All this method will do is to catch the casual pedophile. On face value, I could see it acting as a deterent, as it would keep people from getting into it; this scheme would essential create a barrier to entry that some might not want to get into. It won't stop the hard core junkie or the ones exploiting them. They could use a method that would check out zips and rar's and other compression formats, but it will be the encryption that will break the system.
So while I do applaud the efforts of ISP's to stop them, there are far too many ways to use even low-level encryption to bypass this schema. And the other problem is that if some perverts actually uses encryption they have to know a key. I seriously doubt that Google or some other agency with enough computing power to figure out keys to decrypt files is going to spend the time and the money to get into the files.
What I could see happening is a darknet being created that uses 256-bit SSL connections, or something like it. The only way to get in is by referral, and if the site floated from IP to IP address, it would be hard to stop. Another consquence would be that pedophiles would move from those ISP's.
For even more fun do a Netcraft on the site. It isn't listed.
But if you do a DNS lookup you find that shellytherepublican.com is hosted on pjn.qsrch.net, which is owned by New.net.
More interesting is if you do a Netcraft on pjn.qsrch.net, it is hosted on FreeBSD.
Even more entertaining is that he/she fired their previous webmaster and then moved hosting provider because it wasn't hosted on a "solid Windows box" but on Linux. The new provider promised that it would be hosted on Windows, but it appears to be running on Apache and FreeBSD.
Your argument assumes that married people have less friends than non-married people.
I'll also assume that you are not married.
There is a lot more to moving than merely uping a family. If you are going to quantify relationships, then I would argue that a married person needs more money. Why? Because a married person has to deal with the emotions of the family that is being moved. What about the 12 year old that doesn't want to move because of friends? Or the spouse that wants to stay near family? Or what about the fact that the family now has to reintigrate with another community? Or maybe that the parents have to relearn where the things are that their children are involved in.
I would say that the issues are sixes. If you look at the social truama experienced by the unmarried person it is no more and no less than the familial truama by the married person. It may be more visiable with the unmarried person, but the married person is going to have their fair share of stress. In stead of moving just one person and have to adjust, a married person has to move at least himself and another and more if he/she has spawned. If the couple both works, then the other spouse has to find employment as well. An unmarried person may settle in quite nicely within two months, whereas it can take a lot longer to get a family settled.
Yes and no. On the customer copy you get the last four digits of the card, but the merchant copy gets both. Where you get a problem is when the merchant give the customer a copy of the merchant copy. If you have a signiture line then you have a copy of the merchant slip.
Make sure that you and your clients put the words "CONTAINS CONFIDENTAL TRADE SECRETS," on both the DVD/CD and the box. Then put a seal on the case that would indicate tampering. If they tamper with it you can argue that they violated your trade secrets, which are protected by law, and then haul them into court.
Another tactic would be putting "UNRELEASED COPYRIGHTED MATERIAL," or for a combination, put both.
If you have illegal material, then it is your problem. But if the material actually contains legitimate material then you could have some serious fun in the courts.
Because vendors haven't been given enough time. If MS had planned and presented vendors with specs of how to interface products, then it wouldn't be so bad. But when things keep changing, people get irritated.
Rights are "recognized." China for example does not recognize "Freedom of Speech" as a right.
However, rights can be created, when there isn't one. But what it really boils down to is what are our rights. If our right is to act completely in our own self interest and to impunge the rights of others, then where does one person's rights end and another person's right begin? For example, I have a right to be free and the right to make my own choices. Does that mean when I excerise a right to make choices and I rob a store that my right to be free should trump the punishment?
Part of existing in society is that rights are surrendered for saftey, security and the benefit of being a member of society. Screaming about rights and the need to have every one recognized by society is reckless and illresponsable. Some "natural rights" that society may restrict may be for the overall security and benefit of the people based on the values of that society. If a society values security then it may surrender the right to privacy.
What the ArsTechnica article was implying is that an artifical right was being created -- a right that no foundation whatsoever in the realms of what is moral or philisophical. The right being created is one that subjects the rights of an individual; like the right to free speech. Whether you call this attempt at making a right a right, is all a matter of schmantics.
Your statement would read better, "natural rights cannot be created," since artificial rights can and are created.
Which goes to prove the splintered state of Christianity. The problem is that Christianity splintered early on. And with out new revelation on the subject, it is impossiable to decide which tradition is correct on the topics. Additionally, some of the early Christian Fathers are considered to be heretical depending on which tradition is being followed.
Revelations has several major schools of thought regarding interpetation. Some susbcribe to the view that the events have already happened. However, most Christians in general subscribe to the future events theory. Yet there is even a theory of them being blended.
The real question is how much of the Church was preserved in current Christian teachings. With all the splinter and forking that happened in the period after the apostles, and the fact that the writings are scarce and damaged, it is hard for anyone to truely be able to say that this book is canonical and this one is not.
Which brings me back to the view of my traditiion, stating that revelation is required in order for anyone to know what is truth when it comes to Christian thought. Personal revelation, or obtaining from God himself, confirmation or divine light is essential to know.
End-time-ish refers to the state of the world preceeding the Apocolys. Pretty much the entire world will be choas with plenty of death, destruction, scourging plaques, etc. One of the things that Christians are looking for is the "Beast." The Beast symbolicly represents some person, group of persons or nation that rises and requires everyone to have its mark on their forehead or their right arm. The mark will have the number 666 in it. Christians tend to get a little nerveous whenever they see anything that looks even remotely like the mark of the Beast. One of the consquences of not having the mark of the Beast during the end-times is that people will not be able to buy or sell. If your curious, refer to Revelations Chapter 13.
Asside from the end-time-ish issues, which I share, I have a huge issue with having a permanent solution like an inbedded RFID tag. Why on earth would I want anybody with an RFID reader to figure out who I am. Besides, what happens if a guy reads your tag and then does a verbatium bit copy of what is read off your tag to another tag? Does that mean you need a new one. There is a post below which suggests a watch. I would go for that. Because at least with something detatchable you can always just walk away and be done with it. Taking a razor and slicing my arm open to get rid of the tag is just not cool for when you want to be annonymous.
Maybe not for the computer nerd. But for the nerd that is fixing someone else's computer this may be a dream come true. In smaller towns where there isn't a computer shop, or where the computer shop charges such outrageous fees, it could provide a cost effective, fast way to fix a computer. I can think of countless times that I have been fixing a friend's computer and the computer places are closed. Half the time I fix someone's computer I throw in a component that I wouldn't use in my own computer -- i.e. a low end video card, etc. With Wal-mart providing the low end components that your looking for, at a cheap price, why not?
But I would seriously expect the products at Wal-mart and the small business guy not to compare well. Big-box stores like Wal-mart, Home Depot, etc, are known for playing games with margins. For example if your looking at items like garden products, there is a product for Wal-mart and one for everyone else -- don't believe me, go into your local nursery and look at the Scott's lawn fertilizer, and then go to Wal-mart. The products will compare differently on ingredients, volume, percentages and prices. But they packaging will look nearly exactly the same, except for the declarations which will be different. For real kicks, ask the nurseryman what the difference is between what Wal-mart has and the nursery. So if Wal-mart can take something that is really expensive out or reduce it, then Wal-mart can lower the price and kill competition on margin. When I was working at as a Garden Center manager I wouldn't even compete with Wal-mart on anything they sold. The products would look exactly the same, but when you looks at the specs, they are very different. But Joe Sixpack doesn't know the difference and half the time care. So why would I carry something that will be twice as expensive as Wal-mart if the customer doesn't care enough to find out why I was more expensive? Wal-mart pushed me to carry high to elite-end (i.e. golf course grade) grade products and it allowed me to make the company a lot of money.
What I found was that Wal-mart carrying the low end products brought me more business. People would stop there, and then come and see me. I attended a workshop that says that Wal-mart and other big box stores will actually increase business in the long run if the small business can survive the first three years. After the first three years, business will bounce back. But the key is that the small businesses need to provide an expert that people can talk to.
I could see the same thing happening in computer parts. Some joe who wants to do computers, stops at Wal-mart and figures out the guy behind the counter couldn't care less. Since they already have the thought about doing computers, they go to the shop that knows what they are doing. If the shop doesn't have the elitist attitude and is willing to help the guy learn a small business could make a lot of money of Wal-mart's idea.
I think state roads would have been a better analogy.
A non-neutral net would be like having state-roads that have different priorities for different states. So if your car is registered in California and you were driving in California you get all the lanes. If your car is registered in Maine and you're driving in California, then you get delegated to the shoulder. But you could buy a special 'tag' that allows you to drive on all the lanes. But your California car could also get a special 'tag' to allow it travel the fast lane. California could also reach agreements with other states that allow their drivers to drive on California roads with out restrictions.
Ah my new patient application is pending. I have titled it "A Business Model Dependant Upon Future, Undeveloped or Currently in Research and Development Techologies."
Good point. I was thinking along the lines of business/personal use. I never thought about the political issues in other countries. But it would probably scare the hell out of some pedo's.
Re:Who verifies the validity of that signature?
on
Spam Gets Personal
·
· Score: 1
Very true. But why should email be annoymous? I am a privacy freak, but at the same time, you should be able to verify the identity of the emails. Otherwise email can't and shouldn't be trusted. Right now anyone with Telnet and access to the RFC on SMTP could become whoever they wanted with out having to change their email settings. And if I want to Telnet hop I could effectively obfuscate where the email came from. And that isn't very technical at that. And the only thing that might raise a flag is if the email was off the wall and raised suspicion -- i.e. becoming the University President and sending an email to one of your profs, telling him to raise your grade, or being sending an email from the boss to have your manager canned. At the very least digital certs should be required for banking and commerce sites -- and the client software should read the cert display who the cert is from instead of saying that it is signed.
Okay, I am getting tired of these delays. If I hadn't seen a beta, I would claim that Vista is vaporware. How many times does this make that it has been delayed? Maybe the reason for the insane specs is because by the time it gets out it will run on old, outdated computers.
If email providers would provide digital signitures for each of their clients, I think that a huge dent could be made in SPAM.
How? If all email from any provider had a digital signiture then spamming that spoofs a legit email address, or even a fake one would have to have a digital signiture. When the SPAM shows up at the server, it is then checked for a certificate. If it lacking a real certificate, then it is run to ground, or flagged as SPAM. The certs would expire after so many emails, say 500. Everytime a email is recieved, it would check it against a certificate authority that would then decrement the email's cert counter. When the cert would get down to 10% or so of the email limit, the cert authority would email the client that they need to get their new cert. You could automate the whole process in the client software if you wanted to.
Of course you would have certs that would get stolen by spyware/malware or hacking, but it would make it a lot of hacking for a spammer to get legit certs. The certs could also have predefined limits per day, for example 20 emails for a personal certs, and 100 for a business cert. Assuming that a cert exceeded the limit in a day, then the cert would be suspended for a period of time, sending all the email to people's junk box. And if a spam house wanted to set up its own domain and serve legit certs, then they would quickly get blacklisted based on domain names. Then make a change in the DNS system so each domain could define where the master cert authority is, i.e. Slashdot could have a DNS record indicating that all emails should have a cert that checks against, heaven forbid, Verisign. Domain names which are hosted could be signed by anothers. For example, if you have GMail for Domains, then your DNS record would indicate that emails will orginate from a gmail server, and that GMail can issue a cert for your account. So joe@sixpack.com would indicate that gmail is authoritative for sixpack.com and has the authority to issue a cert for that account. Then gmail would be queried to see if it has a valid cert from Verisign.
The process would go something like: 1.) Users send email signed with a cert over SSL/TLS connection to ISP 2.) ISP checks the email for a cert, if it has one then it is passed on to its destination 3.) The recieving server checks the email for a cert
a.) cert must be issued from a cert authority defined in the DNS record
b.) the cert counter is decremented by one for each email
c.) If the cert is valid, then it is passed into the inbox
d.) others get sorted whether signed but invalid, signed but suspended, and unsigned 4.) The user has the cert reverified upon checking in case the cert was valid when recieved but is suspended when recieved by the user.
Essentailly this idea pushes the SPAM filtering to check for certs and then for domain names. Certs could be generated for BULK email messages and others for PERSONAL, BUSINESS, ACADEMIC, etc., each with an additional layer of trust. The level of trust of would be based on the maxium number of emails allowed to be sent on the cert -- so a cert that only allows say 50 emails would be trusted a lot higher than 50,000 emails.
SPAMMERs would be blacklisted from getting a cert for their domain names. Anyone who wanted to host their own domain and server email from it would have to apply for and get a cert to be a sender of emails.
I learned the lesson about the cost of open source software first hand. I use Linux on my desktop. I am the founder and the current president of a Linux Users Group. But I didn't learn the cost until I was working on a project for my school. I quickly learned that documentation and support are just as important as cost. And the lack of useable documentation and support can be very expensive.
Everything boils down to economic considerations.
If an organization has to pay someone two weeks worth of salary/benefits/etc., just to figure out a pacakge, and the competting close-source package will only take an hour to install and get running, then open source has an implied cost -- that of the persons salary. And this goes to say something about the issue of it being free.
All of us geeks can argue that FOSS is the way to go and that it is free. But fi that is the case, why do companies like Redhat and Novell get huge contracts for support? I just attended a lecture by one of the VP's of Novell. He was saying that Novell is gaining market shares because they can offer lower cost per seat and more importantly, support for the products. If FOSS is 'free' then why do organizations with otherwise competant IT directors and staff pay for contracts for support?
I will conseed to your point of paying too much. In protecting the public interest, the insurance companies profit, and boy do they profit. I would suggest a government program, but we all know how well those work. Right now I have a certain company not because of the price but because of the benefits. If I am going to have to pay $300 every six months, I am going to choose the insurance company that provides the most for that $300.
I have major problems of running credit checks against a person to determine their liability on a company. How does credit equate to how well they can drive. I have had Gieco turn me down because I had insufficent credit when I tried to sign up.
In short -- I agree that insurance companies make too much money from the public interest, and I agree the system is messed up.
No offense, but how on earth is that "insightful".
The difference between RIAA and car insurance is that car insurance is designed to protect the public interest. The analogy doesn't hold an ounce of weight. Car insurance is a civil responsability of those who own cars to protect other people on the road from bearing the weight of someone else's liability. And with the odds of getting into a car accident, it makes sense.
A RIAA tax does nothing to protect the public interest. Car insurance does.
I am currently in an undergrad degree program in Information Systems. I have been looking at getting one or two certs to suppliment my degree. The main reason that I am looking at getting a cert or two is to document my skills.
But the other day I was talking to two people and it really blew my mind. He had all the Plus certs, a variety of MS certs, and was working on the CCNA. But what shocked me was when they recommended a good book. They said that I should buy a certain book because it would only teach me what I needed to know to pass the test and nothing more. I was quite shocked at that mentality. I can understand why certain certs have lost value, especially if cert candidates just want to get the cert and not to understand the material.
Does that attitude draw the line between a degree and a cert? I have spent nearly four years trying to learn everything that I can, even to running my own projects on the side -- like a honeynet -- for courosity's sake. I know that my outside exploration won't get the 'alaphabet soup' recogonition, and so I have thought about a cert to prove that I know how to do something. But if that isn't the case, then why bother.
I must admit that as a future grad, I am quite reluctant to get a cert if it has no value and if an employer won't look at it. At the very least I am thinking about getting my Oracle and MAYBE my CCNA, but I don't know if it is worth it.
Slashdot Mirror
Wow....insightful. And it isn't anti-Microsoft to boot.
It wouldn't do them anygood. The database will just be an MD5 or SHA1 checksum. Copying it won't produce the actual material.
All this method will do is to catch the casual pedophile. On face value, I could see it acting as a deterent, as it would keep people from getting into it; this scheme would essential create a barrier to entry that some might not want to get into. It won't stop the hard core junkie or the ones exploiting them. They could use a method that would check out zips and rar's and other compression formats, but it will be the encryption that will break the system.
So while I do applaud the efforts of ISP's to stop them, there are far too many ways to use even low-level encryption to bypass this schema. And the other problem is that if some perverts actually uses encryption they have to know a key. I seriously doubt that Google or some other agency with enough computing power to figure out keys to decrypt files is going to spend the time and the money to get into the files.
What I could see happening is a darknet being created that uses 256-bit SSL connections, or something like it. The only way to get in is by referral, and if the site floated from IP to IP address, it would be hard to stop. Another consquence would be that pedophiles would move from those ISP's.
For even more fun do a Netcraft on the site. It isn't listed.
But if you do a DNS lookup you find that shellytherepublican.com is hosted on pjn.qsrch.net, which is owned by New.net.
More interesting is if you do a Netcraft on pjn.qsrch.net, it is hosted on FreeBSD.
Even more entertaining is that he/she fired their previous webmaster and then moved hosting provider because it wasn't hosted on a "solid Windows box" but on Linux. The new provider promised that it would be hosted on Windows, but it appears to be running on Apache and FreeBSD.
Non-authoritative answer:
shellytherepublican.com canonical name = pjn.qsrch.net.
Name: pjn.qsrch.net
Address: 64.74.134.14
Your argument assumes that married people have less friends than non-married people.
I'll also assume that you are not married.
There is a lot more to moving than merely uping a family. If you are going to quantify relationships, then I would argue that a married person needs more money. Why? Because a married person has to deal with the emotions of the family that is being moved. What about the 12 year old that doesn't want to move because of friends? Or the spouse that wants to stay near family? Or what about the fact that the family now has to reintigrate with another community? Or maybe that the parents have to relearn where the things are that their children are involved in.
I would say that the issues are sixes. If you look at the social truama experienced by the unmarried person it is no more and no less than the familial truama by the married person. It may be more visiable with the unmarried person, but the married person is going to have their fair share of stress. In stead of moving just one person and have to adjust, a married person has to move at least himself and another and more if he/she has spawned. If the couple both works, then the other spouse has to find employment as well. An unmarried person may settle in quite nicely within two months, whereas it can take a lot longer to get a family settled.
Yes and no. On the customer copy you get the last four digits of the card, but the merchant copy gets both. Where you get a problem is when the merchant give the customer a copy of the merchant copy. If you have a signiture line then you have a copy of the merchant slip.
No, for some real fun, ship a DVD to the mother of Dan Glickman...from Dan Glickman.
Dan is the MPAA CEO.
Make sure that you and your clients put the words "CONTAINS CONFIDENTAL TRADE SECRETS," on both the DVD/CD and the box. Then put a seal on the case that would indicate tampering. If they tamper with it you can argue that they violated your trade secrets, which are protected by law, and then haul them into court.
Another tactic would be putting "UNRELEASED COPYRIGHTED MATERIAL," or for a combination, put both.
If you have illegal material, then it is your problem. But if the material actually contains legitimate material then you could have some serious fun in the courts.
Because vendors haven't been given enough time. If MS had planned and presented vendors with specs of how to interface products, then it wouldn't be so bad. But when things keep changing, people get irritated.
Rights are "recognized." China for example does not recognize "Freedom of Speech" as a right.
However, rights can be created, when there isn't one. But what it really boils down to is what are our rights. If our right is to act completely in our own self interest and to impunge the rights of others, then where does one person's rights end and another person's right begin? For example, I have a right to be free and the right to make my own choices. Does that mean when I excerise a right to make choices and I rob a store that my right to be free should trump the punishment?
Part of existing in society is that rights are surrendered for saftey, security and the benefit of being a member of society. Screaming about rights and the need to have every one recognized by society is reckless and illresponsable. Some "natural rights" that society may restrict may be for the overall security and benefit of the people based on the values of that society. If a society values security then it may surrender the right to privacy.
What the ArsTechnica article was implying is that an artifical right was being created -- a right that no foundation whatsoever in the realms of what is moral or philisophical. The right being created is one that subjects the rights of an individual; like the right to free speech. Whether you call this attempt at making a right a right, is all a matter of schmantics.
Your statement would read better, "natural rights cannot be created," since artificial rights can and are created.
Which goes to prove the splintered state of Christianity. The problem is that Christianity splintered early on. And with out new revelation on the subject, it is impossiable to decide which tradition is correct on the topics. Additionally, some of the early Christian Fathers are considered to be heretical depending on which tradition is being followed.
Revelations has several major schools of thought regarding interpetation. Some susbcribe to the view that the events have already happened. However, most Christians in general subscribe to the future events theory. Yet there is even a theory of them being blended.
The real question is how much of the Church was preserved in current Christian teachings. With all the splinter and forking that happened in the period after the apostles, and the fact that the writings are scarce and damaged, it is hard for anyone to truely be able to say that this book is canonical and this one is not.
Which brings me back to the view of my traditiion, stating that revelation is required in order for anyone to know what is truth when it comes to Christian thought. Personal revelation, or obtaining from God himself, confirmation or divine light is essential to know.
End-time-ish refers to the state of the world preceeding the Apocolys. Pretty much the entire world will be choas with plenty of death, destruction, scourging plaques, etc. One of the things that Christians are looking for is the "Beast." The Beast symbolicly represents some person, group of persons or nation that rises and requires everyone to have its mark on their forehead or their right arm. The mark will have the number 666 in it. Christians tend to get a little nerveous whenever they see anything that looks even remotely like the mark of the Beast. One of the consquences of not having the mark of the Beast during the end-times is that people will not be able to buy or sell. If your curious, refer to Revelations Chapter 13.
Asside from the end-time-ish issues, which I share, I have a huge issue with having a permanent solution like an inbedded RFID tag. Why on earth would I want anybody with an RFID reader to figure out who I am. Besides, what happens if a guy reads your tag and then does a verbatium bit copy of what is read off your tag to another tag? Does that mean you need a new one. There is a post below which suggests a watch. I would go for that. Because at least with something detatchable you can always just walk away and be done with it. Taking a razor and slicing my arm open to get rid of the tag is just not cool for when you want to be annonymous.
Maybe not for the computer nerd. But for the nerd that is fixing someone else's computer this may be a dream come true. In smaller towns where there isn't a computer shop, or where the computer shop charges such outrageous fees, it could provide a cost effective, fast way to fix a computer. I can think of countless times that I have been fixing a friend's computer and the computer places are closed. Half the time I fix someone's computer I throw in a component that I wouldn't use in my own computer -- i.e. a low end video card, etc. With Wal-mart providing the low end components that your looking for, at a cheap price, why not?
But I would seriously expect the products at Wal-mart and the small business guy not to compare well. Big-box stores like Wal-mart, Home Depot, etc, are known for playing games with margins. For example if your looking at items like garden products, there is a product for Wal-mart and one for everyone else -- don't believe me, go into your local nursery and look at the Scott's lawn fertilizer, and then go to Wal-mart. The products will compare differently on ingredients, volume, percentages and prices. But they packaging will look nearly exactly the same, except for the declarations which will be different. For real kicks, ask the nurseryman what the difference is between what Wal-mart has and the nursery. So if Wal-mart can take something that is really expensive out or reduce it, then Wal-mart can lower the price and kill competition on margin. When I was working at as a Garden Center manager I wouldn't even compete with Wal-mart on anything they sold. The products would look exactly the same, but when you looks at the specs, they are very different. But Joe Sixpack doesn't know the difference and half the time care. So why would I carry something that will be twice as expensive as Wal-mart if the customer doesn't care enough to find out why I was more expensive? Wal-mart pushed me to carry high to elite-end (i.e. golf course grade) grade products and it allowed me to make the company a lot of money.
What I found was that Wal-mart carrying the low end products brought me more business. People would stop there, and then come and see me. I attended a workshop that says that Wal-mart and other big box stores will actually increase business in the long run if the small business can survive the first three years. After the first three years, business will bounce back. But the key is that the small businesses need to provide an expert that people can talk to.
I could see the same thing happening in computer parts. Some joe who wants to do computers, stops at Wal-mart and figures out the guy behind the counter couldn't care less. Since they already have the thought about doing computers, they go to the shop that knows what they are doing. If the shop doesn't have the elitist attitude and is willing to help the guy learn a small business could make a lot of money of Wal-mart's idea.
I think state roads would have been a better analogy.
A non-neutral net would be like having state-roads that have different priorities for different states. So if your car is registered in California and you were driving in California you get all the lanes. If your car is registered in Maine and you're driving in California, then you get delegated to the shoulder. But you could buy a special 'tag' that allows you to drive on all the lanes. But your California car could also get a special 'tag' to allow it travel the fast lane. California could also reach agreements with other states that allow their drivers to drive on California roads with out restrictions.
Ah my new patient application is pending. I have titled it "A Business Model Dependant Upon Future, Undeveloped or Currently in Research and Development Techologies."
:)
BTW, your company is violating my IP.
Good point. I was thinking along the lines of business/personal use. I never thought about the political issues in other countries. But it would probably scare the hell out of some pedo's.
Very true. But why should email be annoymous? I am a privacy freak, but at the same time, you should be able to verify the identity of the emails. Otherwise email can't and shouldn't be trusted. Right now anyone with Telnet and access to the RFC on SMTP could become whoever they wanted with out having to change their email settings. And if I want to Telnet hop I could effectively obfuscate where the email came from. And that isn't very technical at that. And the only thing that might raise a flag is if the email was off the wall and raised suspicion -- i.e. becoming the University President and sending an email to one of your profs, telling him to raise your grade, or being sending an email from the boss to have your manager canned. At the very least digital certs should be required for banking and commerce sites -- and the client software should read the cert display who the cert is from instead of saying that it is signed.
LOL...that has to be one of the funniest comments I have seen in a long time.
Okay, I am getting tired of these delays. If I hadn't seen a beta, I would claim that Vista is vaporware. How many times does this make that it has been delayed? Maybe the reason for the insane specs is because by the time it gets out it will run on old, outdated computers.
If email providers would provide digital signitures for each of their clients, I think that a huge dent could be made in SPAM.
How? If all email from any provider had a digital signiture then spamming that spoofs a legit email address, or even a fake one would have to have a digital signiture. When the SPAM shows up at the server, it is then checked for a certificate. If it lacking a real certificate, then it is run to ground, or flagged as SPAM. The certs would expire after so many emails, say 500. Everytime a email is recieved, it would check it against a certificate authority that would then decrement the email's cert counter. When the cert would get down to 10% or so of the email limit, the cert authority would email the client that they need to get their new cert. You could automate the whole process in the client software if you wanted to.
Of course you would have certs that would get stolen by spyware/malware or hacking, but it would make it a lot of hacking for a spammer to get legit certs. The certs could also have predefined limits per day, for example 20 emails for a personal certs, and 100 for a business cert. Assuming that a cert exceeded the limit in a day, then the cert would be suspended for a period of time, sending all the email to people's junk box. And if a spam house wanted to set up its own domain and serve legit certs, then they would quickly get blacklisted based on domain names. Then make a change in the DNS system so each domain could define where the master cert authority is, i.e. Slashdot could have a DNS record indicating that all emails should have a cert that checks against, heaven forbid, Verisign. Domain names which are hosted could be signed by anothers. For example, if you have GMail for Domains, then your DNS record would indicate that emails will orginate from a gmail server, and that GMail can issue a cert for your account. So joe@sixpack.com would indicate that gmail is authoritative for sixpack.com and has the authority to issue a cert for that account. Then gmail would be queried to see if it has a valid cert from Verisign.
The process would go something like:
1.) Users send email signed with a cert over SSL/TLS connection to ISP
2.) ISP checks the email for a cert, if it has one then it is passed on to its destination
3.) The recieving server checks the email for a cert
a.) cert must be issued from a cert authority defined in the DNS record
b.) the cert counter is decremented by one for each email
c.) If the cert is valid, then it is passed into the inbox
d.) others get sorted whether signed but invalid, signed but suspended, and unsigned
4.) The user has the cert reverified upon checking in case the cert was valid when recieved but is suspended when recieved by the user.
Essentailly this idea pushes the SPAM filtering to check for certs and then for domain names. Certs could be generated for BULK email messages and others for PERSONAL, BUSINESS, ACADEMIC, etc., each with an additional layer of trust. The level of trust of would be based on the maxium number of emails allowed to be sent on the cert -- so a cert that only allows say 50 emails would be trusted a lot higher than 50,000 emails.
SPAMMERs would be blacklisted from getting a cert for their domain names. Anyone who wanted to host their own domain and server email from it would have to apply for and get a cert to be a sender of emails.
I learned the lesson about the cost of open source software first hand. I use Linux on my desktop. I am the founder and the current president of a Linux Users Group. But I didn't learn the cost until I was working on a project for my school. I quickly learned that documentation and support are just as important as cost. And the lack of useable documentation and support can be very expensive.
Everything boils down to economic considerations.
If an organization has to pay someone two weeks worth of salary/benefits/etc., just to figure out a pacakge, and the competting close-source package will only take an hour to install and get running, then open source has an implied cost -- that of the persons salary. And this goes to say something about the issue of it being free.
All of us geeks can argue that FOSS is the way to go and that it is free. But fi that is the case, why do companies like Redhat and Novell get huge contracts for support? I just attended a lecture by one of the VP's of Novell. He was saying that Novell is gaining market shares because they can offer lower cost per seat and more importantly, support for the products. If FOSS is 'free' then why do organizations with otherwise competant IT directors and staff pay for contracts for support?
I will conseed to your point of paying too much. In protecting the public interest, the insurance companies profit, and boy do they profit. I would suggest a government program, but we all know how well those work. Right now I have a certain company not because of the price but because of the benefits. If I am going to have to pay $300 every six months, I am going to choose the insurance company that provides the most for that $300.
I have major problems of running credit checks against a person to determine their liability on a company. How does credit equate to how well they can drive. I have had Gieco turn me down because I had insufficent credit when I tried to sign up.
In short -- I agree that insurance companies make too much money from the public interest, and I agree the system is messed up.
No offense, but how on earth is that "insightful".
The difference between RIAA and car insurance is that car insurance is designed to protect the public interest. The analogy doesn't hold an ounce of weight. Car insurance is a civil responsability of those who own cars to protect other people on the road from bearing the weight of someone else's liability. And with the odds of getting into a car accident, it makes sense.
A RIAA tax does nothing to protect the public interest.
Car insurance does.
I am currently in an undergrad degree program in Information Systems. I have been looking at getting one or two certs to suppliment my degree. The main reason that I am looking at getting a cert or two is to document my skills.
But the other day I was talking to two people and it really blew my mind. He had all the Plus certs, a variety of MS certs, and was working on the CCNA. But what shocked me was when they recommended a good book. They said that I should buy a certain book because it would only teach me what I needed to know to pass the test and nothing more. I was quite shocked at that mentality. I can understand why certain certs have lost value, especially if cert candidates just want to get the cert and not to understand the material.
Does that attitude draw the line between a degree and a cert? I have spent nearly four years trying to learn everything that I can, even to running my own projects on the side -- like a honeynet -- for courosity's sake. I know that my outside exploration won't get the 'alaphabet soup' recogonition, and so I have thought about a cert to prove that I know how to do something. But if that isn't the case, then why bother.
I must admit that as a future grad, I am quite reluctant to get a cert if it has no value and if an employer won't look at it. At the very least I am thinking about getting my Oracle and MAYBE my CCNA, but I don't know if it is worth it.
What do you guys think?