This was mentioned in a little blurb in the August 2007 edition; I guess a lot of people may have missed it if they're sending out postcards (I didn't notice it until the second time I thumbed through the magazine). From the looks of it, they won't be simply switching away from a paper format, but just ending the magazine all together.
Kind of a bummer, I've been reading it for years -- since before I actually started my career as an SA and was only tinkering with BSD and this newfangled Linux thing...
> Generally for situations where you really need to make sure > the data stays safe, I'd just stick with hardware. If you can > spend that much on some harddrives, I don't see why you can't > spend the money on hardware.
Truer words were never spoken. I don't know the status of the more recent software RAID implmentation in Linux, but I do know that bugs in the old one send 2 arrays in 2 different mission critical servers of ours down in a hailstorm of fire and brimstone.
We had one drive get booted from the array for having corrupted data, so the load on the other drives shot up a bit. We think that the increased load made the software RAID driver start lagging in writes to the disks, causing more corruption on another drive, until we were down to a steaming pile of rubble.
Happened 2 seperate times on 2 different machines, as well. We're sticking to hardware from now on.
> CID, yes. ANI? Are you sure? > > Since ANI is used for billing purposes, including 900 numbers, I highly doubt any telco allows it to be modified.
I have a 23-channel PRI here from a local CLEC (utilizing it for inbound local DID numbers and toll-free DNIS numbers as well as outbound calls) who lets us not only stuff our own CID, but sends that as the ANI as well. Not sure if they even know they're doing this, although we have a pretty good standing business relationship with them, and we have no intent of using it for "evil" purposes.
(We utilize sending outbound CID for sending the DID # of individual extensions behind the PBX, as well as the primary number of the "account" we're calling for... we're a call center for several ISPs. It's also useful for call transfers/routing from our PBX, as the original caller's CID shows up when we transfer.)
The PRI that I have running into the same PBX from the ILEC (Qwest) only sets the CID, as expected.
It's not overly hard to forge your ANI; it just takes some legwork and potentially a wad of cash. There is still an audit trail at the ILEC and CLEC switching facilities, too. I suspect if they start getting complaints about things being billed to wrong numbers, it's not hard to find out which one of your interconnects did it.
I'm not horribly surprised by the number of viruses and worms flying around right now... and I do see quite a few of them as a Systems Admin for a wholesale ISP.
What does surprise me is WHY these spread. I thought we had taught people time and time again, over and over, "don't open non-document attachments"... "keep your antivirus software updated"... "if you're ever in doubt, call us". Our advice is taken in and actually used once in a while, but it always seems to be thrown aside and forgotten.
I'm still on the search for that magic bullet that won't involve horribly restrictive mail filters or a lobotomy to remove the "OPEN EVERY EMAIL ATTACHMENT I RECEIVE" lobe...
Which is why at our office, I've set up the PBX to lock out accounts after so many failed logins in a row. Sure, if some dumb user doesn't remember his/her password 6 times in a row, I have to unlock it... but I'd rather do that then go to the CEO saying some 19 year old in {insert third world country here} got in through one of our employee's VMB's and dropped to dial-tone, racking up $8k in long distance. On top of the lockouts, I have a pretty anal password policy. No repeating (3 or more alike) or sequential numbers, extension in the password is disallowed, disallowed local area codes/prefixes/zip codes/etc.
Of course in this situation, the most cost effective solution is to ignore the problem and hope people don't notice the new charges on their bill. Hey, money is money even if it's earned fraudulently, right?. Pfft.
Gas tax already has a provision for this. Most farmers/people with tractors have "On-Road" and "Off-Road" gas tanks. Of course it's VERY illegal to use the "Off-Road" gas, which has no additional taxes on the price of it, on public streets -- but it's not much of an issue, as most people don't have access to this.
Of course, the buzz is that the gas tax will stay as well.
As mentioned before, this is doomed. It simply will not work. The gas tax is in the hands of the stations, who collect for it there on the spot. The GPS receiver is in the drivers' posession, and could easily have signals to it blocked.
Not to mention that most of the roads travelled are probably maintained by small municipalities, and those cities will likely never see a penny of money collected from a system like this.
Of course if this ever gets voted on, anyone with half of a clue will see it for what it's worth -- absolutely nothing.
Re:Great, more censorship
on
As the Spam Turns
·
· Score: 5, Informative
Exactly. We get users bitching and moaning about spam, and what are we going to do -- ignore them and let them take their business elsewhere? We are taking the route of designing a crap filter the users can configure, and select which BL's to use -- all based around procmail and SpamAssassin. User doesn't want any filtering? Okay, easy enough for them to disable it completely.
I don't want to sound like a callous jerk, but it doesn't sound like the original poster knows what it's like having thousands of users screaming for some sort of server-side spam filtering. For their $18 or whatever a month, the majority of them want their ISP to do something about the viagra/pr0n/MMF spam in their mailbox. ISP's just need to make the right decision in letting the users decide if they want filtering or not. Users can always go elsewhere if the ISP wants to enforce filters the user doesn't like.
Thank you, thank you, thank you.... a million thank you's.
Someone who actually understands that if it's a SECURITY or NETWORK STABILITY risk, an ISP has every right not to allow it (until some jerk bribes a judge who issues a TRO).
If it's going to cause me headaches, both in network management and customer satisfaction -- and management approves -- it's getting filtered!
It could be a useful service used locally (i.e. private side) - notification when power is lost at a server, system-wide notices, etc.
I'm honestly amazed that spammers are _just now_ discovering this though. The net messenger service was quite a fun toy back in school computer labs to harass the, uhm... less technically inclined students... and that was several years ago.
In our office (Wholesale/Virtual ISP), we've been experimenting with UML for a while as a decent alternative to trying to virtualize every service and allowing some of our reselling ISPs to have their own username space - something I don't even want to attempt with Apache and most FTP servers.
So far it's been fairly stable, after working out a few quirks. Definitely worth the trouble of getting everything set up. Makes backups on the UML servers stupidly-simple too.
Congrats to the UML developers on clearing this hurdle, and here's to hoping it betters future development on the project!
So if I get a letter from the RIAA or MPAA accusing one of my users of swapping copyrighted materials, I'm supposed to tell them to go piss up a rope? Wouldn't that be lovely when they go after us and our upstream providers with injunctions and court orders demanding they shut us off over us refusing to release information on a user? Sorry, but attorneys WILL do this. It's been done before.
Due process means nothing when large corporations can drain your pocket book and waste your time in court for years. Welcome to America, where freedom reigns.
What about customers as well? If this "re-structuring" fails, I can only assume the feds will step in and try to keep the company on it's feet being their basically a telecom giant. Hell, they did it for a mid-sized local company after they went under in a less-than-glamorous manner.
Right about now I'm thanking my lucky stars we believe in redundancy through different carriers for our circuits.
Yes, let's sue everyone who tried to probe your system due to their ignorance for infecting their machines. The last thing I want to have is an email or voicemail for each of our 6,000 dialup customers and many more dsl/dedicated customers saying "take these people offline or I sue". We have SLA's to maintain, so we're not just going to go pull the plug on a $2000/mo circuit because one of their users was infected - we WILL let them know, but flexing your perceived lawsuit muscle makes you look like a complete moron, at least in my eyes.
Wow.. now isn't this interesting. Qwest actually started CALLING our QwestDSL customers to let them know of the problem, and detailing how to fix it, even walking them through this on the phone. Now, as if this wasn't enough, whenever you call the QwestDSL support number you get a long (5-6 minute) recorded message detailing, IN FULL, how to fix the problem. My only complaint is having to listen to it to get through to a real tech (and watching them disconnect a customer's service for 2 weeks to bump his speed down to 256k)... but this is ridiculous.
Qwest was doing the Right Thing here by being proactive and calling customers, but since they're the big bad telco, this is all their fault anyway. Do you honestly think Qwest is going to get any reimbursement from Cisco for all the support this problem has caused? I highly doubt it.
"Oh, excuse me Mr. Governor, but while driving on one of your state highways, my faulty tire blew out.. I demand you pay me for having it fixed and an extra chunk of money for my invaluable time!"
It seems Intel is on the right path to giving the Athlon a run for it's money... I'm vaguely reminded of how quickly many companies/software developers/etc. picked up support for 3dNow! (likely due to the large number of customers and potential customers with AMD K6-2/K6-3 chips).
AMD had a fairly large number of developers promising 3dNow! support, and seemed to be doing the "right thing" by helping developers optimize their code.
It seems Intel has picked up on this, and has made it easy to optimize for SSE-2 with their own compiler plugin for VC. I'm just curious if this breaks AMD optimizations.
This is definitely a move in the right direction for Intel, though. I don't necessarily like it though, because I'm an avid AMD fan.:D
...or people like myself will be blamed for the company's demise, and they'll use their last remaining dollars to try to sue. To tell you the truth, I wouldn't doubt if this idea's crossed the minds of their "outstanding" legal team.
Or maybe I'm just paranoid - I have a growing history of angering stupid people and large companies - perhaps I should start a gallery of C&D letters I've received..
What planet are you from? I know you're just a little troll trying to stir up the water, but you're smoking some really good crack if you believe this. Yeah, BSD is dying, it's worthless and will be a good riddance to see it go...
..which is why I see people migrating to it from Windows or Linux or any other OS..
..which is why it's a proven rock-solid server OS used on many huge production systems that can't afford to go down
...which is why I've personally helped several people avoid expensive Cisco equipment with a little BSD box doing everything a PIX could do and more. Hmm, $12K cisco box or $350 BSD box which has even more features - you decide.
Sure, sometimes the BSD community is a bit rough on the edges (mostly because of the competition between the BSDs), but don't tell me that Linux people don't get into distro flamewars.
And no, I'm not some anti-Linux freak either. It has its place, and I use it where I feel it really shines (this post brought to you by Netscape on Linux). --
.. was in local RatShack getting some transistors, switches, and blinky LEDs when I mentioned, "have any of those cat scanner thingys?". The nice clerk who was hanging on my shoulder the whole time hoping for a big sale to get commission money (on a side note, my total costs came to $1.86) forgot to ask for my name/phone #/addy, which they do to keep you in their database whenever you buy something. Seems they have a nice habit of forgetting that at the local stores. So out I go with kitty #6. Daisy-chained, these things make great indoor nightlights.:)
Maybe I should file a patent for cat-shaped light sources that connect to PS/2 computer interfaces. What every True Geek (TM) needs. --
Slashdot Mirror
This was mentioned in a little blurb in the August 2007 edition; I guess a lot of people may have missed it if they're sending out postcards (I didn't notice it until the second time I thumbed through the magazine). From the looks of it, they won't be simply switching away from a paper format, but just ending the magazine all together.
Kind of a bummer, I've been reading it for years -- since before I actually started my career as an SA and was only tinkering with BSD and this newfangled Linux thing...
> Generally for situations where you really need to make sure
> the data stays safe, I'd just stick with hardware. If you can
> spend that much on some harddrives, I don't see why you can't
> spend the money on hardware.
Truer words were never spoken. I don't know the status of the more recent software RAID implmentation in Linux, but I do know that bugs in the old one send 2 arrays in 2 different mission critical servers of ours down in a hailstorm of fire and brimstone.
We had one drive get booted from the array for having corrupted data, so the load on the other drives shot up a bit. We think that the increased load made the software RAID driver start lagging in writes to the disks, causing more corruption on another drive, until we were down to a steaming pile of rubble.
Happened 2 seperate times on 2 different machines, as well. We're sticking to hardware from now on.
> CID, yes. ANI? Are you sure?
>
> Since ANI is used for billing purposes, including 900 numbers, I highly doubt any telco allows it to be modified.
I have a 23-channel PRI here from a local CLEC (utilizing it for inbound local DID numbers and toll-free DNIS numbers as well as outbound calls) who lets us not only stuff our own CID, but sends that as the ANI as well. Not sure if they even know they're doing this, although we have a pretty good standing business relationship with them, and we have no intent of using it for "evil" purposes.
(We utilize sending outbound CID for sending the DID # of individual extensions behind the PBX, as well as the primary number of the "account" we're calling for... we're a call center for several ISPs. It's also useful for call transfers/routing from our PBX, as the original caller's CID shows up when we transfer.)
The PRI that I have running into the same PBX from the ILEC (Qwest) only sets the CID, as expected.
It's not overly hard to forge your ANI; it just takes some legwork and potentially a wad of cash. There is still an audit trail at the ILEC and CLEC switching facilities, too. I suspect if they start getting complaints about things being billed to wrong numbers, it's not hard to find out which one of your interconnects did it.
-k
No doubt the "patent" also applies to various Linux distributions, but obviously they're not being sued because there's little money in them.
:)
Hmm, somebody apparently forgot to relay this information to SCO...
I'm not horribly surprised by the number of viruses and worms flying around right now... and I do see quite a few of them as a Systems Admin for a wholesale ISP.
What does surprise me is WHY these spread. I thought we had taught people time and time again, over and over, "don't open non-document attachments"... "keep your antivirus software updated"... "if you're ever in doubt, call us". Our advice is taken in and actually used once in a while, but it always seems to be thrown aside and forgotten.
I'm still on the search for that magic bullet that won't involve horribly restrictive mail filters or a lobotomy to remove the "OPEN EVERY EMAIL ATTACHMENT I RECEIVE" lobe...
500 bones per minute is a little blown out of proportion, but what really counts is how ridiculous this is.
For more info check out http://www.lincmad.com/telesleaze.html
Which is why at our office, I've set up the PBX to lock out accounts after so many failed logins in a row. Sure, if some dumb user doesn't remember his/her password 6 times in a row, I have to unlock it... but I'd rather do that then go to the CEO saying some 19 year old in {insert third world country here} got in through one of our employee's VMB's and dropped to dial-tone, racking up $8k in long distance. On top of the lockouts, I have a pretty anal password policy. No repeating (3 or more alike) or sequential numbers, extension in the password is disallowed, disallowed local area codes/prefixes/zip codes/etc.
Of course in this situation, the most cost effective solution is to ignore the problem and hope people don't notice the new charges on their bill. Hey, money is money even if it's earned fraudulently, right?. Pfft.
You can't authorize a transfer-away without agreeing to their agreement anymore.
:(
I shudder every time I have to transfer a customer's domain to our OpenSRS reseller account and click on the "I agree" checkbox...
Gas tax already has a provision for this. Most farmers/people with tractors have "On-Road" and "Off-Road" gas tanks. Of course it's VERY illegal to use the "Off-Road" gas, which has no additional taxes on the price of it, on public streets -- but it's not much of an issue, as most people don't have access to this.
Of course, the buzz is that the gas tax will stay as well.
As mentioned before, this is doomed. It simply will not work. The gas tax is in the hands of the stations, who collect for it there on the spot. The GPS receiver is in the drivers' posession, and could easily have signals to it blocked.
Not to mention that most of the roads travelled are probably maintained by small municipalities, and those cities will likely never see a penny of money collected from a system like this.
Of course if this ever gets voted on, anyone with half of a clue will see it for what it's worth -- absolutely nothing.
Exactly. We get users bitching and moaning about spam, and what are we going to do -- ignore them and let them take their business elsewhere? We are taking the route of designing a crap filter the users can configure, and select which BL's to use -- all based around procmail and SpamAssassin. User doesn't want any filtering? Okay, easy enough for them to disable it completely.
I don't want to sound like a callous jerk, but it doesn't sound like the original poster knows what it's like having thousands of users screaming for some sort of server-side spam filtering. For their $18 or whatever a month, the majority of them want their ISP to do something about the viagra/pr0n/MMF spam in their mailbox. ISP's just need to make the right decision in letting the users decide if they want filtering or not. Users can always go elsewhere if the ISP wants to enforce filters the user doesn't like.
My $.02 USD.
Thank you, thank you, thank you.... a million thank you's.
Someone who actually understands that if it's a SECURITY or NETWORK STABILITY risk, an ISP has every right not to allow it (until some jerk bribes a judge who issues a TRO).
If it's going to cause me headaches, both in network management and customer satisfaction -- and management approves -- it's getting filtered!
Your average Slashdot poster is a zombie 365.25 days a year anyway. :)
Mmmmmmmmmarf, BRAINS!
Too bad nobody would then accept said cash you would then possess for fear of being sued. :)
It could be a useful service used locally (i.e. private side) - notification when power is lost at a server, system-wide notices, etc.
I'm honestly amazed that spammers are _just now_ discovering this though. The net messenger service was quite a fun toy back in school computer labs to harass the, uhm... less technically inclined students... and that was several years ago.
In our office (Wholesale/Virtual ISP), we've been experimenting with UML for a while as a decent alternative to trying to virtualize every service and allowing some of our reselling ISPs to have their own username space - something I don't even want to attempt with Apache and most FTP servers.
So far it's been fairly stable, after working out a few quirks. Definitely worth the trouble of getting everything set up. Makes backups on the UML servers stupidly-simple too.
Congrats to the UML developers on clearing this hurdle, and here's to hoping it betters future development on the project!
So if I get a letter from the RIAA or MPAA accusing one of my users of swapping copyrighted materials, I'm supposed to tell them to go piss up a rope? Wouldn't that be lovely when they go after us and our upstream providers with injunctions and court orders demanding they shut us off over us refusing to release information on a user? Sorry, but attorneys WILL do this. It's been done before.
Due process means nothing when large corporations can drain your pocket book and waste your time in court for years. Welcome to America, where freedom reigns.
What about customers as well? If this "re-structuring" fails, I can only assume the feds will step in and try to keep the company on it's feet being their basically a telecom giant. Hell, they did it for a mid-sized local company after they went under in a less-than-glamorous manner.
Right about now I'm thanking my lucky stars we believe in redundancy through different carriers for our circuits.
Yes, let's sue everyone who tried to probe your system due to their ignorance for infecting their machines. The last thing I want to have is an email or voicemail for each of our 6,000 dialup customers and many more dsl/dedicated customers saying "take these people offline or I sue". We have SLA's to maintain, so we're not just going to go pull the plug on a $2000/mo circuit because one of their users was infected - we WILL let them know, but flexing your perceived lawsuit muscle makes you look like a complete moron, at least in my eyes.
Blech.
Wow.. now isn't this interesting. Qwest actually started CALLING our QwestDSL customers to let them know of the problem, and detailing how to fix it, even walking them through this on the phone. Now, as if this wasn't enough, whenever you call the QwestDSL support number you get a long (5-6 minute) recorded message detailing, IN FULL, how to fix the problem. My only complaint is having to listen to it to get through to a real tech (and watching them disconnect a customer's service for 2 weeks to bump his speed down to 256k)... but this is ridiculous.
Qwest was doing the Right Thing here by being proactive and calling customers, but since they're the big bad telco, this is all their fault anyway. Do you honestly think Qwest is going to get any reimbursement from Cisco for all the support this problem has caused? I highly doubt it.
"Oh, excuse me Mr. Governor, but while driving on one of your state highways, my faulty tire blew out.. I demand you pay me for having it fixed and an extra chunk of money for my invaluable time!"
Pathetic.
It seems Intel is on the right path to giving the Athlon a run for it's money... I'm vaguely reminded of how quickly many companies/software developers/etc. picked up support for 3dNow! (likely due to the large number of customers and potential customers with AMD K6-2/K6-3 chips).
:D
AMD had a fairly large number of developers promising 3dNow! support, and seemed to be doing the "right thing" by helping developers optimize their code.
It seems Intel has picked up on this, and has made it easy to optimize for SSE-2 with their own compiler plugin for VC. I'm just curious if this breaks AMD optimizations.
This is definitely a move in the right direction for Intel, though. I don't necessarily like it though, because I'm an avid AMD fan.
...or people like myself will be blamed for the company's demise, and they'll use their last remaining dollars to try to sue. To tell you the truth, I wouldn't doubt if this idea's crossed the minds of their "outstanding" legal team.
Or maybe I'm just paranoid - I have a growing history of angering stupid people and large companies - perhaps I should start a gallery of C&D letters I've received..
*shakes his head* Only in America...
What planet are you from? I know you're just a little troll trying to stir up the water, but you're smoking some really good crack if you believe this. Yeah, BSD is dying, it's worthless and will be a good riddance to see it go...
..which is why I see people migrating to it from Windows or Linux or any other OS..
..which is why it's a proven rock-solid server OS used on many huge production systems that can't afford to go down
...which is why I've personally helped several people avoid expensive Cisco equipment with a little BSD box doing everything a PIX could do and more. Hmm, $12K cisco box or $350 BSD box which has even more features - you decide.
Sure, sometimes the BSD community is a bit rough on the edges (mostly because of the competition between the BSDs), but don't tell me that Linux people don't get into distro flamewars.
And no, I'm not some anti-Linux freak either. It has its place, and I use it where I feel it really shines (this post brought to you by Netscape on Linux).
--
Dunno, they always seem to have some sort of flaw that lets others do naughty things to them.. but they just won't go away.
:D
Sounds almost like Microsoft
--
...of course we know if Voyager was powered by BSD it would have never gotten lost ;)
--
.. was in local RatShack getting some transistors, switches, and blinky LEDs when I mentioned, "have any of those cat scanner thingys?". The nice clerk who was hanging on my shoulder the whole time hoping for a big sale to get commission money (on a side note, my total costs came to $1.86) forgot to ask for my name/phone #/addy, which they do to keep you in their database whenever you buy something. Seems they have a nice habit of forgetting that at the local stores. So out I go with kitty #6. Daisy-chained, these things make great indoor nightlights. :)
Maybe I should file a patent for cat-shaped light sources that connect to PS/2 computer interfaces. What every True Geek (TM) needs.
--