My wife was born in Viet Nam and spent the first 30 years of her life there, and she's been saying that for years, too. She has an absolutely bulletproof immune system; she almost never gets sick, even when everyone around her has a cold, and on those rare occasions when she does, she shakes it off faster than anyone else. Her siblings are all the same way. She attributes this to the fact that there wasn't much vaccine (or knowledge of hygienic practice) in VN when she was a kid. Not much in the way of antibiotics, either, so you just had to get well on your own if you got sick.
Although I believe the punishment did not fit the crime in this case, I agree completely with your stance.
There is a car that belongs to someone somewhere in my neighborhood that has license plate frames which read "Fuck the princess, I'm the queen." Obviously a real class act. Freedom of speech, yadayada, but I've found myself behind this vehicle twice in the last week, fortunately *after* dropping my 6 and 7 year old kids off at school. They both read above grade level, and the 7 year old reads _way_ above grade level, so if they should happen to see said license plate frame (and believe me, those girls will zero in on the word "princess" like heat-seeking missiles after a plane), I'm going to hear "Daddy, what does 'fuck the princess' mean?" I can't wait to field that one:p Having that on one's vehicle certainly makes a personal statement; the statement is "Look what a low-class jerk I am."
There are a lot of theories about how we as a culture and nation got to this point where the only class that seems to matter is low class, and all of them probably have some merit, but here we are. We may never get back to a point where there is some standard of public morality. If we don't, then we are going to continue to sink down. It would do us all well to remember that just because you can do/say a thing, it doesn't mean you should.
Agree completely. My parents have been on Linux for years and my dad has become reasonably adept at maintaining his own systems. In fact, he keeps a few "test" boxes around that he uses for distro whoring:)
After my wife's old Thinkpad died, I got her a MacBook Pro, and have never had to fix anything in two years. Well, except for the time it was knocked to the floor by a toddler and the disk failed not long after, but that's not Apple's fault:-) Why not Linux, which is what everyone else (including our kids) uses? Her most core app is Yahoo Messenger, and the voice features in particular. I'd rather have her using a Mac than dealing with a Windows instance in a VM (Yahoo Messenger doesn't work in wine, likely never will, I expect). Switching IMs isn't an option because Yahoo is _the_ IM software in her home country and is used by literally all of her friends and family, both there and here.
It's not that Macs, or even Linux systems, are completely free of vulnerabilities, but it's a matter of degree. No matter what studies get waved around by the various players, the facts on the ground are that Macs and (especially) Linux systems are more secure (I like the term "less insecure" though), and are so because of design choices. Those design choices are why Windows will always be more insecure than Mac or Linux systems.
Since AC is unlikely to come back and read this, can anyone else enlighten RE: how/when/where Comcast received tax money to build their network? AFAIK even the old AT&T used its own money to build the network; what it got from the government was a monopoly in exchange for allowing government regulation. I had not before heard that cable companies received anything other than geographical monopolies from the government.
I live in the SF Bay area, which is mostly Comcast country, but I'm really lucky to be in a city that has municipal cable. I have 12 mpbs down with no throttling. If there's a transfer cap, I've never run up against it.
I suspect what's going on with Comcast is their subscribers and bandwidth use are growing faster than they can (or at least want to) add capacity, so they're solving the problem with throttling. As a network engineer in a previous career life, I have a certain amount of sympathy for them in this case. Their bandwidth demands may be growing faster than they can add capacity while having their Internet business remain profitable. Throttling heavy users is one solution, and they are far from the first ISP to do so. The ISP I worked for 10 years ago did it in some cases. Our TOS allowed it in all cases, but it was usually only enforced in cases where a particular user was being regularly problematic.
Of course, my municipal cable provider seems to have no problem maintaining infrastructure, and IIRC they charge about the same as Comcast, so...
However, I do take issue with applying such a throttle after only 15 minutes. For most people, that's not long enough to download an install CD ISO (I can do it, since I usually see download speeds >= 1 megabyte/sec for ISOs) but I don't think most Comcast users get a connection as fast as mine; correct me if I'm wrong). Since I'm sort of a distro whore, I tend to download a lot of install ISOs. For distros that install from DVD, that 15 minutes is even worse. I think the throttling threshold should be at least 30 minutes.
The FBI cares, and the Secret Service is also involved in the investigation and prosecution of things related to phishing (carding, for example), but it can be hard to get to the right people.
The Anti-Phishing Working Group may (or not, I'm uncertain) may have some contact info for the right parties.
Before you ask why I didn't provide a link, it's because that would be such a good place to put a link leading to a drive-by download of malware. Don't trust links on Slashdot, look it up for yourself.
No kidding. I recently attended a security conference. It was 800 miles from where I live. I *drove* to it. Figured the drive would be 12 hours in good traffic (it was; 14 on the way back) and door to door time by air would be no less than four hours and might well be six, with the possibility of being even longer than that. Driving seemed like a good valued proposition, and I probably spent less on gas and food on the road than I would have on airfare.
Speaking as someone who has been in the anti-spam business for years, all I can say is that anyone who thinks that Geocities' being turned off will have any impact whatsoever on spam and/or phishing needs to stop and think about that. As a poster up above noted, as of today there was only one known phishing page still on Geocities. Where did all the rest go? Suffice to say, it's a safe bet they haven't retired.
I'm not against take-downs of phishing sites - it's a valuable tool in the toolbox - but it's definitely whack-a-mole and does little if anything to actually reduce phishing attempts. Shut down a phishing site and the same phisher will have a new one opened within minutes. Most phishing sites today are hosted on compromised servers, anyway. You could shut down every free website service in the world and it wouldn't make a significant difference in the amount of phishing sites. Free website services did not create phishers or spammers, they are just abused by (some of) them. If they were all gone, the phishers and spammers would just abuse another channel.
It's hard to get effective third-party software because of some vague thing about Linux kernel versions?
You'll excuse me for pointing out inconvenient truths, but _all_ Linux software other than the kernel itself is third-party. Linux is, after all, just a kernel. The rest of what makes up a Linux-based operating system is written by third parties, starting with GCC and the rest of the GNU tools. Some of it is even proprietary.
Lest you try and backtrack and say you were only talking about AV software, there is lots of AV decent software available for Linux, and guess what? It's all written by third parties, too.
The distributors themselves are third parties, except to the extent that they have kernel developers on their staffs.
You may have also failed to notice that there is excellent support available for Linux from a variety of sources, including paid support with SLAs, for those who want or need it.
If you're going to troll, you should at least be good at it.
Uh, koalas aren't really terribly large, and I'm fairly sure the only place in China you might find one is a zoo. Or maybe a butcher shop or pharmacist shop, if they are thought to have any eating or medicinal value:p
I don't even need to see the emails. I work in the email security industry, and every problem I've seen - without exception - that involved an otherwise legit and respectable company that got in trouble because of email marketing practices was a combination of two things:
1) A definition of "opt-in" that doesn't come very near to "informed consent" - where informed consent is considered an industry BCP.
2) Some genius in marketing further gumming up the works by sending something spammy, or just stupid.
In most cases, condition 1 is also caused by condition 2. There are more than a few marketers who see absolutely nothing wrong with e-pending, or even "list rental" of "guaranteed 100% opt-in lists."
This doesn't mean she isn't an idiot. At a minimum, she doesn't sound very computer-savvy, but this still needs to be laid squarely at the feet of Toyota and its marketing firm.
For any of you who may be marketers, let me clue you in. Anyone offering to sell/rent you a list is a spammer and is setting you up to be a spammer. No one on that gave explicit and informed consent to receive marketing email from _your_ company, which means that a large percentage of the people on that list will (quite rightly) consider you to be a spammer if they get mail from you. Also, there is no such thing as a "100% opt-in list" with the exception of a list you built yourself from people who gave explicit and informed consent to receive marketing email from you. Even then, that list will only remain 100% opt-in if you maintain it regularly. That means, at a minimum, frequently removing bouncing addresses and never, ever adding them back later should they start working.
In line with that last part, never re-test bad addresses in the future to see if they work. If they do work, it's a virtual certainty that the address has changed hands. If you then send mail there, it's spam.
And finally, beware of "partner lists" whether receiving or producing them. When people give consent, they are usually giving consent to receive mail from your firm only, not your partners (think hard about informed consent). If a partner business gives you a list of its contacts, the same thing applies. No one on that list gave informed consent to get mail from *you* - and no, a couple pages of lawyer-talk in a small font does not count as informed consent, even it explicitly states that you'll write their email address on the bathroom wall.
Following these common-sense best practices will keep marketers from running afoul of people like me, who write spam filters for a living.
Disclaimer: all opinions expressed herein are solely mine, and not those of my employer.
No kidding. This is more like trying to use a defibrillator on a heart attack victim who's been dead for a couple days.
Yahoo has spent years flipping the bird to third party developers, whether open-source or closed, and now zombie-Yahoo is trying to attract third-party devs. While I welcome the move despite its being terminally late, I don't think it's going to save them. Five or six years ago, this would have been big. Ten years ago, this would have been world-changing. I like Yahoo, I really do. I prefer Yahoo mail to Gmail and I prefer Yahoo Messenger above all other IMs, but I also believe I'll one day have to stop using them because Yahoo will be gone.
I don't much like Rangel myself, but you say "tax cheat" like it's a bad thing:)
I'll get more incensed about tax cheats when the governments starts using our tax money more wisely. I consider the government itself to be by far the largest tax cheat, because we're all being ripped off in that department.
Still waiting for your hope, change, and that transparent government thing, huh? I think we all missed out on that by about, oh, 233 years. I don't expect we're going to get much of it from Obama, anyway.
Got any links? It doesn't ring a bell and seems like it would be harder to implement b/c we don't have all that many CCTV cameras here. I'm sure it's been thought of, of course, just less certain that it's actually been tried. Certainly, we have quite a bit of "squeal on your neighbor" mentality being pushed.
Yeah, I got a ticket like that once, too. Wasn't in Glendora, CA, was it?:p
I'm in the vendor side of anti-phishing, and I've got to challenge the idea that the FBI had the power to stop those events in their tracks. Sure, they could have busted a small number of low-level criminals early in the investigation, but that wouldn't have stopped anything. The higher-level criminals would have continued as usual, made more wary by the bust of a few small fish. To fully investigate and to build a case that will win in court and send the perps to prison takes time. That's unfortunate, but it does take time, and it's the only way to get that particular gang off the street for a while. The FBI made the right call.
A few asides to that:
-In most cases, banks cover phishing losses. If they'd stop doing that.
-Phishing is generally so obvious that my brother's best friend - who is blind - could figure out it's phish with his cane. A certain amount of responsibility for getting phished has to be assigned to the victim. It's like walking through a bad part of town at night with a wallet stuffed full of cash sticking out of your back pocket. Sure, the criminal is still the criminal and belongs in jail, but anyone who walks around like that is giving the criminal every possible opportunity. AKA setting himself up to become a crime victim through stupid action.
-The other day, we noticed a large spike in certain kinds of phishing (all of which was caught by our filters, fortunately). Then today this news breaks. It's almost as if the phishers sensed a crackdown was imminent and wanted to make one last big push before they went underground. It's a possible coincidence of course, but it's hard to believe in coincidences in this business.
-I applaud this arrest, but I don't expect it to make even a blip in the level of phishing. If hits on our anti-phishing rules go down at all, I'll be genuinely surprised. The only events that seem to have major impact on spam levels are cable cuts to China or Africa:p
I was going to just bypass that because Nexenta Core itself is not - AFAICT - something that's ready to use as a system. It's what the name implies - something ready to be used as the core of a system. But, since I hadn't visited the Nexenta site in at least 6 months and probably longer - I dropped by. Turns out there's a desktop distro now, called StormOS, based on Nextenta Core: http://www.stormos.org/ that I'm going to look into.
But a Debian system with an OpenSolaris kernel? Now *that* would be nice!
Of course, if KDE should someday work as well on OpenSolaris as GNOME does (including Timeslider integration into Dolphin and/or Konqueror), then it might be just as well to go with OpenSolaris itself, although I'd still prefer the APT to OSOL's packaging system. Plus, of course, the number of packages in the Debian repositories completely dwarfs what is available for OSOL.
That said, I like OSOL so much that if KDE _were_ at the same support level as GNOME, I'd likely move from Kubuntu to OSOL now.
Completely agree about the gullibility logic loop, but I consider it a (design) bug that such weak passwords are allowed. The fact that it's a free email account shouldn't mean you're allowed to set your password to *anything* you want. If anything, the fact that it's free is a better argument that the users should have to accept setting stronger passwords as a condition. If G/Y/M are worried about driving customers to the competition because the passwords are too hard, it shouldn't be that difficult to come to an agreement amongst themselves to all set the same password standards and implement them at the same time.
And if those 10,000 people should choose to not have an account at any of G/Y/M, it's G/Y/M plus the rest of the Internet that wins.
My home: four Linux machines (kids', mine, file server) and one Mac (MBP for wife).
My office: 1 PC running Kubuntu Karmic, 1 MBP that I mostly only use for running Entourage. My real work is done on the Kubuntu box. The MBP goes home with me at night and is occasionally used for after hours work or working from home over VPN.
Most people I know who have Macs or Linux are like what you've observed. They may _still_ have a Windows machine around (not going to say PC because none of my PCs have Windows installed), but it's the minority platform and is just kept around for some specific purpose (gaming, or a critical Windows-only app). Except for the ones that are dedicated gaming rigs, most of them probably won't be replaced when they die. It's much simpler (and cheaper) to run Windows in a VM on Linux or Mac if you really need it.
Well, he's in the government, which means that the usual productivity measures don't apply.
Normally, a productivity measure looks for how much you get done when you're not reading Idle on Slashdot. Since the normal state of a government employee is to get nothing done, the productivity measure always shows zero, thus making it hard to determine if someone might be surfing pr0n at work.
When someone with a guvmint job is doing something, whatever is being done is likely to cause damage and problems, rather than anything productive. This is especially true in Washington, D.C. Thus, a proper measure would have to be looking for things getting screwed up. If nothing is screwed up, the employees must not be working, so someone needs to look into what they're doing.
After the investigation determines what they are doing, they should be encouraged to keep doing more of it, thus preventing things from becoming screwed up. Or just fire them and save money, but the government doesn't want to do that, either. If they fired the deadwood (is there some other kind in Washington?), then some of us might start asking the government why it needs so much of our money, and start entertaining the reasonable expectation that it stops taking so much of said money.
Slashdot Mirror
My wife was born in Viet Nam and spent the first 30 years of her life there, and she's been saying that for years, too. She has an absolutely bulletproof immune system; she almost never gets sick, even when everyone around her has a cold, and on those rare occasions when she does, she shakes it off faster than anyone else. Her siblings are all the same way. She attributes this to the fact that there wasn't much vaccine (or knowledge of hygienic practice) in VN when she was a kid. Not much in the way of antibiotics, either, so you just had to get well on your own if you got sick.
Although I believe the punishment did not fit the crime in this case, I agree completely with your stance.
There is a car that belongs to someone somewhere in my neighborhood that has license plate frames which read "Fuck the princess, I'm the queen." Obviously a real class act. Freedom of speech, yadayada, but I've found myself behind this vehicle twice in the last week, fortunately *after* dropping my 6 and 7 year old kids off at school. They both read above grade level, and the 7 year old reads _way_ above grade level, so if they should happen to see said license plate frame (and believe me, those girls will zero in on the word "princess" like heat-seeking missiles after a plane), I'm going to hear "Daddy, what does 'fuck the princess' mean?" I can't wait to field that one :p Having that on one's vehicle certainly makes a personal statement; the statement is "Look what a low-class jerk I am."
There are a lot of theories about how we as a culture and nation got to this point where the only class that seems to matter is low class, and all of them probably have some merit, but here we are. We may never get back to a point where there is some standard of public morality. If we don't, then we are going to continue to sink down. It would do us all well to remember that just because you can do/say a thing, it doesn't mean you should.
Among antispam industry professionals (yes, I am one) the term blocklist appears to be slowly displacing blacklist as the term of choice.
Agree completely. My parents have been on Linux for years and my dad has become reasonably adept at maintaining his own systems. In fact, he keeps a few "test" boxes around that he uses for distro whoring :)
After my wife's old Thinkpad died, I got her a MacBook Pro, and have never had to fix anything in two years. Well, except for the time it was knocked to the floor by a toddler and the disk failed not long after, but that's not Apple's fault :-) Why not Linux, which is what everyone else (including our kids) uses? Her most core app is Yahoo Messenger, and the voice features in particular. I'd rather have her using a Mac than dealing with a Windows instance in a VM (Yahoo Messenger doesn't work in wine, likely never will, I expect). Switching IMs isn't an option because Yahoo is _the_ IM software in her home country and is used by literally all of her friends and family, both there and here.
It's not that Macs, or even Linux systems, are completely free of vulnerabilities, but it's a matter of degree. No matter what studies get waved around by the various players, the facts on the ground are that Macs and (especially) Linux systems are more secure (I like the term "less insecure" though), and are so because of design choices. Those design choices are why Windows will always be more insecure than Mac or Linux systems.
Since AC is unlikely to come back and read this, can anyone else enlighten RE: how/when/where Comcast received tax money to build their network? AFAIK even the old AT&T used its own money to build the network; what it got from the government was a monopoly in exchange for allowing government regulation. I had not before heard that cable companies received anything other than geographical monopolies from the government.
Barracuda was a step _up_?!?! Wow, GFI must be really something :p
I live in the SF Bay area, which is mostly Comcast country, but I'm really lucky to be in a city that has municipal cable. I have 12 mpbs down with no throttling. If there's a transfer cap, I've never run up against it.
I suspect what's going on with Comcast is their subscribers and bandwidth use are growing faster than they can (or at least want to) add capacity, so they're solving the problem with throttling. As a network engineer in a previous career life, I have a certain amount of sympathy for them in this case. Their bandwidth demands may be growing faster than they can add capacity while having their Internet business remain profitable. Throttling heavy users is one solution, and they are far from the first ISP to do so. The ISP I worked for 10 years ago did it in some cases. Our TOS allowed it in all cases, but it was usually only enforced in cases where a particular user was being regularly problematic.
Of course, my municipal cable provider seems to have no problem maintaining infrastructure, and IIRC they charge about the same as Comcast, so...
However, I do take issue with applying such a throttle after only 15 minutes. For most people, that's not long enough to download an install CD ISO (I can do it, since I usually see download speeds >= 1 megabyte/sec for ISOs) but I don't think most Comcast users get a connection as fast as mine; correct me if I'm wrong). Since I'm sort of a distro whore, I tend to download a lot of install ISOs. For distros that install from DVD, that 15 minutes is even worse. I think the throttling threshold should be at least 30 minutes.
This gives new meaning to the Geico tagline, "So easy even a cave man could do it."
The FBI cares, and the Secret Service is also involved in the investigation and prosecution of things related to phishing (carding, for example), but it can be hard to get to the right people.
The Anti-Phishing Working Group may (or not, I'm uncertain) may have some contact info for the right parties.
Before you ask why I didn't provide a link, it's because that would be such a good place to put a link leading to a drive-by download of malware. Don't trust links on Slashdot, look it up for yourself.
No kidding. I recently attended a security conference. It was 800 miles from where I live. I *drove* to it. Figured the drive would be 12 hours in good traffic (it was; 14 on the way back) and door to door time by air would be no less than four hours and might well be six, with the possibility of being even longer than that. Driving seemed like a good valued proposition, and I probably spent less on gas and food on the road than I would have on airfare.
Speaking as someone who has been in the anti-spam business for years, all I can say is that anyone who thinks that Geocities' being turned off will have any impact whatsoever on spam and/or phishing needs to stop and think about that. As a poster up above noted, as of today there was only one known phishing page still on Geocities. Where did all the rest go? Suffice to say, it's a safe bet they haven't retired.
I'm not against take-downs of phishing sites - it's a valuable tool in the toolbox - but it's definitely whack-a-mole and does little if anything to actually reduce phishing attempts. Shut down a phishing site and the same phisher will have a new one opened within minutes. Most phishing sites today are hosted on compromised servers, anyway. You could shut down every free website service in the world and it wouldn't make a significant difference in the amount of phishing sites. Free website services did not create phishers or spammers, they are just abused by (some of) them. If they were all gone, the phishers and spammers would just abuse another channel.
I beg your pardon?
It's hard to get effective third-party software because of some vague thing about Linux kernel versions?
You'll excuse me for pointing out inconvenient truths, but _all_ Linux software other than the kernel itself is third-party. Linux is, after all, just a kernel. The rest of what makes up a Linux-based operating system is written by third parties, starting with GCC and the rest of the GNU tools. Some of it is even proprietary.
Lest you try and backtrack and say you were only talking about AV software, there is lots of AV decent software available for Linux, and guess what? It's all written by third parties, too.
The distributors themselves are third parties, except to the extent that they have kernel developers on their staffs.
You may have also failed to notice that there is excellent support available for Linux from a variety of sources, including paid support with SLAs, for those who want or need it.
If you're going to troll, you should at least be good at it.
Uh, koalas aren't really terribly large, and I'm fairly sure the only place in China you might find one is a zoo. Or maybe a butcher shop or pharmacist shop, if they are thought to have any eating or medicinal value :p
I don't even need to see the emails. I work in the email security industry, and every problem I've seen - without exception - that involved an otherwise legit and respectable company that got in trouble because of email marketing practices was a combination of two things:
1) A definition of "opt-in" that doesn't come very near to "informed consent" - where informed consent is considered an industry BCP.
2) Some genius in marketing further gumming up the works by sending something spammy, or just stupid.
In most cases, condition 1 is also caused by condition 2. There are more than a few marketers who see absolutely nothing wrong with e-pending, or even "list rental" of "guaranteed 100% opt-in lists."
This doesn't mean she isn't an idiot. At a minimum, she doesn't sound very computer-savvy, but this still needs to be laid squarely at the feet of Toyota and its marketing firm.
For any of you who may be marketers, let me clue you in. Anyone offering to sell/rent you a list is a spammer and is setting you up to be a spammer. No one on that gave explicit and informed consent to receive marketing email from _your_ company, which means that a large percentage of the people on that list will (quite rightly) consider you to be a spammer if they get mail from you. Also, there is no such thing as a "100% opt-in list" with the exception of a list you built yourself from people who gave explicit and informed consent to receive marketing email from you. Even then, that list will only remain 100% opt-in if you maintain it regularly. That means, at a minimum, frequently removing bouncing addresses and never, ever adding them back later should they start working.
In line with that last part, never re-test bad addresses in the future to see if they work. If they do work, it's a virtual certainty that the address has changed hands. If you then send mail there, it's spam.
And finally, beware of "partner lists" whether receiving or producing them. When people give consent, they are usually giving consent to receive mail from your firm only, not your partners (think hard about informed consent). If a partner business gives you a list of its contacts, the same thing applies. No one on that list gave informed consent to get mail from *you* - and no, a couple pages of lawyer-talk in a small font does not count as informed consent, even it explicitly states that you'll write their email address on the bathroom wall.
Following these common-sense best practices will keep marketers from running afoul of people like me, who write spam filters for a living.
Disclaimer: all opinions expressed herein are solely mine, and not those of my employer.
No kidding. This is more like trying to use a defibrillator on a heart attack victim who's been dead for a couple days.
Yahoo has spent years flipping the bird to third party developers, whether open-source or closed, and now zombie-Yahoo is trying to attract third-party devs. While I welcome the move despite its being terminally late, I don't think it's going to save them. Five or six years ago, this would have been big. Ten years ago, this would have been world-changing. I like Yahoo, I really do. I prefer Yahoo mail to Gmail and I prefer Yahoo Messenger above all other IMs, but I also believe I'll one day have to stop using them because Yahoo will be gone.
I don't much like Rangel myself, but you say "tax cheat" like it's a bad thing :)
I'll get more incensed about tax cheats when the governments starts using our tax money more wisely. I consider the government itself to be by far the largest tax cheat, because we're all being ripped off in that department.
Still waiting for your hope, change, and that transparent government thing, huh? I think we all missed out on that by about, oh, 233 years. I don't expect we're going to get much of it from Obama, anyway.
Got any links? It doesn't ring a bell and seems like it would be harder to implement b/c we don't have all that many CCTV cameras here. I'm sure it's been thought of, of course, just less certain that it's actually been tried. Certainly, we have quite a bit of "squeal on your neighbor" mentality being pushed.
Gee, getting modded Troll for telling the truth on Slashdot. Whodathunkit?
Wow, and to think that we thought things were bad in the US. Even Dick Cheney never dreamed of anything like this.
I wonder who's snooping on the snoopers?
Yeah, I got a ticket like that once, too. Wasn't in Glendora, CA, was it? :p
I'm in the vendor side of anti-phishing, and I've got to challenge the idea that the FBI had the power to stop those events in their tracks. Sure, they could have busted a small number of low-level criminals early in the investigation, but that wouldn't have stopped anything. The higher-level criminals would have continued as usual, made more wary by the bust of a few small fish. To fully investigate and to build a case that will win in court and send the perps to prison takes time. That's unfortunate, but it does take time, and it's the only way to get that particular gang off the street for a while. The FBI made the right call.
A few asides to that:
-In most cases, banks cover phishing losses. If they'd stop doing that.
-Phishing is generally so obvious that my brother's best friend - who is blind - could figure out it's phish with his cane. A certain amount of responsibility for getting phished has to be assigned to the victim. It's like walking through a bad part of town at night with a wallet stuffed full of cash sticking out of your back pocket. Sure, the criminal is still the criminal and belongs in jail, but anyone who walks around like that is giving the criminal every possible opportunity. AKA setting himself up to become a crime victim through stupid action.
-The other day, we noticed a large spike in certain kinds of phishing (all of which was caught by our filters, fortunately). Then today this news breaks. It's almost as if the phishers sensed a crackdown was imminent and wanted to make one last big push before they went underground. It's a possible coincidence of course, but it's hard to believe in coincidences in this business.
-I applaud this arrest, but I don't expect it to make even a blip in the level of phishing. If hits on our anti-phishing rules go down at all, I'll be genuinely surprised. The only events that seem to have major impact on spam levels are cable cuts to China or Africa :p
I was going to just bypass that because Nexenta Core itself is not - AFAICT - something that's ready to use as a system. It's what the name implies - something ready to be used as the core of a system. But, since I hadn't visited the Nexenta site in at least 6 months and probably longer - I dropped by. Turns out there's a desktop distro now, called StormOS, based on Nextenta Core: http://www.stormos.org/ that I'm going to look into.
Thanks!
I'll take a pass on that one, thanks :p
But a Debian system with an OpenSolaris kernel? Now *that* would be nice!
Of course, if KDE should someday work as well on OpenSolaris as GNOME does (including Timeslider integration into Dolphin and/or Konqueror), then it might be just as well to go with OpenSolaris itself, although I'd still prefer the APT to OSOL's packaging system. Plus, of course, the number of packages in the Debian repositories completely dwarfs what is available for OSOL.
That said, I like OSOL so much that if KDE _were_ at the same support level as GNOME, I'd likely move from Kubuntu to OSOL now.
Completely agree about the gullibility logic loop, but I consider it a (design) bug that such weak passwords are allowed. The fact that it's a free email account shouldn't mean you're allowed to set your password to *anything* you want. If anything, the fact that it's free is a better argument that the users should have to accept setting stronger passwords as a condition. If G/Y/M are worried about driving customers to the competition because the passwords are too hard, it shouldn't be that difficult to come to an agreement amongst themselves to all set the same password standards and implement them at the same time.
And if those 10,000 people should choose to not have an account at any of G/Y/M, it's G/Y/M plus the rest of the Internet that wins.
I agree about the data sample; there may be skew.
My home: four Linux machines (kids', mine, file server) and one Mac (MBP for wife).
My office: 1 PC running Kubuntu Karmic, 1 MBP that I mostly only use for running Entourage. My real work is done on the Kubuntu box. The MBP goes home with me at night and is occasionally used for after hours work or working from home over VPN.
Most people I know who have Macs or Linux are like what you've observed. They may _still_ have a Windows machine around (not going to say PC because none of my PCs have Windows installed), but it's the minority platform and is just kept around for some specific purpose (gaming, or a critical Windows-only app). Except for the ones that are dedicated gaming rigs, most of them probably won't be replaced when they die. It's much simpler (and cheaper) to run Windows in a VM on Linux or Mac if you really need it.
Well, he's in the government, which means that the usual productivity measures don't apply.
Normally, a productivity measure looks for how much you get done when you're not reading Idle on Slashdot. Since the normal state of a government employee is to get nothing done, the productivity measure always shows zero, thus making it hard to determine if someone might be surfing pr0n at work.
When someone with a guvmint job is doing something, whatever is being done is likely to cause damage and problems, rather than anything productive. This is especially true in Washington, D.C. Thus, a proper measure would have to be looking for things getting screwed up. If nothing is screwed up, the employees must not be working, so someone needs to look into what they're doing.
After the investigation determines what they are doing, they should be encouraged to keep doing more of it, thus preventing things from becoming screwed up. Or just fire them and save money, but the government doesn't want to do that, either. If they fired the deadwood (is there some other kind in Washington?), then some of us might start asking the government why it needs so much of our money, and start entertaining the reasonable expectation that it stops taking so much of said money.