Well, that's the schedule that they have been sticking to. So according to them, what is agreed upon as a high priority project is taking 9 months.
I did not say that they have been working on it for nine months or that they have even been looking at it for nine months with any real interest.
But the point being that what can be done with a script in a day can take months through the standardized process of developing applications using the approved standard languages and development methods. Sometimes it isn't all that necessary to work that hard on a simple solution.
Absolutely this is done, and the bigger the company, the more stubborn and thinking!
I've been sitting here at my little pathetic cube banging out perl scripts in a few hours to run diagnostics and spot problems in the day to day operations of the company.
The IT monks recently approached me and informed that I was practicing sacrelidge by using Perl instead of C or Java. In order to save my soul they would have to assimulate all my work and do it in Java.
That was nine months ago. They are still working on the first 3 of 50 scripts that I've put together in about one years time.
And don't mention the following words to any of them:
Open Source
GPL
Freeware
Shareware
or they will start screaming, running around the room, and hitting themselves over the head with boards asking the IT gods for forgiveness.
Seriously, the notion of standards in todays IT industry is rather fucked up. They select one tool for every problem and go from there. Hell, if that was the case, then we would all be running Visual Basic and be happy. After all, there isn't anything VB can do that anything else can't.. right!
I hate Bill Gates and Microsoft as much as the next guy.
But dragging up an interview from 1995 is just cheap. I doubt much, if anything, he has to say then applies to today. After all, the internet wasn't even an issue at the time.
All I've heard over the last several years is that WiFi is inherently insecure, even with 128-bit encryption. From all of this it seems trivial to conclude that 802.11 wireless technology is inappropriate for secure networking.
And yet, Intel is rolling out notebooks which are, by default, insecure at the core of it's Architecture.
It seems very clear that there is really no interest by the Industries of America to support Computer Security in any inherently secure system. They will sell us crappy hardware that can't be made secure and then attempt to sell us extensive and expensive quantities of software to ensure that our inherently insecure computers pretend to be secure on the surface.
I would have hoped that someone in the industry would have not only figured it out, but embraced the idea of making something secure by design besides the *BSD's and Linux. But it seems that this concept is still the exclusive property of the Open Source movement and is not yet embraced by Corporate America.
When will the Open Source people start making, or specing out, their own hardware?
I think it would be great if you could actually prosecute someone for forging headers. Unfortunately you don't know who that person is, now do you?
But how would you ever determine is something is unsolicited? After all, there are a lot of registration websites that have a tendency to quietly flag you as willing to accept spam from them. If I missed it, does that still make it UCE? If it does, how do I now remove myself from all the lists that I am now on...
Spam has a solution and it doesn't have to be so drastic as to put in this kind of legislation or use whitelist only maling lists. We just haven't figured it out yet.
I am constantly greeted with messages to the tone of:
You must have Windows Internet Explorer 4 or higher installed on your system to view this website
How is this any different from what they are attempting to do here?
I hate to disappoint, but I don't think that this is a new precedent. What is a new precedent is the notion that they can request the removal, or to make unavailable, software that is otherwise available
The precedent here is not the software usage to access a website, but the notion that this can be extended to:
Dear Mozilla.org,
It has come to our attention that people are using your software to access our website. We don't like this are sending our legal team over to discuss the removal of your software application from the internet.
Similarly, we are contacting Netscape, AOL, Opera, Konqueror, et al and removing them as well.
But I think I have addressed them in a code rewrite that I am putting out this week.
I'm trying to make it as easy/simple for people to use, on both ends. That is why I try to save the emails. But the replies are being sent from a silent-partner address which has no person associated with it. All email received there, that isn't related to a Confirmation is considered spam. This makes for a HoneyPot.
You would be surprised how many people out there don't understand the concept of just hitting "Reply" to a message. Some call, some forward, some write a dissertation.. It's kind of funny.
I've outlined a solution at my website which has proven to be very accurate in removing the problem of False Positive.
I'm in the process of rewriting the code because what I have out there right now is not very robust at all. But the concept is robust!
I spent this last weekend rewriting the code base and have managed to run thousands of spam-only emails a day. Far more than my bandwidth can possible handle! And the best part of the entire project is that normal users, sending normal email, have no idea that this exists. It only triggers when you send me spam.
This allows normal email to run business as usual while the spammers suffer all the results.
I hate to do this because it's only partially complete. But I have a concept worked out on how to handle spam that works extremely well and removes the chance of false positives, especially from Real People.
It's not a money-making scheme, but it is prior-art <grin>.
The cool part comes in when you start automating the spam_mail similar, at least conceptually, to what I have on my website. Shameless plug here
The idea is that you send out an email confirmation, similar to tmda, for only that email which is considered spam (by SpamAssassin). This means that most of your regular communications would go unhindered. But it would also make casual contact via email the easy and simple function that it is supposed to be.
These notions of having an email list of only your known contacts is a pain in the arse and most times met with extreme hostility. This is especially true if you are attempting to contact someone privately from an email list, or from a solitication from their website.
I have to warn you that if you use the code as described on my website you will probably break your server in the first day. I've rewritten it to scale much better (1,000 spams every 10 minutes). But I haven't had the chance to post the new code. But conceptually it rocks!
I've processed something like 20,000 emails without taking a single false positive, unless the original sender vegged... but then he didn't really want to talk to me anyways now did he?
The point is, it places the responsibility of delivering spammy mail to the sender. I do not have to receive it. However it allows the non-spammer to go about the internet unhindered.
It should be no big surprise. As we keep pushing things out of the US we have less and less real value.
We, as a nation, actually build very little on our own shores.
Heavy Manufacturing is no longer done here.
Assembly is not done here.
Hi Tech Manufacturing is long gone.
Material processing is not done here.
Software design is on it's way out
General Services are on their way out
Research is parting ways with use too.
Besides the Natural Resources for Farming and Mining there is nothing here that needs to stay here. As we look for ever cheaper methods of production and higher profit margins, we will move the work to other nations.
We don't actually make anything of any value anymore. We are a nation of lawyers and marketing types. All we need now is an army of telephone sanitizers and we'll be all set.
OK, I just checked some stats on my batteries for fun...
Model: IBM Thinkpad A21M, Debian installed
Batteries: Internal Li-Ion and Ultra-Bay Li-Ion
Between the two of them I have a design capacity of 38.88 + 34.56 Wh. In reality I have a functional full-charge capacity of 20.06 + 23.06 Wh respectively. I unplugged the power and I'm down to 19.54Wh + 22.06Wh in one minute.
The discharge cycle counts are 144/329 respectively.
Generally, it's about 2 hours of real use I get out of them, The calculated time is 4:14, but it's going to turn out a lot less than that.
I don't know if this means I have a normal set of batteries or not, but I'm not as impressed with them as I used to be. I had hoped that Li-Ion was better than the Ni-Cd of yester year.
At this rate, I can hardly code my way across the country. Originally I was able to run >7 hours of use.
Sorry, but I don't see how this is anything different from just another spin on Bayesian Statistical filtering of spam that everyone's been playing with.
It's hardly patentable. But it is interesting to see. But, once you look at it, not surprising.
OK, I'll forgo the 1,000 posts about how grumpy this guy comes off. I guess being abrasive and holier than though is what got him where he is today, where ever that may be.
But when it comes to GUI's you have to admit that he's right. I get kind of pissed when someone tries to come up with a "cool" interface to an application that sucks canal water. Reminds me of some MSFT marketing ploy, "Sure it's a Piece of Shit, but it's a Cool Looking Piece of Shit!"
I use mplayer and xine, but mostly just xine with command line options. Sure, who needs more than that they their favorite WM is WindowMaker? Yes, it works for me. But the interface for Xine is pretty lame. Far from intuitive or easy to use.
Countries such as Mexico and Peru also took this stance. Realizing the threat posed by this, Microsoft flew out to these countries for talks with their governments and ended up handing out large amounts of cash, providing their education and software development sectors with free software worth millions of dollars. Although Microsoft would lose money short-term they would make money in the long run, a similar strategy to that of the Xbox. Software upgrades would ensure that Microsoft maintained their cash flow, and the threat of Linux would be significantly removed by the widespread use of Microsoft's proprietary protocols and file formats (locking users into Windows due to compatibility issues).
Admittedly, I am unable to find anything which indicates closure to the Peruvian Congressional bill 1609, which proposes the use of Open Source Software. Therefore, it seems reasonable to assume that the issue is still open for debate. However, with the acceptance of $550,000 of donated goods from Microsoft, it looks as though Peru may have taken a softer view on Microsoft and their proprietary software
This article sounds like some dark chapter from SnowCrash or Neouromancer.
Rather depressing livestyle. Spending all of your time in some virtual gaming arena in dark basement pits with no one to really talk to.
Psychologists will be figuring this one out for generations to come as our ability to socialize plummets into a level of communication limited to SMS, IRC, and other 'leet' short cuts to the process of talking to each other.
Months ago, it was quietly announced that Peru had decided to retain their Microsoft licenses and to forgo the adoption of Linux as a wide use operating system.
I tried to submit a story to this effect, but it was rejected.. Go figure. If it isn't good news about Linux, it isn't news?
How effective has it been to block port 80 in preventing web virii from spreading? I am getting scanned by my subnet neighbors all the time. Does the ISP do anything about it? No! There's no money in it for them. The only time they took any action is when it inconvenienced them
As for running SMTP servers, it's less load on their boxes so they probably wouldn't care.
Blocking port 25 would bust a lot of stuff on a typical Linux box and make the hobbyist hacker have to pay extra just to set up his own home domain email server.
And would it stop spam? No! Why? Because if I can find a way around it by sending email from another port you can bet your Salary that the spammers will to! And since they don't have to receive any email, they will set up systems with sweeping port scanners to avoid getting blocked again and again.
Blocking port 25 sounds like a solution proposed by a Politician and not a Technician.
Oh yeah, that'll go over big with the National Security pricks out there. And no one else will use it. Then what?
Sorry dude, SMTP is going to be here for a very long time in the form that it is in.
Probably the very best way to block the very worst spam is based on a simple comparison of the Envelope versus the Header. We've done a lot of polluting of SMTP as the result of idiots and shitty applications. If you go STRICTLY by the RFCs you can simply eliminate a lot of spam before it's even accepted by the mail server. You can also trap a lot of spam by looking at the Envelope and Header for addresses. Spammers will typically not have th Envelope MAIL FROM match anything in the HEADER.
Blocking spam isn't that difficult. What's difficult is that there are so many assholes who think it's ok for them to send spam.
The only thing I've heard that was really constructive is to apply the death sentence to anyone who forges email headers. Or something like that
Slashdot Mirror
Well, that's the schedule that they have been sticking to. So according to them, what is agreed upon as a high priority project is taking 9 months.
I did not say that they have been working on it for nine months or that they have even been looking at it for nine months with any real interest.
But the point being that what can be done with a script in a day can take months through the standardized process of developing applications using the approved standard languages and development methods. Sometimes it isn't all that necessary to work that hard on a simple solution.
And leave my dick out of it, I did. perve!
Absolutely this is done, and the bigger the company, the more stubborn and thinking!
I've been sitting here at my little pathetic cube banging out perl scripts in a few hours to run diagnostics and spot problems in the day to day operations of the company.
The IT monks recently approached me and informed that I was practicing sacrelidge by using Perl instead of C or Java. In order to save my soul they would have to assimulate all my work and do it in Java.
That was nine months ago. They are still working on the first 3 of 50 scripts that I've put together in about one years time.
And don't mention the following words to any of them:
- Open Source
- GPL
- Freeware
- Shareware
or they will start screaming, running around the room, and hitting themselves over the head with boards asking the IT gods for forgiveness.Seriously, the notion of standards in todays IT industry is rather fucked up. They select one tool for every problem and go from there. Hell, if that was the case, then we would all be running Visual Basic and be happy. After all, there isn't anything VB can do that anything else can't.. right!
I hate Bill Gates and Microsoft as much as the next guy.
But dragging up an interview from 1995 is just cheap. I doubt much, if anything, he has to say then applies to today. After all, the internet wasn't even an issue at the time.
All I've heard over the last several years is that WiFi is inherently insecure, even with 128-bit encryption. From all of this it seems trivial to conclude that 802.11 wireless technology is inappropriate for secure networking.
And yet, Intel is rolling out notebooks which are, by default, insecure at the core of it's Architecture.
It seems very clear that there is really no interest by the Industries of America to support Computer Security in any inherently secure system. They will sell us crappy hardware that can't be made secure and then attempt to sell us extensive and expensive quantities of software to ensure that our inherently insecure computers pretend to be secure on the surface.
I would have hoped that someone in the industry would have not only figured it out, but embraced the idea of making something secure by design besides the *BSD's and Linux. But it seems that this concept is still the exclusive property of the Open Source movement and is not yet embraced by Corporate America.
When will the Open Source people start making, or specing out, their own hardware?
I think it would be great if you could actually prosecute someone for forging headers. Unfortunately you don't know who that person is, now do you?
But how would you ever determine is something is unsolicited? After all, there are a lot of registration websites that have a tendency to quietly flag you as willing to accept spam from them. If I missed it, does that still make it UCE? If it does, how do I now remove myself from all the lists that I am now on...
Spam has a solution and it doesn't have to be so drastic as to put in this kind of legislation or use whitelist only maling lists. We just haven't figured it out yet.
If they could impliment this along the lines of a DNS lookup server then it would be trivial for email servers to look up addresses.
Otherwise it sounds really cumbersome.
I am constantly greeted with messages to the tone of:
How is this any different from what they are attempting to do here?
I hate to disappoint, but I don't think that this is a new precedent. What is a new precedent is the notion that they can request the removal, or to make unavailable, software that is otherwise available
The precedent here is not the software usage to access a website, but the notion that this can be extended to:
Is spamwolf yours?
Good points!
But I think I have addressed them in a code rewrite that I am putting out this week.
I'm trying to make it as easy/simple for people to use, on both ends. That is why I try to save the emails.
But the replies are being sent from a silent-partner address which has no person associated with it. All email received there, that isn't related to a Confirmation is considered spam. This makes for a HoneyPot.
You would be surprised how many people out there don't understand the concept of just hitting "Reply" to a message. Some call, some forward, some write a dissertation.. It's kind of funny.
I've outlined a solution at my website which has proven to be very accurate in removing the problem of False Positive.
I'm in the process of rewriting the code because what I have out there right now is not very robust at all. But the concept is robust!
I spent this last weekend rewriting the code base and have managed to run thousands of spam-only emails a day. Far more than my bandwidth can possible handle! And the best part of the entire project is that normal users, sending normal email, have no idea that this exists. It only triggers when you send me spam.
This allows normal email to run business as usual while the spammers suffer all the results.
I hate to do this because it's only partially complete. But I have a concept worked out on how to handle spam that works extremely well and removes the chance of false positives, especially from Real People.
It's not a money-making scheme, but it is prior-art <grin>.
The idea is a hybridization of SpamAssassin and tmda (tagged message delivery agent) wherein you accept all email into your inbox and the spam goes into a spam mailbox. Nothing New...
The cool part comes in when you start automating the spam_mail similar, at least conceptually, to what I have on my website. Shameless plug here
The idea is that you send out an email confirmation, similar to tmda, for only that email which is considered spam (by SpamAssassin). This means that most of your regular communications would go unhindered. But it would also make casual contact via email the easy and simple function that it is supposed to be.
These notions of having an email list of only your known contacts is a pain in the arse and most times met with extreme hostility. This is especially true if you are attempting to contact someone privately from an email list, or from a solitication from their website.
I have to warn you that if you use the code as described on my website you will probably break your server in the first day. I've rewritten it to scale much better (1,000 spams every 10 minutes). But I haven't had the chance to post the new code. But conceptually it rocks!
I've processed something like 20,000 emails without taking a single false positive, unless the original sender vegged... but then he didn't really want to talk to me anyways now did he?
The point is, it places the responsibility of delivering spammy mail to the sender. I do not have to receive it. However it allows the non-spammer to go about the internet unhindered.
It should be no big surprise. As we keep pushing things out of the US we have less and less real value.
We, as a nation, actually build very little on our own shores.
Besides the Natural Resources for Farming and Mining there is nothing here that needs to stay here. As we look for ever cheaper methods of production and higher profit margins, we will move the work to other nations.
We don't actually make anything of any value anymore. We are a nation of lawyers and marketing types. All we need now is an army of telephone sanitizers and we'll be all set.
OK, I just checked some stats on my batteries for fun...
Between the two of them I have a design capacity of 38.88 + 34.56 Wh. In reality I have a functional full-charge capacity of 20.06 + 23.06 Wh respectively. I unplugged the power and I'm down to 19.54Wh + 22.06Wh in one minute.
The discharge cycle counts are 144/329 respectively.
Generally, it's about 2 hours of real use I get out of them, The calculated time is 4:14, but it's going to turn out a lot less than that.
I don't know if this means I have a normal set of batteries or not, but I'm not as impressed with them as I used to be. I had hoped that Li-Ion was better than the Ni-Cd of yester year.
At this rate, I can hardly code my way across the country. Originally I was able to run >7 hours of use.
You have got to be kidding me!
I only get 12 months on these batteries?
That would explain why my battery life is so low...
Sorry, but I don't see how this is anything different from just another spin on Bayesian Statistical filtering of spam that everyone's been playing with.
It's hardly patentable. But it is interesting to see. But, once you look at it, not surprising.
OK, I'll forgo the 1,000 posts about how grumpy this guy comes off. I guess being abrasive and holier than though is what got him where he is today, where ever that may be.
But when it comes to GUI's you have to admit that he's right. I get kind of pissed when someone tries to come up with a "cool" interface to an application that sucks canal water. Reminds me of some MSFT marketing ploy, "Sure it's a Piece of Shit, but it's a Cool Looking Piece of Shit!"
I use mplayer and xine, but mostly just xine with command line options. Sure, who needs more than that they their favorite WM is WindowMaker? Yes, it works for me. But the interface for Xine is pretty lame. Far from intuitive or easy to use.
Countries such as Mexico and Peru also took this stance. Realizing the threat posed by this, Microsoft flew out to these countries for talks with their governments and ended up handing out large amounts of cash, providing their education and software development sectors with free software worth millions of dollars. Although Microsoft would lose money short-term they would make money in the long run, a similar strategy to that of the Xbox. Software upgrades would ensure that Microsoft maintained their cash flow, and the threat of Linux would be significantly removed by the widespread use of Microsoft's proprietary protocols and file formats (locking users into Windows due to compatibility issues).
NewsForge.com reprinted an article from Pikeus. More information can be found here
Admittedly, I am unable to find anything which indicates closure to the Peruvian Congressional bill 1609, which proposes the use of Open Source Software. Therefore, it seems reasonable to assume that the issue is still open for debate. However, with the acceptance of $550,000 of donated goods from Microsoft, it looks as though Peru may have taken a softer view on Microsoft and their proprietary software
This article sounds like some dark chapter from SnowCrash or Neouromancer.
Rather depressing livestyle. Spending all of your time in some virtual gaming arena in dark basement pits with no one to really talk to.
Psychologists will be figuring this one out for generations to come as our ability to socialize plummets into a level of communication limited to SMS, IRC, and other 'leet' short cuts to the process of talking to each other.
Not amazing and Not Funny either.
Months ago, it was quietly announced that Peru had decided to retain their Microsoft licenses and to forgo the adoption of Linux as a wide use operating system.
I tried to submit a story to this effect, but it was rejected.. Go figure. If it isn't good news about Linux, it isn't news?
How effective has it been to block port 80 in preventing web virii from spreading? I am getting scanned by my subnet neighbors all the time. Does the ISP do anything about it? No! There's no money in it for them. The only time they took any action is when it inconvenienced them
As for running SMTP servers, it's less load on their boxes so they probably wouldn't care.
Blocking port 25 would bust a lot of stuff on a typical Linux box and make the hobbyist hacker have to pay extra just to set up his own home domain email server.
And would it stop spam? No! Why? Because if I can find a way around it by sending email from another port you can bet your Salary that the spammers will to! And since they don't have to receive any email, they will set up systems with sweeping port scanners to avoid getting blocked again and again.
Blocking port 25 sounds like a solution proposed by a Politician and not a Technician.
Oh yeah, that'll go over big with the National Security pricks out there. And no one else will use it. Then what?
Sorry dude, SMTP is going to be here for a very long time in the form that it is in.
Probably the very best way to block the very worst spam is based on a simple comparison of the Envelope versus the Header. We've done a lot of polluting of SMTP as the result of idiots and shitty applications. If you go STRICTLY by the RFCs you can simply eliminate a lot of spam before it's even accepted by the mail server. You can also trap a lot of spam by looking at the Envelope and Header for addresses. Spammers will typically not have th Envelope MAIL FROM match anything in the HEADER.
Blocking spam isn't that difficult. What's difficult is that there are so many assholes who think it's ok for them to send spam.
The only thing I've heard that was really constructive is to apply the death sentence to anyone who forges email headers. Or something like that
That's where a static tool like SpamAssassin comes into play!
Between SpamAssassin and Bogofilter, and a few other goodies... I have been able to reduce my spam to
On another server, I have reduced one account from 140 spams/day to about 1 spam/day with no bayesian training and it's getting smarter each day...
The other soluction, though radical, is to simply deny any MIME based email that doesn't include a text alternative body. Effective.
I know it sounds so 60's, or was it 70's or 80's? I don't know but the point is that it's high time we took this to the streets.
Don't discuss this on the level of some tech-geek thing. People glaze over and go stupid real fast.
This needs to be presented plain and simple. Disney is stealing from the past and locking it up for themselves (Grimm for example).
It's time to actively boycott Mickey Mouse. Does anyone know where I can get a bumper sticker with a Mickey Mouse outline and a bit red circle+slash?
I read the posting from transmeta. they didn't say anything about DRM. Just security.
Of course, since Linus works there, it can't be all bad, right?
Doesn't this constitute illegal search and seizure?