The big three spam sources have traditionally been Korea, China and Brazil. Comcast has been the big US spammer. France (wanadoo) has also been a major contributor though it doesn't seem to be reflected in this days' logs.
do any of the current anti-spam laws allow prosecution even when the spam is sent from another country? Because that is what I think is needed. I assume that it is currently sent from china because you can get arrested for sending if from the USA, make sending spam from anywhere an arrestable offence.
The source of the spam is ultimately in the United States. Using a foreign network to route spam serves to make the spammers harder to track and catch, but not impossible. The truth is, most of the largest spammers are easily trackable and can likely be proven guilty of numerous laws, whether they use foreign servers or not. The problem is it's a very low priority for law enforcement authorities unless, for example, the spammers mailbomb The GAP or Macdonald's company headquarters... then there'd be hell to pay.
Another problem is District Attorneys in most states in the United States have no interest in prosecuting spammers. Either they are ignorant or apathetic, but numerous spammer criminal cases have been presented to authorities for prosecution only to have them turned down.
why moderate the above comment down? Makes no sense
With all due respect, it would make sense to you if you had sense.
We have a ton of spam laws already. Passing more laws doesn't change a damn thing. Almost all spammers are already breaking numerous laws, criminal felonies involving computer tampering are just the start. In fact, the USA Patriot act could even be employed to consider the activities of most spammers to be terrorism and thus subject spammers to capital punishment. What more do you need? The problem isn't more laws. The problem is.... say it with me.....
E N F O R C E M E N T
Our law enforcement branches are more interested in going after people downloading Metallica or Martha Stewart's stock dealings than they are enforcing the plethora of violations done by spammers. Passing more laws has not proved effective.
The USA is quite obviously the source of the spam. It is up to the USA to legislate in some way to stop the flood of spam that is hurting people all over the world. The real question is: how do you stop the spam when it is being sent from countries like China where the USA has no power to arrest spammers?
Hey, what a brilliant idea. We currently have only a hundred or more anti-spam laws across the world, most in the US. Let's pass a few more. I am certain that when we pass the 500 anti-spam law mark, spammers will suddenly start to cower in their boots and realize that 500 anti-spam laws that aren't being enforced or have no legal/civil/criminal teeth are a formidible obstacle to overcome!
Torvalds story because the comparisons were too unbelievable. For us to accept Tanenbaum's argument, Linus Torvalds at 21, with one year of C programming, was Doug Comer, an accomplished computer scientist, or smarter than the Coherent team, and of course a better programmer than the good professor too."
Huh? I learned more in high school from a single computer science teacher than I did in four years of college. Some of my college CSCI professors were the biggest idiots I ever encountered, and easily 5-10 years behind-the-times. I often corrected test questions.
I am beginning to believe that most of these mean-spirited, burned-out baby boomers blew away a lot of their youth getting wasted or something, and resent anyone who pursued more productive ends. While it might not seem common, young people can be incredibly bright and productive. Linus' accomplishments at that age are actually not atypical IMO, among young people who have decent priorities and focus.
I was programming for a Fortune 500 company when I was 13 years old. Before I got out of high school I wrote the billing system for a major public utility. Hell, I once got a contract to write a book on C programming for the web and at the time, I actually had about a month's worth of C programming, and none of it was web-related. I ended up taking a "crash course" in programming and writing that portion of the book within a few months and it still holds up today. When I was younger, I did a lot of computer consulting and I'd often accept teaching/consulting gigs on subjects I was unfamiliar with, but I'd bone up the night before and pull it off with nobody being the wiser. 10,000+ lines of code in a year? Try 10,000 lines of code in a few days.
It really bothers me when people who don't have faith in their own abilities suggest others, such as Linus, are incapable of operating beyond the boundaries of their own mundane self-expectations.
I would normally agree with you, but I have seen some products that were so poorly-designed it was unfathomable.
For example, my mother one time bought a Volkswagon Hatchback with the air-cooled engine in the rear, and the louvers on the sides were reversed and pointing the wrong way, so the only way air got in to cool the engine was if you were driving in reverse! I can't make this stuff up. Of course, the car burned up the first time it was driven for more than two hours. That's an obvious thing that you'd think the design team would pay attention to.
So these days I don't take much for granted, especially with new gimmicky products in markets that are flooded with gadgets that techies accessorize with.
ust move to a state that has anti-spam laws, like North Carolina. North Carolina statures allow for 10 dollars per spam. California allows for 500 dollars per spam. Either way, with millions of pieces of spam per day intercepted by their service, they should stand to gain quite ludicrously on the deal. If they can track down 20 of the top spammers, and one of them has insurance, SpamHous will suddenly have far more money than it will know what to do with. Sadly indentured servitude is not a viable option for the other 19, as the US has bankruptcy laws. Still, assuming the congress hasn't passed any laws saying that people CAN SPAM, the plan is perfect.
ROFL.
Good luck finding a lawyer who will take on a case with a $10 or $500 virtually impossible payout.
Good luck finding a spammer who has insurance, hasn't declared bankruptcy a few times already, or wouldn't make all his net worth (if any) disappear as soon as he was caught. Not that he's going to get caught because you'll never find a lawyer dumb enough to take on a case based on such an ineffective law.
More laws are needed? We currently have several hundred civil-oriented anti-spam laws on the books and not a single one of them has paid off or curtailed spam in the slightest. The same thing happened with anti-UCE-faxes and those were even easier to track and pursue and they still didn't do a thing.
Perfect plan? I think not. When 200+ laws don't work, thinking that passing civil law #201 will make the difference is the definition of hopeless.
Passing yet another law has about the same effect on stopping spam as buying a book does in mysteriously making you an expert on that books's subject. You have to read the book. You have to enforce the law. Right now, spammers break lots of criminal laws that aren't being enforced. Passing more laws without beefing up law enforcement is like sptting in the wind and calling it rain.
SMTP has a security hole: any connecting client can assert any sender address. This flaw has been exploited by spammers to forge mail. The result: your mailbox fills up with bounces to messages that you didn't send.
Yea, right. My mailbox isn't filling up with messages I didn't send. It's just plain filling up. This method is no more difficult to defeat that the current content-based anti-spam methods and requires major upgrades to both DNS and MTAs.
Of course this is a Microsoft idea. Rather than improve the system, in typical Microsoft fashion they want to employ a new standard indigenous to their systems. Another marketing ploy that promises an amazing improvement that would never materialize.
While some improvements to DNS authentication could prove helpful, they're not worth the trouble because in the end, this idea is little more than another flavor of whitelisting, which has proven to be most effective by a small config change to most MTAs and services like Spamcop, Sorbs and Spamhaus's RBL.
What you're proposing is that the burden be switched from MTA to MTA+DNS. The problem is that it's not that much more difficult for spammers to forge additional DNS records in most cases.
Yes, this scheme might address zombie proxy armies, BUT that presupposes that the major ISPs would actually properly manage their DNSes, which they DON'T NOW, so why would they update the new DNS records properly? They WOULDN'T. It's better to have the DNS records managed by an independent third party such as Spamhaus or Spamcop, that sysops can choose to use that are more responsible and more accurate in determining which hosts are allowed to deliver SMTP traffic.
Yes, among other things, the Office updates are here:
http://office.microsoft.com/OfficeUpdate/
With Microsoft, it's not appropriate to distinguish between their applications and the OS because they've chosen to intermingle the two to an unparalleld degree. Vulnerabilities in Office products and the OS tend to compromise each other.
Am I the only one who's discovered that Automatic Updates are actually automatic?
No. You are one among many that apparently think Automtic Updates covers everything when it doesn't. The Automatic updates are not all-inclusive of the patches released to address vulnerability/security issues.
This whole effort is likely to identify middle-class and lower tax cheats. We all know the biggest tax cheats are the super-rich and large corporations. Any money this program could save would be a fraction of the money the government could collect by closing a number of corporate loopholes and foreign tax haven registrations.
What's most interesting about this case at this point isn't SCO's song and dance. We should be paying more attention to the crooked stock analysts and other media that are insisting SCOX still has any value. I sure hope the SEC is investigating this whole mess.
Americans... please, please, PLEASE VOTE in November! Don't give up on the system. This upcoming election is probably going to be the most important in our (and our children's) lives.
If you don't like these policies. If you think there are better solutions to these problems, exercise your right to vote and effect change.
You could list for days the software companies that went out of business as a result of Microsoft's dominance of the industry, but nothing is more substantive than the fact IMO that Microsoft single-handedly destroyed the entire computer product support industry.
Back in the 80s and early 90s, software companies offered toll-free tech support and were easily contacted to resolve problems. When Windows came along, there were so many incompatibility issues that most of us software publishers found the majority of our tech support resources were going towards fixing Microsoft problems that were inadvertently blamed on our own products. The unstable and chaotic Windows environment, where one il-behaved app or library could screw everything else up, made it a nightmare trying to support even the most simple applications.
Microsoft, single-handedly eradicated the entire product support market by forcing developers to hide or else become pawns in helping microsoft debug its own OS.
I abandoned the desktop market when Windows became dominant. It wasn't worth it trying to develop a useful product for consumers when every new release of an operating system would make your application malfunction and cause all your users to blame you for something that was outside your control.
This is about as sad a day as I learned that Windows wasn't open source.
Nobody cares. Posers program in Java. Go ahead and mod me flamebait, but you know it's the truth. Nobody programs in Java that cares about performance and security. It's better for the community that poser languages that don't really offer anything substantive not be open source.
The demographic of slashdot isn't what it used to be, in case you haven't noticed. Desperate times call for desperate replies. Every day there's at least one spam story...
Let's get one thing straight you advertising companies!
Nobody gives a fuck about your annoying, insulting, commercials. We've all reached critical mass in terms of inadequacy, consumerism and superficiality. We don't give a damn about commercials any more. We will PAY for good programming WITHOUT commercials. HBO is testimony to this. Tivo's success is more evidence that we don't give a shit about the latest Cadillac (shit) Escalade, so shove it!
There's more commercials than programming on all networks nowadays. Nobody cares. We've tuned it all out.
The jokeying the networks and the players are doing to try to revitalize the advertising business is useless. There's a new paridigm in effect: we don't give a fuck about commercials. FIGURE IT OUT.
The more commercials you run, the more we'll subvert them and avoid them. We'll buy content on DVD rather than watch shows embedded with total crap on television. When you start embedding advertisements on DVD, we'll stop buying them as well. FIGURE IT OUT. WE ARE SICK OF COMMERCIALS!!
So what are companies to do in the wake of the TOTAL DESENSITIZATION of promotion? I have a really innovative idea: come out with decent products that don't exclusively rely on hype to be accepted by the public. Try that out you stupid fucks!
I spoke with the head of AOL's security/IT system. Let me tell you they analyze EVERY e-mail that goes through their system. They look at all the popular RBLs and if you use *certain* politically-incorrect words in your e-mails, they flag the messages for further review. I am unaware of any system on the planet that is more thorough (or privacy-invading) than AOL. Don't let them fool you - their system is the focal point, probably, for a huge amount of intelligence-gathering efforts.
My policy has always been to disable html-enabled mail. Aside from this recent issue and the hundreds before it, html-enabled e-mail is a major security/privacy invasion. Just use plain text. If you're still using Outlook, no comment.
Nobody really wants to hear this, and I'm sure I'll get flamed, but my company has done business with several Indian software companies and the reason we choose to work with them was NOT because of cheaper labor and costs. The bottom line is that on average, the Indians are BETTER PROGRAMMERS than most Americans. You can get better-quality work and better service.
Nobody wants to really address this issue, but in my experience, when we need something done, we don't get the whiny, flaky experience that is so common with American developers. There are definitely cultural issues which can impede certain efforts, but the Indians know code, especially on a lower level far better than their American counterparts, and they're not obsessively distracted or inconsistent.
The issue with outsourcing isn't half as much about cash flow, as it is a testimonial to the fact that if American developers were half as productive as Indians, it would be cheaper to use them, and we'd have better quality software.
Before you argue this point, stop and look around you. Do you think the quality of the majority of things you use on a daily basis, especially anything made in America, has dramatically improved in the last 20 years? Do you think this culture's work ethic is even near as substantive as it was many years ago? We live in a society where we're constantly taught that everything can be upgraded, we're fed disposable products, we screw in lightbulbs that are manufactured to fail, we sit in front of televisions all day long and can't pay attention to anything, and you want to talk about who can program better? The educational system in this country has been sliding downhill rapidly. The reason India is so appealing is because they haven't turned into ADD self-absorbed mega-consumer capitalists yet, so their production is superior. And what's the US's "solution" to this problem? Pass a law making it difficult to outsource. How ironic.
Slashdot Mirror
Confirmed Russian spam: 1421
Some analysis of my rejected mail logs over the last 24 hours revealed this:
Total rejected spam: 16235 (and 8178 accepted messages)
Confirmed Chinese spams: 1229
Confirmed Korean spam: 1414
Confirmed Canadian spam: 264
Confirmed Polish spam: 342
Confirmed US/comcast spam: 1363
Confirmed French spam: 181
Confirmed Southwest Bell spam: 382
Confirmed Italian spam: 114
Confirmed Spanish spam: 167 (TDE must have finally gotten their act together)
Confirmed German spam: 967
Confirmed Netherlands spam: 452
Confirmed Brazillian spam: 864
This is by no means a scientific analysis - it's based on hard-coded IP-based blacklists that are caught before standard blacklists are checked.
Spamcop RBL rejects: 5460
Spamhaus RBL rejects: 1509
Njabl RBL rejects: 1807
Homebrew RBL rejects: 6382
The big three spam sources have traditionally been Korea, China and Brazil. Comcast has been the big US spammer. France (wanadoo) has also been a major contributor though it doesn't seem to be reflected in this days' logs.
do any of the current anti-spam laws allow prosecution even when the spam is sent from another country? Because that is what I think is needed. I assume that it is currently sent from china because you can get arrested for sending if from the USA, make sending spam from anywhere an arrestable offence.
The source of the spam is ultimately in the United States. Using a foreign network to route spam serves to make the spammers harder to track and catch, but not impossible. The truth is, most of the largest spammers are easily trackable and can likely be proven guilty of numerous laws, whether they use foreign servers or not. The problem is it's a very low priority for law enforcement authorities unless, for example, the spammers mailbomb The GAP or Macdonald's company headquarters... then there'd be hell to pay.
Another problem is District Attorneys in most states in the United States have no interest in prosecuting spammers. Either they are ignorant or apathetic, but numerous spammer criminal cases have been presented to authorities for prosecution only to have them turned down.
why moderate the above comment down? Makes no sense
With all due respect, it would make sense to you if you had sense.
We have a ton of spam laws already. Passing more laws doesn't change a damn thing. Almost all spammers are already breaking numerous laws, criminal felonies involving computer tampering are just the start. In fact, the USA Patriot act could even be employed to consider the activities of most spammers to be terrorism and thus subject spammers to capital punishment. What more do you need? The problem isn't more laws. The problem is.... say it with me.....
E N F O R C E M E N T
Our law enforcement branches are more interested in going after people downloading Metallica or Martha Stewart's stock dealings than they are enforcing the plethora of violations done by spammers. Passing more laws has not proved effective.
The USA is quite obviously the source of the spam. It is up to the USA to legislate in some way to stop the flood of spam that is hurting people all over the world. The real question is: how do you stop the spam when it is being sent from countries like China where the USA has no power to arrest spammers?
Hey, what a brilliant idea. We currently have only a hundred or more anti-spam laws across the world, most in the US. Let's pass a few more. I am certain that when we pass the 500 anti-spam law mark, spammers will suddenly start to cower in their boots and realize that 500 anti-spam laws that aren't being enforced or have no legal/civil/criminal teeth are a formidible obstacle to overcome!
It's true.. it was a design error. The car ended up being recalled.
Torvalds story because the comparisons were too unbelievable. For us to accept Tanenbaum's argument, Linus Torvalds at 21, with one year of C programming, was Doug Comer, an accomplished computer scientist, or smarter than the Coherent team, and of course a better programmer than the good professor too."
Huh? I learned more in high school from a single computer science teacher than I did in four years of college. Some of my college CSCI professors were the biggest idiots I ever encountered, and easily 5-10 years behind-the-times. I often corrected test questions.
I am beginning to believe that most of these mean-spirited, burned-out baby boomers blew away a lot of their youth getting wasted or something, and resent anyone who pursued more productive ends. While it might not seem common, young people can be incredibly bright and productive. Linus' accomplishments at that age are actually not atypical IMO, among young people who have decent priorities and focus.
I was programming for a Fortune 500 company when I was 13 years old. Before I got out of high school I wrote the billing system for a major public utility. Hell, I once got a contract to write a book on C programming for the web and at the time, I actually had about a month's worth of C programming, and none of it was web-related. I ended up taking a "crash course" in programming and writing that portion of the book within a few months and it still holds up today. When I was younger, I did a lot of computer consulting and I'd often accept teaching/consulting gigs on subjects I was unfamiliar with, but I'd bone up the night before and pull it off with nobody being the wiser. 10,000+ lines of code in a year? Try 10,000 lines of code in a few days.
It really bothers me when people who don't have faith in their own abilities suggest others, such as Linus, are incapable of operating beyond the boundaries of their own mundane self-expectations.
I would normally agree with you, but I have seen some products that were so poorly-designed it was unfathomable.
For example, my mother one time bought a Volkswagon Hatchback with the air-cooled engine in the rear, and the louvers on the sides were reversed and pointing the wrong way, so the only way air got in to cool the engine was if you were driving in reverse! I can't make this stuff up. Of course, the car burned up the first time it was driven for more than two hours. That's an obvious thing that you'd think the design team would pay attention to.
So these days I don't take much for granted, especially with new gimmicky products in markets that are flooded with gadgets that techies accessorize with.
ust move to a state that has anti-spam laws, like North Carolina. North Carolina statures allow for 10 dollars per spam. California allows for 500 dollars per spam. Either way, with millions of pieces of spam per day intercepted by their service, they should stand to gain quite ludicrously on the deal. If they can track down 20 of the top spammers, and one of them has insurance, SpamHous will suddenly have far more money than it will know what to do with. Sadly indentured servitude is not a viable option for the other 19, as the US has bankruptcy laws. Still, assuming the congress hasn't passed any laws saying that people CAN SPAM, the plan is perfect.
ROFL.
Good luck finding a lawyer who will take on a case with a $10 or $500 virtually impossible payout.
Good luck finding a spammer who has insurance, hasn't declared bankruptcy a few times already, or wouldn't make all his net worth (if any) disappear as soon as he was caught. Not that he's going to get caught because you'll never find a lawyer dumb enough to take on a case based on such an ineffective law.
More laws are needed? We currently have several hundred civil-oriented anti-spam laws on the books and not a single one of them has paid off or curtailed spam in the slightest. The same thing happened with anti-UCE-faxes and those were even easier to track and pursue and they still didn't do a thing.
Perfect plan? I think not. When 200+ laws don't work, thinking that passing civil law #201 will make the difference is the definition of hopeless.
Passing yet another law has about the same effect on stopping spam as buying a book does in mysteriously making you an expert on that books's subject. You have to read the book. You have to enforce the law. Right now, spammers break lots of criminal laws that aren't being enforced. Passing more laws without beefing up law enforcement is like sptting in the wind and calling it rain.
SMTP has a security hole: any connecting client can assert any sender address. This flaw has been exploited by spammers to forge mail. The result: your mailbox fills up with bounces to messages that you didn't send.
Yea, right. My mailbox isn't filling up with messages I didn't send. It's just plain filling up. This method is no more difficult to defeat that the current content-based anti-spam methods and requires major upgrades to both DNS and MTAs.
Of course this is a Microsoft idea. Rather than improve the system, in typical Microsoft fashion they want to employ a new standard indigenous to their systems. Another marketing ploy that promises an amazing improvement that would never materialize.
While some improvements to DNS authentication could prove helpful, they're not worth the trouble because in the end, this idea is little more than another flavor of whitelisting, which has proven to be most effective by a small config change to most MTAs and services like Spamcop, Sorbs and Spamhaus's RBL.
What you're proposing is that the burden be switched from MTA to MTA+DNS. The problem is that it's not that much more difficult for spammers to forge additional DNS records in most cases.
Yes, this scheme might address zombie proxy armies, BUT that presupposes that the major ISPs would actually properly manage their DNSes, which they DON'T NOW, so why would they update the new DNS records properly? They WOULDN'T. It's better to have the DNS records managed by an independent third party such as Spamhaus or Spamcop, that sysops can choose to use that are more responsible and more accurate in determining which hosts are allowed to deliver SMTP traffic.
Yes, among other things, the Office updates are here:
http://office.microsoft.com/OfficeUpdate/
With Microsoft, it's not appropriate to distinguish between their applications and the OS because they've chosen to intermingle the two to an unparalleld degree. Vulnerabilities in Office products and the OS tend to compromise each other.
mod this up... this is one of the shortest, most poignant responses ever on slashdot.
Am I the only one who's discovered that Automatic Updates are actually automatic?
No. You are one among many that apparently think Automtic Updates covers everything when it doesn't. The Automatic updates are not all-inclusive of the patches released to address vulnerability/security issues.
This whole effort is likely to identify middle-class and lower tax cheats. We all know the biggest tax cheats are the super-rich and large corporations. Any money this program could save would be a fraction of the money the government could collect by closing a number of corporate loopholes and foreign tax haven registrations.
You've got some good ideas there. As a result, I suspect you'd have no chance of a career in government or politics. Too bad.
What's most interesting about this case at this point isn't SCO's song and dance. We should be paying more attention to the crooked stock analysts and other media that are insisting SCOX still has any value. I sure hope the SEC is investigating this whole mess.
Americans... please, please, PLEASE VOTE in November! Don't give up on the system. This upcoming election is probably going to be the most important in our (and our children's) lives.
If you don't like these policies. If you think there are better solutions to these problems, exercise your right to vote and effect change.
You could list for days the software companies that went out of business as a result of Microsoft's dominance of the industry, but nothing is more substantive than the fact IMO that Microsoft single-handedly destroyed the entire computer product support industry.
Back in the 80s and early 90s, software companies offered toll-free tech support and were easily contacted to resolve problems. When Windows came along, there were so many incompatibility issues that most of us software publishers found the majority of our tech support resources were going towards fixing Microsoft problems that were inadvertently blamed on our own products. The unstable and chaotic Windows environment, where one il-behaved app or library could screw everything else up, made it a nightmare trying to support even the most simple applications.
Microsoft, single-handedly eradicated the entire product support market by forcing developers to hide or else become pawns in helping microsoft debug its own OS.
I abandoned the desktop market when Windows became dominant. It wasn't worth it trying to develop a useful product for consumers when every new release of an operating system would make your application malfunction and cause all your users to blame you for something that was outside your control.
Thanks Microsoft.
No open source java?
This is about as sad a day as I learned that Windows wasn't open source.
Nobody cares. Posers program in Java. Go ahead and mod me flamebait, but you know it's the truth. Nobody programs in Java that cares about performance and security. It's better for the community that poser languages that don't really offer anything substantive not be open source.
The demographic of slashdot isn't what it used to be, in case you haven't noticed. Desperate times call for desperate replies. Every day there's at least one spam story...
Let's get one thing straight you advertising companies!
Nobody gives a fuck about your annoying, insulting, commercials. We've all reached critical mass in terms of inadequacy, consumerism and superficiality. We don't give a damn about commercials any more. We will PAY for good programming WITHOUT commercials. HBO is testimony to this. Tivo's success is more evidence that we don't give a shit about the latest Cadillac (shit) Escalade, so shove it!
There's more commercials than programming on all networks nowadays. Nobody cares. We've tuned it all out.
The jokeying the networks and the players are doing to try to revitalize the advertising business is useless. There's a new paridigm in effect: we don't give a fuck about commercials. FIGURE IT OUT.
The more commercials you run, the more we'll subvert them and avoid them. We'll buy content on DVD rather than watch shows embedded with total crap on television. When you start embedding advertisements on DVD, we'll stop buying them as well. FIGURE IT OUT. WE ARE SICK OF COMMERCIALS!!
So what are companies to do in the wake of the TOTAL DESENSITIZATION of promotion? I have a really innovative idea: come out with decent products that don't exclusively rely on hype to be accepted by the public. Try that out you stupid fucks!
bottle water company Perrier announces new "piss" line of beverages.
I spoke with the head of AOL's security/IT system. Let me tell you they analyze EVERY e-mail that goes through their system. They look at all the popular RBLs and if you use *certain* politically-incorrect words in your e-mails, they flag the messages for further review. I am unaware of any system on the planet that is more thorough (or privacy-invading) than AOL. Don't let them fool you - their system is the focal point, probably, for a huge amount of intelligence-gathering efforts.
My policy has always been to disable html-enabled mail. Aside from this recent issue and the hundreds before it, html-enabled e-mail is a major security/privacy invasion. Just use plain text. If you're still using Outlook, no comment.
Nobody really wants to hear this, and I'm sure I'll get flamed, but my company has done business with several Indian software companies and the reason we choose to work with them was NOT because of cheaper labor and costs. The bottom line is that on average, the Indians are BETTER PROGRAMMERS than most Americans. You can get better-quality work and better service.
Nobody wants to really address this issue, but in my experience, when we need something done, we don't get the whiny, flaky experience that is so common with American developers. There are definitely cultural issues which can impede certain efforts, but the Indians know code, especially on a lower level far better than their American counterparts, and they're not obsessively distracted or inconsistent.
The issue with outsourcing isn't half as much about cash flow, as it is a testimonial to the fact that if American developers were half as productive as Indians, it would be cheaper to use them, and we'd have better quality software.
Before you argue this point, stop and look around you. Do you think the quality of the majority of things you use on a daily basis, especially anything made in America, has dramatically improved in the last 20 years? Do you think this culture's work ethic is even near as substantive as it was many years ago? We live in a society where we're constantly taught that everything can be upgraded, we're fed disposable products, we screw in lightbulbs that are manufactured to fail, we sit in front of televisions all day long and can't pay attention to anything, and you want to talk about who can program better? The educational system in this country has been sliding downhill rapidly. The reason India is so appealing is because they haven't turned into ADD self-absorbed mega-consumer capitalists yet, so their production is superior. And what's the US's "solution" to this problem? Pass a law making it difficult to outsource. How ironic.