DigitalGlobe is allowing use of its images "with credit to DigitalGlobe". So I'm tagging the images themselves, which should cut it. I suspect they're happy for the exposure. Could say the same for myself;-)
Fresh fruit and produce probably does move by truck (and you pay for it), but your boxed and canned goods move by rail. Spoilage in Del Monte tomato sauce is pretty low. There's a running joke about oatmeal running by slurry pipe (well, in some circles....).
Basically, you've got a hierarchy of shipping rates, most to least expensive being air, expedited ground (FedEx, UPS), local drayage, long-haul trucking, rail, barge, bulk maritime, and pipeline. The difference in cost very marked. The slower methods are best suited to bulk goods where it doesn't particularly matter what specific item you get, just how much (crude oil, grain, coal, lumber).
Costs are based on both fuel and labor costs. Rail crews run about 6 per train (IIRC), a 110 unit train can carry 400+ 40' containers (more in "SixPac" and related specialized configurations). The same load on trucks requires 200 drivers. A barge equals about 15 rail cars or 60 trucks. And a large container ship will handle thousands of containers. Comparative fuel requirements: 1 gallon gets you about 60 ton-miles by truck, 200 ton-miles by train, and 515 ton-miles by barge. Source.
That link includes a calculator so you can compare fuel costs. Assuming 1000 tons, 1000 miles, and $1.50/gal fuel costs. truck works out to $25,338, rail to $7,426, barge to $2,918. That excludes labor and capital costs, as well as insurance (cost of covering damaged shipments is a considerable expense).
In the early 1990s, Mid-Western droughts lead to historically low water levels on the Mississippi. One consequence was a tremendous increase in rail traffic as loads which would once have moved by barge went by rail. Great if you were a railroad, not so good for shippers and farmer.
The big development of the past three decades has been "intermodal" transport. Shipping containers to you and me. A container is filled at the factory in China, trucked to a rail point, trained to a shipyard, shipped to a US port, railed to a local delivery point, and trucked to local destination.
In practice, runs of < 300 miles tend to be cost-effective for truck, anything more, rail, and if a navigable waterway exists, ship.
Last I looked into it (about 15 years back) there were expedited intermodal cross-country tarrifs for 7-14 day delivery. Perhaps not "JIT", but useful for those who figure a rolling warehouse is useful (and railroads had to fight for years to get their boxcars back on time). Did a college research paper on the Japanese fresh broccoli market. That was crop from Salinas Valley, California, via refrigerated intermodal transport, to Japan, across 8,000 miles of ocean, in 14 days. Feasibly. Pretty impressive.
Not a railroader, but I've known a few pretty well.
Mind, it's got the uncanny valley problem after a fashion. It looks, sometimes a lot, like WinXP. But it's decidedly different in subtle (and not so subtle) ways. In balance, I'd think the result is more unsettling rather than less. You're better off with an environment that uses familiar motifs, but doesn't just ape another model.
There are a large number of desktops for Linux, and most of them are highly themable. KDE and GNOME are probably the leaders, and both are highly themeable. I found XFCE4 is really popular among kids (6-18), and prefer WindowMaker myself: clean, configurable, light, stable, and out of my face.
There are several, of which Taxpayer ID and Dun & Bradstreet (DUNS) numbers are the two best known, and cover either all registered corporations or the bulk of major US businesses (2.7 million per research). As business incorporation is handled at the state level (in the US), there are probably state corporation numbers as well. There's also the UNSPC, through the United Nations.
As you point out in a followup, there's no requirement that such identifiers be used in advertising, product packaging, or other communications. Sure, that would be somewhat useful, but....
...there are huge numbers of organizations not covered by such regimes (think sole proprietorships (my TID is my SSN)), overseas companies, and/or illegal operations. Believe me, as someone who's worked extensively in data tracking, the task of identifying and assigning IDs is decidedly nontrivial.
The other problem is this: IDs are cheap. It's trivial to generate various forms of identifiers, and even incorporating is a relatively minor expense against the possible benefits of such actions. Look at the huge number of corporate shell companies, particularly operating out of offshore "safe haven" states such as Hong Kong, the Bahamas, etc.
The problem of tracing corporate relationships and holdings is decidedly nontrivial, and is a major field of law practice. D&B do claim that D-U-N-S tracks families of companies, no idea how successful they are.
I actually managed to disable MSIE for a youth center's tech lab. Over 6 months with 340+ kids, nobody's got around it.
The problem is that all the standard "disabling" tricks (see Joe Barr's NewsForge article this past summer) just hide the interface, they don't actually disable MSIE's browsing capabilities. You can access it many different ways: type 'iexplore' in the 'Run' dialog, enter a URL into the Windows Explorer nav bar, Windows Media Player, and a whole bunch of apps which use MSIE for a help/file/web browser without checking system prefs.
The basic method is to point MSIE to a non-forwarding proxy (either real or nonexistant, though I had a real proxy set up). You need to make exceptions for any sites you absolutely, positively must access via MSIE (eg: Windows Update site). I had some antivirus software and other stuff to deal with as well. And you need to make sure the configuration is always on.
Above and beyond the minimal setup described above, what I did was install Cygwin on the 'doze boxes, used Cygwin's 'regtool' command line registry edit/query tool ('REG.EXE' in WinXP should also work, though IIRC it's either a Resource Kit exec and/or isn't on NT/2K), and had the relevant lines in my Samba server's LOGON.BAT file (netlogon share).
To make the experience a bit cleaner, I set up an IP-based vhost on a local Apache server, aliased an IP, and had that vhost serve up nothing but a page instructing users not to surf with MSIE.
Users were instructed to use Firefox rather than MSIE for browsing. Occasionally they'd end up on MSIE (usually one of the methods described above), and I'd explain that they shouldn't use it, because "it does bad things to your computer".
Not bulletproof, but you'd have to have someone intentionally changing their proxy settings on every logon to bypass this. With a web proxy (say, squid), you might also block based on user-agent strings or the like.
I'll write this up as a technical article, really, soon, I promise. Meantime, that's pretty much the method. As mentioned. none of the rugrats figured out how to bypass it, but there were only a few who might have been inclined to do that anyway.
There are 2000 working hours in a year, at 40 hours/day, 50 weeks/year. As Gates is an officer and presumably exempt, he isn't compensated directly for overtime.
$57.9b/56,000 hours = $1,033,928/hr.
Note that the bulk of his wealth came following Microsoft's IPO in 1986, and most of it in the past ten years -- 1994 - 2004, if you follow the stock price. For the past ten years, his hourly equivalent is closer to $2,895,000/hr. While running what is still an illegal monopoly with a long, long, long track record of ongoing abuses.
Those lawyers are working for peanuts. Ain't no money in justice.
Interestingly, "intangibles" (accountant-speak for intellectual property and related) is only $345 million. You'd think those Windows and Office sources were actually worth something. That's 0.7% of total valuation.
You omitted an option. 2.5: peer policing. Other networks deciding they're not going to put up with your sh*t and drop your packets. Viz: SPEWS, SpamCop, Spamhaus, etc.
SPEWS listed over 9 million Comcast IP addresses a few weeks ago due to ongoing mishandling of network abuse (the entry reads "Poster child of how not to run a broadband network company". This may have had some impact.
I've been going rounds myself with an indivdual manning a/16 for which no postmaster or abuse record exists, and IP WHOIS contacts fail. He still doesn't seem to understand just why this is a problem. However several of the issues were cleared up after customer mail started being blocked by sites referencing RFC-Ignorant.
on Thu, Feb 05, 2004 at 07:32:39PM -0000, NewsOnline (newsonline@bbc.co.uk) wrote:
Dear Sir
Thanks for your e-mail.
I have noted the points you made - as well as the vigorous debate on
Slashdot.org about this article.
Well, Stephen Evan's weekly "stateside" column is not a news story, but
an analytical look at major events and business trends in the United
States.
This isn't clear from the presentation of the article on your website.
Clearly denoting "news", "editorial", and "analysis" content is strongly
recommended.
Moreover, there has been more than one "analyst" with a clear axe to
grind, and/or affiliations with parties having significant financial
interests in the outcome of the dispute between Caldera/SCO and IBM, Red
Hat, Novell, and the other parties Caldera/SCO have threatened directly
or otherwise.
As maintainer of a website providing background on the case, I even had
one such individual (David Politis) who runs a regular "analysis" column
in a Utah newspaper, complain that he was outed as having a prior
relationship with Caldera/SCO. The fact of the matter is that he does
have a prior relationship, the relationship was in the period
immediately preceding the announcement of the lawsuit against IBM, and
Politis has written about the case both before and after his engagement,
with only one mention (September 15, 2003) that he has any interest in
the companies involved. I might add that his coverage of the case is
anything but balanced (unless you hail from Fox News, perhaps...).
If you'll see things from the perspective of those who have an admitted
bias toward GNU/Linux, in addition to a rather copious collection of
documented facts largely disputing any material claim made on the part
of Caldera/SCO, there's a decided distrust of those whose allies wield
$6 thousand million marketing and PR budgets. Or is it $8 thousand
million. It's _so_ hard to keep track.
It is, of course, debatable whether MyDoom/Novarg/Shimgapi was written
just to bring down the SCO website, or whether the installation of
spamming tools on numerous computers was an additional - or even the
main - motive.
It's certainly debatable.
If you wish to publish a piece of discussion or commentary debating whether
or not there is a motive on the part of those who favor GNU/Linux, those
who would see GNU/Linux tarnished, those who favor Caldera/SCO, or those
who would see Caldera/SCO tarnished, be my guest.
However, I have rather old-fashioned appreciation to have a little news
with my news, and to have that news, sir, consist of facts. Specific,
documented, substantial facts.
Evan's article, sir, contained no such facts.
The BBC owes a retraction.
That was not the point of Stephen's article.
In his piece he wanted to draw the attention of BBC News Online's
audience - many of whom are unlikely to know the ins and outs of the
Open Source debate - to the rapid spread of Linux as a commercial
application, SCO's attempts to cash in on this fact, and the deep
anger that SCO has caused within the Linux community through its legal
actions.
If this is the BBC's position, then I would advise you to make the
aforementioned fiction section an official rather than a covert section
post haste.
Stephen is not the first to draw the link between MyDoom and SCO's
actions over Linux - plenty of others have done that before, including
virus experts.
Boozy speculation of what might have been or what might be, sir, is not
news.
Tim Weber
Business Editor
BBC News Interactive - www.bbc.co.uk/businessnews
Stephen Evans's February 5 filing -- I can't tell if it's intended to be
commentary, news, or an original submission to the Beeb's hitherto
unknown short-story section -- makes wholly unwarranted and
unsubstantiated accusations against the free software and GNU/Linux
communities.
Evans's smear is in the same light as tarring all African-Americans on
account of the crimes of one, all Muslims on account of the terrorsism
of a few, or all Brits on account of their cooking.
It's certainly true that a large element of schadenfreude comes into
play when "The SCO Group", a/k/a Caldera Linux Systems, one of the first
distributors of a commercial GNU/Linux system, on its last legs as a
$10m and falling company, claims $50 thousand million dollars in damages
on the basis of a $4 million purchase and an avalanche of contradictory
statements and outright lies. Certainly Microsoft, whose software
defects have severeley compromised global Internet operations four times
in the past year, and remains an illegal, but unpunished, monopoly
(with, I'll note, ongoing EC investigations of Microsoft's European
activities), is unpopular to many.
Moreover: there's no indication that the MyDoom worm wasn't
commissioned by parties with an interest in making either the Utah or
Washington state dens of theives appear to be aggreived parties. This
certainly wouldn't be the first time an alleged "attack" has appeared at
a very opportune time for Caldera/SCO, nor that same has failed to take
well-known, accessible steps to avert the potential adverse effects of a
known-in-advance distributed denial of service attack, rather than
cueing the violins for a heartbreak tearjerk moment.
The BBC owes the GNU/Linux and free software communities an apology, its
readers, listeners, and viewers truthful rather than fabricated
reporting, and Mr. Evans a severe dressing down.
Trust me on this. My experiences were covered in AOL Bans Mail from DSL-Hosted Servers. My mom (after hours of trying to explain to her what's going on) got nowhere with AOL on this. They don't admit (at least to her understanding) of the blocking. And since the rejection occurs at connect time -- that's beforeany SMTP protocol has been transacted, there's no way for AOL to even determine who the recipient is and whether or not they'd like the blocking or not.
Spam with spoofed headers is generating challenges to your account. At best this is an annoyance. At worst, a Joe-job.
Spammers are faking C-R challenges to harvest legitimate, reachable, email addresses.
To those who've called these "legitimate" TMDA (or other) challenges: what is legitimate about sending unsolicited mail to the wrong person, merely because you've received unsolicited mail from someone else?
Last time this issue came up, I ran a check based on Alexa's top site listings, and Netcraft's assessment of what these sites were running.
Results. Of the top 100 English language sites,
there were: 44 GNU/Linux,
25 Microsoft Windows (NT, 2K, XP, 2K3),
13 Sun Solaris 8,
7 Sun Solaris,
4 unknown OS,
4 FreeBSD,
1 Sun Solaris 9,
1 Apple MacOSX, and
1 HP-UX operating systems.
Including viral mail in the definition of spam (and as unsolicited bulk email, it fits), it's not even a matter of paying for bandwidth. There are classes of service -- dialup, wireless, pager, etc., for which email simply becomes no longer useful.
At the peak of Swen, I was seeing, on a dialup account, 300+ MB of spam a day. That's over 20 hour download, just for mail, just to keep up. There are some POP filters and the like available, all are very approximate. Fortunately, I have alternatives (shell account on a broadband server).
Still, for Joe Average, basic Internet services are very nearly, if not already, unusable.
p
I normalized OS for all Windows systems, and trimmed the variants for webservers.
Results (partial as Netcraft query is still running):
Top 100 English Language Sites - OS
Total sites: 100
44 GNU/Linux
| 25 Microsoft Windows (NT, 2K, XP, 2K3)
| 13 Sun Solaris 8
| 7 Sun Solaris
| 4 unknown operating system
| 4 FreeBSD
| 1 Sun Solaris 9
| 1 Apple MacOSX
| 1 HP-UX
I would have posted a nicely formatted quasi-tabular post, but Slash is dinking me for short lines and syntactic sugar. So you get pipe-delimited. Bitch to Malda.
There are a few "true costs of spam" I'm seeing. One is as you point out, Balkanization (and I'm still stuck by the AOL issue, though at least I can mail by a secondary route). One is people cut off from other groups by arbitrary blacklisting policies. And yes, many of us (/me raises hand) cheered the same action when used against foreign ISPs with large spam volumes, though I still maintain that there's an important distinction between strongly prodding ISPs to clean up their act, and arbitrarially shutting out large portions of the 'Net.
Another is that the typical user is rapidly getting chased off the 'Net. Exposing your address anywhere is an instant invitation to not only spam, but viral spew, which in my experience is many times worse. Even on bad days, spam is ~150 messages. I've had 2000+ viruses at peak of Swen and SoBig, friends report far more. POP mail over dialup is simply impossible in this situation. Most of your inbound mail bounces because your inbox is full, and you spend all day downloading crap. SMTP-time, user-controlled, accountable, accurate, and effective spam and virus filtering is no longer optional. I've been trying to drill this point in to my brain-dead ISP. Usenet discussions in their forums have been obsessed with Swen.
This also means that the likelihood for people to engage in open discussions, under their real identities, is being harmed. On the debian-user and other mailing lists we've seen endless discussions over the past several weeks by people who participate and then get flooded by spam. The lesson: don't participate.
And anyone with well-advertised, long-established email addresses.... Peter G. Neuman of the comp.risks archive runs SpamAssassin over list mail and still has 90% spam in the list mail, after filtering.
I still have hopes that we can dig out of the situation. As others note: when high-up execs start losing messages, I suspect AT&T's policy will slacken. AOL, as I've said, hasn't budged, however. Filtering is still largely effective, it just needs to be pushed further out to the SMTP transaction level. And I suspect that AT&T has a good idea, poorly implemented: MTAs themselves can keep track of spam and ham (non-spam) mail, and determine what mailservers they do and don't want to deal with. Current work with exim4+spamassassin integration is a long way toward this.
Slashdot Mirror
DigitalGlobe is allowing use of its images "with credit to DigitalGlobe". So I'm tagging the images themselves, which should cut it. I suspect they're happy for the exposure. Could say the same for myself ;-)
AstroDab, nice concept. I've corrected the allignment and posted results here.
You're welcome to post these to your own site, crediting DigitalGlobe (as you should your own work) and myself.
Fresh fruit and produce probably does move by truck (and you pay for it), but your boxed and canned goods move by rail. Spoilage in Del Monte tomato sauce is pretty low. There's a running joke about oatmeal running by slurry pipe (well, in some circles....).
Basically, you've got a hierarchy of shipping rates, most to least expensive being air, expedited ground (FedEx, UPS), local drayage, long-haul trucking, rail, barge, bulk maritime, and pipeline. The difference in cost very marked. The slower methods are best suited to bulk goods where it doesn't particularly matter what specific item you get, just how much (crude oil, grain, coal, lumber).
Costs are based on both fuel and labor costs. Rail crews run about 6 per train (IIRC), a 110 unit train can carry 400+ 40' containers (more in "SixPac" and related specialized configurations). The same load on trucks requires 200 drivers. A barge equals about 15 rail cars or 60 trucks. And a large container ship will handle thousands of containers. Comparative fuel requirements: 1 gallon gets you about 60 ton-miles by truck, 200 ton-miles by train, and 515 ton-miles by barge. Source.
That link includes a calculator so you can compare fuel costs. Assuming 1000 tons, 1000 miles, and $1.50/gal fuel costs. truck works out to $25,338, rail to $7,426, barge to $2,918. That excludes labor and capital costs, as well as insurance (cost of covering damaged shipments is a considerable expense).
In the early 1990s, Mid-Western droughts lead to historically low water levels on the Mississippi. One consequence was a tremendous increase in rail traffic as loads which would once have moved by barge went by rail. Great if you were a railroad, not so good for shippers and farmer.
The big development of the past three decades has been "intermodal" transport. Shipping containers to you and me. A container is filled at the factory in China, trucked to a rail point, trained to a shipyard, shipped to a US port, railed to a local delivery point, and trucked to local destination.
In practice, runs of < 300 miles tend to be cost-effective for truck, anything more, rail, and if a navigable waterway exists, ship.
Last I looked into it (about 15 years back) there were expedited intermodal cross-country tarrifs for 7-14 day delivery. Perhaps not "JIT", but useful for those who figure a rolling warehouse is useful (and railroads had to fight for years to get their boxcars back on time). Did a college research paper on the Japanese fresh broccoli market. That was crop from Salinas Valley, California, via refrigerated intermodal transport, to Japan, across 8,000 miles of ocean, in 14 days. Feasibly. Pretty impressive.
Not a railroader, but I've known a few pretty well.
7Zip
Supported formats: 7z, ZIP, CAB, RAR, ARJ, GZIP, BZIP2, TAR, CPIO, RPM and DEB.
GUI or command-line. Self-extracting archives supported.
Just make a link. Really folks:
Even arbitrarially long URLs work: Say, a link to a Google search of spam I've submitted to NANAS, about 260 characters long.XPDE, for one.
Mind, it's got the uncanny valley problem after a fashion. It looks, sometimes a lot, like WinXP. But it's decidedly different in subtle (and not so subtle) ways. In balance, I'd think the result is more unsettling rather than less. You're better off with an environment that uses familiar motifs, but doesn't just ape another model.
There are a large number of desktops for Linux, and most of them are highly themable. KDE and GNOME are probably the leaders, and both are highly themeable. I found XFCE4 is really popular among kids (6-18), and prefer WindowMaker myself: clean, configurable, light, stable, and out of my face.
...for themselves, as Annie & Co. used to say.
Personally, I like The Register's formulation: "World+dog". Short, sweet, to the point, and non-sexually biased.
...though my cat objects ;-)
Got mine. Tenth birthday present, IIRC, and a quarter century (um, plus) later, it still works.
Unfortunately, Pentax cancelled the model in 1997, though used equipment should be available for the next several decades.
There are several, of which Taxpayer ID and Dun & Bradstreet (DUNS) numbers are the two best known, and cover either all registered corporations or the bulk of major US businesses (2.7 million per research). As business incorporation is handled at the state level (in the US), there are probably state corporation numbers as well. There's also the UNSPC, through the United Nations.
As you point out in a followup, there's no requirement that such identifiers be used in advertising, product packaging, or other communications. Sure, that would be somewhat useful, but....
...there are huge numbers of organizations not covered by such regimes (think sole proprietorships (my TID is my SSN)), overseas companies, and/or illegal operations. Believe me, as someone who's worked extensively in data tracking, the task of identifying and assigning IDs is decidedly nontrivial.
The other problem is this: IDs are cheap. It's trivial to generate various forms of identifiers, and even incorporating is a relatively minor expense against the possible benefits of such actions. Look at the huge number of corporate shell companies, particularly operating out of offshore "safe haven" states such as Hong Kong, the Bahamas, etc.
The problem of tracing corporate relationships and holdings is decidedly nontrivial, and is a major field of law practice. D&B do claim that D-U-N-S tracks families of companies, no idea how successful they are.
FYI, FOIA isn't free, though the fees are pretty nominal. $0.10/page, $18/hr, after the first 100 pages, with a significant educational discount.
The thought of having a spook do my photocopying for me just sounds.... Hrm. Ironic?
I actually managed to disable MSIE for a youth center's tech lab. Over 6 months with 340+ kids, nobody's got around it.
The problem is that all the standard "disabling" tricks (see Joe Barr's NewsForge article this past summer) just hide the interface, they don't actually disable MSIE's browsing capabilities. You can access it many different ways: type 'iexplore' in the 'Run' dialog, enter a URL into the Windows Explorer nav bar, Windows Media Player, and a whole bunch of apps which use MSIE for a help/file/web browser without checking system prefs.
The basic method is to point MSIE to a non-forwarding proxy (either real or nonexistant, though I had a real proxy set up). You need to make exceptions for any sites you absolutely, positively must access via MSIE (eg: Windows Update site). I had some antivirus software and other stuff to deal with as well. And you need to make sure the configuration is always on.
Above and beyond the minimal setup described above, what I did was install Cygwin on the 'doze boxes, used Cygwin's 'regtool' command line registry edit/query tool ('REG.EXE' in WinXP should also work, though IIRC it's either a Resource Kit exec and/or isn't on NT/2K), and had the relevant lines in my Samba server's LOGON.BAT file (netlogon share).
To make the experience a bit cleaner, I set up an IP-based vhost on a local Apache server, aliased an IP, and had that vhost serve up nothing but a page instructing users not to surf with MSIE.
Users were instructed to use Firefox rather than MSIE for browsing. Occasionally they'd end up on MSIE (usually one of the methods described above), and I'd explain that they shouldn't use it, because "it does bad things to your computer".
Not bulletproof, but you'd have to have someone intentionally changing their proxy settings on every logon to bypass this. With a web proxy (say, squid), you might also block based on user-agent strings or the like.
I'll write this up as a technical article, really, soon, I promise. Meantime, that's pretty much the method. As mentioned. none of the rugrats figured out how to bypass it, but there were only a few who might have been inclined to do that anyway.
According to the Bill Gates Personal Wealth Clock, Bill Gates's current wealth is $57.9b.
According to the Microsoft Museum timeline, Microsoft was founded 28 years ago.
There are 2000 working hours in a year, at 40 hours/day, 50 weeks/year. As Gates is an officer and presumably exempt, he isn't compensated directly for overtime.
$57.9b/56,000 hours = $1,033,928/hr.
Note that the bulk of his wealth came following Microsoft's IPO in 1986, and most of it in the past ten years -- 1994 - 2004, if you follow the stock price. For the past ten years, his hourly equivalent is closer to $2,895,000/hr. While running what is still an illegal monopoly with a long, long, long track record of ongoing abuses.
Those lawyers are working for peanuts. Ain't no money in justice.
Yes, Russ. The democratic process has always been one of the messier aspects of democracy.
Dictatorship keeps its messes tidily confined in killing fields and torture labs.
For corporations, it's the sales & marketing departments, and the executive suite, but same thing.
It's $52.7 billion in cash and short term investments. $62.4 billion in total current assets. Effectively cash and equivalents. Money that can be had now if necessary.
Interestingly, "intangibles" (accountant-speak for intellectual property and related) is only $345 million. You'd think those Windows and Office sources were actually worth something. That's 0.7% of total valuation.
You omitted an option. 2.5: peer policing. Other networks deciding they're not going to put up with your sh*t and drop your packets. Viz: SPEWS, SpamCop, Spamhaus, etc.
SPEWS listed over 9 million Comcast IP addresses a few weeks ago due to ongoing mishandling of network abuse (the entry reads "Poster child of how not to run a broadband network company". This may have had some impact.
I've been going rounds myself with an indivdual manning a /16 for which no postmaster or abuse record exists, and IP WHOIS contacts fail. He still doesn't seem to understand just why this is a problem. However several of the issues were cleared up after customer mail started being blocked by sites referencing RFC-Ignorant.
[Lightly edited for posting]
Tim, thanks for your email, To which I respond:
on Thu, Feb 05, 2004 at 07:32:39PM -0000, NewsOnline (newsonline@bbc.co.uk) wrote:
This isn't clear from the presentation of the article on your website. Clearly denoting "news", "editorial", and "analysis" content is strongly recommended.
Moreover, there has been more than one "analyst" with a clear axe to grind, and/or affiliations with parties having significant financial interests in the outcome of the dispute between Caldera/SCO and IBM, Red Hat, Novell, and the other parties Caldera/SCO have threatened directly or otherwise.
As maintainer of a website providing background on the case, I even had one such individual (David Politis) who runs a regular "analysis" column in a Utah newspaper, complain that he was outed as having a prior relationship with Caldera/SCO. The fact of the matter is that he does have a prior relationship, the relationship was in the period immediately preceding the announcement of the lawsuit against IBM, and Politis has written about the case both before and after his engagement, with only one mention (September 15, 2003) that he has any interest in the companies involved. I might add that his coverage of the case is anything but balanced (unless you hail from Fox News, perhaps...).
If you'll see things from the perspective of those who have an admitted bias toward GNU/Linux, in addition to a rather copious collection of documented facts largely disputing any material claim made on the part of Caldera/SCO, there's a decided distrust of those whose allies wield $6 thousand million marketing and PR budgets. Or is it $8 thousand million. It's _so_ hard to keep track.
It's certainly debatable.
If you wish to publish a piece of discussion or commentary debating whether or not there is a motive on the part of those who favor GNU/Linux, those who would see GNU/Linux tarnished, those who favor Caldera/SCO, or those who would see Caldera/SCO tarnished, be my guest.
However, I have rather old-fashioned appreciation to have a little news with my news, and to have that news, sir, consist of facts. Specific, documented, substantial facts.
Evan's article, sir, contained no such facts.
The BBC owes a retraction.
If this is the BBC's position, then I would advise you to make the aforementioned fiction section an official rather than a covert section post haste.
Boozy speculation of what might have been or what might be, sir, is not news.
[Original message snipped]Stephen Evans's February 5 filing -- I can't tell if it's intended to be commentary, news, or an original submission to the Beeb's hitherto unknown short-story section -- makes wholly unwarranted and unsubstantiated accusations against the free software and GNU/Linux communities.
Evans's smear is in the same light as tarring all African-Americans on account of the crimes of one, all Muslims on account of the terrorsism of a few, or all Brits on account of their cooking.
It's certainly true that a large element of schadenfreude comes into play when "The SCO Group", a/k/a Caldera Linux Systems, one of the first distributors of a commercial GNU/Linux system, on its last legs as a $10m and falling company, claims $50 thousand million dollars in damages on the basis of a $4 million purchase and an avalanche of contradictory statements and outright lies. Certainly Microsoft, whose software defects have severeley compromised global Internet operations four times in the past year, and remains an illegal, but unpunished, monopoly (with, I'll note, ongoing EC investigations of Microsoft's European activities), is unpopular to many.
Moreover: there's no indication that the MyDoom worm wasn't commissioned by parties with an interest in making either the Utah or Washington state dens of theives appear to be aggreived parties. This certainly wouldn't be the first time an alleged "attack" has appeared at a very opportune time for Caldera/SCO, nor that same has failed to take well-known, accessible steps to avert the potential adverse effects of a known-in-advance distributed denial of service attack, rather than cueing the violins for a heartbreak tearjerk moment.
The BBC owes the GNU/Linux and free software communities an apology, its readers, listeners, and viewers truthful rather than fabricated reporting, and Mr. Evans a severe dressing down.
Karsten M. Self
Maintainer, SCO vs IBM TWiki: http://sco.iwethey.org/
Trust me on this. My experiences were covered in AOL Bans Mail from DSL-Hosted Servers. My mom (after hours of trying to explain to her what's going on) got nowhere with AOL on this. They don't admit (at least to her understanding) of the blocking. And since the rejection occurs at connect time -- that's before any SMTP protocol has been transacted, there's no way for AOL to even determine who the recipient is and whether or not they'd like the blocking or not.
You don't have control of your email.
Challenge-response is considered harmful. Why? For precisely the reasons you're highlighting. Either:
To those who've called these "legitimate" TMDA (or other) challenges: what is legitimate about sending unsolicited mail to the wrong person, merely because you've received unsolicited mail from someone else?
Last time this issue came up, I ran a check based on Alexa's top site listings, and Netcraft's assessment of what these sites were running.
Results. Of the top 100 English language sites, there were: 44 GNU/Linux, 25 Microsoft Windows (NT, 2K, XP, 2K3), 13 Sun Solaris 8, 7 Sun Solaris, 4 unknown OS, 4 FreeBSD, 1 Sun Solaris 9, 1 Apple MacOSX, and 1 HP-UX operating systems.
Webservers were: 43 Apache, 26 Microsoft-IIS, 13 Netscape-Enterprise, 3 GWS, 3 AOLserver, 2 Zeus, 1 unknown, 1 thttpd, 1 Stronghold, 1 Squeegit, 1 Roxen, 1 Resin, 1 Rediff, 1 Bellsouth PWP server, 1 AV, and 1 Apache Tomcat.
If you like tabular layouts and want to see methods and scripts (Slashdot's crapfilter prevents this), look here.
Point: for high-volume sites, Linux or FreeBSD and Apache are preferred 2:1 over Microsoft solutions.
SPF. Several proposals have been rolled up in this, under ASRG, including SPF, RMX, DMP, and related proprosals.
Including viral mail in the definition of spam (and as unsolicited bulk email, it fits), it's not even a matter of paying for bandwidth. There are classes of service -- dialup, wireless, pager, etc., for which email simply becomes no longer useful.
At the peak of Swen, I was seeing, on a dialup account, 300+ MB of spam a day. That's over 20 hour download, just for mail, just to keep up. There are some POP filters and the like available, all are very approximate. Fortunately, I have alternatives (shell account on a broadband server).
Still, for Joe Average, basic Internet services are very nearly, if not already, unusable. p
Good point. So I ran some numbers for the top 100 English, and top 500 global, sites identified by Alexa
After collecting the list of sites, I ran them through the Netcraft What's That Site Running query page.
I normalized OS for all Windows systems, and trimmed the variants for webservers.
Results (partial as Netcraft query is still running):
Top 100 English Language Sites - OS
Total sites: 100
44 GNU/Linux | 25 Microsoft Windows (NT, 2K, XP, 2K3) | 13 Sun Solaris 8 | 7 Sun Solaris | 4 unknown operating system | 4 FreeBSD | 1 Sun Solaris 9 | 1 Apple MacOSX | 1 HP-UX
Top 100 English Language Sites - Webserver
Total sites: 100
43 Apache | 26 Microsoft-IIS | 13 Netscape-Enterprise | 3 GWS | 3 AOLserver | 2 Zeus | 1 unknown | 1 thttpd | 1 Stronghold | 1 Squeegit | 1 Roxen | 1 Resin | 1 Rediff | 1 Bellsouth PWP server V1.0(4) | 1 AV | 1 Apache Tomcat
Top 500 Global Sites - OS
Total sites: 418
154 GNU/Linux | 101 Microsoft Windows (NT, 2K, XP, 2K3) | 43 Sun Solaris | 30 FreeBSD | 27 Sun Solaris 8 | 25 unknown | 3 Solaris 9 | 3 IBM AIX | 2 NetApp NetCache | 2 Compaq Tru64 | 1 Apple MacOSX | 1 HP-UX
Top 500 Global Sites - Webserver
Total sites: 421
177 Apache | 111 Microsoft-IIS | 43 Netscape-Enterprise | 12 GWS | 8 Zeus | 6 unknown | 4 thttpd | 4 Stronghold | 3 Resin | 3 AOLserver | 2 IBM_HTTP_SERVER | 2 AV | 2 Apache Tomcat | 2 Apache Coyote | 2 Apache-AdvancedExtranetServer | 1 Y.G.Apache-SSLv3 | 1 Virgilio (c) WebServer | 1 .V08 Apache
| 1 T-httpd
| 1 Squeegit
| 1 Roxen
| 1 Rediff
| 1 Oracle9iAS (1.0.2.2) Containers for J2EE
| 1 Jetty
| 1 IIS
| 1 IBM_HTTP_Server
| 1 Bellsouth PWP server V1.0(4)
| 1 AkamaiGHost
I would have posted a nicely formatted quasi-tabular post, but Slash is dinking me for short lines and syntactic sugar. So you get pipe-delimited. Bitch to Malda.
Ain't that the truth.
There are a few "true costs of spam" I'm seeing. One is as you point out, Balkanization (and I'm still stuck by the AOL issue, though at least I can mail by a secondary route). One is people cut off from other groups by arbitrary blacklisting policies. And yes, many of us (/me raises hand) cheered the same action when used against foreign ISPs with large spam volumes, though I still maintain that there's an important distinction between strongly prodding ISPs to clean up their act, and arbitrarially shutting out large portions of the 'Net.
Another is that the typical user is rapidly getting chased off the 'Net. Exposing your address anywhere is an instant invitation to not only spam, but viral spew, which in my experience is many times worse. Even on bad days, spam is ~150 messages. I've had 2000+ viruses at peak of Swen and SoBig, friends report far more. POP mail over dialup is simply impossible in this situation. Most of your inbound mail bounces because your inbox is full, and you spend all day downloading crap. SMTP-time, user-controlled, accountable, accurate, and effective spam and virus filtering is no longer optional. I've been trying to drill this point in to my brain-dead ISP. Usenet discussions in their forums have been obsessed with Swen.
This also means that the likelihood for people to engage in open discussions, under their real identities, is being harmed. On the debian-user and other mailing lists we've seen endless discussions over the past several weeks by people who participate and then get flooded by spam. The lesson: don't participate.
And anyone with well-advertised, long-established email addresses.... Peter G. Neuman of the comp.risks archive runs SpamAssassin over list mail and still has 90% spam in the list mail, after filtering.
I still have hopes that we can dig out of the situation. As others note: when high-up execs start losing messages, I suspect AT&T's policy will slacken. AOL, as I've said, hasn't budged, however. Filtering is still largely effective, it just needs to be pushed further out to the SMTP transaction level. And I suspect that AT&T has a good idea, poorly implemented: MTAs themselves can keep track of spam and ham (non-spam) mail, and determine what mailservers they do and don't want to deal with. Current work with exim4+spamassassin integration is a long way toward this.
And yes, I'm the submitter of the AOL Bans Mail From DSL-Hosted Servers story.
It offers multiple modes of infection, including email and Usenet (as a trojan), but also as a self-propogating worm via fileshare, Kazaa, and IRC.
RTFVD