Typically, the tax is on all income over a certain level. The poor wouldn't be hit at all with it.
For example, an article on flat taxes a year or two ago in The Economist magazine mentioned a flat tax plan advocated by a professor at Duke where the cutoff was something like $100,000.
I went from being pro Fair Tax to being skeptical. There are a few questions I'd need to see satisfactorily answered to become pro Fair Tax again.
My biggest concern is that it would push American buyers of certain goods overseas and destroy our manufacturing capabilities in those areas. In the early 1990s, we had a luxury tax on new cars, boats, and jewelry over a certain value. Estimates were that we would raise something like six billion dollars in the first year. What really happened is that people quit buying those items in the United States and we only raised a few million in taxes on the items while gutting those industries. I think it especially hit the boat building industries hard. We certainly don't need to accelerate the rate at which we export our manufacturing overseas.
Another concern is that people will change their purchasing habits dramatically and the revenue raised will be far less than what is forecast. The result will be an escalating tax rate. The assumption that we won't change our purchasing behavior doesn't seem to be very likely.
Finally, of course, I think that it will push more and more of the taxes onto the middle and upper middle class. If you make ten million a year, and spend a million, you'd be paying about $300,000 in taxes for an effective tax rate on income is 3%. If you make a hundred thousand and spend seventy thousand on goods and services, you're going to be paying about $21,000 in taxes and the effective tax rate on income is 21%.
Even before this change, I considered a flat tax with NO exemptions the better method. I think that even more now.
Backup copies of software ISN'T Fair Use. It's an explicit exception to Copyright Law. It was made because when the laws were written, it a reasonable thing for people to do.
The actual term is "Limitation on exclusive rights: computer programs". But it is a good point about that not falling under "fair use".
Using a BSD style license I could make it harder for someone else to take my work and sell it as their own, whereas with a GPL I couldn't prevent anyone from selling the software themselves.
There are, of course, a number of BSD licenses. Those that I have seen were considerably less restrictive than the GPL.
The OpenBSD license is so open that GPL code can not be included in OpenBSD at all. They do not distribute the code but the ports tree does provide you with the ability to include the non-free software that is licensed with the GPL.
So I'm rather puzzled by your statement. Of course, there could be a BSD license out there somewhere that does make such restrictions. I just haven't seen it or heard about it.
If there's a chance at screwing up the other domains, I don't want to do it. They are used too much to take that chance.
If they resolve and cache the old MX IP addresses, that's no problem. I can always change the IP address of the mail server and drop all incoming connections to TCP port 25 to the old address at the border firewall.
I suspect that by only handling the original attempt from any one IP address and then blocking it with a packet filter, the bandwidth created by any additional attempts would be minimal. By refusing to even participate in the three way handshaking from the blocked IP addresses, I think we might not even notice 200,000 attempts a day.
Maybe I should create some new hosts and set up e-mail addresses on those. For example, mta.luser.example.com, mta.automagic.example.com, foobar.example.com,..., and use e-mail addresses there such as muenster_and_sons_seafood@luser.example.com.
Then, if the load becomes too much, I could always have the opportunity to remove those hosts from the DNS server. After removing them, the only traffic should be failed DNS lookups.
Do you think that would work better?
Better yet, I guess, would be a separate domain just for that purpose. If the load gets too much, just dump the domain.
Ooops. As the trend of zombies that use the "normal" MTA of their infected owners increases, you will increasingly be blacklisting valid (and large) email servers. This will definitely eliminate a lot of spam. And a lot of valid mail as well.
Actual e-mail servers that we expect to receive legitimate e-mail from will be whitelisted. As for the rest, they will only be blacklisted for 24 hours.
If the use of real e-mail servers by spam zombies ever gets bad enough, it may become worthwhile to automatically generate complaints to the postmaster and abuse addresses.
I think you underestimate the number of unique IP addresses in the larger zombie armies. Probably you could get better results with less effort by simply checking the CBL after greylisting.
I've been doing greylisting for a while. It generates some complaints because it sometimes takes longer than the user is willing to wait for an e-mail to come through.
What is interesting is the mix of the spam I'm receiving at one e-mail address. Before greylisting and when I started greylisting, the mix of spam was as usual. I have occasionally been manually blacklisting senders of spam that made it through when I had the time. I checked the spam on the account on Friday after a couple years of greylisting and here's what I found:
For Thursday, there were 1 spams broken down as: targeted spam: 1 (someone sent me a computer security notice that I did not request) foreign language spams (can't read): 3 advance fee fraud spams: 14
On Wednesday, the breakdown was just slightly different: phishing: 3 foreign language spams: 4 advance fee fraud spams: 10
To find a spam that was spamvertizing a web site, I had to go back 12 days. To find a spam spamvertizing some merchandise, I had to go back 14 days. In that case, the merchandise was a web-pharmacy spamming various prescription medicines.
At one time, most of the advance fee fraud (Nigerian) spams that I received mostly came from hotmail or yahoo. That trend seems to be declining and most now come from a wide number of legitimate e-mail servers overseas. Blacklisting these legitimate e-mail servers for 24 to 48 hours is probably not going to have much adverse affect against our regular users.
It shouldn't have that big an effect. That server has plenty of capacity to spare.
Only the first email will be accepted because the processing will occur after the e-mail arrives. If the recipient is in the list of prohibited e-mails, the IP address will be blocked by the packet filter.
If it is still a problem, part of the task can be offloaded to another server.
I have a perimeter firewall that handles a few specific tasks. I can generate the list of blocked IP addresses and ship them off to the perimeter firewall and block all incoming port 25 traffic from them at that location.
It also wouldn't be very difficult at all to write two small programs to run on the e-mail server and the perimeter firewall that would pass IP addresses from the server to the perimeter firewall.
I've been using greylisting. For me, it really hasn't become less effective, but I have noticed that the mix of the spam has changed dramastically.
I'm getting ready to switch to two methods.
First, on one specific account that has become inundated with spam (probably because it is on just about every web page with registered IANA port assignments), I'm in the process of switching it over to the point where it will only accept unencrypted e-mail from a select list of whitelisted sources. If someone is not on that list of whitelisted sources, they are going to have to encrypt the e-mail using my public PGP key for the e-mail to be delivered.
Second, our mail server has something in the range of 100 to 200 users. I am generated thousands of additional e-mail addresses and aliasing them on the server to a single account. Those thousands of new e-mail addresses, initially 8,192 e-mail addresses, will be listed on various web pages for the spammers to harvest.
As e-mail starts to be delivered to those addresses, I will opt-out of all the e-mail so that they know the e-mail address is real and gets read. Once the spam reaches a certain level, I will then start blacklisting every incoming server delivering e-mail to one of those 8,192 addresses.
The length of time on the blacklist will vary. No IP address will be removed until a reverse DNS lookup for it exists.
If the reverse DNS lookup gives any idea that it may be a dialup, dhcp, or anything else that makes it look like it is probably a home computer (e.g. dialup-10-1-1-99.example.com), the IP address will be blocked for a month or more.
If the reverse DNS indicates that it is an smtp server (e.g. mta09.example.com), it will be blacklisted for maybe 24 or 48 hours.
Anything else will be blacklisted for one to two weeks. If additional e-mails arrive from a blacklisted IP address, the clock will start over.
I figure that with 8,192 spamtrap addresses and 100-200 user addresses, most spam zombies will be far more likely to hit the spamtrap addresses first where they may be automagically blacklisted.
SPF is nearly useless. As far as I can see, the only thing SPF is useful for is to get a list of servers from which e-mail for that domain may originate. Then, if you regularly get e-mail from that domain, whitelist their servers and greylist everyone else.
I completely agree that the author's suggestion is a waste of time. Actually, it is worse than that since it will bounce the spam to the apparent senders. That means that someone other than the original recipient gets the spam instead.
There's a story about QNX I came across a few years ago.
It seems that some factory was using QNX to control a very important industrial robot. QNX had been installed and had run without flaw for a couple of years or more since it had been installed.
One fine November day, the consultant or contractor who handled that system among others was told that it had quit logging events a few months earlier. The consultant checked on it and found that the disk drive had failed the previous August.
A police officer apologized to me for his mistake once.
The mistake was in front of a crowd, but the apology was in private a while later. He explained that he immediately recognized his mistake but had to stand by it in front of the crowd.
The issue was over parking at a speedway. I parked my old pickup in my usual spot in an area where people were not permitted to park. He saw the pickup and didn't bother to check to see if I had a parking tag that permitted me to park just about anywhere at the track. I had driven to that location to check out a private curcuit used to provide official race results to the pressbox, the announcer, and the scoreboard operator. I was about halfway through with the test when he told me I had to move. When I told him I'd be done in a couple of minutes, he said okay.
So there wasn't really any problem. In fact, it gave me some insight I previously did not have into the reason he didn't just say "okay" and walk away when I pointed out that I had an Officials parking permit.
One thing to consider is whether or not the purchaser is likely to return in the future. Even if they aren't buying much that day, don't assume that they won't be back in the future for other things.
I used to live near a Best Buy store and went there fairly frequently. Because it was nearby and on my way home, I nearly always just went in there for a specific item. I'd buy it and leave. If I needed something else the next day, I'd go over there for that item.
The only store that was closer was a Circuit City, but I flat refused to do business with them at all by that time.
Years ago, when CDs were just starting to catch on for computers, I went to Circuit City to buy a CD player. The package just said it was compatible with Windows 95 and 98. So I told the salesman that since I was using NT, I'd just bring it back for a refund if it turned out not work with NT.
His manager was standing behind us and told me that would not let me return it under those circumstances -- their policy was that if it worked on the systems that were listed on the box, then they would not accept it back.
I walked out, went to another store about a mile away and bought the same model CD player from them after making sure I could return it if it didn't work with NT. It worked fine.
At the time, my stereo had broken and I was in the market for a new stereo. I had already picked out the one I wanted at Circuit City and had intended to buy it that same trip. Why pick up the bulky objects first and carry them around the store? I ended up buying a different stereo elsewhere rather than do business with Circuit City.
To this day, I will not step foot in a Circuit City store and do not intend to ever do business with them again.
Slashdot Mirror
Typically, the tax is on all income over a certain level. The poor wouldn't be hit at all with it.
For example, an article on flat taxes a year or two ago in The Economist magazine mentioned a flat tax plan advocated by a professor at Duke where the cutoff was something like $100,000.
I went from being pro Fair Tax to being skeptical. There are a few questions I'd need to see satisfactorily answered to become pro Fair Tax again.
My biggest concern is that it would push American buyers of certain goods overseas and destroy our manufacturing capabilities in those areas. In the early 1990s, we had a luxury tax on new cars, boats, and jewelry over a certain value. Estimates were that we would raise something like six billion dollars in the first year. What really happened is that people quit buying those items in the United States and we only raised a few million in taxes on the items while gutting those industries. I think it especially hit the boat building industries hard. We certainly don't need to accelerate the rate at which we export our manufacturing overseas.
Another concern is that people will change their purchasing habits dramatically and the revenue raised will be far less than what is forecast. The result will be an escalating tax rate. The assumption that we won't change our purchasing behavior doesn't seem to be very likely.
Finally, of course, I think that it will push more and more of the taxes onto the middle and upper middle class. If you make ten million a year, and spend a million, you'd be paying about $300,000 in taxes for an effective tax rate on income is 3%. If you make a hundred thousand and spend seventy thousand on goods and services, you're going to be paying about $21,000 in taxes and the effective tax rate on income is 21%.
Even before this change, I considered a flat tax with NO exemptions the better method. I think that even more now.
The actual term is "Limitation on exclusive rights: computer programs". But it is a good point about that not falling under "fair use".
There are, of course, a number of BSD licenses. Those that I have seen were considerably less restrictive than the GPL.
The OpenBSD license is so open that GPL code can not be included in OpenBSD at all. They do not distribute the code but the ports tree does provide you with the ability to include the non-free software that is licensed with the GPL.
So I'm rather puzzled by your statement. Of course, there could be a BSD license out there somewhere that does make such restrictions. I just haven't seen it or heard about it.
The only fair use exemption for backups is for backups of software distributions -- one copy only.
There is NOTHING in the law permitting one to make one or more backup copies of anything else as "fair use".
Making a "backup copy" of a book is, in fact, a copyright violation just the same as it is to make a "backup copy" of a music cd or a movie dvd.
Most young people I knew in the 60's, myself included, did not have a laid back attitude towards drug use at all.
Sure, there were young people who had a laid back attitude toward drugs, but they weren't anything close to a majority.
If I had the source, I would have provided a link or a reference.
It was an article on why so many fines due to the federal government are not being collected in full these days.
I have read that the administration and the federal justice system strongly encourages judges to apply the maximum whenever possible.
That is especially true for fines, even if there is no possibility of collecting the full amount.
A professor at Texas A&M University, Bruce McCormick, was pushing for this for years.
Check out Welcome to the Brain Networks Laboratory at Texas A&M University!.
The idea is to use a knife-edge scanning microscope to make images of very thing slices from brains.
I'm curious if Dr. McCormick has retired. His web page last list courses he taught in 2002.
P2P traffic is a batch mode of traffic that should be given a lower priority.
This approach could cause problems for ISPs in the United States.
As I understand it, the safe harbor for ISPs does not apply if the ISP stores data in this manner instead of just being a conduit.
If so, any ISP who started doing this could, conceivably, be held liable for any copyright infringements stored on their servers.
I'm taking your good advice on that.
If there's a chance at screwing up the other domains, I don't want to do it. They are used too much to take that chance.
If they resolve and cache the old MX IP addresses, that's no problem. I can always change the IP address of the mail server and drop all incoming connections to TCP port 25 to the old address at the border firewall.
I suspect that by only handling the original attempt from any one IP address and then blocking it with a packet filter, the bandwidth created by any additional attempts would be minimal. By refusing to even participate in the three way handshaking from the blocked IP addresses, I think we might not even notice 200,000 attempts a day.
..., and use e-mail addresses there such as muenster_and_sons_seafood@luser.example.com.
Maybe I should create some new hosts and set up e-mail addresses on those. For example, mta.luser.example.com, mta.automagic.example.com, foobar.example.com,
Then, if the load becomes too much, I could always have the opportunity to remove those hosts from the DNS server. After removing them, the only traffic should be failed DNS lookups.
Do you think that would work better?
Better yet, I guess, would be a separate domain just for that purpose. If the load gets too much, just dump the domain.
Actual e-mail servers that we expect to receive legitimate e-mail from will be whitelisted. As for the rest, they will only be blacklisted for 24 hours.
If the use of real e-mail servers by spam zombies ever gets bad enough, it may become worthwhile to automatically generate complaints to the postmaster and abuse addresses.
I've been doing greylisting for a while. It generates some complaints because it sometimes takes longer than the user is willing to wait for an e-mail to come through.
What is interesting is the mix of the spam I'm receiving at one e-mail address. Before greylisting and when I started greylisting, the mix of spam was as usual. I have occasionally been manually blacklisting senders of spam that made it through when I had the time. I checked the spam on the account on Friday after a couple years of greylisting and here's what I found:
For Thursday, there were 1 spams broken down as:
targeted spam: 1 (someone sent me a computer security notice that I did not request)
foreign language spams (can't read): 3
advance fee fraud spams: 14
On Wednesday, the breakdown was just slightly different:
phishing: 3
foreign language spams: 4
advance fee fraud spams: 10
To find a spam that was spamvertizing a web site, I had to go back 12 days. To find a spam spamvertizing some merchandise, I had to go back 14 days. In that case, the merchandise was a web-pharmacy spamming various prescription medicines.
At one time, most of the advance fee fraud (Nigerian) spams that I received mostly came from hotmail or yahoo. That trend seems to be declining and most now come from a wide number of legitimate e-mail servers overseas. Blacklisting these legitimate e-mail servers for 24 to 48 hours is probably not going to have much adverse affect against our regular users.
It shouldn't have that big an effect. That server has plenty of capacity to spare.
Only the first email will be accepted because the processing will occur after the e-mail arrives. If the recipient is in the list of prohibited e-mails, the IP address will be blocked by the packet filter.
If it is still a problem, part of the task can be offloaded to another server.
I have a perimeter firewall that handles a few specific tasks. I can generate the list of blocked IP addresses and ship them off to the perimeter firewall and block all incoming port 25 traffic from them at that location.
It also wouldn't be very difficult at all to write two small programs to run on the e-mail server and the perimeter firewall that would pass IP addresses from the server to the perimeter firewall.
I've been using greylisting. For me, it really hasn't become less effective, but I have noticed that the mix of the spam has changed dramastically.
I'm getting ready to switch to two methods.
First, on one specific account that has become inundated with spam (probably because it is on just about every web page with registered IANA port assignments), I'm in the process of switching it over to the point where it will only accept unencrypted e-mail from a select list of whitelisted sources. If someone is not on that list of whitelisted sources, they are going to have to encrypt the e-mail using my public PGP key for the e-mail to be delivered.
Second, our mail server has something in the range of 100 to 200 users. I am generated thousands of additional e-mail addresses and aliasing them on the server to a single account. Those thousands of new e-mail addresses, initially 8,192 e-mail addresses, will be listed on various web pages for the spammers to harvest.
As e-mail starts to be delivered to those addresses, I will opt-out of all the e-mail so that they know the e-mail address is real and gets read. Once the spam reaches a certain level, I will then start blacklisting every incoming server delivering e-mail to one of those 8,192 addresses.
The length of time on the blacklist will vary. No IP address will be removed until a reverse DNS lookup for it exists.
If the reverse DNS lookup gives any idea that it may be a dialup, dhcp, or anything else that makes it look like it is probably a home computer (e.g. dialup-10-1-1-99.example.com), the IP address will be blocked for a month or more.
If the reverse DNS indicates that it is an smtp server (e.g. mta09.example.com), it will be blacklisted for maybe 24 or 48 hours.
Anything else will be blacklisted for one to two weeks. If additional e-mails arrive from a blacklisted IP address, the clock will start over.
I figure that with 8,192 spamtrap addresses and 100-200 user addresses, most spam zombies will be far more likely to hit the spamtrap addresses first where they may be automagically blacklisted.
Bingo. You hit the nail on the head.
It's a Challenge/Response system that in and of itself adds to the problem instead of solviong anything.
SPF is nearly useless. As far as I can see, the only thing SPF is useful for is to get a list of servers from which e-mail for that domain may originate. Then, if you regularly get e-mail from that domain, whitelist their servers and greylist everyone else.
I completely agree that the author's suggestion is a waste of time. Actually, it is worse than that since it will bounce the spam to the apparent senders. That means that someone other than the original recipient gets the spam instead.
When I decided to go back to school in the 90s, I took my slide rules with me.
I didn't have a calculator and so I used the slide rule on tests and for homework.
I think that some of the profs had never even seen one before.
There's a story about QNX I came across a few years ago.
It seems that some factory was using QNX to control a very important industrial robot. QNX had been installed and had run without flaw for a couple of years or more since it had been installed.
One fine November day, the consultant or contractor who handled that system among others was told that it had quit logging events a few months earlier. The consultant checked on it and found that the disk drive had failed the previous August.
Mine doesn't.
I just leave it on a charger nearly all the time. I only take it with me when travelling.
I hate telephones, anyway. If the battery runs down, that's a plus as far as I'm concerned.
A police officer apologized to me for his mistake once.
The mistake was in front of a crowd, but the apology was in private a while later. He explained that he immediately recognized his mistake but had to stand by it in front of the crowd.
The issue was over parking at a speedway. I parked my old pickup in my usual spot in an area where people were not permitted to park. He saw the pickup and didn't bother to check to see if I had a parking tag that permitted me to park just about anywhere at the track. I had driven to that location to check out a private curcuit used to provide official race results to the pressbox, the announcer, and the scoreboard operator. I was about halfway through with the test when he told me I had to move. When I told him I'd be done in a couple of minutes, he said okay.
So there wasn't really any problem. In fact, it gave me some insight I previously did not have into the reason he didn't just say "okay" and walk away when I pointed out that I had an Officials parking permit.
Consider all the spammers who threaten to file lawsuits against people for blocking their spam.
I've personally received several such threats myself, but nothing ever came of them.
With this to help, it would seem that the spammers couldn't possibly win a lawsuit unless it was malicious.
There have been blacklists who have blocked people they knew weren't spammers for other reasons. This obviously wouldn't shield those actions.
One thing to consider is whether or not the purchaser is likely to return in the future. Even if they aren't buying much that day, don't assume that they won't be back in the future for other things.
I used to live near a Best Buy store and went there fairly frequently. Because it was nearby and on my way home, I nearly always just went in there for a specific item. I'd buy it and leave. If I needed something else the next day, I'd go over there for that item.
The only store that was closer was a Circuit City, but I flat refused to do business with them at all by that time.
Years ago, when CDs were just starting to catch on for computers, I went to Circuit City to buy a CD player. The package just said it was compatible with Windows 95 and 98. So I told the salesman that since I was using NT, I'd just bring it back for a refund if it turned out not work with NT.
His manager was standing behind us and told me that would not let me return it under those circumstances -- their policy was that if it worked on the systems that were listed on the box, then they would not accept it back.
I walked out, went to another store about a mile away and bought the same model CD player from them after making sure I could return it if it didn't work with NT. It worked fine.
At the time, my stereo had broken and I was in the market for a new stereo. I had already picked out the one I wanted at Circuit City and had intended to buy it that same trip. Why pick up the bulky objects first and carry them around the store? I ended up buying a different stereo elsewhere rather than do business with Circuit City.
To this day, I will not step foot in a Circuit City store and do not intend to ever do business with them again.
If he paid an outside studio to do it, I would assume they acquired permission from the copyright owners.
Of course, the licenses may have been to only air the advertisement a maximum number of times or for a limited period of time.