After reading through both articles, I'm still not quite clear on how much to bill clients.
Just make sure you don't pitch too low (as Grant Barrett mentioned).
I've been in full-time employment for 7-8 years now, so I don't know what the street-rate for a general-purpose freelance geek is. But you can work out what your personal minimum is, based on how much you need to earn, how much billable work you are expecting to pull in, and how the expenses are likely to pan out.
Then (and again, as the author pointed out), if you find yourself turning away work, raise your fees.
Oh, I thought the article was excellent. I know techs who behave as if their know-how was something to conserve rather than to share; they always make me suspicious that they don't actually have very much of it.
And I liked the advice about fixed-fee and minimum-fee billing arrangements - one of the things that used to stress me out when I was freelance, was the fact that diagnose-and-fix jobs are open-ended; after the first few hours, I began to worry that the client was beginning to worry about the cost. And worrying about that would put me off my stroke.
A whitelist is a much better idea, if you're bent on censorship.
You can have multiple whitelists, and choose the set of censors that will edit your information for you.
A whitelist system doesn't assume the Internet is American (what was that - did someone mention the Land of the Free?).
This would be a second-level domain, under.us; you don't need legislation to create such a domain. You can just register it.
It's hardly ever a good thing when politicians start meddling with the internet - it's a threat to them in general, and they don't like it.
The internet is generally pretty resistant to censorship; effective censorship involves blocking access to anonymisers, translators, search-engines, and no end of other valuable resources, not because they are themselves 'harmful', but because they undermine the censorware (see Seth Finkelstein's LOOPHOLE article).
My kids are 15/16 now; they've never been censored, and as a consequence they have developed enough of a clue to be able to discriminate for themselves between tripe, hype and content that's halfway plausible.
Oh, well - I'm obviously out-of-line with the majority sentiment in this thread, but ISTM that only a fool would volunteer to have their information sources censored by someone else.
My idea is to setup what *APPEARS* to be an open relay.
Check out Jackpot. It's a dedicated SMTP relay honeypot written in Java. Mine ate spam addressed to about 25,000 distinct addresses last Sunday.
--
Jack.
You can download Jackpot, a free relay honeypot written in Java, from my site.
Runs out-of-the-box, and provides hours of childish entertainment. It's easy to use on Windows,
unlike most honeypots, which are usually built on top of *n*x mailservers. In fact it doesn't work
(yet) on Linux.
(Anyone know why/. munged "[uk.net]" into my post? I couldn't get rid of it.)
If you own the assets, and they're worth anything, then defending your patent shouldn't be hard - some big corp. will stump up for legal fees in exchange for either your body or a piece of the action.
The problem with crypto inventions is that most of them are flawed. Noone should ever trust crypto that hasn't been exposed to open review. Therefore your invention will remain worthless until it's been published.
I've written a relay honeypot in Java.
It's a real relay, that relays messages only if:
there's less than recipients (configurable);
the relay request arrived not less than seconds after the previous request.
It can bounce messages addressed to the local machine, in case the spammer checks for bounces (buggy, at the moment).
It whitelists relay test-addresses, as specified by its operator, and relays to those addresses even if it thinks it's in a spam-run. It adds any address to which it relays to its whitelist (i.e. it collects relay-test addresses).
It also posts all the data it collects to a website, which it can serve itself (i.e., it's a webserver too).
It has quite a number of other frills (not all of which are documented yet - it's still in test, but it's getting more stable every day).
It is a valid objection to a honeypot that does relay test-messages, that it is sending spam. There is a risk of the program being subverted by a spammer. Honeypotting this way isn't for children - you could get complaints for running this program.
Having said that, you can download the current Beta build at My site. (Damn, how do you get rid of that crap in square brackets???) It's highly configurable, but it runs out-of-the-box on Win NT/2K/ME systems (it needs a JVM, of course).
Slashdot Mirror
Just make sure you don't pitch too low (as Grant Barrett mentioned).
I've been in full-time employment for 7-8 years now, so I don't know what the street-rate for a general-purpose freelance geek is. But you can work out what your personal minimum is, based on how much you need to earn, how much billable work you are expecting to pull in, and how the expenses are likely to pan out.
Then (and again, as the author pointed out), if you find yourself turning away work, raise your fees.
Oh, I thought the article was excellent. I know techs who behave as if their know-how was something to conserve rather than to share; they always make me suspicious that they don't actually have very much of it.
And I liked the advice about fixed-fee and minimum-fee billing arrangements - one of the things that used to stress me out when I was freelance, was the fact that diagnose-and-fix jobs are open-ended; after the first few hours, I began to worry that the client was beginning to worry about the cost. And worrying about that would put me off my stroke.
That link is dead - too bad, it seemed to be a good idea.
-
You can have multiple whitelists, and choose the set of censors that will edit your information for you.
- A whitelist system doesn't assume the Internet is American (what was that - did someone mention the Land of the Free?).
- This would be a second-level domain, under
.us; you don't need legislation to create such a domain. You can just register it.
- It's hardly ever a good thing when politicians start meddling with the internet - it's a threat to them in general, and they don't like it.
- The internet is generally pretty resistant to censorship; effective censorship involves blocking access to anonymisers, translators, search-engines, and no end of other valuable resources, not because they are themselves 'harmful', but because they undermine the censorware (see Seth Finkelstein's LOOPHOLE article).
My kids are 15/16 now; they've never been censored, and as a consequence they have developed enough of a clue to be able to discriminate for themselves between tripe, hype and content that's halfway plausible.Oh, well - I'm obviously out-of-line with the majority sentiment in this thread, but ISTM that only a fool would volunteer to have their information sources censored by someone else.
Check out Jackpot. It's a dedicated SMTP relay honeypot written in Java.
Mine ate spam addressed to about 25,000 distinct addresses last Sunday.
--
Jack.
Runs out-of-the-box, and provides hours of childish entertainment. It's easy to use on Windows,
unlike most honeypots, which are usually built on top of *n*x mailservers. In fact it doesn't work
(yet) on Linux.
(Anyone know why /. munged "[uk.net]" into my post? I couldn't get rid of it.)
If you own the assets, and they're worth anything, then defending your patent shouldn't be hard - some big corp. will stump up for legal fees in exchange for either your body or a piece of the action. The problem with crypto inventions is that most of them are flawed. Noone should ever trust crypto that hasn't been exposed to open review. Therefore your invention will remain worthless until it's been published.
It can bounce messages addressed to the local machine, in case the spammer checks for bounces (buggy, at the moment).
It whitelists relay test-addresses, as specified by its operator, and relays to those addresses even if it thinks it's in a spam-run. It adds any address to which it relays to its whitelist (i.e. it collects relay-test addresses).
It also posts all the data it collects to a website, which it can serve itself (i.e., it's a webserver too).
It has quite a number of other frills (not all of which are documented yet - it's still in test, but it's getting more stable every day).
It is a valid objection to a honeypot that does relay test-messages, that it is sending spam. There is a risk of the program being subverted by a spammer. Honeypotting this way isn't for children - you could get complaints for running this program.
Having said that, you can download the current Beta build at My site. (Damn, how do you get rid of that crap in square brackets???) It's highly configurable, but it runs out-of-the-box on Win NT/2K/ME systems (it needs a JVM, of course).
Jack.