If, for example, semen samples are taken from a woman who was raped, the DNA can be matched against her partner(s), if any and if known, to make sure it is not from them.
It would be tough if the woman had unprotected sex with six anonymous men at a sex club and was then raped on the way home.
From the article, the real issue appears to be that they make the assumption that the markers are independent of each other without having done the research.
THE ISSUES SURROUNDING genetic information in trials may soon become more complicated. The next likely controversy will concern the science of population genetics. Even if a combination of markers is rare among all people, it might appear at higher rates in some ethnic subgroups, says Conrad Gilliam, professor of genetics and development at Columbia. He testified in the 1990 case Castro v. New York State, the first in which a prosecution's attempted use of DNA data was thrown out by the court.
Suppose a murder is committed in Chinatown, Gilliam conjectures, and the police find blood samples. Certain polymorphic variants that occur frequently in Chinese people are rare in Caucasians. If these markers show up in the sample, and the police produce a Chinese suspect, a prosecutor could try to use the DNA as further evidence against him. "However," Gilliam says, "a defense attorney could argue that there could be so many local suspects with the same profile that the evidence has no bearing on the case."
If the markers were truly independent, the polymorphic variants mentioned would be random as well.
So if the above is true, the markers aren't independent and they know it.
The mail server (hosted by a friend) is configured to accept any mail addressed to that domain.
The number of bogus addresses here to which attempts are made in any 30 day period is at least an order of magnitude greater than the number of real addresses here.
The strangest is one particular address used for a short time. For some unfathomable reason, we receive e-mail every day to hundreds of varations of that address with the addition of a random 4 character string of characters immediately in front of the '@' symbol. I've never understood why we see that on that one address and on no others.
I've extracted 8,069 of those addresses from the logs (I just checked to get the correct number). Any attempt to deliver an e-mail to any of those addresses results in being added to an internal 24 hour blacklist.
If you don't count those addresses, the number of other bogus addresses to which delivery attempts are made in a 30 day period is still at least an order of magnitude greater than the number of real addresses here.
If you don't count those addresses, the number of other bogus addresses to which delivery attempts are made in a 30 day period is still at least an order of magnitude greater than the number of real addresses here.
You may have a point. However, that is such a weird use of e-mail that I'm not sure it is something that needs to be taken account of in such a scheme.
You've been made aware of the backscatter problem.
Actually, I held off doing this for a quite a while out of concern for the problem. When I started, I checked the return addresses on the non-Nigerian spams and the non-phishing scams for quite a ways back. Not a single third party address used as a from address was real.
Once I started doing this, I watched for signs of backscatter for quite a while and never found any. Also, not a single complaint has been made to the abuse or postmaster accounts, either.
But like I said elsewhere, the greylisting is likely be filtering out just about every spam or at least the vast majority of spams using other people's addresses.
Be careful that you don't become the enemy you claim to be fighting.
Not likely.
But if I did, do you think Spamford Wallace would remove me from his netscum list? (I wonder if anyone here even knows what that is.)
If I ever see any sign that I am contributing to the problem, I will stop immediately or will change what I'm doing.
So far, there is no such sign.
If the problem does start to show up, one possibility may be to start using SPF records in the checking and not respond with the PGP-required message if there is a SPF record and if the server used does not match. That wouldn't take cre of people who's e-mail addresses are from places without SPF records. In general, though, I'm sufficiently impressed with the SPF approach to use it on all incoming e-mail.
One thing that helps is that the grey-listing prefilters out much of the spam zombie sources because they either do not try again or they try again many times, but with different return or from addresses each time. So the vast majority of spam zombie spam never gets through at all.
If spam zombies were to start relaying the spam through their local mail servers, the problem would arise. But the idea of spam zombies is to hide under the radar and relaying through their service provider's servers just makes them more visible and more likely to be swatted.
If your automatic replies are never successfully delivered, then what's the point of having your system generate them?
If the only intention was to send them to spammers, you'd be right. But that's not who the messages are intended for.
The responses are succesfully delivered -- to real people who send me legitimate e-mail. They then have the option of whether to encrypt their e-mail messages, to contact me via some other method, or to just forget it.
As for the successful delivery to spammers, I really don't care if they get them or not.
A certain number of the return addresses used by the Nigerian spammers are yet to be nuked. They get the responses, but none have bothered with PGP.
There are spammers who use real servers and expect you to opt out of their spam. I think they generally ignore any responses they receive. They just keep doing what they were doing. The first time they receive the message but never actually read it. After that, their spams are just deleted without being saved.
We use sendmail on an OpenBSD server with spamd to handle the greylisting.
There is one problem with greylisting -- some legitimate servers just try once. Also, some big places with lots of servers typically don't use the same server for the next attempt to deliver a message. So we have to whitelist those.
In fact, that whitelisting is the one thing that I use spf for. For selected domains from whom we know we need to receive e-mail, we occasionally check to see if they had spf records identifying their e-mail servers. If we do, we whitelist those servers. But that only applies to a very select few domains, not for everyone.
But the recipient, it at least many cases, isn't the person who sent the message!
Other than certain addresses frequently used in phishing scams, I've never been able to identify a single real e-mail address that has received any of the responses. I watched pretty carefully for the first couple of months.
It could be that the greylisting that is so successful at avoiding the spambots is cutting out all, or nearly all, of the spam with other people's addresses in the from lines. The logs from the greylisting show tons of what are clearly spams that are never accepted.
There doesn't seem to be many spambots that handle greylisting. That kind of surprises me because they've had plenty of time to do something about it.
If I ever see this to be a problem, I'll find something else. But if I can't even find any indication that any third person has ever received one of the responses, I'm not going to worry about it.
If there is a simple way to handle this automatically from sendmail, I would be interested.
But it sounds like a whole lot of sendmail macros to handle just this one e-mail address. Or a milter to handle it.
The problem is that either macros or milters are really designed to handle site-wide policies, not that of individuals. On the other hand, procmail is geared toward handling individual policies, but by then the e-mail has already been accepted by the MTA.
The point of it is to tell any legitimate senders how they can send their e-mail to me. In the process, my spam load dropped to zero -- not a single spam has been delivered to that account since I began doing this.
Maybe one of these days I'll have enough time to figure out how to configure sendmail to do all the necessary checking.
I'm not sure I'd agree that most spam is sent as a joe job.
Certainly, Nigerian spams are rarely, if ever, sent as joe jobs. They aren't spamming a product. They want you to respond to their message to begin a series of exchanges designed to relieve you of your money. According to today's logs, which I just checked, every spam I received in the past 24 hours appears to have been a Nigerian spam.
I can tell you that there have been a few possibly legitimate e-mail addresses that have received the PGP-required notices. Addresses like online@irs.gov, confirm@paypal.com, no-reply@paypal.com, and member@e-bay.com. I'm not going to worry about those.
If a user enters the wrong email-address, we would like to know it ASAP.
We still receive spam to user accounts that were deleted years ago.
For any such e-mail accounts here that get much spam, we start filtering on those accounts and automatically add every server sending even one e-mail to any of those accounts to a 24 hour blacklist.
The responses do not contain the spam. Not as an attachment. Not as an inclusion. Nothing in the response indicates anything at all about even the subject of the original message.
The response is a simple request that they encrypt anything sent to my e-mail address.
It sounds like you send an enormous amount of backscatter [wikipedia.org], and are probably doing much more harm than good.
No.
First, the original spam is not encluded in the message. Backscatter involves bouncing the spam back to innocent parties.
Second, the response is only sent once to any one e-mail address.
Third, the Nigerian spams typically use e-mail addresses for themselves because they want you to get back to them, not to someone else. And that accounts for nearly all of my spam.
It would be much better to simply drop the connection at SMTP time
You have to read in the whole thing to be able to check for a proper signature. If the signature checking was performed by sendmail, it woiuld too late to drop the connection by the time it figured out that the message didn't contain a proper PGP signature. And it is a whole lot easier to do the checking between the time the e-mail is accepted and the time it is delivered (or not delivered) to the mailbox.
Or do like I do, and hold their connection open for a long time before actually dropping it.
Once the sender has finished sending the message it will disconnect. If you try to hold it open earlier than that, you'll never be able to determine if the e-mail is legitimate.
Oops. The first line of that should have been quoted. I screwed up "blockquote" as "blockqutoe".
Should have been
but the Geek Squad can just keep on as they have been
Only when it involves the repair of computers.
There have been reports of them going through customer computers looking for music and porn. This is certainly "investigative" in nature and could subject them to criminal penalties.
An "editing" capability would be nice for things like this.
but the Geek Squad can just keep on as they have been
Only when it involves the repair of computers.
There have been reports of them going through customer computers looking for music and porn. This is certainly "investigative" in nature and could subject them to criminal penalties.
Whenever an e-mail arrives that doesn't fit any of several criteria, an automatic response is sent asking them to please encrypt their e-mail with my publically available PGP key. Their e-mail is then deleted and I never see it.
The criteria to receive the e-mail: 1) the e-mail is encrypted with my PGP key 2) the e-mail is signed with their PGP key 3) the source e-mail address is whitelisted 4) the IP address of the source of the e-mail is whitelisted (local e-mail permitted) 5) the destination e-mail address is whitelisted. For example, if me@example.com was my e-mail address, I might whitelist me+red_cat@example.com and me+silent_trombone@example.com, each of which would be given to exactly one person. If I start receiving spam at that address, it is unwhitelisted.
It seems that the Nigerian spammers really respond to this. They don't encrypt it, but they pass the address around to each other. The last time I checked the logs, the numbers of Nigerian spams were really up.
It's about finding ways to challenge the studnets.
When I was in elementary and junior high, the school split us into classes based on academic results so far.
It worked very well. There was far less variation between the bottom and top of the class and the teachers could do a much better job of teaching to the class.
This is now deemed to be prejudicial and so the school no longer does this. The students are the losers across the board.
One of the profs who I had taken both graduate and undergraduate courses from in the 70s told me in the mid 90s that the 90s versions of the classes had substantially less theory because the students were just not ready.
From my own part time university teaching experience in mathematics and computer science, the students coming out of high school don't seem to try very hard at all. Too many of them want grades without bothering to learn anything.
Not for the movie itself, but afterwards, there were so many twerps out there war dialing everything that it wasn't unusual at times to receive two or three calls per night.
Of course, it might not have been like that everywhere. At the time, my office was across the fence from the Johnson Space Center. I suspect that any prefix in that area was considered to be a good target.
We also had several consecutive telephone numbers. When the war dialers hit the first, you could be pretty sure that they were going to hit the rest in turn.
With all the aggravation from the large numbers of calls in the middle of the night, I thought that everyone involved in that movie should be should have been strung up from the nearest tree.
I used to drive an old farm pickup most of the time. (I never had to worry about another dent in it.)
Whenever I had to park it in a high crime area, I made a big show of locking the door even though the lock did not work. But I figured if someone saw me get out and close the door behind me without locking it, they'd figure it was certainly unlocked since pickups of that vintage did not lock automatically and maybe just go after it on general principle.
I wasn't as worried about someone coming along testing the doors to see if any were unlocked. They'd probably skip it anyway.
Noone ever broke into it in spite of the several hundred dollars worth of tools under the seat.
I also used to park it next to the cafeteria on campus. If it was raining when the workers there would get off work, some of the workers would wait in it for their rides. They never stole or damaged anything so that didn't bother me at all.
I wondered how Anonymous Coward could post so many times on every topic imagineable.
All this time I've thought that it was from one very screwed up person, but now we know it is really from a bunch of people posting with your username and password.
Slashdot Mirror
If, for example, semen samples are taken from a woman who was raped, the DNA can be matched against her partner(s), if any and if known, to make sure it is not from them.
It would be tough if the woman had unprotected sex with six anonymous men at a sex club and was then raped on the way home.
Well, maybe not.
From the article, the real issue appears to be that they make the assumption that the markers are independent of each other without having done the research.
In fact, they should know better than that. From DNA as a forensic instrument:
If the markers were truly independent, the polymorphic variants mentioned would be random as well.
So if the above is true, the markers aren't independent and they know it.
In theory, we send people to prison as punishment, not for punishment.
At least, that should be our goal.
The actuality is much, much, much more horrific.
The number of bogus addresses here to which attempts are made in any 30 day period is at least an order of magnitude greater than the number of real addresses here.
The strangest is one particular address used for a short time. For some unfathomable reason, we receive e-mail every day to hundreds of varations of that address with the addition of a random 4 character string of characters immediately in front of the '@' symbol. I've never understood why we see that on that one address and on no others.
I've extracted 8,069 of those addresses from the logs (I just checked to get the correct number). Any attempt to deliver an e-mail to any of those addresses results in being added to an internal 24 hour blacklist.
If you don't count those addresses, the number of other bogus addresses to which delivery attempts are made in a 30 day period is still at least an order of magnitude greater than the number of real addresses here.
You may have a point. However, that is such a weird use of e-mail that I'm not sure it is something that needs to be taken account of in such a scheme.
Actually, I held off doing this for a quite a while out of concern for the problem. When I started, I checked the return addresses on the non-Nigerian spams and the non-phishing scams for quite a ways back. Not a single third party address used as a from address was real.
Once I started doing this, I watched for signs of backscatter for quite a while and never found any. Also, not a single complaint has been made to the abuse or postmaster accounts, either.
But like I said elsewhere, the greylisting is likely be filtering out just about every spam or at least the vast majority of spams using other people's addresses.
Not likely.
But if I did, do you think Spamford Wallace would remove me from his netscum list? (I wonder if anyone here even knows what that is.)
If I ever see any sign that I am contributing to the problem, I will stop immediately or will change what I'm doing. So far, there is no such sign. If the problem does start to show up, one possibility may be to start using SPF records in the checking and not respond with the PGP-required message if there is a SPF record and if the server used does not match. That wouldn't take cre of people who's e-mail addresses are from places without SPF records. In general, though, I'm sufficiently impressed with the SPF approach to use it on all incoming e-mail. One thing that helps is that the grey-listing prefilters out much of the spam zombie sources because they either do not try again or they try again many times, but with different return or from addresses each time. So the vast majority of spam zombie spam never gets through at all. If spam zombies were to start relaying the spam through their local mail servers, the problem would arise. But the idea of spam zombies is to hide under the radar and relaying through their service provider's servers just makes them more visible and more likely to be swatted.
If the only intention was to send them to spammers, you'd be right. But that's not who the messages are intended for.
The responses are succesfully delivered -- to real people who send me legitimate e-mail. They then have the option of whether to encrypt their e-mail messages, to contact me via some other method, or to just forget it.
As for the successful delivery to spammers, I really don't care if they get them or not.
A certain number of the return addresses used by the Nigerian spammers are yet to be nuked. They get the responses, but none have bothered with PGP.
There are spammers who use real servers and expect you to opt out of their spam. I think they generally ignore any responses they receive. They just keep doing what they were doing. The first time they receive the message but never actually read it. After that, their spams are just deleted without being saved.
Ours is pretty small, too.
We use sendmail on an OpenBSD server with spamd to handle the greylisting.
There is one problem with greylisting -- some legitimate servers just try once. Also, some big places with lots of servers typically don't use the same server for the next attempt to deliver a message. So we have to whitelist those.
In fact, that whitelisting is the one thing that I use spf for. For selected domains from whom we know we need to receive e-mail, we occasionally check to see if they had spf records identifying their e-mail servers. If we do, we whitelist those servers. But that only applies to a very select few domains, not for everyone.
Other than certain addresses frequently used in phishing scams, I've never been able to identify a single real e-mail address that has received any of the responses. I watched pretty carefully for the first couple of months.
It could be that the greylisting that is so successful at avoiding the spambots is cutting out all, or nearly all, of the spam with other people's addresses in the from lines. The logs from the greylisting show tons of what are clearly spams that are never accepted.
There doesn't seem to be many spambots that handle greylisting. That kind of surprises me because they've had plenty of time to do something about it.
If I ever see this to be a problem, I'll find something else. But if I can't even find any indication that any third person has ever received one of the responses, I'm not going to worry about it.
If there is a simple way to handle this automatically from sendmail, I would be interested.
But it sounds like a whole lot of sendmail macros to handle just this one e-mail address. Or a milter to handle it.
The problem is that either macros or milters are really designed to handle site-wide policies, not that of individuals. On the other hand, procmail is geared toward handling individual policies, but by then the e-mail has already been accepted by the MTA.
The point of it is to tell any legitimate senders how they can send their e-mail to me. In the process, my spam load dropped to zero -- not a single spam has been delivered to that account since I began doing this. Maybe one of these days I'll have enough time to figure out how to configure sendmail to do all the necessary checking. I'm not sure I'd agree that most spam is sent as a joe job. Certainly, Nigerian spams are rarely, if ever, sent as joe jobs. They aren't spamming a product. They want you to respond to their message to begin a series of exchanges designed to relieve you of your money. According to today's logs, which I just checked, every spam I received in the past 24 hours appears to have been a Nigerian spam. I can tell you that there have been a few possibly legitimate e-mail addresses that have received the PGP-required notices. Addresses like online@irs.gov, confirm@paypal.com, no-reply@paypal.com, and member@e-bay.com. I'm not going to worry about those.
We still receive spam to user accounts that were deleted years ago.
For any such e-mail accounts here that get much spam, we start filtering on those accounts and automatically add every server sending even one e-mail to any of those accounts to a 24 hour blacklist.
I'm quite familiar with backscatter.
The responses do not contain the spam. Not as an attachment. Not as an inclusion. Nothing in the response indicates anything at all about even the subject of the original message.
The response is a simple request that they encrypt anything sent to my e-mail address.
Oops. The first line of that should have been quoted. I screwed up "blockquote" as "blockqutoe".
Should have been
An "editing" capability would be nice for things like this.
Only when it involves the repair of computers.
There have been reports of them going through customer computers looking for music and porn. This is certainly "investigative" in nature and could subject them to criminal penalties.
I reply to spam automagically.
Whenever an e-mail arrives that doesn't fit any of several criteria, an automatic response is sent asking them to please encrypt their e-mail with my publically available PGP key. Their e-mail is then deleted and I never see it.
The criteria to receive the e-mail:
1) the e-mail is encrypted with my PGP key
2) the e-mail is signed with their PGP key
3) the source e-mail address is whitelisted
4) the IP address of the source of the e-mail is whitelisted (local e-mail permitted)
5) the destination e-mail address is whitelisted. For example, if me@example.com was my e-mail address, I might whitelist me+red_cat@example.com and me+silent_trombone@example.com, each of which would be given to exactly one person. If I start receiving spam at that address, it is unwhitelisted.
It seems that the Nigerian spammers really respond to this. They don't encrypt it, but they pass the address around to each other. The last time I checked the logs, the numbers of Nigerian spams were really up.
I'd much prefer working somewhere like NASA's JPL (Jet Propulsion Labratory) over either Google or Microsoft.
No grade system? How about St John's College in Santa Fe, New Mexico and Annapolis, Maryland?
They do assign grades, but apparently noone pays any attention to them.
No. It's not about finance.
It's about finding ways to challenge the studnets.
When I was in elementary and junior high, the school split us into classes based on academic results so far.
It worked very well. There was far less variation between the bottom and top of the class and the teachers could do a much better job of teaching to the class.
This is now deemed to be prejudicial and so the school no longer does this. The students are the losers across the board.
One of the profs who I had taken both graduate and undergraduate courses from in the 70s told me in the mid 90s that the 90s versions of the classes had substantially less theory because the students were just not ready.
From my own part time university teaching experience in mathematics and computer science, the students coming out of high school don't seem to try very hard at all. Too many of them want grades without bothering to learn anything.
Not for the movie itself, but afterwards, there were so many twerps out there war dialing everything that it wasn't unusual at times to receive two or three calls per night.
Of course, it might not have been like that everywhere. At the time, my office was across the fence from the Johnson Space Center. I suspect that any prefix in that area was considered to be a good target.
We also had several consecutive telephone numbers. When the war dialers hit the first, you could be pretty sure that they were going to hit the rest in turn.
With all the aggravation from the large numbers of calls in the middle of the night, I thought that everyone involved in that movie should be should have been strung up from the nearest tree.
Could it have been a "verbal captcha"?
Maybe they just want to make sure you aren't a bot.
I used to drive an old farm pickup most of the time. (I never had to worry about another dent in it.)
Whenever I had to park it in a high crime area, I made a big show of locking the door even though the lock did not work. But I figured if someone saw me get out and close the door behind me without locking it, they'd figure it was certainly unlocked since pickups of that vintage did not lock automatically and maybe just go after it on general principle.
I wasn't as worried about someone coming along testing the doors to see if any were unlocked. They'd probably skip it anyway.
Noone ever broke into it in spite of the several hundred dollars worth of tools under the seat.
I also used to park it next to the cafeteria on campus. If it was raining when the workers there would get off work, some of the workers would wait in it for their rides. They never stole or damaged anything so that didn't bother me at all.
I wondered how Anonymous Coward could post so many times on every topic imagineable.
All this time I've thought that it was from one very screwed up person, but now we know it is really from a bunch of people posting with your username and password.