A truck being shipped out of country would not be equipped with a tracking device...
Other posts have pointed out that in order to be effective, the device would have to be well hidden... So how can the purchasing country be sure that there really is no such device hidden somewhere?
Isn't this a lot like the fears about hidden backdoors in Mircosoft Operating systems, that have already several countries worried?
And in these kinds of situations, the fear that there could be something hidden is enough. And trust me, in our example, that purchasing department student will see that he does everything in his power to convince his boss that there is indeed cause of concern!
It did not say, "the fastest computer", it said "the fastest personal computer". Is a mainframe a personal computer? Is a supercomputer a personal computer? Is a beowulf cluster one personal computer?
Glad to hear of this resounding victory, ie stopping one spammer from sending one steam of spam to one server.
This was just one example where we took the time to actually watch what was happening. Lot's of other spammers get bogged down in the teergrube as well
By next week I suspect that spam will therefore be a problem of the past.
We do get less spam since we have put the teergrube in place (although it will never drop completely to zero). The teergrube also is not the only defensive measure: we also use DNS block lists (spamcop, ordb,...), a well furnished access list, and individual procmail filters. Yes, spamfighting is not an easy task, and there is no single silver bullet.
If your spammers are knocking up scripts in VB, I suspect they aren't real spammers. I would expect to find the professionals on Linux servers, because they are cheaper to rent, and any perl programmer with half a brain can pick up a couple of modules from CPAN that will let him handle tens of thousands of open connections at a time. Will your average office Exchange server on an ADSL connection go that high?
You'd be astonished at the number of spammers relying on Micro$oft technologies. Also for their web sites: IIS, Asp.net, Micro$oft sewer server, with all its injection vulnerabilities...
If I was writing the script
Better not do this, or you'll get your entire ISP blacklisted;-)
(and I would repeat that this is not one of my interests, although truth issues don't seem to worry you too much), I would close connections after x seconds and put those domains down as first on the list for my next IP address.
Many spammers are indeed smart enough to detect a teergrube, and close the connection after a couple of minutes. However, enough of them never close it. We've had cases where spammers have stayed connected for weeks...
This conversation is starting to depress me. Are you telling me that there are still mailing list programs out there that don't multithread?
Most do multi-thread, but they have a finite number of threads. We have seen this well with the
mikemail spammer: over a couple of hours after we put him into the teergrube more and more connections showed up, and then at ten, it suddenly stopped. When killing one of the connections (by killing the teergrube server process handling it), it would be back in a quarter of an hour. So it looked as if the spammer's mailer had a fixed number of about ten threads, and once all of them were tied up, it was bad luck for the spammer. Obviously, a couple of days later, the spammer removed all addresses from our domain from his lists;-)
Are they written in GW BASIC?
Today, I'd rather suspect Visual Basic...
The last one I looked at had a default limit of 9999
Well, for mikemail it was rather around ten (or maybe more, assuming there were other teergrube's helping to tie up his threads...)
A
teergrube is actually a more effective anti-spam measure than a plain block. A teergrube accepts the spammer's connection, but then just stalls, only sending "continuation lines" from time to time, to keep the spammer's program from timing out. By doing that, we tie up the spammers resources: while he's busy with our teergrube, his program won't send out spams to anybody else either (unless their program is multi-threaded). Thus a teergrube not only protects its owner; it's also a valuable community service!
Not always. Sometimes it's also technically useless, practically life-saving. Lemme tell you an old joke to illustrate the point:
There was this helicopter pilot whose job was to ferry VIP's from Seattle airport to downtown. One day he found himself with a passenger in a pea soup fog somewhere over downtown Seattle. No landmarks were visible and the passenger became panicky. The pilot said "Don't worry" and very gradually let the helicopter down until it was hovering opposite the window of a large, unidentifiable building.
The pilot motioned to a woman working in the building to roll down her window and asked her "Where are we?"
The woman responded "You are in a helicopter."
The pilot immediately lifted the helicopter above the building tops, flew a mile and a half, let it down through the fog, and hit the landing pad dead center. The amazed and relieved passenger said "How on earth did you do that?" The pilot said: "It was simple. The information the woman gave me was precisely correct and totally useless. I knew that she had to be working at the Microsoft Customer Support Center."
So, although the information was technically useless (the pilot knew already that he was in a helicopter), it was practically useful (because it said more about the woman who answered... which allowed the pilot to correctly infer his location...)
The idea of equal opportunity and equal rights should be that you just hire whoever is better for the job, and hit anyone making this not so with a big stick that has a nail in it.
Actually, according to the memo, the issue here was not just about diversity, but active discrimation. They were not hiring whoever was better for the job, they were giving better chances to caucasians: certain career opportunities were only offered to caucasians, critical information was withheld from minorities. The playing field was severly skewed against minorities. Yes, in this memo lack of diversity is just a polically correct euphemism for outright racism!
Aiming for exactly 50% one thing or another is no less sexist/racist than only hiring women or only hiring men (etc).
It was not about aiming at exactly 50%, but rather about aiming at anything above 0% for the minority employees!
Great! Maybe I'll just eventually find another Cybercafe to check my mail on better working machines.
Or just walk to the other side of the room, where those machines are that always work;-)
Remember that customers come and pay for service.
If this service can be performed in a more cost-efficient way, they need to pay less. Which will bring in new customers. And once we've gotten rid of most of the Bill-worshipping customers, we may reduce the number of windows computers to 1/4 (rather than half, as suggested first), and thus cut even more costs, bringing prices even further down, and attracting more new customers. A virtuous cycle!
They don't pay to be educated in OS advocacy.
Well in the case of a windows cybercafe, they pay for the cyberwaiter to clean up their mess... Whereas in a Linux cybercafe, the price paid can actually go towards better equipment, more bandwidth,...
The NTFS (Windows NT File System) is currently not fully supported:
I will not trust making images for any of my workstations if it adds another potential factor other than MS instability for crashes.
The just use Udpcast which is completely file-system independant. It directly reads from the disk partition, and doesn't need to understand its structure. Compression is achieved using lzop or gzip, to keep transfer times manageable.
Until then I have to stick with tried methods which now includes Symantec Ghost.
You are sadly mistaken if you believe that this doesn't add to the MS instability;-)
Also unfortunately the security folks do not want any *nix machines (even though most of their IDS are based on some flavour *nix but I have to abide by their wishes)
Just don't tell them;-) It's just a self-contained boot CD. No need to know what OS is on it, especially since nothing of it is installed permanently on the PC.
>Another trick that helps is to always keep the Linux machines in perfect working order
Oh, you mean as in "doing nothing"?:-)
>and "neglect" the Windows machines.
Here you mean, "As in let the costumers use them":-)
That's exactly what I meant. You got me 20/20;-)
Two weeks without re-imaging the WinXP machines? do you have any idea what kind of crap acumulates on these computers after one DAY of use? seeing the results of a Ad-aware run is scary.
Well, that's basically the point... Chose your re-imaging interval long enough that a sizeable amount of machines are unusable. Ok, maybe two weeks is exagerating it a little bit. Maybe half a week? Target is that you only re-image when about 2/3s of the Win machines are in an obvious "funny" state, and only about 1/3 should be usable. Observe, and tune your maintainance cycles accordingly.
And this is not even overly harsh to the windows-insisting customers:
at any given time there are at least 1/3 "usable" Windows machines
on average only 1/3 are funny (0 after re-imaging, 2/3 just before ===> 1/3 on average)
This means that often customers have to try several machines before finding one that "works", but in most cases manage eventually to find a working machine ==> the message gets accross, all the while the situation does not get so bad that they walk away to another cybercaf. However with time customers notice that if they walk to a Linux box right away, this will be good, no need to try 5 machines. Hurry and laziness should then do their thing.
Just one pitfall to avoid: avoid doing your re-imaging always on the same weekdays. Or else you'll just educate your customers to come on Monday mornings and Thursday mornings, rather than to use Linux;-). So be unpredictable!
I think that if I tried to put all that crap on purpose on my machines I could not do it.
No need to put anything on purpose, just let nature run its course...
And before someone tells me to set up group polices, etc, Yeah, I know all about them.
You need Active Directory for them to work well and for Active Directory you need a Windows Server which costs 'mucho dinero'.
I hope Samba could help me with the AD stuff in the near future.
You can set up policies in Samba, just put an NTconfig.pol file into your [netlogon] share on the server. Like with all shares, you can make the server path of this dependant on a number of variables, such as %G (Unix group). That way, you can have the policies active for users of group customer but not for those in groupadmin.
On login, NT and 2000 boxes download this and apply it. The NTconfig.pol file can be made with the policy editor (included with 95, 98, NT, and 2000, as far as I know). I'm not too proficient with XP, but I guess you can find a policy editor there too. You pretend to edit a policy for a local user, and when done, you copy the NTconfig.pol file to the server.
Another trick that helps is to always keep the Linux machines in perfect working order, and "neglect" the Winders machines. Do you really have to re-image a Windows as soon as some doofus customers catches a virus on it? Escpecially given the phone ordeal that you have to go through after imaging it!
So make it your policy that you only re-image those machines once every two weeks. If a customer complains, point him to the Linux machines (which do work fine, due to inexistance of viruses on that platform. And if something happened to them anyways, it's much easyer to reimage them!). After a while, the message should sink in.
Slashdot Mirror
But with computers, the contrary of alibi is cron job, so I'm not gonna think this is going to help the guy in court.
Oh, and I naively thought that GWB had his head problem already before the incident!
(Note the above is a question, hence in this sentence, the question mark is justified...)
Other posts have pointed out that in order to be effective, the device would have to be well hidden... So how can the purchasing country be sure that there really is no such device hidden somewhere?
Isn't this a lot like the fears about hidden backdoors in Mircosoft Operating systems, that have already several countries worried?
And in these kinds of situations, the fear that there could be something hidden is enough. And trust me, in our example, that purchasing department student will see that he does everything in his power to convince his boss that there is indeed cause of concern!
It did not say, "the fastest computer", it said "the fastest personal computer". Is a mainframe a personal computer? Is a supercomputer a personal computer? Is a beowulf cluster one personal computer?
Congratulations! You just discovered the hidden anti-Microsoft message in the Matrix!
Toulouse Explosion Losses May Total $840 Million
I also wonder whether phonomenon is an intentional pun, or just a normal run-of-the-mill Slashdot typo.
But, whatever you do, don't look at their glass. There is no beer in existence that is yellowish-reddish with disgusting brown chunks in it!
And there's the issue about cover art and the gimmicks you get along with the CD. These too are part of the experience.
This was just one example where we took the time to actually watch what was happening. Lot's of other spammers get bogged down in the teergrube as well
By next week I suspect that spam will therefore be a problem of the past.
We do get less spam since we have put the teergrube in place (although it will never drop completely to zero). The teergrube also is not the only defensive measure: we also use DNS block lists (spamcop, ordb, ...), a well furnished access list, and individual procmail filters. Yes, spamfighting is not an easy task, and there is no single silver bullet.
If your spammers are knocking up scripts in VB, I suspect they aren't real spammers. I would expect to find the professionals on Linux servers, because they are cheaper to rent, and any perl programmer with half a brain can pick up a couple of modules from CPAN that will let him handle tens of thousands of open connections at a time. Will your average office Exchange server on an ADSL connection go that high?
You'd be astonished at the number of spammers relying on Micro$oft technologies. Also for their web sites: IIS, Asp.net, Micro$oft sewer server, with all its injection vulnerabilities...
If I was writing the script
Better not do this, or you'll get your entire ISP blacklisted ;-)
(and I would repeat that this is not one of my interests, although truth issues don't seem to worry you too much), I would close connections after x seconds and put those domains down as first on the list for my next IP address.
Many spammers are indeed smart enough to detect a teergrube, and close the connection after a couple of minutes. However, enough of them never close it. We've had cases where spammers have stayed connected for weeks...
Most do multi-thread, but they have a finite number of threads. We have seen this well with the mikemail spammer: over a couple of hours after we put him into the teergrube more and more connections showed up, and then at ten, it suddenly stopped. When killing one of the connections (by killing the teergrube server process handling it), it would be back in a quarter of an hour. So it looked as if the spammer's mailer had a fixed number of about ten threads, and once all of them were tied up, it was bad luck for the spammer. Obviously, a couple of days later, the spammer removed all addresses from our domain from his lists ;-)
Are they written in GW BASIC?
Today, I'd rather suspect Visual Basic...
The last one I looked at had a default limit of 9999
Well, for mikemail it was rather around ten (or maybe more, assuming there were other teergrube's helping to tie up his threads...)
A teergrube is actually a more effective anti-spam measure than a plain block. A teergrube accepts the spammer's connection, but then just stalls, only sending "continuation lines" from time to time, to keep the spammer's program from timing out. By doing that, we tie up the spammers resources: while he's busy with our teergrube, his program won't send out spams to anybody else either (unless their program is multi-threaded). Thus a teergrube not only protects its owner; it's also a valuable community service!
Yes, there is a very rational reason: Host Europe not only hosts spammers, they also host whiners!
Thanks, didn't have that one in our deny lists yet. It is now teergrube'd along with China, Chile, Brazil and Verio.
You don't wanna end up on the death-row because a particularly savvy spammer managed to pull off the perfect forgery with your name on it...
With no working computers in the Windows cafe, what are the customers paying for? And where do they want to go tonight, if they still want to surf?
Not always. Sometimes it's also technically useless, practically life-saving. Lemme tell you an old joke to illustrate the point:
So, although the information was technically useless (the pilot knew already that he was in a helicopter), it was practically useful (because it said more about the woman who answered... which allowed the pilot to correctly infer his location...)
The idea of equal opportunity and equal rights should be that you just hire whoever is better for the job, and hit anyone making this not so with a big stick that has a nail in it.
Actually, according to the memo, the issue here was not just about diversity, but active discrimation. They were not hiring whoever was better for the job, they were giving better chances to caucasians: certain career opportunities were only offered to caucasians, critical information was withheld from minorities. The playing field was severly skewed against minorities. Yes, in this memo lack of diversity is just a polically correct euphemism for outright racism!
Aiming for exactly 50% one thing or another is no less sexist/racist than only hiring women or only hiring men (etc).
It was not about aiming at exactly 50%, but rather about aiming at anything above 0% for the minority employees!
Well, this one, for starters. Although the substance was their unintentionnally...
Or just walk to the other side of the room, where those machines are that always work ;-)
Remember that customers come and pay for service.
If this service can be performed in a more cost-efficient way, they need to pay less. Which will bring in new customers. And once we've gotten rid of most of the Bill-worshipping customers, we may reduce the number of windows computers to 1/4 (rather than half, as suggested first), and thus cut even more costs, bringing prices even further down, and attracting more new customers. A virtuous cycle!
They don't pay to be educated in OS advocacy.
Well in the case of a windows cybercafe, they pay for the cyberwaiter to clean up their mess... Whereas in a Linux cybercafe, the price paid can actually go towards better equipment, more bandwidth, ...
The NTFS (Windows NT File System) is currently not fully supported:
I will not trust making images for any of my workstations if it adds another potential factor other than MS instability for crashes.
The just use Udpcast which is completely file-system independant. It directly reads from the disk partition, and doesn't need to understand its structure. Compression is achieved using lzop or gzip, to keep transfer times manageable.
Until then I have to stick with tried methods which now includes Symantec Ghost.
You are sadly mistaken if you believe that this doesn't add to the MS instability ;-)
Also unfortunately the security folks do not want any *nix machines (even though most of their IDS are based on some flavour *nix but I have to abide by their wishes)
Just don't tell them ;-) It's just a self-contained boot CD. No need to know what OS is on it, especially since nothing of it is installed permanently on the PC.
Oh, you mean as in "doing nothing"? :-)
>and "neglect" the Windows machines.
Here you mean, "As in let the costumers use them" :-)
That's exactly what I meant. You got me 20/20 ;-)
Two weeks without re-imaging the WinXP machines? do you have any idea what kind of crap acumulates on these computers after one DAY of use? seeing the results of a Ad-aware run is scary.
Well, that's basically the point... Chose your re-imaging interval long enough that a sizeable amount of machines are unusable. Ok, maybe two weeks is exagerating it a little bit. Maybe half a week? Target is that you only re-image when about 2/3s of the Win machines are in an obvious "funny" state, and only about 1/3 should be usable. Observe, and tune your maintainance cycles accordingly.
And this is not even overly harsh to the windows-insisting customers:
This means that often customers have to try several machines before finding one that "works", but in most cases manage eventually to find a working machine ==> the message gets accross, all the while the situation does not get so bad that they walk away to another cybercaf. However with time customers notice that if they walk to a Linux box right away, this will be good, no need to try 5 machines. Hurry and laziness should then do their thing.
Just one pitfall to avoid: avoid doing your re-imaging always on the same weekdays. Or else you'll just educate your customers to come on Monday mornings and Thursday mornings, rather than to use Linux ;-). So be unpredictable!
I think that if I tried to put all that crap on purpose on my machines I could not do it.
No need to put anything on purpose, just let nature run its course...
And before someone tells me to set up group polices, etc, Yeah, I know all about them.
You need Active Directory for them to work well and for Active Directory you need a Windows Server which costs 'mucho dinero'.
I hope Samba could help me with the AD stuff in the near future.
You can set up policies in Samba, just put an NTconfig.pol file into your [netlogon] share on the server. Like with all shares, you can make the server path of this dependant on a number of variables, such as %G (Unix group). That way, you can have the policies active for users of group customer but not for those in groupadmin.
On login, NT and 2000 boxes download this and apply it. The NTconfig.pol file can be made with the policy editor (included with 95, 98, NT, and 2000, as far as I know). I'm not too proficient with XP, but I guess you can find a policy editor there too. You pretend to edit a policy for a local user, and when done, you copy the NTconfig.pol file to the server.
But of course, doing this spoils half the fun :-(
So make it your policy that you only re-image those machines once every two weeks. If a customer complains, point him to the Linux machines (which do work fine, due to inexistance of viruses on that platform. And if something happened to them anyways, it's much easyer to reimage them!). After a while, the message should sink in.
Easy: a trojan is a piece of rubber that you strip over your ...
piece ... to prevent viruses from spreading.