For instance, the box on which I get all my mail, to which all my mailing list subscriptions go, and which is associated with my online identity everywhere I have one...is located halfway across the continent from me
Two solutions.
1) The "hard" but proper way, setup SPF records from all the machines you will be sending mail from or
2) Simply send all your mail out through the box you get it in from. What's so hard about that?
Anyway, I'll be happy to let anon mail through just for your convenience, so you don't have to setup SPF once every 6 months, or wait for your email to get forwarded through your own mail server, if you'd be willing to go through and delete the hundred or so SPAMs I get each day. Sound like a fair deal?
But seriously, the two technologies together would pretty much kill spam "as we know it". That is to say, most of the anonymous, illicit, untraceable SPAM we get today.
Simply set all messages that either have ridiculously liberal SPF records (i.e. *.*.*.* or something) or messages that don't come from valid SPF specified machines to be challenged (you could also employ some kind of Bayesian filter, but I doubt that will help. See more below). Then wait for the response before white listing the address, and letting the message through.
Once this is widespread, people sending out junk-email will need to spam using their own domains. Which isn't that hard to do. Which is where the third phase of my plan comes in. A distributed blacklist of domains. This would work much better then the current Bullshit IP blacklists. Enough complaints and the domain would be marked down as a spammer.
Spammers would need to buy new domains for each spam campaign, and hopefully not be able to get out more then a few hundred SPAMs before being blacklisted. That would make spamming completely unprofitable.
Anyway, I hope register.com hurries the hell up and lets me add these to my domains. I've actually been getting a bunch "recipient not found" messages going to [random word]@[mydomain.com] (not autpr0n.com, either my personal domain) meaning someone is spamming and using forged address claming to be from my domain
and for each bounced message, who knows how many are getting through. A friend of mine (an AOL user) actually had a spammer us his personal email address, and got not only a bunch of bounces, but angry emails and IMs.
The sooner this goes into effect, the better. It'll probably be a long time before we can block all email that doesn't come from a domain with SPF, but hopefully soon we can get rid of emails that are explicitly not authorized. (like those claming to be from my servers...)
That early into the administration all the previous administration's methods were still in place
That's actualy not true at all. The bush admin got rid of a lot of senior admn. people including those working in national security, and replaced them with republicans.
Do you really need 4gb of songs just for the gym? There are solid state players that are a lot smaller then the ipod, which is important when you're working out. If you're only going to be there an hour or two, you only need that many songs.
A couple of things. The market value of SCO already includes the probability of winning the case against IBM.
So in that case, investing in SCO is like buying insurance on your investments in companies who's fortunes are related to open-source.
SCO's share price is still really cheap compared to the value that they would get if they won their suit. So if I owned a ton of shares of Redhat or SuSE or IBM (for example) I could purchase a smaller number of SCO shares. If SCO wins the suit, I wouldn't lose any money!
If SCO loses the suit, the money would pretty much go to zero, but that's no different then what happens to the money you pay for car insurance if you don't get into an accident.
So no one thinks SCO will really win, they just want to be covered in the event that it does.
If your Turing email protection scheme actualy worked, it would be easy to defeat. Spammers could harvest the XOR of the email, and use a dictionary attack.
Spam operators are getting more creative in their efforts to get around spam filters. R.a..n,d,o.,m p,u,,n,c.t,,u_a.t.1..0.n makes it nearly impossible to block spam messages by filtering keywords. Operators are changing to graphics interchange format images with no searchable text. Some spammers send in encoded formats, like Base64, to circumvent keyword filters altogether, and relay through IP addresses that have no Domain Name System domains associated with them.
Why on earth did they expand "GIF" there?
Oh well, the base-64, and even the image method are not immune from keyword and Baysian filters (in fact, you could theoreticaly write a Baysian filter based on image features, killing any "Ad-like" images!)
What do you do that's causing things to be so slow?
Using a 3.0ghz machine at work. I don't think it's any slower then when I got it, but in comparison...
Actually the reason not to get into the PC business is because it's stupid. Unless you have tons of money to advertise, why would anyone buy from a 'no name' company when they could get a Dell, probably for cheaper? Anyone who knows enough about computers to judge their quality would just build their own anyway.
Maybe if you made super-high end systems like Alienware, or some other companies, and could justify a heavy premium, you might make money.
Of course, then you would need even more money to start with.
Not only is it stupid, it's also unoriginal. I mean why would you would you want to get into the business of selling basically the exact same thing as hundreds of other companies? Why not make something Unique and interesting?
That a TiVo is a general purpose computer running Linux. It's not hard to make a general purpose machine 'just work' for what you buy it for. The problem comes when people add in new software and drivers. If you buy a new dell, it'll 'just work' as long as you like as long as you never upgrade the hardware or software (assuming you don't connect it to the internet, or that no security patches break the system... )
And not because I run Linux. I simply don't mess with my computer any more. I've had the same motherboard, even the same CPU for over two years. It's irritatingly slow, yes, but I don't have any money to upgrade.
So the box just sits there, chugging along, without any problems.
Do you people who know car mechanics intimately get the same kind of fixit requests from family? damn that'd shit me. Maybe I should go become an expert in astrophysics or some other shit my family don't do
Well, I suppose if they were a mechanic they might. The problem is a lot of us arn't "mechanics". I was into building and fixing PCs in high school. But after a while I 'knew everything' and it got to the point where it was more tedium then excitement.
I'm about to graduate with a CS degree. I enjoy programming, and I don't mind tinkering with my own machine once in a while. But really, asking me to fix a computer would be like asking some guy who works at ford doing some kind of advanced engineering to fix their car. The person could do it, probably, because they are a good engineer in general but it would be a huge pain.
Well, like any spam solution, this isn't good on it's own. I'm pretty sure I've sent people e-mails with the string 'http://' in them, letting them know about a website I've found. Or created.
It also seems like a Baysian filter would pick up on this by itself. Why write a spesific system to block out 'http://'.
And while images will make a spam stand out, so will getting past most spam filters. Thats why a lot of the spam I've been getting dosn't even register on the Baysian filter I use, and apears to be a regular email even after reading it (like 'hey man what's up?.... check out this website... talk to you later' the only clue that it wasn't for me was that I didn't know the sender).
Okay, I hope slashdot's ananomizer thing actualy works...
Ahem. In any event. A good way to prevent people from buying spam is by spamming for some great product. Say a $10 DVD player, Porn DVDs, narcotics, whatever. And then rather then sending them the product, you send them a mail bomb.
The media hype would probably scare enough people away from spamvertized products to kill it entirely, in the US anyway.
It would be easy to setup an OS so that 1) there is no "admin" for the user to be, and so that installed programs can't do things like scan your hard drive, report crap back to the master server, etc.
Basically, you setup ACLs for both users and programs. Then you deny the program all rights that it doesn't need. You don't even allow programs to automatically request certain privileges (like hooking the keyboard, extracting URLs, or any other data from any other program). Users would need to use the security manager to do that themselves.
You might be able to setup something like this using SELinux, but I don't know. Certainly no OS in existence is really setup to do something like that, but I hope that future all OSs will be, esp windows and MacOS.
Slashdot Mirror
For instance, the box on which I get all my mail, to which all my mailing list subscriptions go, and which is associated with my online identity everywhere I have one...is located halfway across the continent from me
Two solutions.
1) The "hard" but proper way, setup SPF records from all the machines you will be sending mail from or
2) Simply send all your mail out through the box you get it in from. What's so hard about that?
Anyway, I'll be happy to let anon mail through just for your convenience, so you don't have to setup SPF once every 6 months, or wait for your email to get forwarded through your own mail server, if you'd be willing to go through and delete the hundred or so SPAMs I get each day. Sound like a fair deal?
Well, I can dream, can't I?
But seriously, the two technologies together would pretty much kill spam "as we know it". That is to say, most of the anonymous, illicit, untraceable SPAM we get today.
Simply set all messages that either have ridiculously liberal SPF records (i.e. *.*.*.* or something) or messages that don't come from valid SPF specified machines to be challenged (you could also employ some kind of Bayesian filter, but I doubt that will help. See more below). Then wait for the response before white listing the address, and letting the message through.
Once this is widespread, people sending out junk-email will need to spam using their own domains. Which isn't that hard to do. Which is where the third phase of my plan comes in. A distributed blacklist of domains. This would work much better then the current Bullshit IP blacklists. Enough complaints and the domain would be marked down as a spammer.
Spammers would need to buy new domains for each spam campaign, and hopefully not be able to get out more then a few hundred SPAMs before being blacklisted. That would make spamming completely unprofitable.
Anyway, I hope register.com hurries the hell up and lets me add these to my domains. I've actually been getting a bunch "recipient not found" messages going to [random word]@[mydomain.com] (not autpr0n.com, either my personal domain) meaning someone is spamming and using forged address claming to be from my domain
and for each bounced message, who knows how many are getting through. A friend of mine (an AOL user) actually had a spammer us his personal email address, and got not only a bunch of bounces, but angry emails and IMs.
The sooner this goes into effect, the better. It'll probably be a long time before we can block all email that doesn't come from a domain with SPF, but hopefully soon we can get rid of emails that are explicitly not authorized. (like those claming to be from my servers...)
Look, going to mars is nice and all, but not if it means i have to look at all these ugly bitches without any makeup!
Actualy, fonts do not have copyright protection in the US. The actual data in the font file can be copyrighted but the actual images cannot be.
All you have to do is bleach $1s.
0.1% is 1 in 1,000. Not one in 10,000, you mother fucking idiot.
That early into the administration all the previous administration's methods were still in place
That's actualy not true at all. The bush admin got rid of a lot of senior admn. people including those working in national security, and replaced them with republicans.
Do you really need 4gb of songs just for the gym? There are solid state players that are a lot smaller then the ipod, which is important when you're working out. If you're only going to be there an hour or two, you only need that many songs.
Also, the iPod is the only player that works with audiobooks.
That statement dosn't make any sense at all.
A couple of things. The market value of SCO already includes the probability of winning the case against IBM.
So in that case, investing in SCO is like buying insurance on your investments in companies who's fortunes are related to open-source.
SCO's share price is still really cheap compared to the value that they would get if they won their suit. So if I owned a ton of shares of Redhat or SuSE or IBM (for example) I could purchase a smaller number of SCO shares. If SCO wins the suit, I wouldn't lose any money!
If SCO loses the suit, the money would pretty much go to zero, but that's no different then what happens to the money you pay for car insurance if you don't get into an accident.
So no one thinks SCO will really win, they just want to be covered in the event that it does.
They don't need to try every dictionary word, they would only need to try ones that would be answers to obvious questions.
If your Turing email protection scheme actualy worked, it would be easy to defeat. Spammers could harvest the XOR of the email, and use a dictionary attack.
Spam operators are getting more creative in their efforts to get around spam filters. R.a..n,d,o.,m p,u,,n,c.t,,u_a.t.1..0.n makes it nearly impossible to block spam messages by filtering keywords. Operators are changing to graphics interchange format images with no searchable text. Some spammers send in encoded formats, like Base64, to circumvent keyword filters altogether, and relay through IP addresses that have no Domain Name System domains associated with them.
Why on earth did they expand "GIF" there?
Oh well, the base-64, and even the image method are not immune from keyword and Baysian filters (in fact, you could theoreticaly write a Baysian filter based on image features, killing any "Ad-like" images!)
What do you do that's causing things to be so slow? Using a 3.0ghz machine at work. I don't think it's any slower then when I got it, but in comparison...
Actually the reason not to get into the PC business is because it's stupid. Unless you have tons of money to advertise, why would anyone buy from a 'no name' company when they could get a Dell, probably for cheaper? Anyone who knows enough about computers to judge their quality would just build their own anyway.
Maybe if you made super-high end systems like Alienware, or some other companies, and could justify a heavy premium, you might make money.
Of course, then you would need even more money to start with.
Not only is it stupid, it's also unoriginal. I mean why would you would you want to get into the business of selling basically the exact same thing as hundreds of other companies? Why not make something Unique and interesting?
That a TiVo is a general purpose computer running Linux. It's not hard to make a general purpose machine 'just work' for what you buy it for. The problem comes when people add in new software and drivers. If you buy a new dell, it'll 'just work' as long as you like as long as you never upgrade the hardware or software (assuming you don't connect it to the internet, or that no security patches break the system... )
Because it's far, far cheaper and less work to bitch then it is to start a company :P
And not because I run Linux. I simply don't mess with my computer any more. I've had the same motherboard, even the same CPU for over two years. It's irritatingly slow, yes, but I don't have any money to upgrade.
So the box just sits there, chugging along, without any problems.
Do you people who know car mechanics intimately get the same kind of fixit requests from family? damn that'd shit me. Maybe I should go become an expert in astrophysics or some other shit my family don't do
Well, I suppose if they were a mechanic they might. The problem is a lot of us arn't "mechanics". I was into building and fixing PCs in high school. But after a while I 'knew everything' and it got to the point where it was more tedium then excitement.
I'm about to graduate with a CS degree. I enjoy programming, and I don't mind tinkering with my own machine once in a while. But really, asking me to fix a computer would be like asking some guy who works at ford doing some kind of advanced engineering to fix their car. The person could do it, probably, because they are a good engineer in general but it would be a huge pain.
heh, actualy I'm not really an apple fan. I just want some karma.
Gimmy!
Well, like any spam solution, this isn't good on it's own. I'm pretty sure I've sent people e-mails with the string 'http://' in them, letting them know about a website I've found. Or created.
.... check out this website ... talk to you later' the only clue that it wasn't for me was that I didn't know the sender).
It also seems like a Baysian filter would pick up on this by itself. Why write a spesific system to block out 'http://'.
And while images will make a spam stand out, so will getting past most spam filters. Thats why a lot of the spam I've been getting dosn't even register on the Baysian filter I use, and apears to be a regular email even after reading it (like 'hey man what's up?
Okay, I hope slashdot's ananomizer thing actualy works...
Ahem. In any event. A good way to prevent people from buying spam is by spamming for some great product. Say a $10 DVD player, Porn DVDs, narcotics, whatever. And then rather then sending them the product, you send them a mail bomb.
The media hype would probably scare enough people away from spamvertized products to kill it entirely, in the US anyway.
It would be easy to setup an OS so that 1) there is no "admin" for the user to be, and so that installed programs can't do things like scan your hard drive, report crap back to the master server, etc.
Basically, you setup ACLs for both users and programs. Then you deny the program all rights that it doesn't need. You don't even allow programs to automatically request certain privileges (like hooking the keyboard, extracting URLs, or any other data from any other program). Users would need to use the security manager to do that themselves.
You might be able to setup something like this using SELinux, but I don't know. Certainly no OS in existence is really setup to do something like that, but I hope that future all OSs will be, esp windows and MacOS.
Pretty much all of his observations are pretty obvious, except where he gets things wrong (i.e. nintendo using Cell).
But I suppose looking only a year into the future, you can't be too grandiose.