I travel a lot, are you telling me I need a different email address for every location I visit? Imagine if you needed a different email address every time you left the basement! Oh wait, you probably never have, which is why you think what you do.
One way of handling this would be to have your machine perform an MX lookup to find out where to send the email. Rather than use a "smarthost". That might run into all sorts of problems with various anti-spam systems which have the effect of forcing people to use smarthosts. Even though smarthosts are actually something of a hack when it comes to the SMTP protocol. The other way would be to use a VPN so your laptop always appears to have the same IP address wherever it might actually be.
Also, how hard would it be for a black market in "trust points" to build up? Spammers could set up new SMTP servers, forward mail for a while, vouch for each other repeatedly, and then when enough points have been accumulated, blast all their spam out as quickly as possible. Any system that makes it hard to build trust would be unworkable as new mailservers would be excluded, and any system that makes it easy to build trust is open to gaming.
Unless you though about things very carefully then you might even end up with a situation where it was actually easier for spammers to get trust than legitimate service providers. Security is hard because there are always likely to be people who will look for a way around or a way to subvert things. If you have a situation where the "bad guys" are likely to cooperate and conspire whilst the "good guys" are attempting to compete the odds look a lot better for the "bad guys".
Right now, the best measure I can think of similar to yours is to verify that the actual 'from' in the SMTP itself is from an IP that's actually mentioned in an MX record for said server.
No doubt if you tried that you'd soon discover plenty of domains where different machines handle outgoing and incomming email. Some strange setups can easily result from corporate mergers, especially if the resultant company makes internal changes, but keeps trading under all its old brand names.
Who cares if someone sends junk faxes, the phone network is an open system and it's designed to indiscriminately deliver messages - making junk faxes illegal is a terrible idea. If you don't want wasted toner, just don't accept phone calls from every bozo on the phone system.
And yet, oddly, junk faxes are illegal, because they cause a significant amount of cost for the receiver. Just like junk email does.
IIRC in the US faking the CSID on a fax is also against the law. Even if the CLID is bogus.
The law won't [i]fix[/i] things, of course. Junk faxing still occurs. But it might help, if it's designed properly.
As well as being backed up by the appropriate enforcement. If the US were to end the "War of Drugs" they could create a "Spam Email and Fax Enforcement Agency" to replace the DEA.
Sorry but I loose hours a week to deleting spam even with filters.
The filters arn't free either
Times that by all the computer users affected and it's a massive loss of time.
In the process making email a much less useful communication tool. Especially if someone misses real email in amongst all the spam or the spammers attempts to evade filtering mean that legitimate email winds up being filtered.
Why should we loose millions of hours a week so he can hawk crap no one needs and 99% never respond to, he's playing a numbers game.
Why isn't law enforcement chasing these people down in the first place. A high proportion of spam appears to involve peddling things which are illegal (or in a way which is illegal) regardless of the method to sell them.
Let's say he stole a 100 million dollars in productivity? Not as rediculous as it sounds it was likely far more. If he stole a 100 million in gold would you say it wasn't that big a deal? Saying it's not the same thing isn't realistic because companies are loosing hundreds of millions to the flood of spam.
Which is probably a far more real loss than all the noise you hear about "Internet piracy".
Slapping them on the wrist isn't going to make the spam go away. We have to get out of this mindset that anything that happens on a computer is inherently good. If he hacked the FAA and caused a couple of airliners to crash by accident would it just be an honest mistake? He wasn't hacking but he was doing bad things with computers and he made millions doing it.
Sending spam often appears to involve a lot of hacking be it faking the sender address or using botnets. (Also the Internet has nothing equivalent to TCAS.) Someone considered a "hacker" might face a tougher sentence even if what they actually did is a lot less, e.g. Kevin Mitnick
>IRA violence is political, not religious.
It's just violence. Nutjobs will take whatever justification they can. They melded both catholicism and nationalism into their worldview. They both count as tribal groupings that foster violence.
Not that there is anything special about catholicism here. Politics hiding behind religion has been (and continues to be) used as justification for all sorts of acts of violence.
The cult of Scientology has a long and documented history of harassing critics. It's just prudent for your own safety and the safety of your family to keep your identity hidden. They also film the protest activities from their buildings and disguised surveillance vehicles so if you're not wearing a mask the Co$ will start a file on you, they have an entire agency that does this.
It might be interesting if the Anti-Defamation League were to find itself at odds with the CoS. If nothing else it would be good entertainment to watch two groups with a history of using similar tactics fighting with each other:)
Having spent too many hours dealing with increasingly bizarre authentication schemes at various web sites,
With the "ask lots of silly questions" approach (especially if they are obscure facts related to you). It's probably better if make up answers, so long as you can remember what you made up. A computer is unlikely to complain if you say that you went to school at the "Unseen University", your uncle's middle name is "Hermione", your grandmother is called "Bill Adama", etc.
No, sorry, that's just wrong. If the data is properly encrypted with a decent cipher using a key with sufficient entropy, you should assume it has not been compromised.
Also that the key must not be with the encrypted data.
The readers do not require a pulse. They do require some sort of moisture to activate the sensor, but a pulse is just bullshit. I'm responsible for replacing the damned things for a large laptop repair company and I also own a thinkpad with biometrics, so I can easily say that requiring a pulse is BS. Obtaining a pulse from the fingertip is near-impossible. You have to get to the second joint of the finger where the skin is thinner.
You might be able to get a pulse if you use the thumb.
What we have here is an organization that is losing in the distribution game. It used to be that casual piracy wasn't a big deal because it was inconvenient to try and copy a VHS tape. Now, it is super easy to duplicate *and* distribute it over the net.
With the "pirate version" in some ways being a better product than the official version. e.g. lacking DRM/region coding. No artificial geographic restrictions on supply.
At the same time, I can't remember the last time I ever directly benefited from the work of the fire department. Oh wait, that's because I never have needed their services. Yes, I would have no problem paying for the service when I actually need it.
How do you know that you have not indirectly benefited from your fire service? Do they exclusivly fight fires or these people also provide fire prevention information and investigate the causes of fires?
DRM has failed because it annoyed publishers as much as pirates, if not more.
DRM is to all intents and purposes hacked about cryptography. Thing is that encryption works if you trust the intended recipient with the "plain text". The hacking bit with DRM is to try and obscure that you give someone you don't trust a cipher machine and a set of keys.
As it stands, one of the first things Bush / Cheney did when they took control was to pass the Medical Privacy Act. Perhaps the most ironic aspect of this law is that it opens patients' private medical records for scrutiny by ALL insurance companies.
So does that mean that if you start an insurance company in the US you can look at Bush and Cheney's medical records? (Even if what you create is an entirely "paper" company without any employees or customers.)
So New York citizens should also sue over the WTC attacks?
Considering that the US Government has sections specifically tasked with protecting people from air attacks that probably isn't a bad idea. Specifically the USAF, FAA and whatever NORAD has mutated into.
Agreed. It's a circle of violence that is not restricted to one side, and the only way to break it is for one side to just stop. Unfortunately, the Palestinian side is probably too disorganised to commonly decide on anything. That means the only hope is for Israel to stop it, but I'm not too hopeful that will happen.
Even if the Israeli government were to stop unilatery there would still be Israeli terrorists. Though these might well target both Palestinians and the Israeli government. There are considerably more than two "sides" involved here.
Gladly - take yourself and your children (ok I'm making a big assumption here, this being/.) and go live in Sderot for even just one week.. send your kids to school every day while you go out to work in a local business.
Should they do this before or after spending a week in Gaza City? We are talking about a part of the planet which has been in a state of war for some considerable time. Depending when you want to consider the "start" this could be in excess of 80 years.
think to yourself - these are just harmless "fireworks" (as many terrorist apologists call them)
In comparison with the Israeli weapons they might as well be. It's not like any Palestinian can drop hundreds of kilos of high explosive on any Israeli without any opposition. The Israeli apologists also appear to have a special language of their own.
In 1948 the state of Israel had existed for 12 months, after a declaration by the British that Arab land was now going to be called "Israel".
It's a little more complex that that. A partition plan had been drawn up by the UN (which probably never had the authority to do so in the first place). The obvious problem was that this gave more that half of the land to a minority of the people there. So it's hardly a suprise that this wasn't acceptable to the Palestinians. The British left, after a Zionist terrorist attack and the Zionists unilaterally declared that "Israel" existed.
Calling Arab armies going to Israel in 1948 an "invasion" is a little silly. You can't invade land that you owned 12 months earlier that was forcibly and arbitrarily taken from you.
Actually you probably can. "Operation Overlord" is called an "invasion", which would probably be the closest to what is often claimed to have happened here...
The residents of Sderot have every right to expect their government to protect them and if the government is refusing to take any preventative action, while over 7,000 rockets have fallen on the town, then suing the government seems a very reasonable action.
Effectivly their government isn't doing what they are being paid to do.
To pre-empt the comments that will follow, it's not relevant to point out Israeli action in Gaza and get into a debate over whether it's justified or not - this topic is about residents of Sderot taking completely non-violent, legal action, over repeated aggressive and violent attacks from a neighbouring region.
It may be highly relevent e.g. if the attacks on Gaza are resulting in more rockets being fired at Sderot or the Isareli government has chosen to place military targets in or near to Sderot.
Well, if you're in Israel you apparently can sue. In the USA the Second Amendment allows you to own your own laser cannon but the government is not required to buy one for you.
With the added irony that if the Israelis do deploy these it'll most likely be the US paying the bill.
The money thing is a good point. Going on with that (in spite of Hamas' explicit statements about how they would be spending the money) could have been interesting...
Yet somehow it isn't a problem when Israel spends money given to them by the US on weapons. Even when Israel kills US citzens! The way the US behaves here just makes little sense.
There'd likely be a lot more public outrage over it. I mean, just think about it: Bombs, explosions, violence! The media would have a field day with it, and the public would know about it, and politicians and law enforcement would be pressured to do something about it.
Media (at least outside of "web only") together with politicians and law enforcement would have to deal with the fact that they have been treating terrorism as exclusivly something to do with Islam for most of this decade. Even to the point of downplaying ignoring Jewish and Christian terrorists, who are likely to have a lot more in common with Islamic ones than anyone connected with Scientology. By choosing to misrepresent terrorist these people have painted themselves into a corner.
Posting disparaging comments online is analogous to meeting in a library and making disparaging comments. The latter is protected by the Bill of Rights under the Freedom of Assembly. The former should be protected by the same bill.
Also it may well be possible for someone to attend a public meeting and make all sorts of comments without identifying oneself. Indeed censoring anonyomous speakers might be considered a form of argumentum ad hominem.
And besides... anonymous posts online can technically be traced back to an IP address and that can be traced to a specific computer with a specific location and knowing the time can aid you to determine a specific person. Thus, the notion that anonymous cowards are truly anonymous is flawed. So if somebody posts something truly, then the coward can be traced and identified so criminal charges can be pressed.
At least in theory. The entertainments industry appears to be finding out the hard way that it isn't always easy in practice.
Slashdot Mirror
I travel a lot, are you telling me I need a different email address for every location I visit? Imagine if you needed a different email address every time you left the basement! Oh wait, you probably never have, which is why you think what you do.
One way of handling this would be to have your machine perform an MX lookup to find out where to send the email. Rather than use a "smarthost". That might run into all sorts of problems with various anti-spam systems which have the effect of forcing people to use smarthosts. Even though smarthosts are actually something of a hack when it comes to the SMTP protocol. The other way would be to use a VPN so your laptop always appears to have the same IP address wherever it might actually be.
Also, how hard would it be for a black market in "trust points" to build up? Spammers could set up new SMTP servers, forward mail for a while, vouch for each other repeatedly, and then when enough points have been accumulated, blast all their spam out as quickly as possible. Any system that makes it hard to build trust would be unworkable as new mailservers would be excluded, and any system that makes it easy to build trust is open to gaming.
Unless you though about things very carefully then you might even end up with a situation where it was actually easier for spammers to get trust than legitimate service providers. Security is hard because there are always likely to be people who will look for a way around or a way to subvert things. If you have a situation where the "bad guys" are likely to cooperate and conspire whilst the "good guys" are attempting to compete the odds look a lot better for the "bad guys".
Right now, the best measure I can think of similar to yours is to verify that the actual 'from' in the SMTP itself is from an IP that's actually mentioned in an MX record for said server.
No doubt if you tried that you'd soon discover plenty of domains where different machines handle outgoing and incomming email. Some strange setups can easily result from corporate mergers, especially if the resultant company makes internal changes, but keeps trading under all its old brand names.
Who cares if someone sends junk faxes, the phone network is an open system and it's designed to indiscriminately deliver messages - making junk faxes illegal is a terrible idea. If you don't want wasted toner, just don't accept phone calls from every bozo on the phone system.
And yet, oddly, junk faxes are illegal, because they cause a significant amount of cost for the receiver. Just like junk email does.
IIRC in the US faking the CSID on a fax is also against the law. Even if the CLID is bogus.
The law won't [i]fix[/i] things, of course. Junk faxing still occurs. But it might help, if it's designed properly.
As well as being backed up by the appropriate enforcement. If the US were to end the "War of Drugs" they could create a "Spam Email and Fax Enforcement Agency" to replace the DEA.
Sorry but I loose hours a week to deleting spam even with filters.
The filters arn't free either
Times that by all the computer users affected and it's a massive loss of time.
In the process making email a much less useful communication tool. Especially if someone misses real email in amongst all the spam or the spammers attempts to evade filtering mean that legitimate email winds up being filtered.
Why should we loose millions of hours a week so he can hawk crap no one needs and 99% never respond to, he's playing a numbers game.
Why isn't law enforcement chasing these people down in the first place. A high proportion of spam appears to involve peddling things which are illegal (or in a way which is illegal) regardless of the method to sell them.
Let's say he stole a 100 million dollars in productivity? Not as rediculous as it sounds it was likely far more. If he stole a 100 million in gold would you say it wasn't that big a deal? Saying it's not the same thing isn't realistic because companies are loosing hundreds of millions to the flood of spam.
Which is probably a far more real loss than all the noise you hear about "Internet piracy".
Slapping them on the wrist isn't going to make the spam go away. We have to get out of this mindset that anything that happens on a computer is inherently good. If he hacked the FAA and caused a couple of airliners to crash by accident would it just be an honest mistake? He wasn't hacking but he was doing bad things with computers and he made millions doing it.
Sending spam often appears to involve a lot of hacking be it faking the sender address or using botnets. (Also the Internet has nothing equivalent to TCAS.)
Someone considered a "hacker" might face a tougher sentence even if what they actually did is a lot less, e.g. Kevin Mitnick
I don't think he should be killed or raped, but he should be put away for more than a year.
In which case the most appropriate US prison for him would probably be Camp X-Ray.
>IRA violence is political, not religious.
It's just violence. Nutjobs will take whatever justification they can. They melded both catholicism and nationalism into their worldview. They both count as tribal groupings that foster violence.
Not that there is anything special about catholicism here. Politics hiding behind religion has been (and continues to be) used as justification for all sorts of acts of violence.
The cult of Scientology has a long and documented history of harassing critics. It's just prudent for your own safety and the safety of your family to keep your identity hidden. They also film the protest activities from their buildings and disguised surveillance vehicles so if you're not wearing a mask the Co$ will start a file on you, they have an entire agency that does this.
:)
It might be interesting if the Anti-Defamation League were to find itself at odds with the CoS. If nothing else it would be good entertainment to watch two groups with a history of using similar tactics fighting with each other
Having spent too many hours dealing with increasingly bizarre authentication schemes at various web sites,
With the "ask lots of silly questions" approach (especially if they are obscure facts related to you). It's probably better if make up answers, so long as you can remember what you made up. A computer is unlikely to complain if you say that you went to school at the "Unseen University", your uncle's middle name is "Hermione", your grandmother is called "Bill Adama", etc.
No, sorry, that's just wrong. If the data is properly encrypted with a decent cipher using a key with sufficient entropy, you should assume it has not been compromised.
Also that the key must not be with the encrypted data.
The readers do not require a pulse. They do require some sort of moisture to activate the sensor, but a pulse is just bullshit. I'm responsible for replacing the damned things for a large laptop repair company and I also own a thinkpad with biometrics, so I can easily say that requiring a pulse is BS. Obtaining a pulse from the fingertip is near-impossible. You have to get to the second joint of the finger where the skin is thinner.
You might be able to get a pulse if you use the thumb.
What we have here is an organization that is losing in the distribution game. It used to be that casual piracy wasn't a big deal because it was inconvenient to try and copy a VHS tape. Now, it is super easy to duplicate *and* distribute it over the net.
With the "pirate version" in some ways being a better product than the official version. e.g. lacking DRM/region coding. No artificial geographic restrictions on supply.
At the same time, I can't remember the last time I ever directly benefited from the work of the fire department. Oh wait, that's because I never have needed their services. Yes, I would have no problem paying for the service when I actually need it.
How do you know that you have not indirectly benefited from your fire service? Do they exclusivly fight fires or these people also provide fire prevention information and investigate the causes of fires?
DRM has failed because it annoyed publishers as much as pirates, if not more.
DRM is to all intents and purposes hacked about cryptography. Thing is that encryption works if you trust the intended recipient with the "plain text". The hacking bit with DRM is to try and obscure that you give someone you don't trust a cipher machine and a set of keys.
As it stands, one of the first things Bush / Cheney did when they took control was to pass the Medical Privacy Act. Perhaps the most ironic aspect of this law is that it opens patients' private medical records for scrutiny by ALL insurance companies.
So does that mean that if you start an insurance company in the US you can look at Bush and Cheney's medical records? (Even if what you create is an entirely "paper" company without any employees or customers.)
It's time to drop the idea of the government being somehow separate from the people and grant all citizens access to all governmental information.
Or maybe make it very difficult for people to be career politicans, thus preventing the creation of a patrician class.
So New York citizens should also sue over the WTC attacks?
Considering that the US Government has sections specifically tasked with protecting people from air attacks that probably isn't a bad idea. Specifically the USAF, FAA and whatever NORAD has mutated into.
Agreed. It's a circle of violence that is not restricted to one side, and the only way to break it is for one side to just stop. Unfortunately, the Palestinian side is probably too disorganised to commonly decide on anything. That means the only hope is for Israel to stop it, but I'm not too hopeful that will happen.
Even if the Israeli government were to stop unilatery there would still be Israeli terrorists. Though these might well target both Palestinians and the Israeli government. There are considerably more than two "sides" involved here.
Gladly - take yourself and your children (ok I'm making a big assumption here, this being /.) and go live in Sderot for even just one week.. send your kids to school every day while you go out to work in a local business.
Should they do this before or after spending a week in Gaza City? We are talking about a part of the planet which has been in a state of war for some considerable time. Depending when you want to consider the "start" this could be in excess of 80 years.
think to yourself - these are just harmless "fireworks" (as many terrorist apologists call them)
In comparison with the Israeli weapons they might as well be. It's not like any Palestinian can drop hundreds of kilos of high explosive on any Israeli without any opposition. The Israeli apologists also appear to have a special language of their own.
In 1948 the state of Israel had existed for 12 months, after a declaration by the British that Arab land was now going to be called "Israel".
It's a little more complex that that. A partition plan had been drawn up by the UN (which probably never had the authority to do so in the first place). The obvious problem was that this gave more that half of the land to a minority of the people there. So it's hardly a suprise that this wasn't acceptable to the Palestinians. The British left, after a Zionist terrorist attack and the Zionists unilaterally declared that "Israel" existed.
Calling Arab armies going to Israel in 1948 an "invasion" is a little silly. You can't invade land that you owned 12 months earlier that was forcibly and arbitrarily taken from you.
Actually you probably can. "Operation Overlord" is called an "invasion", which would probably be the closest to what is often claimed to have happened here...
The residents of Sderot have every right to expect their government to protect them and if the government is refusing to take any preventative action, while over 7,000 rockets have fallen on the town, then suing the government seems a very reasonable action.
Effectivly their government isn't doing what they are being paid to do.
To pre-empt the comments that will follow, it's not relevant to point out Israeli action in Gaza and get into a debate over whether it's justified or not - this topic is about residents of Sderot taking completely non-violent, legal action, over repeated aggressive and violent attacks from a neighbouring region.
It may be highly relevent e.g. if the attacks on Gaza are resulting in more rockets being fired at Sderot or the Isareli government has chosen to place military targets in or near to Sderot.
Well, if you're in Israel you apparently can sue. In the USA the Second Amendment allows you to own your own laser cannon but the government is not required to buy one for you.
With the added irony that if the Israelis do deploy these it'll most likely be the US paying the bill.
What do you do when the Palestinians figure out how to make rockets that can hit all of Israel?
It would indicate progress, of a sort. Since it would mean that the Zionists had finally decided where to draw the borders of "Israel".
The money thing is a good point. Going on with that (in spite of Hamas' explicit statements about how they would be spending the money) could have been interesting...
Yet somehow it isn't a problem when Israel spends money given to them by the US on weapons. Even when Israel kills US citzens!
The way the US behaves here just makes little sense.
There'd likely be a lot more public outrage over it. I mean, just think about it: Bombs, explosions, violence! The media would have a field day with it, and the public would know about it, and politicians and law enforcement would be pressured to do something about it.
Media (at least outside of "web only") together with politicians and law enforcement would have to deal with the fact that they have been treating terrorism as exclusivly something to do with Islam for most of this decade. Even to the point of downplaying ignoring Jewish and Christian terrorists, who are likely to have a lot more in common with Islamic ones than anyone connected with Scientology. By choosing to misrepresent terrorist these people have painted themselves into a corner.
Being linked to a literal act of terrorism would be the end of Scientology in the US.
Given that US authorities only appear to be concerned with terrorists connected with "the toilet" what would be the chances of that happening?
Posting disparaging comments online is analogous to meeting in a library and making disparaging comments. The latter is protected by the Bill of Rights under the Freedom of Assembly. The former should be protected by the same bill.
Also it may well be possible for someone to attend a public meeting and make all sorts of comments without identifying oneself. Indeed censoring anonyomous speakers might be considered a form of argumentum ad hominem.
And besides... anonymous posts online can technically be traced back to an IP address and that can be traced to a specific computer with a specific location and knowing the time can aid you to determine a specific person. Thus, the notion that anonymous cowards are truly anonymous is flawed. So if somebody posts something truly, then the coward can be traced and identified so criminal charges can be pressed.
At least in theory. The entertainments industry appears to be finding out the hard way that it isn't always easy in practice.