All in the implementation. You do the sending in the background at idle priority. That way while you're typing one email your client is sending the previous one.
Yeah sure if you bulk email... well you lose just like the spammers.
Keep in mind though that I don't think msft is mandating their idea. Just saying it's a good supplement to filter spam.
Nothing is saying you can't just whitelist your friends and not use the method for email going to them.
If you have zero-waitstate memory you could essentially own the system [well it's still a slowdown but you will win overall].
However, 8MB of what essentially amounts to cache is expensive. This means now for a spammer to spam in volume they have to buy a $20,000 cpu.
The trick though, is in the original HC to make spammers slow down you have to slow down the lower end users.
MSFT research realized that if you make the memory bus the major limitation you can level most desktops. E.g. a P4-3000 is only 4 times faster than a P2-233 in terms of tag generation.
Ram is relatively cheap [even in older desktops] so you can step this upto [say] 32MB buffers. They will only be required to send an email but will totally prevent "zero-wait state 32MB cells" since they would cost a shit load of money.
Of course this makes the system useless for portables since they often have little memory to spare. At the conference the speakers suggested that the ISP would then generate tags [at a cost] for the users.
Um? The point, my small minded ignorant little friend is if it takes you 10 seconds to send an email it takes spammers 10 seconds to send an email.
The real contribution MSFT made was their memory-bound HashCash which was designed to perform comparably on the latest machines [e.g. P4-3000] and the oldest machines [e.g. P2-233].
And this is part about sales but the research is freely available off the web as well as part of the Crypto'03 proceedings.
The research this is based on [presented at crypto'03] is designed to level the difference between a P4-3000 and a P2-233. They use problems where cache hits will be lower [e.g. use a 8MB buffer or something] so you end up computing at the speed of your memory bus.
If you had done some research before posting your crap you'd know this.
Your server can do the calculations for you. That's the point. You pay for email right? [if you don't run your own server]. Then why not expect your ISP to actually provide service.
The idea though is that you can automate the process. E.g. unless the email has a tag on it that's valid you delete/filter the message.
Well actually yeah they did. At Crypto'03 a method for memory bound HC was presented.
So while MSFT didn't invent the original HashCash concept MSFT did improve upon it. So before anyone gets the bright idea of flaming MSFT ignorantly.... know your facts!
To who though? Recall: nuclear blast == kills off civilization. No one to pay tax to [or at least no reason to pay it since nobody is alive todo civil service]
On a more important note where is my cookie!!?!?!?!
... say throw linux on it [or wipe the drive] and donate it to a local school. You could post a bulletin in your local newspaper [usually you can find ways of doing this for free] and offer it for free.
I can imagine there are families out there that wouldn't consider a P166 [in working order] a "bad computer".
So I'd say as long as your older machines still work clean on up and offer it to someone needy.
That, or you could fill the thing with propane cylinders and explode it in a local abandonned quary. Make sure you tape it and post a url to your video later on!!!
" it's anything but slow"
;-)
It's also a memory hog!
Kiddin. Whatever I code in C. I let the compiler sort out what platform it runs on. [hint: I write portable C code so it doesn't matter]
Tom
They already tested the design and presented results in the crypto'03 paper.
Sucka.
I guess. Cuz it's important to understand how memory actually works to understand the results.
E.g. 533Mhz ram in a 3Ghz cpu is 4x faster than 66Mhz ram in a 233Mhz cpu through their system.
533/66=8
3000/233=13 [ignore the fact that IPC is higher in a P4]
So by your logic the P4 should really be about 8x faster. When in reality 533 = 4x133.
133/66 = 2
So inreality the P4 cache helps a bit but really the slowdown is better than the profile HC gives.
tom
They invented the memory bound idea.
By your logic the Rijndael team didn't invent the Rijndael cipher because all of the components existed before [just not in that configuration].
Mod parent down as -1, stupid.
Tom
Special hardware with zero-wait state ram? It's called SRAM and it's expensive since you have to implement it as a cache [e.g. on die].
So I make my program use a 16MB buffer and unless you spend a shit load of money making a device with 16MB of SRAM on die.... you don't win.
Recall also that bus width has little bearing on this system. So a 1024-bit bus won't be faster than the typical DRAM 64-bit bus.
What matters here is access time. That's why QDR has no advantage over SDR [that you see in older SDRAM modules e.g. PC66].
Tom
"And my point is that your comment is both insulting to MSR and misses the point."
How is me pointing out that the article speaks of a published paper insult MSR?
I was hoping to FP to dispel the people who are naturally going to post out how MSFT is not innovative.
You seem to be agreeing with me while arguing against my post!!!
YOU FAIL IT.
All in the implementation. You do the sending in the background at idle priority. That way while you're typing one email your client is sending the previous one.
... well you lose just like the spammers.
Yeah sure if you bulk email
Keep in mind though that I don't think msft is mandating their idea. Just saying it's a good supplement to filter spam.
Nothing is saying you can't just whitelist your friends and not use the method for email going to them.
Tom
This technique is not perfect but it is an improvement.
With normal HC your 16Mhz processor is roughly 281 times slower than a P4-3000 [assuming 1.5 IPC].
281 >> 4
Tom
yeah the bus is NOT that fast. My laptop has 266 memory but the bus is only 133Mhz.
My moms computer has 533Mhz ram but the bus is only 133Mhz.
Even DDR400 is only a 200Mhz bus.
Random access to memory is limited by the bus speed not the QDR/DDR rate.
If you have zero-waitstate memory you could essentially own the system [well it's still a slowdown but you will win overall].
However, 8MB of what essentially amounts to cache is expensive. This means now for a spammer to spam in volume they have to buy a $20,000 cpu.
The trick though, is in the original HC to make spammers slow down you have to slow down the lower end users.
MSFT research realized that if you make the memory bus the major limitation you can level most desktops. E.g. a P4-3000 is only 4 times faster than a P2-233 in terms of tag generation.
Ram is relatively cheap [even in older desktops] so you can step this upto [say] 32MB buffers. They will only be required to send an email but will totally prevent "zero-wait state 32MB cells" since they would cost a shit load of money.
Of course this makes the system useless for portables since they often have little memory to spare. At the conference the speakers suggested that the ISP would then generate tags [at a cost] for the users.
Tom
That's just it. You're wrong.
Verification != generation.
Take HC for instance. You get
R = HASH(msg || to || from || timestamp)
Then you try to find a value L such that
|R|_{k} = HASH(L)
This takes quite a bit of time depending on how many bits of R you want to colide with L.
Then I give you msg,to,from,timestamp,L
Now you can verify in one step whether L is valid. Memory bound HC [what MSFT is talking about] takes similar steps.
tom
mod parent offtopic.
The point is they did produce a result, it was published in a first tier crypto journal and the results are acknowledged as correct.
I was trying to dispell the hordes of people who would post "oh MSFT stole this idea" blah blah blah.
Tom
That's just it, reductions. HC is based on the difficulty of finding collisions in a hash. If you break HC you break the hash.
This memory-bound one doesn't have such a nice reduction but it's conjectured to be similar.
So you can't "fake the method". Sure they could put a fake header in there, e.g.
X-MBHC: BLAH
But the verifier could trivially see it was faked.
Tom
Don't take my word for it...
read the paper yourself!
Tom
I'd think the server would verify and the users would generate.
Recall that verification is trivial while generation is what takes the time.
Or the server could put the burden on the users.
The idea is not to stop spam it's to make it easier to filter out. Spammers won't take a 10,000x fold penalty increase to spam with valid tags...
Tom
Um? The point, my small minded ignorant little friend is if it takes you 10 seconds to send an email it takes spammers 10 seconds to send an email.
The real contribution MSFT made was their memory-bound HashCash which was designed to perform comparably on the latest machines [e.g. P4-3000] and the oldest machines [e.g. P2-233].
And this is part about sales but the research is freely available off the web as well as part of the Crypto'03 proceedings.
Tom
Mod parent down [-1,unsightful]
The research this is based on [presented at crypto'03] is designed to level the difference between a P4-3000 and a P2-233. They use problems where cache hits will be lower [e.g. use a 8MB buffer or something] so you end up computing at the speed of your memory bus.
If you had done some research before posting your crap you'd know this.
Tom
The technique is on page 426 of Advances in Cryptology -- Crypto 2003 [LLNCS2729].
Not exactly a monopoly here as anyone else can implement it.
Tom
Your server can do the calculations for you. That's the point. You pay for email right? [if you don't run your own server]. Then why not expect your ISP to actually provide service.
The idea though is that you can automate the process. E.g. unless the email has a tag on it that's valid you delete/filter the message.
Tom
By rejecting their emails otherwise. D'uh.
You really want to email me [or get priority over other emails] you will do as I say.
Of course you can get to the point where it's too much hassle. I think MSFT is seeking to have this built into OE [e.g. integrated]
Tom
Well actually yeah they did. At Crypto'03 a method for memory bound HC was presented.
So while MSFT didn't invent the original HashCash concept MSFT did improve upon it. So before anyone gets the bright idea of flaming MSFT ignorantly.... know your facts!
Tom
So why not preserve comics and can opening instructions? D'uh!
Tom
To who though? Recall: nuclear blast == kills off civilization. No one to pay tax to [or at least no reason to pay it since nobody is alive todo civil service]
On a more important note where is my cookie!!?!?!?!
Tom
Am I the only one who thinks if we fall victim to nuclear blasts are car insurance records are the least of our worries?
Good ol' Americans. Always thinking with their greed, er lust for power, er... American dream...
one of us. one of us. one of us.
Tom
... say throw linux on it [or wipe the drive] and donate it to a local school. You could post a bulletin in your local newspaper [usually you can find ways of doing this for free] and offer it for free.
I can imagine there are families out there that wouldn't consider a P166 [in working order] a "bad computer".
So I'd say as long as your older machines still work clean on up and offer it to someone needy.
That, or you could fill the thing with propane cylinders and explode it in a local abandonned quary. Make sure you tape it and post a url to your video later on!!!
Tom