that I can get in a lot of trouble for if I don't read.
Mail from an semi-literate customer using a random hotmail account really has to be looked at by a person.
The other thing I've noticed is that some spammers are obviously trying to reword their junk so it can pass the filters. They're not very good at it yet, but I can see they'll get there.
I really can't see any solution that keeps the spam flowing working.
I do like the idea of storing the sent mail on the senders (ISPs?) mail server. It's simple, practical, and consumes the senders resources. And if the ISP cuts off a spammers account, then all the unread spam is *gone*.
Those who host big mailing lists are just in the same situation as those who host big web sites. I'm sure a system of mirror feeds could be implemented to help out.
- Muggins the MadI think it depends what you mean by "Enterprise application".
If you mean this is for a company intranet or something where you can control the browser they're using, then having to install a plugin for SVG or Flash wouldn't seem to be a problem. Neither would dictating IE5+, although you might find that limits the companies options later.
If you mean it to be "professional looking" for as many customers as you can, then obviously going IE only is about as short sighted as you can get (remember Mac users are about to be excluded) leaving you with probably 10-20% unable to use your application. Requiring a plugin might be a hassle but if it works on everyones browser choices then maybe that's still ok.
But I don't understand why Java is the wrong answer here? Most people have it, it really isn't slow to start and run unless you're doing something boneheaded with it like sending many megabytes of libraries you don't need.
You can even do some surprisingly powerful things with Javascript, although coding them to work in buggy browsers (all of them, especially IE) can be a real pain.
- Muggins the Mad
I'm seeing many different opinions of what roleplaying *is*. So I guess it's no surprise that no game seems to be able to live up to everyone's expectations.
To me, a shining example of good roleplaying is when the character does something that the *player* knows will be really bad for them, but the character wouldn't have. I've almost never seen that happen in online games.
But to me, the biggest problem with nearly every online game I've tried is mentioned in the article, but I don't think it's a "roleplaying" thing. It's language.
One of the reasons I like games is... immersion. Escapism. I can come home after a bad day at work and go into a world where magic works, where the good are rewarded, and where I can slay great evil beasts.
That is almost *totally* destroyed when there is a continuous scroll of "lol!!!!! I 0wn3d j00r k177!!!!" type stuff. To me, it destroys the immersion and snaps me back into the real world I'm trying to escape when I meet an elven princess who immediately says "greetz!! grp me!!! grp me!!!"
That's one of the main reasons I abandoned EQ and DAoC (the other being time). Take away the immersability, and I find it hard to see why anyone would play any of the MMORPGs.
- Muggins the Mad
>Just name it 2.6 - everyone will flock to it because 2.even means that it must be a stable release, never mind it's the first release.
And those who made that mistake with 2.4.0 will continue to ignore 2.6 until it's proven itself stable and not find the bugs anyway.
(I'm not one of them, but I have time to spend
on following dev releases. Not everybody does).
I'm not a fan of the "it compiles, ship it! and we'll fix it in a service pack" mentality.
- Muggins the Mad
> could this be the title to finally turn the public on to the NOLF games?
By removing most of what made NOLF fun?
They are still two of my favourite games, and everyone I've shown them to has run out and bought their own copies and become hooked.
I honestly don't understand why they haven't sold a lot better.
But I think it was the stealth, the 60's feel, and
Cate Archer that made them fun.
I guess maybe if they do more of the superb
"different" levels (space station, sinking ship, skydiving,
tornado, etc) and keep the humour it could still
be worth it.
- Colin
And for those of us where iTunes Store isn't supported.... (ie. the rest of the civilised world)
It's only a bit of music, I'm not going to lose any sleep over not being able to buy this one, but exclusive deals in any form just suck.
I tend to shy away from services that are full of "exclusive this, exclusive that" as they're just damaging my freedom of choice.
- Colin
There's no reason raw machine code needs to be dangerous at all. Modern computers (even PCs) have decent memory protection that'll stop user programs from having direct access to hardware and force them to go through the OS.
The OS can decide what the user program is allowed to do. Whether it's opening network connections, allocating more memory, writing to screen or file, it *already* goes through the OS anyway. So it's not much of a step to put a few security checks in there.
Raw machine code executables are bad because they aren't cross platform, but I don't see why they are necessarily a security issue under a secure OS
Only in the current climate of insecure operating systems. I *want* people to be able to send me cute little applications or games, or interactive data files. Why should we be limited in what we can do because people are so used to the inadequacies of current mass products when there isn't really a technical limitation at all?
- Muggins the MadUm, yes they do.
Pretty much any program can read your mail settings from .mutt or .netscape or .whatever, pick a bunch of juicy .doc and .jpg files from your home directory and email them to a few million people. Then delete all the files in your home dir.
Projects like SELinux can pretty much solve this, but until they're integrated in the major distros, we're a lot more vulnerable than we like to believe.
- Muggins the MadYes, and god forbid they actually get it right. The free software world needs to snap out of it's smug "UNIX is secure" stance and do something to bring it into this millenium. I want to run executables from random places. As part of my job I actually need to. I don't currently have an OS where I can do that. I would hate for the first one that lets me to be from MS.
- Muggins the Mad
Unfortunately UNIX permissions are still woefully out of date. It doesn't really matter these days that malware can't reformat your drive. It can still send all your files out on the 'net, send a couple of million spam, and delete all your work.
Sun, bless their little evil hearts, actually got something right with the Java OS idea. (lots of other things wrong, but the security architecture was good).
We *really* need projects like SELinux, RSBAC, even LIDS to reach fruition so we can start building decent sandboxes. The higher end commercial UNIXen seem to be doing good things with ACLs and better privilege seperation, but we can't all run those.
And I mean built into common dists, not as some obscure kernel patch that breaks all your daemons :)
- Muggins the Mad
The problem in this case is that some viruses don't actually need email to propogate. This particular one just needs someone to open it and run it. Doesn't matter if it came in via FTP, Email, or Kazaa.
- Muggins the MadOk, to bring another level to it. Why is running an unknown executable dangerous?
It's pretty safe running unknown Java Applets in our browsers these days, barring the occasional VM bug. Why can't we run random executables without worrying that they'll delete everything/spam/etc.
Why the assumption that running a random executable is dangerous?
- Muggins the MadI think if people insist on running software that is vulnerable to these kinds of attacks then yes, you do need to stop these people using attachments completely.
If we do need to send files to each other as part of our business then surely that's a major feature that our application environment needs. If our chosen solution doesn't let us do that without an enormous amount of hassle and risk, then maybe it's time to make other tradeoffs and choose a client that does.
And if we have to choose between an email client with nice scheduling/calendaring and one that lets us receive file attachments safely, then that's a *decision* that must be made based on business needs. Which is more important to your task? Is there a way to have both? Will we accept the risk and hassle of virii to get nice calendaring, or will we use clumsier calendaring and have safe file attachments?
Only when people start making these conscious decisions en masse will we start seeing applications (including OS/hardware/whatever) that provide all the features we need to do our jobs.
The current climate of "how do we shore up the inadequacies of our chosen software?" isn't helping things improve.
Nice calendering *or* safe file attachments. Choose. If someone offers a product that does both. Cool. We all win.
- Muggins the Mad
This whole having to look "professional" thing really bugs me.
I really don't see the link between dressing in a suit and being *competent*. I don't comprehend it. And while I don't like tattoos and piercings, I can't understand that someone with a full body tattoo and a green mohawk is automatically considered incompetent and useless.
But in the corporate world it seems to be the way things are.
It's a sick world.
- Muggins the Mad
well after spending months waiting in drooling hope for the previous Buffy game only to find they changed their minds about a PS2 release and were only releasing on X-Box (I will never support the MS reign),
I have to not think about this one until I actually
see it on the shelves in a non-Xbox case.
- MugginsM
> Isn't Trusted Solaris basically just this? At an OS level, you associate trust levels that permeate throughout your network.
:)
I think this kind of approach is better than creating virtual machine sandboxes that still run the old weak UNIX security model. If someone 0wns your sandboxed apache, they can still likely cause
a DoS with it, or propogate worms, or pretty much anything really.
Good use of iptables and linux "capabilities" can help a lot with limiting what an application can do, but still don't go far enough, IMHO.
Look at projects like SELinux, LIDS, RSBAC, LOMAC
for examples of "free software" alternate security models.
And yeah, they're a pain for development, but then so is trying to program securely
- MugginsM
> I found an unprotected (i.e., no WEP, no MAC-address protection) WLAN and sucked down that file at over 200Kb/sec. Was I wrong to steal?"
If you'd done that using my (hypothetical) work connection, you'd have cost us somewhere around US$1 in straight volume charges.
So here, it'd be like stealing a dollar.
I think there needs to be some standard developed for advertising wireless services. Terms and conditions, etc. So if you run a public free-for-all service, people can feel confident using it. If you're not intending it to be used by others, it'd be fairly obvious.
Maybe the URL of a "terms and conditions" page could be served with the DHCP reply or something.
- Colin