UberQuerty, this is an efficient technique. Me, I found that even friends can sometimes compromize my "good" email address by entering it in one of these email postcard websites that are generally big email addresses collectors.
So I give everyone (including friends) revokable addresses from spamgourmet and I invalidate selectively the addresses that start getting spammed. SG forwards me all emails to a secret account.
As per dictionary attack, they'll be extremely unlikely to succeed against these addresses considering the precautions you can choose to use on SG, such as keywords.
Face it, we all want to believe in the (nice) alien next door. Heck, I want to believe, too.
But then, let's see. Suppose there IS indeed an intelligent alien civilization nearby. Can we actually detect it with SETI? Yes, but only provided that:
This civilization uses radio for long range telecoms. This assumes
that nothing better than radio will ever be available for that
purpose. Of course, it's impossible to predict if anything better will
ever be discovered, but it seems presomptuous. Just like these 19th
century writers that waxed lyrical about how the telegraph was the
ultimate achievement of signal transmission.
AND
This civilization has no compression. OK, nothing better
than radio exists and will ever exist. Radio it is. Everyone in our
friendly neighborhood uses it. But wait, they don't compress their
signal. SETI relies on the fact that artificial patterns can be found
in signal. But compression, by definition, removes repeatable
patterns, leaving only what looks like noise for better "signal
entropy" (or bandwidth utilization efficiency). Isn't it
contradictory? On meek Earth, we are already starting to compress
radio signals for all new applications because radio spectrum is so
scarce. Yet we are looking for aliens that use huge radio powers and
no compression.
So we're looking for very intelligent aliens that are particularly
clueless. A convention of intergalactic Microsoft developers, maybe? (Naah. That would not be likely to remain undetected. Think of the size of the egos.)
So while I strongly believe we aren't alone in the universe, I think
that SETI is not going to give any result. It's a
waste. Quasar1999 is bloody right.
This is really sickening. A lot of schools still use SSN as student IDs. In State University of New York, until very recently, your SSN was used on your grad reports, your dorm phone bills, your administrative notices, and teachers even insisted that this SSN/Student ID should be written at the top of every homework. Old phone bills with your name, date of birth, address and SSN were often found in classrooms or on the floor.
When I approached a SUNY teacher about this potential ID theft problem (back in 1999), his answer was: "I've been doing this for 20 years and I've never heard of this problem". Shocking, astonishing conclusion: The American academia is clueless! Oh no! How can that be! (But hey, it explains so much.)
It took a few ruined students and an order from the Attorney General (IIRC) for stopping NY schools from using SSNs as student IDs.
I am not really surprised that some administrative cretins are still camping on their position after all the theft ID problems of the last few years. After all, Schools Are Clueless.
I would like to entertain the hope that a few of these moronic school administrations would be sued 'till they bleed by ruined students, but how could ruined students afford this kind of legal costs?
So your old email accounts are spammed to death, huh?
If you want to get rid of spam, do this:
1. Create a "secret" email account from a reputable provider. Make it unguessable. Add some digits or weird long strings. Don't give it to anyone.
2.Go to
spamgourmet.com and create an account. It's free and open source. In the "forward emails to" field, enter your secret email.
3. Give spamgourmet addresses to your friends. If your account name is Joe6Pack, give your pal Jack Daniels an address Jack.Daniels.Joe6Pack at spamgourmet dot com. To greatdeal.com, give greatdeal.com.Joe6Pack at spamgourmet dot com. This way you know who has what address. Those spamgourmet addresses are disposable.
All the emails sent to your various spamgourmet addresses are forwarded to your secret account.
4.
If Jack, who is a friggin' idiot running XP and Outlook, gets yet another Kletz-like virus, the content of his Outlook address book will be compromized and all these addresses harvested by spammers. Just go to spamgourmet.com and disable the compromized address. Tell Jack he's a fool. Give him another disposable address if needed... Until next time.
If greatdeal.com turns out to be a spammer, just disable their address.
5. After a couple of months, disable your old email accounts, the ones that are spammed to death right now.
6. No more spam. Or if you get spam, just disable the spammed address and report the spammer to spamhaus.org. You'll never be spammed more than once.
Barring a totally new email protocol, we'll always have to deal with SMTP attacks. I'm afraid there's nothing you can do about dictionary attack, except maybe detect them and refuse the connection from this IP address for the next X hours.
Bayesian filtering is interesting because it reduces the efficiency of spam, hence the profitability of spam. But there is another way: Force people to think twice before they sell your address or, worse, post it on an open web site.
As a deterrent against address selling, I am now using exclusively disposable, traceable addresses, from www.sneakemail.com and www.spamgourmet.com.
Addresses generated from these sites can be given to just one entity or person. If that person sells or post your address, you inhibit the address and put that person/firm in your "stinker" list. And you make sure people know.
If the use of traceable addresses was prevalent, the number of spamming outfits would quickly drop, since you can pinpoint the source of each address. At least that's my experience.
My question is, do you think this would work on a large scale?
Ha! MS cannot really lower its prices. Here's why.
on
The Linux Uprising
·
· Score: 4, Insightful
Mostly, [Paul McEntire] worries that it would take only a little price competition from Microsoft (MSFT ), which goes up against Linux in the operating-system market, to see the return of red ink.
McEntire doesn't get it.
Most of the Linux distro revenue comes from professional servers and
technical workstation users who want paid support. These users
couldn't care if MS gave away their products. They
would consider switching to, say, IBM's AIX or Sun's Solaris if
the price was right and the apps available. But not to Windows.
The fact that this guy is not aware of this simple market reality and
yet manages a stock portfolio is really scary. Keep away from his Marketocracy Technology Plus Fund.
Now, on another hand, your argument about Linux on the desktop makes much more sense:
I especially see this coming as the other divisions of Microsoft, such
as MSN and the XBox, while still losing money, are not losing as much
money as they used to, and thus Microsoft would no longer have to rely
on Windows and Office as their cash cows so much as they have done in
the past.
Now that's a valid argument. It would not hurt the server sales
but it would certainly hurt the Linux desktop numbers.
However, keep in mind that Microsoft depends on the value of its
stock in order to retain employees with stock options. Now take a look at
MS'S SEC filing, especially Note 9, "Segment information".
Their operating
systems and applications account for more than 86% of their sales
income (financial activities excluded). The other divisions, entertainment and consumer electronics, are barely showing up on the radar screen. Even if they were profitable, they really couldn't scale up to the Office+Windows income. A sustained price cut on
Windows and Office would hurt MS's income very badly, send their
stock price down, and bring down their option-based financial Ponzi
scheme. So they just cannot afford to do it.
See Bill
Parish's report for an overview of MS's financial
pyramid. Recommended reading to understand what makes the Redmond Beat
tick.
Yes, good points. But please note that when the Enron scandal was revealed, the 100B losses were the sum of all the highwater stock values, which more or less reflects the investors' losses. The 160K figure quoted here is to be compared to the few tens of millions pocketed by Enron execs, i.e., a small fraction of the total investor losses.
It's very hard to make laws against corruption when there are so many things that are merely immoral and not illegal. Crooks will always invent mechanisms that exploit loopholes and oversights of the lawmakers. The more complex and all-encompassing the laws try to be, the easier they actually are to break. It's a sad consequence of system theory. Read
That's why, when you can catch one of them crooks, you should be merciless.
Finally, you correctly point out that getting investment advice from spam isn't too clever. The real crime in the Enron/Worldcom scandals was indeed not committed by the corrupt execs. It was perpetrated by the accountants and auditors who certified the books, tarnishing the whole system. For this form of economic sabotage, the Chinese government would shoot them.
Let's hope that more heads will roll in this case.
I don't think you accurately measure the damage this guy has done. He made $160k. Not much on the Enron/Worldcom Pimping Scale (TM), I agree. But in order for him to make a buck, a certain stock has to be pumped up with the hard-won cash of countless small investors. These people collectively lost much more than $160k when the bastard dumped the stocks.
It's not a zero-sum game. Like most other criminal activity, each dollar of illicit profit is actually creating tens of dollars of damage. So we're talking millions of destroyed wealth here.
Also, don't forget that countless other shitbags would be thinking twice before attempting pump-and-dump schemes now thanks to this deterring case.
Be thankful to the SEC that they finally condescend to catch the kind of miserable bastards that defraud the small people, instead of devoting all its time licking the wounds of multi-billion investors.
Sending a spam with a fake return address is called a Joe Job in anti-spam circles (see the posts above). This is why you should never, ever reply to a spam. A reply will either enrich the database of the spammer (if the Reply-To address is genuine) or will annoy an innocent user. Spammers don't read replies.
The only effective countermeasure I found was to use SpamGourmet. It's a web site that allows you to define disposable addresses forwarded to your real (secret) address. The disposable addresses can be disabled. They automatically shutdown after 20 messages from unknown senders (not in your whitelist). So, a Joe Job would generate, at most, 20 replies into your forwarded mailbox. After that, you'd have to re-enable the disposable email, although you'd rather leave it disabled because it WILL be spammed again.
Cool. My local pizza joint always plays the most annoying radio station on ceiling loudspeaker (hence specifically designed for entertaining the patrons).
The crap they play is cheezy music with a ton of ads between each song and an idiotic DJ who is always bordering on drowning in his own drool. So could you please point me to the law stating the restaurant has to fork $265 to play that drivel? I'd gleefully show it to them. If this could stop them from playing this audible excrement, it would do patrons a great favor!
Yeah, I know, I should go to another place. There is another pizza parlor in my bustling 300-trailer metropolis, but it's a mile away and the two servers always makes passes at customers. And they licks the tomato sauce off each other's fingers while they fix the pizzas. So I'll stick with the clean one.
Here is my experience. My company subcontracts electronic boards to large contract assemblers. They buy components, manufacture the printed circuit board (PCB), insert the chips and passives, solder them, test them, ship them to us.
Most PCBs, especially large-volume consumer grade devices, use only surface-mount components (SMC). These things cannot be replaced by a human being. They are soldered through a vapor deposition process. Just the heat of an approaching soldering iron melts the solder film and the passives pop out of the board. Litteraly.
When a prototype has to be reworked, it takes extraordinary time and precaution to replace, say, ASIC # 5 with netlist v 19.6 because v 19.7 fixes a bug. The rework equipment alone costs a fortune. No way this can be done by regular repair shops. So the boards are always replaced, never repaired, when they fail. So much for the repair market.
Wave-soldered PCBs don't fare better. This type of soldering requires post-assembly cleaning to remove the corrosive resin that deposit around the solder pads. You use a warm solvent bath to do that. But in recent years (since the late 90s), new regulations have banned these solvents because of ozone holes or something. It means that you now have to use extremely aggressive, toxic, inflammable benzine-based solvent instead. And not in an open tank anymore, or you'd kill everyone in the building. Way too dangerous.
So in these production lines, PCB are not cleaned anymore. The resin remains on the pad and slowly corrodes the copper of the PCB. Sooner or later, within a few years (especially in humid climates), a connection will fail, and your whole assembly, if not the whole unit, will go to the trash dump.
So these well-meaning environmentalists that wanted to save the world ended up accelerating the production of trash! Sad, huh?
With the notable exception of "419" spams which expect a reply by a moron^H^H^H^H^Hcustomer, most of the From addresses in spam emails are forged. Most of the time, they are chosen in a list of innocent people. Sometimes, the forged From address points to an anti-spam activist. This is known as a "Joe job". Recent Joe job victims include Spamcop and Spamgourmet addresses.
A 419 spam will include a genuine From address. On another hand, a whole category of messages have a forged From address:
Pump-and-dump stock scams
Fake security trojans
Spam asking you to call an 800 phone number (mostly spams for Herbalife affiliate and other pyramidal schemes)
I call these "unreturnable spams".
So "counterspam" will actually increase the amount of spam received mostly by innocent victims. Not quite a solution.
So please limit this "counterspam" to 419 senders. Don't help spammers. Avoid posting From addresses of unreturnable spams on Usenet.
On the 4th of July 1993, a Sumitomo plant in Japan suffered and explosion that destroyed its production facility for epoxy cresol, a resin that is the main ingredient in the black plastic used to package ICs. Sumitomo had absorbed its main competitor and produced about 60% of the worldwide supply.
"Experts" said it would take 3 years to resume a production line. The fact is that it's pretty hard to manufacture, fine-tune, characterize and ship such a very pure compound. As a result, most IC companies stated reserving their resin allocation to their most profitable IC lines. It became precarious to purchase low-cost TTL circuits.
Guess what? Experts were wrong, as usual! Sumitomo had a new line back in production after a few months. Worldwide shortage was averted. Radio Shack kept selling these 74xx TTLs. Wew.
Lesson learned but never applied: Never depend on a producer that manufactures most of the worldwide supply of anything in only one location.
It's perfectly natural that software engineering is as crappy as it is now: our society can afford it to be that way, and it's the path of minimum local cost.
I don't believe this even makes economic sense. Look at the incident this weekend on the ISS. The rail cart was blocked by a mechanical incident, and then by a bug. Bugs on such an expensive contraption are very costly, not to mention potentially deadly.
Look at the Westminster Bank fiasco, where a badly managed software project (replacing the back-office mainframe processing with NT servers) collapsed and led to a very expensive delay. This fiasco cost about $200 million. I don't think a correctly (scientifically) managed project, if such a thing was possible, would create such a cost overrun.
I have many more examples. What's missing in the demonstration, of course, would be example of scientifically managed software projects as a counter-example to the voodoo-like approach to software that we all know and loathe.
So really, it's not that we can afford them. It's that we don't know better.
Software is at best a cottage industry of craftmen that have widely different abilities. At worst, it is a cottery of alchemists that promote their own secret snake oil recipes and only succeed by sheer luck.
And I am a developer that calls himself a software engineer, so this is not a flame.
Why craftmen? Because we develop with tricks and recipes, often called "processes". But neither of these are scientific processes. They cannot predict the outcome of a software project within a definite set of constraints. They cannot be disproved. And they cannot explain failures. So they aren't science, they are rules of thumbs. The guy who makes a living by applying rules of thumbs and learned tricks is a craftmen.
Why alchemists? Because scientists publish their methods and their results. To the contrary, the software industry hides its customer references and does not publish its source code (with the notable exception of Open Source, with remains the exception in large-scale software projects). This is how alchemists and "savants" worked in the Renaissance. They hid their trade secrets, they had confidential relationships with rich patrons, and they feared full disclosure.
On top of that, each subbranch of computing has its own lingo and redefines as many words as possible. Mathematicians who specialize in field theory topology may not understand number theory, but at least, they use distinct, well-defined jargons. In computing, terms like "record", "field", "server", "link" are so overloaded that they are just noise.
About 60% of all software projects are cancelled or written-off as failures. I don't think civil engineering or, say, aeronautics have such a abysmal track record.
I hope that some day, we'll practice and teach Computer Science as, well, a science, not as a craft.
The site mentioned above (tintin.qc.ca) gives indeed a good history of the Tintin movies. The series was adapted into several not-so-good movies already. I've seen them all.:-)
The Spielberg aficionados will take comfort in knowing that Spielberg had been negociating to buy the Tintin movies. He declared in an interview that after the success of the 1st Indiana Jones, he had money for some old film projects he wanted to do, among which a Tintin movie. He has been a long-time admirer of Hergé. Unfortunately, after Hergé's death, the negociations went nowhere.
The character of Chang in the "Temple of Doom" is a hommage to Hergé's homonymous character in "The Blue Lotus"
So one thing is sure. Spielberg is not doing this just because he's smelling money. He's taking Hergé's masterpiece as a work of art. That kind of approach generally gives decent results.
As a footnote, the person who heads the company that manages Hergé's copyrights and derivative is an American who married Hergé's widow. That person has acquired a rather sinister reputation for being absolutely merciless, some kind of male Hilary Rosen, not even allowing basic fair use.
So, in short, MS won't be able to just change the standard because noone will use it. They'll use pnet instead. See?;-)
Wow, that's optimistic. Unfortunately, in most MS shops, the opportunity to deploy a Linux server only comes after the bean counters have a cow when they see the bill for the new 3GHz machines required to do menial server jobs. It means that by the time you get there, a lot of work has already been done on.NET apps. Of course we know that it's suicidal, but MS has billions of marketing dollars to snowjob countless customers.
So I am afraid that you, my friend, are dismissing the Redmond Beast a tad too fast!
Portable.NET sounds pretty neat. However, will it be useful? Assume that it's a success. It 2004 and several corporations are deploying Linux servers to serve department-wide.NET apps, hereby deprived MS from revenue it extracts from heavyweight.NET servers. What prevents MS to change critical parts of the.NET standard in the next iteration? Nothing. It's even likely that the new additions will be heavily patented to protect them against compatible servers. The next generations of.NET apps will then be uncompatible with the portable version and customers will have to revert to all-Windows shops.
Mind you, this is not a flame or anything, I am just trying to be practical here. Anything that can give people breathing rooms when it comes to MS standards is good. But here, I am really afraid that as soon as the portable.NET will start being successful, MS will notice it and intervene.
Any reason why the scenario above could not be implemented?
I was getting so much spam on my dial-up account that it sometimes took me 20 mins to download mostly useless, if not offensive, email. Sorting it automatically by client-side methods (e.g. SpamAssassin) wasn't helping the download time, since you still have to download the blasted spam before you sort it.
Spamgourmet allows you to create an infinity of different email addresses all going to your POP3 account, by adding various prefixes. So say, to take a recent example, that your account is SpammerMaimer and you want to subscribe to, oh, MIT Technology Review's newsletter. You create an address called MITTechReview.20.SpammerMaimer (@ the SG domain). The "20" in the middle word of the address gives them 20 shots at emailing you before the address shuts itself down (and you can manually reset the counter).
Then, surprise! This stupid magazine sells your address to several spammers. On top of that, their forum system is spammer-friendly because it encourages email address collection.. You know that it's them, because you haven't given that address to anyone else. So what do you do? You go to your Spamgourmet account and shut down that MITTechReview.20.SpammerMaimer address. Problem solved.
For truly one-shot emails, I use sneakemail, which creates disposable addresses that you can disable individually.
The hardest thing is to keep the old address active for a while until all your usual correspondants have been informed of your new address. Then, when you switch your ISP email address, you just have to change the forward address in SG and Sneakemail.
This is not meant as a flame or an aggressive comment. I'd just like to note that you're lucky, because my experience is that W2K crahes. Less than NT or 98, but still.
I use a Win2K box with latest SP applied, mostly for office work (someone port Notes to Linux!). I run web browsers, a few telnet sessions, Notes, Acrobat Reader and a few Java apps. I have ample memory (512MB) and I am barely paging.
Yet, I often arrive at the office in the morning to find my W2K box showing a BSOD with "Starting physical memory dump". I also sometimes get a BSOD doing very innocuous things such as typing an email.
So if you know why I keep crashing and how to fix it, please let me know.
You sure about the standard reagent? I have read about something more elaborate such as immunokit-based indicators.
Then again, corn is a bad example. Stick to bacterias.
Thanks for your reply. Very interesting point. If you have points, please mod up the parent.
However, my concern is that by swamping the environment with resistance genes for even "obsolete" antibiotics, we are making sure that these antibiotics will never be effective against anything anymore. That's one less weapon in a tough fight.
After all, the number of new antibiotics marketed in the last 20 years is quite low. Are we really sure we can afford to write off an antibiotic?
There are publications saying that if you stop using a selecting agent such as an antibiotic for a long periond of time, the corresponding ABR gene will probably mutate and degrade in most strains, making the antibiotic effective again, at least for a few years. But if you have copies of this ABR gene all over our crops, it will probably never disappear from bacterias in the wild.
Also, an AC below is making a point about BASTA resistance about which I know nothing. Care to elaborate?
The benefit of using an antibioresistant gene as a marker is that you can use standard reagents to look for it even in non-bacteria, or so I have been told. It's a matter of tooling.
Vancomycin-resistant staph is really bad news. Vancomycin was the last line of defense among antibiotics that have been tested. Its successors are very recent and might have side effects that haven't been detected yet. Not to mention that they are very expensive.
That's one more reason why it's a bad idea to use antibiotic resistance genes as selection markers in genetically modified organisms (GMOs). The process goes like this: A researcher wants to splice, say, a sheep's wool-producing skin gene into common corn so that the GM corn will have wooly fibers (cheaper wool, great!). The researcher prepares thousand of modified cell cultures. The gene splicing has succeeded in only a small percentage of them. How does he select the cells with the spliced gene? Easy: He also splices another gene, coding for antibioresistance (ABR), and looks for its signature in the Petri dishes, using standard reagents.
Then when the wooly corn is marketed, all its cells carry the same ABR gene. Eat the corn, and the bacteria in your guts get a chance to acquire the ABR gene from exposure to it. Then you get sick. The doctor prescribes antibiotics. All the E. Coli in your guts are killed, except the infinitesimal fraction that acquired this ANR gene. Then the surviving fraction repopulates your intestine. All your E. Coli population is now ABR. They will transmit the gene to some pathogene sooner or later.
Understand me, I don't really think that GMO are evil. Some GMO are actually very good ideas. The problem is that implementation of the idea with selection through ABR is very dangerous.
Look it up for yourself.
Slashdot Mirror
UberQuerty, this is an efficient technique. Me, I found that even friends can sometimes compromize my "good" email address by entering it in one of these email postcard websites that are generally big email addresses collectors.
So I give everyone (including friends) revokable addresses from spamgourmet and I invalidate selectively the addresses that start getting spammed. SG forwards me all emails to a secret account.
As per dictionary attack, they'll be extremely unlikely to succeed against these addresses considering the precautions you can choose to use on SG, such as keywords.
Face it, we all want to believe in the (nice) alien next door. Heck, I want to believe, too.
But then, let's see. Suppose there IS indeed an intelligent alien civilization nearby. Can we actually detect it with SETI? Yes, but only provided that:
AND
So we're looking for very intelligent aliens that are particularly clueless. A convention of intergalactic Microsoft developers, maybe? (Naah. That would not be likely to remain undetected. Think of the size of the egos.)
So while I strongly believe we aren't alone in the universe, I think that SETI is not going to give any result. It's a waste. Quasar1999 is bloody right.
This is really sickening. A lot of schools still use SSN as student IDs. In State University of New York, until very recently, your SSN was used on your grad reports, your dorm phone bills, your administrative notices, and teachers even insisted that this SSN/Student ID should be written at the top of every homework. Old phone bills with your name, date of birth, address and SSN were often found in classrooms or on the floor.
When I approached a SUNY teacher about this potential ID theft problem (back in 1999), his answer was: "I've been doing this for 20 years and I've never heard of this problem". Shocking, astonishing conclusion: The American academia is clueless! Oh no! How can that be! (But hey, it explains so much.)
It took a few ruined students and an order from the Attorney General (IIRC) for stopping NY schools from using SSNs as student IDs.
I am not really surprised that some administrative cretins are still camping on their position after all the theft ID problems of the last few years. After all, Schools Are Clueless.
I would like to entertain the hope that a few of these moronic school administrations would be sued 'till they bleed by ruined students, but how could ruined students afford this kind of legal costs?
If you want to get rid of spam, do this:
1. Create a "secret" email account from a reputable provider. Make it unguessable. Add some digits or weird long strings. Don't give it to anyone.
2.Go to spamgourmet.com and create an account. It's free and open source. In the "forward emails to" field, enter your secret email.
3. Give spamgourmet addresses to your friends. If your account name is Joe6Pack, give your pal Jack Daniels an address Jack.Daniels.Joe6Pack at spamgourmet dot com. To greatdeal.com, give greatdeal.com.Joe6Pack at spamgourmet dot com. This way you know who has what address. Those spamgourmet addresses are disposable.
All the emails sent to your various spamgourmet addresses are forwarded to your secret account.
4. If Jack, who is a friggin' idiot running XP and Outlook, gets yet another Kletz-like virus, the content of his Outlook address book will be compromized and all these addresses harvested by spammers. Just go to spamgourmet.com and disable the compromized address. Tell Jack he's a fool. Give him another disposable address if needed... Until next time.
If greatdeal.com turns out to be a spammer, just disable their address.
5. After a couple of months, disable your old email accounts, the ones that are spammed to death right now.
6. No more spam. Or if you get spam, just disable the spammed address and report the spammer to spamhaus.org. You'll never be spammed more than once.
Works for me.
Barring a totally new email protocol, we'll always have to deal with SMTP attacks. I'm afraid there's nothing you can do about dictionary attack, except maybe detect them and refuse the connection from this IP address for the next X hours.
Bayesian filtering is interesting because it reduces the efficiency of spam, hence the profitability of spam. But there is another way: Force people to think twice before they sell your address or, worse, post it on an open web site.
As a deterrent against address selling, I am now using exclusively disposable, traceable addresses, from www.sneakemail.com and www.spamgourmet.com.
Addresses generated from these sites can be given to just one entity or person. If that person sells or post your address, you inhibit the address and put that person/firm in your "stinker" list. And you make sure people know.
If the use of traceable addresses was prevalent, the number of spamming outfits would quickly drop, since you can pinpoint the source of each address. At least that's my experience.
My question is, do you think this would work on a large scale?
McEntire doesn't get it.
Most of the Linux distro revenue comes from professional servers and technical workstation users who want paid support. These users couldn't care if MS gave away their products. They would consider switching to, say, IBM's AIX or Sun's Solaris if the price was right and the apps available. But not to Windows.
The fact that this guy is not aware of this simple market reality and yet manages a stock portfolio is really scary. Keep away from his Marketocracy Technology Plus Fund.
Now, on another hand, your argument about Linux on the desktop makes much more sense:
I especially see this coming as the other divisions of Microsoft, such as MSN and the XBox, while still losing money, are not losing as much money as they used to, and thus Microsoft would no longer have to rely on Windows and Office as their cash cows so much as they have done in the past.
Now that's a valid argument. It would not hurt the server sales but it would certainly hurt the Linux desktop numbers.
However, keep in mind that Microsoft depends on the value of its stock in order to retain employees with stock options. Now take a look at MS'S SEC filing, especially Note 9, "Segment information". Their operating systems and applications account for more than 86% of their sales income (financial activities excluded). The other divisions, entertainment and consumer electronics, are barely showing up on the radar screen. Even if they were profitable, they really couldn't scale up to the Office+Windows income. A sustained price cut on Windows and Office would hurt MS's income very badly, send their stock price down, and bring down their option-based financial Ponzi scheme. So they just cannot afford to do it.
See Bill Parish's report for an overview of MS's financial pyramid. Recommended reading to understand what makes the Redmond Beat tick.
It's very hard to make laws against corruption when there are so many things that are merely immoral and not illegal. Crooks will always invent mechanisms that exploit loopholes and oversights of the lawmakers. The more complex and all-encompassing the laws try to be, the easier they actually are to break. It's a sad consequence of system theory. Read
That's why, when you can catch one of them crooks, you should be merciless.
Finally, you correctly point out that getting investment advice from spam isn't too clever. The real crime in the Enron/Worldcom scandals was indeed not committed by the corrupt execs. It was perpetrated by the accountants and auditors who certified the books, tarnishing the whole system. For this form of economic sabotage, the Chinese government would shoot them.
Let's hope that more heads will roll in this case.
I don't think you accurately measure the damage this guy has done. He made $160k. Not much on the Enron/Worldcom Pimping Scale (TM), I agree. But in order for him to make a buck, a certain stock has to be pumped up with the hard-won cash of countless small investors. These people collectively lost much more than $160k when the bastard dumped the stocks.
It's not a zero-sum game. Like most other criminal activity, each dollar of illicit profit is actually creating tens of dollars of damage. So we're talking millions of destroyed wealth here.
Also, don't forget that countless other shitbags would be thinking twice before attempting pump-and-dump schemes now thanks to this deterring case.
Be thankful to the SEC that they finally condescend to catch the kind of miserable bastards that defraud the small people, instead of devoting all its time licking the wounds of multi-billion investors.
The only effective countermeasure I found was to use SpamGourmet. It's a web site that allows you to define disposable addresses forwarded to your real (secret) address. The disposable addresses can be disabled. They automatically shutdown after 20 messages from unknown senders (not in your whitelist). So, a Joe Job would generate, at most, 20 replies into your forwarded mailbox. After that, you'd have to re-enable the disposable email, although you'd rather leave it disabled because it WILL be spammed again.
Cool. My local pizza joint always plays the most annoying radio station on ceiling loudspeaker (hence specifically designed for entertaining the patrons).
The crap they play is cheezy music with a ton of ads between each song and an idiotic DJ who is always bordering on drowning in his own drool. So could you please point me to the law stating the restaurant has to fork $265 to play that drivel? I'd gleefully show it to them. If this could stop them from playing this audible excrement, it would do patrons a great favor!
Yeah, I know, I should go to another place. There is another pizza parlor in my bustling 300-trailer metropolis, but it's a mile away and the two servers always makes passes at customers. And they licks the tomato sauce off each other's fingers while they fix the pizzas. So I'll stick with the clean one.
Most PCBs, especially large-volume consumer grade devices, use only surface-mount components (SMC). These things cannot be replaced by a human being. They are soldered through a vapor deposition process. Just the heat of an approaching soldering iron melts the solder film and the passives pop out of the board. Litteraly.
When a prototype has to be reworked, it takes extraordinary time and precaution to replace, say, ASIC # 5 with netlist v 19.6 because v 19.7 fixes a bug. The rework equipment alone costs a fortune. No way this can be done by regular repair shops. So the boards are always replaced, never repaired, when they fail. So much for the repair market.
Wave-soldered PCBs don't fare better. This type of soldering requires post-assembly cleaning to remove the corrosive resin that deposit around the solder pads. You use a warm solvent bath to do that. But in recent years (since the late 90s), new regulations have banned these solvents because of ozone holes or something. It means that you now have to use extremely aggressive, toxic, inflammable benzine-based solvent instead. And not in an open tank anymore, or you'd kill everyone in the building. Way too dangerous.
So in these production lines, PCB are not cleaned anymore. The resin remains on the pad and slowly corrodes the copper of the PCB. Sooner or later, within a few years (especially in humid climates), a connection will fail, and your whole assembly, if not the whole unit, will go to the trash dump.
So these well-meaning environmentalists that wanted to save the world ended up accelerating the production of trash! Sad, huh?
With the notable exception of "419" spams which expect a reply by a moron^H^H^H^H^Hcustomer, most of the From addresses in spam emails are forged. Most of the time, they are chosen in a list of innocent people. Sometimes, the forged From address points to an anti-spam activist. This is known as a "Joe job". Recent Joe job victims include Spamcop and Spamgourmet addresses.
A 419 spam will include a genuine From address. On another hand, a whole category of messages have a forged From address:
I call these "unreturnable spams".
So "counterspam" will actually increase the amount of spam received mostly by innocent victims. Not quite a solution.
So please limit this "counterspam" to 419 senders. Don't help spammers. Avoid posting From addresses of unreturnable spams on Usenet.
"Experts" said it would take 3 years to resume a production line. The fact is that it's pretty hard to manufacture, fine-tune, characterize and ship such a very pure compound. As a result, most IC companies stated reserving their resin allocation to their most profitable IC lines. It became precarious to purchase low-cost TTL circuits.
Guess what? Experts were wrong, as usual! Sumitomo had a new line back in production after a few months. Worldwide shortage was averted. Radio Shack kept selling these 74xx TTLs. Wew.
Lesson learned but never applied: Never depend on a producer that manufactures most of the worldwide supply of anything in only one location.
I don't believe this even makes economic sense. Look at the incident this weekend on the ISS. The rail cart was blocked by a mechanical incident, and then by a bug. Bugs on such an expensive contraption are very costly, not to mention potentially deadly.
Look at the Westminster Bank fiasco, where a badly managed software project (replacing the back-office mainframe processing with NT servers) collapsed and led to a very expensive delay. This fiasco cost about $200 million. I don't think a correctly (scientifically) managed project, if such a thing was possible, would create such a cost overrun.
I have many more examples. What's missing in the demonstration, of course, would be example of scientifically managed software projects as a counter-example to the voodoo-like approach to software that we all know and loathe.
So really, it's not that we can afford them. It's that we don't know better.
Software is at best a cottage industry of craftmen that have widely different abilities. At worst, it is a cottery of alchemists that promote their own secret snake oil recipes and only succeed by sheer luck.
And I am a developer that calls himself a software engineer, so this is not a flame.
Why craftmen? Because we develop with tricks and recipes, often called "processes". But neither of these are scientific processes. They cannot predict the outcome of a software project within a definite set of constraints. They cannot be disproved. And they cannot explain failures. So they aren't science, they are rules of thumbs. The guy who makes a living by applying rules of thumbs and learned tricks is a craftmen.
Why alchemists? Because scientists publish their methods and their results. To the contrary, the software industry hides its customer references and does not publish its source code (with the notable exception of Open Source, with remains the exception in large-scale software projects). This is how alchemists and "savants" worked in the Renaissance. They hid their trade secrets, they had confidential relationships with rich patrons, and they feared full disclosure.
On top of that, each subbranch of computing has its own lingo and redefines as many words as possible. Mathematicians who specialize in field theory topology may not understand number theory, but at least, they use distinct, well-defined jargons. In computing, terms like "record", "field", "server", "link" are so overloaded that they are just noise.
About 60% of all software projects are cancelled or written-off as failures. I don't think civil engineering or, say, aeronautics have such a abysmal track record.
I hope that some day, we'll practice and teach Computer Science as, well, a science, not as a craft.
The site mentioned above (tintin.qc.ca) gives indeed a good history of the Tintin movies. The series was adapted into several not-so-good movies already. I've seen them all. :-)
The Spielberg aficionados will take comfort in knowing that Spielberg had been negociating to buy the Tintin movies. He declared in an interview that after the success of the 1st Indiana Jones, he had money for some old film projects he wanted to do, among which a Tintin movie. He has been a long-time admirer of Hergé. Unfortunately, after Hergé's death, the negociations went nowhere.
The character of Chang in the "Temple of Doom" is a hommage to Hergé's homonymous character in "The Blue Lotus"
So one thing is sure. Spielberg is not doing this just because he's smelling money. He's taking Hergé's masterpiece as a work of art. That kind of approach generally gives decent results.
As a footnote, the person who heads the company that manages Hergé's copyrights and derivative is an American who married Hergé's widow. That person has acquired a rather sinister reputation for being absolutely merciless, some kind of male Hilary Rosen, not even allowing basic fair use.
Wow, that's optimistic. Unfortunately, in most MS shops, the opportunity to deploy a Linux server only comes after the bean counters have a cow when they see the bill for the new 3GHz machines required to do menial server jobs. It means that by the time you get there, a lot of work has already been done on .NET apps. Of course we know that it's suicidal, but MS has billions of marketing dollars to snowjob countless customers.
So I am afraid that you, my friend, are dismissing the Redmond Beast a tad too fast!
Thanks for responding.
Portable .NET sounds pretty neat. However, will it be useful? Assume that it's a success. It 2004 and several corporations are deploying Linux servers to serve department-wide .NET apps, hereby deprived MS from revenue it extracts from heavyweight .NET servers. What prevents MS to change critical parts of the .NET standard in the next iteration? Nothing. It's even likely that the new additions will be heavily patented to protect them against compatible servers. The next generations of .NET apps will then be uncompatible with the portable version and customers will have to revert to all-Windows shops.
Mind you, this is not a flame or anything, I am just trying to be practical here. Anything that can give people breathing rooms when it comes to MS standards is good. But here, I am really afraid that as soon as the portable .NET will start being successful, MS will notice it and intervene.
Any reason why the scenario above could not be implemented?
I was getting so much spam on my dial-up account that it sometimes took me 20 mins to download mostly useless, if not offensive, email. Sorting it automatically by client-side methods (e.g. SpamAssassin) wasn't helping the download time, since you still have to download the blasted spam before you sort it.
So I got rid of my contaminated address. I created an account on two web sites: www.spamgourmet.com (free) and www.sneakemail.com (mostly free).
Spamgourmet allows you to create an infinity of different email addresses all going to your POP3 account, by adding various prefixes. So say, to take a recent example, that your account is SpammerMaimer and you want to subscribe to, oh, MIT Technology Review's newsletter. You create an address called MITTechReview.20.SpammerMaimer (@ the SG domain). The "20" in the middle word of the address gives them 20 shots at emailing you before the address shuts itself down (and you can manually reset the counter).
Then, surprise! This stupid magazine sells your address to several spammers. On top of that, their forum system is spammer-friendly because it encourages email address collection.. You know that it's them, because you haven't given that address to anyone else. So what do you do? You go to your Spamgourmet account and shut down that MITTechReview.20.SpammerMaimer address. Problem solved.
For truly one-shot emails, I use sneakemail, which creates disposable addresses that you can disable individually.
The hardest thing is to keep the old address active for a while until all your usual correspondants have been informed of your new address. Then, when you switch your ISP email address, you just have to change the forward address in SG and Sneakemail.
Highly recommended.
Mod this up! This is a very nice detective work!
This is not meant as a flame or an aggressive comment. I'd just like to note that you're lucky, because my experience is that W2K crahes. Less than NT or 98, but still.
I use a Win2K box with latest SP applied, mostly for office work (someone port Notes to Linux!). I run web browsers, a few telnet sessions, Notes, Acrobat Reader and a few Java apps. I have ample memory (512MB) and I am barely paging.
Yet, I often arrive at the office in the morning to find my W2K box showing a BSOD with "Starting physical memory dump". I also sometimes get a BSOD doing very innocuous things such as typing an email.
So if you know why I keep crashing and how to fix it, please let me know.
You sure about the standard reagent? I have read about something more elaborate such as immunokit-based indicators. Then again, corn is a bad example. Stick to bacterias.
Thanks for your reply. Very interesting point. If you have points, please mod up the parent.
However, my concern is that by swamping the environment with resistance genes for even "obsolete" antibiotics, we are making sure that these antibiotics will never be effective against anything anymore. That's one less weapon in a tough fight.
After all, the number of new antibiotics marketed in the last 20 years is quite low. Are we really sure we can afford to write off an antibiotic?
There are publications saying that if you stop using a selecting agent such as an antibiotic for a long periond of time, the corresponding ABR gene will probably mutate and degrade in most strains, making the antibiotic effective again, at least for a few years. But if you have copies of this ABR gene all over our crops, it will probably never disappear from bacterias in the wild.
Also, an AC below is making a point about BASTA resistance about which I know nothing. Care to elaborate?
Again, thanks for your reply.
The benefit of using an antibioresistant gene as a marker is that you can use standard reagents to look for it even in non-bacteria, or so I have been told. It's a matter of tooling.
Vancomycin-resistant staph is really bad news. Vancomycin was the last line of defense among antibiotics that have been tested. Its successors are very recent and might have side effects that haven't been detected yet. Not to mention that they are very expensive.
That's one more reason why it's a bad idea to use antibiotic resistance genes as selection markers in genetically modified organisms (GMOs). The process goes like this: A researcher wants to splice, say, a sheep's wool-producing skin gene into common corn so that the GM corn will have wooly fibers (cheaper wool, great!). The researcher prepares thousand of modified cell cultures. The gene splicing has succeeded in only a small percentage of them. How does he select the cells with the spliced gene? Easy: He also splices another gene, coding for antibioresistance (ABR), and looks for its signature in the Petri dishes, using standard reagents.
Then when the wooly corn is marketed, all its cells carry the same ABR gene. Eat the corn, and the bacteria in your guts get a chance to acquire the ABR gene from exposure to it. Then you get sick. The doctor prescribes antibiotics. All the E. Coli in your guts are killed, except the infinitesimal fraction that acquired this ANR gene. Then the surviving fraction repopulates your intestine. All your E. Coli population is now ABR. They will transmit the gene to some pathogene sooner or later.
Understand me, I don't really think that GMO are evil. Some GMO are actually very good ideas. The problem is that implementation of the idea with selection through ABR is very dangerous. Look it up for yourself.