I'm sure that is what the spammers hope and believe, but in fact most Bayesian filters associate a probability factor to each token or word, and they make a decision based on the set of tokens with the highest or lowest scores. For example, in Paul Graham's seminal Plan for Spam he describes using only the 15 most significant tokens to make the determination of the message's spamminess. So it really doesn't help to try to bury words like "penis" or "viagra" in a mass of obscure or invented words, however large; the filters will ignore those and home in on the bad words.
In fact, the spammers' choice of obscure or invented words as padding is dumb. If they would use regular words such as do occur in the legitimate email you want to read, there's actually a chance that over time they could render Bayesian filters less potent, because the good words would become more associated with spam than with legitimate mail. Careful attention to the training corpus is needed to avoid this happening.
The spam message consists of "good" words and "bad" words. The "bad" words are the true message that the spammer wants the victim to read.
The "good" words are in the clear and serve to get the message through the bayesian filters; however they are hidden from the victim by being rendered in zero size fonts, white on white, within HTML comments etc.
The "bad" words are obscured from the filters by means of HTML encodings, being split by HTML comments, etc., but will show up large as life in the victim's Outlook client.
They have/had a product, Lotus Translation Services for Sametime, that plugs into their Sametime IM system and does translation by interfacing to some separate tranlsation server, such as their own WebSphere Translation product. They even have a demo of it on the web.
There may be detail differences in the implementation that the Microsoft patent application describes, but in general this is nothing new.
Why on Earth has humanity (or at least, western civilization) reached this point where every misfortune that occurs has to be someone else's fault? Surely sometimes, maybe even often, it's no-one's fault in particular. Or it's your own damn fault. After all, shit happens.
And how come in Germany, as it seems, even if you disclaim liability to the extent that most software suppliers do, you are still to blame, even if you supply the software (as most Open Source suppliers do), essentially or entirely at no cost?
You could look at SwiftFile from IBM's Alphaworks. IBM employees have some additional options and should check out the internal "stop-spam" forum for recommendations. One research product in particular regularly gets deserved high praise.
For an article in an "IT tech" section of a paper, this is really very weak.
It really doesn't do much more than precis Paul Graham's arguments, then ends in a blatant plug for just one Outlook addon.
I suppose if there are still people in the column's audience who haven't heard this all before, and it gets the message out that spam can be effectively filtered, it's a minor goodness.
A. Benchmarking is a black art, and benchmark results more often than not bear little or no relation to reality (i.e. the actual performance you will get, today, running your particular workload). Talk to anyone who does it for a living and they are the first to admit that.
B. Benchmarks are very rarely impartial. Whoever is footing the not inconsiderable bill for a properly-done benchmark will have a result they want to see, and the benchmarkers can do a lot to make sure they do see it.
C. "Perception is reality" is a well-known saying in marketing. It doesn't actually matter whether the perception is correct. If Joe Sixpack believes he has bought the fastest PC in the world, he will be happy. More so since he most likely has nothing on hand to compare it to.
D. The speed this industry moves at, there will be a faster one along in a month or less, so if you really want something faster, wait for it.
E. All this debating about which is faster is more like masturbating. And "Masturbation, although an inherently pointless way to pass time, is at least enjoyable. Comparing PC performance is equally pointless, but rather less fun. The conventional epithet applied to those who engage in the former to excess is equally applicable to those who persist in the latter."
I was all set to return that disc and complain when I saw the "copy protected" labels on it. I ordered it from play.com, who described it as a CD, but what arrived is certainly not a regular CD, in that it has none of the CD logos, and it has a "compatibility" box on the cover that says what it will or won't play on. (BTW I received the Canadian version although I am in UK.)
But I thought, what the hell, I'll try it and see. Stuck it in the drive and fired up K3B, which promptly asked me if I wanted to mount the data part or the audio part. Chose the audio part and proceeded to rip all 14 tracks straight off, no problem:-)
Guess what? Linux is one of the things they say the disc doesn't work on. In fact, the only things that don't work on Linux are the dumb "copy protection" and the stupid Windows executables for their lame reduced quality player, and who cares about that?
Despite rumours, I can also report that this CD works as normal in both my cars' CD changers (Ford and Audi), and in all 5 of the the "regular" CD players in the house. In fact, the only place I've found it doesn't work is on Windows 2000; for some reason when I insert the CD under W2K, nothing at all happens. Attempts to play it with Winamp cause that app to hang in a serious way. Since W2K is an environment that they advertise it explicitly should work on, I believe I might have a basis for getting a refund...
I am not enough of a security geek to fault this article on any technical detail, but surely the main message is that no matter what technical measures you take, any dumb user can totally subvert all your efforts by inadvertantly, unwittingly, or even maliciously running code on a personal system inside the secured network that opens a tunnel to the outside. Hence the title of the article.
The concluding sentences contain the main learning point, as I see it: you need a way to identify all connections down to the source (user). And you need to make sure that all those dumb users know you're watching them and that you will hold them accountable for breaches of security that they initiate.
Or is all that so obvious that no-one has felt the need to point it out?
Why would anyone set up one of these machines of they were not expecting to make money from it? Why would anyone play one of these machines if they were not prepared, on average, to lose their money? It has to be that way.
Slot machines, lotteries, horse-racing; all are a tax on stupidity, plain and simple.
Save your money, ignore these entertainments unless you value your cash less than the "enjoyment" you get from the simple act of playing them. Do not expect to win.
I work from home a couple of days each week, from choice, because I can get peace & quiet to work uninterrupted. I'm not sure I'd want to do it full-time, for reasons such as have been highlighted by other posters - like personal motivation, the need to see people face-to-face once in a while, meetings with partners, vendors, etc.
However, at the company I work for, there are some useful things to help stave off the loneliness thing:
we have an internal IM system, which means that most of my colleagues are easily reachable and I get a sense of "who's in", even though like me, many of them may well be working at home. In fact, since many of them are in different coutries and timezones, I don't see them even when I'm in the office.
we also have a series of internal discussion groups on an NNTP server, covering all kinds of technical and non-technical topics. There are several "watercooler" type groups where people exchange funny stories, gossip, and so on. All of it strictly business-related, of course:-)
Neither of these things is hard to set up, and they go a surprisingly long way to make up for the lack of a sense of community that comes from working on your own at home.
Scott has been spending his time on futile rants about Microsoft who don't even make hardware - his core market while Linux, IBM and now HP eat his lunch.
Anytime a business "leader" starts focussing on the competition instead of on the customer, the writing is on the wall. I've seen this time and again. It's understandable, but it's just so dumb.
IBM has a comprehensive and stricly-enforced internal set of guidelines that any employee who works on OSS projects, whether on IBM's time or on his/her own time, must read, understand, and certify compliance with. It's a condition of employment, even. And there's an approval process that must be used (and I quote):
whenever an IBM group wants to:
start or join an OSS project with the intention of contributing code to the project and/or maintaining the code base;
include third party OSS with an IBM product or service;
ship some or all of an IBM product in source code form under an open source license;
publish the source code for a reference implementation.
IANAL, but it seems to me that there must be a defensive line against the SCO suit in the mere fact that it has promulgated that policy. Of course the existence of the policy is no guarantee that it is going to be adhered to 100%, but in the (unlikely) event that SCO is able to establish that some illegal copying of their material did take place, the corporation can hold its hands up and ask what more it could have done to prevent it.
As I read it, the suggestion is not that government must use open source, but rather that open source must be considered.
Of course you are going to make a decision based on the overall business case and the specific technical requirements that your various user populations have.
No. The consumer thought "that printer's a bargain," and probably never looked at how much the replacement cartridges would cost.
If you've ever seen Joe Public consumers in PC stores who have just heard for the first time how much a replacement cartridge is going to cost them, you would not claim that they knowingly and willingly agreed to take a discount on the hardware in return for the privilege of paying through the nose for the consumables.
In any case, the point I'm trying to make is that it is surely unacceptable for the printer to refuse to use an "expired" but still viable cartridge. By all means alert the user to its status, but give him/her the choice whether to go ahead and attempt to print with it. Then the consumer truly would be making an informed decision.
Another thing that really p's me off with this scheme is that some not insubstantial proportion of the inflated price of the replacement cartridge must be the cost of the circuitry to render it useless. I'm sure the consumer would be delighted to learn that he is paying extra so that a couple of years down the road the thing he's buying can self-destruct, whether it needs to or not.
Vote with you wallet, not by complaining on some anonymous message board.
Oh I do, and I will. I have two Canon inkjets that I'm very happy with, and I've been running them both on third-party cartridges for as long as I've had them.
The market chose the second option some years back
I don't agree. Sure, people were suckered into buying "cheap" inkjet printers but don't try to tell me they did this in the full realization they would get ripped off on the ink.
Refusing to use a cartridge that is not exhausted is unforgivable. I'd have no objection to the printer (driver) complaining that the cart is old and advising me that the print quality may be less than optimal - in fact that would be a welcome feature. But to refuse to work? GMAB.
I will not be buying an HP printer.
Could be more appealing to the minicab operators?
on
Using GPS to Hail Cabs
·
· Score: 3, Informative
In London, only the licensed black cabs are permitted to to pick up passengers who hail them on the street. But there are also armies of more-or-less-dodgy minicab operators who work on the basis that the car is pre-ordered, by the customer calling the minicab company's office, who dispatch a car to you by radio.
This new system sounds like it would be ideal for the minicab operators, because a punter calling in and using this service is in effect ordering the car as opposed to hailing it on the street, yet the turnaround time should be a lot quicker.
Her in the UK, there are housing developments that were connected up with optical fibre for the phone service, and it all sounded terrific at the time.
Now the residents are up in arms because BT cannot/will not provide them with a broadband service over the fibre. ADSL is pretty much all they have to offer, and it has to run over a copper pair.
As others have commented, Felten doesn't say a lot or add much value to the debate that I can see.
On the other hand, just yesterday I stumbled across a couple of [PDF] white papers by Andrew Frank and others at divine.com which are really rathergood.
The first of these is a couple of years old, the second is a 2002 follow-up, and I'm kind of surprised I've seen no reference to them before now.
Although written from the perspective of a consultant pitching to the content provider industry, these tell it like it is: either the industry "gets it" and develops a compelling digital delivery proposition, or any and all of their DRM efforts will merely accelerate Darwinian processes in the P2P and filesharing fields that make their loss of control over distribution inevitable.
The capabilities of the current and imminent crop of mobile gaming platforms (i.e. Java-enabled cellphones, etc), means that these 10-15 year old PC games are going to be about state of the art on them. There's potentially a lot of money to be made by selling download rights on implementations of these games.
I'm not saying that's what *is* behind an action such as IDSA's, but it wouldn't surprise me if the copyright owners have started to smell the coffee.
To stay with *your* analogy, however, you can only eat the burger you buy in the Walmart as long as you remain in the Walmart store (or another Walmart store). As soon as you leave the building, it turns to dust.
The burger you buy in MacDonalds you can eat anywhere.
I refer of course to the level of cross-platform support for.NET (MONO notwithstanding).
Slashdot Mirror
I'm sure that is what the spammers hope and believe, but in fact most Bayesian filters associate a probability factor to each token or word, and they make a decision based on the set of tokens with the highest or lowest scores. For example, in Paul Graham's seminal Plan for Spam he describes using only the 15 most significant tokens to make the determination of the message's spamminess. So it really doesn't help to try to bury words like "penis" or "viagra" in a mass of obscure or invented words, however large; the filters will ignore those and home in on the bad words.
In fact, the spammers' choice of obscure or invented words as padding is dumb. If they would use regular words such as do occur in the legitimate email you want to read, there's actually a chance that over time they could render Bayesian filters less potent, because the good words would become more associated with spam than with legitimate mail. Careful attention to the training corpus is needed to avoid this happening.
The spam message consists of "good" words and "bad" words. The "bad" words are the true message that the spammer wants the victim to read.
The "good" words are in the clear and serve to get the message through the bayesian filters; however they are hidden from the victim by being rendered in zero size fonts, white on white, within HTML comments etc.
The "bad" words are obscured from the filters by means of HTML encodings, being split by HTML comments, etc., but will show up large as life in the victim's Outlook client.
But yes, the spammers are stupid.
They have/had a product, Lotus Translation Services for Sametime, that plugs into their Sametime IM system and does translation by interfacing to some separate tranlsation server, such as their own WebSphere Translation product. They even have a demo of it on the web.
There may be detail differences in the implementation that the Microsoft patent application describes, but in general this is nothing new.
Why on Earth has humanity (or at least, western civilization) reached this point where every misfortune that occurs has to be someone else's fault? Surely sometimes, maybe even often, it's no-one's fault in particular. Or it's your own damn fault. After all, shit happens.
And how come in Germany, as it seems, even if you disclaim liability to the extent that most software suppliers do, you are still to blame, even if you supply the software (as most Open Source suppliers do), essentially or entirely at no cost?
Good grief.
You could look at SwiftFile from IBM's Alphaworks. IBM employees have some additional options and should check out the internal "stop-spam" forum for recommendations. One research product in particular regularly gets deserved high praise.
This is exactly what SwiftFile does for Lotus Notes.
OK, it's not the most widely used email client among Slashdot readers, but it is very extensible and this is just one example.
For an article in an "IT tech" section of a paper, this is really very weak.
It really doesn't do much more than precis Paul Graham's arguments, then ends in a blatant plug for just one Outlook addon.
I suppose if there are still people in the column's audience who haven't heard this all before, and it gets the message out that spam can be effectively filtered, it's a minor goodness.
A. Benchmarking is a black art, and benchmark results more often than not bear little or no relation to reality (i.e. the actual performance you will get, today, running your particular workload). Talk to anyone who does it for a living and they are the first to admit that.
B. Benchmarks are very rarely impartial. Whoever is footing the not inconsiderable bill for a properly-done benchmark will have a result they want to see, and the benchmarkers can do a lot to make sure they do see it.
C. "Perception is reality" is a well-known saying in marketing. It doesn't actually matter whether the perception is correct. If Joe Sixpack believes he has bought the fastest PC in the world, he will be happy. More so since he most likely has nothing on hand to compare it to.
D. The speed this industry moves at, there will be a faster one along in a month or less, so if you really want something faster, wait for it.
E. All this debating about which is faster is more like masturbating. And "Masturbation, although an inherently pointless way to pass time, is at least enjoyable. Comparing PC performance is equally pointless, but rather less fun. The conventional epithet applied to those who engage in the former to excess is equally applicable to those who persist in the latter."
I had no trouble at all ripping the tracks from a Canadian copy that I got from play.com - using K3B on Linux. See this post.
I was all set to return that disc and complain when I saw the "copy protected" labels on it. I ordered it from play.com, who described it as a CD, but what arrived is certainly not a regular CD, in that it has none of the CD logos, and it has a "compatibility" box on the cover that says what it will or won't play on. (BTW I received the Canadian version although I am in UK.)
:-)
But I thought, what the hell, I'll try it and see. Stuck it in the drive and fired up K3B, which promptly asked me if I wanted to mount the data part or the audio part. Chose the audio part and proceeded to rip all 14 tracks straight off, no problem
Guess what? Linux is one of the things they say the disc doesn't work on. In fact, the only things that don't work on Linux are the dumb "copy protection" and the stupid Windows executables for their lame reduced quality player, and who cares about that?
Despite rumours, I can also report that this CD works as normal in both my cars' CD changers (Ford and Audi), and in all 5 of the the "regular" CD players in the house. In fact, the only place I've found it doesn't work is on Windows 2000; for some reason when I insert the CD under W2K, nothing at all happens. Attempts to play it with Winamp cause that app to hang in a serious way. Since W2K is an environment that they advertise it explicitly should work on, I believe I might have a basis for getting a refund...
The concluding sentences contain the main learning point, as I see it: you need a way to identify all connections down to the source (user).
And you need to make sure that all those dumb users know you're watching them and that you will hold them accountable for breaches of security that they initiate.
Or is all that so obvious that no-one has felt the need to point it out?
Why would anyone set up one of these machines of they were not expecting to make money from it?
Why would anyone play one of these machines if they were not prepared, on average, to lose their money?
It has to be that way.
Slot machines, lotteries, horse-racing; all are a tax on stupidity, plain and simple.
Save your money, ignore these entertainments unless you value your cash less than the "enjoyment" you get from the simple act of playing them. Do not expect to win.
However, at the company I work for, there are some useful things to help stave off the loneliness thing:
Neither of these things is hard to set up, and they go a surprisingly long way to make up for the lack of a sense of community that comes from working on your own at home.
According to the translation, As the Zaurus SL-C700 the new PDAs feature the Linux OS and the unique 2-way folding of the screen.
Scott has been spending his time on futile rants about Microsoft who don't even make hardware - his core market while Linux, IBM and now HP eat his lunch.
Anytime a business "leader" starts focussing on the competition instead of on the customer, the writing is on the wall. I've seen this time and again. It's understandable, but it's just so dumb.
IANAL, but it seems to me that there must be a defensive line against the SCO suit in the mere fact that it has promulgated that policy. Of course the existence of the policy is no guarantee that it is going to be adhered to 100%, but in the (unlikely) event that SCO is able to establish that some illegal copying of their material did take place, the corporation can hold its hands up and ask what more it could have done to prevent it.
As I read it, the suggestion is not that government must use open source, but rather that open source must be considered.
Of course you are going to make a decision based on the overall business case and the specific technical requirements that your various user populations have.
the consumer has obviously chosen the latter
No. The consumer thought "that printer's a bargain," and probably never looked at how much the replacement cartridges would cost.
If you've ever seen Joe Public consumers in PC stores who have just heard for the first time how much a replacement cartridge is going to cost them, you would not claim that they knowingly and willingly agreed to take a discount on the hardware in return for the privilege of paying through the nose for the consumables.
In any case, the point I'm trying to make is that it is surely unacceptable for the printer to refuse to use an "expired" but still viable cartridge. By all means alert the user to its status, but give him/her the choice whether to go ahead and attempt to print with it. Then the consumer truly would be making an informed decision.
Another thing that really p's me off with this scheme is that some not insubstantial proportion of the inflated price of the replacement cartridge must be the cost of the circuitry to render it useless. I'm sure the consumer would be delighted to learn that he is paying extra so that a couple of years down the road the thing he's buying can self-destruct, whether it needs to or not.
Vote with you wallet, not by complaining on some anonymous message board.
Oh I do, and I will. I have two Canon inkjets that I'm very happy with, and I've been running them both on third-party cartridges for as long as I've had them.
The market chose the second option some years back
I don't agree. Sure, people were suckered into buying "cheap" inkjet printers but don't try to tell me they did this in the full realization they would get ripped off on the ink.
Refusing to use a cartridge that is not exhausted is unforgivable. I'd have no objection to the printer (driver) complaining that the cart is old and advising me that the print quality may be less than optimal - in fact that would be a welcome feature. But to refuse to work? GMAB.
I will not be buying an HP printer.
In London, only the licensed black cabs are permitted to to pick up passengers who hail them on the street. But there are also armies of more-or-less-dodgy minicab operators who work on the basis that the car is pre-ordered, by the customer calling the minicab company's office, who dispatch a car to you by radio.
This new system sounds like it would be ideal for the minicab operators, because a punter calling in and using this service is in effect ordering the car as opposed to hailing it on the street, yet the turnaround time should be a lot quicker.
The black cab drivers are going to hate this...
Her in the UK, there are housing developments that were connected up with optical fibre for the phone service, and it all sounded terrific at the time.
Now the residents are up in arms because BT cannot/will not provide them with a broadband service over the fibre. ADSL is pretty much all they have to offer, and it has to run over a copper pair.
Go to the IBM RedBooks site and do some searching for "iSeries" and/or "AS/400". You will find a huge amount of useful information.
As others have commented, Felten doesn't say a lot or add much value to the debate that I can see.
On the other hand, just yesterday I stumbled across a couple of [PDF] white papers by Andrew Frank and others at divine.com which are really rather good.
The first of these is a couple of years old, the second is a 2002 follow-up, and I'm kind of surprised I've seen no reference to them before now.
Although written from the perspective of a consultant pitching to the content provider industry, these tell it like it is: either the industry "gets it" and develops a compelling digital delivery proposition, or any and all of their DRM efforts will merely accelerate Darwinian processes in the P2P and filesharing fields that make their loss of control over distribution inevitable.
The capabilities of the current and imminent crop of mobile gaming platforms (i.e. Java-enabled cellphones, etc), means that these 10-15 year old PC games are going to be about state of the art on them. There's potentially a lot of money to be made by selling download rights on implementations of these games.
I'm not saying that's what *is* behind an action such as IDSA's, but it wouldn't surprise me if the copyright owners have started to smell the coffee.
To stay with *your* analogy, however, you can only eat the burger you buy in the Walmart as long as you remain in the Walmart store (or another Walmart store). As soon as you leave the building, it turns to dust.
.NET (MONO notwithstanding).
The burger you buy in MacDonalds you can eat anywhere.
I refer of course to the level of cross-platform support for