What did the ISP run on your computer? All they did was change some DNS records, it was software on your computer that connected to the server due to no initiation by the ISP. The software on your computer allowed the changes requested by the server. This sounds similar to going to a website and it wanting you to install a particular plugin/activex/whatever.
Now, arguing the legality of changing of DNS records is something not related to this specific thread.
Without having read the RFC and just inferring the pub/private key system is similar (or identical) in principal to PGP/GPG signing system, can't these private keys be encrypted themselves on the machines running the MUA? Then if the private key is taken, spammers still can't use it. Am I missing something or is it just too much of an inconvenience to have to enter in your passphrase when you want to use email?
One of the things that helps Intel sales (at least in my experience/opinion) is that Intel additionally sells other server components such as RAID cards, motherboards, server chassis, etc. And it's not just that they make these other things, but that they are also very reliable and well performing and they all work well together.
On a personal level, I love AMD CPUs and will continue to buy AMD but I don't use very high end products generally speaking for personal things. I don't use Opterons for my personal severs or desktop systems. Though I have been very impressed with the AMD 64-bit proc, it runs 64-bit linux extremely well.
Assumption? I have worked for hosting providers that had spammers as customers. Not every piece of spam originates from a zombied machine. A lot of the big spammers have rack space at colo facilities around the country and indeed around the world.
Spammers get collocation hosting and bandwidt/connectivity. There is absolutely no way one or two people buying $50 drugs is going to cover the costs. Don't underestimate the costs. There are lots of people that help keep spamming alive.
On the flip side it does make for a nice easy business venture to get in the antispam/antivirus market though, even if you just resell one of the bigger guys' platforms like Securence or Postini.
Well why do you think spamming is actually a productive/sucessful business model? Because dumbass people actually attempt to purchase freely give their bank acct # for a share of $1.5 billion from some poor African country scam, want increase their manly juice giver with see-al1s, are looking for a low 5.1% mortgage refinance, want to meet the local barely legals, etc.
Think about it, if people never clicked on the links, replied to the emails, or called the numbers these spammers would probably die off. It is the fault of the masses of people to are all too eager and ignorant. Power thru inaction would solve spamming. Well, at least curb it a bit.
So back to the topic at hand, while this is very dasterdly, I have never signed up with facebook, I do not have a myspace page, i don't do that school class reunion site. These sites with their ads also help keep these scary/shady companies alive too. If they do things that are as bad as this publicly, imagine what they're doing behind our digital backs. Let's see, they have just about your entire personal history, background, lifestyle, etc. not mention they probably have every single click on their own respective websites completely tracked. They own you and can probably easily guess all of your secret questions for password reminders on any site such as "Your pets name" or "city your high school was in" or "what is your favorite color", etc.
Sorry for the paranoia and cynicism. I just don't trust these people, especially without some regulatory oversight. I am totally against said regulatory oversight so I just exercise extreme caution and do not generally sign up for these types of sites.
I heard that NASA runs ultra secure OS OpenBSD on their Mars crafts. Well we're all doomed now since I am sure everyone heard about the recent remote exploit discovered. Pretty soon we'll watch as some scr1pt k1dd13 remote crashes (literally too) the orbiters and rovers, hey, not to mention BSD is dying in case you didn't know.
Ok, I don't really know what NASA is using on their space craft. Anyone read Kim Stanley Robinson's Mars Trilogy? I have heard it is a great series with plenty of entertaining sci-fi aspects and though provoking social/political discussions as well.
In my experience, Seagate SCSI drives have a short MTBF. So there you have it, security because the data is lost and not even the rightful owner can access it. Hahaha.
Ok seriously, I did not RTFA and don't plan to. My guess is it is all hype and probably not something easily feasible for the wide spread market at large. I am not saying I disagree with innovation or the concept in general, just that I doubt this will be a real mind blower of a product, especially in its initial implementation.
just change it to a link point to/etcetera then no one will be confused
# ls -ld/etc lrwxr-xr-x 23 root wheel 11 Jan 5 10:30:08 2007 etc@ -> etcetera
In fact, I think it would be great and more simple if eveything were a symlink in / thats right. I don't want any real files or directories in / at all.
Anyone ever see how many symlinks they can nest. Does it get noticeably slower at say 5,000 links or 50,000 links?/tmp/folder ->/tmp/folder2/tmp/folder2 ->/tmp/folder3/tmp/folder3 ->/tmp/folder4...etc (or should i say/etc) And for fun you could make the last one point to/tmp/folder1
Sorry about the OT but this whole discussion is OT I think
Remember, the spammers have, effectively, unlimted bandwidth and unlimited processing power at their disposal. If the big companies started doing this with OpenBSD's spamd and generating public logs, we could get some seriously entertaining data I am sure.
From the link...
--snip log example--
This spammer got stuck for 47 minutes. Current spamd sets its socket receive buffer size to one character, forcing the sender to send one TCP packet for each byte of data, even if its a non-compliant "dump and disconnect" mailer. Of course, the spammer nearly immediately tries to retransmit the spam. Repeatedly.
I work for an ISP and do most of my internet activities at work. We have lots of redundancy not to mention my server/"desktop away from home" is at our facility. So I pretty much never have had an internet outage.
I have DSL at home, yes this is not as reliable but you know what? I pay for the residential version. DSL providers usually have a "business" version with a much higher SLA and support availability. I bet many SOHO's just have the plain residential version and get what they pay for.
Here are a couple of websites with community based ratings/comments on vendor friendliness to FOSS. It might be worth it if you are a real believer of supporting FOSS to make purchases only from companies that are FOSS friendly, especially if you work for a company that is making large hardware purchases and you have any influence over what is to be purchased. And if they have or request a comment/questionaire make sure to note that vendor FOSS friendliness was a factor your decision making.
It will be a green LED bar just under the monitor that will fill up with green as you get closer to lift off. Of course it turns yellow then red when you get close to critical levels. With a nice loud Spaceballs-esque countdown to detonation narrator, that way everyone can evacuate from your vicinity prior to the climax. "Have a nice day." If you happen to see any orangutangs after exploding, run for cover.
I tried it out. Doesnt work in Konqueror intentionally by Yahoo. If i change my browser ID to FF or IE or something it doesn't load at all. At least when I use Konq on gmail they still let me login and use my email, just dont have the full functionality, which is ok with me because I dont really care about all the bells/whistles of gmail. FF on Linux worked ok with the exception that I couldn't agree more that the ads are way too intrusive and annoying and also the interface is too sluggish and slow.
Ever hear of projects like the wireless deployment for the entire city of Minneapolis (or other cities I would guess to)? When the internet connection could be as much as 1gb/s or more, with the ability to add more as needed. I am not saying every user should expect 100mb/s transfer speeds becauses let's face it, a lot of servers download/upload from/to do not send/receive that much typically. You'd like only hit anyhint near 100mb/s when doing a torrent download or something p2p or else running your own server that gets real busy.
Anyways, I would like to see a new protocol/technology designed right before it gets deployed and likely with the US marketing and advertisement craze it will be shoved down our throats with ads and products like PDAs, cell phones, wrist watches, clothing, etc that all sport the new wifi technology that is just an awesome as chuck norris (according to the ads).
Here is a guy who legally changed his name to Optimus Prime a couple years back. His military buddies kicked his butt a little bit over this. From the article
"They razzed me for three months to no end," said Prime. "They really dug into me about it."
There are no "project decisions" to be discussed and made. Theo is the owner of the project, if you want to debate with him on the merits of his choices for the project, he will likely listen to what you have to say as long as it is reasonable to him.
As an analogy imagine if you were part of a team creating a car. Each person in the team is worked on just part of the car. Person 1 says, "I like engines so I am going to work on engine development." Person 2 says, "I like tires so I am going to work on tires and wheels." Person 3 says, "I like safety features so I am going to work on safety." etc.
Now imagine all of these people working on their respective components but in different countries around the world, completely independent of the rest, it could be difficult to ensure proper integration and compatability. Yes they chat, e-mail, etc but when many people are side by side it is much easier to discuss problems you are facing, either design issues, implementaion issues or whatever. Plus, you get to be around a lot of dialogue and discussions that could help enlighten you to other methods or ways of doing things better.
This could just be an oversimplification, but if you work directly with a lot of cool and fun people you admire and are admired by, let's face it, it probably is a lot more fun and productive. It is a team effort of people that like what they are doing and want to do it all lead by captain TdR. Plus I imagine there is some Humppa playing there as well?
Note: I am no developer nor have I ever been to an OpenBSD hackathon.
Slashdot Mirror
What did the ISP run on your computer? All they did was change some DNS records, it was software on your computer that connected to the server due to no initiation by the ISP. The software on your computer allowed the changes requested by the server. This sounds similar to going to a website and it wanting you to install a particular plugin/activex/whatever.
Now, arguing the legality of changing of DNS records is something not related to this specific thread.
Maybe it should be "OS Rootkits" vs "BSD Rootkits".
:)
Who cares? BSD is dying anyways right?
Note: Did not RTFA
Does it work with wireless?
Without having read the RFC and just inferring the pub/private key system is similar (or identical) in principal to PGP/GPG signing system, can't these private keys be encrypted themselves on the machines running the MUA? Then if the private key is taken, spammers still can't use it. Am I missing something or is it just too much of an inconvenience to have to enter in your passphrase when you want to use email?
One of the things that helps Intel sales (at least in my experience/opinion) is that Intel additionally sells other server components such as RAID cards, motherboards, server chassis, etc. And it's not just that they make these other things, but that they are also very reliable and well performing and they all work well together.
On a personal level, I love AMD CPUs and will continue to buy AMD but I don't use very high end products generally speaking for personal things. I don't use Opterons for my personal severs or desktop systems. Though I have been very impressed with the AMD 64-bit proc, it runs 64-bit linux extremely well.
Assumption? I have worked for hosting providers that had spammers as customers. Not every piece of spam originates from a zombied machine. A lot of the big spammers have rack space at colo facilities around the country and indeed around the world.
Spammers get collocation hosting and bandwidt/connectivity. There is absolutely no way one or two people buying $50 drugs is going to cover the costs. Don't underestimate the costs. There are lots of people that help keep spamming alive.
On the flip side it does make for a nice easy business venture to get in the antispam/antivirus market though, even if you just resell one of the bigger guys' platforms like Securence or Postini.
Well why do you think spamming is actually a productive/sucessful business model? Because dumbass people actually attempt to purchase freely give their bank acct # for a share of $1.5 billion from some poor African country scam, want increase their manly juice giver with see-al1s, are looking for a low 5.1% mortgage refinance, want to meet the local barely legals, etc.
Think about it, if people never clicked on the links, replied to the emails, or called the numbers these spammers would probably die off. It is the fault of the masses of people to are all too eager and ignorant. Power thru inaction would solve spamming. Well, at least curb it a bit.
So back to the topic at hand, while this is very dasterdly, I have never signed up with facebook, I do not have a myspace page, i don't do that school class reunion site. These sites with their ads also help keep these scary/shady companies alive too. If they do things that are as bad as this publicly, imagine what they're doing behind our digital backs. Let's see, they have just about your entire personal history, background, lifestyle, etc. not mention they probably have every single click on their own respective websites completely tracked. They own you and can probably easily guess all of your secret questions for password reminders on any site such as "Your pets name" or "city your high school was in" or "what is your favorite color", etc.
Sorry for the paranoia and cynicism. I just don't trust these people, especially without some regulatory oversight. I am totally against said regulatory oversight so I just exercise extreme caution and do not generally sign up for these types of sites.
Have a nice day.
I heard that NASA runs ultra secure OS OpenBSD on their Mars crafts. Well we're all doomed now since I am sure everyone heard about the recent remote exploit discovered. Pretty soon we'll watch as some scr1pt k1dd13 remote crashes (literally too) the orbiters and rovers, hey, not to mention BSD is dying in case you didn't know.
Ok, I don't really know what NASA is using on their space craft. Anyone read Kim Stanley Robinson's Mars Trilogy? I have heard it is a great series with plenty of entertaining sci-fi aspects and though provoking social/political discussions as well.
In my experience, Seagate SCSI drives have a short MTBF. So there you have it, security because the data is lost and not even the rightful owner can access it. Hahaha.
Ok seriously, I did not RTFA and don't plan to. My guess is it is all hype and probably not something easily feasible for the wide spread market at large.
I am not saying I disagree with innovation or the concept in general, just that I doubt this will be a real mind blower of a product, especially in its initial implementation.
Just my -$.02
just change it to a link point to /etcetera then no one will be confused
/etc
/tmp/folder -> /tmp/folder2 /tmp/folder2 -> /tmp/folder3 /tmp/folder3 -> /tmp/folder4 ...etc (or should i say /etc) /tmp/folder1
# ls -ld
lrwxr-xr-x 23 root wheel 11 Jan 5 10:30:08 2007 etc@ -> etcetera
In fact, I think it would be great and more simple if eveything were a symlink in /
thats right. I don't want any real files or directories in / at all.
Anyone ever see how many symlinks they can nest. Does it get noticeably slower at say 5,000 links or 50,000 links?
And for fun you could make the last one point to
Sorry about the OT but this whole discussion is OT I think
Yeah, spaghetti... obey your noodly master.
Next thing you'll be talking about is global warming, then pirates, and the love of Him that is noodly.
From the link...
--snip log example--
This spammer got stuck for 47 minutes. Current spamd sets its socket receive buffer size to one character, forcing the sender to send one TCP packet for each byte of data, even if its a non-compliant "dump and disconnect" mailer. Of course, the spammer nearly immediately tries to retransmit the spam. Repeatedly.
Everyone knows it's next to impossible to lose that service even when intentionally attempted.
You are paying for each server you install the backup agent on right? No? The bsa would like to have a word with you.
I work for an ISP and do most of my internet activities at work. We have lots of redundancy not to mention my server/"desktop away from home" is at our facility. So I pretty much never have had an internet outage.
I have DSL at home, yes this is not as reliable but you know what? I pay for the residential version. DSL providers usually have a "business" version with a much higher SLA and support availability. I bet many SOHO's just have the plain residential version and get what they pay for.
Here are a couple of websites with community based ratings/comments on vendor friendliness to FOSS. It might be worth it if you are a real believer of supporting FOSS to make purchases only from companies that are FOSS friendly, especially if you work for a company that is making large hardware purchases and you have any influence over what is to be purchased. And if they have or request a comment/questionaire make sure to note that vendor FOSS friendliness was a factor your decision making.
It will be a green LED bar just under the monitor that will fill up with green as you get closer to lift off. Of course it turns yellow then red when you get close to critical levels. With a nice loud Spaceballs-esque countdown to detonation narrator, that way everyone can evacuate from your vicinity prior to the climax. "Have a nice day." If you happen to see any orangutangs after exploding, run for cover.
I tried it out. Doesnt work in Konqueror intentionally by Yahoo. If i change my browser ID to FF or IE or something it doesn't load at all. At least when I use Konq on gmail they still let me login and use my email, just dont have the full functionality, which is ok with me because I dont really care about all the bells/whistles of gmail. FF on Linux worked ok with the exception that I couldn't agree more that the ads are way too intrusive and annoying and also the interface is too sluggish and slow.
Windows Secure?
Ever hear of projects like the wireless deployment for the entire city of Minneapolis (or other cities I would guess to)? When the internet connection could be as much as 1gb/s or more, with the ability to add more as needed. I am not saying every user should expect 100mb/s transfer speeds becauses let's face it, a lot of servers download/upload from/to do not send/receive that much typically. You'd like only hit anyhint near 100mb/s when doing a torrent download or something p2p or else running your own server that gets real busy.
Anyways, I would like to see a new protocol/technology designed right before it gets deployed and likely with the US marketing and advertisement craze it will be shoved down our throats with ads and products like PDAs, cell phones, wrist watches, clothing, etc that all sport the new wifi technology that is just an awesome as chuck norris (according to the ads).
Just my $.02
Never the less, it is good news for consumers. When competition thrives good things happen - advancements in technology and drops in price.
"They razzed me for three months to no end," said Prime. "They really dug into me about it."
Oooohh... the internet. I hear that have it on computers now-a-days.
There are no "project decisions" to be discussed and made. Theo is the owner of the project, if you want to debate with him on the merits of his choices for the project, he will likely listen to what you have to say as long as it is reasonable to him.
As an analogy imagine if you were part of a team creating a car. Each person in the team is worked on just part of the car.
Person 1 says, "I like engines so I am going to work on engine development."
Person 2 says, "I like tires so I am going to work on tires and wheels."
Person 3 says, "I like safety features so I am going to work on safety."
etc.
Now imagine all of these people working on their respective components but in different countries around the world, completely independent of the rest, it could be difficult to ensure proper integration and compatability. Yes they chat, e-mail, etc but when many people are side by side it is much easier to discuss problems you are facing, either design issues, implementaion issues or whatever. Plus, you get to be around a lot of dialogue and discussions that could help enlighten you to other methods or ways of doing things better.
This could just be an oversimplification, but if you work directly with a lot of cool and fun people you admire and are admired by, let's face it, it probably is a lot more fun and productive. It is a team effort of people that like what they are doing and want to do it all lead by captain TdR. Plus I imagine there is some Humppa playing there as well?
Note: I am no developer nor have I ever been to an OpenBSD hackathon.