"Extortion fee?" They identified an IP address from her computer that was infringing on their copyrighted materials, and so they legally went after her. I don't see "extortion" thrown around when people are demanding to sue companies that violate the copyright of the GPL.
Who modded that as Insightful?
First, they claim they identified her computer, but there wasn't evidence provided which satisfied that claim. And as has been pointed out repeatedly (in this thread and others), blanket lawsuits like this often catch people who were completely innocent because the RIAA (or MPAA or Microsoft or whoever) doesn't check their facts.
She claims it was a friend of her son's; even if it's done with her computer, that doesn't make her liable.
It's extortion if I sue you and tell you to pay me $7,500 or face hundreds of thousands of dollars in court because I say you violated my copyright, when my claim is spurious and I didn't investigate deeply enough to determine who the actual offender was.
I just think people use the RIAA as a scapegoat too often just to justify piracy.
It's not piracy when it's Fair Use; just because I don't use their approved methods doesn't mean it's not Fair Use--piracy is about theft and stealing. And it is never stealing, since I'm not taking anything from them nor trying to sell something that doesn't belong to me.
Is it piracy when you lend a movie or book to your friend? Is it theft when your neighbor borrows your water hose? I gave a gallon of gas to a guy stranded on the side of the road--does an act become illegal because it was mostly anonymous?
Karma ph4rm3rz : will do any easy empty comment to get a rating. Any easy jokes with star wars / matrix / LoTR reference often works for a +5 rating in funny.
The internet content of today chokes on dialup. The internet content of the future will not be able to live without broadband.... so why promote expanded use of any kind of dialup?
Don't be so self-absorbed. Lots of people in the U.S. still don't have internet access at home; many don't want it. Many don't want anything more than email and the occasional browsing for information (news, sports scores, movie times, baking recipes).
"Logic" like yours is the same that pushes for insanely powerful computers just so Joe Schmoe can write and print a letter to a friend. Most people don't need it; why bother pushing it? Eventually, the internet will become an appliance like the tv or the stove--we're nowhere near that.
When a company has monopoly power in a market. Imagine Ford coming out with a car that will not start in certain supermarket parking lots, or a TV that will not show you a specific channel. Why is it Microsoft can get away with shit like this but other companies in other industries can't?
Do you own a DVD player? It's almost certainly coded for your particular "region" and cannot play DVD's from other "regions". How about a "copy protected" CD that wouldn't play in a computer, but take a Sharpie to the outer track and all is good? ATI made video cards that were identical except for firmware that crippled the "lower end" models to only use half their pipelines. Or CPU's that were encoded to run at lower speeds. Or printer cartridges that "fail" before they're out of ink.
Don't be a fucking chimp.
Microsoft gets away with it for the same reason everyone else does--moronic people keep buying the products from these companies, the companies donate to politicians to reinforce their actions in law, and the moronic people don't bother to vote or contact their politician to oppose the legislation.
AOL must list all documents relating to these chat room monitors. Have there been other reports? Have they been shuffling them from department to department and avoiding culpability for these horrendous actions? Any resistance on the part of AOL should be seen as evidence of guilt! They're trying to hide things! We must know the truth!
There are only about 70 people that can do the endorsements on campus....For some of my volunteer work, I am the clerk for one of these advisors. One of the things the advisor asked me to do was to enter in endorsements into the computer....Advisors were asked to keep the password in strict confidence, and not to disclose them to anyone, under any circumstances.
Like their student clerks? All of that whiz bang security was negated because an advisor didn't want to do the paperwork himself. Whether the password was disclosed to you or they typed it in and gave you free reign, there was no "security".
Enlightenment is where it's at. It's lightweight, fast, and has more essential features that blackbox is missing.
E is not lightweight or fast in the same way of Blackbox or Fluxbox. I've used it and it crawled. I watch other people use it and it crawls. It's very pretty and it has some nifty (but non-essential) features, but let's be realistic...
I suppose that BlackBox & IceWM might be faster then the default KDE or Gnome WM's, but performance isn't usually a big issue for me.
Some of us use computers for real work.
Window managers are definately a matter of personal taste, but I have real work to do on my boxes and I won't waste cycles on bloated DE's like KDE and Gnome. Blackbox is FAST. It's minimalist, reliable, and simple. It's not something I would get for my grandmother (or my wife) but when I need to be able to sit down at my computer and do real _work_, I could care less what the icons look like or what theme I'm using. Funtionality is different than eye candy. KDE and Gnome cater to an entirely different crowd than Blackbox and they've succumbed to trying to be everything to everyone.
Blackbox has a very strong following because it does exactly what it sets out to do. If you have the spare cycles to waste then go for something pretty, but there are lots of people for whom performance is a big issue.
I can see the benefit when I need to run a remote X application on a remote server
Or on an old laptop which needs to boot quickly to access machines across a serial terminal. Or on new desktops where I'm running multiple browsers, dozens of aterms (with screen sessions), mutt for email, xmms or realplayer for music, gaim, a half dozen company tools (not lightweight), et al.
Well, I guess "new" is relative. My "new" box is 3 years old and my "old" box is 5 years old.
If you're working together on a project, the project owns the copyright, not the indvidual authors.
As an absolute statement, that is patently false.
Usually if you are contributing to a project you transfer your copyright to the project....Any contributions you make to Moz. belong to Mozilla, not you.
Now we're in usually. Better.
One of the major concerns of this thread is the linux kernel, which is bound to a specific version (2.2?). I know that all contributors have not transfered their rights--it only takes one instance to disprove.
Unless you can get every contributor to a project to agree, you cannot change the licensing because each contributor much re-license their part.
Nothing gets done if you don't speak up. Start with the IT department; go to the dean; go to the president. If the school won't listen to you (as many don't), get your parents involved. Explain to your parents your 100% legal behavior and that this is impeding your work.
Raise hell.
Get students together; you'd be surprised what 200 students outside a dean's office can do. Be respectful, be truthful, but make it clear that you are in the right and they are in the wrong and you won't lay down until they correct it.
They'll be lucky if that's all that happens to them. Like the grandparent said; this is why we have copyright law.
They knew they were gonna get sued from the beginning. You cannot just take someone's idea and drop it verbatum onto the internet and expect to survive.
Actually, they can. Why? Ideas are an issue of patent law, not copyrights. Hasbro has a copyright on the "game board" and trademark of the name "Scrabble", but they don't own the idea. All the examples you provide are examples of an identical idea.
Should he stop selling/providing the game "as is"; yes, because he has not paid Hasbro to license it. Should he turn over profits; yes, though I think grabbing all revenue ignores the fact that he made a superior product irrespective to Hasbro's trademarks. Should he re-write the game to avoid Hasbro's copyright and trademark; yes, most people would still play the game and Hasbro might take the clue to produce a better product.
I wonder how much "confusion" existed over who was offering the game. Unless he was being deliberately deceptive (his site is down so I can't see it), I would presume a "normal person" would recognize this wasn't being presented by Hasbro.
And forget transfering the domain name; I think he should keep it if only to publicize the problems he's encountered here. That would be legitimate use.
I'm not a MS fanboy or anything, but this is a very good point. A well configured, well patched Windows machine (especially a server) isn't going to be very vulnerable.
I call bullshit.
Will it be a cakewalk to crack? No. Will it be "very vulnerable"? Yes. Why, you ask? Because there are vulnerabilities that are still unpatched years after reports. Many "minor" vulnerabilities are actually stepping stones to administrator privileges; Bugtraq has more than a few posts regarding stringing a half dozen "minor" ones together.
Can you make a Windows server secure? I don't think so--not to the degree which would be necessary, and not to the level which a *nix box could achieve with the same amount of effort (time+money). This is especially true WRT services that use IIS.
I'm not being a Linux/Unix/Be zealot--I've been a Unix admin and a Windows admin and the failure is in the design of the system. Windows was never designed (and still is not being designed) with security in mind. It's that simple and reading a few security manuals will evidence that.
Why not use the SMTP service for whomever your email address is through? Many ISP's, in retaliation to spammers who used open relays, blocked outbound connections on port 25. SMTP AUTH over SSL. Works like a charm.
Or they could run an MTA on a non-standard port. But now we're having to work twice as hard to get it working. Simply, this implementation is only meant for instances where you use a single method to send email. Sure, you can hack around it but you shouldn't have to! We need an implementation that works. This only fills a limited segment and can break the same amount--people whose "From:" doesn't match the MTA signature.
The interesting thing with 'autonomous' vanity domains is having support for 'legitimate' MX records in DNS, so a particular mail server configured with a particular cert that matches DNS
Well, yes, but I don't see how this deals with instances where you can't send through the same SMTP as your "From:" header. (1) You send me email "From: bob@myemail.com" through your cable provider; (2) my client does a DNS lookup on your "From:" header; (3) this matches the signature I found in DNS. How do we get to #3? You would have to add the public key from each and every MTA you use, which I think breaks the DomainKeys specifications--it implies a single public key, not multiple. However, by adding additional MX records for each MTA, you could dork email routing if your primary MX route goes down.
My main point is that the MTA is becoming more arbitrary and can't be matched against the "From:" header. It's not a bad concept, but it has too many holes to be used as presented.
Why not use the SMTP service for whomever your email address is through? This is one of the advantages of using signatures; if you can sign the message (or get it signed by an authorized MTA) you don't need to submit through a specific MTA, which may be blocked from where you are.
What are you talking about? You truncated my message completely out of context.
Maybe I'm missing something about DomainKeys, but if I'm using an "@aol.com" "From:" header, I need to send it through AOL's SMTP servers so that AOL can sign it; if I can't reach AOL's SMTP servers, I can't get it signed. It's that simple. Even if I can get it signed by the SMTP server of my ISP, that signature won't match my "From:" header so it fails the check on the user's end.
What are you offering as mitigating that problem?
What about users who travel? This is handled by doing the signing on your laptop.
Forgive me if I'm sounding pissy, but you're re-inforcing my point: Yahoo's DomainKeys, which is done server-side, is not comprehensive and doesn't work for people who travel.
If I have to sign it on my laptop with my personal key, that is entirely different (and much more difficult to manage) than DomainKeys.
DK (and similar schemes like IIM) are designed not to require changes on user PCs for the vanilla use cases, but they permit the user to sign if they're so equipped. So you would just sign the messages yourself, and "drop them in the nearest mailbox" (ISP).
Yes, but if it's not signed it will get dropped. That's the whole point. So it's not "drop them in the nearest mailbox" because it will look like spam--"From:" header doesn't match the signature--and get tossed.
Each user having a personal signature is a method, but it is much harder to manage. Yes, we can come up with a thousand other implementations to fill in the blanks, but that is not what was being proffered here; this discussion is about the DomainKeys implementation. So I'm confused how your response in any way mitigates the issues I presented.
This is an incomplete answer; it's something (which is better than nothing) but it lacks the punch we need.
This solution depends upon people sending email through the same company which they want to receive email. If you use any kind of webmail, then you're golden; if you're a vanilla internet user who only checks email from one location using the email address provided by your ISP, you're golden; if you're a corporate user working very similarly to the vanilla user, you're golden. But these groups are growing smaller, not larger.
Yahoo's implementation does not handle personal domains, as I send mail through my ISP's mail server but with a "From:" for my personal domain. AOL has (had?) something called "Bring Your Own Access" where you used your AOL software across another ISP. Many people have had email addresses for years, but are now moving to high speed connections with other providers. The instances where your email address does not match your ISP are numerous. Some people have suggested using the "From:" header of your SMTP service but setting your "Reply-To:" to your regular address. While this works in some cases, it causes issues with address books (most mail user agents pull "From:" not "Reply-To:"), filters (spam or otherwise), and readability.
What about SMTP-authentication? Why not use the SMTP service for whomever your email address is through? Many ISP's, in retaliation to spammers who used open relays, blocked outbound connections on port 25. Oops, that won't work.
What about users who travel? I have a laptop; at home I use one provider, at work I use a second, when I travel I use a third. I would have to configure three "From:" headers dependent upon which ISP I was using.
This is a start but its benefit is limited to your "vanilla" users. And how will it damage users who use different SMTP service than their email address? Even AOL users may be negatively impacted, and they're as vanilla as you can get. People can't get all jumpy as if this were a solid solution--it works for Yahoo and it works for Google, but those are the target audience.
Part of the problem is that while I don't trust users to keep their machines running properly, I barely trust a lot of server admins to do any better. I've seen the way a lot of servers are put together, and how often they need some really inane maintenance. It's scary. The penalty for a bad user is usually limited to affecting one or two people; the penalty for a bad admin can affect entire departments or even more.
Most companies of 100 users will have a system administrator, whether in-house or on contract, to provide workstation maintenance and support. Most companies prefer this than to entrust such care to employees. So the need for a sysadmin is already there, it's just for a different kind.
Your statements ignore basic TOC: it is often cheaper to pay for a sysadmin than to rely on users. When users maintain their own workstations, they are required to have a higher knowledge of systems, hardware and software, they must devote time to maintenance and repair which would otherwise be farmed off to the sysadmin.
In essence, it's inefficient to rely upon users to do work they aren't qualified for; it would be like asking your employees to handle electrical or plumbing tasks. Sure, just about anyone can change a light bulb or unclog a drain, but that's just the start--how long would it take them to troubleshoot an electrical short? Even if they could, they have a real job they are neglecting. Let them do their work.
How can you call the California government a conservative government? Just because Arnold is a republican? He's probably more liberal than some of the southern democrats.
s/some/most/
California is its own special blend of politics; it is a huge state both in terms of population and footprint and its people run the gammut. Schwarzenegger is quite "liberal" in social issues--he's anti-gun, pro-abortion rights, pro-gay rights. He's conservative in fiscal issues. Look around CA and you'll find lots of strange combinations of political ideology.
Compare this to the south, where people tend towards extreme social conservatism (no gays, no abortion, guns for everyone) combined with a desire for larger government fiscal investment.
Government schleps are the political ideologues, not the people.
None of this is black and white; Schwarzenegger is becoming more partisan because the Republican party is forcing him to, not necessarily because he believes that crap. This F/OSS initiative is a positive step that he's able to break away from the partisan crap and do something useful.
I have an idea. Make us want to watch the ads...then we won't filter them.
Essentially, this is the difference between spam and requested advertising. There are some commercials I want to see, but rarely. If commercials had more content and better presentation, then people would be more inclined to watch them.
A large part of the problem is volume--advertisers pay huge sums of money for a 30 second spot so that some moron can get paid a million dollars an episode. We soak up that cost at the register. But advertising time is monopolized by the few corporations who can afford such that advertisements are over-generalized and don't suit people's needs. I love Budweiser commercials, but I'd never drink the filthy shit.
Television needs to be completely restructured. No more "banner" ads during shows. No more haphazard products that I have no interest in. Lower the cost of production (both from the paychecks of executives and actors) and lower the cost of advertising time so that local businesses can get involved and companies can spend money targetting their products for specific markets.
Plenty of web sites survive because advertisements are smart and well-targetted. And pay models are a great idea, but there's no reason a season of Star Trek: TNG should cost a hundred dollars.
Like other people said, 2.4 had so many changes go in during it's "stable" life, maybe their just trying to be realistic and make 2.6 actually be more stable than 2.4 this way?
That is entirely contradictory; active development should not exist on a STABLE branch to prevent any unforeseen stability issues when introducing new code, ideas, and features.
On a STABLE branch you only want bug and security patches. People are very realistic that stable (even) Linux kernels have had serious issues, but introducing a greater amount of change is not the direction to fix it! How does adding a greater amount of change induce stability?
Relying upon vendors to sort through buggy code and release stable versions is a serious hamper to many of the people who use Linux: many individuals and groups do not use a vendor supplied kernel and this is forcing them to do additional work to ensure a) stability and b) security.
I completely fail to see how this model will encourage adoption of the 2.6 kernel by the general populace?
None of the complaint is the fault of "Linux", or even "GNU/Linux"; almost everyone complaining is trying to run:
Gnome or KDE
Mozilla or same
Open Office or same
Evolution or same
and other monstrous gui apps. NEWS FLASH: these apps are just as slow, or slower, on Windows.
It is understandable that developers code for their audience--if 75% of people have 400MHz or better with 128MB RAM or better, is it any wonder if that is a requirement? If you want to run it trimmer, you have to do a little work. The problem isn't that the work is required, the problem is that each distribution does it differently and often doesn't make it easy.
I have a 300MHz laptop with 128MB RAM and I run Debian testing ABSOLUTELY FLAWLESSLY. I'm not playing movies (though I do listen to music on it), but I use it for general work--lots of terminals, some browsers, very rarely Office. I get much better performance from Linux than I would on WinXX because Windows would load the kitchen sink before I could open an SSH app.
If you go back to older/plain applications--Netscape 4, xterm, blackbox--you're speed is much better. Don't blame Linux--blame the applications and blame the packagers. And I have no doubt that WinXX would pound my systems horribly. You know why I originally moved to Linux on my laptops? I had need to boot/shut down constantly and run on a battery while away from my desk--Linux booted in a third of the time and could run twice as long on a battery. Linux isn't the problem.
Why does anyone use Gnome or KDE? I understand they're pretty, but they're slow and over-reaching. Any window manager should suffice with a good menu. You don't need the larger crap. If you do, don't be surprised that things are slower. But don't blame Linux!
I did this with Firefox last Friday, by installing it to My Documents. As long as a program doesn't write to the registry than you can likely install it anywhere.
What about implied consent? Since you know by using the IM application that your conversation is automatically being recorded in the other party(or parties) IM application, doesn't that necessarily mean that you have consented to its recording?
I believe this is the logic used in reference to voice mail/answering machines, where it was by nature recorded and it had to be supposed that a third party could hear it.
What confuses me is that this is listed under a "wiretap" law; my understanding (common understanding?) is that a wiretap is a "man in the middle" attack where a third party "eavesdrops" on a conversation. In this case, they are applying it to one party recording their conversation with a second party. While they may want to prohibit this (two party consent) it really is separate from wiretapping.
Suns were fast not because the UltraSPARC chips were really good (they actually ku inda sucked) but because of the insanely fast memory and I/O busses in a Sun machine.
So, it wasn't the processor specifically, but THE ARCHITECTURE BUILT AROUND IT? For crying out loud, if the supporting architecture doesn't actually support you then you're not doing so well.
Additionally, the UltraSPARC processors weren't as fast as x86 but they scale much better and have no end in sight, whereas the x86 can't compete in large multiprocessor systems and are starting to show future caps in terms of power, heat, and size. Sun isn't as concerned with higher speeds so they don't get whacked with the same problems, but make a more efficient processor.
UltraSPARC being canceled is actually a good thing. It lets Sun concentrate on making good machines, and leaves the CPUs to companies who are good at making them.
The UltraSPARC isn't being cancelled, the mark V is being cancelled.
As well, who should we point to as good at making processors? Intel created a very poor design which they been able to keep pushing on quickly. They stay focused on releasing newer and faster models constantly, but the design is much poorer and has to constantly kludge itself to keep going. Intel captured the low end market and used that to push itself into higher end systems, but they hit bottlenecks that a better design could have avoided. They are not someone I would hold up as an example to be followed.
Slashdot Mirror
Who modded that as Insightful?
First, they claim they identified her computer, but there wasn't evidence provided which satisfied that claim. And as has been pointed out repeatedly (in this thread and others), blanket lawsuits like this often catch people who were completely innocent because the RIAA (or MPAA or Microsoft or whoever) doesn't check their facts.
She claims it was a friend of her son's; even if it's done with her computer, that doesn't make her liable.
It's extortion if I sue you and tell you to pay me $7,500 or face hundreds of thousands of dollars in court because I say you violated my copyright, when my claim is spurious and I didn't investigate deeply enough to determine who the actual offender was.
I just think people use the RIAA as a scapegoat too often just to justify piracy.
It's not piracy when it's Fair Use; just because I don't use their approved methods doesn't mean it's not Fair Use--piracy is about theft and stealing. And it is never stealing, since I'm not taking anything from them nor trying to sell something that doesn't belong to me.
Is it piracy when you lend a movie or book to your friend? Is it theft when your neighbor borrows your water hose? I gave a gallon of gas to a guy stranded on the side of the road--does an act become illegal because it was mostly anonymous?
Funny doesn't help your Karma.
Don't be so self-absorbed. Lots of people in the U.S. still don't have internet access at home; many don't want it. Many don't want anything more than email and the occasional browsing for information (news, sports scores, movie times, baking recipes).
"Logic" like yours is the same that pushes for insanely powerful computers just so Joe Schmoe can write and print a letter to a friend. Most people don't need it; why bother pushing it? Eventually, the internet will become an appliance like the tv or the stove--we're nowhere near that.
Do you own a DVD player? It's almost certainly coded for your particular "region" and cannot play DVD's from other "regions". How about a "copy protected" CD that wouldn't play in a computer, but take a Sharpie to the outer track and all is good? ATI made video cards that were identical except for firmware that crippled the "lower end" models to only use half their pipelines. Or CPU's that were encoded to run at lower speeds. Or printer cartridges that "fail" before they're out of ink.
Don't be a fucking chimp.
Microsoft gets away with it for the same reason everyone else does--moronic people keep buying the products from these companies, the companies donate to politicians to reinforce their actions in law, and the moronic people don't bother to vote or contact their politician to oppose the legislation.
If he's not careful, he's going to need a whole lot of cockblocking very shortly.
AOL must list all documents relating to these chat room monitors. Have there been other reports? Have they been shuffling them from department to department and avoiding culpability for these horrendous actions? Any resistance on the part of AOL should be seen as evidence of guilt! They're trying to hide things! We must know the truth!
Like their student clerks? All of that whiz bang security was negated because an advisor didn't want to do the paperwork himself. Whether the password was disclosed to you or they typed it in and gave you free reign, there was no "security".
E is not lightweight or fast in the same way of Blackbox or Fluxbox. I've used it and it crawled. I watch other people use it and it crawls. It's very pretty and it has some nifty (but non-essential) features, but let's be realistic...
Some of us use computers for real work.
Window managers are definately a matter of personal taste, but I have real work to do on my boxes and I won't waste cycles on bloated DE's like KDE and Gnome. Blackbox is FAST. It's minimalist, reliable, and simple. It's not something I would get for my grandmother (or my wife) but when I need to be able to sit down at my computer and do real _work_, I could care less what the icons look like or what theme I'm using. Funtionality is different than eye candy. KDE and Gnome cater to an entirely different crowd than Blackbox and they've succumbed to trying to be everything to everyone.
Blackbox has a very strong following because it does exactly what it sets out to do. If you have the spare cycles to waste then go for something pretty, but there are lots of people for whom performance is a big issue.
I can see the benefit when I need to run a remote X application on a remote server
Or on an old laptop which needs to boot quickly to access machines across a serial terminal. Or on new desktops where I'm running multiple browsers, dozens of aterms (with screen sessions), mutt for email, xmms or realplayer for music, gaim, a half dozen company tools (not lightweight), et al.
Well, I guess "new" is relative. My "new" box is 3 years old and my "old" box is 5 years old.
As an absolute statement, that is patently false.
Usually if you are contributing to a project you transfer your copyright to the project....Any contributions you make to Moz. belong to Mozilla, not you.
Now we're in usually. Better.
One of the major concerns of this thread is the linux kernel, which is bound to a specific version (2.2?). I know that all contributors have not transfered their rights--it only takes one instance to disprove.
Unless you can get every contributor to a project to agree, you cannot change the licensing because each contributor much re-license their part.
Damn, that so should have been modded "funny" instead of "flamebait". I guess some people just don't understand humor.
Raise hell.
Get students together; you'd be surprised what 200 students outside a dean's office can do. Be respectful, be truthful, but make it clear that you are in the right and they are in the wrong and you won't lay down until they correct it.
They knew they were gonna get sued from the beginning. You cannot just take someone's idea and drop it verbatum onto the internet and expect to survive.
Actually, they can. Why? Ideas are an issue of patent law, not copyrights. Hasbro has a copyright on the "game board" and trademark of the name "Scrabble", but they don't own the idea. All the examples you provide are examples of an identical idea.
Should he stop selling/providing the game "as is"; yes, because he has not paid Hasbro to license it. Should he turn over profits; yes, though I think grabbing all revenue ignores the fact that he made a superior product irrespective to Hasbro's trademarks. Should he re-write the game to avoid Hasbro's copyright and trademark; yes, most people would still play the game and Hasbro might take the clue to produce a better product.
I wonder how much "confusion" existed over who was offering the game. Unless he was being deliberately deceptive (his site is down so I can't see it), I would presume a "normal person" would recognize this wasn't being presented by Hasbro.
And forget transfering the domain name; I think he should keep it if only to publicize the problems he's encountered here. That would be legitimate use.
I call bullshit.
Will it be a cakewalk to crack? No. Will it be "very vulnerable"? Yes. Why, you ask? Because there are vulnerabilities that are still unpatched years after reports. Many "minor" vulnerabilities are actually stepping stones to administrator privileges; Bugtraq has more than a few posts regarding stringing a half dozen "minor" ones together.
Can you make a Windows server secure? I don't think so--not to the degree which would be necessary, and not to the level which a *nix box could achieve with the same amount of effort (time+money). This is especially true WRT services that use IIS.
I'm not being a Linux/Unix/Be zealot--I've been a Unix admin and a Windows admin and the failure is in the design of the system. Windows was never designed (and still is not being designed) with security in mind. It's that simple and reading a few security manuals will evidence that.
SMTP AUTH over SSL. Works like a charm.
Or they could run an MTA on a non-standard port. But now we're having to work twice as hard to get it working. Simply, this implementation is only meant for instances where you use a single method to send email. Sure, you can hack around it but you shouldn't have to! We need an implementation that works. This only fills a limited segment and can break the same amount--people whose "From:" doesn't match the MTA signature.
The interesting thing with 'autonomous' vanity domains is having support for 'legitimate' MX records in DNS, so a particular mail server configured with a particular cert that matches DNS
Well, yes, but I don't see how this deals with instances where you can't send through the same SMTP as your "From:" header. (1) You send me email "From: bob@myemail.com" through your cable provider; (2) my client does a DNS lookup on your "From:" header; (3) this matches the signature I found in DNS. How do we get to #3? You would have to add the public key from each and every MTA you use, which I think breaks the DomainKeys specifications--it implies a single public key, not multiple. However, by adding additional MX records for each MTA, you could dork email routing if your primary MX route goes down.
My main point is that the MTA is becoming more arbitrary and can't be matched against the "From:" header. It's not a bad concept, but it has too many holes to be used as presented.
This is one of the advantages of using signatures; if you can sign the message (or get it signed by an authorized MTA) you don't need to submit through a specific MTA, which may be blocked from where you are.
What are you talking about? You truncated my message completely out of context.
Maybe I'm missing something about DomainKeys, but if I'm using an "@aol.com" "From:" header, I need to send it through AOL's SMTP servers so that AOL can sign it; if I can't reach AOL's SMTP servers, I can't get it signed. It's that simple. Even if I can get it signed by the SMTP server of my ISP, that signature won't match my "From:" header so it fails the check on the user's end.
What are you offering as mitigating that problem?
What about users who travel?
This is handled by doing the signing on your laptop.
Forgive me if I'm sounding pissy, but you're re-inforcing my point: Yahoo's DomainKeys, which is done server-side, is not comprehensive and doesn't work for people who travel.
If I have to sign it on my laptop with my personal key, that is entirely different (and much more difficult to manage) than DomainKeys.
DK (and similar schemes like IIM) are designed not to require changes on user PCs for the vanilla use cases, but they permit the user to sign if they're so equipped. So you would just sign the messages yourself, and "drop them in the nearest mailbox" (ISP).
Yes, but if it's not signed it will get dropped. That's the whole point. So it's not "drop them in the nearest mailbox" because it will look like spam--"From:" header doesn't match the signature--and get tossed.
Each user having a personal signature is a method, but it is much harder to manage. Yes, we can come up with a thousand other implementations to fill in the blanks, but that is not what was being proffered here; this discussion is about the DomainKeys implementation. So I'm confused how your response in any way mitigates the issues I presented.
This solution depends upon people sending email through the same company which they want to receive email. If you use any kind of webmail, then you're golden; if you're a vanilla internet user who only checks email from one location using the email address provided by your ISP, you're golden; if you're a corporate user working very similarly to the vanilla user, you're golden. But these groups are growing smaller, not larger.
Yahoo's implementation does not handle personal domains, as I send mail through my ISP's mail server but with a "From:" for my personal domain. AOL has (had?) something called "Bring Your Own Access" where you used your AOL software across another ISP. Many people have had email addresses for years, but are now moving to high speed connections with other providers. The instances where your email address does not match your ISP are numerous. Some people have suggested using the "From:" header of your SMTP service but setting your "Reply-To:" to your regular address. While this works in some cases, it causes issues with address books (most mail user agents pull "From:" not "Reply-To:"), filters (spam or otherwise), and readability.
What about SMTP-authentication? Why not use the SMTP service for whomever your email address is through? Many ISP's, in retaliation to spammers who used open relays, blocked outbound connections on port 25. Oops, that won't work.
What about users who travel? I have a laptop; at home I use one provider, at work I use a second, when I travel I use a third. I would have to configure three "From:" headers dependent upon which ISP I was using.
This is a start but its benefit is limited to your "vanilla" users. And how will it damage users who use different SMTP service than their email address? Even AOL users may be negatively impacted, and they're as vanilla as you can get. People can't get all jumpy as if this were a solid solution--it works for Yahoo and it works for Google, but those are the target audience.
Most companies of 100 users will have a system administrator, whether in-house or on contract, to provide workstation maintenance and support. Most companies prefer this than to entrust such care to employees. So the need for a sysadmin is already there, it's just for a different kind.
Your statements ignore basic TOC: it is often cheaper to pay for a sysadmin than to rely on users. When users maintain their own workstations, they are required to have a higher knowledge of systems, hardware and software, they must devote time to maintenance and repair which would otherwise be farmed off to the sysadmin.
In essence, it's inefficient to rely upon users to do work they aren't qualified for; it would be like asking your employees to handle electrical or plumbing tasks. Sure, just about anyone can change a light bulb or unclog a drain, but that's just the start--how long would it take them to troubleshoot an electrical short? Even if they could, they have a real job they are neglecting. Let them do their work.
s/some/most/
California is its own special blend of politics; it is a huge state both in terms of population and footprint and its people run the gammut. Schwarzenegger is quite "liberal" in social issues--he's anti-gun, pro-abortion rights, pro-gay rights. He's conservative in fiscal issues. Look around CA and you'll find lots of strange combinations of political ideology.
Compare this to the south, where people tend towards extreme social conservatism (no gays, no abortion, guns for everyone) combined with a desire for larger government fiscal investment.
Government schleps are the political ideologues, not the people.
None of this is black and white; Schwarzenegger is becoming more partisan because the Republican party is forcing him to, not necessarily because he believes that crap. This F/OSS initiative is a positive step that he's able to break away from the partisan crap and do something useful.
Essentially, this is the difference between spam and requested advertising. There are some commercials I want to see, but rarely. If commercials had more content and better presentation, then people would be more inclined to watch them.
A large part of the problem is volume--advertisers pay huge sums of money for a 30 second spot so that some moron can get paid a million dollars an episode. We soak up that cost at the register. But advertising time is monopolized by the few corporations who can afford such that advertisements are over-generalized and don't suit people's needs. I love Budweiser commercials, but I'd never drink the filthy shit.
Television needs to be completely restructured. No more "banner" ads during shows. No more haphazard products that I have no interest in. Lower the cost of production (both from the paychecks of executives and actors) and lower the cost of advertising time so that local businesses can get involved and companies can spend money targetting their products for specific markets.
Plenty of web sites survive because advertisements are smart and well-targetted. And pay models are a great idea, but there's no reason a season of Star Trek: TNG should cost a hundred dollars.
That is entirely contradictory; active development should not exist on a STABLE branch to prevent any unforeseen stability issues when introducing new code, ideas, and features.
On a STABLE branch you only want bug and security patches. People are very realistic that stable (even) Linux kernels have had serious issues, but introducing a greater amount of change is not the direction to fix it! How does adding a greater amount of change induce stability?
Relying upon vendors to sort through buggy code and release stable versions is a serious hamper to many of the people who use Linux: many individuals and groups do not use a vendor supplied kernel and this is forcing them to do additional work to ensure a) stability and b) security.
I completely fail to see how this model will encourage adoption of the 2.6 kernel by the general populace?
- Gnome or KDE
- Mozilla or same
- Open Office or same
- Evolution or same
and other monstrous gui apps. NEWS FLASH: these apps are just as slow, or slower, on Windows.It is understandable that developers code for their audience--if 75% of people have 400MHz or better with 128MB RAM or better, is it any wonder if that is a requirement? If you want to run it trimmer, you have to do a little work. The problem isn't that the work is required, the problem is that each distribution does it differently and often doesn't make it easy.
I have a 300MHz laptop with 128MB RAM and I run Debian testing ABSOLUTELY FLAWLESSLY. I'm not playing movies (though I do listen to music on it), but I use it for general work--lots of terminals, some browsers, very rarely Office. I get much better performance from Linux than I would on WinXX because Windows would load the kitchen sink before I could open an SSH app.
If you go back to older/plain applications--Netscape 4, xterm, blackbox--you're speed is much better. Don't blame Linux--blame the applications and blame the packagers. And I have no doubt that WinXX would pound my systems horribly. You know why I originally moved to Linux on my laptops? I had need to boot/shut down constantly and run on a battery while away from my desk--Linux booted in a third of the time and could run twice as long on a battery. Linux isn't the problem.
Why does anyone use Gnome or KDE? I understand they're pretty, but they're slow and over-reaching. Any window manager should suffice with a good menu. You don't need the larger crap. If you do, don't be surprised that things are slower. But don't blame Linux!
I did this with Firefox last Friday, by installing it to My Documents. As long as a program doesn't write to the registry than you can likely install it anywhere.
I believe this is the logic used in reference to voice mail/answering machines, where it was by nature recorded and it had to be supposed that a third party could hear it.
What confuses me is that this is listed under a "wiretap" law; my understanding (common understanding?) is that a wiretap is a "man in the middle" attack where a third party "eavesdrops" on a conversation. In this case, they are applying it to one party recording their conversation with a second party. While they may want to prohibit this (two party consent) it really is separate from wiretapping.
So, it wasn't the processor specifically, but THE ARCHITECTURE BUILT AROUND IT? For crying out loud, if the supporting architecture doesn't actually support you then you're not doing so well.
Additionally, the UltraSPARC processors weren't as fast as x86 but they scale much better and have no end in sight, whereas the x86 can't compete in large multiprocessor systems and are starting to show future caps in terms of power, heat, and size. Sun isn't as concerned with higher speeds so they don't get whacked with the same problems, but make a more efficient processor.
UltraSPARC being canceled is actually a good thing. It lets Sun concentrate on making good machines, and leaves the CPUs to companies who are good at making them.
The UltraSPARC isn't being cancelled, the mark V is being cancelled.
As well, who should we point to as good at making processors? Intel created a very poor design which they been able to keep pushing on quickly. They stay focused on releasing newer and faster models constantly, but the design is much poorer and has to constantly kludge itself to keep going. Intel captured the low end market and used that to push itself into higher end systems, but they hit bottlenecks that a better design could have avoided. They are not someone I would hold up as an example to be followed.