I'm sitting here listing to a Shoutcast stream ofreally sweet music from bands I've never heard of and would never have found otherwise. I'm taking notes so I can buy their CDs and concert tickets. I'm thinking decentralization is what it takes to connect customers and musicians.
I'm thinking market forces won't ever provide that anywhere near as well as "stations" run by people who simply love music.
Re:I got one word for ya:
on
Spammers Busted
·
· Score: 2, Interesting
Also as you've alluded to, it wouldn't be terribly difficult to forge the From: identity of someone already in your whitelist; something that happens quite frequently.
And as I said, they would need more bandwidth to tailor the From address on every message they sent. Way more. Right now they inject a single copy of the message with a long list of addresses in the "RCPT TO" SMTP command, and the relay owner eats the bandwidth. Customizing the From address would require the spammer to send one full copy of the message for each recipient. I'm guessing that's a 10x or 100x increase in bandwidth demands, maybe more.
More significantly, whitelist-approved From addresses will not scale to the proportions of spammers' mailing lists. It's one thing to scrape a million addresses from usenet, it's another to discover a whitelist-approved From address for every victim's address. This does not worry me one bit.
Als for mailing lists, they are addressed up front in the procmail script that implements my whitelist system. They get delivered before the whitelist gets examined. I'm on more lists than I can count, and I have yet to send a confirmation request to a list or to someone on a list. The only errors so far have been in the form of mailing list messages erroneously delivered to my daemon folder.
If someone can't be bothered to confirm a message, I can't be bothered to read their message. That is a feature, not a bug.
I look at it this way... How much spam am I willing to put up with in order to prevent friends from having to (gasp) send one extra message when they switch email addresses? Answer: none.
OK, maybe that should be two words, but it works really well. Every email coming into my system gets its From address checked against a list of approved correspondents. If there is a match, the message is delivered normally. If there's no match, a message goes out asking them to confirm that they are not a spammer. Upon receipt of confirmation, the original message is delivered and the address is added to the whitelist.
So far it appears that the nigerian bank scammers are the only spammers who a) use valid From or Reply-to addresses and b) read their responses. In the few months that I've been using a whitelist, I've seen two or three of those scams, and nothing else.
There's nothing centralized or proprietary about it.
It's simple, but it works very well, because spammers (with VERY few exceptions) do not personalize their from addresses, and practically cannot, because of the bandwidth it would require. They also do not read the replies their spam generates; again, there's a bandwidth problem, not to mention that they know very well that 99% of the replies probably consist of little more than expletives.
With a bit more work, it could be far more secure. For example, the filter could bounce anything not digitally signed by someone in the whitelist, and a key-signing distributed web of trust could be used to keep out spammers. That could be done with an infrastructure change, or it could be done with widespread adoption of PGP, GPG, or Zendit -style encryption software (which would be a good thing anyhow). (Disclaimer: I work for Authora, makers of Zendit.)
This doesn't solve the bandwidth problem, but it does solve the waste-my-time problem, which is good enough for me.
$10 CDs are here now - just buy 'em used. For the last several years almost all of my CD purchases have been used - probably ~150 CDs. So far I've only got one with a scratch in it, and the store took it back and let me exchange it.
On second thought... forget I said any of that. With fewer chumps to eat the depreciation I'd have to look that much harder to find the used CDs I want.:-)
This stuff has been on my mind a lot lately, which is one of the reasons I just spent a mod point on the above post. I've got a sizable code base and (if I may say) an interesting product... I'm pondering ways to offer it for sale, while simultaneously opening the source. Or maybe "sharing" the source would be a better way to put it?
So I'm going to be selling it, while inviting people to add features. Hmm. I don't think I can expect anyone in the "open source community" to add code to this projct and then let me sell their stuff. Heck, I'd probably have reservations about donating significant amounts of code to someone else's business. How many people would spend hours working on a piece of code, knowing that someone else is going to sell that code and pocket the money... while the volunteer developer gets, at most, some personal satisfaction? Is that "volunteering" or just "exploitation?"
If someone adds an interesting feature to the applicatin, I can see myself paying for the right to add it to the commercial version, but I can also see it being a real pain in the butt to haggle over the price of every contributed feature. Said butt-pain may not be worth the revenue.
Volunteerism is what makes open source strong. If two people get interested in contributing to the GPLed version, that's twice as many people as are contributing to the commercial code base (i.e. me). Eventually, the GPLed version will almost certainly exceed the functionality of the commercial version. So, my revenue would hit zero, and the commercial thing would be a waste of my time and money. But can I have my cake and eat it too?:-)
Two ideas come to mind...
One, open the source with a license other than the GPL. Let people modify it for their own use, but not distribute binaries with their changes. That way the coder community can play with it all they want, while presenting little competition to the commercial version (whose target market doesn't know a compiler from a linker).
Two, hope that what I've created so far is interesting enough that people will play with it and extend it for their own purposes, just because it's fun to play with it and extend it. In exchange for providing this platform to build on, I ask that any additions they choose to distribute be licensed to me for addition to the platform. In other words, hope that what I've created is so much fun to play with that people will pay me to extend it for their purposes, and payment will be in the form of the code to their extensions.
Seems like a long shot, but it's an interesting idea.
(Practically speaking, this whole commercial concept sounds like more trouble than it's worth. I have a day job, I like it, it pays better than this ever will... The best use of my time and energy might just be to open the source, offer guidance to anyone who wants to extend the code, and enjoy the ride. But theoretically speaking, making a little money on the side would be neat, and dual licensing presents some interesting issues.)
If you restate Moore's Law in terms of calculations per unit of time, the data fits the curve surprisingly well all the way back to abacus technology. It's spooky... napier's bones, slide rules, relays, vacuum tubes, transistors... all invented at or near the appropriate point on the curve.
Past performance does not guarantee future results, but it definitely won't be much of a surprise if a new technology (or three) comes along to keep the performance curve going. I'd be surprised if it didn't. There may be a brief blip in the actual curve, but will it last long enough to be remembered?
It is preposterous to expect slashdot to be responsible for linking to someone else's site.
It is preposterous to apologize for an organization that unleashes a DoS attack on several servers every freakin' day.
By putting content on the WWW, you are explicitly allowing others to visit your site.
By having an email address you are explicitly allowing others to spam you with penis extension and make.money.fast schemes. Right?
Not everyone has bandwidth that is metered.
Not everyone has unlimited free bandwidth. In fact, I'd wager that such sites don't even exist, excepting maybe www.quest.com and the like.
And don't nobody bring up the red herring about 'legal issues with mirroring.' If you offer to mirror, and they agree, there are no legal issues. If you offer, and they content owners declines the offer, then you don't mirror and there are no legal issues. Bottom line: there are no legal issues with mirroring.
In the latter case, nothing changes. In the former case,/. readers would actually be able to see what/. links to, without waiting a couple days for the stampede to pass. Imagine that! Slashdot, but with readable content in every link. Slashdot readers would have a better exerience, site operatores would have fewer DoS attacks, and everybody would be happy.
Well, everyone but the slashdot people, of course... they'd have to (gasp!) ask permission to mirror and maybe actually (egads!) mirror a few pages before posting some of their stories. Oh, that extra work would be un-freaking-bearable.
I wonder if the Slashdot powers-that-be ever offer to mirror their victim's sites before baiting the Slashdot readership into unleashing a DoS attack upon it?
If they don't, how long until it gets used against them in court? The PTB known damn well that they knock over web servers on a regular basis. How long until they knock over a web server belonging to someone who responds with a civil suit?
Are they assholes? Are they idiots? Or are they offering to do things right, and are the owners of the slashdotted sites to blame?
Fair enough. At first I thought this might be a problem, but then I realized it's actually an added benefit. If someone feels that the message they sent me is so unimportant that it's not worth answering the confirmation request, then I myself consider it so unimportant that I'm glad not to be bothered by it.
And I hate to receive "please confirm" message if I have not sent original one. You know email headers are forgible...
Yes, I know headers can be forged - the fact that almost all spam arrives with a bogus From address is one of the reasons the whitelist works so well. The few bits of spam that have gotten through the whitelist have been from Nigerian chain letter spammers, becuase they are just about the only spammers who use real addresses and bother to reply to my "secretary's" confirmation request.
Anyhow, if a spammer forges someone else's valid email address, that person will receive a boatload of bounce messages, because spammers send their crap to mailing lists with large numbers of invalid addresses and other auto-response accounts. The message the victim receives from my whitelist autoresponder will leave them no worse off than the bounce message they would get if my email account didn't exist.
It might even be helpful to the victim, since it will definitely include a copy of the message I received in the first place. When one of my addresses was used by a spammer, it took me a while to figure out what was going on, because mostly what I got was bounces and flames without copies of the original spam.
Deliberate abuse does present a potential problem. Someone could cause my autoresponder to send a bunch of confirmation messages to a victim as (part of) a DoS attack. I'll extend the whitelist autoresponder so it doesn't send multiple whitelist confirmation requests to the same address. Thanks for bringing that possibility to my attention.
Whitelisting has cut my spam intake down to almost nothing. The costs are small:
People who email me for the first time will get a "please confirm" message to get their email address into the whitelist. This request is sent automatically and the response is processed automatically, so it requires none of my time.
The bandwidth cost is the biggest thing. Every spam I get creates an outgoing "subscription request" message, and usually a "no such user" bounce because spammers almost always use bogus From and Reply-to addresses. The impact is pretty trivial for me on my DSL-hosted SMTP server. I'm not sure how it would scale for an ISP. But, if it cost a dollar per user per month... it works well enough that I'd pay that if I had to. Heck, it's half the reason I'm paying an extra $20/month for static IP address.
An PKI-based authentication with support at the transport level would be even better. In the meantime, this approach works for me, and it works really, really well. I get about a hundred messages a day, and about one spam per week.
I don't claim that it's a permanent solution (hence the note about "for now"), but "fundamentally broken" radically overstates the magnitude of the trivial potential problem that you bring up.
First, the human problem: When one bit of spam gets through the whitelist, the spam victim removes the 'from' address from the whitelist, and the spammer needs to find or create a new whitelisted address for each of the million+ target addresses. It wouldn't be enough to sell CDs with millions of addresses, they would need to be address pairs (one target address, one or more whitelisted 'from' address). While destination email addresses are long-lived, the whitelisted addresses would be shortlived and all but useless.
Then there's the technical problem: most spam is sent with a single 'from' address and multiple 'rcpt to' addresses. This is how relay abuse gets done - the message data gets transmitted once (or relatively few times) with MANY recipient addresses, so as to reduce the spammer's need for bandwidth. (It fucks over the relay owner, but who do spammers care?) Sending large amounts of spam with from addresses customized on a per-recipient basis would require spammers to acquire and maintain huge amounts of bandwidth - an amount roughly equal to the amount that they currently steal. Possible, but unlikely.
Call it "fundamentally broken" if you wish, but the bottom line is the signal:noise ratio in my inbox... it's approaching NaN. That makes me happy.
Yes, spammers can pretend to be whoever they want, but that takes work, and spammers and fundamentally lazy, so I'm not worried.
If whitelisting catches on in a very big way, spammers might start working on ways to get around it, and if they have any significant success I will to what it takes to stay one step ahead of them in the inbox arms race. But if whitelisting doesn't, spammers won't, and I'll continue to ignore the spam problem while I enjoy my spam-free inbox.
I started playing with procmail and grep and the whitelist idea, and after a day or three I cooked up this monstrosity.
If you email me, and you're not in my whitelist, you get a message from my "secretary" asking you to confirm your email address. If you're a spammer, you never see that message. If you're a human being, you either reply to the confirmation request (if the message was important) or you ignore it (if the message wasn't important, in which case I'm happy not to hear from you).
The only problem is those damn Nigerian bank scammers. They actually read their replies. i've heard from two of them in the six or seven months I've been running this whitelist contraption.
But anyhow, spam is no longer the annoyance it once was. I still look forward to strong laws against spam, because I know my bandwidth is being wasted (and other peoples' too), but at least I don't have to see it.
I used to look down on the whitelist approach, because in a sense it is admitting defeat - they're still out there burning up bandwidth, and this doesn't help catch them. But, I'm so glad to be free of spam... Every time I check my email and find no spam, it feels like victory. For me, the great annoyance of time wasted dealing with spam far outweighs the minor inconvenience of increased bandwidth consumption.
Y'all can play games with spam and spammers if you want to, but for me, for now, it's yesterday's problem.
On the one hand, I think the whiner who submitted this story is, well, a whiner. If you agree with the terms, buy the service. If you don't, you're on your own. Nobody is obligated to give anything away for free.
On the other hand, it does raise the question: what's the best way to get some financial return on the time you invest creating an open source project? I really wish personal satisfaction would pay the rent or even just grocery bills, but it doesn't.
Whining aside, charging for information does seem a bit silly in the open source arena. Charging for time might make more sense... Are there any open source developers out there with 1-900 support lines? Anyone know of any other strategies that are actually bringing in money?
How is it reasonable to be "pissed off" that someone won't just flat-out GIVE you something? Especially when it's something they worked hard to acquire? (e.g. knowledge, software, talent, time, whatever)
Do you want a GUI toolkit that will let you put windows and dialog boxes and such inside your GL render context, or...
Do you want a GUI toolkit that will draw windows and dialog boxes and such on the destop, and which includes support for windows that host GL render contexts?
What we need is an easy way to translate analysis directly into code in a reliable way without human intervention.
This is already the case. The people who can write those analyses are called "programmers." Higher level languages will make programming easier, faster, and cheaper, but the people writing the analyses will still be programmers. Non-programmers, managers, and aspiring programmers will always find that it's difficult to solve difficult problems.
Programming is actually not very hard. Understanding the client's problem is kinda hard, but describing the solution is the really hard part. It will always be hard, unless the problem is trivial.
Higher level programming languages will still require programmers.
It's also interesting how recently slashdot editors are picking up on the fact that there is significant technical awareness even in countries they've never heard of.
It used to be that NT was just too much for a "normal" computer in those days - you needed a "workstation" to run it. (This was back when anything faster than a Pentium-60 could be called a "workstation.")
There was talk of trimming down NT to run on desktops at home, and what a benefit that would be... imagine a home computer that runs all 32-bit software and really has preemptive multitasking and all that "advanced" stuff. But that didn't happen until now, when the average new home computer runs at 10x the clock speed of those hot sexy machines we used to use for NT4.
Slashdot Mirror
I'm thinking market forces won't ever provide that anywhere near as well as "stations" run by people who simply love music.
And as I said, they would need more bandwidth to tailor the From address on every message they sent. Way more. Right now they inject a single copy of the message with a long list of addresses in the "RCPT TO" SMTP command, and the relay owner eats the bandwidth. Customizing the From address would require the spammer to send one full copy of the message for each recipient. I'm guessing that's a 10x or 100x increase in bandwidth demands, maybe more.
More significantly, whitelist-approved From addresses will not scale to the proportions of spammers' mailing lists. It's one thing to scrape a million addresses from usenet, it's another to discover a whitelist-approved From address for every victim's address. This does not worry me one bit.
Als for mailing lists, they are addressed up front in the procmail script that implements my whitelist system. They get delivered before the whitelist gets examined. I'm on more lists than I can count, and I have yet to send a confirmation request to a list or to someone on a list. The only errors so far have been in the form of mailing list messages erroneously delivered to my daemon folder.
If someone can't be bothered to confirm a message, I can't be bothered to read their message. That is a feature, not a bug.
I look at it this way... How much spam am I willing to put up with in order to prevent friends from having to (gasp) send one extra message when they switch email addresses? Answer: none.
OK, maybe that should be two words, but it works really well. Every email coming into my system gets its From address checked against a list of approved correspondents. If there is a match, the message is delivered normally. If there's no match, a message goes out asking them to confirm that they are not a spammer. Upon receipt of confirmation, the original message is delivered and the address is added to the whitelist.
So far it appears that the nigerian bank scammers are the only spammers who a) use valid From or Reply-to addresses and b) read their responses. In the few months that I've been using a whitelist, I've seen two or three of those scams, and nothing else.
There's nothing centralized or proprietary about it.
It's simple, but it works very well, because spammers (with VERY few exceptions) do not personalize their from addresses, and practically cannot, because of the bandwidth it would require. They also do not read the replies their spam generates; again, there's a bandwidth problem, not to mention that they know very well that 99% of the replies probably consist of little more than expletives.
With a bit more work, it could be far more secure. For example, the filter could bounce anything not digitally signed by someone in the whitelist, and a key-signing distributed web of trust could be used to keep out spammers. That could be done with an infrastructure change, or it could be done with widespread adoption of PGP, GPG, or Zendit -style encryption software (which would be a good thing anyhow). (Disclaimer: I work for Authora, makers of Zendit.)
This doesn't solve the bandwidth problem, but it does solve the waste-my-time problem, which is good enough for me.
He said noo-kyoo-ler.
On second thought... forget I said any of that. With fewer chumps to eat the depreciation I'd have to look that much harder to find the used CDs I want. :-)
Are those metric cubits or imperial cubits?
The only comments on this entire page worth reading are those labeled +5 Funny.
That's where 90% of the online economy is anyhow.
So I'm going to be selling it, while inviting people to add features. Hmm. I don't think I can expect anyone in the "open source community" to add code to this projct and then let me sell their stuff. Heck, I'd probably have reservations about donating significant amounts of code to someone else's business. How many people would spend hours working on a piece of code, knowing that someone else is going to sell that code and pocket the money... while the volunteer developer gets, at most, some personal satisfaction? Is that "volunteering" or just "exploitation?"
If someone adds an interesting feature to the applicatin, I can see myself paying for the right to add it to the commercial version, but I can also see it being a real pain in the butt to haggle over the price of every contributed feature. Said butt-pain may not be worth the revenue.
Volunteerism is what makes open source strong. If two people get interested in contributing to the GPLed version, that's twice as many people as are contributing to the commercial code base (i.e. me). Eventually, the GPLed version will almost certainly exceed the functionality of the commercial version. So, my revenue would hit zero, and the commercial thing would be a waste of my time and money. But can I have my cake and eat it too? :-)
Two ideas come to mind...
One, open the source with a license other than the GPL. Let people modify it for their own use, but not distribute binaries with their changes. That way the coder community can play with it all they want, while presenting little competition to the commercial version (whose target market doesn't know a compiler from a linker).
Two, hope that what I've created so far is interesting enough that people will play with it and extend it for their own purposes, just because it's fun to play with it and extend it. In exchange for providing this platform to build on, I ask that any additions they choose to distribute be licensed to me for addition to the platform. In other words, hope that what I've created is so much fun to play with that people will pay me to extend it for their purposes, and payment will be in the form of the code to their extensions.
Seems like a long shot, but it's an interesting idea.
(Practically speaking, this whole commercial concept sounds like more trouble than it's worth. I have a day job, I like it, it pays better than this ever will... The best use of my time and energy might just be to open the source, offer guidance to anyone who wants to extend the code, and enjoy the ride. But theoretically speaking, making a little money on the side would be neat, and dual licensing presents some interesting issues.)
Past performance does not guarantee future results, but it definitely won't be much of a surprise if a new technology (or three) comes along to keep the performance curve going. I'd be surprised if it didn't. There may be a brief blip in the actual curve, but will it last long enough to be remembered?
It is preposterous to apologize for an organization that unleashes a DoS attack on several servers every freakin' day.
By putting content on the WWW, you are explicitly allowing others to visit your site.
By having an email address you are explicitly allowing others to spam you with penis extension and make.money.fast schemes. Right?
Not everyone has bandwidth that is metered.
Not everyone has unlimited free bandwidth. In fact, I'd wager that such sites don't even exist, excepting maybe www.quest.com and the like.
And don't nobody bring up the red herring about 'legal issues with mirroring.' If you offer to mirror, and they agree, there are no legal issues. If you offer, and they content owners declines the offer, then you don't mirror and there are no legal issues. Bottom line: there are no legal issues with mirroring.
In the latter case, nothing changes. In the former case, /. readers would actually be able to see what /. links to, without waiting a couple days for the stampede to pass. Imagine that! Slashdot, but with readable content in every link. Slashdot readers would have a better exerience, site operatores would have fewer DoS attacks, and everybody would be happy.
Well, everyone but the slashdot people, of course... they'd have to (gasp!) ask permission to mirror and maybe actually (egads!) mirror a few pages before posting some of their stories. Oh, that extra work would be un-freaking-bearable.
So, DoS it is!
You find a station that plays a couple bands you know, and after a while you find they also play music from a couple bands you didn't know...
I wonder if the Slashdot powers-that-be ever offer to mirror their victim's sites before baiting the Slashdot readership into unleashing a DoS attack upon it?
If they don't, how long until it gets used against them in court? The PTB known damn well that they knock over web servers on a regular basis. How long until they knock over a web server belonging to someone who responds with a civil suit?
Are they assholes? Are they idiots? Or are they offering to do things right, and are the owners of the slashdotted sites to blame?
Fair enough. At first I thought this might be a problem, but then I realized it's actually an added benefit. If someone feels that the message they sent me is so unimportant that it's not worth answering the confirmation request, then I myself consider it so unimportant that I'm glad not to be bothered by it.
And I hate to receive "please confirm" message if I have not sent original one. You know email headers are forgible...
Yes, I know headers can be forged - the fact that almost all spam arrives with a bogus From address is one of the reasons the whitelist works so well. The few bits of spam that have gotten through the whitelist have been from Nigerian chain letter spammers, becuase they are just about the only spammers who use real addresses and bother to reply to my "secretary's" confirmation request. Anyhow, if a spammer forges someone else's valid email address, that person will receive a boatload of bounce messages, because spammers send their crap to mailing lists with large numbers of invalid addresses and other auto-response accounts. The message the victim receives from my whitelist autoresponder will leave them no worse off than the bounce message they would get if my email account didn't exist.
It might even be helpful to the victim, since it will definitely include a copy of the message I received in the first place. When one of my addresses was used by a spammer, it took me a while to figure out what was going on, because mostly what I got was bounces and flames without copies of the original spam.
Deliberate abuse does present a potential problem. Someone could cause my autoresponder to send a bunch of confirmation messages to a victim as (part of) a DoS attack. I'll extend the whitelist autoresponder so it doesn't send multiple whitelist confirmation requests to the same address. Thanks for bringing that possibility to my attention.
People who email me for the first time will get a "please confirm" message to get their email address into the whitelist. This request is sent automatically and the response is processed automatically, so it requires none of my time.
The bandwidth cost is the biggest thing. Every spam I get creates an outgoing "subscription request" message, and usually a "no such user" bounce because spammers almost always use bogus From and Reply-to addresses. The impact is pretty trivial for me on my DSL-hosted SMTP server. I'm not sure how it would scale for an ISP. But, if it cost a dollar per user per month... it works well enough that I'd pay that if I had to. Heck, it's half the reason I'm paying an extra $20/month for static IP address.
An PKI-based authentication with support at the transport level would be even better. In the meantime, this approach works for me, and it works really, really well. I get about a hundred messages a day, and about one spam per week.
First, the human problem: When one bit of spam gets through the whitelist, the spam victim removes the 'from' address from the whitelist, and the spammer needs to find or create a new whitelisted address for each of the million+ target addresses. It wouldn't be enough to sell CDs with millions of addresses, they would need to be address pairs (one target address, one or more whitelisted 'from' address). While destination email addresses are long-lived, the whitelisted addresses would be shortlived and all but useless.
Then there's the technical problem: most spam is sent with a single 'from' address and multiple 'rcpt to' addresses. This is how relay abuse gets done - the message data gets transmitted once (or relatively few times) with MANY recipient addresses, so as to reduce the spammer's need for bandwidth. (It fucks over the relay owner, but who do spammers care?) Sending large amounts of spam with from addresses customized on a per-recipient basis would require spammers to acquire and maintain huge amounts of bandwidth - an amount roughly equal to the amount that they currently steal. Possible, but unlikely.
Call it "fundamentally broken" if you wish, but the bottom line is the signal:noise ratio in my inbox... it's approaching NaN. That makes me happy.
Yes, spammers can pretend to be whoever they want, but that takes work, and spammers and fundamentally lazy, so I'm not worried.
If whitelisting catches on in a very big way, spammers might start working on ways to get around it, and if they have any significant success I will to what it takes to stay one step ahead of them in the inbox arms race. But if whitelisting doesn't, spammers won't, and I'll continue to ignore the spam problem while I enjoy my spam-free inbox.
If you email me, and you're not in my whitelist, you get a message from my "secretary" asking you to confirm your email address. If you're a spammer, you never see that message. If you're a human being, you either reply to the confirmation request (if the message was important) or you ignore it (if the message wasn't important, in which case I'm happy not to hear from you).
The only problem is those damn Nigerian bank scammers. They actually read their replies. i've heard from two of them in the six or seven months I've been running this whitelist contraption.
But anyhow, spam is no longer the annoyance it once was. I still look forward to strong laws against spam, because I know my bandwidth is being wasted (and other peoples' too), but at least I don't have to see it.
I used to look down on the whitelist approach, because in a sense it is admitting defeat - they're still out there burning up bandwidth, and this doesn't help catch them. But, I'm so glad to be free of spam... Every time I check my email and find no spam, it feels like victory. For me, the great annoyance of time wasted dealing with spam far outweighs the minor inconvenience of increased bandwidth consumption.
Y'all can play games with spam and spammers if you want to, but for me, for now, it's yesterday's problem.
On the other hand, it does raise the question: what's the best way to get some financial return on the time you invest creating an open source project? I really wish personal satisfaction would pay the rent or even just grocery bills, but it doesn't.
Whining aside, charging for information does seem a bit silly in the open source arena. Charging for time might make more sense... Are there any open source developers out there with 1-900 support lines? Anyone know of any other strategies that are actually bringing in money?
How is it reasonable to be "pissed off" that someone won't just flat-out GIVE you something? Especially when it's something they worked hard to acquire? (e.g. knowledge, software, talent, time, whatever)
Do you want a GUI toolkit that will let you put windows and dialog boxes and such inside your GL render context, or... Do you want a GUI toolkit that will draw windows and dialog boxes and such on the destop, and which includes support for windows that host GL render contexts?
Yeah, for some strange reason, we insist on holding thieves and criminals responsible for those sorts of things.
This is already the case. The people who can write those analyses are called "programmers." Higher level languages will make programming easier, faster, and cheaper, but the people writing the analyses will still be programmers. Non-programmers, managers, and aspiring programmers will always find that it's difficult to solve difficult problems.
Programming is actually not very hard. Understanding the client's problem is kinda hard, but describing the solution is the really hard part. It will always be hard, unless the problem is trivial.
Higher level programming languages will still require programmers.
It's also interesting how recently slashdot editors are picking up on the fact that there is significant technical awareness even in countries they've never heard of.
Or you're a unix bigot with no imagination.
Technology marches on, progress happens. Don't let your fondness for yesterday's tools hold you back.
There was talk of trimming down NT to run on desktops at home, and what a benefit that would be... imagine a home computer that runs all 32-bit software and really has preemptive multitasking and all that "advanced" stuff. But that didn't happen until now, when the average new home computer runs at 10x the clock speed of those hot sexy machines we used to use for NT4.
For some reason I find that amusing.