Re:Isn't Certificates A Better Way?
on
Gates on Spam
·
· Score: 1
Because there are flaws inherent in all central authority anti-spam proposals, such as:
Who is issuing the certificate?
Are they charging for the certificate?
Is the certificate issued to the user or to the provider?
Is the issuer genuinely interested in stemming the tide of spam once it is a revenue source?
Can the certificate be compromised?
If the certificate is compromised, can the user retract the certificates authority easily?
There are already capabilities in most MUAs and MTAs that could easily be implemented to combat spam without breaking the existing infrastructure, but are not being used.
See my myotherposts in this discussion for an explanation of what those are and how they can be used.
Checking sender identity would be better done using a Public Key infrastructure rather than a centralized authority (such as VeriSign), because it allows for varying degrees of trust based on who you've had sign your key, permits a user to be relatively anonymous (except to those who he chooses to identify himself to) and actually requires the user to go out and meet someone for their key to be introduced into the "web of trust".
I was not referring to the IP address of the actual person writing the email.
Sorry, I misunderstood that poart of your post.
That person, uses his mail client to use POP3, IMAP, web mail, Exchange etc. to send his email to a server.
The senders MUA will use smtp_auth, smtp_after_pop, or some other existing method of using the users provider to send mail. This capability is already available in most MUAs, and is supported by all mailserver software that I know of.
That server then relays the email to the outside world - that server can be and usually will have a well known IP address that can be easily verified.
The address is well known because of an mx record in the domains zone file on their authoritative DNS server. The recieving mailserver can query this record (if you want to do this yourself manually, use the command "dig mx msn.com" (without the quotes) in your unix shell to see the mx records for MSN) This capability is already available in all mailserver software that I know of.
Your approach requires the user to be well known and is important if you really want to know who is sending the email.
No it doesn't. What I described did not even mention the "sender verification" capability (that already exists in all...) which I assume that most mailservers are already configured to use. "sender verification" is when the recieving mailserver checks with a mailserver for the senders domain to see if the sender is a valid user.
My method requires the sender to be known only by his service providers server.
In the approach I outlined, you don't really care who wrote the email, it is the mail server that is accountable.
Then why add the "step three" in your post? Using "sender verification" accomplishes the same end, and existing mailservers should already be configured to use it.
If the recipient wants to verify the identity sender himself, then he can require PGP, GPG, OpenPGP sigs on emails sent to him. Sender identification using PKI would be effective in preventing spam as well, because it would be easy to identify PGP sigs from spammers, or to identify spammers keys by what keys have signed them if they were to attempt to change their keys often in hopes of avoiding detection. This would likely be used in a recipients mail filters (procmail, spambeyes, spamassasin, etc.) rather than be implemented on the server. There is no reason for the recieving mailserver to verify the identity of the sender if that step has been already done by the senders mailserver already (as I described in my previous post and in my above comment).
It seems that we are describing the same or very similar approaches to the spam problem. Were just using different words to describe it. You seem to have a good understanding of what needs to be done. Becoming familiar with mailserver configuration would help. (I'm pretty lame in that regards myself, as I've only ever used Sendmail, Qmail, Postfix, or exim for a smarthost configuration.)
4. ask authority it if the user is known and what IP address it would be sending email from. 5. Is user known and does "authorized" IP address match IP address of sender? If not, discard.
This requires a sender to be on a static IP address, or for the sender to be using an IP address that was provided by their emai provider. This prevents the possibility of a user travelling with their computer, using several different networks to access the net, and use a third party email provider (such as Hotmail, GMX, or cotse).
It would be better for the recipent server to simply expect all emails to be originating from a server with an mx record in dns, and require users to send emails using smtp_auth, smtp_after_pop, etc. This would provide accurate identification of legitimate senders for the recipient domain, help administrators identify domains that are hosting spammers, and help the sending domains identify which of their users are abusing the system. Spammers would need purchase their services from "spam friendly" providers, who would likely end up on the blacklists (which would no longer suffer from misidentification of spam sources).
The result, pretty much the same as yours: No Spam, No Microsoft tax, and very little additional network overhead. Plus it uses existing protocols and would require no changes to existing mailserver or dns software besides configuration changes.
Re:I have a better idea
on
Gates on Spam
·
· Score: 1
Who would issue the certificates? Would it be a central authority (VeriSign?)? Would a certificate holder need to provide extensive personal info to the issuer or pay a periodic fee to the issuer in order for the certificate to remain valid?
How are certificates better than signing with PGP/GPG/OpenPGP? PGP signing is an easy, effective way of identifying a sender that relys on an established web of trust rather than a commercial agreement. It allows for persons to remain anonymous if they need to while providing information on who it is that has signed the senders key as being authentic. The same technology also provides for very effective encryption (using the recipients public key)that can be automated to ensure the maximum level of available privacy without being unneccessarily difficult to implement.
How is this better than rejecting emails that do not originate at a mailserver that has a mx reccord in dns? Emails can be sent through your providers server using smtp_auth, smtp_after_pop, etc. from anywhere on the internet. This would not prevent you from sending when you are on an unfamiliar network such as when you are traveling. Rejected emails could be bounced back to the sender explation of why it was rejected and asking the sender to contact their provider or system administrator if they have any questions.
I get very wary of certificate based solutions, as I tend to prefer decentralized systems over central authorities. The recent behavior of VeriSign is a good sign of what can happen to any company that is permitted to set itself up as an "official authority", and I cannot help but believe that there will be certificate issuers that abuse their position. Also, I do not like the idea of requiring registration with centralized databases of users personal information, when it is entirely unneccessary for sender identification.
Better yet, add privacy to this solution and encrypt all emails using the recipients public key. Solve two problems at once.
Requiring all emails to be sent through servers with an proper mx record (using smtp_auth, smtp_after_pop, etc) would be a much better solution to the spam problem, but the idea of automatically encrypting emails (with the recipients public key) as well as signing them (with your private key) would go a long way to solving privacy and sender verification problems without eliminating the option of remaining anonymous.
back in the 1940s, a "computer" was a young woman who sat in front of an adding machine punching in numbers.
In the 1940s, using your computer to get pr0n had a whole different meaning The quality was much better, but the availability was inconsistant and the price was much higher.
The previous generation of geeks really had it made!
Even if Kerry wins, I'm sure his administration can be bought, as well.
I guess that depends on how pissed off he is by the time he finds himself in the Oval Office. Estimating by the fact that he's still pissed off over what he saw and learned in Viet Nam, I'm pretty sure that once he's there, a lot of heads are gonna roll.
Outsourcing hurts the folks that get outsourced, but the rest of us win.
On the short term, yes, but in the long term, not at all.
You do see a lowering of prices as work is offshored, but it is at the cost of an increased trade deficit, which means money and value are leaving your economy.
If you've ever lived in a small town that lost it's locally owned businesses to chain stores, big-box outlets, and franchises, you'll know what I mean (albeit on a much smaller scale).
The cost of goods drops to the point that local businesses begin to go out of business, meaning less competition for labor / lower wages at the big-box. A large proportion of the money spent in the big-box/franchise/chain store leaves the local economy for good, putting people out of work, unable to pay their bills, unable to afford their homes and end up working at fast-food joints until the last dollar leaves town.
Trade deficits (whether local or national) are a big deal, sucking the lifeblood (money) out of the affected economy. They aggrivate the seperation of incomes, leading to growing poverty accompanied by increased crime, drug/alciohol abuse, and general social unrest, while a very small minority of people get rich.
In the case of outsourcing jobs from the US, we have money that would normally be redistributed as wages being shipped overseas, in order to increase the profits of someone who does live here, but is no longer effectively redistributing the revenues of their company. There is a net flow of cash out of the US economy, fewer jobs in the directly affected industry, and less money being spent in the United States. Those who make their living providing goods and services to the people who were laid off also feel the crunch. The only folks who profit from this are those who own large amounts of the companies that are doing the outsourcing, and the people who provide services directly to them.
Unfortunately, not everyone gets to ask Bill Gates if "he wants fries with that", and the rest of us are shit out of luck.
Phone books and other collections of facts are not copyrightable because "originality is a constitutional requirement"
If the courts currently hold originality to be a Constitutional requirement for a work to be considered copyrightable, then it's going to take more than a law in order to make mere collections of facts copyrightable material. I wonder if the lawmakers who are proposing this legislation are aware of this (or if they care).
Google provides great search results. They get money from ads, but maybe not as much as they might get from making the advertising line an invisible one.
Somehow I think that google probably makes as much or more from their advertising, as I and many other users do not mind clicking on an advertisement that is both apropriate to what I'm searching for and clearly marked as an ad. I don't know if their rates are higher or lower per showing, but even if they are lower, I would be surprised if Google Ads were not the most successful advertising on the net.
Lot's of cheap research has been and continues to be done on the researchers own tab, as long as the costs are low enough. If they are genuinely interested in the outcome, who is to say that it's not worthwhile?
Re:rate me troll, but
on
See Spot Surf
·
· Score: 2, Interesting
Waste of time, yes, but it sounds quite lucrative for the site operators.
Most of the crap here on the internet is targeted at small demographics, but due to the large geographic market, they can be quite successful.
There's probably still lots of untapped market in the pet oriented websphere. If you are a pet owner who knows how obsessive some pet owners can be, then why not? (note to self: remember this and get to work!)
Too many people here seem to expect the web to remain self-referencial forever, but how many websites about web technologies do we really need? The money is not going to be made off of geeks, rather it will be made off of the mundane, niche-market foibles and obsessions of the common person.
An explosion of that size would have been recorded on seismology equipment around the globe, and the approximate location would have been easily determined as well. Are there records of this, no.
His letter is basically "What's your plan for moving out of your parents' place?"
With the large number of unemployed programmers in the west, and the continued growth of offshoring both development and support for propietary, mostly windows based products, that's not much of an argument.
I know of no Free Software jobs that have been lost to overseas developers, but I know of countless projects for Windows that have been off-shored. What argument can be made that jobs programming propietary apps are secure? The vendors are showing that they will ship those jobs wherever the labor is cheapest.
AFAIK, the majority of lobbying for protectionist legislation has been coming from the propietary software vendors. there is little or no benefit for a company to outspource their Free or Open Source projects, as the labor cost is the same. For custom designed in-house applications, it is better and more efficient for the programmers to be close to the client.
If you are talking about the tech support market, it is the same, the jobs being outsourced are support for Microsoft products and for computers that come with Microsoft pre-installed. It looks more like it's the propietary software vendors that are driving the off-shore phenomenon, not Free and Open Source.
The exact same argument could be applied to, say, IBM's open-source contributions.
True, but most of IBM's Open Source contributions also benefit people who are not using IBM products.
Perhaps the parent poster's position would be stated better as "Microsoft's "free" software offerings still all have a direct and garaunteed benefit to Microsoft from every user of those products."
but in many circumstances people who develop free software do so independently of larger backing -- they do it out of the goodness of their heart, their desire to contribute. That doesn't pay the bills.
No, but it does give the developer expirience that he may be able to later parlay into opportunities to pay the bills.
Your argument adds up to the idea that if you have not been hired by a software firm, or if you are unable to sell the software that you write, then you should not be writing software.
Considering the state of the economy, and the fact that it is largely the propietary vendors and companies that write apps for propietary platforms that are outsourcing development, what else do you expect an American programmer who happens to be un(der)-employed to do? Not write software? Let their shit go stagnant until the job market rebounds? Just try to stop him.
What killed the market for programmers was the rush into programming as a "lucrative" career. The hundreds of thousands of uninspired looking for a high paycheck without realizing that any major that promises riches during your freshman year will be saturated and devalued by the time you graduate. This is true for all areas of study, not just CS.
Many of these people found that they had talent for the craft, and actually liked doing it. Should they stop using those skills simply because they are not getting paid to?
Many paid programmers have good ideas and inspired designs that their employers are not interested in, they can find no-one to sell the idea to, or they are uninterested in being a vendor themselves. Should these people not program?
As for the programmer not profiting from his work, I can assume you are speaking of financially, but there are few or no programmers that will actively work on a program that they do not intend to use or are not currently using. I challenge you to find me a case of a Free Software developer that is receiving no benefit at all from his work on Free Software. When a Free Software project no longer benefits the developer, he will leave the project, and someone else will find it worthwhile to continue where he left off (else, the project is no longer maintained).
He is trapped in the old thinking that software is a product that needs to be sold like it is scarce.
The actual flawed assumption is that software can remain scarce, and that laws will be effective in keeping it scarce.
Not much is scarce anymore, diamonds, rubies/saphires, emeralds all are no longer scarce, all can be manufactrured. Food is no longer scarce, just often very far away, or too expensive due to price supports (agricultural nations destroy tons of food in order to prevent price collapse).
If it's possible to make those other commodities as common as we have, then it will be impossible to enforce a "software shortage". In many respects, Free Software and Open Source Software are reactions to that reality, and it could be argued that any business model that does not consider that aspect of the software market is unreasonable.
For those guys who want to be the next Bill Gates, well, it does no good at all.
What you fail to understand is that no-one is ever again going to have the opportunities that Bill Gates has had. There will never again be a first entry monopoly opportunity for the business desktop operating system. And there will never again be an opportunity for someone to start a software business that will earn them 50 billion dollars while making the initial employees into millionairs.
Kudos to Bill Gates for recognising the opportunity that was there in the early 1980s, but the position in the market that he got with the IBM contract will never occur again in this industry.
Sure, there will still be jobs available writing software for commercial vendors, but your price point is dictated by how cheap they can get the same work done overseas, and the work will not be "creative programming", but work updating the existing codebase according to instructions handed down from the management.
Free Software enables some to create their own opportunities, whetrher it is through customizing apps for specific businesses, or offering support to organisations that choose to spend their money on that instead of on software licenses (trhat still require outside support).
Maybe the states that are still using Diebold machines know something I don't, but I really don't see why you'd want to take such a risk with something as important as voting.
There are a lot of people in the United States that do not really believe in the ability of the "common person" to make valid decisions when it comes to selecting a government. There are others who believe that democracy actually has a negative effect on a society because it counteracts what they believe to be natural selection (ei: the poor will vote for candidates that will "punish the succseful" by asking them to pay taxes in relation to the degree of their success).
These are the same people who would remove qualified scientists from an advisory panel because their findings do not support a particular ideology or business model.
They beleive that their agenda and their agenda alone defines "American Interest", and that to leave such a thing to the whim of the public would be dangerous and foolish.
Of course these are the same guys who backed Saddamm Hussein during the 1980s, and mislead the public about a (non-existant) Al-Qieda/Iraq link and Weapons of Mass Destruction.
With smtp-auth, it is still possible to send using an smtp server connected anywhere on the net, which allows accountability, but also makes it more possible to identify those providers who are allowing their users to send spam.
should be corrected to:
With smtp-auth, it is still possible to send using an smtp server connected anywhere on the net, which allows annonymity, but also makes it more possible to identify those providers who are allowing their users to send spam.
As usual, my carelessness got in the way of my expression.
Slashdot Mirror
Because there are flaws inherent in all central authority anti-spam proposals, such as:
Who is issuing the certificate?
Are they charging for the certificate?
Is the certificate issued to the user or to the provider?
Is the issuer genuinely interested in stemming the tide of spam once it is a revenue source?
Can the certificate be compromised?
If the certificate is compromised, can the user retract the certificates authority easily?
There are already capabilities in most MUAs and MTAs that could easily be implemented to combat spam without breaking the existing infrastructure, but are not being used.
See my my other posts in this discussion for an explanation of what those are and how they can be used.
Checking sender identity would be better done using a Public Key infrastructure rather than a centralized authority (such as VeriSign), because it allows for varying degrees of trust based on who you've had sign your key, permits a user to be relatively anonymous (except to those who he chooses to identify himself to) and actually requires the user to go out and meet someone for their key to be introduced into the "web of trust".
I was not referring to the IP address of the actual person writing the email.
Sorry, I misunderstood that poart of your post.
That person, uses his mail client to use POP3, IMAP, web mail, Exchange etc. to send his email to a server.
The senders MUA will use smtp_auth, smtp_after_pop, or some other existing method of using the users provider to send mail. This capability is already available in most MUAs, and is supported by all mailserver software that I know of.
That server then relays the email to the outside world - that server can be and usually will have a well known IP address that can be easily verified.
The address is well known because of an mx record in the domains zone file on their authoritative DNS server. The recieving mailserver can query this record (if you want to do this yourself manually, use the command "dig mx msn.com" (without the quotes) in your unix shell to see the mx records for MSN) This capability is already available in all mailserver software that I know of.
Your approach requires the user to be well known and is important if you really want to know who is sending the email.
No it doesn't. What I described did not even mention the "sender verification" capability (that already exists in all...) which I assume that most mailservers are already configured to use. "sender verification" is when the recieving mailserver checks with a mailserver for the senders domain to see if the sender is a valid user.
My method requires the sender to be known only by his service providers server.
In the approach I outlined, you don't really care who wrote the email, it is the mail server that is accountable.
Then why add the "step three" in your post? Using "sender verification" accomplishes the same end, and existing mailservers should already be configured to use it.
If the recipient wants to verify the identity sender himself, then he can require PGP, GPG, OpenPGP sigs on emails sent to him. Sender identification using PKI would be effective in preventing spam as well, because it would be easy to identify PGP sigs from spammers, or to identify spammers keys by what keys have signed them if they were to attempt to change their keys often in hopes of avoiding detection. This would likely be used in a recipients mail filters (procmail, spambeyes, spamassasin, etc.) rather than be implemented on the server. There is no reason for the recieving mailserver to verify the identity of the sender if that step has been already done by the senders mailserver already (as I described in my previous post and in my above comment).
It seems that we are describing the same or very similar approaches to the spam problem. Were just using different words to describe it. You seem to have a good understanding of what needs to be done. Becoming familiar with mailserver configuration would help. (I'm pretty lame in that regards myself, as I've only ever used Sendmail, Qmail, Postfix, or exim for a smarthost configuration.)
4. ask authority it if the user is known and what IP address it would be sending email from.
5. Is user known and does "authorized" IP address match IP address of sender? If not, discard.
This requires a sender to be on a static IP address, or for the sender to be using an IP address that was provided by their emai provider. This prevents the possibility of a user travelling with their computer, using several different networks to access the net, and use a third party email provider (such as Hotmail, GMX, or cotse).
It would be better for the recipent server to simply expect all emails to be originating from a server with an mx record in dns, and require users to send emails using smtp_auth, smtp_after_pop, etc. This would provide accurate identification of legitimate senders for the recipient domain, help administrators identify domains that are hosting spammers, and help the sending domains identify which of their users are abusing the system. Spammers would need purchase their services from "spam friendly" providers, who would likely end up on the blacklists (which would no longer suffer from misidentification of spam sources).
The result, pretty much the same as yours: No Spam, No Microsoft tax, and very little additional network overhead. Plus it uses existing protocols and would require no changes to existing mailserver or dns software besides configuration changes.
Who would issue the certificates?
Would it be a central authority (VeriSign?)?
Would a certificate holder need to provide extensive personal info to the issuer or pay a periodic fee to the issuer in order for the certificate to remain valid?
How are certificates better than signing with PGP/GPG/OpenPGP?
PGP signing is an easy, effective way of identifying a sender that relys on an established web of trust rather than a commercial agreement. It allows for persons to remain anonymous if they need to while providing information on who it is that has signed the senders key as being authentic. The same technology also provides for very effective encryption (using the recipients public key)that can be automated to ensure the maximum level of available privacy without being unneccessarily difficult to implement.
How is this better than rejecting emails that do not originate at a mailserver that has a mx reccord in dns?
Emails can be sent through your providers server using smtp_auth, smtp_after_pop, etc. from anywhere on the internet. This would not prevent you from sending when you are on an unfamiliar network such as when you are traveling. Rejected emails could be bounced back to the sender explation of why it was rejected and asking the sender to contact their provider or system administrator if they have any questions.
I get very wary of certificate based solutions, as I tend to prefer decentralized systems over central authorities. The recent behavior of VeriSign is a good sign of what can happen to any company that is permitted to set itself up as an "official authority", and I cannot help but believe that there will be certificate issuers that abuse their position. Also, I do not like the idea of requiring registration with centralized databases of users personal information, when it is entirely unneccessary for sender identification.
Better yet, add privacy to this solution and encrypt all emails using the recipients public key. Solve two problems at once.
Requiring all emails to be sent through servers with an proper mx record (using smtp_auth, smtp_after_pop, etc) would be a much better solution to the spam problem, but the idea of automatically encrypting emails (with the recipients public key) as well as signing them (with your private key) would go a long way to solving privacy and sender verification problems without eliminating the option of remaining anonymous.
back in the 1940s, a "computer" was a young woman who sat in front of an adding machine punching in numbers.
In the 1940s, using your computer to get pr0n had a whole different meaning The quality was much better, but the availability was inconsistant and the price was much higher.
The previous generation of geeks really had it made!
Even if Kerry wins, I'm sure his administration can be bought, as well.
I guess that depends on how pissed off he is by the time he finds himself in the Oval Office. Estimating by the fact that he's still pissed off over what he saw and learned in Viet Nam, I'm pretty sure that once he's there, a lot of heads are gonna roll.
Outsourcing hurts the folks that get outsourced, but the rest of us win.
On the short term, yes, but in the long term, not at all.
You do see a lowering of prices as work is offshored, but it is at the cost of an increased trade deficit, which means money and value are leaving your economy.
If you've ever lived in a small town that lost it's locally owned businesses to chain stores, big-box outlets, and franchises, you'll know what I mean (albeit on a much smaller scale).
The cost of goods drops to the point that local businesses begin to go out of business, meaning less competition for labor / lower wages at the big-box. A large proportion of the money spent in the big-box/franchise/chain store leaves the local economy for good, putting people out of work, unable to pay their bills, unable to afford their homes and end up working at fast-food joints until the last dollar leaves town.
Trade deficits (whether local or national) are a big deal, sucking the lifeblood (money) out of the affected economy. They aggrivate the seperation of incomes, leading to growing poverty accompanied by increased crime, drug/alciohol abuse, and general social unrest, while a very small minority of people get rich.
In the case of outsourcing jobs from the US, we have money that would normally be redistributed as wages being shipped overseas, in order to increase the profits of someone who does live here, but is no longer effectively redistributing the revenues of their company. There is a net flow of cash out of the US economy, fewer jobs in the directly affected industry, and less money being spent in the United States. Those who make their living providing goods and services to the people who were laid off also feel the crunch. The only folks who profit from this are those who own large amounts of the companies that are doing the outsourcing, and the people who provide services directly to them.
Unfortunately, not everyone gets to ask Bill Gates if "he wants fries with that", and the rest of us are shit out of luck.
and his "ex-girlfriend" name (Deborah)
Her being his wife might just qualify her as an "ex-girlfriend", I guess.
Phone books and other collections of facts are not copyrightable because "originality is a constitutional requirement"
If the courts currently hold originality to be a Constitutional requirement for a work to be considered copyrightable, then it's going to take more than a law in order to make mere collections of facts copyrightable material. I wonder if the lawmakers who are proposing this legislation are aware of this (or if they care).
Google provides great search results. They get money from ads, but maybe not as much as they might get from making the advertising line an invisible one.
Somehow I think that google probably makes as much or more from their advertising, as I and many other users do not mind clicking on an advertisement that is both apropriate to what I'm searching for and clearly marked as an ad. I don't know if their rates are higher or lower per showing, but even if they are lower, I would be surprised if Google Ads were not the most successful advertising on the net.
Who said it was government funded?
Lot's of cheap research has been and continues to be done on the researchers own tab, as long as the costs are low enough. If they are genuinely interested in the outcome, who is to say that it's not worthwhile?
Waste of time, yes, but it sounds quite lucrative for the site operators.
Most of the crap here on the internet is targeted at small demographics, but due to the large geographic market, they can be quite successful.
There's probably still lots of untapped market in the pet oriented websphere. If you are a pet owner who knows how obsessive some pet owners can be, then why not? (note to self: remember this and get to work!)
Too many people here seem to expect the web to remain self-referencial forever, but how many websites about web technologies do we really need? The money is not going to be made off of geeks, rather it will be made off of the mundane, niche-market foibles and obsessions of the common person.
An explosion of that size would have been recorded on seismology equipment around the globe, and the approximate location would have been easily determined as well. Are there records of this, no.
It did not happen.
How about time?
I know what most will say next:
"Time = Money"
but I propose you a challenge:
Take some of that money to your boss and try to get your time back. Then you'll realize who's getting the better deal.
His letter is basically "What's your plan for moving out of your parents' place?"
With the large number of unemployed programmers in the west, and the continued growth of offshoring both development and support for propietary, mostly windows based products, that's not much of an argument.
I know of no Free Software jobs that have been lost to overseas developers, but I know of countless projects for Windows that have been off-shored. What argument can be made that jobs programming propietary apps are secure? The vendors are showing that they will ship those jobs wherever the labor is cheapest.
Please supply links to back up your claims.
AFAIK, the majority of lobbying for protectionist legislation has been coming from the propietary software vendors. there is little or no benefit for a company to outspource their Free or Open Source projects, as the labor cost is the same. For custom designed in-house applications, it is better and more efficient for the programmers to be close to the client.
If you are talking about the tech support market, it is the same, the jobs being outsourced are support for Microsoft products and for computers that come with Microsoft pre-installed. It looks more like it's the propietary software vendors that are driving the off-shore phenomenon, not Free and Open Source.
The exact same argument could be applied to, say, IBM's open-source contributions.
True, but most of IBM's Open Source contributions also benefit people who are not using IBM products.
Perhaps the parent poster's position would be stated better as "Microsoft's "free" software offerings still all have a direct and garaunteed benefit to Microsoft from every user of those products."
but in many circumstances people who develop free software do so independently of larger backing -- they do it out of the goodness of their heart, their desire to contribute. That doesn't pay the bills.
No, but it does give the developer expirience that he may be able to later parlay into opportunities to pay the bills.
Your argument adds up to the idea that if you have not been hired by a software firm, or if you are unable to sell the software that you write, then you should not be writing software.
Considering the state of the economy, and the fact that it is largely the propietary vendors and companies that write apps for propietary platforms that are outsourcing development, what else do you expect an American programmer who happens to be un(der)-employed to do? Not write software? Let their shit go stagnant until the job market rebounds? Just try to stop him.
What killed the market for programmers was the rush into programming as a "lucrative" career. The hundreds of thousands of uninspired looking for a high paycheck without realizing that any major that promises riches during your freshman year will be saturated and devalued by the time you graduate. This is true for all areas of study, not just CS.
Many of these people found that they had talent for the craft, and actually liked doing it. Should they stop using those skills simply because they are not getting paid to?
Many paid programmers have good ideas and inspired designs that their employers are not interested in, they can find no-one to sell the idea to, or they are uninterested in being a vendor themselves. Should these people not program?
As for the programmer not profiting from his work, I can assume you are speaking of financially, but there are few or no programmers that will actively work on a program that they do not intend to use or are not currently using. I challenge you to find me a case of a Free Software developer that is receiving no benefit at all from his work on Free Software. When a Free Software project no longer benefits the developer, he will leave the project, and someone else will find it worthwhile to continue where he left off (else, the project is no longer maintained).
He is trapped in the old thinking that software is a product that needs to be sold like it is scarce.
The actual flawed assumption is that software can remain scarce, and that laws will be effective in keeping it scarce.
Not much is scarce anymore, diamonds, rubies/saphires, emeralds all are no longer scarce, all can be manufactrured. Food is no longer scarce, just often very far away, or too expensive due to price supports (agricultural nations destroy tons of food in order to prevent price collapse).
If it's possible to make those other commodities as common as we have, then it will be impossible to enforce a "software shortage". In many respects, Free Software and Open Source Software are reactions to that reality, and it could be argued that any business model that does not consider that aspect of the software market is unreasonable.
For those guys who want to be the next Bill Gates, well, it does no good at all.
What you fail to understand is that no-one is ever again going to have the opportunities that Bill Gates has had. There will never again be a first entry monopoly opportunity for the business desktop operating system. And there will never again be an opportunity for someone to start a software business that will earn them 50 billion dollars while making the initial employees into millionairs.
Kudos to Bill Gates for recognising the opportunity that was there in the early 1980s, but the position in the market that he got with the IBM contract will never occur again in this industry.
Sure, there will still be jobs available writing software for commercial vendors, but your price point is dictated by how cheap they can get the same work done overseas, and the work will not be "creative programming", but work updating the existing codebase according to instructions handed down from the management.
Free Software enables some to create their own opportunities, whetrher it is through customizing apps for specific businesses, or offering support to organisations that choose to spend their money on that instead of on software licenses (trhat still require outside support).
I'm a little surprised the contest organizers left the free selection of CC licenses open to the entrants.
Considering the motivation behind the Creative Commons organisation, I'd be a little surpirised if they didn't.
Besides, to license the "Mix Tape" video under anything other than a ShareAlike license would have been a little too ironic.
Maybe the states that are still using Diebold machines know something I don't, but I really don't see why you'd want to take such a risk with something as important as voting.
There are a lot of people in the United States that do not really believe in the ability of the "common person" to make valid decisions when it comes to selecting a government. There are others who believe that democracy actually has a negative effect on a society because it counteracts what they believe to be natural selection (ei: the poor will vote for candidates that will "punish the succseful" by asking them to pay taxes in relation to the degree of their success).
These are the same people who would remove qualified scientists from an advisory panel because their findings do not support a particular ideology or business model.
They beleive that their agenda and their agenda alone defines "American Interest", and that to leave such a thing to the whim of the public would be dangerous and foolish.
Of course these are the same guys who backed Saddamm Hussein during the 1980s, and mislead the public about a (non-existant) Al-Qieda/Iraq link and Weapons of Mass Destruction.
perhaps you might find their four-episode Creation Vs Evolution series enlightening.
Not only do I find it enightnening that these are the guys hired to sell DHS and the Patriot act to us, I find it downright scary.
the sentance:
With smtp-auth, it is still possible to send using an smtp server connected anywhere on the net, which allows accountability, but also makes it more possible to identify those providers who are allowing their users to send spam.
should be corrected to:
With smtp-auth, it is still possible to send using an smtp server connected anywhere on the net, which allows annonymity, but also makes it more possible to identify those providers who are allowing their users to send spam.
As usual, my carelessness got in the way of my expression.