Ahh. Yeah, in that case, the ISP has demonstrated that they're not really who you want to do business with anyway. On the plus side, now that they've fixed the problem, if you ever want to switch to another ISP, it shouldn't be any more painful than it normally would be (plan on being offline for a month).:-)
I'm not interested in a whitelist-only system. I just received an e-mail from a new client about some work he'd like me to do on Monday; I had never received e-mail from this person before, and I certainly would not want it to have been mixed in with all my spam. Fortunately, my spam filtering works better than that.
I completely disagree. The solution to spam is legislation and enforcement. Spam is fundamentally a social problem, not a technical problem (although spam has certainly pointed out many technical problems, some of which have been corrected).
Spam exists because 1) it's profitable to send spam, because somebody will pay you send spam on their behalf or because a small percentage of your victims will buy whatever crap you're peddling, and 2) you probably won't be arrested, convicted, and hauled off to prison. Change these, and spam will stop, because it will no longer be profitable and safe.
I'm sure people are just going to be lining up to pay AOL for the privilege of sending mail to its users. I'm also sure that users are not going to switch when they find out that their friends can't mail them because they or their ISP did not pay the AOL tax. Yes indeed, this plan is going to be so popular. I'm sure the spammers are just quaking in their gold-plated boots.
I was agreeing with you until I realized you were being sarcastic. AOL has 19.5 million subscribers paying $21.95/month for the service; many of these customers have plenty of money and aren't very bright. Hell yes, companies will be willing to pay to send mail to these people.
AOL is losing customers - 6 million in the past three years - but I suspect this has largely been due to increased demand for broadband, rather than customer dissatisfaction. The rest of us may hate AOL's service, but their customers are generally happy - they just wish it was faster.
It's not the city governments or plants that are doing this to us. It's the international Communist conspiracy to sap and impurify all of our precious bodily fluids. Duh.
This is the 21st century; we call them "terrorists" now, not "Communists".
Before that, it was mostly viruses attached to programs. You'd attach a new virus to some really desirable warez and upload the stuff to a BBS. The BBS owner would run the software and the virus would attach itself to lots of other software, any time they repacked it for their chosen archive format...
That was a different kind of virus, not sponsored by spammers. Back then, it really WAS created by kids with something to prove, and there was no money in it.
You're right about Outlook Express (although I think Outlook was even more vulnerable than OE was), but again, I think this was mostly before the spammers got involved.
Little guys put in a work order to get it done. SBC technicians weren't in a big hurry to do it. Two weeks go by. We go with SBC, and dump the little guy.
This was your mistake. There's a reason you chose the little guy initially, instead of choosing SBC. Instead of second-guessing yourself, you should have called the Public Utility Commission and filed a complaint. That would have solved your problem, probably much faster.
This is a huge issue that the general public is completely unaware of. Most people still believe that viruses are created as an annoying prank by kids with something to prove. This may be true in some cases, but most of the malware out there now is created for a very specific purpose: building a botnet that can be sold for cold hard cash to the highest bidder. Who's buying them? Spammers.
It used to be that spammers would look for open relay servers in third-world countries, and let those servers do all the work of actually sending the messages. The server administrators either didn't care, or didn't know how to fix the problem, and the language barrier made things difficult. So, people started making blacklists of known open relays, and just refusing any mail that came from those IPs. Spammers would keep finding more open relays, and the blacklists grew.
Eventually, mail servers started coming pre-configured not to allow relaying, and as servers were upgraded, spammers had to move on. Spammers started commissioning worms, paying people to write software that would infect Windows machines remotely over the Internet, and open up a backdoor for the spammers to access. Suddenly you've got hundreds of thousands of IP addresses responsible for sending spam, with many of them on dynamic IPs. There's no good way to blacklist them all, since they keep changing!
Enter Windows XP Service Pack 2, with a software firewall enabled by default. As people upgrade, worms like Code Red and Nimda are no longer effective. So what's next? Spreading viruses through e-mail, IM, and the Web.
So, look for improvements in antivirus software in the next couple of years, as the war against spam continues. Then look for the spammers to find a new way to get their crap into your inbox.
For something as big a deal as the State of the Union address, his staff of speech writers and dialog coaches pull out all the stops. He doesn't have to know what it means, they just have to be able to teach him how to say it.
Likely it hasn't been done yet because OSX ships with the root user disabled. Most users need never touch it, and if you're intelligent enough to know you need access to it, you're intelligent enough to disable it again once you've done what you need to do. One hopes.
That has nothing to do with what I described. Yes, Mac OS X ships with the root account disabled, in the sense that there is no valid password which means you can't actually log in as root - but anyone in the admin group automatically gets access to run anything as root via sudo using their own password, and there are several places in the GUI where users are permitted to do things that normally require root privileges if they enter an administrator password. I described one of these in my post.
Yes, Mac OS X is vulnerable to Malware. In the same way that federal buildings are vulnerable to armed invasions by squads of men carrying guns. There's a substantial hurdle to cross there, y'see. Many hurdles.
Um, yeah, there are hurdles. In my example, you have to make the user believe that a particular file will install something that the user wants. Given that belief, the user is already accustomed to crossing the remaining hurdles on their own (i.e. entering an administrator password). Granted, standard non-admin users would have to get an administrator to install the software for them, but most home users run as an administrator.
This whole intel switch is a mess. We better get a 64 bit processor when they release the pro machines or else I'll never beleive anything Jobs says ever again. Now we have a 64 bit OS with a 32 bit processor. Explain the logic behind that?
Apple has never shipped a 64-bit laptop. Someday they will.
I expect whatever they replace the PowerMac G5 with ("Macintosh Pro"?) to contain 64-bit CPUs. Only the iMac has stepped backwards from 64-bit to 32-bit.
Apple switched to Intel because Intel's roadmap looks more promising than the alternatives. That doesn't mean they're perfect right now, it means in the future they'll be better than the competition, so Apple is getting a head start.
Make an Installer package (using/Developer/Applications/Utilities/PackageMaker) that requires root access (under the Configuration tab, select Root from the Authentication menu). Set it to require a restart after installation (select Required Restart from the Post-Install Action menu). It doesn't have to actually install anything, just go through the motions. Put the malware in a script called InstallationCheck, put it in the Resources folder, and make it executable.
Build your package, make a disk image from it (open Disk Copy, select File/New/Disk Image from Folder, select your package), set the internet-enable bit (open Terminal, type hdiutil internet-enable -yes/path/to/image.dmg), throw it on a web server and trick users into downloading it by telling them it's a pornographic screen saver or something.
Upon downloading the.dmg file, your package will automatically be opened. The user will be prompted to enter an Administrator password, and they will be told the installer needs to run a script to see whether the software can be installed. If they enter their password and click OK to the security prompt, the script will run with root privileges even if the user changes their mind and cancels the installation. If they proceed with the installation, they'll be asked to restart the computer.
Anyone who says Mac OS X isn't susceptible to malware doesn't know what they're talking about. Yes, this method requires the user to enter their password and confirm a security warning, but these are perfectly normal things to do when installing software, so most users are accustomed to it. As long as you make them think what they're installing is something they want to have, most users won't even blink.
To be honest, I'm surprised this hasn't been done on a wide scale already.
The machine used to enter your selection and print a slip of paper doesn't actually count your vote. Your human-readable slip of paper is also machine-readable (preferably using something like OCR, rather than a barcode, so there's no chance that the machine reads it differently than a human would). You feed that slip of paper into a second machine, which scans your vote and counts it.
You get all the advantages of electronic voting (instant accurate count, no hanging chads, easy and flexible user interface can easily be made accessible to the blind and non-English-speaking) plus all the advantages of paper voting (completely verifiable, still anonymous, and you can request a new ballot if you screw it up).
When I was in Guatemala I noticed that if I tried to pay for something that cost, say, Q32 (about $4) with a Q100 bill, they would almost always ask me if I had another Q2 so they could give me Q50+Q20 back. This happened several times at different stores and fast-food restaurants.
By the way, if you ever travel outside the US, wherever you go, find a McDonald's and order a Big Mac. You'll be shocked at the difference.
The best solution for NS4 is to simply give it an unstyled page, either via user agent detection, or by simply declaring all my stylesheets media=all - which NS4 doesn't reconise and thus ignores the stylesheet.
Ahh, I didn't know about this trick. Does it affect any other browsers?
get a hardware device (nat box at least, a real firewall would be better though) between you and your uplink line, and you'll be better off than you were before. You can't do that (using common hardware) with your modem in the first place.
The Apple AirPort Extreme Base Station has a built-in modem; it's expensive, but you can use it with a dialup connection. You can connect from the computer to the base station with either an Ethernet cable or 802.11b/g, and the base station has a USB port you can plug a printer into so you can print wirelessly from a laptop as well as surf the Internet. Once you upgrade to DSL or cable, you can just switch to using Ethernet instead of dialup. Mac and Windows are fully supported, and other operating systems should work fine once you get it set up (I believe there are third-party solutions for initial configuration, although I'm not sure about printer support).
This is a stupid idea. If you're running Windows, you should be using XPSP2 with the firewall turned on and all critical updates installed; if you're running something else, make sure you know exactly which services are open to the outside world, and keep on top of the security updates however that's normally done for your OS/distro.
If you're on DSL or cable, you may also want to use a router that does NAT.
Why they celebrate birthdays and not conception days (they're so adamant at trying to control non-believers definitions of "life").
It's not always possible to know the date of conception. Birth is when a new life enters into our world, not when life itself began but when that life began functioning on its own. We celebrate a lot of things that the Bible doesn't say we should celebrate (but also doesn't say we shouldn't).
Why they believe one ascends to heaven immediately upon a man saying they are dead.
Sorry, I don't know what you mean. Are you talking about being pronounced dead by a doctor? That's the legal time of death, but doesn't necessarily strictly correspond to reality; someone saying you're dead has no bearing on whether or not you actually are dead.
Why they believe that one who has no brain activity but body life might still be considered alive on this earth.
Again, I don't know what you mean here.
The answers to all three questions are basically: we shouldn't, we won't, and we will never push our views on non-believers. The Bible is pretty strict about holding other believers accountable for their actions, but we should be leaving the rest of the world alone.
Yes, except for the Great Commission. We are charged to spread the Gospel, and try to bring salvation to the lost. Jesus Christ spent a lot of time around sinners, including corrupt tax collectors and prostitutes, and rather than condemning them for their sins, He offered an alternative. The Bible says we are to follow Christ's example.
In the case of Netscape 4.7, making a web site "degrade gracefully" unfortunately means creating an entirely different non-standards-compliant version of the site, and using some form of browser detection to decide whether to send that to the browser instead of your normal standards-compliant CSS-based version.
Because Netscape 4.x has partial, broken support for CSS, a well-designed site should degrade fine in Netscape 3, but may be completely unusable in Netscape 4, unless you use browser detection to offer an alternate version.
Ahh. Yeah, in that case, the ISP has demonstrated that they're not really who you want to do business with anyway. On the plus side, now that they've fixed the problem, if you ever want to switch to another ISP, it shouldn't be any more painful than it normally would be (plan on being offline for a month). :-)
I'm not interested in a whitelist-only system. I just received an e-mail from a new client about some work he'd like me to do on Monday; I had never received e-mail from this person before, and I certainly would not want it to have been mixed in with all my spam. Fortunately, my spam filtering works better than that.
I completely disagree. The solution to spam is legislation and enforcement. Spam is fundamentally a social problem, not a technical problem (although spam has certainly pointed out many technical problems, some of which have been corrected).
Spam exists because 1) it's profitable to send spam, because somebody will pay you send spam on their behalf or because a small percentage of your victims will buy whatever crap you're peddling, and 2) you probably won't be arrested, convicted, and hauled off to prison. Change these, and spam will stop, because it will no longer be profitable and safe.
In case you weren't aware, AOL does offer service in other countries.
I'm sure people are just going to be lining up to pay AOL for the privilege of sending mail to its users. I'm also sure that users are not going to switch when they find out that their friends can't mail them because they or their ISP did not pay the AOL tax. Yes indeed, this plan is going to be so popular. I'm sure the spammers are just quaking in their gold-plated boots.
I was agreeing with you until I realized you were being sarcastic. AOL has 19.5 million subscribers paying $21.95/month for the service; many of these customers have plenty of money and aren't very bright. Hell yes, companies will be willing to pay to send mail to these people.
AOL is losing customers - 6 million in the past three years - but I suspect this has largely been due to increased demand for broadband, rather than customer dissatisfaction. The rest of us may hate AOL's service, but their customers are generally happy - they just wish it was faster.
It's not the city governments or plants that are doing this to us. It's the international Communist conspiracy to sap and impurify all of our precious bodily fluids. Duh.
This is the 21st century; we call them "terrorists" now, not "Communists".
Before that, it was mostly viruses attached to programs. You'd attach a new virus to some really desirable warez and upload the stuff to a BBS. The BBS owner would run the software and the virus would attach itself to lots of other software, any time they repacked it for their chosen archive format...
That was a different kind of virus, not sponsored by spammers. Back then, it really WAS created by kids with something to prove, and there was no money in it.
You're right about Outlook Express (although I think Outlook was even more vulnerable than OE was), but again, I think this was mostly before the spammers got involved.
Little guys put in a work order to get it done. SBC technicians weren't in a big hurry to do it. Two weeks go by. We go with SBC, and dump the little guy.
This was your mistake. There's a reason you chose the little guy initially, instead of choosing SBC. Instead of second-guessing yourself, you should have called the Public Utility Commission and filed a complaint. That would have solved your problem, probably much faster.
This is a huge issue that the general public is completely unaware of. Most people still believe that viruses are created as an annoying prank by kids with something to prove. This may be true in some cases, but most of the malware out there now is created for a very specific purpose: building a botnet that can be sold for cold hard cash to the highest bidder. Who's buying them? Spammers.
It used to be that spammers would look for open relay servers in third-world countries, and let those servers do all the work of actually sending the messages. The server administrators either didn't care, or didn't know how to fix the problem, and the language barrier made things difficult. So, people started making blacklists of known open relays, and just refusing any mail that came from those IPs. Spammers would keep finding more open relays, and the blacklists grew.
Eventually, mail servers started coming pre-configured not to allow relaying, and as servers were upgraded, spammers had to move on. Spammers started commissioning worms, paying people to write software that would infect Windows machines remotely over the Internet, and open up a backdoor for the spammers to access. Suddenly you've got hundreds of thousands of IP addresses responsible for sending spam, with many of them on dynamic IPs. There's no good way to blacklist them all, since they keep changing!
Enter Windows XP Service Pack 2, with a software firewall enabled by default. As people upgrade, worms like Code Red and Nimda are no longer effective. So what's next? Spreading viruses through e-mail, IM, and the Web.
So, look for improvements in antivirus software in the next couple of years, as the war against spam continues. Then look for the spammers to find a new way to get their crap into your inbox.
The President said "egregious"? I don't buy it...
For something as big a deal as the State of the Union address, his staff of speech writers and dialog coaches pull out all the stops. He doesn't have to know what it means, they just have to be able to teach him how to say it.
Likely it hasn't been done yet because OSX ships with the root user disabled. Most users need never touch it, and if you're intelligent enough to know you need access to it, you're intelligent enough to disable it again once you've done what you need to do. One hopes.
That has nothing to do with what I described. Yes, Mac OS X ships with the root account disabled, in the sense that there is no valid password which means you can't actually log in as root - but anyone in the admin group automatically gets access to run anything as root via sudo using their own password, and there are several places in the GUI where users are permitted to do things that normally require root privileges if they enter an administrator password. I described one of these in my post.
Yes, Mac OS X is vulnerable to Malware. In the same way that federal buildings are vulnerable to armed invasions by squads of men carrying guns. There's a substantial hurdle to cross there, y'see. Many hurdles.
Um, yeah, there are hurdles. In my example, you have to make the user believe that a particular file will install something that the user wants. Given that belief, the user is already accustomed to crossing the remaining hurdles on their own (i.e. entering an administrator password). Granted, standard non-admin users would have to get an administrator to install the software for them, but most home users run as an administrator.
This whole intel switch is a mess. We better get a 64 bit processor when they release the pro machines or else I'll never beleive anything Jobs says ever again. Now we have a 64 bit OS with a 32 bit processor. Explain the logic behind that?
Apple has never shipped a 64-bit laptop. Someday they will.
I expect whatever they replace the PowerMac G5 with ("Macintosh Pro"?) to contain 64-bit CPUs. Only the iMac has stepped backwards from 64-bit to 32-bit.
Apple switched to Intel because Intel's roadmap looks more promising than the alternatives. That doesn't mean they're perfect right now, it means in the future they'll be better than the competition, so Apple is getting a head start.
It uses HTTP, but not HTML. Good luck trying to get it to work in a web browser!
Instead of using sudo...
/Developer/Applications/Utilities/PackageMaker) that requires root access (under the Configuration tab, select Root from the Authentication menu). Set it to require a restart after installation (select Required Restart from the Post-Install Action menu). It doesn't have to actually install anything, just go through the motions. Put the malware in a script called InstallationCheck, put it in the Resources folder, and make it executable.
/path/to/image.dmg), throw it on a web server and trick users into downloading it by telling them it's a pornographic screen saver or something.
.dmg file, your package will automatically be opened. The user will be prompted to enter an Administrator password, and they will be told the installer needs to run a script to see whether the software can be installed. If they enter their password and click OK to the security prompt, the script will run with root privileges even if the user changes their mind and cancels the installation. If they proceed with the installation, they'll be asked to restart the computer.
Make an Installer package (using
Build your package, make a disk image from it (open Disk Copy, select File/New/Disk Image from Folder, select your package), set the internet-enable bit (open Terminal, type hdiutil internet-enable -yes
Upon downloading the
Anyone who says Mac OS X isn't susceptible to malware doesn't know what they're talking about. Yes, this method requires the user to enter their password and confirm a security warning, but these are perfectly normal things to do when installing software, so most users are accustomed to it. As long as you make them think what they're installing is something they want to have, most users won't even blink.
To be honest, I'm surprised this hasn't been done on a wide scale already.
Btw, please don't do this, kthx.
Apparently most teenagers aren't.
One slight modification to your description:
The machine used to enter your selection and print a slip of paper doesn't actually count your vote. Your human-readable slip of paper is also machine-readable (preferably using something like OCR, rather than a barcode, so there's no chance that the machine reads it differently than a human would). You feed that slip of paper into a second machine, which scans your vote and counts it.
You get all the advantages of electronic voting (instant accurate count, no hanging chads, easy and flexible user interface can easily be made accessible to the blind and non-English-speaking) plus all the advantages of paper voting (completely verifiable, still anonymous, and you can request a new ballot if you screw it up).
I just got back from vacation in Arizona; don't worry, the sun still exists. We just can't see it from here.
When I was in Guatemala I noticed that if I tried to pay for something that cost, say, Q32 (about $4) with a Q100 bill, they would almost always ask me if I had another Q2 so they could give me Q50+Q20 back. This happened several times at different stores and fast-food restaurants.
By the way, if you ever travel outside the US, wherever you go, find a McDonald's and order a Big Mac. You'll be shocked at the difference.
The best solution for NS4 is to simply give it an unstyled page, either via user agent detection, or by simply declaring all my stylesheets media=all - which NS4 doesn't reconise and thus ignores the stylesheet.
Ahh, I didn't know about this trick. Does it affect any other browsers?
get a hardware device (nat box at least, a real firewall would be better though) between you and your uplink line, and you'll be better off than you were before. You can't do that (using common hardware) with your modem in the first place.
The Apple AirPort Extreme Base Station has a built-in modem; it's expensive, but you can use it with a dialup connection. You can connect from the computer to the base station with either an Ethernet cable or 802.11b/g, and the base station has a USB port you can plug a printer into so you can print wirelessly from a laptop as well as surf the Internet. Once you upgrade to DSL or cable, you can just switch to using Ethernet instead of dialup. Mac and Windows are fully supported, and other operating systems should work fine once you get it set up (I believe there are third-party solutions for initial configuration, although I'm not sure about printer support).
This is a stupid idea. If you're running Windows, you should be using XPSP2 with the firewall turned on and all critical updates installed; if you're running something else, make sure you know exactly which services are open to the outside world, and keep on top of the security updates however that's normally done for your OS/distro.
If you're on DSL or cable, you may also want to use a router that does NAT.
Why they celebrate birthdays and not conception days (they're so adamant at trying to control non-believers definitions of "life").
It's not always possible to know the date of conception. Birth is when a new life enters into our world, not when life itself began but when that life began functioning on its own. We celebrate a lot of things that the Bible doesn't say we should celebrate (but also doesn't say we shouldn't).
Why they believe one ascends to heaven immediately upon a man saying they are dead.
Sorry, I don't know what you mean. Are you talking about being pronounced dead by a doctor? That's the legal time of death, but doesn't necessarily strictly correspond to reality; someone saying you're dead has no bearing on whether or not you actually are dead.
Why they believe that one who has no brain activity but body life might still be considered alive on this earth.
Again, I don't know what you mean here.
The answers to all three questions are basically: we shouldn't, we won't, and we will never push our views on non-believers. The Bible is pretty strict about holding other believers accountable for their actions, but we should be leaving the rest of the world alone.
Yes, except for the Great Commission. We are charged to spread the Gospel, and try to bring salvation to the lost. Jesus Christ spent a lot of time around sinners, including corrupt tax collectors and prostitutes, and rather than condemning them for their sins, He offered an alternative. The Bible says we are to follow Christ's example.
One of the big advantages of HTML is that it usually scales down nicely.
Not on Netscape 4 it doesn't.
In the case of Netscape 4.7, making a web site "degrade gracefully" unfortunately means creating an entirely different non-standards-compliant version of the site, and using some form of browser detection to decide whether to send that to the browser instead of your normal standards-compliant CSS-based version.
Because Netscape 4.x has partial, broken support for CSS, a well-designed site should degrade fine in Netscape 3, but may be completely unusable in Netscape 4, unless you use browser detection to offer an alternate version.
Prove it. Go ahead, I dare you. Conclusively.