People over-generalize terms quite often, and "forwarding" has different meanings in different situations. Generally the difference boils down to if you're talking about a "server" implementation or a "mail client" implementation.
In this case, the SPF folks are addressing server admins, so by "forwarding" they mean sending the message to a new recipient without altering the headers. This use problably originates back to the old ".forward" files on unix machines, but may go back further. Most server-side implementations use this meaning for "forward".
However, forwarding by hitting the "forward" button most mail clients does something different. That creates a new message with new headers and preserves the old body text. sending with the same headers is called "redirect" in most mail clients.
Isn't it great how mail clients and mail servers use different meanings for the same word?
Even the client/server pair that go together from the same company have this problem. For example, Microsoft - exchange server has forwarding contacts, which forward without header changes, while Outlook clients do change the headers when you hit the "forward" button.
Assuming it's really influenza, and not some other virus, time will kill it. Influenza can't survive for extended periods of time on dry surfaces. Most influenza viruses only last a several hours on a hard dry surface. Under the right conditions they may last up to 72 hours, but they'll still die off over time.
Of course, 3 days is a long time to not have a laptop, but you can safely handle it. You won't get re-infected now that your body is surging with antibodies targeting that specific strain. Just wash your hands afterward so you don't spread it to the non-immune.
If that's not good enough, you could try wiping the case with a cloth *very* lightly dampened with some kind of benzalkonium chloride based disinfectant (i.e.: well squeezed out lysol wipes or something similar). I don't know if that will damage the plastics or not (ie: the screen), it shouldn't but I've never tried it, so be careful here. And of course you have to be careful not to get any liquid into any of the vents.
First, there's lots of existing standards out here.
What does the US government use (or is supposed to use) to protect information like this for its own employees? Fips- 40-2 certified encryption products (which generally are FIPS 197 AES based, but FIPS 140-2 certification involves other tests). That's certainly one good standard to go by. (see note 1 at end though about keys)
Obviously many have mentioned PGP/GPG, A very solid option. Selected versions of PGP are also FIPS 140-2 certified (re-certifying every version can be expensive.), and this option has very good public key handling.
Many have pointed out various SSL based systems, https, ftp with SSL, etc. Also very solid, although it only handles the data while in-transit. Make sure it lands on a well trusted server. (ie: securing in transport doesn't help if the destination server gets hacked)
If you want to broaden out to other tools, in general, I'd stick with some basic rules:
1) must use at least 1024 bit public keys for key exchange, or at least 32 character passwords transfered by some other secure means (which is hard, so go public key). Good encryption won't help you if it's just passworded with an 8-character password of all lower-case letters (that's only 38-bits of key entropy, even if they're random).
2) must have at least a 128 bit key for the symmetric cypher.
3) Symmetric side encryption must be based on a reasonably secure cipher. AES, 3des, RC5, RC4 (careful of buggy implementations, ie: WEP), Twofish, Blowfish, square, CAST all have withstood a reasonable amount of attack without truly glaring weaknesses that radically reduce their real-world security. XORing with a 256-bit value has not.
4) Must use a cryptographic has function (MD5, SHA1, SHA2, etc) for message integrity. CRCs are only designed to detect errors in transmission, not malicious modifications in transit.
5) ideally should use public keys to establish the authenticity of the sender, but in this application that might not be necessary. You're more concerned about intercept than complete substitution of the file by a different sender.
Side note, since some have modded the above post as flamebait:
The only reason WoW gamers vs non-WoW gamers is relevant is the test used WoW. If they had tested people using any other game, even something like Tetris, the same addict factor would have applied, but to Tetris vs non-Tetris players.
I'm also not suggesting that all WoW (or any other game) players are addicts. However, some are. And unless you somehow measure and account for those people, your whole test is invalid because there's an unknown number of highly biased participants. It'd be like making a test of a group of politicians to see who supports a particular candidate, without bothering to find out how many of the subjects are republican or democrat. Party allegiances are going to be a strong factor, and you might just be measuring how many of your test subjects are in the same party as the candidate.
For the record, I'm a mild gaming addict myself. My addictions are EverQuest and Civilization instead of WoW but I'm an addict none the less. I get mildly agitated when I'm not able to play one of my games, and when I do get to play, I relax.
Are the games therapeutic for me, or is the absence traumatic? From my own experience, I suggest it's a bit of both, but the trauma of not playing is more significant than the therapy of playing.
Actually, you really only need some of them to be addicted, not all.
Basically, the addicts are going to heavily bias the results. Unless you separate out the addicts the whole measurement is really worthless, and it is going to devolve to being attributable to the unknown number of addicts in the test.
Aye, this is the first thing that came to my mind. Particularly since the test subjects were gamers. The article didn't specify if the gamers were WoW players, non-WoW players, or a mix. If you've got WoW players in there, essentially all you're testing is if addicts have stress level goes down when you give them some of what they're addicted to.
I agree in the context of spam in general. Well somewhat. I don't think DKIM will stop spam for 3 seconds, much less 2 weeks.
However, TFA isn't about spam in general, it's about spoofing and phishing. While this is spam related, it doesn't take a solution that works for spam in general to be useful against spoofing and phishing.
Domainkeys, spf, etc, are horrid anti-spam technologies. Good thing they aren't intended for such use. Although many confuse them as being anti-spam technologies, they are decidedly not. They are anti-spoofing technologies. Period. They may have some limited application in spam control (ie: that which is spoofed is probably spam), they aren't general-purpose spam solutions.
Do yourself a favor, stop thinking of these measures as spam control. No matter what any idiot tells you, they aren't. They're only practical as spoofing control.
Just remember.. figuring out a message passes DKIM isn't useful information. Failure is useful. Lack of signature for a domain that declares it signs all email is useful. Passing tells you nothing unless you choose to trust the sending domain, which in general, you can't.
Nonspam domains won't lie, and won't declare valid email to be forged, so you can trust them when they say a message is forged. Spam domains will lie, but they won't declare anything to be forged. As a result, you can't believe anyone telling you a message isn't forged. You can only believe someone telling you it IS forged. This is why DKIM isn't useful as a general anti-spam solution. However, it is useful for anti-forgery. It requires no special trust to believe a domain when it tells you a message is forged.
Currently to figure out if any timezone is asleep, I take my own timezone's offset from GMT, as well as their timezone's offset.. So, say it's 3pm here, I live in GMT-5, and say my party lives in GMT +2, so that makes it a +7 hour difference, so their time is 10pm.. ok, not at work, possibly sleeping.
if GMT is your reference, you could do the same math to figure out the +7 hour time difference. You'd only be changing what time you personally consider to be "mid day" from "noon" to "5pm" (assuming you live in GMT-5).
Of course, this all defeats DST completely, as we'd all be living on a single, global time basis.
Sure, there's a reasonable excuse for EA's sports based games.
But what about everything else EA does?
Looking on their website, they list 14 "new releases" going back to 2/21/07. Every one of them is a sequel, except "Boom Boom Rocket".
Even outside the sports genre, EA is not well known for having many brand new games. They publish a lot of "xyz 2" and "abc the follow on adventures".
Hence, it's not surprising that the Wii caught them off guard. They don't have any finger on anything new in the gaming market. They're largely a market follower, not a leader. They consistently go with what they know.
Not that there's anything wrong with that, but I don't think anyone should expect EA to have a good sense of what the next "hot thing" will be.
The fact is, in larger companies the left hand doesn't alway know what the right hand is doing, while in smaller companies IT can get farmed out to multiple providers who can be blissfully unaware of what is happening in the big picture.
This is true, as I am all to personally familiar with the situation.
However, such organizations are going to have dozens of other problems causing loss of mail, network outages, etc.
An IT team that does not properly communicate and/or oversee its own networks is a disaster waiting to happen. SPF might exacerbate this problem, but it's hardly a root cause.
So, I'll agree with you. If your network is poorly managed, don't bite off more by adding SPF to the mix. First spend time getting your existing network under control.
Hey, at least AOL is rejecting it at SMTP delivery time.. If they were queuing it, then post delivery bouncing, I'd call them evil, but right now they're doing the right thing.
After all, if the recipient didn't exist, they'd issue a 5xx error too. Nearly every sane domain will do that. This isn't really any worse for you. Or do you expect them to accept delivery of and swallow those too?
Quite frankly, this still makes your life *MUCH* easier when compared to the post-delivery bounce case.
All you have to do now is blacklist the servers that are being used *sources* and *relays*, as opposed to all the servers that are *destinations*. And quite frankly, the server that's acting as a spam source or relay deserves to be blacklisted anyway.
What could be a DDoS (backscatter from many servers) is in this case, just a single source DoS that can be handled by blacklisting a single IP address.
What's even better, is if you blacklist 65.61.1.49 at the SMTP layer, those spam messages will double-bounce and end up in infoquesthosting's postmaster mailbox. Seeing as it's their spam problem in the first place, it should be fitting that they end up with it.
So do yourself a favor and add 65.61.1.49 to your SMTP access list today.:)
Agreed.. I didn't mean to imply "odd" was particularly rare.. Just odd.
"We'll provide you 50MB of webhosting for $10/month.. Oh, you wanna add another 60 bytes to your zonefile for another DNS entry.. sure thing, that'll be another $2.50/month".
Several ISPs don't.. For example, yahoo is busy pushing the competing standard of domainkeys.
Many open source spam scanners use it, ie: SpamAssassin.
However, even if not everyone supports SPF, at least some folks do, and that means if and when your domain does get forged by a spammer, there will be fewer folks receiving it, fewer mailservers accepting it and fewer bounces/complaints heading your way.
And of course, SPF is more-or-less cost free.. All you have to do is add a TXT record to your DNS, which probably won't cost you anything unless your DNS is hosted on some oddly billed 3rd party service.
I'd say the ROI on it is pretty good.
Many folks will immediately bash SPF as a poor spam control technology. Well, they're right, but that's not the point, and it's not what SPF is for, and it's not what your trying to get out of SPF.
SPF isn't a "cure-all" for spam that some folks think it is and others bash it for not being, but SPF IS a reasonable start at controlling forgery, and it's quite effective at it.
For example, do you really think all that strcpy is secure? Fixed it again.
(Not to be flamebait, but those who live in C houses shouldn't poke fun at other languages for having the potential to be used in an insecure manner. Sure C can be coded securely, but it can go just as horribly wrong as ajax can.)
Well, from TFA, Nortel is still holdes a minority interest in Blade (the "forced" company). Also, one of Nortel's VP's sits on Blade's board of directors.
Ownership and having control of a board memeber is an amazingly effective way to apply pressure to a company.
So while the slashdot article summary refers to Blade as a "former subsidiary", it fails to outline that Nortel does still has significant direct control over Blade.
But you miss the point. Getting it in writing would not have helped here.
Note that the "relocation manager" claims that if there's a conflict between an offer and internal policy, internal policy takes precedence.
Therefore even if you have an official written offer, signed and on company letterhead, this "relocation manager" claims he can ignore any part of it, should it conflict with internal policies.
Also note there's nothing in the posting here to imply the offer wasn't provided in writing.
The only part that's clearly verbal is the claim the relocation package was "standard", but that could be verbal commment made in refernce to a written offer.
I could very much see something like this being very useful in the US if the armament was different. I'm picturing something armed with essentially a paintball gun loaded with balls of marker dye... Might be very useful for places like prisons, etc. It might even be useful as a part of a bank security system. Have it mark them with paint as they leave..
Of course, the liability of it hitting someone in the eye would be a killer, but it is at least interesting to think about what could be done with such a system if armed with non-lethal weaponry.
I just ran the speed test from speakeasy.net (a competing ISP) against my comcast cable connection. I got 6154 kb/s down 714kbps up.
Admittedly that's at 11pm EST, from New York to Maryland, but that's a pretty solid percentage of 6mbps.
Are you sure your grandmother's PC isn't a spam-zombie and that's sucking up all her bandwidth? Or perhaps the speed-test site itself is overloaded? (They should limit the count, but you never know)
That said, the 5% reale-emergency statistic seems awfully low. However, I'm sure 911 does get a lot of general "I need the police because my car was stolen" type calls.
In some municipalities there is NO other number other than 911 to reach police at. Case in point, baltimore, prior to implementing 311 as a non-emergency number: http://www.911dispatch.com/info/311_page.html
However, even the above website, reporting on a city which had NO other way to reach police (not even an ordinary telephone number!) there was still only 60% non-emergency call volume.
Part of me wonders if there's a discrepancy here because of a third category.. "dropped call"...
A breakdown like this might not be too unrealistic in some areas:
5% answered, emergency 35% unanswered due to overloaded lines 60% answered, non-emergency
However, I'd be a little surprised if any area had 5% of it's answered calls as emergencies and 95% of the answered calls being non-emergency.. That's kind of crazy high.
Now I do see one reference that says "depending on time and locality, from 20 to 95 percent of calls to 911 are nonemergency calls".. However, that's also "depending on time"...
I can certainly see there being some random days that it gets as high as 95%... But not a sustained average of 95%...
You are 100% correct, 1099's are generally forms you receive, not fill out.
That said, I believe the AC was implying that the majority of the population never even gets these forms. At worst, they might have a 1099-int from a savings account.
So the proposed "majority" has to fill out a 1040ez, with information from one or two w2's and a single 1099-int.
I don't know how representative that is, but I'd say that it is at least plausible that a lot of US taxpayers have taxes that simple. It would certainly cover an awful lot of non-homeowners (working renters, teens living with parents and working at McDonald's, etc).
That said, it probably doesn't cover homeowners with mortgages. From what I read, home ownership rates were about 69% in late 2005. But that's counting housing units own vs rent. It's not counting things like tax-paying teens who live in their parent's house.
Perhaps this isn't a majority of-all-taxpayers case, but a majority of calls for tax-software tech-support. (I know I've never had to call tech support on either TurboTax or TaxCut and I've used them for many years).
Either way, I do still think this case covers a large quantity (>30%) of the filings the IRS gets. It would be interesting to find out just how many it covers..
Slashdot Mirror
People over-generalize terms quite often, and "forwarding" has different meanings in different situations. Generally the difference boils down to if you're talking about a "server" implementation or a "mail client" implementation.
In this case, the SPF folks are addressing server admins, so by "forwarding" they mean sending the message to a new recipient without altering the headers. This use problably originates back to the old ".forward" files on unix machines, but may go back further. Most server-side implementations use this meaning for "forward".
However, forwarding by hitting the "forward" button most mail clients does something different. That creates a new message with new headers and preserves the old body text. sending with the same headers is called "redirect" in most mail clients.
Isn't it great how mail clients and mail servers use different meanings for the same word?
Even the client/server pair that go together from the same company have this problem. For example, Microsoft - exchange server has forwarding contacts, which forward without header changes, while Outlook clients do change the headers when you hit the "forward" button.
Or so smart... why Google when you can get other people to do it for you...
But you're right, this is a pretty lame question for /.
Assuming it's really influenza, and not some other virus, time will kill it. Influenza can't survive for extended periods of time on dry surfaces. Most influenza viruses only last a several hours on a hard dry surface. Under the right conditions they may last up to 72 hours, but they'll still die off over time.
http://aem.asm.org/cgi/reprint/73/6/1687.pdf
Of course, 3 days is a long time to not have a laptop, but you can safely handle it. You won't get re-infected now that your body is surging with antibodies targeting that specific strain. Just wash your hands afterward so you don't spread it to the non-immune.
If that's not good enough, you could try wiping the case with a cloth *very* lightly dampened with some kind of benzalkonium chloride based disinfectant (i.e.: well squeezed out lysol wipes or something similar). I don't know if that will damage the plastics or not (ie: the screen), it shouldn't but I've never tried it, so be careful here. And of course you have to be careful not to get any liquid into any of the vents.
First, there's lots of existing standards out here.
What does the US government use (or is supposed to use) to protect information like this for its own employees? Fips- 40-2 certified encryption products (which generally are FIPS 197 AES based, but FIPS 140-2 certification involves other tests). That's certainly one good standard to go by. (see note 1 at end though about keys)
Obviously many have mentioned PGP/GPG, A very solid option. Selected versions of PGP are also FIPS 140-2 certified (re-certifying every version can be expensive.), and this option has very good public key handling.
Many have pointed out various SSL based systems, https, ftp with SSL, etc. Also very solid, although it only handles the data while in-transit. Make sure it lands on a well trusted server. (ie: securing in transport doesn't help if the destination server gets hacked)
If you want to broaden out to other tools, in general, I'd stick with some basic rules:
1) must use at least 1024 bit public keys for key exchange, or at least 32 character passwords transfered by some other secure means (which is hard, so go public key). Good encryption won't help you if it's just passworded with an 8-character password of all lower-case letters (that's only 38-bits of key entropy, even if they're random).
2) must have at least a 128 bit key for the symmetric cypher.
3) Symmetric side encryption must be based on a reasonably secure cipher. AES, 3des, RC5, RC4 (careful of buggy implementations, ie: WEP), Twofish, Blowfish, square, CAST all have withstood a reasonable amount of attack without truly glaring weaknesses that radically reduce their real-world security. XORing with a 256-bit value has not.
4) Must use a cryptographic has function (MD5, SHA1, SHA2, etc) for message integrity. CRCs are only designed to detect errors in transmission, not malicious modifications in transit.
5) ideally should use public keys to establish the authenticity of the sender, but in this application that might not be necessary. You're more concerned about intercept than complete substitution of the file by a different sender.
Side note, since some have modded the above post as flamebait:
The only reason WoW gamers vs non-WoW gamers is relevant is the test used WoW. If they had tested people using any other game, even something like Tetris, the same addict factor would have applied, but to Tetris vs non-Tetris players.
I'm also not suggesting that all WoW (or any other game) players are addicts. However, some are. And unless you somehow measure and account for those people, your whole test is invalid because there's an unknown number of highly biased participants. It'd be like making a test of a group of politicians to see who supports a particular candidate, without bothering to find out how many of the subjects are republican or democrat. Party allegiances are going to be a strong factor, and you might just be measuring how many of your test subjects are in the same party as the candidate.
For the record, I'm a mild gaming addict myself. My addictions are EverQuest and Civilization instead of WoW but I'm an addict none the less. I get mildly agitated when I'm not able to play one of my games, and when I do get to play, I relax.
Are the games therapeutic for me, or is the absence traumatic? From my own experience, I suggest it's a bit of both, but the trauma of not playing is more significant than the therapy of playing.
Actually, you really only need some of them to be addicted, not all.
Basically, the addicts are going to heavily bias the results. Unless you separate out the addicts the whole measurement is really worthless, and it is going to devolve to being attributable to the unknown number of addicts in the test.
Aye, this is the first thing that came to my mind. Particularly since the test subjects were gamers. The article didn't specify if the gamers were WoW players, non-WoW players, or a mix. If you've got WoW players in there, essentially all you're testing is if addicts have stress level goes down when you give them some of what they're addicted to.
No No No.. there's no profit in that.. You need to take it the other way and charge people an front-end fee to vote at this machine...
I agree in the context of spam in general. Well somewhat. I don't think DKIM will stop spam for 3 seconds, much less 2 weeks.
However, TFA isn't about spam in general, it's about spoofing and phishing. While this is spam related, it doesn't take a solution that works for spam in general to be useful against spoofing and phishing.
Domainkeys, spf, etc, are horrid anti-spam technologies. Good thing they aren't intended for such use. Although many confuse them as being anti-spam technologies, they are decidedly not. They are anti-spoofing technologies. Period. They may have some limited application in spam control (ie: that which is spoofed is probably spam), they aren't general-purpose spam solutions.
Do yourself a favor, stop thinking of these measures as spam control. No matter what any idiot tells you, they aren't. They're only practical as spoofing control.
Just remember.. figuring out a message passes DKIM isn't useful information. Failure is useful. Lack of signature for a domain that declares it signs all email is useful. Passing tells you nothing unless you choose to trust the sending domain, which in general, you can't.
Nonspam domains won't lie, and won't declare valid email to be forged, so you can trust them when they say a message is forged. Spam domains will lie, but they won't declare anything to be forged. As a result, you can't believe anyone telling you a message isn't forged. You can only believe someone telling you it IS forged. This is why DKIM isn't useful as a general anti-spam solution. However, it is useful for anti-forgery. It requires no special trust to believe a domain when it tells you a message is forged.
Video games are generally written to suit the obsessions of male brains, are they not?
Is it really more difficult, or just different?
Currently to figure out if any timezone is asleep, I take my own timezone's offset from GMT, as well as their timezone's offset.. So, say it's 3pm here, I live in GMT-5, and say my party lives in GMT +2, so that makes it a +7 hour difference, so their time is 10pm.. ok, not at work, possibly sleeping.
if GMT is your reference, you could do the same math to figure out the +7 hour time difference. You'd only be changing what time you personally consider to be "mid day" from "noon" to "5pm" (assuming you live in GMT-5).
Of course, this all defeats DST completely, as we'd all be living on a single, global time basis.
Sure, there's a reasonable excuse for EA's sports based games.
But what about everything else EA does?
Looking on their website, they list 14 "new releases" going back to 2/21/07. Every one of them is a sequel, except "Boom Boom Rocket".
Even outside the sports genre, EA is not well known for having many brand new games. They publish a lot of "xyz 2" and "abc the follow on adventures".
Hence, it's not surprising that the Wii caught them off guard. They don't have any finger on anything new in the gaming market. They're largely a market follower, not a leader. They consistently go with what they know.
Not that there's anything wrong with that, but I don't think anyone should expect EA to have a good sense of what the next "hot thing" will be.
The fact is, in larger companies the left hand doesn't alway know what the right hand is doing, while in smaller companies IT can get farmed out to multiple providers who can be blissfully unaware of what is happening in the big picture.
This is true, as I am all to personally familiar with the situation.
However, such organizations are going to have dozens of other problems causing loss of mail, network outages, etc.
An IT team that does not properly communicate and/or oversee its own networks is a disaster waiting to happen. SPF might exacerbate this problem, but it's hardly a root cause.
So, I'll agree with you. If your network is poorly managed, don't bite off more by adding SPF to the mix. First spend time getting your existing network under control.
Hey, at least AOL is rejecting it at SMTP delivery time.. If they were queuing it, then post delivery bouncing, I'd call them evil, but right now they're doing the right thing.
:)
After all, if the recipient didn't exist, they'd issue a 5xx error too. Nearly every sane domain will do that. This isn't really any worse for you. Or do you expect them to accept delivery of and swallow those too?
Quite frankly, this still makes your life *MUCH* easier when compared to the post-delivery bounce case.
All you have to do now is blacklist the servers that are being used *sources* and *relays*, as opposed to all the servers that are *destinations*. And quite frankly, the server that's acting as a spam source or relay deserves to be blacklisted anyway.
What could be a DDoS (backscatter from many servers) is in this case, just a single source DoS that can be handled by blacklisting a single IP address.
What's even better, is if you blacklist 65.61.1.49 at the SMTP layer, those spam messages will double-bounce and end up in infoquesthosting's postmaster mailbox. Seeing as it's their spam problem in the first place, it should be fitting that they end up with it.
So do yourself a favor and add 65.61.1.49 to your SMTP access list today.
Agreed.. I didn't mean to imply "odd" was particularly rare.. Just odd.
"We'll provide you 50MB of webhosting for $10/month.. Oh, you wanna add another 60 bytes to your zonefile for another DNS entry.. sure thing, that'll be another $2.50/month".
Several ISPs use SPF, for example, AOL does.
http://www.postmaster.aol.com/spf/
Several ISPs don't.. For example, yahoo is busy pushing the competing standard of domainkeys.
Many open source spam scanners use it, ie: SpamAssassin.
However, even if not everyone supports SPF, at least some folks do, and that means if and when your domain does get forged by a spammer, there will be fewer folks receiving it, fewer mailservers accepting it and fewer bounces/complaints heading your way.
And of course, SPF is more-or-less cost free.. All you have to do is add a TXT record to your DNS, which probably won't cost you anything unless your DNS is hosted on some oddly billed 3rd party service.
I'd say the ROI on it is pretty good.
Many folks will immediately bash SPF as a poor spam control technology. Well, they're right, but that's not the point, and it's not what SPF is for, and it's not what your trying to get out of SPF.
SPF isn't a "cure-all" for spam that some folks think it is and others bash it for not being, but SPF IS a reasonable start at controlling forgery, and it's quite effective at it.
(Not to be flamebait, but those who live in C houses shouldn't poke fun at other languages for having the potential to be used in an insecure manner. Sure C can be coded securely, but it can go just as horribly wrong as ajax can.)
Well, from TFA, Nortel is still holdes a minority interest in Blade (the "forced" company). Also, one of Nortel's VP's sits on Blade's board of directors.
Ownership and having control of a board memeber is an amazingly effective way to apply pressure to a company.
So while the slashdot article summary refers to Blade as a "former subsidiary", it fails to outline that Nortel does still has significant direct control over Blade.
Come on, you don't think someone's going to cough up 1 trillion dollars? I mean, thats just about 17 times what Bill gates is worth.
Clearly some burger flipping pimply teenager can come up with more than that...
But you miss the point. Getting it in writing would not have helped here.
Note that the "relocation manager" claims that if there's a conflict between an offer and internal policy, internal policy takes precedence.
Therefore even if you have an official written offer, signed and on company letterhead, this "relocation manager" claims he can ignore any part of it, should it conflict with internal policies.
Also note there's nothing in the posting here to imply the offer wasn't provided in writing.
The only part that's clearly verbal is the claim the relocation package was "standard", but that could be verbal commment made in refernce to a written offer.
I could very much see something like this being very useful in the US if the armament was different. I'm picturing something armed with essentially a paintball gun loaded with balls of marker dye... Might be very useful for places like prisons, etc. It might even be useful as a part of a bank security system. Have it mark them with paint as they leave..
Of course, the liability of it hitting someone in the eye would be a killer, but it is at least interesting to think about what could be done with such a system if armed with non-lethal weaponry.
I just ran the speed test from speakeasy.net (a competing ISP) against my comcast cable connection. I got 6154 kb/s down 714kbps up.
Admittedly that's at 11pm EST, from New York to Maryland, but that's a pretty solid percentage of 6mbps.
Are you sure your grandmother's PC isn't a spam-zombie and that's sucking up all her bandwidth? Or perhaps the speed-test site itself is overloaded? (They should limit the count, but you never know)
possibly too heavy to stay in suspension when coated with sugars?
Just a guess, but gold is pretty dense stuff.
Well, it looks like /. is definitely now working to reduce those numbers further...
9 84537
http://slashdot.org/comments.pl?sid=181150&cid=14
That said, the 5% reale-emergency statistic seems awfully low. However, I'm sure 911 does get a lot of general "I need the police because my car was stolen" type calls.
In some municipalities there is NO other number other than 911 to reach police at. Case in point, baltimore, prior to implementing 311 as a non-emergency number:
http://www.911dispatch.com/info/311_page.html
However, even the above website, reporting on a city which had NO other way to reach police (not even an ordinary telephone number!) there was still only 60% non-emergency call volume.
Part of me wonders if there's a discrepancy here because of a third category.. "dropped call"...
A breakdown like this might not be too unrealistic in some areas:
5% answered, emergency
35% unanswered due to overloaded lines
60% answered, non-emergency
However, I'd be a little surprised if any area had 5% of it's answered calls as emergencies and 95% of the answered calls being non-emergency.. That's kind of crazy high.
Now I do see one reference that says "depending on time and locality, from 20 to 95 percent of calls to 911 are nonemergency calls".. However, that's also "depending on time"...
I can certainly see there being some random days that it gets as high as 95%... But not a sustained average of 95%...
http://changela.com/oped_311.htm
You are 100% correct, 1099's are generally forms you receive, not fill out.
That said, I believe the AC was implying that the majority of the population never even gets these forms. At worst, they might have a 1099-int from a savings account.
So the proposed "majority" has to fill out a 1040ez, with information from one or two w2's and a single 1099-int.
I don't know how representative that is, but I'd say that it is at least plausible that a lot of US taxpayers have taxes that simple. It would certainly cover an awful lot of non-homeowners (working renters, teens living with parents and working at McDonald's, etc).
That said, it probably doesn't cover homeowners with mortgages. From what I read, home ownership rates were about 69% in late 2005. But that's counting housing units own vs rent. It's not counting things like tax-paying teens who live in their parent's house.
Perhaps this isn't a majority of-all-taxpayers case, but a majority of calls for tax-software tech-support. (I know I've never had to call tech support on either TurboTax or TaxCut and I've used them for many years).
Either way, I do still think this case covers a large quantity (>30%) of the filings the IRS gets. It would be interesting to find out just how many it covers..