Yes, the greatest liability to security is the user. What I was mostly referring to was in the line of trojans, targeted hacking, etc. Especially if a broadband connection with a fixed IP is used, it becomes that much easier to compromise a company's data. No need for the user to have a hand in it. And if they can access a computer with an activated VPN connection, it wouldn't even take brains to access "secure" company servers...
With teleworking on the rise, companies need more than ever a secure working environment for their outsourced employees. While doctors have often outsourced dictation typing, this is much less dangerous from a data protection standpoint than if Ford would allow their engineers to work at home.
A primary concern will be preventing hacking, etc. A VPN may be sufficient to transport the data securely between the home-office and the company, but there is no guarantee that it will be safe on the employee's computer. Companies can prevent a lot of attacks by installing a good firewall. But it is virtually impossible to require the tech staff to monitor all offsite installations.
I did not say he indeed said it, I said the statement was attributed to him. I was fully aware that he denys saying it.
And I said nothing concerning the truth factor. I simply was talking about the development that succeded that alleged statement. Consider the variation of Moore's law applied to storage.
Future films will use even more digital effects and will require even more data storage. If you consider Bill Gate's famous 640K quote, it won't be long until you'll have a 500 Exabyte keychain...
I've had that happen to me, as well. There's no way to stop it from running. And it seems it installed the svchost trojan/virus. Took me 20 minutes to clean out my registry to the point I could browse at all! The problem was: I hadn't installed mozilla on that machine yet... live and learn:-)
I'm sorry, I don't think that a novel in this form is going to be popular bedtime literature... it requires effort from the reader. Of course, there were many popular text adventure games, so it's not like there will be no market for this.
Just don't forget that interactive books aren't in vogue anymore. What's so different about this?
Some very good thoughts. Too bad they are unlikely to make much of a difference as long as companies have such a strong lobby.
I remember a while back reading an interview in ZDNet with someone from Cisco. He said that though they patent a lot of stuff, almost everything they patent would have been developed and used anyway, even without patents. He also pointed out that companies are discouraged from searching for similar patterns, because patent infringement isn't going to be too big an issue unless you knowingly infringe. Especially when filing, it pays not to know about similar patents. Very unfortunate situation we're in.
TheRegister ran the story about faulty speed cameras in the UK. Of course, a black box located in a car is much less likely to make a mistake than a radar. However, there always will be that possibility.
Combine the black box with wireless reporting, and radar will no longer be necessary. Of course, the privacy concerns would probably do that idea in. But it still pays to be vigilant.
It still would be theoretically possible to implement RFID reporting that would be built into the streets in cities...
AAC uses the MPEG standard and extends it. It's like if I soup up my car. Is it still a Ford? Technically yes. But it's unlikely that Ford will start building cars like that. Unless I've done something really brilliant, in which case, Ford will have to pay me for the rights.
Now... Apple has spread their modification all over the universe in the process of selling music. It is indeed possible that the MPEG group will say, hey, that's a brilliant implementation of DRM. However, I greatly doubt that.
The only thing that Apple's AAC has in common with the MPEG-4 standard is the compression codec. The DRM part is not part of the standard, but that seems to be Apple's greatest weapon.
At any rate, I doubt that the MPEG Group will tuck Apple's AAC modifications into bed. Of course, it's happened before. But hopefully some people still have brains...
Sorry, Gameboy Advance targets a different user group than N-Gage. Admittedly, N-Gage users will undoubtedly be interested in Gameboy, but today's mobile young people want to take their games around with them, and are unlikely to want to carry too many gadgets. Why do you think cell phone gaming is so hugely popular among young people in Europe? And the kind of games that are popular are not big FPS, they are specifically designed for low resolution: tetris, packman, etc. Of course, there are also jump-and-run games like the elkware adaptation of Tom Clancy's Splinter Cell. But once again, those do not require widescreen graphics. And they take at most a few minutes at a time, though to play them through can take hours. They are designed for people who don't have much time, but want to have some fun anyway.
Lessig is rather a classic liberal, as the term is still used in Europe. It has nothing to do with political direction, merely with open-mindedness and a good education. As in "Liberal Arts".
I agree, for the most part. A patents-based standard is should be one that is a standard because of it's briliance. Not because it is forced down people's throats.
In this case, of course, as has been pointed out, they are trying to develop what RIAA wants, though it is already out there. I'm sure that even Microsoft's WindowsMedia format is more likely to become a standard. But neither WMA nor MPEG is likely to beat Apple's AAC format. Let's face it: Apple has pioneered the online music store just like Amazon pioneered the online book store.
There is always the possibility that something as popular as MP3 gets hijacked. Let's look at an example: MP3.com. It originally offered a possibility of listening to music that you own... until RIAA and the labels shut that part down. Then they created a library of independant music. Where's MP3.com now? I've not visited it more than once since it was last sold. Basically the same thing is happening to Napster. The new napster isn't getting much going, even though they had the name.
MP3s will quickly lose popularity if they are hampered. Same with any format. Who wants to read books that are chained to the library?
To be honest, I've not been actively reading gaming mags, so I can't say exactly how poorly gamers view the N-Gage.
However, one German IT site reviewed it in November and gave it a failing grade because it wasn't good at either gaming or a cell phone.
They also report that a German discount chain sold the N-Gage starting April 1 for 159 EUR, without contract binding. It sounds like Nokia is trying to clear out their stock to make way for the new, cheaper version that has fixed a number of flaws that the previous version had: sidetalking, 4k colors, etc.
I don't think that it's much of a liability that there's no MP3 player included: the comments on the original article pointed out that there is one available.
Now, on a more offbeat note, if it indeed were the case that N-Gages were popular among child molesters, it would mean that N-Gages are popular among young people. It would not necessarily mean that such creeps like it for themselves. At any rate, I doubt a headline like that would ever make it to press, because there would be enough positive headlines to fend off a stupid attack like that. Come to think of it, I suppose 9 out of 10 child molesters agree that computers are an absolute necessity. And the internet, too. But that doesn't make either computers or the internet unpopular. But we do know how often people like that get caught by undercover police officers.
All in all, I think that Nokia is doing the right thing with this revision and that they have a chance to make right what they messed up last time.
Wow! Many young people use their phones for that purpose. MP3 ringtones, anyone? And that's why certain models are more popular among than others. Especially if they have at least 32MB of memory.
Really stupid move on Nokia's part, but then... I'm sure an MP3 player will be available for download sometime, so we'll see how it goes. And anyway, they can always offer that in a firmware update.
I disagree. Nokia is well known in Europe for their innovations, and they've been targeting young consumers (i.e., pre-teens and teenagers). This revision of the N-Gage may just be the ticket to getting young people to buy it.
It's amazing how often young people I know get new phones. All it takes is for one kid in the school to get it and think it's cool. Then the hundreds of others will "need" it. That's the way cell phone marketing works over here, and I think it's very compatible with the N-Gage.
Though you might think otherwise, the main thing young people use the phones for is games and sending SMS's. Calling each other is too expensive. And Nokia is well aware of that fact.
Another thing is the price factor. If, as has been stated, it retails for $199 without a service contract, it will be available in Europe probably for 1 EUR with a 24-month contract. That's a decent price, and very afordable for the young. I know many who regularly pay 100 EUR to buy phones on ebay. The phones are usually worth about 300 EUR.
If Nokia is smart (and I think they are), they'll have easy access to this huge market. If not with this revision, with the next.
You say that GMail will run spymac out of business. Unless Google agrees to go along with EU data privacy guidelines, GMail won't be allowed to operate in Europe. Spymac, on the other hand, doesn't infringe on their users' data privacy, and they offer hosting packages at very low prices. On top of that, they target the mac community. Sorta like mac.com. The difference: their URLs, etc. are more friendly than mac.com.
I have a friend who is migrateing there from mac.com because they offer much better service. They have a vibrant community (check out their "longest thread"), and though they don't host that many ads, they have the oportunity of making quite a bit on ads. Especially as they have a particular segment of internet users and ask for certain internally used private information.
Compare their privacy policy with that of Google and you'll see why they're a better choice. And if Google doesn't change, they'll be shut out of Europe.
And if Spymac gets into financial trouble (they do allow you to pay a fee for ad-free browsing), they can alway sell out. They've at least got enough users to make it valuable.
It seems that Microsoft finally is coming to realize the power of open source software. After all, if you can't beat 'em, join 'em.
Microsoft knows that their power lies in their broad userbase. By holding out this "olive branch" to the OSS community, they are preventing an embarrassement, especially in circles where OSS is finding more and more acceptance. For example, the city of Munich switched to Linux over Windows. Now OSS advocates have one less argument in their toolkit.
From now on, no one can accuse Microsoft of being completely closed source. Not that it really matters in the big picture, because their major applications are closed source, anyway.
There's always the possibility that this will get yanked like nullsoft's WASTE (secure file sharing). In this case, I suppose it is very unlikely.
All things considered, we should welcome Microsoft's foray into OSS cautiously, who knows what their motivation is...
Some of you who were on #linux on friday will know part or most of this story already as i witnessed some of it (while drinking a truly delicious hot chocolate). For those of you who don't, the following is a report written up by a friend of mine on his succussful (or at least, it's looking good) attempt to stop and catch a 419 scammer. I feel it's worth the read
John
-------- Original Message -------- Subject: I fought the scammer... and I won. Date: Fri, 02 Apr 2004 21:54:30 +0100 From: Steffen Higel To: John Allman, paulinemccaffrey at eircom.net, stevecash at ireland.com, tony.odonnel at cs.tcd.ie, declan.dagger at cs.tcd.ie, edwin.higel at brookside.ie, marynstanley at eircom.net, richard.bannister at cs.tcd.ie, oconnoat at tcd.ie, jean.higgins3 at mail.dcu.ie
[This is long, and is quite heavy on the technical discussion. Skip the bits you don't understand. It gets interesting.]
I work for a busy Dublin Internet cafe, doing some sysadmining and general computer maintenance. On Sunday the 28th of March, I got a rather distressing email from a sysadmin in a large U.S. University. Spamcop had blacklisted our server's external IP address. Abuse mail for the server in question gets sent to my college account (bad practice, I know, but it's a part time job). My college uses Spamcop as a blacklist source. You can probably tell what happened...
Anyway, said email included the full headers of an email which was natted by our server pretending to be from the widow of Mr. Jonas Savimbi, offering the recipient a share of an unspecified large sum of money. The usual panicked thoughts kick in... "Have I fiddled with something which has left us as an open relay?", "Has our server been cracked?", "Have I been sleep-spamming again?". A more reasoned examination of the headers showed that the mail had originated from one of the IP addresses that we assign dynamically to people who bring laptops into the cafe. This is something of a nightmare for cafe operators, we can hardly block outbound smtp but then again it isn't possible for us to manually check every single mail either. Maybe rate limiting is a valid technical solution. Or a contraption which hits the user on the head for every mail they send. So if they send 1 an hour, it's a mild nuisance. But if they send 100 a minute, it'll probably kill them.
A peek through the logs revealed:
Mar 26 15:04:16 server dhcpd-2.2.x: DHCPDISCOVER from 00:40:f4:5d:aa:f7 via eth1 Mar 26 15:04:17 server dhcpd-2.2.x: DHCPOFFER on 192.168.1.70 to 00:40:f4:5d:aa:f7 via eth1 Mar 26 15:04:17 server dhcpd-2.2.x: DHCPREQUEST for 192.168.1.70 from 00:40:f4:5d:aa:f7 via eth1 Mar 26 15:04:17 server dhcpd-2.2.x: DHCPACK on 192.168.1.70 to 00:40:f4:5d:aa:f7 via eth1 Mar 26 15:04:20 server dhcpd-2.2.x: DHCPREQUEST for 192.168.1.70 from 00:40:f4:5d:aa:f7 via eth1 Mar 26 15:04:20 server dhcpd-2.2.x: DHCPACK on 192.168.1.70 to 00:40:f4:5d:aa:f7 via eth1
Bingo. I had something to work with. The network card is one based on a Cameo 32bit chipset. Matches up quite nicely with these:
Return-Path: Received: from 192.168.1.70 (server.XXXXXX [XXXXXXX.29])
byXXXXXXXXXXXXXXXXXX) with SMTP id i2QFrgi0002755
for ; Fri, 26 Mar 2004 10:53:44 -0500 (EST) Reply-To: "michelle savimbi" From: "michelle savimbi" To: Subject: urgent response Date: Fri, 26 Mar 2004 15:53:26 +0000 Organization: Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_0 00_0034_01C221EC.6C64F7B 0" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000ams X-MimeOLE: Produced by Microsoft MimeOLE V6.00.2800.1165
I asked around, and a man, described as being black (or is the word African-American these days?), roughly 30, with an accent which seemed half London and half African had been in the cafe with a laptop and had a number of visitors call into
The proposal to force all domains to use valid WHOIS data would be a boon to law-enforcement efforts. But that leads to another potential concern.
In the US, it's not a problem to express yourself. You can say whatever you like about the government and get away with it. OK, not quite anything. In other countries, however, including western countries like Germany and France, freedom of expression is non-existant -- you may only say what the government allows you to say. In the two countries I've mentioned, it's not much of a problem, because they've basically only banned racist expressions. But there are more than enough other countries (China, anyone?) that actively work to suppress their citizens from expressing themselves freely. For dissidents in such countries, false WHOIS data may be necessary for freedom of expression. Is ICANN trying to help such governments crack down on their citizens?
If ICANN wishes to enforce this rule, I agree with the procedure outlined in the parent post, but disagree that spammer's domains should be treated separately.
The problem is, how do you recognize a spammer's domain? If you simply look at the "to" address, it will result in a lot of legitimate sites getting spammed, because a real spammer will fake the from address. If you look at the originating sender, I've had enough (virus) spam that apparently originated at my mail server. The header information was modified -- the IP did not belong to my mail server. But you can't backtrace to find the domain if the IP is in a dynamically allocated range. Once again, 1:0 for the spammers.
The few honest souls who are dumb enough to use valid information will get caught anyway. Now if we are talking about domains that are linked in spam, that's a little easier to deal with, but there is still a large potential for abuse. So a spammer doesn't like a site. Voila, take them down. In fact, anyone could effectively disrupt any website they like.
Of course, spammers should be prosecuted, provided they are within the jurisdiction of a state that cares (e.g., the US). But intellegent spammers work offshore anyway, which puts them beyond the reach of any western regulatory body except ICANN. We can go after their domains, but there's no easy solution to determine which domains are pure spam.
However, that cannot prevent an attack by Google. You wouldn't want to block requests referred by google.com, because you do want people to find your site, right?
As reported in a previous story, Google linked their main logo graphic to an information academic site and brought it down. Subsequently, Slashdot hit, but it didn't hold a candle to Google. Fortunately, such attacks by Google are rare. Of course, there is no way to determine your risk for a Google attack, unlike slashdot attacks.
The best idea is to always keep your server ready to handle any load.
I'll probably get modded down for this, but so be it.
ESR did bring up a lot of good points. However, I doubt this team will have too much to do with that. From the article, it seems to me that it's mostly focused at lowering the entry level requirements for working on the KDE project. They are trying to get people to write documentation, etc. But that doesn't mean that they will actually focus on ensuring that it will all be as simple to use as Windows.
As an open source author and member of a quality assurance team, experience tells me that the greatest effort will go into programming. QA teams generally have enough work to do just fixing bugs, writing documentation and testing releases ("important stuff"), that not enough time is left for making the user interface uniform or even intuitive. In this case, though they are asking users for direct input on the topic. That's a good sign.
Slashdot Mirror
Yes, the greatest liability to security is the user. What I was mostly referring to was in the line of trojans, targeted hacking, etc. Especially if a broadband connection with a fixed IP is used, it becomes that much easier to compromise a company's data. No need for the user to have a hand in it. And if they can access a computer with an activated VPN connection, it wouldn't even take brains to access "secure" company servers...
With teleworking on the rise, companies need more than ever a secure working environment for their outsourced employees. While doctors have often outsourced dictation typing, this is much less dangerous from a data protection standpoint than if Ford would allow their engineers to work at home.
A primary concern will be preventing hacking, etc. A VPN may be sufficient to transport the data securely between the home-office and the company, but there is no guarantee that it will be safe on the employee's computer. Companies can prevent a lot of attacks by installing a good firewall. But it is virtually impossible to require the tech staff to monitor all offsite installations.
They look like it's just another variety of Linux. How their compatability is better than others, I have no idea...
I assumed that it is well known that this is an urban legend. Especially here on slashdot, where it has been discussed numerous times :-)
I did not say he indeed said it, I said the statement was attributed to him. I was fully aware that he denys saying it.
And I said nothing concerning the truth factor. I simply was talking about the development that succeded that alleged statement. Consider the variation of Moore's law applied to storage.
Future films will use even more digital effects and will require even more data storage. If you consider Bill Gate's famous 640K quote, it won't be long until you'll have a 500 Exabyte keychain...
Firefox, OOo, Putty, WinSCP, Winamp, AIM, DeadAIM, Apache, MySQL, PHP... Plus all the usual accessories...
I've had that happen to me, as well. There's no way to stop it from running. And it seems it installed the svchost trojan/virus. Took me 20 minutes to clean out my registry to the point I could browse at all! The problem was: I hadn't installed mozilla on that machine yet... live and learn :-)
I'm sorry, I don't think that a novel in this form is going to be popular bedtime literature... it requires effort from the reader. Of course, there were many popular text adventure games, so it's not like there will be no market for this.
Just don't forget that interactive books aren't in vogue anymore. What's so different about this?
Some very good thoughts. Too bad they are unlikely to make much of a difference as long as companies have such a strong lobby.
I remember a while back reading an interview in ZDNet with someone from Cisco. He said that though they patent a lot of stuff, almost everything they patent would have been developed and used anyway, even without patents. He also pointed out that companies are discouraged from searching for similar patterns, because patent infringement isn't going to be too big an issue unless you knowingly infringe. Especially when filing, it pays not to know about similar patents. Very unfortunate situation we're in.
TheRegister ran the story about faulty speed cameras in the UK. Of course, a black box located in a car is much less likely to make a mistake than a radar. However, there always will be that possibility.
Combine the black box with wireless reporting, and radar will no longer be necessary. Of course, the privacy concerns would probably do that idea in. But it still pays to be vigilant.
It still would be theoretically possible to implement RFID reporting that would be built into the streets in cities...
Yes but...
AAC uses the MPEG standard and extends it. It's like if I soup up my car. Is it still a Ford? Technically yes. But it's unlikely that Ford will start building cars like that. Unless I've done something really brilliant, in which case, Ford will have to pay me for the rights.
Now... Apple has spread their modification all over the universe in the process of selling music. It is indeed possible that the MPEG group will say, hey, that's a brilliant implementation of DRM. However, I greatly doubt that.
The only thing that Apple's AAC has in common with the MPEG-4 standard is the compression codec. The DRM part is not part of the standard, but that seems to be Apple's greatest weapon.
At any rate, I doubt that the MPEG Group will tuck Apple's AAC modifications into bed. Of course, it's happened before. But hopefully some people still have brains...
Sorry, Gameboy Advance targets a different user group than N-Gage. Admittedly, N-Gage users will undoubtedly be interested in Gameboy, but today's mobile young people want to take their games around with them, and are unlikely to want to carry too many gadgets. Why do you think cell phone gaming is so hugely popular among young people in Europe? And the kind of games that are popular are not big FPS, they are specifically designed for low resolution: tetris, packman, etc. Of course, there are also jump-and-run games like the elkware adaptation of Tom Clancy's Splinter Cell. But once again, those do not require widescreen graphics. And they take at most a few minutes at a time, though to play them through can take hours. They are designed for people who don't have much time, but want to have some fun anyway.
Lessig is rather a classic liberal, as the term is still used in Europe. It has nothing to do with political direction, merely with open-mindedness and a good education. As in "Liberal Arts".
I agree: that's what makes GPL so popular... SCO is stupid to think they can bring it down.
I agree, for the most part. A patents-based standard is should be one that is a standard because of it's briliance. Not because it is forced down people's throats.
In this case, of course, as has been pointed out, they are trying to develop what RIAA wants, though it is already out there. I'm sure that even Microsoft's WindowsMedia format is more likely to become a standard. But neither WMA nor MPEG is likely to beat Apple's AAC format. Let's face it: Apple has pioneered the online music store just like Amazon pioneered the online book store.
There is always the possibility that something as popular as MP3 gets hijacked. Let's look at an example: MP3.com. It originally offered a possibility of listening to music that you own... until RIAA and the labels shut that part down. Then they created a library of independant music. Where's MP3.com now? I've not visited it more than once since it was last sold. Basically the same thing is happening to Napster. The new napster isn't getting much going, even though they had the name.
MP3s will quickly lose popularity if they are hampered. Same with any format. Who wants to read books that are chained to the library?
To be honest, I've not been actively reading gaming mags, so I can't say exactly how poorly gamers view the N-Gage.
However, one German IT site reviewed it in November and gave it a failing grade because it wasn't good at either gaming or a cell phone.
They also report that a German discount chain sold the N-Gage starting April 1 for 159 EUR, without contract binding. It sounds like Nokia is trying to clear out their stock to make way for the new, cheaper version that has fixed a number of flaws that the previous version had: sidetalking, 4k colors, etc.
I don't think that it's much of a liability that there's no MP3 player included: the comments on the original article pointed out that there is one available.
Now, on a more offbeat note, if it indeed were the case that N-Gages were popular among child molesters, it would mean that N-Gages are popular among young people. It would not necessarily mean that such creeps like it for themselves. At any rate, I doubt a headline like that would ever make it to press, because there would be enough positive headlines to fend off a stupid attack like that. Come to think of it, I suppose 9 out of 10 child molesters agree that computers are an absolute necessity. And the internet, too. But that doesn't make either computers or the internet unpopular. But we do know how often people like that get caught by undercover police officers.
All in all, I think that Nokia is doing the right thing with this revision and that they have a chance to make right what they messed up last time.
Wow! Many young people use their phones for that purpose. MP3 ringtones, anyone? And that's why certain models are more popular among than others. Especially if they have at least 32MB of memory.
Really stupid move on Nokia's part, but then... I'm sure an MP3 player will be available for download sometime, so we'll see how it goes. And anyway, they can always offer that in a firmware update.
So don't count Nokia out yet...
I disagree. Nokia is well known in Europe for their innovations, and they've been targeting young consumers (i.e., pre-teens and teenagers). This revision of the N-Gage may just be the ticket to getting young people to buy it.
It's amazing how often young people I know get new phones. All it takes is for one kid in the school to get it and think it's cool. Then the hundreds of others will "need" it. That's the way cell phone marketing works over here, and I think it's very compatible with the N-Gage.
Though you might think otherwise, the main thing young people use the phones for is games and sending SMS's. Calling each other is too expensive. And Nokia is well aware of that fact.
Another thing is the price factor. If, as has been stated, it retails for $199 without a service contract, it will be available in Europe probably for 1 EUR with a 24-month contract. That's a decent price, and very afordable for the young. I know many who regularly pay 100 EUR to buy phones on ebay. The phones are usually worth about 300 EUR.
If Nokia is smart (and I think they are), they'll have easy access to this huge market. If not with this revision, with the next.
You say that GMail will run spymac out of business. Unless Google agrees to go along with EU data privacy guidelines, GMail won't be allowed to operate in Europe. Spymac, on the other hand, doesn't infringe on their users' data privacy, and they offer hosting packages at very low prices. On top of that, they target the mac community. Sorta like mac.com. The difference: their URLs, etc. are more friendly than mac.com.
I have a friend who is migrateing there from mac.com because they offer much better service. They have a vibrant community (check out their "longest thread"), and though they don't host that many ads, they have the oportunity of making quite a bit on ads. Especially as they have a particular segment of internet users and ask for certain internally used private information.
Compare their privacy policy with that of Google and you'll see why they're a better choice. And if Google doesn't change, they'll be shut out of Europe.
And if Spymac gets into financial trouble (they do allow you to pay a fee for ad-free browsing), they can alway sell out. They've at least got enough users to make it valuable.
It seems that Microsoft finally is coming to realize the power of open source software. After all, if you can't beat 'em, join 'em.
Microsoft knows that their power lies in their broad userbase. By holding out this "olive branch" to the OSS community, they are preventing an embarrassement, especially in circles where OSS is finding more and more acceptance. For example, the city of Munich switched to Linux over Windows. Now OSS advocates have one less argument in their toolkit.
From now on, no one can accuse Microsoft of being completely closed source. Not that it really matters in the big picture, because their major applications are closed source, anyway.
There's always the possibility that this will get yanked like nullsoft's WASTE (secure file sharing). In this case, I suppose it is very unlikely.
All things considered, we should welcome Microsoft's foray into OSS cautiously, who knows what their motivation is...
Some of you who were on #linux on friday will know part or most of this story already as i witnessed some of it (while drinking a truly delicious hot chocolate). For those of you who don't, the following is a report written up by a friend of mine on his succussful (or at least, it's looking good) attempt to stop and catch a 419 scammer. I feel it's worth the read
,
John
-------- Original Message --------
Subject: I fought the scammer... and I won.
Date: Fri, 02 Apr 2004 21:54:30 +0100
From: Steffen Higel
To: John Allman
paulinemccaffrey at eircom.net, stevecash at ireland.com, tony.odonnel at cs.tcd.ie, declan.dagger at cs.tcd.ie, edwin.higel at brookside.ie, marynstanley at eircom.net, richard.bannister at cs.tcd.ie, oconnoat at tcd.ie, jean.higgins3 at mail.dcu.ie
[This is long, and is quite heavy on the technical discussion. Skip the bits you don't understand. It gets interesting.]
I work for a busy Dublin Internet cafe, doing some sysadmining and general computer maintenance. On Sunday the 28th of March, I got a rather distressing email from a sysadmin in a large U.S. University. Spamcop had blacklisted our server's external IP address. Abuse mail for the server in question gets sent to my college account (bad practice, I know, but it's a part time job). My college uses Spamcop as a blacklist source. You can probably tell what happened...
Anyway, said email included the full headers of an email which was natted by our server pretending to be from the widow of Mr. Jonas Savimbi, offering the recipient a share of an unspecified large sum of money. The usual panicked thoughts kick in... "Have I fiddled with something which has left us as an open relay?", "Has our server been cracked?", "Have I been sleep-spamming again?". A more reasoned examination of the headers showed that the mail had originated from one of the IP addresses that we assign dynamically to people who bring laptops into the cafe. This is something of a nightmare for cafe operators, we can hardly block outbound smtp but then again it isn't possible for us to manually check every single mail either. Maybe rate limiting is a valid technical solution. Or a contraption which hits the user on the head for every mail they send. So if they send 1 an hour, it's a mild nuisance. But if they send 100 a minute, it'll probably kill them.
A peek through the logs revealed:
Mar 26 15:04:16 server dhcpd-2.2.x: DHCPDISCOVER from 00:40:f4:5d:aa:f7
via eth1
Mar 26 15:04:17 server dhcpd-2.2.x: DHCPOFFER on 192.168.1.70 to
00:40:f4:5d:aa:f7 via eth1
Mar 26 15:04:17 server dhcpd-2.2.x: DHCPREQUEST for 192.168.1.70 from
00:40:f4:5d:aa:f7 via eth1
Mar 26 15:04:17 server dhcpd-2.2.x: DHCPACK on 192.168.1.70 to
00:40:f4:5d:aa:f7 via eth1
Mar 26 15:04:20 server dhcpd-2.2.x: DHCPREQUEST for 192.168.1.70 from
00:40:f4:5d:aa:f7 via eth1
Mar 26 15:04:20 server dhcpd-2.2.x: DHCPACK on 192.168.1.70 to
00:40:f4:5d:aa:f7 via eth1
Bingo. I had something to work with. The network card is one based on a Cameo 32bit chipset. Matches up quite nicely with these:
Return-Path:
Received: from 192.168.1.70 (server.XXXXXX [XXXXXXX.29])
byXXXXXXXXXXXXXXXXXX) with SMTP id i2QFrgi0002755
for ; Fri, 26 Mar 2004 10:53:44 -0500 (EST)
Reply-To: "michelle savimbi"
From: "michelle savimbi"
To:
Subject: urgent response
Date: Fri, 26 Mar 2004 15:53:26 +0000
Organization:
Mime-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_0 00_0034_01C221EC.6C64F7B 0"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000ams
X-MimeOLE: Produced by Microsoft MimeOLE V6.00.2800.1165
I asked around, and a man, described as being black (or is the word African-American these days?), roughly 30, with an accent which seemed half London and half African had been in the cafe with a laptop and had a number of visitors call into
The proposal to force all domains to use valid WHOIS data would be a boon to law-enforcement efforts. But that leads to another potential concern.
In the US, it's not a problem to express yourself. You can say whatever you like about the government and get away with it. OK, not quite anything. In other countries, however, including western countries like Germany and France, freedom of expression is non-existant -- you may only say what the government allows you to say. In the two countries I've mentioned, it's not much of a problem, because they've basically only banned racist expressions. But there are more than enough other countries (China, anyone?) that actively work to suppress their citizens from expressing themselves freely. For dissidents in such countries, false WHOIS data may be necessary for freedom of expression. Is ICANN trying to help such governments crack down on their citizens?
If ICANN wishes to enforce this rule, I agree with the procedure outlined in the parent post, but disagree that spammer's domains should be treated separately.
The problem is, how do you recognize a spammer's domain? If you simply look at the "to" address, it will result in a lot of legitimate sites getting spammed, because a real spammer will fake the from address. If you look at the originating sender, I've had enough (virus) spam that apparently originated at my mail server. The header information was modified -- the IP did not belong to my mail server. But you can't backtrace to find the domain if the IP is in a dynamically allocated range. Once again, 1:0 for the spammers.
The few honest souls who are dumb enough to use valid information will get caught anyway. Now if we are talking about domains that are linked in spam, that's a little easier to deal with, but there is still a large potential for abuse. So a spammer doesn't like a site. Voila, take them down. In fact, anyone could effectively disrupt any website they like.
Of course, spammers should be prosecuted, provided they are within the jurisdiction of a state that cares (e.g., the US). But intellegent spammers work offshore anyway, which puts them beyond the reach of any western regulatory body except ICANN. We can go after their domains, but there's no easy solution to determine which domains are pure spam.
However, that cannot prevent an attack by Google. You wouldn't want to block requests referred by google.com, because you do want people to find your site, right?
As reported in a previous story, Google linked their main logo graphic to an information academic site and brought it down. Subsequently, Slashdot hit, but it didn't hold a candle to Google. Fortunately, such attacks by Google are rare. Of course, there is no way to determine your risk for a Google attack, unlike slashdot attacks.
The best idea is to always keep your server ready to handle any load.
I'll probably get modded down for this, but so be it.
ESR did bring up a lot of good points. However, I doubt this team will have too much to do with that. From the article, it seems to me that it's mostly focused at lowering the entry level requirements for working on the KDE project. They are trying to get people to write documentation, etc. But that doesn't mean that they will actually focus on ensuring that it will all be as simple to use as Windows.
As an open source author and member of a quality assurance team, experience tells me that the greatest effort will go into programming. QA teams generally have enough work to do just fixing bugs, writing documentation and testing releases ("important stuff"), that not enough time is left for making the user interface uniform or even intuitive. In this case, though they are asking users for direct input on the topic. That's a good sign.