Don't forget that SCO has a PIPE deal with BayStar Capital and the Royal Bank of Canada that gives them priority over most claimants in any liquidation deal. Plus, The Canopy Group has a promissory note to SCO which also gives them priority.
Would it be possible for the judge to enjoin them from filing for bankruptcy until after the judgement is paid? Not a lawyer, but I'm curious... (Not curious enough to pay a lawyer to answer, though.)
However, if they try to put this in my car...it will be disconnected quickly.
If you drive a late model auto, chances your vehicle already includes some kind of rudimentary "black box." Already, these black boxes have been used in court in various car-accident related cases. Here's an article that has a brief summary of what the current incarnations of these devices record. Here's another one that discusses why the current models aren't reliable enough to be the sole source of evidence in a case.
Hey, I like safety technology too... But there definitely has to be a privacy wall built-in, since marrying a GPS device to it (which is already coming... Googling for "automobile black box" brings up two or three companies whose business model is based on adding GPS functionality) would make the data extremely interesting to marketing people, police agencies, and other nefarious types.
I've even thought about starting a community ISP and getting a T1, but that's way too expensive... Turns out that getting T1 in my neighborhood is about three times as expensive as it would be just five block away!
Perhaps you should look into finding a partner with a business closer to the "Cheap" T1 area, and use a high-gain directional antenna and tunnel ipsec over 802.11g to your physical data center? If its a "Community ISP" people won't mind the slight reliability problems that using unlicensed spectrum as part of your critical data path presents.
Worst tech support in the universe: UPS
on
Orwellian Tech Support
·
· Score: 3, Interesting
If you ever have a problem with their desktop shipping software (that nobody on earth has any useful doc for) their first suggestion is ALWAYS to reinstall... Even if you've already done that, even if you know you accepted the defaults they specified...
Their next step is ALWAYS to send you another CD-ROM of the software, even if you have two copies of the same version and neither gets you anywhere. This is their "get off the phone" move, because they don't offer a download or FTP site... Instead, you must ALWAYS have it shipped to you, even if it is going to cost your business a large amount of money.
Actual Quote from Manager: "Sir, we can't afford the bandwidth to allow people to download a 650 mb CD-ROM from our web-site! We'd go broke!" Me: "I zipped the entire contents of the CD into a 12 mb file..." Manager: "The size is irrlevant, I simply cannot offer you any further support until you install from the new CD-ROM we're sending you."
This might be my favorite Slashdot story every... There've been tech support hell-tales before, but this is an intellgent dissection of the problem. A dreadfully wondeful story.
In my opinion, the quality order of the big job-boards, from greatest to absolute worst is:
1.) Monster. Tons of ads--most are actually for legit jobs. Only a couple "Help Desk Internship" postings for training companies. Plus, the resume posting has gotten me attention from half-dozen different outfits.
2.) CareerBuilder. Used to be all headhunter crap, but now that they've partnered with 1,000,001 newspapers, you get real ads for real jobs from your local paper. There are occasionally ads for those "Earn $60,000 with 12 months training" places, though.
3.) Dice. Godawful. Almost 100% headhunter/fakeout-fraudster listings. I've never called somebody re: a job on Dice where the conversation didn't end with "Sorry, we've already filled that." And I don't think its because Dice is "so awesome" at getting people work. I think its because their ad-rates are uber-cheap so headhunters use them to collect a good pool of eligible applicants' resumes for when they have actual jobs to fill.
Overall, my online job site experiences have been mixed. Monster has gotten me three interviews, and about half-dozen inquiries in the last year, which is a pretty good "hits to interview" ratio. (Hits to interview ratio is my own made up, totally non-scientific statistic.) CareerBuilder has brought me one interview after inquiring with more than 50 employers, so not a very good ratio. Dice is garbage though. 100% of the time I've spent on Dice.com has been wasted. You'd do better to hire a crop duster to drop your "Resume folded as origami" from an airplane over the city than to spend your time searching Dice for jobs. Their new service where, for $50, they spam your resume to several thousand headhunters also looks rather scammy/worthless.
My advice? Network. Figure out what companies you're interested in, and find out where the employees hang out after work. Go there, meet a few of them, and make friends. Then drop an email a few weeks later mentioning your job-search. I've gotten a handful of interviews using this technique as well.
"What sorts of pension funds and health insurance do you offer to your employees?"
Under no circumstances should you talk about this subject until you have an offer on the table. (Or they've brought it up... ie. "This position pays around $xxx, and has yyy benefits... How does that compare with your expectations?")
Bringing up money or benefits early (and early by THEIR judgement, not yours) will turn off a great many employers, and usually results in not getting an offer. Don't talk money until they do. Once they bring it up, it is no longer a tabboo subject.
1) Make sure that every point you make is backed up with fact and research. Avoid religious level proselytizing. Just becasue you (and I) are already sold on FOSS doesn't mean they're going to accept that information without supporting data. Remember, as a senior leader in any organization, their jobs are to play devils' advocates and plan for the worst case scenario when evaluating now projects and expenditures. Allay the fears that they may already have. It would be wise to read Microsoft's anti-OSS propaganda pages and rebut, in your first paper, all of those claims that relate to your organization.
2) Write with a hefty respect for "What could possibly go wrong?" Anticipate objections and rebut them in your initial report. For each FOSS product you're planning to use, explain how you can make it redundant (ie. failover web-server/database serveR) and how you can recover your backups in the case of data loss. If you can make your current backup solution work with your alternative OS servers and apps, that's a big benefit! As you can imagine, protecting their large, director level salaries is a big concern for the PHB's today. Make them understand that support and recoverability are not the exclusive domain of proprietary vendors. They might approve switching some in-house app from SQL Server to Postgres if they know you will still have full functionality and recoverability without spending a mint ripping out the backup software/hardware and starting over.
3) Make the point that FOSS is perfect for some needs, while less suited to others. You have a better chance of having your ideas accepted if your message is "right tool for the right job." Is there any reason that file and print server should run Windows 2003 Server and require 2 gig of RAM and dual XEON procs when Mandrake, Samba, and Webmin would achieve the same goals on a lot more modestly appointed system.
4) Don't forget about hardware! Point out that software that uses fewer hardware resources will require less frequent hardware replacement. A new linux kernel doesn't mean everybody needs new hardware... Compare with each new iteration of Windows having an ever exponentially-increasing list of hardware requirements.
Beyond that? You're on your own. Oh, and to quote Bob from "That 70's Show": "Hit him with a banjo."
AFAIK Janet Jackson's nipple has been used as an excuse in the US to enforce a 5 minute delay loop on awards shows in the future. This effectively kills the live in "live" and is newsworthy IMHO.
I'm afraid AFAYKIVFOTS (As Far As You Know Isn't Very Far On This Subject.)
The tape delay was a decision CBS made on their own. The FCC doesn't mandate broadcasters using specific technology (outside of certifying transmitter equipment, antenna systems, and the like,) only requires the broadcaster to take responsibility for any "oopsies" that they broadcast. In order to avoid responsibility for future "oopsies" (and show they've taken steps to correct the problem Janet's nipple created) they self-imposed use of a 5-minute delay.
I'm not sure i really want ATI and nVidia to open up. There's already so many cheats out there for various games; if the video drivers themselves were more open, wouldn't this make it worse?
Not unless the game was REALLY badly written... For instance, if some part of the game's competitive logic relied on an anticipated response from the video driver, which would be, well, retarded... The game would have to know how to anticipate every conceivable video card in creation to work right, or they could only support one or two and limit their sales to people who own those cards.
my ISP is starting a promo next week - up to 6mbps down, and up to 608kbps up, with 8 static IP's. all for only $45/month. the caveat is that you have to sign up for a 1 year contract (an SBC requirement anyway) and after the 1st year it goes up to $70/month. they are working on pulling strings so that you can renew at the $45/month rate for an other year commitment indefinitely:)
FYI: They appear only to serve certain areas of coastal California. Which is too bad, because I have Comcast, hate it, and would do a lot of things to get a service like that for that price.
Maybe I could finally forward my own mail for my domain without having half servers on the internet treat me like a spammer...
Just because you choose to be ignorent of the fact that when you purchase and play a DVD you are agreeing to certain things, does not mean it is not so. You choose to ignore these things like it will make them go away. But that is not the way it works in the real world.
Please cite: 1) A source that details what is in this alleged "agreement." 2) Some evidence that I signed it (a copy of the agreement bearing my signature, please.) 3) Some law that says once I buy a DVD I really don't actually own it. 4) Some law that says I can't watch my DVDs on a "non-approved" player.
If you can't do any of the four, kindly pound sand until you can.
Also, for the moment, we'll pretend you're not ignorant of the correct spelling of ignorant.
You go into court, you demonstrate the trivial manner of arriving at the trivial fact- with no use of the source in contention and case closed.
Yes... Thousands of dollars later, sure. You don't have to go to court to win using a lawsuit. Look at SCO: Those scoundrels have taken millions of dollars out of the company by dumping their stocks. They're never going to win, and they know it. These schmucks are simply trying to walk away with something. Many of them probably have cushy (mostly stock) golden parachutes that are worthless if the company goes bankrupt.
i had a boss explain to me that he in fFact did not want to know what was wrong. he wanted to know everything was okay. he, as a manager, had a lot of responisibility, and wanted some reassurance that all things were going okay.
Homer: This will go off [HORN] every two seconds [HORN] as long as everything [HORN] is okay! Marge: (Covering ears) Shut it off! Homer: [HORN] It can't be shut off! [HORN fades and dies out, flatulently]...But it does break easily.
Totally OT but your manager reminded me heavily of that scene in the "Homer the Inventor" episode where he goes after Thomas Edison.
I just block your domain and the problem is solved. Better yet the blacklist does it for me.
That's all well and good, but then we're right back where we started with you, the server admin, having to manually add my IP ranges to your forbidden list, or trust some ramdom black list server operator not to accidentally block messages from senders you consider legit.
Again, anything that requires an active hourly/daily admin task doesn't stop spam, because your average admin is swamped with work these days, having seen most of his co-workers laid off and their work piled at his feet. If he needs to actively monitor the content of messages on his mail server, your plan has already failed.
My SMTP server gets email from joeblow@123.com. I finger joeblow@123.com. If 123.com says joeblow is a real user I then accept the email, other wise I can it.
...What stops me from re-writing the finger daemon to verify any address passed and then spamming you until I get tired? After all, spammers have disposable domain-names, and may not care one iota about whether their "legit" finger requests aren't responded to accurately--because chances are their dummy domain won't have any requests that aren't related to their spamming activities.
I think verification of sender is the only real way to stop spam while still using the SMTP protocol. And as we all know, we can either fix SMTP, or come up with something new. Then get every vendor from here to Tuscaloosa to agree on and support it. (Likely? No.) There are other things wrong with finger, too, like the fact that its plain text. To me, though, the biggest weakness is that its more easily manipulated than a diebold voting machine. You couldn't reliably guarantee that the server on the other end didn't have an modified fingerd running that would verify your return address every time. Not without building a whole new verification infrastructure and standard to pass an MD5 hash of the fingerd that is running on the remote server. You'd need some sort of MD5 Hash Server to answer requests for your fingerd's hash as well so your outgoing mail would be accepted.
So while I like your basic idea (verify identity,) I think that there are two major flaws in your desire to use Finger in this capacity:
1) Excessive DNS calls for each transaction... Have to lookup certificate server's/MD5 hash server values each time for redundancy. You could setup a hosts file on your server to reduce the load on DNS and to speed name resolution, but this would be cumbersome to manage if you had a large mail server implementation involving more than 10 or 15 mail servers. (Like, for instance, Yahoo!) 2) Excessive server load and network traffic as, for each message, we're retrieving and processing an MD5 hash from the other server to make sure their fingerd is the correct version and not some modified hack that facilitates spam. Almost guaranteed that the hardware would have to be a beast to keep up. Why again do we want to get roped into a quad Xeon with 16 gig of RAM to run a mail infrastructure again?
Yahoo's implementation is just little more elegant. I'm hoping it catches on. I could easily dent or destroy the incoming spam to our domains (which is a considerable volume) if it did. And if somebody wrote compatibility for such an implementation into Postfix ASAP as well...
Of course he doesn't. He gets the second head surgically added after he picks up Trillian at a party on Earth.
Well...No.
Zaphod's second head was under a bird-cage at the costume party where he met Trillian. One could presume he arrived at the party with the extra head since he had the presence of mind(s) to bring a bird cage to disguise himself.
Uhm, well, since IANAL and my English vocabulary is a bit short in legal matters, I find it very hard to explain this properly. But trust me, we have a really hard problem here, something that will be used in big FUDslinging if we don't fix it.
I especially like the term "FUDslinging". I'll be using that as often as possible. Don't be ashamed that your command of English isn't perfect... After all, bad grammar got George W. Bush made president of these United States.
Until Exchange gets a good scoring filter, it makes sense to at least improve the flawed tools that are available to most corporate users.
I think that's about the only way my company would ever start spam-filtering in earnest: If Microsoft created an "official" (probably easily circumvented) server-side spam filter. It might still be a fight, even then.
Our "uber"-engineers and PHBs fear these server-side tools... They're afraid we'll get a false positive on the CEO's mailbox that will end up with the company losing money--and all of us losing our jobs. And maybe that could conceivably happen... But the sky could fall tomorrow, too. (This is also a good argument for a TEST ENVIRONMENT, a suggestion of mine that gets laughed down every time I bring it up.)
Of course, I keep trying to explain to them that very few legitimate customers use the phrase "increase you girth!" in legit business e-mails... But to no avail. As a result, EVERYBODY gets spam-bombed... You see, we finance student loans... And many people grow to loathe the organization that services their loans. We're the ones who send the bills. When they don't get paid, we're the ones who call to ask "Where's the money, doofus?" So you can imagine that our "Customer Service" e-mail addys have been added to every porno/spambag list there is.
What about the OS? Should the local government be required to use local folks to develop a custom operating system instead of using Linux or Windows? This can go on and on without end because there is no logical end to it.
A ludicrous argument. Nobody said write a custom OS... Surely you see the difference between boxed, generic software like Windows/Linux OS and a 100% custom software package... About the only similarity is that they both run on a computer.
I propose a different standard: the purpose of government should be to provide as much service for as little money as possible. Sometimes that means not doing it all locally.
I think you shouldn't approach it as a "less dollars/more dollars" issue. I think you should look at it from the perspective of value: We gain very little from shipping the millions of dollars for this project to India. Our only gain is the software they'll produce for us, "cheap." Now consider what we get from locals producing the same effort:
- High-paying, high-skill jobs (at least a dozen, maybe more) - All those people paying taxes - All those people buying goods in the economy - We get to keep educated, highly skilled workers living in our state, so as to better attract other companies in need of their services.
By sending the contract to India, we might "save" a few bucks up front... But we'll plow ten times more than we save into fixing the damage to our economy that we did by trying to save a few pennies up front.
Management actually discounted the lower cost of outsourcing the work to India, but rather blamed the attitudes the local programmers (many of whom wouldn't want to work in that area of the country anyway).
It seems that many organizations use that excuse when people complain about outsourcing. I live in Indiana, and here the Department of Workforce Development was recently forced to cancel an outsourced programming contract with an Indian company after a massive outcry from unemployed developers in Indiana. The "Workforce Development" department is responsible for dispensing benefits and coordinating training for the unemployed. Unemployed programmers, many actively seeking freelance gigs to pay bills after losing full-time positions, felt slapped in the face when the very agency charged with helping them was doing them direct harm by sending lucrative work (paid for with tax dollars) overseas.
The point is that we fought back, and you should too. If your government wants to outsource IT work, you tell them hell no, you won't stand for it. Make them hire local companies. Make them plow the money back into the local economy--your livelihood may one day depend on how loudly you protest now.
Slashdot Mirror
Would it be possible for the judge to enjoin them from filing for bankruptcy until after the judgement is paid? Not a lawyer, but I'm curious... (Not curious enough to pay a lawyer to answer, though.)
If you drive a late model auto, chances your vehicle already includes some kind of rudimentary "black box." Already, these black boxes have been used in court in various car-accident related cases. Here's an article that has a brief summary of what the current incarnations of these devices record. Here's another one that discusses why the current models aren't reliable enough to be the sole source of evidence in a case.
Hey, I like safety technology too... But there definitely has to be a privacy wall built-in, since marrying a GPS device to it (which is already coming... Googling for "automobile black box" brings up two or three companies whose business model is based on adding GPS functionality) would make the data extremely interesting to marketing people, police agencies, and other nefarious types.
Also works great for beer-boiling your bratwursts before your summer Cook-outs...
And for the record, I wouldn't drink it either.
Perhaps you should look into finding a partner with a business closer to the "Cheap" T1 area, and use a high-gain directional antenna and tunnel ipsec over 802.11g to your physical data center? If its a "Community ISP" people won't mind the slight reliability problems that using unlicensed spectrum as part of your critical data path presents.
If you ever have a problem with their desktop shipping software (that nobody on earth has any useful doc for) their first suggestion is ALWAYS to reinstall... Even if you've already done that, even if you know you accepted the defaults they specified...
Their next step is ALWAYS to send you another CD-ROM of the software, even if you have two copies of the same version and neither gets you anywhere. This is their "get off the phone" move, because they don't offer a download or FTP site... Instead, you must ALWAYS have it shipped to you, even if it is going to cost your business a large amount of money.
Actual Quote from Manager: "Sir, we can't afford the bandwidth to allow people to download a 650 mb CD-ROM from our web-site! We'd go broke!"
Me: "I zipped the entire contents of the CD into a 12 mb file..."
Manager: "The size is irrlevant, I simply cannot offer you any further support until you install from the new CD-ROM we're sending you."
This might be my favorite Slashdot story every... There've been tech support hell-tales before, but this is an intellgent dissection of the problem. A dreadfully wondeful story.
In my opinion, the quality order of the big job-boards, from greatest to absolute worst is:
1.) Monster. Tons of ads--most are actually for legit jobs. Only a couple "Help Desk Internship" postings for training companies. Plus, the resume posting has gotten me attention from half-dozen different outfits.
2.) CareerBuilder. Used to be all headhunter crap, but now that they've partnered with 1,000,001 newspapers, you get real ads for real jobs from your local paper. There are occasionally ads for those "Earn $60,000 with 12 months training" places, though.
3.) Dice. Godawful. Almost 100% headhunter/fakeout-fraudster listings. I've never called somebody re: a job on Dice where the conversation didn't end with "Sorry, we've already filled that." And I don't think its because Dice is "so awesome" at getting people work. I think its because their ad-rates are uber-cheap so headhunters use them to collect a good pool of eligible applicants' resumes for when they have actual jobs to fill.
Overall, my online job site experiences have been mixed. Monster has gotten me three interviews, and about half-dozen inquiries in the last year, which is a pretty good "hits to interview" ratio. (Hits to interview ratio is my own made up, totally non-scientific statistic.) CareerBuilder has brought me one interview after inquiring with more than 50 employers, so not a very good ratio. Dice is garbage though. 100% of the time I've spent on Dice.com has been wasted. You'd do better to hire a crop duster to drop your "Resume folded as origami" from an airplane over the city than to spend your time searching Dice for jobs. Their new service where, for $50, they spam your resume to several thousand headhunters also looks rather scammy/worthless.
My advice? Network. Figure out what companies you're interested in, and find out where the employees hang out after work. Go there, meet a few of them, and make friends. Then drop an email a few weeks later mentioning your job-search. I've gotten a handful of interviews using this technique as well.
Under no circumstances should you talk about this subject until you have an offer on the table. (Or they've brought it up... ie. "This position pays around $xxx, and has yyy benefits... How does that compare with your expectations?")
Bringing up money or benefits early (and early by THEIR judgement, not yours) will turn off a great many employers, and usually results in not getting an offer. Don't talk money until they do. Once they bring it up, it is no longer a tabboo subject.
How about lets celebrate with Dual-G5s all around?
1) Make sure that every point you make is backed up with fact and research. Avoid religious level proselytizing. Just becasue you (and I) are already sold on FOSS doesn't mean they're going to accept that information without supporting data. Remember, as a senior leader in any organization, their jobs are to play devils' advocates and plan for the worst case scenario when evaluating now projects and expenditures. Allay the fears that they may already have. It would be wise to read Microsoft's anti-OSS propaganda pages and rebut, in your first paper, all of those claims that relate to your organization.
2) Write with a hefty respect for "What could possibly go wrong?" Anticipate objections and rebut them in your initial report. For each FOSS product you're planning to use, explain how you can make it redundant (ie. failover web-server/database serveR) and how you can recover your backups in the case of data loss. If you can make your current backup solution work with your alternative OS servers and apps, that's a big benefit! As you can imagine, protecting their large, director level salaries is a big concern for the PHB's today. Make them understand that support and recoverability are not the exclusive domain of proprietary vendors. They might approve switching some in-house app from SQL Server to Postgres if they know you will still have full functionality and recoverability without spending a mint ripping out the backup software/hardware and starting over.
3) Make the point that FOSS is perfect for some needs, while less suited to others. You have a better chance of having your ideas accepted if your message is "right tool for the right job." Is there any reason that file and print server should run Windows 2003 Server and require 2 gig of RAM and dual XEON procs when Mandrake, Samba, and Webmin would achieve the same goals on a lot more modestly appointed system.
4) Don't forget about hardware! Point out that software that uses fewer hardware resources will require less frequent hardware replacement. A new linux kernel doesn't mean everybody needs new hardware... Compare with each new iteration of Windows having an ever exponentially-increasing list of hardware requirements.
Beyond that? You're on your own. Oh, and to quote Bob from "That 70's Show": "Hit him with a banjo."
I'm afraid AFAYKIVFOTS (As Far As You Know Isn't Very Far On This Subject.)
The tape delay was a decision CBS made on their own. The FCC doesn't mandate broadcasters using specific technology (outside of certifying transmitter equipment, antenna systems, and the like,) only requires the broadcaster to take responsibility for any "oopsies" that they broadcast. In order to avoid responsibility for future "oopsies" (and show they've taken steps to correct the problem Janet's nipple created) they self-imposed use of a 5-minute delay.
Not unless the game was REALLY badly written... For instance, if some part of the game's competitive logic relied on an anticipated response from the video driver, which would be, well, retarded... The game would have to know how to anticipate every conceivable video card in creation to work right, or they could only support one or two and limit their sales to people who own those cards.
Indeed, and the detonations in the desert in the American west were conducted by the best and brightest of their time...
Oh, you meant the first one in a place the government DIDN'T select....
FYI: They appear only to serve certain areas of coastal California. Which is too bad, because I have Comcast, hate it, and would do a lot of things to get a service like that for that price.
Maybe I could finally forward my own mail for my domain without having half servers on the internet treat me like a spammer...
Shame, I liked Even Worse a lot when I was a boy...
Please cite:
1) A source that details what is in this alleged "agreement."
2) Some evidence that I signed it (a copy of the agreement bearing my signature, please.)
3) Some law that says once I buy a DVD I really don't actually own it.
4) Some law that says I can't watch my DVDs on a "non-approved" player.
If you can't do any of the four, kindly pound sand until you can.
Also, for the moment, we'll pretend you're not ignorant of the correct spelling of ignorant.
Yes... Thousands of dollars later, sure. You don't have to go to court to win using a lawsuit. Look at SCO: Those scoundrels have taken millions of dollars out of the company by dumping their stocks. They're never going to win, and they know it. These schmucks are simply trying to walk away with something. Many of them probably have cushy (mostly stock) golden parachutes that are worthless if the company goes bankrupt.
Marge: Homer, women won't enjoy being shot in the face.
Homer: Women will like what I tell them to like.
Homer: This will go off [HORN] every two seconds [HORN] as long as everything [HORN] is okay!
Marge: (Covering ears) Shut it off!
Homer: [HORN] It can't be shut off! [HORN fades and dies out, flatulently]
Totally OT but your manager reminded me heavily of that scene in the "Homer the Inventor" episode where he goes after Thomas Edison.
That's all well and good, but then we're right back where we started with you, the server admin, having to manually add my IP ranges to your forbidden list, or trust some ramdom black list server operator not to accidentally block messages from senders you consider legit.
Again, anything that requires an active hourly/daily admin task doesn't stop spam, because your average admin is swamped with work these days, having seen most of his co-workers laid off and their work piled at his feet. If he needs to actively monitor the content of messages on his mail server, your plan has already failed.
I think verification of sender is the only real way to stop spam while still using the SMTP protocol. And as we all know, we can either fix SMTP, or come up with something new. Then get every vendor from here to Tuscaloosa to agree on and support it. (Likely? No.) There are other things wrong with finger, too, like the fact that its plain text. To me, though, the biggest weakness is that its more easily manipulated than a diebold voting machine. You couldn't reliably guarantee that the server on the other end didn't have an modified fingerd running that would verify your return address every time. Not without building a whole new verification infrastructure and standard to pass an MD5 hash of the fingerd that is running on the remote server. You'd need some sort of MD5 Hash Server to answer requests for your fingerd's hash as well so your outgoing mail would be accepted.
So while I like your basic idea (verify identity,) I think that there are two major flaws in your desire to use Finger in this capacity:
1) Excessive DNS calls for each transaction... Have to lookup certificate server's/MD5 hash server values each time for redundancy. You could setup a hosts file on your server to reduce the load on DNS and to speed name resolution, but this would be cumbersome to manage if you had a large mail server implementation involving more than 10 or 15 mail servers. (Like, for instance, Yahoo!)
2) Excessive server load and network traffic as, for each message, we're retrieving and processing an MD5 hash from the other server to make sure their fingerd is the correct version and not some modified hack that facilitates spam. Almost guaranteed that the hardware would have to be a beast to keep up. Why again do we want to get roped into a quad Xeon with 16 gig of RAM to run a mail infrastructure again?
Yahoo's implementation is just little more elegant. I'm hoping it catches on. I could easily dent or destroy the incoming spam to our domains (which is a considerable volume) if it did. And if somebody wrote compatibility for such an implementation into Postfix ASAP as well...
Well...No.
Zaphod's second head was under a bird-cage at the costume party where he met Trillian. One could presume he arrived at the party with the extra head since he had the presence of mind(s) to bring a bird cage to disguise himself.
I especially like the term "FUDslinging". I'll be using that as often as possible. Don't be ashamed that your command of English isn't perfect... After all, bad grammar got George W. Bush made president of these United States.
I think that's about the only way my company would ever start spam-filtering in earnest: If Microsoft created an "official" (probably easily circumvented) server-side spam filter. It might still be a fight, even then.
Our "uber"-engineers and PHBs fear these server-side tools... They're afraid we'll get a false positive on the CEO's mailbox that will end up with the company losing money--and all of us losing our jobs. And maybe that could conceivably happen... But the sky could fall tomorrow, too. (This is also a good argument for a TEST ENVIRONMENT, a suggestion of mine that gets laughed down every time I bring it up.)
Of course, I keep trying to explain to them that very few legitimate customers use the phrase "increase you girth!" in legit business e-mails... But to no avail. As a result, EVERYBODY gets spam-bombed... You see, we finance student loans... And many people grow to loathe the organization that services their loans. We're the ones who send the bills. When they don't get paid, we're the ones who call to ask "Where's the money, doofus?" So you can imagine that our "Customer Service" e-mail addys have been added to every porno/spambag list there is.
A ludicrous argument. Nobody said write a custom OS... Surely you see the difference between boxed, generic software like Windows/Linux OS and a 100% custom software package... About the only similarity is that they both run on a computer.
I think you shouldn't approach it as a "less dollars/more dollars" issue. I think you should look at it from the perspective of value: We gain very little from shipping the millions of dollars for this project to India. Our only gain is the software they'll produce for us, "cheap." Now consider what we get from locals producing the same effort:
- High-paying, high-skill jobs (at least a dozen, maybe more)
- All those people paying taxes
- All those people buying goods in the economy
- We get to keep educated, highly skilled workers living in our state, so as to better attract other companies in need of their services.
By sending the contract to India, we might "save" a few bucks up front... But we'll plow ten times more than we save into fixing the damage to our economy that we did by trying to save a few pennies up front.
It seems that many organizations use that excuse when people complain about outsourcing. I live in Indiana, and here the Department of Workforce Development was recently forced to cancel an outsourced programming contract with an Indian company after a massive outcry from unemployed developers in Indiana. The "Workforce Development" department is responsible for dispensing benefits and coordinating training for the unemployed. Unemployed programmers, many actively seeking freelance gigs to pay bills after losing full-time positions, felt slapped in the face when the very agency charged with helping them was doing them direct harm by sending lucrative work (paid for with tax dollars) overseas.
The point is that we fought back, and you should too. If your government wants to outsource IT work, you tell them hell no, you won't stand for it. Make them hire local companies. Make them plow the money back into the local economy--your livelihood may one day depend on how loudly you protest now.