I figure out the 'legitimate' addressess manually -- any machine in your 'legitimate' email delivery path should be listed... I.E. primary and secondary MXs..
Note that if you use this to 'report' messages delivered to you via mailing list, you must include the IPs associated with the mailing lists as well. Any address not in the 'legitimate' list is presumed to be the first IP in the SPAM chain (i.e. an Open Relay, the ISP relay of the spambot, or the spambot itself).
To what end? Just delete and move on? Forget about it?
No. I set the junk mail controls to move junk to a separate folder. That allows me to deal with it on my own terms. and at my own time.
Check my note on shutting down zombies.
My first response was 'Thanks you creeps -- you just createad a new monster'.... But I've been thinking the same things for years, and it's only time before spammers do this sort of garbage.
One thing to note, however... Once you start mining information from a Zombie (which -- to be honest has already been done), it makes it easier to identify the zombie and shut it down. (I.e. if I get a spam with information from mikie's machine, I'll immediately phone him and tell him to shut down and clean up his machine. Now mikeie's machine is unavailable to the spammers.)
I think that that is the real reason why zombie systems don't use data mining.... It's like an 'undercover' cop who fingers every low-level pusher-addict he runs into.... He'll never live long enough to get the information he wants on what goes on inside the biker gang's 'clubhouse'.
This is one of the things that I do... I wrote a filter that peels apart an email, removes the 'legitimate' IPs in the Received: headers collected en route, and attempts to send an email to the IP responsible for the source of the email. It usually takes them a while, but they will shut down the responsible zombie.
I stopped doing that for a couple of months, and my spam climbed to unbearable levels. I started using the script again a couple of days ago, and the spam I've been getting has already dropped noticably.
There are only two things that will stop a spammer:
1: Make it financially unviable for them to spam,
2: Make it physically inviable for them to sepam (e.g. prison)
Other than true (and truly illegal) violence, like shooting spammers, #2 is pretty much the domain of the government -- and they've been notably lax at doing so.
Blue security goes path number one, and attacks the statistics of spam.
The spamming industry is based on the fact that 99.99% of the spam that they send out is ignored, and that pretty much all of the responses they get back are actuall business.
You see, the really wierd thing is that if everybody responded to every spam that they got and, for example, asked the spammer to stop -- or simply visited the site, and did nothing else with it, they'd be blasted into complete oblivion.
If we each responded to one spam per day, with bogus information, they'd never be able to filter out the "good" marks from all of our bogus info.
The fact that they are attacking blue is an indication that Blue security is having an effect
If you think that spam is a bad thing, then follow up on blue security --
Go to their 'mortage' sites, and plug in false informatin.
set up a wget script to 'visit' their web site 3 or 4 times.
Respond to their emails (from a throwaway email address) telling them to go away.
That's all it takes... 10 million people responding at a far lower level than the Blue Security users are would be more than enough to blanket these creeps in unusable data.
And it's not illegal -- all each person is doing is responding to their messages.
In a second to Marxist's comments: May I suggest Mozilla Thunderbird (I'm presuming that you're not already running Linux). It should eat those emails pretty quickly. Just turn on the "junk mail" controls and start marking those emails as junk.
That's the term that's bandied about in the legal profession... It's the kind of case which might just make a judge want to do away with those pesky things known as civil liberties and constitutional rights.
Sometimes a judge takes the bait. Sometimes they can be talked out of it. In any case, the full cost of such a decision may be felt months, years or even decades later.
In any case, the real impediment to persecuting(sic) child pornsters is resource allocation, not a lack of civil liberties and privacy.
Is anyone actually dumb enough to think this is about child porn?
It's not that Microsoft waited until the patch was 'perfect' to release it. It's that somebody in marketing determined that it's hurting their public image to be releasing 'critical security releases' 2-3times per week/month/day (depending on how bad the week/month/day is). Instead, they're now releasing patches on a fixed monthly schedule no matter when the fix is ready.
This makes things easier on the marketing people who don't have to deal with complaints about security patches coming out far too often, but it also means that customers can be exposed to serious (effectively 'zero-day')exploits for up to a month at a time before MS's monthly release kicks in.
In time, we're going to see hackers 'releasing' their exploits on the Wednesday after patch-day to maximize how many machines they can exploit before the next MS 'patch day'.` It's a stupid way of 'serving your customer'.
Even if the rest of the scientific community disagrees with what comes from the gas-compny sponsered research, these people can now always publish their results openly on the net. If they prove to have traction, people will start listening, sooner or later.
What I find more interesting, however, is that even oil company executives are starting to climb on board the global warming bandwagon. When that happens, you know that there is something interesting going on.
Current global research isn't likely to be perfect, but as far as we can tell it's about as accurate as we can get it. Sometimes the minority is correct, but that's usually when a presumption is given force of law. Global warming has had to fight it's way from 'interesting/flaky idea' to 'pretty much proven', so I rather doubt that it's devoid of any merits.
Start an investigation against a big spammer, and you tap into the email of anybody in australia.
Re:Gorgeous? Take beer goggles off please!
on
The Real Purpose of DRM
·
· Score: 4, Insightful
All you can really tell from the picture is that she's not ugly. As a sometimes photographer, I'd say that they're not particularly flattering pictures.
I've seen people go from drab to sexy with just a change of clothes. These webcam images say that there's a good bit of room for potential. I definitely not expect a date with her to be drab.
.... and a freaking school photo! How many hot babes do you know that have ID pictures that make them look like complete blobs? Besides. Intelligence counts for alot, and she seems to be missing nothing there. we can work on the rest later.
In related nows, RMS announced that the new GPL3 (and LGPL3) would alow users to go closed source. Speaking from his new 40ft yacht (he still hasn't explained where it came from) near his new Martha's Vinyard mansion (ditto), he announced "Linux was having a hissy fit over DRM, so I decided 'oh, why bother?'."
Asked if this meant that he was abandoning the Free Software Crusade, RMS replied I still think that Open Source is a Good Idea(tm), I'm just tired of being the whipping boy of Linus and Perens and others who think that I'm too radical. If they want Open Source, they can have it, but they're not gonna have stickly Dick to slap around any more.
When asked about his new 'toys', Stallman only said "The foundation needs these things to do good lobbying, and we finally got a donation big enough to allow the purchase. There's nothing untoward going on here". In response to further questioning on the line, he walked this reporter to the door and butted him out with his newly implanted horns.
When told about this new development, Perens threw a chair at this reporter and screamed "I've killed Open BSSD and I'll kill Gnu too!!" then chased him off the grounds with a smoking barbecue fork.
When reached by phone, Linus simply said "Yeah, whatever. I'll deal with it tomorrow".
(Note to people who say that this is stealing, or theft of signal, or whatever: Yes. It is. So is xeroxing a library book instead of purchasing it.)
There is a lot of honestly free data coming off of the sattelites. NASA, for example has their live feed channel(s). Not only are they fine with you catching those signals, much of their stuff is public domain by law. (stuff that is produced by contractors might still be copyright). Then there's all sorts of interesting telemetry. If you know how to decode it, I'd expect that much of NASA's survey imagery is also unencrypted.
The stuff that's encrypted, is probably going to be illegal to decode (according to the DMCA). The stuff that just has wierd encoding, however, should be free to decode. If you only use it personally, then you're almost guaranteed to be safe (IANAL). If you want to use it commercially, then you need to make sure that you're using government data that is (1) public domain and (1) not 'top secret' ( although somebody at the NSA should be shot if they're still transmitting top secret data unencrypted.)
The presumption of the article is that the indicated viruses make it easier to get fat. Reducing diet will help to cut the fat in both infected in uninfected cases, but if you're infected, they think that you would have to cut your intake more than an uninfected persion to gain stability.
The other point is that the known solutions to obesity are a response to the known causes. Nobody would think to prescribe antiviral drugs to someone who suddenly starts gaining weight without a recognizable cause (like change in diet/activity) if we didn't suspect viruses as a possible cauese of obesity (even if it is a relatively rare cause, at lest doctors might now know what special symptoms to look for).
If they cornered the market on both OS and AntiVirus, it might make it harder for them to avoid culpability when the next Windows pandemic breaks loose.
The researchers are haveing a hard time finding people who are infected with the 'obese' viruse ad-37, so I don't think it's all to common of an issue. (although they do mention that 'a significant' number of obese people are infected with ad-36, they don't mention what proportion that 'significant' number is).
Does anybody have pointers to numbers for the other two viruses?
Viruses aren't the only medical condition that can cause obesity, by the way. Various hormonal problems (thyroid comes to mind) can cause obesity as well. Even so, I'm expecting that they'll still find tha more than half of North American obesity is not environment related (other than an environment with an abundance of food).
They sent legal papers to the offices of the Wikimedia Foundation in Florida, demanding they appoint a representative in Germany to defend the case.
Even though wikipedia.de is owned by a German organization, some of that organizations' directors might include be certain persons who live/work in Florida.
Just like suing Microsoft-Canada might require me to send letters to a mister "Bill G. (no full names mentioned!)" who lives near Seattle but is still a director of the Canadian company. Just because I'm sending demand letters to Bill G. in Redmond doesn't mean that I'm suing the parent company... I'm just informing the foreign directors of the Canadian company.
I mean, it's not like Microsoft really has that many security issues -- I mean, their last big blow up was way back last year. (and don't get your nose out of joint about how long this year is... It's about the same length as any other year:-).
"License Violators Could be Breaking Securities Law"
Some people think that just because someone is being nice to you, you can walk all over them. People who think like that could find them selves in a deeper pile of doo-doo than they expected if they treat GPL software like it was Public doman and try to 'steal' the code by putting it into closed-source products... . . .
(of course, if you were trying to do this with Microsoft software, you would have had BSA people all over you 6 months before this point.)
If you don't install the latest Microsoft update when Redmond offers it to you (say, because it blows up your financial reporting system), then you are in violation of their EULA, and must clean all your hard disks of their OS. If, at this point, you don't warn your shareholders that your company is running on unlicensed copies of MS Windwos, then you are also in violation of SOx.
What do you mean, you didn't read your EULA? --- ah, pathetic humans.
Three broad categories. Nobody other than Microsoft managed to create software buggy enough to qualify for their own category. PR geeks somehow manage to turn this into a plus for microsoft.
That various reporters managed to mis-construe this seemingly obvious fact is only peripherally CERT's fault. I've been on the inside of enough news stories to know that very few facts make it past a news editor's desk unscathed.
The basic problem with ID is that it comes from people who claim that they have the answer to all questions. They, essentially, claim to be your personal route to god -- believe in them and all will be answered. This answeres the human urge to want to 'know' about everything.
Now, where do they get this authority?? Well from God himself -- via the bible. Well, if these people have the answer to all things, and they get that authority from the bible, then the bible must (somehow) have the answer to all questions -- like where did the world come from (creationism), or how do bees fly (God's Magic).
Now that they have the answer to all things ("it's magic/god's will" being the default), they can point to science as being 'flawed' because scientists are willing to objectively acknowledge that they don't have the answer to some questions (like 'how do bees fly' -- which was actually answered a few years ago).
But don't worry -- now that this question has been answered (again!), they'll just go on using it as an example of how science doesn't work because "Everybody knows that scientists don't know how bees fly".
You see, scientific solutions are irrelevant to these people.
This makes them something of a double threat. IF MS takes out IBM, they're probably gonna trash Linux with the bundle. IBM's support gives Linux a good deal of respect in the business world.
Then there's google.... Also a Linux user/proponent.
And apple insists on using Open Source (BSD) too....
So Microsoft's top-3 opponents are Open Source friendly companies.
The point about "trustworthy computing" is that you are giving over control of your computer to some other semi-random person who can then force your computer to do, or not do, whatever they want it to.
It all comes down to the question: Who do you trust? A company like Microsoft that has made billions of dollars with sometimes shady and even outright illegal business practices, or a bunch of diehard security enthusiasts who just hate to see their (and other people's) computers hacked?
No matter how you answer the question, it's likely to be an obvious answer.
For you.
Slashdot Mirror
I figure out the 'legitimate' addressess manually -- any machine in your 'legitimate' email delivery path should be listed... I.E. primary and secondary MXs ..
Note that if you use this to 'report' messages delivered to you via mailing list, you must include the IPs associated with the mailing lists as well. Any address not in the 'legitimate' list is presumed to be the first IP in the SPAM chain (i.e. an Open Relay, the ISP relay of the spambot, or the spambot itself).
No. I set the junk mail controls to move junk to a separate folder. That allows me to deal with it on my own terms. and at my own time.
Check my note on shutting down zombies.
That should have been:
and attempts to send an email to the ISP responsible
(fyi: It involves a reverse DNS lookup and abuse.net records)
One thing to note, however... Once you start mining information from a Zombie (which -- to be honest has already been done), it makes it easier to identify the zombie and shut it down. (I.e. if I get a spam with information from mikie's machine, I'll immediately phone him and tell him to shut down and clean up his machine. Now mikeie's machine is unavailable to the spammers.)
I think that that is the real reason why zombie systems don't use data mining.... It's like an 'undercover' cop who fingers every low-level pusher-addict he runs into.... He'll never live long enough to get the information he wants on what goes on inside the biker gang's 'clubhouse'.
This is one of the things that I do... I wrote a filter that peels apart an email, removes the 'legitimate' IPs in the Received: headers collected en route, and attempts to send an email to the IP responsible for the source of the email. It usually takes them a while, but they will shut down the responsible zombie.
I stopped doing that for a couple of months, and my spam climbed to unbearable levels. I started using the script again a couple of days ago, and the spam I've been getting has already dropped noticably.
1: Make it financially unviable for them to spam,
2: Make it physically inviable for them to sepam (e.g. prison)
Other than true (and truly illegal) violence, like shooting spammers, #2 is pretty much the domain of the government -- and they've been notably lax at doing so.
Blue security goes path number one, and attacks the statistics of spam.
The spamming industry is based on the fact that 99.99% of the spam that they send out is ignored, and that pretty much all of the responses they get back are actuall business.
You see, the really wierd thing is that if everybody responded to every spam that they got and, for example, asked the spammer to stop -- or simply visited the site, and did nothing else with it, they'd be blasted into complete oblivion.
If we each responded to one spam per day, with bogus information, they'd never be able to filter out the "good" marks from all of our bogus info.
The fact that they are attacking blue is an indication that Blue security is having an effect
If you think that spam is a bad thing, then follow up on blue security --
- Go to their 'mortage' sites, and plug in false informatin.
- set up a wget script to 'visit' their web site 3 or 4 times.
- Respond to their emails (from a throwaway email address) telling them to go away.
That's all it takes... 10 million people responding at a far lower level than the Blue Security users are would be more than enough to blanket these creeps in unusable data.And it's not illegal -- all each person is doing is responding to their messages.
In a second to Marxist's comments: May I suggest Mozilla Thunderbird (I'm presuming that you're not already running Linux). It should eat those emails pretty quickly. Just turn on the "junk mail" controls and start marking those emails as junk.
I think that the word you're looking for is 'patriot'.
Sometimes a judge takes the bait. Sometimes they can be talked out of it. In any case, the full cost of such a decision may be felt months, years or even decades later.
In any case, the real impediment to persecuting(sic) child pornsters is resource allocation, not a lack of civil liberties and privacy. Is anyone actually dumb enough to think this is about child porn?
This makes things easier on the marketing people who don't have to deal with complaints about security patches coming out far too often, but it also means that customers can be exposed to serious (effectively 'zero-day')exploits for up to a month at a time before MS's monthly release kicks in.
In time, we're going to see hackers 'releasing' their exploits on the Wednesday after patch-day to maximize how many machines they can exploit before the next MS 'patch day'.` It's a stupid way of 'serving your customer'.
What I find more interesting, however, is that even oil company executives are starting to climb on board the global warming bandwagon. When that happens, you know that there is something interesting going on.
Current global research isn't likely to be perfect, but as far as we can tell it's about as accurate as we can get it. Sometimes the minority is correct, but that's usually when a presumption is given force of law. Global warming has had to fight it's way from 'interesting/flaky idea' to 'pretty much proven', so I rather doubt that it's devoid of any merits.
Start an investigation against a big spammer, and you tap into the email of anybody in australia.
I've seen people go from drab to sexy with just a change of clothes. These webcam images say that there's a good bit of room for potential. I definitely not expect a date with her to be drab.
Asked if this meant that he was abandoning the Free Software Crusade, RMS replied I still think that Open Source is a Good Idea(tm), I'm just tired of being the whipping boy of Linus and Perens and others who think that I'm too radical. If they want Open Source, they can have it, but they're not gonna have stickly Dick to slap around any more.
When asked about his new 'toys', Stallman only said "The foundation needs these things to do good lobbying, and we finally got a donation big enough to allow the purchase. There's nothing untoward going on here". In response to further questioning on the line, he walked this reporter to the door and butted him out with his newly implanted horns.
When told about this new development, Perens threw a chair at this reporter and screamed "I've killed Open BSSD and I'll kill Gnu too!!" then chased him off the grounds with a smoking barbecue fork.
When reached by phone, Linus simply said "Yeah, whatever. I'll deal with it tomorrow".
There is a lot of honestly free data coming off of the sattelites. NASA, for example has their live feed channel(s). Not only are they fine with you catching those signals, much of their stuff is public domain by law. (stuff that is produced by contractors might still be copyright). Then there's all sorts of interesting telemetry. If you know how to decode it, I'd expect that much of NASA's survey imagery is also unencrypted.
The stuff that's encrypted, is probably going to be illegal to decode (according to the DMCA). The stuff that just has wierd encoding, however, should be free to decode. If you only use it personally, then you're almost guaranteed to be safe (IANAL). If you want to use it commercially, then you need to make sure that you're using government data that is (1) public domain and (1) not 'top secret' ( although somebody at the NSA should be shot if they're still transmitting top secret data unencrypted.)
The other point is that the known solutions to obesity are a response to the known causes. Nobody would think to prescribe antiviral drugs to someone who suddenly starts gaining weight without a recognizable cause (like change in diet/activity) if we didn't suspect viruses as a possible cauese of obesity (even if it is a relatively rare cause, at lest doctors might now know what special symptoms to look for).
If they cornered the market on both OS and AntiVirus, it might make it harder for them to avoid culpability when the next Windows pandemic breaks loose.
Does anybody have pointers to numbers for the other two viruses?
Viruses aren't the only medical condition that can cause obesity, by the way. Various hormonal problems (thyroid comes to mind) can cause obesity as well. Even so, I'm expecting that they'll still find tha more than half of North American obesity is not environment related (other than an environment with an abundance of food).
Even though wikipedia.de is owned by a German organization, some of that organizations' directors might include be certain persons who live/work in Florida.
Just like suing Microsoft-Canada might require me to send letters to a mister "Bill G. (no full names mentioned!)" who lives near Seattle but is still a director of the Canadian company. Just because I'm sending demand letters to Bill G. in Redmond doesn't mean that I'm suing the parent company... I'm just informing the foreign directors of the Canadian company.
I mean, it's not like Microsoft really has that many security issues -- I mean, their last big blow up was way back last year. (and don't get your nose out of joint about how long this year is... It's about the same length as any other year :-).
Some people think that just because someone is being nice to you, you can walk all over them. People who think like that could find them selves in a deeper pile of doo-doo than they expected if they treat GPL software like it was Public doman and try to 'steal' the code by putting it into closed-source products. .. . . .
(of course, if you were trying to do this with Microsoft software, you would have had BSA people all over you 6 months before this point.)
What do you mean, you didn't read your EULA? --- ah, pathetic humans.
That various reporters managed to mis-construe this seemingly obvious fact is only peripherally CERT's fault. I've been on the inside of enough news stories to know that very few facts make it past a news editor's desk unscathed.
Now, where do they get this authority?? Well from God himself -- via the bible. Well, if these people have the answer to all things, and they get that authority from the bible, then the bible must (somehow) have the answer to all questions -- like where did the world come from (creationism), or how do bees fly (God's Magic).
Now that they have the answer to all things ("it's magic/god's will" being the default), they can point to science as being 'flawed' because scientists are willing to objectively acknowledge that they don't have the answer to some questions (like 'how do bees fly' -- which was actually answered a few years ago).
But don't worry -- now that this question has been answered (again!), they'll just go on using it as an example of how science doesn't work because "Everybody knows that scientists don't know how bees fly".
You see, scientific solutions are irrelevant to these people.
Then there's google.... Also a Linux user/proponent.
And apple insists on using Open Source (BSD) too....
So Microsoft's top-3 opponents are Open Source friendly companies.
See a pattern there?
It all comes down to the question: Who do you trust? A company like Microsoft that has made billions of dollars with sometimes shady and even outright illegal business practices, or a bunch of diehard security enthusiasts who just hate to see their (and other people's) computers hacked?
No matter how you answer the question, it's likely to be an obvious answer.
For you.