When big isps only accept mail from servers registered in the.mail tld, then that takes away my ability to run my own mailserver for my own private domains. How do you mean nothing is taken away from the end user.
It does not take away your ability to run your own mail server. You can still run it on your private network... or maybe to communicate with systems run by people who trust you to not misuse an obsolete protocol. But nothing currently says that my mail server (or that of my ISP) has to talk to yours, especially if you don't take sufficient measures to differentiate yourself from joe spammer.
Are you willing to bet a large amount of money (or jail time) that your computer will *never* be compromised.
You do this every time you drive a car. Brakes fail. All drivers have some probability of human error. That's one of the reasons people buy liability insurance.
If you compare to cars, you'd have to say that you're responsible for what happens to your car even if it's been sabotaged.
If there was a high probability that terrorists were cutting brake lines in your neighborhood, and you ignored puddles of brake fluid under your car...
Now, I do realize, fully, that I agreed to this condition as part of the purchase.
If you lie, then it's not a spam problem. It's fraud, committed by you. If you check the "I want to get email" box (and I've got your settled payment to prove it), and then report my email as spam, I should be able to sue you to pay for the full cost of cleaning up any blacklisting of my servers. If you don't want email, don't use the ecommerce site, or read the fine print and don't check to box, or take your business somewhere else.
Sheesh, I've had people buy a software license key, reject the email containing thay key, demand a refund, and then reject the email containing the offer of a refund.
Block port 25, period. There, you just fixed the problem.
If it's a zombie problem you haven't fixed the fact there is still an intruder on your internal net.
You should kill the students net connection until after they clean up their PC, pay a fine, take a safe surfing course, stand in the student center chanting "I am an idiot" 100 times, etc...
how about immediately imposing an injunction on Microsoft making it illegal to sell their products in Europe until they comply with the EU's terms. I think this is the only way to get them to change their corporate behavior.
Tough beans. In some jurisdictions, it doesn't even need to be hidden in the fine print or TOS you agreed to when you sent payment; you have entered into a "business relationship" with the seller. They may be required, by law, to send you notices about product defects, and anything else which they consider to be of equal importance.
how about immediately imposing an injunction on Microsoft making it illegal to sell their products in Europe until they comply with the EU's terms. I think this is the only way to get them to change their corporate behavior.
That would also hurt the 80+% of EU business which use Windows and need to expand, buy new PC's, etc. How about temporarily voiding MS copyrights on their illegal OS (but not bundled stuff such as media player, et. al. so it won't hurt their commerial competitors also), making the OS free to be copied until they comply?
Ok, so average user has his outlook express configured to a.mail service. His computer his hijacked by spyware and it's sending tons of spam using the.mail account settings found in outlook express. I don't see a solution, or am I pisssing the point?
Make getting his computer hijacked a criminal offense with appropriate fines (say, per email sent). When costs start appearing to anyone in the chain of internet abuse (even if not to the most guilty) the problem will lessen to some degree.
Due to the exponential growth of the "tragedy of the commons" with respect to email, email will soon become so unusable that even a solution which "won't work" will work better than email as it exists today.
The only solution which makes sense from an economic point-of-view must attack the ( ) Sending email should be free premise for unsigned non-whitelisted email (except to maybe police tip-lines and rape crisis centers, et. al. who want to get anonymous email). Once someone figures out a protocol which does this half-decently and which can overlay the existing system of internet protocols and email addresses, normal Darwinian competition among mail agents and transports will push current insecure SMTP into a fringe niche (which smart providers should then charge extra for the use of, to help pay the network costs of carrying the garbage).
The Federal government might have a pretty good case for Eminent Domain.
If the feds use eminent domain on linux and related software, then the copyrights on which the GPL depends will become unenforceable in the U.S; although the GPL might still be enforceable due to copyrights held by foreign parties in their own countries, over which the U.S. government probably doesn't have jurisdiction.
Does Eminent Domain over stuff being given away means that the govenment doesn't even have to pay?
RBLs ARE working. They're making spammers scramble for un-blacklisted IP space. That's why they're running overseas; that's why they're sending out worms and viruses. Lord help us if IPv6 gets introduced... we'll never be able to stop spam then.
IPv6 will just require a change from distributed blacklisting to distributed whitelisting. Make it cost money, or an verified ID check which takes time, to put an IP block on enough master whitelists and that will put additional pressure on spammers hunting for usable IP addresses.
Good start, but it doesn't go far enough. Part of the law for Can-Spam they're being prosecuted under is the absence of addresses to get off a mailing list - but who is seriously going to click on a link if they are there?
Anyone with their own domain name can set up some honeypot or one-time-use email addresses, and click on the remove links of anything sent to these to build up a Can-Spam violators list. ISP's probably have tons of honeypot addresses just for this purpose. Many people have a few of their own just to keep their spam filters tuned.
You should really look into using some RBLs to block the spam at the sender-level.
If you are in an ebusiness which deals with the general public (Dell, Amazon, or the soccer mom selling knit socks on eBay.), you will find that this scheme blocks some percentage of current and potential customers, leading to a decrease of revenue. Your boss (maybe that's you) or the sales reps won't like that.
Actually, I think there were problems with the epicycles theory when it came to actual observations. By Galilleo, Kepler and Newtons time it became apparent that some of the eccentricities of the planets (and the moons) motions in the sky ran counter to the epicycle theory and supported the Copernican hypothesis beyond a reasonable doubt.
Actually, the Copernican hypothesis was about circular epicycles. He just modeled the epicycles around a different center. It was Kepler who figured out the mathematics of the elliptical model, and Newton who hypothesized why.
ISPs can already see exactly whose machine has been trojaned from the time and IP. Checking their logs to find that info is trivial - the tricky part is getting the user to patch/clean their computer.
Forget getting the ISP to fix anything. If you know the owner of the trojaned machine, and they don't take their own machine offline ASAP, you might be able to get a DA to prosecute a few of them for aiding and abetting fraud, illegal spamming (since thier return snail mail address isn't on the email per can-spam), or at least for not fixing a public nusiance situation. After the first few clueless home PC users end up in court paying big fines, a large portion of the public will soon learn to clean up their own machines much more quickly.
Other developments from PARC are the Graphical user interface (GUI), the mouse, the WYSIWYG text editor, the laser printer, the desktop computer and the Smalltalk programming language.
The mouse, GUI and WYSIWYG came from inventions by Englebert's team at SRI, well before PARC did their improved implementations.
Don't forget the hi-toro group which created the original Amiga, a project that was underway with a MULTITASKING gui far before any mac, and which has influenced gui design ever since.
Sorry. Bzzt. Wrong.
Hi Toro was founded by two engineers who had just finished the design of one of the semicustom ASIC chips necessary to complete the first 128k Mac prototype (check the case signatures and names on the earliest Amiga patents if you don't believe this). Also the Apple Lisa, which had a complete multitasking OS and GUI, was announced only a few months later and shipped in time for it to be used to write the some of the earliest Amiga chip documentation.
The GPL is a highly restrictive license which prevents the government, or any large organization for that matter, from using the code in conjuction with other software of which they do not own full copyright, unless they keep the final product strictly in-house. The GPL doesn't affect hobbiest as much, because they rarely have a library of millions of dollars worth of licensed software, or contracted software for which they do not own full copyright or redistribution rights.
I suppose the Congress could declare any copyrights to GPL'd code unenforceable against their agencies. That would solve this problem.
2GHz is a supercomputer? boy, are YOU 1.4 GHz back in updates!
Looks like you bought Intel's MHz myth. If you look at the highest performance machines on the top-500 supercomputer list, most of them clock even slower than 2 GHz (except VT's Big Mac), but they are all still way faster than a typical P4E box at any big (supercomputer size) problem.
Ironic, isn't it, that popularity is inversely proportional to difficulty of software development?
Not ironic at all. When designing for a system with constraints (limited MIPs and RAM for early mainframes and PC's, mAH of battery and viewable kilopixels in handhelds, etc.), a developer who is capable of hand crafting an application to fit in that environment will be able to produce something far more usable than a trivial port of some bloatware meant for a system many times larger.
Technology advances will help out some types of bloatware (e.g. Mr. Gates depends on Intel keeping up with Moore's law). But advances in battery energy density are very slow; so, in some ways, the constraints for optimal applications for handhelds will always be different than for PCs.
One of the main failings of PocketPC handhelds is that a large portion of the applications for it are ports of applications meant for hardware with bigger displays, larger caches, and unlimited power (AC wall plug plus noisy fans).
f all I need is just a PIM (calendaring, contacts, notes, money, short messages), then what would be the reason to choose PalmOS vs Linux on PDA?
Battery life.
The limiting factor in a PDA is the weight of the battery. Energy density has been improving at a microscopic rate compared to transistor density. The biggest consumer of battery life in these devices, other than the backlight, are memory accesses and processor cycles. For a typical PIM operation (look up a phone number or the next appointment time), the total instruction path length and code footprint for everything, including OS calls, database accesses, UI updates, background tasks, etc. during the 10 seconds this may take is far less with a compact special purpose OS and a PIM app customized for this API. The equivalent app under Linux would be more general and talk to more OS and library code layers, thus resulting in more cache misses, more memory and CPU cycles, thus less time with the CPU napping (unclocked) and thus greater power consumption.
Of course this is comparing PalmOS 4 to Linux. The bulk and typical path lengths of Palm OS 6 are still unknown.
It adds security to any existing methods (passwords, etc.).
It can be implemented behind a firewall that doesn't even respond on any port probes, so an attacker can't even tell if the firewall was just unplugged.
If the firewall stays closed, the protocol can't be used by an exploited machine, unless a method for exploiting the firewall is also known.
Or the method can be implemented in user space of a machine behind a completely closed firewall, just by pre-arranging for the logging of firewall port probes, and the forwarding of appropriately filtered contents of the firewall logs into user space.
They key sequence can also be made long enough to make it just as hard to crack as a long pgp private key, e.g. nobody except (3 letter agency) and distributed.net will even bother to try.
The sequence key can be from a one-time pad, meaning that even if the protocol is completely revealed to a local sniffer, they'll just end up with a useless password.
And lastly, it's possible to additionally encode the key sequence with a modulation wrapper and enough redundancy to withstand a given signal to noise ratio and mis-sequencing rate, which means one could even make the sequence key usable in the face of probing or an outright DoS attack against the protocol up to a certain attack bandwidth and knowledge of which ports might be in the sequence.
The REASON we have spam is because some stupid people are BUYING the CRAP the spammers are selling.
However, there are millions of stupid people and they breed faster. It would cost you far more than email postage to even attempt to educate most of them, and you would probably fail anyway.
The whole reason for this "tragedy of the commons" is that sending email to most everybody is free. The way to solve the problem is to make it cost something to get email into most ISPs networks (unless the recipient is an anonymous police tip line, rape crisis center, spam researcher, etc. Those types might continue to monitor legacy SMTP ports.). The cost might be per email, or the price of identifying oneself to a certification authority (enough ID that the police (or lynch mobs) can find you if you break enough spam laws.)
It would make my job harder and make the products I work on more costly and and take longer to due just due to the fact of it slowing down my work or i have to wait longer for things.
If the economic costs (loss productive time) of having every employee wade through spam every morning is greater than the cost of a new protocol, then it will be in the interest of most businesses to migrate ASAP. If you want to do business with these corporations, then you will have to switch also.
Slashdot Mirror
It does not take away your ability to run your own mail server. You can still run it on your private network... or maybe to communicate with systems run by people who trust you to not misuse an obsolete protocol. But nothing currently says that my mail server (or that of my ISP) has to talk to yours, especially if you don't take sufficient measures to differentiate yourself from joe spammer.
You do this every time you drive a car. Brakes fail. All drivers have some probability of human error. That's one of the reasons people buy liability insurance.
If you compare to cars, you'd have to say that you're responsible for what happens to your car even if it's been sabotaged.
If there was a high probability that terrorists were cutting brake lines in your neighborhood, and you ignored puddles of brake fluid under your car...
If you lie, then it's not a spam problem. It's fraud, committed by you. If you check the "I want to get email" box (and I've got your settled payment to prove it), and then report my email as spam, I should be able to sue you to pay for the full cost of cleaning up any blacklisting of my servers. If you don't want email, don't use the ecommerce site, or read the fine print and don't check to box, or take your business somewhere else.
Sheesh, I've had people buy a software license key, reject the email containing thay key, demand a refund, and then reject the email containing the offer of a refund.
If it's a zombie problem you haven't fixed the fact there is still an intruder on your internal net.
You should kill the students net connection until after they clean up their PC, pay a fine, take a safe surfing course, stand in the student center chanting "I am an idiot" 100 times, etc...
Tough beans. In some jurisdictions, it doesn't even need to be hidden in the fine print or TOS you agreed to when you sent payment; you have entered into a "business relationship" with the seller. They may be required, by law, to send you notices about product defects, and anything else which they consider to be of equal importance.
That would also hurt the 80+% of EU business which use Windows and need to expand, buy new PC's, etc. How about temporarily voiding MS copyrights on their illegal OS (but not bundled stuff such as media player, et. al. so it won't hurt their commerial competitors also), making the OS free to be copied until they comply?
Make getting his computer hijacked a criminal offense with appropriate fines (say, per email sent). When costs start appearing to anyone in the chain of internet abuse (even if not to the most guilty) the problem will lessen to some degree.
Due to the exponential growth of the "tragedy of the commons" with respect to email, email will soon become so unusable that even a solution which "won't work" will work better than email as it exists today.
The only solution which makes sense from an economic point-of-view must attack the ( ) Sending email should be free premise for unsigned non-whitelisted email (except to maybe police tip-lines and rape crisis centers, et. al. who want to get anonymous email). Once someone figures out a protocol which does this half-decently and which can overlay the existing system of internet protocols and email addresses, normal Darwinian competition among mail agents and transports will push current insecure SMTP into a fringe niche (which smart providers should then charge extra for the use of, to help pay the network costs of carrying the garbage).
If the feds use eminent domain on linux and related software, then the copyrights on which the GPL depends will become unenforceable in the U.S; although the GPL might still be enforceable due to copyrights held by foreign parties in their own countries, over which the U.S. government probably doesn't have jurisdiction.
Does Eminent Domain over stuff being given away means that the govenment doesn't even have to pay?
IPv6 will just require a change from distributed blacklisting to distributed whitelisting. Make it cost money, or an verified ID check which takes time, to put an IP block on enough master whitelists and that will put additional pressure on spammers hunting for usable IP addresses.
Anyone with their own domain name can set up some honeypot or one-time-use email addresses, and click on the remove links of anything sent to these to build up a Can-Spam violators list. ISP's probably have tons of honeypot addresses just for this purpose. Many people have a few of their own just to keep their spam filters tuned.
If you are in an ebusiness which deals with the general public (Dell, Amazon, or the soccer mom selling knit socks on eBay.), you will find that this scheme blocks some percentage of current and potential customers, leading to a decrease of revenue. Your boss (maybe that's you) or the sales reps won't like that.
Actually, the Copernican hypothesis was about circular epicycles. He just modeled the epicycles around a different center. It was Kepler who figured out the mathematics of the elliptical model, and Newton who hypothesized why.
Forget getting the ISP to fix anything. If you know the owner of the trojaned machine, and they don't take their own machine offline ASAP, you might be able to get a DA to prosecute a few of them for aiding and abetting fraud, illegal spamming (since thier return snail mail address isn't on the email per can-spam), or at least for not fixing a public nusiance situation. After the first few clueless home PC users end up in court paying big fines, a large portion of the public will soon learn to clean up their own machines much more quickly.
The mouse, GUI and WYSIWYG came from inventions by Englebert's team at SRI, well before PARC did their improved implementations.
Sorry. Bzzt. Wrong.
Hi Toro was founded by two engineers who had just finished the design of one of the semicustom ASIC chips necessary to complete the first 128k Mac prototype (check the case signatures and names on the earliest Amiga patents if you don't believe this). Also the Apple Lisa, which had a complete multitasking OS and GUI, was announced only a few months later and shipped in time for it to be used to write the some of the earliest Amiga chip documentation.
The GPL is a highly restrictive license which prevents the government, or any large organization for that matter, from using the code in conjuction with other software of which they do not own full copyright, unless they keep the final product strictly in-house. The GPL doesn't affect hobbiest as much, because they rarely have a library of millions of dollars worth of licensed software, or contracted software for which they do not own full copyright or redistribution rights.
I suppose the Congress could declare any copyrights to GPL'd code unenforceable against their agencies. That would solve this problem.
Looks like you bought Intel's MHz myth. If you look at the highest performance machines on the top-500 supercomputer list, most of them clock even slower than 2 GHz (except VT's Big Mac), but they are all still way faster than a typical P4E box at any big (supercomputer size) problem.
Not ironic at all. When designing for a system with constraints (limited MIPs and RAM for early mainframes and PC's, mAH of battery and viewable kilopixels in handhelds, etc.), a developer who is capable of hand crafting an application to fit in that environment will be able to produce something far more usable than a trivial port of some bloatware meant for a system many times larger.
Technology advances will help out some types of bloatware (e.g. Mr. Gates depends on Intel keeping up with Moore's law). But advances in battery energy density are very slow; so, in some ways, the constraints for optimal applications for handhelds will always be different than for PCs.
One of the main failings of PocketPC handhelds is that a large portion of the applications for it are ports of applications meant for hardware with bigger displays, larger caches, and unlimited power (AC wall plug plus noisy fans).
Battery life.
The limiting factor in a PDA is the weight of the battery. Energy density has been improving at a microscopic rate compared to transistor density. The biggest consumer of battery life in these devices, other than the backlight, are memory accesses and processor cycles. For a typical PIM operation (look up a phone number or the next appointment time), the total instruction path length and code footprint for everything, including OS calls, database accesses, UI updates, background tasks, etc. during the 10 seconds this may take is far less with a compact special purpose OS and a PIM app customized for this API. The equivalent app under Linux would be more general and talk to more OS and library code layers, thus resulting in more cache misses, more memory and CPU cycles, thus less time with the CPU napping (unclocked) and thus greater power consumption.
Of course this is comparing PalmOS 4 to Linux. The bulk and typical path lengths of Palm OS 6 are still unknown.
This is a great idea.
It adds security to any existing methods (passwords, etc.).
It can be implemented behind a firewall that doesn't even respond on any port probes, so an attacker can't even tell if the firewall was just unplugged.
If the firewall stays closed, the protocol can't be used by an exploited machine, unless a method for exploiting the firewall is also known.
Or the method can be implemented in user space of a machine behind a completely closed firewall, just by pre-arranging for the logging of firewall port probes, and the forwarding of appropriately filtered contents of the firewall logs into user space.
They key sequence can also be made long enough to make it just as hard to crack as a long pgp private key, e.g. nobody except (3 letter agency) and distributed.net will even bother to try.
The sequence key can be from a one-time pad, meaning that even if the protocol is completely revealed to a local sniffer, they'll just end up with a useless password.
And lastly, it's possible to additionally encode the key sequence with a modulation wrapper and enough redundancy to withstand a given signal to noise ratio and mis-sequencing rate, which means one could even make the sequence key usable in the face of probing or an outright DoS attack against the protocol up to a certain attack bandwidth and knowledge of which ports might be in the sequence.
Where's my coding textbook and patent attorney...
Why not try this for the Oriental game of Go, where even a few thousand computers might not make a decent opponent for a mid-level professional?
However, there are millions of stupid people and they breed faster. It would cost you far more than email postage to even attempt to educate most of them, and you would probably fail anyway.
The whole reason for this "tragedy of the commons" is that sending email to most everybody is free. The way to solve the problem is to make it cost something to get email into most ISPs networks (unless the recipient is an anonymous police tip line, rape crisis center, spam researcher, etc. Those types might continue to monitor legacy SMTP ports.). The cost might be per email, or the price of identifying oneself to a certification authority (enough ID that the police (or lynch mobs) can find you if you break enough spam laws.)
If the economic costs (loss productive time) of having every employee wade through spam every morning is greater than the cost of a new protocol, then it will be in the interest of most businesses to migrate ASAP. If you want to do business with these corporations, then you will have to switch also.