We just take it at face value that he would, when in all likelihood, Smith jumping through Bane would be reduced to a useless mass of flesh, like Neo was upon his reawakening.
I never saw anything that indicated Neo didn't know how to control his flesh. The problem was that that body had spent 20+ years just sitting in a pod. It wasn't in any condition to do whatever it was his brain directed it to do. The Matrix experience would probably -have- to feature the nuances of humanism to be any good.
That part bothered me about Reloaded, along with how Neo "controlled" the squiddies.
This is a big weak point for me. Unless Neo has some new organ it's really unclear to me how he can connect to squiddies, etc. over a distance.
For a minute this sounded okay to me, then I got worried...
And if I can contact the CA then I have the address of someone who is supposed to know the sender.
What if he doesn't? Or what if he doesn't care if it's a spammer? What
if it's just some sockpuppet server spammers put up to act as a CA but
which otherwise does nothing objectionable? Or would the CA be breaking
some law doing that? I would have thought not, but we all seem to get new
laws all the time, so who knows...:-P
You could blackhole sockpuppet CAs on your mail server, or hope evil
script kiddies would run DDoS attacks against them, etc., but those kind
of seem like messiness hung on the side of something which previously had
appeared to be a reasonably straightforward solution. I guess you could
set up an RBL that listed IPs of bad CAs, but then we seem to be getting
near chasing our tails.
If it's self-signed then I have the sender's address (and a timestamp
if it's dynamic).
[Assuming you didn't shoot down my first concern] Would it necessarily
be any better than the addresses the spammers put in their headers now?
Anyone who is willing to let me identify him is probably okay.
I would agree that anyone who is willing to let you accurately
identify him is probably okay.
IIRC, the mplayer folks would rather that you compile it yourself so you can get tailor it specifically to your hardware for the best performance. If you really want packages, you can add, for example...
deb http://marillat.free.fr/ unstable main...to sources.list (there's also stable and testing).
I'm a pragmatist, though. I have to run a big server room, and I like to do useful things with my systems at home and the box I have colo'd up at an ISP. I'd like a technically superior distro that didn't care a whit about ideals. That was primarily my point. I understand this detracts from the goals of Debian - I didn't say it should _be_ Debian.
I've been a happy user of Debian since 1997 because I consider it the best distro for what I have used Linux for over the years (initially, just servers, but a year of so later for desktops, as well). The fact that Debian has ideals was not a factor in my choice, and it hasn't seemed to weaken the usefulness of the distro to me. The number of packages available is amazing and, best of all, Deb doesn't seem as eager as some other distros to lock you into admining your system Their Way. The "hold x86 back until it runs on all the platforms" component is bothersome, but more in theory than anything else... I can't say it has really impacted my work or pleasure in any significant way, but YMMV.
As I replied to someone else - is it possible that something besides Free software advocacy or money could serve as a motivator to produce a distro? I seem to remember a certain geek/hacker/whatever ethic that was the motivator behind a lot of development we did in the pre-Internet dark ages.
Making a whole new distro would seem like a waste of effort, at this point, especially when you can produce packages for existing distros that address whatever personal itch it is that you are implying needs to be scratched. On some of my machines (usu the desktops), my sources.list has a lot more than just the official Debian servers in it. I also usually compile primary services directly from source on "real servers" (for example, the webserver-related progs on a webserver) so I can have complete control over how they are set up, when they are upgraded, and so on. That may not be necessary anymore, but it's how I did it in the pre-Internet dark ages, and old habits are hard to break.;-) The point is, Debian has worked smoothly with all of those idiocyncracies (right or wrong) of mine. That's pretty impressive.
The Debian political process seems to have very little to do with that ethic, hence prompting the initial response.
I dunno... to me it sounds like you have a bigger problem with the impression that Debian creates rather than the actual distro they produce. I hope that these recent changes don't weaken the usefulness of the distro, but after giving me so many years of value, they've earned some "benefit of the doubt" from me.;-)
I'm not saying it should be mandated that these be installed in every single vehicle manufactured, but I see no reason why they shouldn't be admitted as evidence in a trial. Perhaps it will make people think twice before speeding like maniacs...
You don't have say it should be mandated... other folks will do it for you. I guess there are always going to be a percentage of people who harbor some variation of the "if you have nothing to hide then you should have no problem with this." The problem is always the same, though... you are not the one who gets to decide whether you have something to hide or not. There is absolutely nothing in the black box implementation that would make sure it can only be used to catch speeding maniacs. If the gov't wants to convict anyone who drove to an "illegal event" (their definition, of course... could be raves, political meetings...whatever they can get away with), for example, it would work just as well.
...*goes to check that his car doesn't have one*
ha ha ha. Of course, if you are successful in convincing enough people that it's "a rather good idea", they'll sit back when the gov't decides that it won't be optional anymore.
IMHO, the gov't should just get by with the old methods of convicting speeding maniacs.
i guess part of the reason for that is that programms like outlook are very tightly integrated into windows, so when an exploit for those is found, it often leads to the whole system being compromised.
True enough, and you reminded me of one of the vulnerabilities I saw
during one of my regular visits to Windows Update (emphasis added):
October 2003, Cumulative Patch for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB828750)
Download size: 1.8 MB
Security issues identified in Microsoft Internet Explorer (IE) could allow an attacker to compromise systems with IE installed (even if IE is not used as the Web browser). For example, an attacker could run programs on a computer used to view the attacker's Web site. [... ]
The feature found in some email clients that lets you bounce the email back AFTER reading it, is one of the best ways to get yourself removed from lists.
Hm... trying to bounce back that late in the process is questionable. Once the mail server drops its connection from the sending server, all it has left (aside from the IP address of the sending server) is stuff than can be forged. So, your mail client is likely to be bouncing back to some [previously-]uninvolved third party, even if it uses the envelope-from (as opposed to the From: header line).
Solaris on one of Sun's boxes is really something. Combined with Netscape Enterprise, and Tomcat.. they are robust. These things really can take a ton of traffic, and not sweat it.
That's true enough, as far as it goes, but doesn't explain how there are sites that handle many tons of traffic and run Linux (or *BSD, or whatever). The secret is that they use a different model. Instead of relying on a couple of all-powerful webserver boxes, they have a yet larger number of wimpy boxes. The cost difference is enough that they are still paying less, even though there are more boxes. Reliability is great, too, since the other boxes cover for the failed box until yet another of the relatively cheap boxes can be thrown in.
There are some applications where you need to do it all on one box... that's where Solaris on Sun hardware shines. Websites are just a poor example to choose to make the case.
Hm. One thing that keeps that from being funny, for me, is that it can't avoid bringing to mind the intolerably extended Ewok celebration scene that followed the speech in the movie.
I haven't noticed a problem in that regard. The difference is more that the Solaris system uses patches that update particular files (to change as little as possible, presumably), while the Linux model generally involves just replacing the current package with a newer version. The latter approach means that the updates are larger, but it also makes the dependency issues a lot easier to manage. My one annoyance with that method of simplifying the process is that they often play it too safe in checking dependencies... forcing me to upgrade more of the dependant packages than are really required. So, kind of the opposite of the concern you are presenting.
Another point to consider is that the approach Sun takes would never scale if Solaris offered anything like the number of packages that the Linux distros do. If people are also finding the Linux method easier to manage, as well as more featureful (and, frankly, more secure out of the box), that just shows what a disadvantage Sun is at these days. There are companies (including mine) that need some features that only Solaris on Sun hardware can supply, but much (most?) of Sun's customer base has got to be made up of people who would probably find they were happier with Linux/FreeBSD if they actually tried it. That's got to be pretty scary... not just for Sun, but, to a lesser extent, for the legion of contractors that so tirelessly push Sun-only solutions as resellers.
Depends on the make of the car. BMW, for example, only makes key information available to dealers... who only cut keys when you provide proof of ownership.
There is neverending supply of security stories about how the weakest links in security procedures are usually the humans involved. The fact is that they don't always do "only" what they are supposed to do. Even ignoring cases of actual corruption, there's plenty of room for commonplace social engineering tricks.
Don't get me wrong, I'm in the camp that thinks the risk of car thieves using a VIN to steal is car is minimal (at least until we get much fancier keys for our ignition systems)... I'm just pointing out that history says confidence in a system is misplaced if it depends on humans only doing the right thing. So, if you do actually think someone might want to swipe your BMW using the VIN, you really might want to obscure at least part of it by "accidentally" letting something slip down over it.
The only reasons you'd want a stop sign rather than a yield sign somewhere is if there is poor visibility or a huge speed difference between the intersecting roads.
...or if the requirements for getting a driver license were a lot more laid-back than in Northern Europe.;-)
Since it was modded down as flamebait I'm guessing it was because, in implying that all Americans are united in sharing a disdain for "ecological vehicles", it is flamebait. Since you didn't include that as one (or two) of your choices, perhaps that is okay with you, though. Anyway, I'm more mystified how it could be modded as funny, particularly in the context of someone actually posting for advice on more fuel-efficient vehicles. Seemed more like a distraction to me (and this post of mine provides tangible proof that it succeeded;-) ).
But then, this is slashdot... I might as well start asking why your post got modded as insightful. The modding system works so well that I would encourage anyone who can read reasonably quickly to config it to show everything down to a score 0, at least. True, it gives me a lot more to scroll through, but at least I get to judge for myself.
BTW, there's not much point in asking mods about their modding since they can't post to threads they've modded (well, for normal mods anyway).
Besides, it's hardly accurate to say that ISBN.nu is an "affiliate-free link". It's informative, but each of the links given appears to be an affiliate link. Nothing wrong with that, but it's not "affiliate-free" -- it's just funneling the money to someone other than CmdrTaco.
So much for my assumption that the AC who posted it was a BN exec, since they are the only ones who would benefit from someone buying the book through a nonaffiliate link.;-)
Anyway, my more serious assumption is the AC was not so much trying to avoid someone getting an affiliate fee as they were letting people know about a site that gives you a selection of booksellers to choose from. The inaccuracy was probably because they were in the grips of FP mania...:-P
I have no real experience with linux servers, but I did configure a solaris server before (as a for-fun pet project). It got hacked to high-heaven. So, uh, unix ain't so secure.
Solaris is definitely not secure out of the box. It is amusing to me that Debian, RedHat, SuSe, etc. all ship more secure than this highly-touted commercial Unix. Of course, it is easy to fix that (and there are loads of sites warning you of the dangers and telling you how to deal with it), but it's embarrassing that Sun continues to ship the box wide open.
They said "Install every patch"... on a Sparc 5... sure... I've got 3 days to spare, let me do that.
Installing the latest recommended patch cluster is simple enough (and takes a lot less than 3 days), but it won't fix the problems. Solaris ships with all kinds of services turned on that are totally inappropriate for anything but a very trusted environment. Always have and, it seems, always will. A lot like Windows, really, in that regard. Pretty funny, huh?
why would you expect a spam blocker out of an MTA?
I can't speak for everyone, of course, but I want my MTA to be involved whenever possible since I would prefer to jam the offending message back to the sending server whenever possible. If it can be set up to allow 3rd party filters to be plugged in, milter-fashion, so much the better. That way the MTA folks can work on the MTA and the filter folks can work on the filters.
Also, to come back to the parent poster's complaint, if you can properly deal with a simple IP/domain-based block right off the bat, rather than waiting for a per-message post-processor like spamassassin to handle it, you'll save noticeable amounts of resources (unless you are a small shop, I suppose). I like and use spamassassin, but it definitely doesn't scale as well as I would like... the more work I can offload from it, the better.
It makes me sad to see someone who thinks "technological solution" == "filters" get a +5 Insightful, but whatever. If you are a troll, derive whatever personal satisfaction you can from the fact that I am taking your post at face value...
Spam is a social problem, not a technological one.
You are missing the point of the spam problem. The fact that there are people who have no ethical problem engaging in spamming could be seen as a social problem, but their ability to engage in it is a technological problem. Spam exists because of the way our email system is designed, and that system is not some immutable force of nature. Change the system of incentives in that email system and, without changing human nature or the number of scam artists in existence, you will change the amount of spam in the email system. IOW, they currently use it because the technical design of our email system makes it easy for them to engage in their particular form of antisocial behavior. If and when it doesn't, they will not disappear (or, in most cases, give up antisocial behavior in general), they will just stop sending spam through the email system.
So, I agree that filters and so on are not solutions... after all, they only treat the symptoms. That isn't an argument against a technological solution, however. The people who are proposing "technological solutions" to the overall problem are actually talking about changes to the system itself, not filters slapped on top of it.
The difference is very straightforward (which is why you are getting modded as a troll). Advertising on the TV is supposed to be covering (or, at least, defraying) the cost of production of the programming. IOW, the more ads there are, the cheaper it is to provide access to the programming. Spam, on the other hand, dramatically increases the load on networks, mail servers, storage arrays, and user mailboxes and the spammers do not have to cover that cost. IOW, the more spam there is, the more expensive it is to provide Internet access.
This difference flows out of the other big difference: spam exists because of a loophole (the trusting design of SMTP) and not because someone in the supplier and consumer chain took some sort of extra step to allow it to be there. As a result, there is no option of charging the spammers to cover the cost of their spamming. So, until the email delivery infrastructure is made less implicitly trusting, spammers will have no incentive to keep stop abusing it.
That has got to be one of the worst articles I've read. Certainly that I've read, posted to Slashdot. The auther said abosultely nothing at all.
hmmm... assuming that you also suffered through the last Tom's hardware post to slashdot (the one on home networking), that's a pretty serious charge...
Back when I ran a business I used to get contacted a lot by reporters for comments on Internet-related news. I eventually got so frustrated with having them incorrectly paraphrase what I said inside quote marks that I gave up on it. Well, more accurately, I started telling them that I would only agree to the interview if they would give me a chance to review whatever they were going to attribute to me and surround with quote marks (IOW, they could still say things like 'bafu says that spam is...' without running it by me for accuracy, but not 'bafu says, "Spam is..."'). The difference being that most folks assume that if something is attributed to someone, in quote marks, then it is an actual quote, and not just some reporter paraphrasing you incorrectly. Hell, I didn't even care if they paraphrased me inside quote marks, as long as the new version was something I agreed with. Of course, they wouldn't agree (I hadn't expected they would), but after repeating the process enough times, with different organizations, I was eventually spared interviews. That was fine with me... I was tired of being quoted saying things that I would never say.;-)
I wonder why the http://www.freemikehawash.org/ link listed leads (at least at the moment) to that page so familiar to anyone who has installed the Apache package in Debian. Surely it hasn't been doing that the whole time. IM, I know not many people read the article, but really...
Um, I'm using Phoenix, what better browser is there?
Um, the next version of Phoenix...;-) Anyway, if you are using Phoenix then you're set... just copy the link location and paste it back into phoenix. No more REFERRER. Not sure if the paste-into-the-body thing works for all the platforms, tho...
Most of the people using sendmail (Myself included) use it because its the only option for our needs.
Until qmail and/or postfix reach the feature set of sendmail (or come anywhere near it) it will remain useless to me.
Unless you are a serious user of milter features (an extensive MIMEDefang
setup, for instance)
I think you'll find a switch to postfix or qmail to be a net plus. The learning curve probably won't be as bad as you assume... just set up a test server someplace and see what's actually involved in getting it to do what you want.
As a longtime sendmail admin myself, I think I can understand your resistence: "Why screw with a working mail setup?" But when you have to keep sweating repeated vulnerabilities in a huge process that runs as root, you have to start wondering how elastic the definition of "working" has become. Anyway, stop reading config docs and give one of the modern MTAs a real test drive!;-) You'll probably be pleased.
Slashdot Mirror
We just take it at face value that he would, when in all likelihood, Smith jumping through Bane would be reduced to a useless mass of flesh, like Neo was upon his reawakening.
I never saw anything that indicated Neo didn't know how to control his flesh. The problem was that that body had spent 20+ years just sitting in a pod. It wasn't in any condition to do whatever it was his brain directed it to do. The Matrix experience would probably -have- to feature the nuances of humanism to be any good.
That part bothered me about Reloaded, along with how Neo "controlled" the squiddies.
This is a big weak point for me. Unless Neo has some new organ it's really unclear to me how he can connect to squiddies, etc. over a distance.
The CA doesn't matter. [ ... ]
For a minute this sounded okay to me, then I got worried...
And if I can contact the CA then I have the address of someone who is supposed to know the sender.
What if he doesn't? Or what if he doesn't care if it's a spammer? What if it's just some sockpuppet server spammers put up to act as a CA but which otherwise does nothing objectionable? Or would the CA be breaking some law doing that? I would have thought not, but we all seem to get new laws all the time, so who knows... :-P
You could blackhole sockpuppet CAs on your mail server, or hope evil script kiddies would run DDoS attacks against them, etc., but those kind of seem like messiness hung on the side of something which previously had appeared to be a reasonably straightforward solution. I guess you could set up an RBL that listed IPs of bad CAs, but then we seem to be getting near chasing our tails.
If it's self-signed then I have the sender's address (and a timestamp if it's dynamic).
[Assuming you didn't shoot down my first concern] Would it necessarily be any better than the addresses the spammers put in their headers now?
Anyone who is willing to let me identify him is probably okay.
I would agree that anyone who is willing to let you accurately identify him is probably okay.
Anyway, just my $0.02...
IIRC, the mplayer folks would rather that you compile it yourself so you can get tailor it specifically to your hardware for the best performance. If you really want packages, you can add, for example... deb http://marillat.free.fr/ unstable main ...to sources.list (there's also stable and testing).
I'm a pragmatist, though. I have to run a big server room, and I like to do useful things with my systems at home and the box I have colo'd up at an ISP. I'd like a technically superior distro that didn't care a whit about ideals. That was primarily my point. I understand this detracts from the goals of Debian - I didn't say it should _be_ Debian.
I've been a happy user of Debian since 1997 because I consider it the best distro for what I have used Linux for over the years (initially, just servers, but a year of so later for desktops, as well). The fact that Debian has ideals was not a factor in my choice, and it hasn't seemed to weaken the usefulness of the distro to me. The number of packages available is amazing and, best of all, Deb doesn't seem as eager as some other distros to lock you into admining your system Their Way. The "hold x86 back until it runs on all the platforms" component is bothersome, but more in theory than anything else... I can't say it has really impacted my work or pleasure in any significant way, but YMMV.
As I replied to someone else - is it possible that something besides Free software advocacy or money could serve as a motivator to produce a distro? I seem to remember a certain geek/hacker/whatever ethic that was the motivator behind a lot of development we did in the pre-Internet dark ages.
Making a whole new distro would seem like a waste of effort, at this point, especially when you can produce packages for existing distros that address whatever personal itch it is that you are implying needs to be scratched. On some of my machines (usu the desktops), my sources.list has a lot more than just the official Debian servers in it. I also usually compile primary services directly from source on "real servers" (for example, the webserver-related progs on a webserver) so I can have complete control over how they are set up, when they are upgraded, and so on. That may not be necessary anymore, but it's how I did it in the pre-Internet dark ages, and old habits are hard to break. ;-) The point is, Debian has worked smoothly with all of those idiocyncracies (right or wrong) of mine. That's pretty impressive.
The Debian political process seems to have very little to do with that ethic, hence prompting the initial response.
I dunno... to me it sounds like you have a bigger problem with the impression that Debian creates rather than the actual distro they produce. I hope that these recent changes don't weaken the usefulness of the distro, but after giving me so many years of value, they've earned some "benefit of the doubt" from me. ;-)
It's funny that you bring Firebird up since it's really been bugging me that unstable is still at 0.6.*. ;-)
I'm not saying it should be mandated that these be installed in every single vehicle manufactured, but I see no reason why they shouldn't be admitted as evidence in a trial. Perhaps it will make people think twice before speeding like maniacs...
You don't have say it should be mandated... other folks will do it for you. I guess there are always going to be a percentage of people who harbor some variation of the "if you have nothing to hide then you should have no problem with this." The problem is always the same, though... you are not the one who gets to decide whether you have something to hide or not. There is absolutely nothing in the black box implementation that would make sure it can only be used to catch speeding maniacs. If the gov't wants to convict anyone who drove to an "illegal event" (their definition, of course... could be raves, political meetings ...whatever they can get away with), for example, it would work just as well.
ha ha ha. Of course, if you are successful in convincing enough people that it's "a rather good idea", they'll sit back when the gov't decides that it won't be optional anymore.
IMHO, the gov't should just get by with the old methods of convicting speeding maniacs.
electric cars are begining to creep into our cities
Nice. Making fun of the performance of electric cars... ;-)
i guess part of the reason for that is that programms like outlook are very tightly integrated into windows, so when an exploit for those is found, it often leads to the whole system being compromised.
True enough, and you reminded me of one of the vulnerabilities I saw during one of my regular visits to Windows Update (emphasis added):
October 2003, Cumulative Patch for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB828750)Download size: 1.8 MB
Security issues identified in Microsoft Internet Explorer (IE) could allow an attacker to compromise systems with IE installed (even if IE is not used as the Web browser). For example, an attacker could run programs on a computer used to view the attacker's Web site. [
The feature found in some email clients that lets you bounce the email back AFTER reading it, is one of the best ways to get yourself removed from lists.
Hm... trying to bounce back that late in the process is questionable. Once the mail server drops its connection from the sending server, all it has left (aside from the IP address of the sending server) is stuff than can be forged. So, your mail client is likely to be bouncing back to some [previously-]uninvolved third party, even if it uses the envelope-from (as opposed to the From: header line).
Solaris on one of Sun's boxes is really something. Combined with Netscape Enterprise, and Tomcat.. they are robust. These things really can take a ton of traffic, and not sweat it.
That's true enough, as far as it goes, but doesn't explain how there are sites that handle many tons of traffic and run Linux (or *BSD, or whatever). The secret is that they use a different model. Instead of relying on a couple of all-powerful webserver boxes, they have a yet larger number of wimpy boxes. The cost difference is enough that they are still paying less, even though there are more boxes. Reliability is great, too, since the other boxes cover for the failed box until yet another of the relatively cheap boxes can be thrown in.
There are some applications where you need to do it all on one box... that's where Solaris on Sun hardware shines. Websites are just a poor example to choose to make the case.
Hm. One thing that keeps that from being funny, for me, is that it can't avoid bringing to mind the intolerably extended Ewok celebration scene that followed the speech in the movie.
I hate you for that reminder.
I haven't noticed a problem in that regard. The difference is more that the Solaris system uses patches that update particular files (to change as little as possible, presumably), while the Linux model generally involves just replacing the current package with a newer version. The latter approach means that the updates are larger, but it also makes the dependency issues a lot easier to manage. My one annoyance with that method of simplifying the process is that they often play it too safe in checking dependencies... forcing me to upgrade more of the dependant packages than are really required. So, kind of the opposite of the concern you are presenting.
Another point to consider is that the approach Sun takes would never scale if Solaris offered anything like the number of packages that the Linux distros do. If people are also finding the Linux method easier to manage, as well as more featureful (and, frankly, more secure out of the box), that just shows what a disadvantage Sun is at these days. There are companies (including mine) that need some features that only Solaris on Sun hardware can supply, but much (most?) of Sun's customer base has got to be made up of people who would probably find they were happier with Linux/FreeBSD if they actually tried it. That's got to be pretty scary... not just for Sun, but, to a lesser extent, for the legion of contractors that so tirelessly push Sun-only solutions as resellers.
Depends on the make of the car. BMW, for example, only makes key information available to dealers... who only cut keys when you provide proof of ownership.
There is neverending supply of security stories about how the weakest links in security procedures are usually the humans involved. The fact is that they don't always do "only" what they are supposed to do. Even ignoring cases of actual corruption, there's plenty of room for commonplace social engineering tricks.
Don't get me wrong, I'm in the camp that thinks the risk of car thieves using a VIN to steal is car is minimal (at least until we get much fancier keys for our ignition systems)... I'm just pointing out that history says confidence in a system is misplaced if it depends on humans only doing the right thing. So, if you do actually think someone might want to swipe your BMW using the VIN, you really might want to obscure at least part of it by "accidentally" letting something slip down over it.
The only reasons you'd want a stop sign rather than a yield sign somewhere is if there is poor visibility or a huge speed difference between the intersecting roads.
...or if the requirements for getting a driver license were a lot more laid-back than in Northern Europe. ;-)
Since it was modded down as flamebait I'm guessing it was because, in implying that all Americans are united in sharing a disdain for "ecological vehicles", it is flamebait. Since you didn't include that as one (or two) of your choices, perhaps that is okay with you, though. Anyway, I'm more mystified how it could be modded as funny, particularly in the context of someone actually posting for advice on more fuel-efficient vehicles. Seemed more like a distraction to me (and this post of mine provides tangible proof that it succeeded ;-) ).
But then, this is slashdot... I might as well start asking why your post got modded as insightful. The modding system works so well that I would encourage anyone who can read reasonably quickly to config it to show everything down to a score 0, at least. True, it gives me a lot more to scroll through, but at least I get to judge for myself.
BTW, there's not much point in asking mods about their modding since they can't post to threads they've modded (well, for normal mods anyway).
Besides, it's hardly accurate to say that ISBN.nu is an "affiliate-free link". It's informative, but each of the links given appears to be an affiliate link. Nothing wrong with that, but it's not "affiliate-free" -- it's just funneling the money to someone other than CmdrTaco.
So much for my assumption that the AC who posted it was a BN exec, since they are the only ones who would benefit from someone buying the book through a nonaffiliate link. ;-)
Anyway, my more serious assumption is the AC was not so much trying to avoid someone getting an affiliate fee as they were letting people know about a site that gives you a selection of booksellers to choose from. The inaccuracy was probably because they were in the grips of FP mania... :-P
I have no real experience with linux servers, but I did configure a solaris server before (as a for-fun pet project). It got hacked to high-heaven. So, uh, unix ain't so secure.
Solaris is definitely not secure out of the box. It is amusing to me that Debian, RedHat, SuSe, etc. all ship more secure than this highly-touted commercial Unix. Of course, it is easy to fix that (and there are loads of sites warning you of the dangers and telling you how to deal with it), but it's embarrassing that Sun continues to ship the box wide open.
They said "Install every patch"... on a Sparc 5... sure... I've got 3 days to spare, let me do that.
Installing the latest recommended patch cluster is simple enough (and takes a lot less than 3 days), but it won't fix the problems. Solaris ships with all kinds of services turned on that are totally inappropriate for anything but a very trusted environment. Always have and, it seems, always will. A lot like Windows, really, in that regard. Pretty funny, huh?
why would you expect a spam blocker out of an MTA?
I can't speak for everyone, of course, but I want my MTA to be involved whenever possible since I would prefer to jam the offending message back to the sending server whenever possible. If it can be set up to allow 3rd party filters to be plugged in, milter-fashion, so much the better. That way the MTA folks can work on the MTA and the filter folks can work on the filters.
Also, to come back to the parent poster's complaint, if you can properly deal with a simple IP/domain-based block right off the bat, rather than waiting for a per-message post-processor like spamassassin to handle it, you'll save noticeable amounts of resources (unless you are a small shop, I suppose). I like and use spamassassin, but it definitely doesn't scale as well as I would like... the more work I can offload from it, the better.
It makes me sad to see someone who thinks "technological solution" == "filters" get a +5 Insightful, but whatever. If you are a troll, derive whatever personal satisfaction you can from the fact that I am taking your post at face value...
Spam is a social problem, not a technological one.
You are missing the point of the spam problem. The fact that there are people who have no ethical problem engaging in spamming could be seen as a social problem, but their ability to engage in it is a technological problem. Spam exists because of the way our email system is designed, and that system is not some immutable force of nature. Change the system of incentives in that email system and, without changing human nature or the number of scam artists in existence, you will change the amount of spam in the email system. IOW, they currently use it because the technical design of our email system makes it easy for them to engage in their particular form of antisocial behavior. If and when it doesn't, they will not disappear (or, in most cases, give up antisocial behavior in general), they will just stop sending spam through the email system.
So, I agree that filters and so on are not solutions... after all, they only treat the symptoms. That isn't an argument against a technological solution, however. The people who are proposing "technological solutions" to the overall problem are actually talking about changes to the system itself, not filters slapped on top of it.
The difference is very straightforward (which is why you are getting modded as a troll). Advertising on the TV is supposed to be covering (or, at least, defraying) the cost of production of the programming. IOW, the more ads there are, the cheaper it is to provide access to the programming. Spam, on the other hand, dramatically increases the load on networks, mail servers, storage arrays, and user mailboxes and the spammers do not have to cover that cost. IOW, the more spam there is, the more expensive it is to provide Internet access.
This difference flows out of the other big difference: spam exists because of a loophole (the trusting design of SMTP) and not because someone in the supplier and consumer chain took some sort of extra step to allow it to be there. As a result, there is no option of charging the spammers to cover the cost of their spamming. So, until the email delivery infrastructure is made less implicitly trusting, spammers will have no incentive to keep stop abusing it.
That has got to be one of the worst articles I've read. Certainly that I've read, posted to Slashdot. The auther said abosultely nothing at all.
hmmm... assuming that you also suffered through the last Tom's hardware post to slashdot (the one on home networking), that's a pretty serious charge...
Back when I ran a business I used to get contacted a lot by reporters for comments on Internet-related news. I eventually got so frustrated with having them incorrectly paraphrase what I said inside quote marks that I gave up on it. Well, more accurately, I started telling them that I would only agree to the interview if they would give me a chance to review whatever they were going to attribute to me and surround with quote marks (IOW, they could still say things like 'bafu says that spam is ...' without running it by me for accuracy, but not 'bafu says, "Spam is ..."'). The difference being that most folks assume that if something is attributed to someone, in quote marks, then it is an actual quote, and not just some reporter paraphrasing you incorrectly. Hell, I didn't even care if they paraphrased me inside quote marks, as long as the new version was something I agreed with. Of course, they wouldn't agree (I hadn't expected they would), but after repeating the process enough times, with different organizations, I was eventually spared interviews. That was fine with me... I was tired of being quoted saying things that I would never say. ;-)
I wonder why the http://www.freemikehawash.org/ link listed leads (at least at the moment) to that page so familiar to anyone who has installed the Apache package in Debian. Surely it hasn't been doing that the whole time. IM, I know not many people read the article, but really...
Um, I'm using Phoenix, what better browser is there?
Um, the next version of Phoenix... ;-) Anyway, if you are using Phoenix then you're set... just copy the link location and paste it back into phoenix. No more REFERRER. Not sure if the paste-into-the-body thing works for all the platforms, tho...
Unless you are a serious user of milter features (an extensive MIMEDefang setup, for instance) I think you'll find a switch to postfix or qmail to be a net plus. The learning curve probably won't be as bad as you assume... just set up a test server someplace and see what's actually involved in getting it to do what you want.
As a longtime sendmail admin myself, I think I can understand your resistence: "Why screw with a working mail setup?" But when you have to keep sweating repeated vulnerabilities in a huge process that runs as root, you have to start wondering how elastic the definition of "working" has become. Anyway, stop reading config docs and give one of the modern MTAs a real test drive! ;-) You'll probably be pleased.