Re:DSpam with qmail / vpopmail
on
DSPAM v3.2 Released
·
· Score: 3, Interesting
Unfortunately, probably not much you can do about this without blocking all such legit system messages.
Here's a crazy idea: if you crypto-sign all messages you send, it should be possible to check the signature in bounced messages and filter any unsigned bounced messages.
We will never consume all the oil in the ground; if we tried, we'd be dead from global warming before we managed to burn it all.
Electricity and hydrogen are not energy sources, they are energy currencies (or carriers).
Electricity and hydrogen are complementary:
Electricity can be transmitted over distance efficiently, can be used by data processing equipment, can be converted to physical work (motors). Electricity can be converted into hydrogen (with a conversion cost).
Hydrogen can be stored (eg: for use in airplanes). Hydrogen can be converted into electricity (with a conversion cost).
Fuel cells don't require hydrogen; you can use any fuel in a fuel cell.
What makes fuel cells great is they are not limited by the Carnotcycle.
Internal combustion engines are heat engines. All heat engines have an efficiency upper bound converting energy into work. Fuel cells are not limited by the carnot cycle and therefore have higher theoretical maximum efficiency.
Nuclear is an energy source - one of the only energy sources not involving the
carboncycle.
Nuclear is expensive.
Clean, non-nuclear energy sources (wind, solar, tidal, etc) collectively cannot provide enough energy to satisfy our needs, making nuclear an eventuality, not an option.
As soon as you start advertising caps, you open the door to pissing contests. Like we are seeing between web-mail vendors regarding storage space (GMail, Yahoo!, and their ilk)
ISPs avoid competitive disadvantage by advertising services as "unlimited". ISPs regulate use by casting "over-use" as abuse which will be curtailed.
In fact, the best scenario for the ISP is to scare the user base into self-monitoring to avoid the Bandwidth Police. Ambiguous limits and shady enforcement policies foster a sense of unease among users.
I'm wondering... what happens when someone writes a POP-fs plug-in and turns gmail into a networked filesystem?
"I'll take you to court..." is not a threat the court will acknowledge. The court exists to settle disputes. The court prefers people settle their disputes without court involvement. The court does not like to settle disputes.
I don't think the courts see their high cost as a bad thing. If courts were cheap, we'd see every school-yard dispute landing in front of a judge.
How is this different from a password transmitted plain-text over the wire?
The author is trying to use the port number as an information channel. As an information channel, all the same security problems exist as for regular channels. In this case, the "port number sequence" is unencrypted. So we're back to plain-text passwords...
The Internet today doesn't have a structure that reflects IP address allocation, thus requiring huge routing tables to be maintained by routers.
RFC 3587: Moreover, the allocation of IPv6 addresses is related to policy and
to the stewardship of the IP address space and routing table size,
which the RIRs have been managing for IPv4.
The general format for IPv6 global unicast addresses as defined in
"IP Version 6 Addressing Architecture" [ARCH] is as follows:
<global routing prefix>
<subnet ID>
<interface ID>
where the global routing prefix is a (typically
hierarchically-structured) value assigned to a site (a cluster of
subnets/links), the subnet ID is an identifier of a subnet within the
site, and the interface ID is as defined in section 2.5.1 of [ARCH].
The global routing prefix is designed to be structured hierarchically
by the RIRs and ISPs. The subnet field is designed to be structured
hierarchically by site administrators.
... in other words, a hierarchically structured internet = small routing tables. An internet
where every/24 can be located geographically
anywhere = BGP gets overloaded.
Languages are not application-neutral
on
Does C# Measure Up?
·
· Score: 5, Insightful
These articles set a metric of what is "good". They judge a bunch of languages based on this criteria, and announce a "winner".
This is just one way to slice the pie.
Languages are appropriate for different uses. I use C while kernel hacking. I use C++ for its template abstractions. I use PHP for web pages, Perl for command-line scripting. I use bash/tcsh for boot-scripts. I respect VB as an accessible language, but I have no use for a single-platform language.
What language you use depends on your application. Comparing C, C++, and C# is like comparing a wrench and a screw driver. And concluding they can both be used as a hammer.
The word "Security" is too big
on
Secure Programming
·
· Score: 2, Informative
"Security" is too big of a word.
There is a difference between
a program enforcing a division of data,
ensuring a program doesn't let any bits slip through the cracks, and
creating a system where people can do only the things they are allowed to do.
"Security" to me is (3). Security is a social construct. You can't have security until there is someone who's not allowed access to something.
I see a lot of talk about cryptography, preventing buffer overflows, and so forth. But the combining of these technologies in the design of a real-world security application is seldom discussed. It's a hard messy problem.
I suspect if we had a better understanding of the social aspects of security, more secure technology would follow.
Slashdot Mirror
Here's a crazy idea: if you crypto-sign all messages you send, it should be possible to check the signature in bounced messages and filter any unsigned bounced messages.
Prior art!? Bah! That's for the courts to figure out.
0-Day exploit opportunity!
Strong IP protection is for the incumbents, not future generations. :-\
If you don't already have a patent, you don't get to vote.
As soon as you start advertising caps, you open the door to pissing contests. Like we are seeing between web-mail vendors regarding storage space (GMail, Yahoo!, and their ilk)
ISPs avoid competitive disadvantage by advertising services as "unlimited". ISPs regulate use by casting "over-use" as abuse which will be curtailed.
In fact, the best scenario for the ISP is to scare the user base into self-monitoring to avoid the Bandwidth Police. Ambiguous limits and shady enforcement policies foster a sense of unease among users.
I'm wondering... what happens when someone writes a POP-fs plug-in and turns gmail into a networked filesystem?
I don't think the courts see their high cost as a bad thing. If courts were cheap, we'd see every school-yard dispute landing in front of a judge.
DVDs are released first in North America. Everyone else in the world has to wait 6-12 months.
How is this different from a password transmitted plain-text over the wire? The author is trying to use the port number as an information channel. As an information channel, all the same security problems exist as for regular channels. In this case, the "port number sequence" is unencrypted. So we're back to plain-text passwords...
The Internet today doesn't have a structure that reflects IP address allocation, thus requiring huge routing tables to be maintained by routers.
RFC 3587: Moreover, the allocation of IPv6 addresses is related to policy and to the stewardship of the IP address space and routing table size, which the RIRs have been managing for IPv4.
The general format for IPv6 global unicast addresses as defined in "IP Version 6 Addressing Architecture" [ARCH] is as follows:
<global routing prefix> <subnet ID> <interface ID>
where the global routing prefix is a (typically hierarchically-structured) value assigned to a site (a cluster of subnets/links), the subnet ID is an identifier of a subnet within the site, and the interface ID is as defined in section 2.5.1 of [ARCH]. The global routing prefix is designed to be structured hierarchically by the RIRs and ISPs. The subnet field is designed to be structured hierarchically by site administrators.
This is just one way to slice the pie.
Languages are appropriate for different uses. I use C while kernel hacking. I use C++ for its template abstractions. I use PHP for web pages, Perl for command-line scripting. I use bash/tcsh for boot-scripts. I respect VB as an accessible language, but I have no use for a single-platform language.
What language you use depends on your application. Comparing C, C++, and C# is like comparing a wrench and a screw driver. And concluding they can both be used as a hammer.
- a program enforcing a division of data,
- ensuring a program doesn't let any bits slip through the cracks, and
- creating a system where people can do only the things they are allowed to do.
"Security" to me is (3). Security is a social construct. You can't have security until there is someone who's not allowed access to something.I see a lot of talk about cryptography, preventing buffer overflows, and so forth. But the combining of these technologies in the design of a real-world security application is seldom discussed. It's a hard messy problem.
I suspect if we had a better understanding of the social aspects of security, more secure technology would follow.