Just FYI, I asked Slashdot pretty much the same thing about a year ago. Got some interesting responses, but I still haven't found a good enough recommendation to pursue. Hope that helps...
Yes - truly annoying. (I wish I could tell some witty story about dialing Blofeld when I meant to dial Bond, but alas I have none.) There have been other firmware bugs like that over time that I've just come to accept.
Yes - notice how many devices are on that page? Sure would be nice if a geek with experience making them work could recommend one, thus my Ask submission.
There are numerous hints floating around on how to disable Spotlight. I did this on a slower Powerbook, and it worked, actually making Tiger feel as fast as I would have expected with a major OS upgrade. I *really* like Spotlight, but that hardware was suffering at its hands.
Here's some research my company put together on why PostgreSQL is better (for us, and for web app development, anyway) than MySQL and others. We couldn't find any such comparison in existence when we looked, so I hope it's useful to someone, and we certainly welcome comments.
Hi Wil. I know you're not about dwelling in the past when it comes to your acting career, but I did want to say that I think "Young Harry Houdini" is an oft-overlooked film that you should be very proud of. Okay, so maybe I was only like 10 when I saw it, but as an amateur magician it really had an effect on me, and I thank you for your role in it.
A related question then: What advice can you give (beyond saying "be born with raw talent") to folks like yourself who see themselves as creative types with an interest in acting, writing, speaking - the public arts, if you will - but who also don't want to tread the over-worn path of mainstream media and every other Hollywood actor-wannabe? You seem to have done an exceptional job being a part of the underculture - sci-fi TV, self-publishing, blogging, small theater, etc., so it would seem you have some insight into how to participate in these arts without becoming corrupted by the process of getting involved.
If you can't, this is sort of a mischevious way of doing it, but one that can work well in a pinch. Get your basic requirements down in writing (bandwidth, OS and app software, server requirements, disk space, backup scheme, etc.) and then contact one of the high-end services like Rackspace to ask for a proposal for their services based on those requirements. In the resulting conversations, you'll learn a lot about what kind of infrastructure is "standard" (on the high end anyway), what kinds of costs could be involved, and you'll get what is practically a checklist for what you should consider setting up on your own. Whether or not you use the high-end service or go off and set up your own homegrown setup, you'll find yourself a lot more educated. (And then, of course, you should find ways to shuffle some paying business to the poor sales person whose time you wasted.)
Silas
Elite population of responders keeps spam alive?
on
Junkie Loves His Spam
·
· Score: 1
Wouldn't it be funny if some day we find out that there's some small population of people, maybe a few hundred around the world, who make up the bulk of spammer revenue and have thusly single-handedly kept the spamming phenomenon alive? Given that there's a similarly small group of spammers that account for most of the spam traffic out there, it wouldn't surprise me.
Maybe we should track those people down, compile their name on a list, and sell that to the spammers for $0.01 on the condition -- no, with the extra added benefit for them -- that they not send to anyone else ever again. Why would they bother, if they can get the same revenue as before without all the overhead?
We now return you to your regularly programmed reality...
I wonder if it's less overhead for Apple to do it this way. When I buy a song with my credit card from the store directly, some small percentage of the $0.99 must be going towards credit card fees, etc. When they do it through retail vendors like McDonalds and Pepsi, they probably get a fat (overhead-free) check from those folks, who in turn absorb the overhead of collecting that cash.
Sure, there are other costs invovlved in managing that kind of program, but if Apple sets it up well, they could actually be increasing their profit by making the retail vendors pay for some of those costs.
1) Qmail doesn't follow convention. Forget inetd, DJB uses his own, goofy "tcpserver". Never mind any other services you have on the machine, and pray to god they don't conflict. You *can* get qmail to work with xinet.d, but good luck getting all the (much needed) features working, since with xinet.d you get an open mail relay by default.
You can use qmail with inetd if you want. But inetd is a potential security hazard; why would you complain about an alternative that improves that situation?
2) There are like 5 different programs, each with different user accounts (qmaild, qmaill, qmailp, qmialq, qmailr, qmails, vmail, etc) - all running from the same !@#!@ bin directory! Talk about confusing as !@#! hell when you want to audit permissions!
Have you ever used an operating system called "Linux"? Some people would say that it has some complexities to it, but most agree that those complexities are well worth the security, robustness, and highly configurable nature of the OS. If you want plug-and-play, you shouldn't be running a mail server.
3) Qmail has a truly hideous license. Yeah, it's "open source", but you can't redistribute changes!!?!
Yeah, when are they going to pass USA Patriot Act III that requires the license YOU like to be applied to every software package we all use?
4) If you want something decent (such as LDAP support,antivirus filtering or integration with SpamAssassin, etc.) you have to apply 57 god-knows patches to the "official" qmail source, and in just the right order to get everything working.
Agreed that the qmail source lacks a few key features that make it extendable in the way you might expect. Time to fix: 15 minutes to apply the right patches. A reason to not use qmail? Depends on what else you can do in 15 minutes.
5) The log format is different than sendmail's. While this is understandable, it means that all these neat reporting tools for sendmail can't be used.
Try saying this with a straight face to an IT decision maker: "We've chosen to avoid software package X because the log file output is different from other stuff we use."
6) Administering Sendmail on RH Linux is a breeze. up2date sendmail;/etc/rc.d/init.d/sendmail restart takes care of most of it.
See #2. I really am happy for you if you're happy with sendmail. But that's not an argument for others not to use qmail.
What is needed is a foolproof way of saying "I want this, please send it to me" and then being able to reject it safly without needing the other party to do it for you. For example: I send a message to cryto-gram, including a key. This key can then be used to send it to me, and I accept it...But then I realise that I don't want this anymore, and I simply remove the acceptance of this key in my own software...and it will be filtered away.
This can be done via TMDA, a whitelist-centric anti-spam package. You can create sender-based addresses so that the originating org has a direct pipe to you inbox, but that anyone else trying to use the address will have to confirm their identity first. You can remove that direct pipe at your leisure.
Guilty until proven innocent is not an effective way to stop spam. It merely shifts the inconvenience from you to someone who may be legitimately trying to contact you, and if they're like me, they may decide you're not worth contacting after all.
I disagree. When I sign up for a mailing list, I'm not insulted when the mailing list management software asks me to confirm my address, because I know that it's for a good reason: to prevent abuse or spam on the mailing list. It doesn't mean I'm guilty of anything, it just means I'm participating in a process that makes the service better.
You mentioned the scenario of answering an e-mail from someone and getting a confirm request. If someone using TMDA sent you an e-mail, you'd most likely already be on their whitelist...no confirmation necessary, no need to say "fuck it".
I realize that TMDA breaks the mold of the traditional e-mail model, where your inbox is open to anyone who wants to send you a message. 95% success rate and the constant nagging worry that a legitimate message might get hosed? Not for me.
I guess I would suggest that the knowledge that every message you receive is from a real person/legitimate sender (as opposed to the pseudo-reliability of filters based on message content) is well worth the very slight inconvenience to the small number of senders (6% in many cases) who have to confirm themselves. It sure has been in my case. I'm not saying TMDA will always be the best solution, but it's worth considering.
Re:Treating the symptoms, not the problem...
on
Plan for Spam, Version 2
·
· Score: 2, Informative
I'm really excited about all of the neat stuff happening with Bayesian filtering and related technologies, but I just wanted to put in a plug for TMDA, Tagged Message Delivery Agent, which uses a whitelist-centric strategy. Since I began using it, the amount of spam I have to look at is virtually at zero. If you haven't read about it yet, check it out.
I'm not making any claims about the details or the legitimacy of their business plan. With most issues like this, there are enough gray areas that it would be difficult to debate the merits without resorting to baseless speculation. I just wanted to point out that Napster's particular chronology doesn't have to be the fate of all P2P file sharing technologies, if we can correctly distinguish between the purpose of a given technology, and how it's actually used.
Sorry, they deserved to burn, and get replaced by something better and less oriented towards IP violations.
Saying that Napster was "oriented" towards IP violations is like saying the Internet as a whole is oriented towards distributing child porn. How technology is used is different from how it ought to be used, and one must distinguish between the two when discussing the merits of using technology at all.
It's really to bad that things ended this way. I'd suggested back in April '01 that they call it quits on their own before The Gub'ment made everything so difficult. Excerpt: Some things change our lives so significantly that they deserve better than to be trampled out of existence by the changing face of subtle bureaucratic oppression.
A bit dramatic perhaps, but I continue to think that they should have gone out with their proverbial heads held high, instead of after this miserable sequence of events...
Objective: to obtain a system administration position in a large IT department.
...
Experience: started learning System Administration about this time yesterday.
"Yeah, sure buddy, you're hired. Here's the root password and here's some old user accounts we need cleaned up. And would you mind replacing our sendmail install with qmail, we've been getting a bunch of calls lately from wackjobs screaming about some sort of "open relay" problem. Who knows...I'm sure you'll get that all figured out."
In rural Indiana, you don't always have space to have a whole room devoted to servers and network equipment, ya know?! But I was still surprised when I visited my former ISPs local point of presence - in one of their employee's one and only bathroom at his house. Photo here. Do some laundry, take a dump, watch some network traffic go by. Uh-huh.
I can't help but think that he is adding more proverbial wood to the very same fire that is burning him at the stake. IMHO, this statement would make many purchase decision makers wake up from their MSOFT induced coma and start to entertain the notion that maybe the geeks are right... maybe we actually should consider some alternatives to Microsoft!
I'm concerned that there's a more subtle and devious plan at work here. In recent months, MS has made several veiled concessions about the open source software movement and about Linux's market share. "Linux is our biggest worry." "Open source is enemy #1". "We're almost competing with Linux as we should."
*Maybe* (paranoid speculation follows), the strategy is to give OSS/Linux/etc. just enough of the limelight to put those entities on a seemingly level playing field with MS, and THEN go after them like rabid dogs.
In other words, right now, MS is having trouble fighting an enemy that they can't easily put a face on for the average corporate suit. If they raise that awareness & give shape to that face just enough so that their "torn" customer base knows what they're talking about, then they can get more bang for their buck when they attack.
Maybe their thinking is "the best way to get people to keep/start using Microsoft, is to let them taste a little of what open source/Linux has to offer, and THEN show them the benefits of staying with MS. It's easier to get folks to hate the new kid in town if the new kid seems cool at first and THEN lets you down bigtime.
Of course, all the OSS/Linux community has to do is whatever we've been doing. Microsoft is on the offensive, and while they may have a bigger, stronger team...they're showing up at the totally wrong playing field.
It's amazing how you can ramble when you're exhausted.
Slashdot Mirror
Those interested in this topic might also enjoy the book Welcome to the Machine Science, Surveillance, and the Culture of Control by Derrick Jensen and George Draffan. It's a thorough look at the cultural implications of all the tech and policies that go into the watching.
Silas
Yes - truly annoying. (I wish I could tell some witty story about dialing Blofeld when I meant to dial Bond, but alas I have none.) There have been other firmware bugs like that over time that I've just come to accept.
Yes - notice how many devices are on that page? Sure would be nice if a geek with experience making them work could recommend one, thus my Ask submission.
Caveat emptor. I don't use Mail.app, so I'm not affected by that; I'm sorry to hear that there's not a good solution for you.
Silas
You guys are still using 10.3.9? That's, like, soooo one week ago.
Silas
Hi Wil. I know you're not about dwelling in the past when it comes to your acting career, but I did want to say that I think "Young Harry Houdini" is an oft-overlooked film that you should be very proud of. Okay, so maybe I was only like 10 when I saw it, but as an amateur magician it really had an effect on me, and I thank you for your role in it.
A related question then: What advice can you give (beyond saying "be born with raw talent") to folks like yourself who see themselves as creative types with an interest in acting, writing, speaking - the public arts, if you will - but who also don't want to tread the over-worn path of mainstream media and every other Hollywood actor-wannabe? You seem to have done an exceptional job being a part of the underculture - sci-fi TV, self-publishing, blogging, small theater, etc., so it would seem you have some insight into how to participate in these arts without becoming corrupted by the process of getting involved.
Thanks!
Silas
Hire a consultant to do it right from the start.
If you can't, this is sort of a mischevious way of doing it, but one that can work well in a pinch. Get your basic requirements down in writing (bandwidth, OS and app software, server requirements, disk space, backup scheme, etc.) and then contact one of the high-end services like Rackspace to ask for a proposal for their services based on those requirements. In the resulting conversations, you'll learn a lot about what kind of infrastructure is "standard" (on the high end anyway), what kinds of costs could be involved, and you'll get what is practically a checklist for what you should consider setting up on your own. Whether or not you use the high-end service or go off and set up your own homegrown setup, you'll find yourself a lot more educated. (And then, of course, you should find ways to shuffle some paying business to the poor sales person whose time you wasted.)
Silas
Wouldn't it be funny if some day we find out that there's some small population of people, maybe a few hundred around the world, who make up the bulk of spammer revenue and have thusly single-handedly kept the spamming phenomenon alive? Given that there's a similarly small group of spammers that account for most of the spam traffic out there, it wouldn't surprise me.
Maybe we should track those people down, compile their name on a list, and sell that to the spammers for $0.01 on the condition -- no, with the extra added benefit for them -- that they not send to anyone else ever again. Why would they bother, if they can get the same revenue as before without all the overhead?
We now return you to your regularly programmed reality...
I wonder if it's less overhead for Apple to do it this way. When I buy a song with my credit card from the store directly, some small percentage of the $0.99 must be going towards credit card fees, etc. When they do it through retail vendors like McDonalds and Pepsi, they probably get a fat (overhead-free) check from those folks, who in turn absorb the overhead of collecting that cash.
Sure, there are other costs invovlved in managing that kind of program, but if Apple sets it up well, they could actually be increasing their profit by making the retail vendors pay for some of those costs.
If you want to argue that slowing destruction != reversing it, that would be a more reasonable point to make. But I believe we're in agreement.
You can use qmail with inetd if you want. But inetd is a potential security hazard; why would you complain about an alternative that improves that situation?
2) There are like 5 different programs, each with different user accounts (qmaild, qmaill, qmailp, qmialq, qmailr, qmails, vmail, etc) - all running from the same !@#!@ bin directory! Talk about confusing as !@#! hell when you want to audit permissions!
Have you ever used an operating system called "Linux"? Some people would say that it has some complexities to it, but most agree that those complexities are well worth the security, robustness, and highly configurable nature of the OS. If you want plug-and-play, you shouldn't be running a mail server.
3) Qmail has a truly hideous license. Yeah, it's "open source", but you can't redistribute changes!!?!
Yeah, when are they going to pass USA Patriot Act III that requires the license YOU like to be applied to every software package we all use?
4) If you want something decent (such as LDAP support,antivirus filtering or integration with SpamAssassin, etc.) you have to apply 57 god-knows patches to the "official" qmail source, and in just the right order to get everything working.
Agreed that the qmail source lacks a few key features that make it extendable in the way you might expect. Time to fix: 15 minutes to apply the right patches. A reason to not use qmail? Depends on what else you can do in 15 minutes.
5) The log format is different than sendmail's. While this is understandable, it means that all these neat reporting tools for sendmail can't be used.
Try saying this with a straight face to an IT decision maker: "We've chosen to avoid software package X because the log file output is different from other stuff we use."
6) Administering Sendmail on RH Linux is a breeze. up2date sendmail; /etc/rc.d/init.d/sendmail restart takes care of most of it.
See #2. I really am happy for you if you're happy with sendmail. But that's not an argument for others not to use qmail.
This can be done via TMDA, a whitelist-centric anti-spam package. You can create sender-based addresses so that the originating org has a direct pipe to you inbox, but that anyone else trying to use the address will have to confirm their identity first. You can remove that direct pipe at your leisure.
I disagree. When I sign up for a mailing list, I'm not insulted when the mailing list management software asks me to confirm my address, because I know that it's for a good reason: to prevent abuse or spam on the mailing list. It doesn't mean I'm guilty of anything, it just means I'm participating in a process that makes the service better.
You mentioned the scenario of answering an e-mail from someone and getting a confirm request. If someone using TMDA sent you an e-mail, you'd most likely already be on their whitelist...no confirmation necessary, no need to say "fuck it".
I realize that TMDA breaks the mold of the traditional e-mail model, where your inbox is open to anyone who wants to send you a message. 95% success rate and the constant nagging worry that a legitimate message might get hosed? Not for me.
I guess I would suggest that the knowledge that every message you receive is from a real person/legitimate sender (as opposed to the pseudo-reliability of filters based on message content) is well worth the very slight inconvenience to the small number of senders (6% in many cases) who have to confirm themselves. It sure has been in my case. I'm not saying TMDA will always be the best solution, but it's worth considering.
It sounds like you're using TMDA. Or, if you're not, you should be. :) Check out my related post on this story.
I'm really excited about all of the neat stuff happening with Bayesian filtering and related technologies, but I just wanted to put in a plug for TMDA, Tagged Message Delivery Agent, which uses a whitelist-centric strategy. Since I began using it, the amount of spam I have to look at is virtually at zero. If you haven't read about it yet, check it out.
I'm not making any claims about the details or the legitimacy of their business plan. With most issues like this, there are enough gray areas that it would be difficult to debate the merits without resorting to baseless speculation. I just wanted to point out that Napster's particular chronology doesn't have to be the fate of all P2P file sharing technologies, if we can correctly distinguish between the purpose of a given technology, and how it's actually used.
Saying that Napster was "oriented" towards IP violations is like saying the Internet as a whole is oriented towards distributing child porn. How technology is used is different from how it ought to be used, and one must distinguish between the two when discussing the merits of using technology at all.
A bit dramatic perhaps, but I continue to think that they should have gone out with their proverbial heads held high, instead of after this miserable sequence of events...
"Yeah, sure buddy, you're hired. Here's the root password and here's some old user accounts we need cleaned up. And would you mind replacing our sendmail install with qmail, we've been getting a bunch of calls lately from wackjobs screaming about some sort of "open relay" problem. Who knows...I'm sure you'll get that all figured out."
I just knew there was a punchline there that I was totally missing out on. Damn. Thanks for that. :)
In rural Indiana, you don't always have space to have a whole room devoted to servers and network equipment, ya know?! But I was still surprised when I visited my former ISPs local point of presence - in one of their employee's one and only bathroom at his house. Photo here. Do some laundry, take a dump, watch some network traffic go by. Uh-huh.
I'm concerned that there's a more subtle and devious plan at work here. In recent months, MS has made several veiled concessions about the open source software movement and about Linux's market share. "Linux is our biggest worry." "Open source is enemy #1". "We're almost competing with Linux as we should."
*Maybe* (paranoid speculation follows), the strategy is to give OSS/Linux/etc. just enough of the limelight to put those entities on a seemingly level playing field with MS, and THEN go after them like rabid dogs.
In other words, right now, MS is having trouble fighting an enemy that they can't easily put a face on for the average corporate suit. If they raise that awareness & give shape to that face just enough so that their "torn" customer base knows what they're talking about, then they can get more bang for their buck when they attack.
Maybe their thinking is "the best way to get people to keep/start using Microsoft, is to let them taste a little of what open source/Linux has to offer, and THEN show them the benefits of staying with MS. It's easier to get folks to hate the new kid in town if the new kid seems cool at first and THEN lets you down bigtime.
Of course, all the OSS/Linux community has to do is whatever we've been doing. Microsoft is on the offensive, and while they may have a bigger, stronger team...they're showing up at the totally wrong playing field.
It's amazing how you can ramble when you're exhausted.