With not quite a million slashdot anonymous cowards, that Bureau of Labor Statistic makes for more than all the software developers, I&T guys, database report wizards and embedded software engineers by twice here in U.S of A (not to mention outside world).
Yes, you may be a lowly I&T worker; but you probably should not be worthy of posting ludicrous assumptions at Slashdot.
And Ah, 95% of slashdot readers are Microsoft involved? Mmmmm. I put money down that this is closer to 85% or less that the readers are deeply involved in Microsoft-specific stuff than they would be deeper in Unix.
Try working 60-80 hours a week as a Sr. Embedded Software Engineer for 22 years at top-notched startup companies, so that experience becomes you.
So, are the ordinary Internet user with virus checker protected against the following?
1. Dynamic code unrolling (privatized unzip algorithm) 2. Stack corruption opportunity hijacker 3. stealth trojan distribution 4. encrypted homing control channel 5. subervise subchannel carrier over TCP or IP option field or unused media bits?
Then you would have to use NetBSD operating system (latest and greatest in security).
The CCD needs to be of high-resolution (greater than 15 megapixels) alongside with zooming lens and a 24/7 staff of camera operators in order to garner sufficient pixel details necessary for adequate facial resolution.
Don't forget, the best evasion technique against this cutup is a simple New Orlean masquerade mask.
Oh yes, want night-time survelliance and target-elimination? Don't forget a infrared laser with remote-control software-adjustable variable beam-width lenses.
Come on... Slapping a 2 megapixel and a fixed lens together isn't going to cut it.
The first thing I did was made a sendmail milter that does exactly the validation of "FROM:".
I ran into trouble in various areas:
1. AO-Hell now has a non-RFC mail server
2. Yahoo "blindly" approves ANY "FROM:" test
3. MSN "blindly" approves ANY "FROM:" test
4. Majordomo may not validate their own "FROM:"
5. Nothing prevents SPAM'r from "assuming" a valid email address (heck, they have 1 billion to pick from... identity theft here, YES!)
6. Any attempt to tie DNS MX to the "FROM:" will break the following:
a. mobile IP
b. legitimate "forwarder"
c. NAT environment
d. valid SMTP-Relay link
e. Backup SMTP server
So, my work is also a work-in-progress, but I see the barriers. This is a stretch but I continue to use it nonetheless because the benefit far outweighs the risks of dropped legitimate mail.
The Finger protocol only protects the end-user against "hit-and-run" spammer (fake FROM:), but not the well-entrenched corporate spammers (real FROM:).
The last trick up my sleeve is the "WHITELIST" with folding cash-hash challenge or "please type what you see" LARGE TIFF images.
-- Hang the Spammer from the highest yardarm! -- Uncertainity breeds doubts. So, by always assuming, you'll be right most of the time and look like a genius.
1. Listen to a baby cry over your neighbors' baby monitor. 2. Neighbor humping a lover in front of their baby monitor 3. Transmitting "Hey, that's my wife; I'm going to blow your balls off!" 4. Watch them scatter
I'm sorry. This is a definite prior-art by truly me.
We all gain, and MailBlock loses.
Reverse checking on senders address is flawed
on
Spam, Milord
·
· Score: 1
The first thing I did was made a sendmail milter that does exactly the validation of "FROM:".
I ran into trouble in various areas:
1. AO-Hell now has a non-RFC mail server
2. Yahoo "blindly" approves ANY "FROM:" test
3. MSN "blindly" approves ANY "FROM:" test
4. Majordomo may not validate their own "FROM:"
5. Nothing prevents SPAM'r from "assuming" a valid email address (heck, they have 1 billion to pick from... identity theft here, YES!)
6. Any attempt to tie DNS MX to the "FROM:" will break the following:
a. mobile IP
b. legitimate "forwarder"
c. NAT environment
d. valid SMTP-Relay link
e. Backup SMTP server
So, my work is also a work-in-progress, but I see the barriers. This is a stretch but I continue to use it nonetheless because the benefit far outweighs the risks of dropped legitimate mail.
The last trick up my sleeve is the "WHITELIST" with folding cash-hash challenge or "please type what you see" LARGE TIFF images.
What's the difference between Microsoft's dual-caste system and the U.S. military contractors' multi-tier caste system?
We've got grey (blah) badge (unclassified), the green(-with-envy) badge (secret), the red (hot) badge (top-secret) and the oh so coveted black (bag) badge (ultra-secret).
I didn't lunched with anyone outside my caste system out of fear that we might have downwardly leaked classified information inadvertly (or not!)
So what if Microsoft is getting paranoid?
What's the bloody difference?
Openness of common software leads the way to nirvana.
The ultimate barrier to spam bots is to instruct 1st-timer to read a generated PNG image that are "wispy" and "flowery" and to make sender eye-ball the information and then forward it back as instructed in the PNG.
For legitimate bulk-mailer, sorry. THat is user's responsibility to add the bulk-mailer's address to the white-list.
In order to make it prohibitively expensive for the Spammer, one has to enforce (or goad) spammer's human-intervention.
Using the spammer's last SMTP protocol leg, before your mail server closes it, why not do the following:
By not letting go of the (would-be spammer's) SMTP connection, one can consult the mail recipient white list. From an unknown sender, instead, save the entire email in a holding queue and send back the following SMTP error message:
550 This is the first time you have contacted john@private-mailbox.net. To ensure that the email you have just sent reaches "john" and that you are not a spam robot, please send another email to the same email address with a Subject of "MD5-12312AFCD7654." Once done, you (i-am-not-a-spammer@goat.cx) will never get this message again from and "john" will finally get your email.
With a marriage of sendmailMILTER and Tagged Message Delivery Agent, one can shift the burden of automating the mail recipient white list back to the sender (like ICQ does).
With a tweak of the last leg of SMTP protocol, we, the email users, will have control over what is 200 and what is 5-f@cking-50.
What say you?
- Shamelessly ripped from the Seinfield TV episode "Soup Nazi."
I've helped worked on the DSL Linux Driver for an Efficient Network 3010 DSL PCI adapter card and we had the exact same problem only this time, it was Alcatel MicroElectronic Legal that refused to release us from our Non-Disclosure Agreement with them.
Alcatel MicroElectronic was probably trying to save Alcatel Network's StingRay from losing its marketing edge (they lost anyway).
Henceforth, we're were restricted to providing the kernel-specific modules (Linux 2.4.8)
And worst, 3010 fell into obvilion (like it should) because it was a WIN-MODEM!
People, the costs of parallelizing a given problem are LARGE.
My point exactly. Our world's science community's focus should be applying the fantastic Moore's Law toward doubling the progress of Neural Science every year and a half (never mind the Beowulf parallelism).
NEURAL plus LOGIC
Once the Neural Science technology has reach our brain capability and we couple this with flawless and forgetless logic of our existing computing world, our lives will be changed forever. That itself, its as powerful as E=mc2.
Slashdot Mirror
With not quite a million slashdot anonymous cowards, that Bureau of Labor Statistic makes for more than all the software developers, I&T guys, database report wizards and embedded software engineers by twice here in U.S of A (not to mention outside world).
Yes, you may be a lowly I&T worker; but you probably should not be worthy of posting ludicrous assumptions at Slashdot.
And Ah, 95% of slashdot readers are Microsoft involved? Mmmmm. I put money down that this is closer to 85% or less that the readers are deeply involved in Microsoft-specific stuff than they would be deeper in Unix.
Try working 60-80 hours a week as a Sr. Embedded Software Engineer for 22 years at top-notched startup companies, so that experience becomes you.
Oooooooooo aaaaaaahhhhhh...
The thrill of exospheric wake boarding must exceed those of ordinary sky-diving.
Wait til one hits the cable on the way down.
Oh dear...
First, a poster of someone else's face (facial recognition evasion).
Second, the goey fingerprint duplicator,
now this walk-by signature hacker on a PDA?
What would be next?
Hijacking IRIS pattern (simply stareing at the bathroom mirror)?
Stolen DNA pattern?
There is no solid defense against unrevokable but stolen biometric parameters.
They can pry my LAN from my cold dead hands.
-- Internet addict.
So, are the ordinary Internet user with virus checker protected against the following?
1. Dynamic code unrolling (privatized unzip algorithm)
2. Stack corruption opportunity hijacker
3. stealth trojan distribution
4. encrypted homing control channel
5. subervise subchannel carrier over TCP or IP option field or unused media bits?
Then you would have to use NetBSD operating system (latest and greatest in security).
This is a classical Darwinism trait. Survival of the fittess. And SCO Group, Inc. sure aren't looking very fit at the moment.
SCO needs to just roll over so I can cash in on my short orders at the NASDAQ.
Of course, it doesn't work...
The CCD needs to be of high-resolution (greater than 15 megapixels) alongside with zooming lens and a 24/7 staff of camera operators in order to garner sufficient pixel details necessary for adequate facial resolution.
Don't forget, the best evasion technique against this cutup is a simple New Orlean masquerade mask.
Oh yes, want night-time survelliance and target-elimination? Don't forget a infrared laser with remote-control software-adjustable variable beam-width lenses.
Come on... Slapping a 2 megapixel and a fixed lens together isn't going to cut it.
Looks like you are on your own.
There is always DNS-SEC that you (or you brain-dead ISP) can implement
And don't forget the following: POP3S, IMAPS, HTTPS, SSH with AES-512, SMTP/SSL and last but not finally, FreeNet (and definitely not KaZaA).
The first thing I did was made a sendmail milter that does exactly the validation of "FROM:".
I ran into trouble in various areas:
1. AO-Hell now has a non-RFC mail server
2. Yahoo "blindly" approves ANY "FROM:" test
3. MSN "blindly" approves ANY "FROM:" test
4. Majordomo may not validate their own "FROM:"
5. Nothing prevents SPAM'r from "assuming" a valid email address (heck, they have 1 billion to pick from... identity theft here, YES!)
6. Any attempt to tie DNS MX to the "FROM:" will break the following:
a. mobile IP
b. legitimate "forwarder"
c. NAT environment
d. valid SMTP-Relay link
e. Backup SMTP server
So, my work is also a work-in-progress, but I see the barriers. This is a stretch but I continue to use it nonetheless because the benefit far outweighs the risks of dropped legitimate mail.
The Finger protocol only protects the end-user against "hit-and-run" spammer (fake FROM:), but not the well-entrenched corporate spammers (real FROM:).
The last trick up my sleeve is the "WHITELIST" with folding cash-hash challenge or "please type what you see" LARGE TIFF images.
--
Hang the Spammer from the highest yardarm!
-- Uncertainity breeds doubts. So, by always assuming, you'll be right most of the time and look like a genius.
1. Listen to a baby cry over your neighbors' baby monitor.
2. Neighbor humping a lover in front of their baby monitor
3. Transmitting "Hey, that's my wife; I'm going to blow your balls off!"
4. Watch them scatter
I'm sorry. This is a definite prior-art by truly me.
We all gain, and MailBlock loses.
The first thing I did was made a sendmail milter that does exactly the validation of "FROM:".
I ran into trouble in various areas:
1. AO-Hell now has a non-RFC mail server
2. Yahoo "blindly" approves ANY "FROM:" test
3. MSN "blindly" approves ANY "FROM:" test
4. Majordomo may not validate their own "FROM:"
5. Nothing prevents SPAM'r from "assuming" a valid email address (heck, they have 1 billion to pick from... identity theft here, YES!)
6. Any attempt to tie DNS MX to the "FROM:" will break the following:
a. mobile IP
b. legitimate "forwarder"
c. NAT environment
d. valid SMTP-Relay link
e. Backup SMTP server
So, my work is also a work-in-progress, but I see the barriers. This is a stretch but I continue to use it nonetheless because the benefit far outweighs the risks of dropped legitimate mail.
The last trick up my sleeve is the "WHITELIST" with folding cash-hash challenge or "please type what you see" LARGE TIFF images.
--
Hang the Spammer from the highest yardarm!
I'd be more than willing to take another RFC regarding the closure of empty localname being restricted to in conjunction with Postmaster.
Mail From:
Rcpt to: Postmaster
That should fix it all.
What's the difference between Microsoft's dual-caste system and the U.S. military contractors' multi-tier caste system?
We've got grey (blah) badge (unclassified), the green(-with-envy) badge (secret), the red (hot) badge (top-secret) and the oh so coveted black (bag) badge (ultra-secret).
I didn't lunched with anyone outside my caste system out of fear that we might have downwardly leaked classified information inadvertly (or not!)
So what if Microsoft is getting paranoid?
What's the bloody difference?
Openness of common software leads the way to nirvana.
The ultimate barrier to spam bots is to instruct 1st-timer to read a generated PNG image that are "wispy" and "flowery" and to make sender eye-ball the information and then forward it back as instructed in the PNG.
For legitimate bulk-mailer, sorry. THat is user's responsibility to add the bulk-mailer's address to the white-list.
Seems pretty solid so far?
Using the spammer's last SMTP protocol leg, before your mail server closes it, why not do the following:
By not letting go of the (would-be spammer's) SMTP connection, one can consult the mail recipient white list. From an unknown sender, instead, save the entire email in a holding queue and send back the following SMTP error message:
With a marriage of sendmail MILTER and Tagged Message Delivery Agent, one can shift the burden of automating the mail recipient white list back to the sender (like ICQ does).
With a tweak of the last leg of SMTP protocol, we, the email users, will have control over what is 200 and what is 5-f@cking-50.
What say you?
- Shamelessly ripped from the Seinfield TV episode "Soup Nazi."
When ISA faces competition from PCI, the ISA-only organizations sued the hell out of everybody.
When PCI-X faces competition from Firewire, AGP, Serial ATA and the lowly USBv2.0, the PCI-only organization sued the hell out of everybody.
Seems like when an organization is about dying off, they sue the hell out of everybody. SCO, Video cards to name a few.
Smell like a trend?
(corollary)... If SCO don't keep their code currently innovative, SCO code doesn't deserve to live.
Go away, SCO... you've just committed sepuka!
0000!
Try
Vorbis Ogg
There is nothing to prevent the web site operator from lying between their teeth in setting a false P3P policy.
P3P Seal of trust? Good and strong as the weakest link of chain. Just think Thawte or Verisign.
P3P embedded in Mozilla or IE browsers? Yeah, right. Gotta see the code in order to trust the browser.
How much trust and confidence does that inspire to "We, the Web Surfers?"
None, Nothing, Na-da!
I've helped worked on the DSL Linux Driver for an Efficient Network 3010 DSL PCI adapter card and we had the exact same problem only this time, it was Alcatel MicroElectronic Legal that refused to release us from our Non-Disclosure Agreement with them.
Alcatel MicroElectronic was probably trying to save Alcatel Network's StingRay from losing its marketing edge (they lost anyway).
Henceforth, we're were restricted to providing the kernel-specific modules (Linux 2.4.8)
And worst, 3010 fell into obvilion (like it should) because it was a WIN-MODEM!
Do a traceroute against brak.slashdot.org and you'll find the response time shoots up 1500% in Cable & Wireless's Santa Clara subnet.
This isn't an Exodus problem. This is a classical C&W problem.
My point exactly. Our world's science community's focus should be applying the fantastic Moore's Law toward doubling the progress of Neural Science every year and a half (never mind the Beowulf parallelism).
NEURAL plus LOGIC
Once the Neural Science technology has reach our brain capability and we couple this with flawless and forgetless logic of our existing computing world, our lives will be changed forever. That itself, its as powerful as E=mc2.
I think IBM is going off the wrong direction in tackling Moore's Law.
We should be attempting massive parallelism instead of packing more logic per area.
Isn't that how our brain works?
Oh dear...
First, a poster of someone else's face (facial recognition evasion).
Second, the goey fingerprint duplicator,
now this walk-by signature hacker on a PDA?
What would be next?
Hijacking IRIS pattern (simply stareing at the bathroom mirror)?
Stolen DNA pattern?
There is no solid defense against unrevokable but stolen biometric parameters.