IANA Freenet expert, but I have read a lot of what they say on their website, and it sounds to me like it was one of their prime goals to make something that was resistant to attacks. It is no good having a "free net" if all it takes is one person who disagrees with you launch a DDOS to take it down.
If you have some specific's on how you think they are vulnerable, I'm sure they'll be happy to hear from you (http://freenet.sourceforge.net/).
As you say, there are 2 problems: trust (who do I trust to maintain the spammer data), and integrity of the data (how do we prevent spammers from corrupting it). There is also resistance to DDOS attack, but that is more or less taken care of by the distributed network.
I see no problem with the web of trust idea. If I want to opt in to monkey.com but not compu.net, that is a choice I like to have.
As for integrity of the data, that comes straight from the trust - if the data is signed by monkey.com, then I can trust the integrity of that data.
That is a significant problem, yes. Perhaps there is no existing P2P technology with the right combination of features, but that is not to say it could not be built based on existing technologies.
The closest match I can think of is Freenet. Freenet is very resistant to network attacks and promotes content based on popularity. One of its core design features is the anonymity of its users.
For this task, content could be promoted based on it having being signed by a trusted party (ex. an anti-spam group). I am no Freenet expert, but I believe they already have some form of content signing.
I evaluated prevaylor a few weeks back, to see if it was a fit for a current project. It was not. But as soon as I find a project for which it fits, I will definitely give it a go.
As I see it, prevaylor is good for: * small single pc system, or web based system * no need for external queries * system that stays static once developed (because it is very hard to evolve a prevaylor system).
It would also be great for prototyping, because that usually meets all 3 criteria.
Incidentally, there is a.NET version, which is the one I would be using.
The biggest mistake in the design of the modern word processor is the direct access to a choice of fonts. The most under-utilized feature of the modern word processor is the use of "styles".
The first incorporates desktop publishing features into a document writing tool (something writers do not need, because it is done by the publisher), and the second allows the author to add meta-data, thus improving the value of the document (assuming the publisher is equipped to read and use your meta-data, this is a good thing).
If you are going to use the font choice in your word processor, you might as well use vi or some other text editor. At its heart a document is just words and paragraphs. Formatting is irrelevant, except when it is being displayed. Thus the invention of CSS for the web.
My understanding of the new breed of XML based word processors is that they will provide a better foundation for representing the underlying meta-data of a document. They will also separate the text from the layout. A step in the right direction.
I vaguely remember reading a SciFi book about bacteria that eat all of the world's oil supply, plunging us into post-apocalyptic mode.
I mean, if they like sugar, I'm sure they'll like other energy rich products too. Speaking for myself, as a multi-celled organism, I'd rather that not happen. Other, lesser-celled organisms are free to disagree.
Talking about books, I recently bought Test Driven Development by Kent Beck (XP proponent), and have not regretted it.
If you need some help on learning to write unit tests, it has some really basic examples to help get you started, and is written in a very down-to-earth style.
Other than that, I would add that writing tests is HARD, at least at first. It takes some getting used to, and you will look back on your first attempts and laugh/cry some day.
The best thing to do is to stop talking, and start doing. Find yourself a test framework that you can live with (JUnit or derivatives are nice) Write tests to reproduce bugs, and then fix the bugs so that the tests pass.
You can also consider something called "Design By Contract". This is a way of making assertions within the code itself; an explicit documentation and validation of a method's input and output. Personally I found this to sound better than it was, but that may have been something lacking in my execution.
Metadata is all related, and that is where the potential is. If your PC knew: 1) That you travelled to Fiji last week 2) You uploaded some pictures taken last week
...then it is reasonable to assume that you took the pictures in Fiji. It is not a certainty; perhaps you left your camera with your brother to take pictures of his cat.
So to be of optimal use, there should be some AI at work to derive the obvious (although sometime incorrect), thus making the best use of what metadata there is.
I do not know that a db filesystem really helps in this regard, except that perhaps it will allow metadata and data to be better structured, which is a step in the right direction.
Read this some time ago and sent an email to the author about it. I don't have a copy on this PC, or I would attach it. I think I called it "13 ways to loathe C". I guess my point (at the time) being that there are annoying features in every programming language.
Anyway, in her reply she mentioned that even though the article was published quite long ago (in the late 90s I think), she still regularly gets feedback from irate VB programmers.
In case you were wondering, I have no point to this message; just thought I'd share.
If you can find an Office CD! I seldom apply office patches, because I have to find the installation CD each time.
To me this is an unacceptable barrier. "We can give you a patch, but please prove that you have the exact version of the CD that you used to install office originally". Arg, what BS!!!
I think the important point is that.NET takes language out of the equation, so that it is all about the underlying framework (API). Languages are fairly free to look like what they need to, and use as much of the framework as they would like.
I regularly switch between VB.NET and C#, and yes, there is very little real difference when viewing the code.
These worms are child's play; it is only a matter of time before someone decides to do something *really* nasty with a well thought out worm.
There are probably thousands of programmers out there that could have written the blaster worm. Most did not want to do it. Of those that would, most seem to be content to write prankster-style worms. One individual decided to write an anti-worm-worm.
What if one had decided to write a *really* malicious worm? In my mind, it is a 99% certainty that eventually some pissed off malcontent will do so. And they do not even have to be in the country.
Imagine a malicious government, with 100 dedicated programmers.
Or a well funded terrorist or anarchist.
Imagine, multiple simultaneously spreading worms, helping each other by opening backdoors, targeting Windows systems, Apache web servers, hardware routers, telephone switchboards, and whatever else they can find. And the payload? Designed to inflict the most economical damage. Perhaps even a smokescreen to illicitly gain access to systems that manage power, water, electricity, and actually cause physical damage too.
Governments need to sit up and take notice, this is serious stuff.
Thats a bad plan, simply because the bots will find so much "pirated" stuff, they will use the stats to support even more draconian laws. They don't care if thay are real or not, if they can use it to further their needs.
I don't have a better plan, but it does remind me of the browser stats that say IE is 90% of the browser market...the stats have an undetermined margin of error because some non-MS browsers pretend to be IE just so that they get served the same web page.
206 emails is not enough for it to be very accurate yet. Also, it is not necessary to restart with Popfile if you have made mistakes...just continue to classify spam as spam and it will all balance out.
I use POPFile for my hotmail address at home and have found it most useful and accurate when creating many categories. Besides "work", "bills", "newsletters", and some others I have 2 "spam" buckets. The first is for general spam, and the other is for offensive spam. That works very well for me, because I never have to look at the offensive spam due to the high accuracy of that bucket. I occasionally manually scan the general "spam" bucket just in case.
I cannot help with your first 2 questions, but the answer to your 3rd is yes.
See Business Case for Better Software Practices from Professional Software Development (2nd Edition of After the Gold Rush).
What's funny to me is that I am sure that at one stage, someone said the same comments about C, compared to assembler.
There are cases where assembler is an appropriate tool, and there are cases when C/C++ are appropriate. But in business code, there are many more where C# or Java are appropriate.
I had to scan through a lot of whining to find this intelligent comment! Someone mod it up!
On average, overseas outsourcing will not result in high quality product unless either a better "outsourcing-suited" methodology is designed, or the people with the product knowledge move closer to the programmers. The former is not very likely, but the latter is already happening to some extent.
I predict that most business-related software will stay closer to home, but companies that primarily develop shrink-wrapped software will gradually migrate overseas.
This is because the shrink-wrapped software does not need ongoing access people doing business in a specific location. The business itself is the software, and can easily move to a location where the expenses (programmers) are less, but the income (sales of product) is the same.
Slashdot Mirror
Terminal Services supports multiple client connections per PC. It is based on code developed by Citrix.
IANA Freenet expert, but I have read a lot of what they say on their website, and it sounds to me like it was one of their prime goals to make something that was resistant to attacks. It is no good having a "free net" if all it takes is one person who disagrees with you launch a DDOS to take it down.
If you have some specific's on how you think they are vulnerable, I'm sure they'll be happy to hear from you (http://freenet.sourceforge.net/).
As you say, there are 2 problems: trust (who do I trust to maintain the spammer data), and integrity of the data (how do we prevent spammers from corrupting it). There is also resistance to DDOS attack, but that is more or less taken care of by the distributed network.
I see no problem with the web of trust idea. If I want to opt in to monkey.com but not compu.net, that is a choice I like to have.
As for integrity of the data, that comes straight from the trust - if the data is signed by monkey.com, then I can trust the integrity of that data.
That is a significant problem, yes. Perhaps there is no existing P2P technology with the right combination of features, but that is not to say it could not be built based on existing technologies.
The closest match I can think of is Freenet. Freenet is very resistant to network attacks and promotes content based on popularity. One of its core design features is the anonymity of its users.
For this task, content could be promoted based on it having being signed by a trusted party (ex. an anti-spam group). I am no Freenet expert, but I believe they already have some form of content signing.
Thats actually an *excellent* idea. Not really SETI@Home though, more like peer 2 peer technology.
Why not kill 2 birds with one stone - promote a valid use of p2p, which removes some of the RIAA threat, while simultaneously frustrating spammers.
I evaluated prevaylor a few weeks back, to see if it was a fit for a current project. It was not. But as soon as I find a project for which it fits, I will definitely give it a go.
.NET version, which is the one I would be using.
As I see it, prevaylor is good for:
* small single pc system, or web based system
* no need for external queries
* system that stays static once developed (because it is very hard to evolve a prevaylor system).
It would also be great for prototyping, because that usually meets all 3 criteria.
Incidentally, there is a
The biggest mistake in the design of the modern word processor is the direct access to a choice of fonts. The most under-utilized feature of the modern word processor is the use of "styles".
The first incorporates desktop publishing features into a document writing tool (something writers do not need, because it is done by the publisher), and the second allows the author to add meta-data, thus improving the value of the document (assuming the publisher is equipped to read and use your meta-data, this is a good thing).
If you are going to use the font choice in your word processor, you might as well use vi or some other text editor. At its heart a document is just words and paragraphs. Formatting is irrelevant, except when it is being displayed. Thus the invention of CSS for the web.
My understanding of the new breed of XML based word processors is that they will provide a better foundation for representing the underlying meta-data of a document. They will also separate the text from the layout. A step in the right direction.
I vaguely remember reading a SciFi book about bacteria that eat all of the world's oil supply, plunging us into post-apocalyptic mode.
I mean, if they like sugar, I'm sure they'll like other energy rich products too. Speaking for myself, as a multi-celled organism, I'd rather that not happen. Other, lesser-celled organisms are free to disagree.
Talking about books, I recently bought Test Driven Development by Kent Beck (XP proponent), and have not regretted it. If you need some help on learning to write unit tests, it has some really basic examples to help get you started, and is written in a very down-to-earth style.
Other than that, I would add that writing tests is HARD, at least at first. It takes some getting used to, and you will look back on your first attempts and laugh/cry some day.
The best thing to do is to stop talking, and start doing. Find yourself a test framework that you can live with (JUnit or derivatives are nice) Write tests to reproduce bugs, and then fix the bugs so that the tests pass.
You can also consider something called "Design By Contract". This is a way of making assertions within the code itself; an explicit documentation and validation of a method's input and output. Personally I found this to sound better than it was, but that may have been something lacking in my execution.
Metadata is all related, and that is where the potential is. If your PC knew:
...then it is reasonable to assume that you took the pictures in Fiji. It is not a certainty; perhaps you left your camera with your brother to take pictures of his cat.
1) That you travelled to Fiji last week
2) You uploaded some pictures taken last week
So to be of optimal use, there should be some AI at work to derive the obvious (although sometime incorrect), thus making the best use of what metadata there is.
I do not know that a db filesystem really helps in this regard, except that perhaps it will allow metadata and data to be better structured, which is a step in the right direction.
Wow, I like that. Thanks for the new sig.
Read this some time ago and sent an email to the author about it. I don't have a copy on this PC, or I would attach it. I think I called it "13 ways to loathe C". I guess my point (at the time) being that there are annoying features in every programming language.
Anyway, in her reply she mentioned that even though the article was published quite long ago (in the late 90s I think), she still regularly gets feedback from irate VB programmers.
In case you were wondering, I have no point to this message; just thought I'd share.
If you can find an Office CD! I seldom apply office patches, because I have to find the installation CD each time.
To me this is an unacceptable barrier. "We can give you a patch, but please prove that you have the exact version of the CD that you used to install office originally". Arg, what BS!!!
I think the important point is that .NET takes language out of the equation, so that it is all about the underlying framework (API). Languages are fairly free to look like what they need to, and use as much of the framework as they would like.
I regularly switch between VB.NET and C#, and yes, there is very little real difference when viewing the code.
Ah! You! BOFH!
I pity your users...what's next, their keyboards? Their screens maybe?
These worms are child's play; it is only a matter of time before someone decides to do something *really* nasty with a well thought out worm.
There are probably thousands of programmers out there that could have written the blaster worm. Most did not want to do it. Of those that would, most seem to be content to write prankster-style worms. One individual decided to write an anti-worm-worm.
What if one had decided to write a *really* malicious worm? In my mind, it is a 99% certainty that eventually some pissed off malcontent will do so. And they do not even have to be in the country.
Imagine a malicious government, with 100 dedicated programmers.
Or a well funded terrorist or anarchist.
Imagine, multiple simultaneously spreading worms, helping each other by opening backdoors, targeting Windows systems, Apache web servers, hardware routers, telephone switchboards, and whatever else they can find. And the payload? Designed to inflict the most economical damage. Perhaps even a smokescreen to illicitly gain access to systems that manage power, water, electricity, and actually cause physical damage too.
Governments need to sit up and take notice, this is serious stuff.
Thats a bad plan, simply because the bots will find so much "pirated" stuff, they will use the stats to support even more draconian laws. They don't care if thay are real or not, if they can use it to further their needs.
I don't have a better plan, but it does remind me of the browser stats that say IE is 90% of the browser market...the stats have an undetermined margin of error because some non-MS browsers pretend to be IE just so that they get served the same web page.
...because probably someone already patented it and will sue me if I achieve any measure of success.
:-/
So my current business plan is to patent it myself, and then sue someone else when they actually put in the time to develop a decent implementation.
Three cheers for software patents
Range is 10 meters line of sight (although it does not need line of sight).
That is much better than what I get with my Logitech wireless mouse/keyboard, with comparable battery life.
206 emails is not enough for it to be very accurate yet. Also, it is not necessary to restart with Popfile if you have made mistakes...just continue to classify spam as spam and it will all balance out.
I use POPFile for my hotmail address at home and have found it most useful and accurate when creating many categories. Besides "work", "bills", "newsletters", and some others I have 2 "spam" buckets. The first is for general spam, and the other is for offensive spam. That works very well for me, because I never have to look at the offensive spam due to the high accuracy of that bucket. I occasionally manually scan the general "spam" bucket just in case.
I cannot help with your first 2 questions, but the answer to your 3rd is yes.
See Business Case for Better Software Practices from Professional Software Development (2nd Edition of After the Gold Rush).
What's funny to me is that I am sure that at one stage, someone said the same comments about C, compared to assembler.
There are cases where assembler is an appropriate tool, and there are cases when C/C++ are appropriate. But in business code, there are many more where C# or Java are appropriate.
I had to scan through a lot of whining to find this intelligent comment! Someone mod it up!
On average, overseas outsourcing will not result in high quality product unless either a better "outsourcing-suited" methodology is designed, or the people with the product knowledge move closer to the programmers. The former is not very likely, but the latter is already happening to some extent.
I predict that most business-related software will stay closer to home, but companies that primarily develop shrink-wrapped software will gradually migrate overseas.
This is because the shrink-wrapped software does not need ongoing access people doing business in a specific location. The business itself is the software, and can easily move to a location where the expenses (programmers) are less, but the income (sales of product) is the same.