>If you have a problem with a SpamHaus listing, there are well documented ways to go about resolving the issue and having the listing removed.
The way is well documented but impossible to use. Spamhaus blocks ranges of IP's based solely on their being part of a bank assigned to individuals by a cable internet provider. There IS NO WAY FOR INDIVIDUALS TO UNBLOCK THEMSELVES. PERIOD. The cable company must do it and they have so far not even answered my messages about the problem. If there was a decent alternative to the cable modem for low cost internet I would change providers. There isn't. I'm too far from the NOC to get DSL even if I wanted it and AT&T is evil.
>there is a public fourm where you can post about the probem and get non-spamhaus people to comment. It's called UseNet,
Post to usenet? So that non Spamhaus people can read it? First of all what is the point? As far as I know nobody is still using Usenet except moderated because the spam is so bad. Second it exposes me to a further deluge of spam since bots scan it for email addresses. How will posting in this forum have any positive effect?
>SpamHaus only rejects emails sent to SpamHaus servers. If your mail is rejected by a non-spamhaus server, then the email administrator chose to do so, knowingly, and with effort to make that happen. No MTA software comes pre-configured to use ANY blocking list.
Sure, but two thirds of the ISP's my regular correspondents use HAVE implemented blocking based on Spamhaus's public block list. They could care less if some little guy like me gets run over. In fact, I'd bet they're hoping for exactly that to happen.
Further Spamhaus's concept of blocking IP's only partly works and you don't care that only people with lots of bucks can run mail servers. If they truly wanted to reduce spam the money spent on bandwidth to host PBL's could be used to develop and publicize grey listing technology. I've implemented it and it works very well. This would significantly reduce spam and reduce the number of useless bits being sent over the internet. I can only assume they're either stupid or trying to push independent mail server operators off the net. There are corporations paying them to do it.
1. encourage people to contribute. 2. provide feedback that their contribution was received and was rationally considered. If my
idea won't work I'd like to know why. 3. provide feedback to everyone about ideas that were contributed. If they were not implemented
why? If they were show the reward the contributor got. You won't get the same seemingly good
idea over and over and your workers will become more knowledgable about the business.
This assumes your management is rational. Which is almost never a correct assumption.
It's hard to get cell calls in normal places I can't see why some paint with a little carbon dust mixed in shouldn't make a perfectly workable faraday cage.
Her actions are theft. If you really want to get into it go to her and ask for them back. If she refuses tell her the plan then go to her superiors and ask for them back. If they refuse tell them you'll go to the police and file charges. Explain calmly and rationally that "They are legally your property. The legal precendent has already been set and her actions will bring scorn, derision, and financial hardship to the school. How will your superiors feel about giving you a raise when you're incapable of smoothly running a simple school?" If they refuse do what you promised. Make sure the media hears about it. Make sure you have other students that will back up your story. The school will lie and make up reasons to blame it on you. If one of them threatens physical harm it's now theft and assault. If they actually hit you it's theft, assault, and battery. Be prepared to get a lawyer or contact the EFF/ACLU for legal help. If all this is too much for you consider just giving up and moving someplace with a higher average IQ.
In India everything is run by bribes. They won't invade your house or monitor your internet usage. It's just another way to add someone to the list of people you have to pay off to avoid being hassled.
Thanks, I hadn't seen that one:) I had seen flash workarounds before but not that one. It's still not perfect unfortunately. Flash is a serious security problem and it's not 100% available across all browsers and operating systems. My Ubuntu 64 bit OS is a perfect example.
In a roundabout sort of way it is a MITM attack, but not what would usually think of as one. They didn't really insert themselves into a legitimate tcp connection. They redirected you to their server and provided you with a convincing fake by copying responses from the target.
> The CAs trusted by Firefox are required to at least check for ownership of the domain
Yes, but their methods are flawed. This does nothing to prevent employees of that company from losing my information, stealing my information, allowing the site to be hacked and the server cert to be stolen, etc.
I'd prefer not to legitimize ANY web connection by certificates. This implies to the naive public that these people are trustworthy or untrustworthy because they've paid a fee to a CA. The internet is an inherently unsafe place and people should be reminded of it regularly. .
I believe you probably want to say 'redirection' instead of MITM attacks? I don't believe I've ever heard of a real case of one. There are plenty of redirection attacks from DNS flaws, phishing, social engineering, etc. but real MITM? Doesn't tcp MITM require you be on the same subnet somewhere along the path? It seems like it would be easier to hack into the routers and just scoop out what you're looking for. Or lots easier yet to just steal people's session cookies and masquerade as them.
Unfortunately the browser does not separate encryption and identification.
The only thing I believe certificates are useful for is establishing a reasonably trustworthy short term communications channel between myself and whomever I PERSONALLY got the certificate from (who may or may not be who they claim to be). Anything further implies unearned trust and perfectly secure systems.
I've read about several less than scrupulous cert authorities.
Even given trustworthy companies I've gotten a cert for an employer's web site and there was nothing in that process I couldn't fake easily. It's "security theatre" as one security guru puts it.
A business is not an entity I'd invest a lot of trust in anyway, even if correctly identified. It can be hacked, dumpster dove(dived?), tricked, sabotaged, incompetent, more concerned with the bottom line than morality, etc.
I get warnings from firefox that clicking on links on some pages with ajax/images are possible click jacking etc. When looking at a photographer's gallery I'm not terribly concerned. If I were at my bank site I might be. Further I have javascript turned off so it's not possible to click jack me. I'm going to check and see if this is a 'feature' of the noscript plugin instead of firefox...
The new handling of certs is worse than misguided in my opinion. Encryption DOES NOT EQUAL identification.
then they do own that work. The software that's part of that research will be considered part of what they own. If they pay you for it you don't have any "rights" to be stripped away. They can waive this clause but they will almost never do so in my experience. Most places I've worked at try to claim they own everything you produce when you work for them. If I was writing software and produced a novel their contract says they own it. In the real world however you might be able to successfully defend against that claim, depending on if the judge in the case wants to enforce the letter of the contract or use common sense. In short, you probably have no choice but to accept that contract if you want the job. YMMV
Excellent textbook on Intelligence: Marvin Minsky "The society of Mind" Check out www.numenta.com We could actually build a brain with silicon if motivated, but I think it will prove lots cheaper to use biology and re-purpose existing designs.
In these economic times there are few jobs and those there are have plenty of competition. It's certainly possible, but it won't be easy unless you work very cheap
You really need to understand what 'moral' is. If you did this wouldn't need any answers from others. Their definition would differ from yours so they would come up with unacceptable answers for you anyway.
If the object here is to ensure content producers are rewarded then obviously there's no benefit to paying for it. There will be no royalties and the publisher will receive nothing for a used book sale. Buying it will only benefit Amazon and the seller, not the content producers. The money you don't spend on that could be better used for something positive.
Slashdot Mirror
>If you have a problem with a SpamHaus listing, there are well documented ways to go about resolving the issue and having the listing removed.
The way is well documented but impossible to use. Spamhaus blocks ranges of IP's based solely on their being part of a bank assigned to individuals by a cable internet provider. There IS NO WAY FOR INDIVIDUALS TO UNBLOCK THEMSELVES. PERIOD. The cable company must do it and they have so far not even answered my messages about the problem. If there was a decent alternative to the cable modem for low cost internet I would change providers. There isn't. I'm too far from the NOC to get DSL even if I wanted it and AT&T is evil.
>there is a public fourm where you can post about the probem and get non-spamhaus people to comment. It's called UseNet,
Post to usenet? So that non Spamhaus people can read it? First of all what is the point? As far as I know nobody is still using Usenet except moderated because the spam is so bad. Second it exposes me to a further deluge of spam since bots scan it for email addresses. How will posting in this forum have any positive effect?
>SpamHaus only rejects emails sent to SpamHaus servers. If your mail is rejected by a non-spamhaus server, then the email administrator chose to do so, knowingly, and with effort to make that happen. No MTA software comes pre-configured to use ANY blocking list.
Sure, but two thirds of the ISP's my regular correspondents use HAVE implemented blocking based on Spamhaus's public block list. They could care less if some little guy like me gets run over. In fact, I'd bet they're hoping for exactly that to happen.
Further Spamhaus's concept of blocking IP's only partly works and you don't care that only people with lots of bucks can run mail servers. If they truly wanted to reduce spam the money spent on bandwidth to host PBL's could be used to develop and publicize grey listing technology. I've implemented it and it works very well. This would significantly reduce spam and reduce the number of useless bits being sent over the internet. I can only assume they're either stupid or trying to push independent mail server operators off the net. There are corporations paying them to do it.
You are either clueless or a sock puppet.
to slow or stifle competition. I saw it first more than 20 years ago.
grr! Spamhaus is a sock puppet for industry forcing little guys running mail servers off the internet.
1. encourage people to contribute.
2. provide feedback that their contribution was received and was rationally considered. If my
idea won't work I'd like to know why.
3. provide feedback to everyone about ideas that were contributed. If they were not implemented
why? If they were show the reward the contributor got. You won't get the same seemingly good
idea over and over and your workers will become more knowledgable about the business.
This assumes your management is rational. Which is almost never a correct assumption.
Worked better than cats for me. The rodents could smell them and they went elsewhere.
It's hard to get cell calls in normal places I can't see why some paint with a little carbon dust mixed in shouldn't make a perfectly workable faraday cage.
Her actions are theft. If you really want to get into it go to her and ask for them back. If she refuses tell her the plan then go to her superiors and ask for them back. If they refuse tell them you'll go to the police and file charges. Explain calmly and rationally that "They are legally your property. The legal precendent has already been set and her actions will bring scorn, derision, and financial hardship to the school. How will your superiors feel about giving you a raise when you're incapable of smoothly running a simple school?"
If they refuse do what you promised. Make sure the media hears about it. Make sure you have other students that will back up your story. The school will lie and make up reasons to blame it on you. If one of them threatens physical harm it's now theft and assault. If they actually hit you it's theft, assault, and battery. Be prepared to get a lawyer or contact the EFF/ACLU for legal help. If all this is too much for you consider just giving up and moving someplace with a higher average IQ.
Don't forget there ARE non technical solutions.
there was always an emergency that required I come in on my day off.
I was supposed to get comp time but that got forgotten about too...
YMMV
They make great steampunk lamps.
Just like you're within your rights not to buy tickets from them.
In India everything is run by bribes. They won't invade your house or monitor your internet usage. It's just another way to add someone to the list of people you have to pay off to avoid being hassled.
You're going to waste the money of the elderly on windows licenses? Shame on you.
http://www.cancer.gov/cancertopics/factsheet/risk/magnetic-fields There's a low probability of this giving you cancer.
Programming languages ARE religions.
Thanks, I hadn't seen that one :)
I had seen flash workarounds before but not that one.
It's still not perfect unfortunately. Flash is a serious security problem and it's not 100% available across all browsers and operating systems. My Ubuntu 64 bit OS is a perfect example.
Audio is very difficult to do cross browser. Sound adds a LOT to a game.
In a roundabout sort of way it is a MITM attack, but not what would usually think of as one.
They didn't really insert themselves into a legitimate tcp connection. They redirected you to their server
and provided you with a convincing fake by copying responses from the target.
> The CAs trusted by Firefox are required to at least check for ownership of the domain
Yes, but their methods are flawed. This does nothing to prevent employees of that company from losing my information, stealing my information, allowing the site to be hacked and the server cert to be stolen, etc.
I'd prefer not to legitimize ANY web connection by certificates. This implies to the naive public that these people are trustworthy or untrustworthy because they've paid a fee to a CA. The internet is an inherently unsafe place and people should be reminded of it regularly.
.
I believe you probably want to say 'redirection' instead of MITM attacks? I don't believe I've ever heard of a real case of one. There are plenty of redirection attacks from DNS flaws, phishing, social engineering, etc. but real MITM? Doesn't tcp MITM require you be on the same subnet somewhere along the path? It seems like it would be easier to hack into the routers and just scoop out what you're looking for. Or lots easier yet to just steal people's session cookies and masquerade as them.
Unfortunately the browser does not separate encryption and identification.
The only thing I believe certificates are useful for is establishing a reasonably trustworthy short term communications channel between myself and whomever I PERSONALLY got the certificate from (who may or may not be who they claim to be). Anything further implies unearned trust and perfectly secure systems.
I've read about several less than scrupulous cert authorities.
Even given trustworthy companies I've gotten a cert for an employer's web site and there was nothing in that process I couldn't fake easily. It's "security theatre" as one security guru puts it.
A business is not an entity I'd invest a lot of trust in anyway, even if correctly identified. It can be hacked, dumpster dove(dived?), tricked, sabotaged, incompetent, more concerned with the bottom line than morality, etc.
I get warnings from firefox that clicking on links on some pages with ajax/images are possible click jacking etc. When looking at a photographer's gallery I'm not terribly concerned. If I were at my bank site I might be. Further I have javascript turned off so it's not possible to click jack me. I'm going to check and see if this is a 'feature' of the noscript plugin instead of firefox...
The new handling of certs is worse than misguided in my opinion. Encryption DOES NOT EQUAL identification.
the anti click jacking code and the really miserable handling of self signed certificates is starting to really annoy me.
then they do own that work. The software that's part of that research will be considered part of what they own. If they pay you for it you don't have any "rights" to be stripped away. They can waive this clause but they will almost never do so in my experience. Most places I've worked at try to claim they own everything you produce when you work for them. If I was writing software and produced a novel their contract says they own it. In the real world however you might be able to successfully defend against that claim, depending on if the judge in the case wants to enforce the letter of the contract or use common sense. In short, you probably have no choice but to accept that contract if you want the job. YMMV
Excellent textbook on Intelligence: Marvin Minsky "The society of Mind"
Check out www.numenta.com
We could actually build a brain with silicon if motivated, but I think it will prove lots cheaper to use biology and re-purpose existing designs.
In these economic times there are few jobs and those there are have plenty of competition.
It's certainly possible, but it won't be easy unless you work very cheap
You really need to understand what 'moral' is. If you did this wouldn't need any answers from others.
Their definition would differ from yours so they would come up with unacceptable answers for you anyway.
If the object here is to ensure content producers are rewarded then obviously there's no benefit to paying for it.
There will be no royalties and the publisher will receive nothing for a used book sale. Buying it will only
benefit Amazon and the seller, not the content producers. The money you don't spend on that could be better used
for something positive.