North Korea developed a nuclear weapons program and tested a missile. I'd say they qualify as being an "aggressor", although they didn't directly attack anyone. Surprisingly, this issue was resolved diplomatically (we paid them a boatload of cash, in exchange for their promise to stop).
Congress needs to earmark funding for the FBI to prosecute spammers under CAN-SPAM.
Yeah, whiners on Slashdot say CAN-SPAM is horrible, because it legalizes spam. What they forget is that CAN-SPAM only legalizes it under certain rules, which spammers are ignoring because there's no enforcement. According to this article from last year, only 0.27% of all junk mail actually complies with CAN-SPAM, which means the other 99.73% is clearly illegal. On top of that, the 0.27% is deliberately easy to filter out if you choose.
We don't need a new law to make spam illegal; CAN-SPAM already makes it illegal. We just need to start actually prosecuting people who break the law.
Yes, some spam comes from other countries where the FBI has no jurisdiction, but not as much as you might think, and I believe the FBI already has partnership agreements with agencies in several other countries to work together on fighting spam - they're just not doing enough of it.
Why won't this happen without an act of Congress? Because without a direct congressional mandate, the FBI has better things to do with its time and money. I don't blame them, really - raiding meth labs or catching serial killers is certainly important. But fighting spam is important too, and there's no reason the FBI couldn't do both.
So that's the answer. Spam is a social problem, more than it's a technical problem. We can try to fight it with technology, but spammers are fighting back, and they have the huge advantage of not being limited by morals or legality. We can't win with the odds stacked that high in their favor. The only way to win is to throw them all in jail.
If someone is going to pull off a dictionary attack against the SMTP server, then you just discard connections to them after a specific number of invalid users.
Almost all mainstream MUAs support this sort of thing now.
Hopefully you meant MTAs, not MUAs.
Does Sendmail do this by default? If so, can you point me to documentation to this effect? If not, can you point me to documentation on how to easily set it up?
As an e-mail server administrator, I'm currently subscribed to the MIMEDefang and UW imapd mailing lists, as well as the Slackware security mailing list. Could these be replaced someday by a blog with an RSS feed? Sure, but that's not going to happen any time soon. In the mean time, yes, mailing lists are important.
Then there's technical issues with that kind of harvesting. First, any reasonable mail server will start responding slower to a client which is making repeated errors, before finally shutting them off. Are you saying that most reasonable MTA software currently does this by default? Or are you saying any reasonable sysadmin has probably hacked something like this together in their spare time?
I run a pretty basic Sendmail configuration, plus some crazy custom spam-fighting stuff controlled through MIMEDefang. I'm not aware of anything that would cause it to keep track of how many errors have recently come from a particular IP. How did you set it up?
I'm quite confident that extraterrestrial life will never be found. A surprising number of people find this idea to be horribly depressing, which seems a little weird to me... I suppose my hope is in God in the same way that their hope is in aliens?
Anyway, since God's Word is infallible, if something is discovered which appears to contradict God's Word, then either that discovery is wrong, or our interpretation and understanding of God's Word is mistaken. For example, some people incorrectly interpreted the Bible as saying the earth is the center of the universe and the sun revolves around it; Galileo proved them wrong but upset a lot of people in doing so. Another poster mentioned a 7-day creation; many of us still believe the universe and everything in it was created in a week less than 10,000 years ago (probably closer to 6,000 but definitely no more than 10,000). (For commentary on this by scientists who know what the hell they're talking about, try the book "In Six Days" edited by John Ashton, and the sequel "On the Seventh Day".)
Then they can either send you a new battery any, or tell you how to fix it. Or both (if they send you a new battery and that doesn't solve the problem, then they can tell you how to fix it).
Uh, have you forgotten that these companies have a monopoly on local telephone lines?
In some cases, you can switch to a CLEC, which will rent a cage in AT&T/Verizon's central office and pay them to connect your phone line to their equipment. They'll even let you keep your existing phone number (which the CLEC also pays AT&T/Verizon for). But I'm not 100% sure AT&T/Verizon don't have a way to tap these lines too, if the NSA asks them to. Besides, most people don't understand that this choice is available (because "the phone company" was a monopoly for a long time, although the names have changed several times as the pieces of Ma Bell have gradually reassembled themselves), and in many cases, the choice simply isn't available (for example, depending on where you live, there may not be a CLEC that offers service at your CO). On top of that, Verizon has been fighting to keep CLECs out - they cut a deal with the FCC so if they switch you over to FIOS, they're no longer required to allow CLECs to offer you phone service. I'm sure AT&T is working on the same, if they can get their heads out of their asses long enough to do it.
So to recap, your options are:
1) Switch to a CLEC (if one is available) and hope AT&T/Verizon don't just tap it anyway 2) Switch to a cell phone (but not from the two largest cell phone networks!) 3) Switch to VOIP over a cable modem (and say goodbye to reliable 911 service) 4) Move (and hope Qwest doesn't reverse their position without telling anyone) 5) Use AT&T/Verizon (they'll tap your phone without a warrant)
Not quite as simple as "if we really cared, we'd change providers," is it?
Saying that something is "funny", doesn't make it one. At all.
Similarly, even if a joke isn't funny, it doesn't mean that you're not an idiot for not getting it. Precisely. I didn't think it was very funny either, but the person who said to Google it is an idiot.
Yeah, that is a problem. I haven't done it yet, but there should be some kind of confirmation. They could keep the existing concept and just add a JavaScript confirm() dialog, or they could add an extra button you have to click next to the menu. As far as I know, there's no way to change a moderation, other than posting to undo all moderations to that article as the AC mentioned.
I recently saw The Simpsons Movie. In the middle of the movie, they make fun of Fox by scrolling a banner at the bottom of the screen with an ad for an upcoming TV show, then saying something like "we scroll ads during feature films now too!"
My brain completely filtered out the banner for quite a bit. Consciously, I didn't even see it. I finally noticed it in time to catch the tail end of the text and realized what was going on, but I had to ask someone else to find out that it had been an ad for a TV show. I have no idea which one.
So, very funny gag, and kudos to the creators of the movie for doing it. But I found it a disturbing reminder of how desensitized we've become to this type of advertising.
Sorry, but you're completely wrong: purely electronic voting machines can get slightly better by making sure the source code is publicly available and there are security measures in place to make sure it can't be tampered with, but most people who know what they're talking about don't want a purely electronic system. We want an electronic voting machine that prints out a paper ballot, then a completely different machine which scans, counts and stores paper ballots. That's what PES née Diebold have been fighting tooth and nail to avoid having to build.
Everything should be hand-verifiable at every stage in the process, and there should be randomized testing before and after every election.
That doesn't add much to your argument. I liked the old interface better. Maybe next we can argue about whether blue or orange is the better color. I like the ability to load truncated comments, and read collapsed comments, without reloading the whole page and losing my place in the thread. Being able to moderate a comment immediately, instead of waiting until I get all the way to the bottom of the page, is also nice. There are a few problems still, but generally the problems only affect things that you couldn't do with the old comment system anyway.
I'm curious as to what it is about the old interface that you prefer, or what about the new interface that you don't like.
AJAX is only useful because people are trying to use HTTP and HTML in ways that HTTP and HTML weren't meant to be used. It's not clever anymore, now it's just stupid. I agree that HTML wasn't meant to be used in this way, it IS used this way now, and it does a reasonable job. Besides, the alternative is proprietary applications that only run on certain platforms and don't work half the time. If that's the alternative, I fail to see how AJAX is stupid.
Of course, any technology can be used for stupid purposes. But that's really not an issue of technology, is it?
No, I really don't like outsourcing customer service, even when it's within the same country. If I have a problem with a particular company, I want to talk to someone who works there! Is that really too much to ask?
AJAX is a hack sat on top of a 15 year legacy of hacks, and ultimately serves no purpose other than giving the 'delicious generation' something to drool at. I know I shouldn't feed the trolls, but... you're a fool. This has nothing to do with AJAX or Web 2.0, this has to do with exploiting security holes that have probably been around for over a decade. But more than that: yes, AJAX is useful. When used properly, it can allow you to build a web site that is more powerful and easy-to-use than anything you could do without AJAX. Slashdot's new AJAX-based comment system is definitely an improvement, for example.
I wonder how much bandwidth yahoo.com uses just for ICMP traffic alone. There are thousands of machines out there that ping yahoo.com to test Internet connectivity. I wonder how much of the Internet would break horribly if Yahoo decided to firewall pings?
Slashdot Mirror
Sometimes choosing which tools to use and which tools not to use is part of the art form.
North Korea developed a nuclear weapons program and tested a missile. I'd say they qualify as being an "aggressor", although they didn't directly attack anyone. Surprisingly, this issue was resolved diplomatically (we paid them a boatload of cash, in exchange for their promise to stop).
Congress needs to earmark funding for the FBI to prosecute spammers under CAN-SPAM.
Yeah, whiners on Slashdot say CAN-SPAM is horrible, because it legalizes spam. What they forget is that CAN-SPAM only legalizes it under certain rules, which spammers are ignoring because there's no enforcement. According to this article from last year, only 0.27% of all junk mail actually complies with CAN-SPAM, which means the other 99.73% is clearly illegal. On top of that, the 0.27% is deliberately easy to filter out if you choose.
We don't need a new law to make spam illegal; CAN-SPAM already makes it illegal. We just need to start actually prosecuting people who break the law.
Yes, some spam comes from other countries where the FBI has no jurisdiction, but not as much as you might think, and I believe the FBI already has partnership agreements with agencies in several other countries to work together on fighting spam - they're just not doing enough of it.
Why won't this happen without an act of Congress? Because without a direct congressional mandate, the FBI has better things to do with its time and money. I don't blame them, really - raiding meth labs or catching serial killers is certainly important. But fighting spam is important too, and there's no reason the FBI couldn't do both.
So that's the answer. Spam is a social problem, more than it's a technical problem. We can try to fight it with technology, but spammers are fighting back, and they have the huge advantage of not being limited by morals or legality. We can't win with the odds stacked that high in their favor. The only way to win is to throw them all in jail.
Almost all mainstream MUAs support this sort of thing now. Hopefully you meant MTAs, not MUAs.
Does Sendmail do this by default? If so, can you point me to documentation to this effect? If not, can you point me to documentation on how to easily set it up?
As an e-mail server administrator, I'm currently subscribed to the MIMEDefang and UW imapd mailing lists, as well as the Slackware security mailing list. Could these be replaced someday by a blog with an RSS feed? Sure, but that's not going to happen any time soon. In the mean time, yes, mailing lists are important.
I run a pretty basic Sendmail configuration, plus some crazy custom spam-fighting stuff controlled through MIMEDefang. I'm not aware of anything that would cause it to keep track of how many errors have recently come from a particular IP. How did you set it up?
I'm quite confident that extraterrestrial life will never be found. A surprising number of people find this idea to be horribly depressing, which seems a little weird to me... I suppose my hope is in God in the same way that their hope is in aliens?
Anyway, since God's Word is infallible, if something is discovered which appears to contradict God's Word, then either that discovery is wrong, or our interpretation and understanding of God's Word is mistaken. For example, some people incorrectly interpreted the Bible as saying the earth is the center of the universe and the sun revolves around it; Galileo proved them wrong but upset a lot of people in doing so. Another poster mentioned a 7-day creation; many of us still believe the universe and everything in it was created in a week less than 10,000 years ago (probably closer to 6,000 but definitely no more than 10,000). (For commentary on this by scientists who know what the hell they're talking about, try the book "In Six Days" edited by John Ashton, and the sequel "On the Seventh Day".)
Then they can either send you a new battery any, or tell you how to fix it. Or both (if they send you a new battery and that doesn't solve the problem, then they can tell you how to fix it).
Uh, have you forgotten that these companies have a monopoly on local telephone lines?
In some cases, you can switch to a CLEC, which will rent a cage in AT&T/Verizon's central office and pay them to connect your phone line to their equipment. They'll even let you keep your existing phone number (which the CLEC also pays AT&T/Verizon for). But I'm not 100% sure AT&T/Verizon don't have a way to tap these lines too, if the NSA asks them to. Besides, most people don't understand that this choice is available (because "the phone company" was a monopoly for a long time, although the names have changed several times as the pieces of Ma Bell have gradually reassembled themselves), and in many cases, the choice simply isn't available (for example, depending on where you live, there may not be a CLEC that offers service at your CO). On top of that, Verizon has been fighting to keep CLECs out - they cut a deal with the FCC so if they switch you over to FIOS, they're no longer required to allow CLECs to offer you phone service. I'm sure AT&T is working on the same, if they can get their heads out of their asses long enough to do it.
So to recap, your options are:
1) Switch to a CLEC (if one is available) and hope AT&T/Verizon don't just tap it anyway
2) Switch to a cell phone (but not from the two largest cell phone networks!)
3) Switch to VOIP over a cable modem (and say goodbye to reliable 911 service)
4) Move (and hope Qwest doesn't reverse their position without telling anyone)
5) Use AT&T/Verizon (they'll tap your phone without a warrant)
Not quite as simple as "if we really cared, we'd change providers," is it?
Before that, when Windows 2000 came out, third-party applications and drivers were all broken, and everyone said Windows 98 was much better.
And I'm pretty sure I remember that Windows 95 users said Windows 98 was bloated...
(We'll just conveniently overlook the turd that was Windows ME.)
Similarly, even if a joke isn't funny, it doesn't mean that you're not an idiot for not getting it. Precisely. I didn't think it was very funny either, but the person who said to Google it is an idiot.
Read the second line of his post again.
Yeah, that is a problem. I haven't done it yet, but there should be some kind of confirmation. They could keep the existing concept and just add a JavaScript confirm() dialog, or they could add an extra button you have to click next to the menu. As far as I know, there's no way to change a moderation, other than posting to undo all moderations to that article as the AC mentioned.
Easy to fix. Just hasn't been fixed yet.
I recently saw The Simpsons Movie. In the middle of the movie, they make fun of Fox by scrolling a banner at the bottom of the screen with an ad for an upcoming TV show, then saying something like "we scroll ads during feature films now too!"
My brain completely filtered out the banner for quite a bit. Consciously, I didn't even see it. I finally noticed it in time to catch the tail end of the text and realized what was going on, but I had to ask someone else to find out that it had been an ad for a TV show. I have no idea which one.
So, very funny gag, and kudos to the creators of the movie for doing it. But I found it a disturbing reminder of how desensitized we've become to this type of advertising.
Sorry, but you're completely wrong: purely electronic voting machines can get slightly better by making sure the source code is publicly available and there are security measures in place to make sure it can't be tampered with, but most people who know what they're talking about don't want a purely electronic system. We want an electronic voting machine that prints out a paper ballot, then a completely different machine which scans, counts and stores paper ballots. That's what PES née Diebold have been fighting tooth and nail to avoid having to build.
Everything should be hand-verifiable at every stage in the process, and there should be randomized testing before and after every election.
I'm curious as to what it is about the old interface that you prefer, or what about the new interface that you don't like. AJAX is only useful because people are trying to use HTTP and HTML in ways that HTTP and HTML weren't meant to be used. It's not clever anymore, now it's just stupid. I agree that HTML wasn't meant to be used in this way, it IS used this way now, and it does a reasonable job. Besides, the alternative is proprietary applications that only run on certain platforms and don't work half the time. If that's the alternative, I fail to see how AJAX is stupid.
Of course, any technology can be used for stupid purposes. But that's really not an issue of technology, is it?
No, I really don't like outsourcing customer service, even when it's within the same country. If I have a problem with a particular company, I want to talk to someone who works there! Is that really too much to ask?
AJAX is a hack sat on top of a 15 year legacy of hacks, and ultimately serves no purpose other than giving the 'delicious generation' something to drool at. I know I shouldn't feed the trolls, but... you're a fool. This has nothing to do with AJAX or Web 2.0, this has to do with exploiting security holes that have probably been around for over a decade. But more than that: yes, AJAX is useful. When used properly, it can allow you to build a web site that is more powerful and easy-to-use than anything you could do without AJAX. Slashdot's new AJAX-based comment system is definitely an improvement, for example.
I pretended to enjoy Day After Tomorrow because the girl I saw it with thought it was a good movie.
Think about what the Internet looked like in 1995. Few people would have thought of using microsoft.com for anything.
I wonder how much bandwidth yahoo.com uses just for ICMP traffic alone. There are thousands of machines out there that ping yahoo.com to test Internet connectivity. I wonder how much of the Internet would break horribly if Yahoo decided to firewall pings?