Require the message sender to authenticate in order for message to come across a trusted e-mail network
Read: trusted network == commercial network
Why do you think this is in the "Money & Investing" department (see the linked article). No, this isn't for me. Businesses may well choose to use something like this for their communications, but they will not have the pleasure of communicating with me. While SMTP has its flaws, it still allows any IP host to send mail to any other IP host and that is a good thing.
To gain insight into what's going to happen with email and Internet communications in general over the next couple of years, you have to adopt a business mindset to see it from their eyes. There is a big problem (spam) hence a potential to make money. Various companies are going to try and cash in on this situation by offering a solution that might very well decrease spam -- some sort of commercially controlled communication network -- but this is definitely not in the best interest of the Internet. Of course, it's in the best interest of the company that's peddling the solution (duh!)
The Internet isn't Compuserve, or AOL. It's a network of IP hosts, and those are the entities which should have a facility for sending communications back and forth. There is no need for a central carrier for communications
So if my ISP does pass on the any charges, then I am paying for something that I don't do.... Why shouldn't I download music? I am paying for it regardless.
Exactly! In fact, you should download all that you can! It's morally justified. Fill up CDR's worth of music (artists already compensated) and stop buying CDs from stores. Fill up your hard drives with full-length movies (filmmakers will already be compensated) and stop renting movies.
If they want to go back to the moon, why the hell did the government cut science research funding to NASA and universities over the years? The government's approach has been to cripple NASA (everything must be cheaper, smaller, quicker).
You don't just "go" to the moon. It would be great to see the government offer more funding to science and NASA though. Could even kick-start the economy within a decade, or in the very least keep it from utter collapse.
You're not understanding me. I'm pointing out that the SMTP protocol places no inherent restrictions (or even suggestions) on what "type" of IP address can or can't transmit mail. My SMTP server sits in my basement, using an ADSL connection. Our LAN workstations offload mail to the SMTP server, which does the actual mail delivery. This is the intended use of SMTP, and is completely legitimate within IP, TCP, and SMTP specifications.
However these days there's a drive to disallow dynamic IP addresses from delivering mail. Proponents of this approach believe that only commercial class IP addresses should be permitted to deliver mail. That's what I'm saying is wrong, because it commercializes communications.
In the past, RBL-type lists worked great. These days, about 70-75% of all of our incoming spam comes from *unique dynamic hosts*, mostly from cable modems. The quantity is drastically increasing every day.
Certainly not. Just because some abuse comes from residential (cable/DSL) connections doesn't mean the proper approach is to block all such hosts from making standard TCP/IP connections. SMTP allows any IP host to transfer mail to any other IP host. Blocking all such traffic because of fear of worms is short-sighted and helps destroy Internet communications.
If you're using renattach on your server to filter attachments, just use the following in your renattach.conf to bitbucket this virus:
banned_files = wendy.zip/k
These days we buy the hardware and, sure the preloaded software probably sucks, so you reconfigure what you want or possibly even reinstall your OS. No problem!
But what happens when the hardware is in cahoots with the operating system, as will be the case with trusted computing? Well it may be a lot more difficult to get your computer to do what you want, because certain software components carrying the right keys will easily slide into operating system hooks, while un-"trusted" software (the stuff you want to run) is more difficult to install and run freely.
I can imagine what a spyware-sporting vendor can accomplish with a trusted computing system. Their spyware, "trusted" software, may be automatically installed and automatically re-installed beyond your control. 3rd party efforts to keep this unwanted software out of the system will fail, because that 3rd party software (no matter what you want) is untrusted... hell, the BIOS itself will help police usage of the system. You're in luck, your hardware is going to protect you;)
I'm a part time software developer (and full time University student) and I can tell you that I have made much more money associated with my free/open source software than I have with my generic Windows shareware.
Most of the money has resulted from custom modifications for organizations that started by using the free software. I am also developing several new projects, for which I plan on fundraising through sales of the open source software (yes, you can sell free software) as well as sales of manuals, etc.
One of the growing problems is the large base of broadband-connected (cable, DSL) users that ISPs insist on putting on dynamic IP address pools. We all know that there is no technical advantage to the dynamic IP addresses, since practically everyone is connected 24/7 (this is not the same situation with dial-in modem pools, where dynamic IPs are the best way to go).
If ISPs allocated static IP addresses to all their cable/DSL customers, we would see tremendous security gains because customers' addresses would stand still while they are tracked down.
Anti-spam/proxy/hijack systems would see abuse coming from a particular IP and could more easily identify that abuse source without huge collateral damage. Currently, DNSBLs are force dto list entire netblocks, or even all dynamic IP addresses!
Responsible parties would be easier to track down, regardless of type of abuse and historical records found online (e.g. IPs in logfiles) could be associated with a single entity
Infected hosts that are spewing worms by any method could be automatically blocked by routers/gateways, since the IP address is constant
Perhaps it's time to see some government regulation that requires that an ISP that provides broadband services where customers are connected more than X% of the day has to provide a static IP address. ISPs like to provide dynamic addressing because they have a persistent fear of people 'running their own servers' (bullshit), plus they can sell static IP addresses. Their approach is detrimental to general Internet security.
Imagine if there was a type of cheap cell phone service designed to facilitate outgoing calls only, accomplished via a dynamic origin phone number (that changed daily), making nearly impossible to have someone phone you back. Don't you think such a phone would be a huge source of all kinds of abuse? That's what ISPs are making possible by dynamic IP addresses on broadband customers. These hosts become rogue, because they are moving targets.
What would be interesting is if individuals and organizations, increasingly frustrated by the commercialization of the Internet decided to set up their own network of networks, running over perhaps point to point wired, optic links, wireless, or something else VPN-like. They used to do something like this in the old days, what was it called, UUCP?
I will be very curious to see how they regulate a voice communication that I encrypt and send to my friend in Australia. While they might be able to regulate the companies and devices produced commercially, data protected by a layer of encryption is untouchable.
In Canada, we already pay a fairly hefty CD-R levy because the jackasses in the recording industry convinced our government that CD-Rs are probably used to illegally copy their material (nobody uses CD-Rs to backup files, of course). Now that I pay these levies to the recording industry, I happily download and burn as much music as I want to. I'm already paying for the right!
I was feeling a bit guilty about downoading and burning movies as well, but something like the proposed new royalties (trickled down to my internet bill) would definitely alleviate this moral burden. If I'm paying for it anyway, you'd better believe I'm going to make the most of it.
There is one solution to the 'virus' problem that everyone in the networking and security field knows about, but which few professionals endorse due to conflicts with business and commerce.
The solution to 'viruses' is diversity in systems. This stems from the biological viewpoint which makes us realize that while one type of system may be vulnerable to a specific flaw, a mix of different systems (each with their own properties) will offer greater resilience.
Think of the Internet, and how much trouble has been caused by Microsoft Windows viruses. Because of the Microsoft monoculture, the Internet has come to the brink of disaster several times (worm outbreaks; flooding of DNS root servers; and most notably, spam and increasingly fragmented global communications as a result).
I'd much rather use a well-understood 30-year-old algorithm than some young upstart algorithm that may well still have vulnerabilities.
But when stuff like this happens, you have to tell the difference between a flaw in the algorithm and a flaw in the implementation. Brings to mind MS Crypto and even several OpenSSL vulnerabilities. Doesn't mean SSL is flawed, just means that the implementations screwed up somewhere.
ISP isn't a technical thing, it's a money thing
on
Who Is An ISP?
·
· Score: 1
The big move these days, spearheaded by content providers such as cable and telecom, is to clearly divide consumers and commercial service providers. This is a business thing, and it has nothing to do with technical matters.
For instance, many of us geeks have run our own web sites and mail servers for several years. Now we're running into increasing problems with ISPs that are blocking incoming and outgoing TCP ports, and entire netblocks getting tagged as consumer class (dynamic blocks) so that some domains can easily block our mail.
From a technical angle, there is no difference between the IP traffic coming from my server in the basement and the largest commercial servers on earth. We both send TCP/IP packets that adhere to an established, open specification. But the difference is that I shouldn't be providing web/mail services. Why? Because I'm competing with someone else, and at least someone could force me to buy a business hosting plan right?
We all know they are full of garbage, yet its still popular and their stocks are still ok... why? BECAUSE OF MEDIA COVERAGE!
I think it's unwise of slashdot to cover so many SCO stories, it just gives the issues more credibility. The company is garbage and their claims are getting annoying. Ignore them, and they'll go away.
Obscure Simpsons reference: "Just don't look... Just don't look!"
I guess the administration couldn't get their way by "taking it to the people" so they just said "fuck the people" and did it anyway.
Although I live in Canada and am a huge fan of the nation, it's worth pointing out the Canadian prime minister actually has too much power. This is a major weakness in the Canadian democratic system. The Prime Minister's Office tells the cabinet ministers what to do. The ministers in turn pressure the rest of the party in power to vote how they wish. Net result: whatever the prime minister wants, happens. So in Canada we are not protected against the whims of crazy politicians either.
Canada's not perfect, but it is definitely more moderate than the United States. You see plenty of support for the US, and plenty of condemnation of the war in Iraq. A big reason for Canadian level-headedness is that our nation has historically been heavily populated by Americans that have left the US during periods of craziness (Commie scare; Vietnam; War On Terror)
It really is impressive for me how honest some organizations have been about admitting system compromises (Debian, ProFTP, GNU.org).
As someone who works with networking security, I know lots of business servers get compromised regularly. Everyone hides it because it's embarassing for a business.
This makes you wonder how often other 'critical systems' get compromised, and get fixed without any public reports. Government computer systems get regularly compromised after all. But I'm sure so do vital Microsoft, IBM, systems, etc. Windows Update, anyone?
Yes, and as to many teenagers, the concept of actions having real consequences seems a little ridiculous too. Say whatever you will about the RIAA's tactics, this type of reaction from a teenager is hardly the result of an over-aggressive music industry.
Isn't it though? Every day, crooked government beaurocrats are wasting billions in tax dollars. The US is slowly imploding under a burden of corruption, greed, and social irresponsibility.
Crooked corporate executives are robbing United States citizens blind. Widows and retired people are losing their life savings, because some businessman scum is getting greedy and using creative accounting. Corrupt companies are dragging down the stock market with them, putting thousands of people out of work and threatening the viability of the US economy.
The president of the United States repeatedly implies links between Iraq and the 9/11 hijackers, and tricks his nation into supporting a needless war that has killed thousands of civilians and hundreds of American soldiers.
And all these guys get away with it. They can do whatever the fuck they want, because they're adults and they're in positions of power. You think teenagers these days are stupid enough to think that they're committing a 'crime' by sharing shitty music?
If peer-to-peer networks started encrypting their searches, whether or not it is strong encryption, wouldn't the RIAA have to stop. I believe breaking encryption, or bypassing the encryption could be considered quite illegal via the DMCA.
You could go a bit further than that. Every P2P user could write a little poem (copyrighted work) and encrypt it using a trivial-to-break scheme. Then we could share files that are encrypted with our own copyrighted poems. Fellow traders would routinely break the encryption. If the music industry breaks the encryption, however, they would be violating the DMCA because they are breaking encryption in order to reveal our copyrighted work!
Something like this could go a long way in demonstrating to the world how utterly stupid the DMCA is.
Slashdot Mirror
Read: trusted network == commercial network
Why do you think this is in the "Money & Investing" department (see the linked article). No, this isn't for me. Businesses may well choose to use something like this for their communications, but they will not have the pleasure of communicating with me. While SMTP has its flaws, it still allows any IP host to send mail to any other IP host and that is a good thing.
To gain insight into what's going to happen with email and Internet communications in general over the next couple of years, you have to adopt a business mindset to see it from their eyes. There is a big problem (spam) hence a potential to make money. Various companies are going to try and cash in on this situation by offering a solution that might very well decrease spam -- some sort of commercially controlled communication network -- but this is definitely not in the best interest of the Internet. Of course, it's in the best interest of the company that's peddling the solution (duh!)
The Internet isn't Compuserve, or AOL. It's a network of IP hosts, and those are the entities which should have a facility for sending communications back and forth. There is no need for a central carrier for communications
If they want to go back to the moon, why the hell did the government cut science research funding to NASA and universities over the years? The government's approach has been to cripple NASA (everything must be cheaper, smaller, quicker).
You don't just "go" to the moon. It would be great to see the government offer more funding to science and NASA though. Could even kick-start the economy within a decade, or in the very least keep it from utter collapse.
You're not understanding me. I'm pointing out that the SMTP protocol places no inherent restrictions (or even suggestions) on what "type" of IP address can or can't transmit mail. My SMTP server sits in my basement, using an ADSL connection. Our LAN workstations offload mail to the SMTP server, which does the actual mail delivery. This is the intended use of SMTP, and is completely legitimate within IP, TCP, and SMTP specifications.
However these days there's a drive to disallow dynamic IP addresses from delivering mail. Proponents of this approach believe that only commercial class IP addresses should be permitted to deliver mail. That's what I'm saying is wrong, because it commercializes communications.
If you're using renattach on your server to filter attachments, just use the following in your renattach.conf to bitbucket this virus:
banned_files = wendy.zip/k
These days we buy the hardware and, sure the preloaded software probably sucks, so you reconfigure what you want or possibly even reinstall your OS. No problem!
But what happens when the hardware is in cahoots with the operating system, as will be the case with trusted computing? Well it may be a lot more difficult to get your computer to do what you want, because certain software components carrying the right keys will easily slide into operating system hooks, while un-"trusted" software (the stuff you want to run) is more difficult to install and run freely.
I can imagine what a spyware-sporting vendor can accomplish with a trusted computing system. Their spyware, "trusted" software, may be automatically installed and automatically re-installed beyond your control. 3rd party efforts to keep this unwanted software out of the system will fail, because that 3rd party software (no matter what you want) is untrusted... hell, the BIOS itself will help police usage of the system. You're in luck, your hardware is going to protect you ;)
Here's a short little guide to compiling and installing a new Linux kernel
One of the growing problems is the large base of broadband-connected (cable, DSL) users that ISPs insist on putting on dynamic IP address pools. We all know that there is no technical advantage to the dynamic IP addresses, since practically everyone is connected 24/7 (this is not the same situation with dial-in modem pools, where dynamic IPs are the best way to go).
If ISPs allocated static IP addresses to all their cable/DSL customers, we would see tremendous security gains because customers' addresses would stand still while they are tracked down.
Perhaps it's time to see some government regulation that requires that an ISP that provides broadband services where customers are connected more than X% of the day has to provide a static IP address. ISPs like to provide dynamic addressing because they have a persistent fear of people 'running their own servers' (bullshit), plus they can sell static IP addresses. Their approach is detrimental to general Internet security.
Imagine if there was a type of cheap cell phone service designed to facilitate outgoing calls only, accomplished via a dynamic origin phone number (that changed daily), making nearly impossible to have someone phone you back. Don't you think such a phone would be a huge source of all kinds of abuse? That's what ISPs are making possible by dynamic IP addresses on broadband customers. These hosts become rogue, because they are moving targets.
What would be interesting is if individuals and organizations, increasingly frustrated by the commercialization of the Internet decided to set up their own network of networks, running over perhaps point to point wired, optic links, wireless, or something else VPN-like. They used to do something like this in the old days, what was it called, UUCP?
I will be very curious to see how they regulate a voice communication that I encrypt and send to my friend in Australia. While they might be able to regulate the companies and devices produced commercially, data protected by a layer of encryption is untouchable.
In Canada, we already pay a fairly hefty CD-R levy because the jackasses in the recording industry convinced our government that CD-Rs are probably used to illegally copy their material (nobody uses CD-Rs to backup files, of course). Now that I pay these levies to the recording industry, I happily download and burn as much music as I want to. I'm already paying for the right!
I was feeling a bit guilty about downoading and burning movies as well, but something like the proposed new royalties (trickled down to my internet bill) would definitely alleviate this moral burden. If I'm paying for it anyway, you'd better believe I'm going to make the most of it.
There is one solution to the 'virus' problem that everyone in the networking and security field knows about, but which few professionals endorse due to conflicts with business and commerce.
The solution to 'viruses' is diversity in systems. This stems from the biological viewpoint which makes us realize that while one type of system may be vulnerable to a specific flaw, a mix of different systems (each with their own properties) will offer greater resilience.
Think of the Internet, and how much trouble has been caused by Microsoft Windows viruses. Because of the Microsoft monoculture, the Internet has come to the brink of disaster several times (worm outbreaks; flooding of DNS root servers; and most notably, spam and increasingly fragmented global communications as a result).
The big move these days, spearheaded by content providers such as cable and telecom, is to clearly divide consumers and commercial service providers. This is a business thing, and it has nothing to do with technical matters.
For instance, many of us geeks have run our own web sites and mail servers for several years. Now we're running into increasing problems with ISPs that are blocking incoming and outgoing TCP ports, and entire netblocks getting tagged as consumer class (dynamic blocks) so that some domains can easily block our mail.
From a technical angle, there is no difference between the IP traffic coming from my server in the basement and the largest commercial servers on earth. We both send TCP/IP packets that adhere to an established, open specification. But the difference is that I shouldn't be providing web/mail services. Why? Because I'm competing with someone else, and at least someone could force me to buy a business hosting plan right?
I think it's unwise of slashdot to cover so many SCO stories, it just gives the issues more credibility. The company is garbage and their claims are getting annoying. Ignore them, and they'll go away.
Obscure Simpsons reference: "Just don't look... Just don't look!"
Although I live in Canada and am a huge fan of the nation, it's worth pointing out the Canadian prime minister actually has too much power. This is a major weakness in the Canadian democratic system. The Prime Minister's Office tells the cabinet ministers what to do. The ministers in turn pressure the rest of the party in power to vote how they wish. Net result: whatever the prime minister wants, happens. So in Canada we are not protected against the whims of crazy politicians either.
Canada's not perfect, but it is definitely more moderate than the United States. You see plenty of support for the US, and plenty of condemnation of the war in Iraq. A big reason for Canadian level-headedness is that our nation has historically been heavily populated by Americans that have left the US during periods of craziness (Commie scare; Vietnam; War On Terror)
It really is impressive for me how honest some organizations have been about admitting system compromises (Debian, ProFTP, GNU.org).
As someone who works with networking security, I know lots of business servers get compromised regularly. Everyone hides it because it's embarassing for a business.
This makes you wonder how often other 'critical systems' get compromised, and get fixed without any public reports. Government computer systems get regularly compromised after all. But I'm sure so do vital Microsoft, IBM, systems, etc. Windows Update, anyone?
Isn't it though? Every day, crooked government beaurocrats are wasting billions in tax dollars. The US is slowly imploding under a burden of corruption, greed, and social irresponsibility.
Crooked corporate executives are robbing United States citizens blind. Widows and retired people are losing their life savings, because some businessman scum is getting greedy and using creative accounting. Corrupt companies are dragging down the stock market with them, putting thousands of people out of work and threatening the viability of the US economy.
The president of the United States repeatedly implies links between Iraq and the 9/11 hijackers, and tricks his nation into supporting a needless war that has killed thousands of civilians and hundreds of American soldiers.
And all these guys get away with it. They can do whatever the fuck they want, because they're adults and they're in positions of power. You think teenagers these days are stupid enough to think that they're committing a 'crime' by sharing shitty music?
Truly, who is blind to reality?You could go a bit further than that. Every P2P user could write a little poem (copyrighted work) and encrypt it using a trivial-to-break scheme. Then we could share files that are encrypted with our own copyrighted poems. Fellow traders would routinely break the encryption. If the music industry breaks the encryption, however, they would be violating the DMCA because they are breaking encryption in order to reveal our copyrighted work!
Something like this could go a long way in demonstrating to the world how utterly stupid the DMCA is.