I calculate my POP3 program's processing speed at 660KB a minute and 40 messages a minute. This takes into account my PC's CPU speed of 1.1 GHz and a broadband connection to the Internet.
In practice I have observed the program deleting 1-2 spams a second when they were short and didn't have any imbedded file attachments.
If you are stopping about 90% of the spam before it is transmitted with the SMTP DATA command, I'd have to say that is very good! Using a mailserver designed as described here. with 0 Spambyte codes for the users should bring the suppressed spam percentage up to 99.67% Whatever spam gets through can be fed to a 3rd party Bayesian filter program for further processing/rejection/deletion.
The actual Windows-based mailserver I coded can only handle (very) small or personal domains. I have been unable to find a simple, sample Visual C multithreaded program project that can handle a large number of simultaneous threads and has clear, concise, straightforward code. The method I use spins off SMTP miniservers in a separate thread for each incomming connection. If someone could provide the URL to sample code I can download and use right away to show me how to code a Windows-based SMTP mailserver better than this, it would be greatly appreciated. This is a serious request for help in this matter.
Thank you for your consideration.
My effective, ridiculed way to stop spam....
on
Spam Gets Personal
·
· Score: 1
Spammers have more money than you do. They have more resources than you do. More bandwidth, more sending hosts, more CPU power. Now come up with a solution that works under those circumstances.
I solved my spam problem and talked about it here.
I was Slashdotted so my approach had some merit with some of the crowd here.
But in the end I was 'marginalized' for my efforts to make email useable again.
Anyway, you can read the Slashdot thread and visit my site if you want to for more information and to learn how I cut my spam received down to 1/3 of 1% (0.003333...)
Note: Due to the Slashdotting, the software is unavailable at the moment. I also have to tweak the software a bit to prevent it from hanging on bad, non-rfc compliant emails the spammers have sent me in the past. My site has helpful freeware/shareware there but it looks like the antispam freeware/shareware there got me 'shouted down' here for my efforts.
The spam problem has gotten worse and worse since I wrote the software. While everyone else buys expensive hardware email filters, use several 'complicated' pieces of software working together to fight spam, advocate a new email standard, or just bemoan the problem, I feel a genuine sense of accomplishment of fighting the problem at its most fundamental level and succeeding.
I wont even go into a Walmart unless it is absolutely necessary because the stench of poor people is so overwhelming.
Then why is money called filthy lucre?
(Paper) Money stinks after it has been handled by several/dozens/thousands of people--especially paper money that is so worn, dirty, smelly, and dilapidated, it should be destroyed and replaced on sight!
Then there is the (in)famous story of Lazarus and the rich man in the Bible....
And my personal favorite, the Warrant music album title Dirty Rotten Filthy Stinking Rich. (Sure does describe those greedy RIAA executives to a T, eh?)
Don't like the smell? Go cashless. (Of course, the Bible 'speaks out' about the 'end result' of that as well.)
The stench cuts both ways.
Don't like money and all it represents? Live like a self-reliant hermit on private/(public) land if you can. (Look what happend to the Unabomber, Ted Kaczynski. His brother 'fingered' him anonymously and pledged some of the reward money to the [survivors of] the victims. That backfired--he was 'outed' anyway. Was the reward money a factor? Possible/likely. But Ted 'arrested himself' when his manifesto got published in a public forum and his brother identified him from his writing style.)
Get used to it. "Money makes the world go around." Cabaret (1972)
slashdot captcha word for this post: mediator (coincidence?)
Opening the java source will give spammers access to the source code to the eval function. With it, spammers can make email address harvesters that can extract email addresses 'hidden' in javascript by running it through eval.
Down goes a line of defence against email harvesting!:P
Even having your email address imbedded in an image won't stop 'manual spammers'!
Until Microsoft produces a product I feel is worth $250 CDN. Windows is simply not worth what it sells for.
What if a loaf of bread cost $250 CDN, would you steal it? It is food after all--and is a necessity of life along with breathable air, water, clothing, and shelter.
Look what happend to Jean Valjean in Les Miserables when he stole a loaf of bread just to stay alive!
19 years in prison!
I don't know how long he was there for just the bread theft though....
What if your situation was reversed--would you pirate MacOSX instead of paying for it?
Just because software is 'non-essential' to human existence (not air, food, clothing, or shelter) doesn't mean it's all right to steal it like any other good or service.
Commerce is an application of the Golden Rule--the creators of goods and services are rewarded for their efforts when they are purchased. Stealing them just 'takes the bread out of their mouths' and forces them to pass the increased costs due to theft on to us in the form of higher prices--an established fact!
Brilliant, derivative, and subversive all at the same time!
This parody was put together by pros who (wisely) remain anonymous.
Otherwise the legal eagles behind Symantec and the record label that put out Marky Mark (Wahlberg) and the Funky Bunch's GOOD VIBRATIONS would be all over them in a heartbeat!:P
Some parodys are forgettable crap--like the one 2Live Crew did years ago that became a SCOTUS-level court case that eventually 'made' this much, much better parody possible.
This is definitely time capsule material! (^_^)
I don't know if even Wierd Al Yankovic is capable of this level of excellence apart from his 'main title song' to UHF which I consider to be his masterpiece.
P. S. This file needs to be mirrored on the Internet far and wide in the fine tradition of 'Ballmer's Ipod' and 'endoftheworld.swf'.
Of course the antidote for commercial interests would be to simply put out non-annoying, conscise, informative, even entertaining ads like they did in the early days of TV (where it was mostly product placement within the sponsored shows).
Or make em all like minimovies like The legendary 1984 Apple Computer ad.
Now that's how to do an ad!
The only other ad in the same league would be the (in)famous Where's the Beef? ad for Wendy's with the late great Clara Peller in it.
By comparison, the new ad series for ask.com Googlelike search engine interface is just plain tiresome....:P (>_<);;;
Had the producers juxtaposed the ad content/message with 2001 somehow properly, tastefully, and with the blessing of Stanley Kubrick's estate, they would have had an ad classic on their hands.
Oh well, missed opportunity.
All TV watchers aren't mindless sheeple....
Unfortunately, the advertisers are convinced that most of them are....:(
Per IMDB, it looks like they got Trevor Jones to score the sequel as he did the original (magnificently) and (hopefully) have the London Symphony Orchestra perform the score. Too bad they can't get Marcus Dodds to conduct as he passed away in 1984 according to the IMDB.... (-_-);_;
Making resale of old electronic devices illegal will make sale of DRM-crippled electronics mandatory...possibly worldwide!:(
Stock up on DRM-free electronic devices now and use them with loving care....:)
Re:Toy Story 3 'pointless' w/o Slinky Dog (-_-) ;_
on
Toy Story 3 Scrapped
·
· Score: 1
That'd be 'ghoulish'. There was an outcry using footage of dead actors (such as Humphery Bogart) in Coke (cola) commercials if I remember rightly.
Nah, let the dead rest in peace and let us remeber their contribution(s) to the world whether for good or for ill....
Toy Story 3 'pointless' w/o Slinky Dog (-_-) ;_;
on
Toy Story 3 Scrapped
·
· Score: 4, Insightful
Rest in peace Jim 'Ernest P. Worrell' Varney....
P.S. If they do the 3rd film, perhaps they'll have Slinky Dog in it featured prominently (yet silently) in the background of various scenes.
Or maybe the other toys will mourn his passing in the film -- going to that 'great junkheap in the sky'....
To get a 'soundalike' to do Slinky Dog for a 3rd film would be wrong and besmirch Varney's memory and his memorable characterization of Slinky Dog.
This is somewhat similar to Steve Whitmire doing Kermit The Frog -- taking over for the late, great James Maury Henson when he passed away back in 1991. Steve (now) does Kermit practically as good as Jim did but I know it is just not the same any more....
Do what I do: Use the POP3 client to check multiple email addresses using multiple SpamByte and 'wantspam' settings, I have (semi)private email addresses that have a more relaxed SpamByte code that the 0 I use for my public, Internet-at-large email address iamcf13@hotpop.com
I can't afford a business-grade Internet connection at the moment to run one or else I would. Otherwise, the ISP will (usually) block port 25 outbound to all ip addresses except their mailserver and will frown upon/crack down on 'running servers' on a non-commercial Internet connection.
I just checked iamcf13@hotpop.com via their browser interface
This is a small sample of the 121 messages there...
Sender / Subject / Date / Size Dannie Dempsey / Get ready for love in just 15 minutes / Yesterday, 12:15 AM / 1.3 KB jsk58 / Do you want to know what Erectile Dysfunction means? / Yesterday, 12:38 AM / 0.8 KB Mrs. lucienne / FW: Heya hows it going? / Yesterday, 1:13 AM / 27.0 KB Minna Hinton / Personalising technology solutions. / Yesterday, 1:22 AM / 1.0 KB Lotto Success / GlobalWon is ALIVE...And you're invited to the party / Yesterday, 1:49 AM / 7.8 KB zteacy / With our Super Viagra you will be able to chop the wood with your penis. / Yesterday, 2:01 AM / 1.1 KB berating / news alert / Yesterday, 2:05 AM / 22.6 KB
Overall, a varied mix of
Foreign, non-English messages/spam rendered in in unreadable chararcter sets. Phishing/ID theft attemps. Pharmaceutical spam. Sexspam (Cialis, Viagra and the like - the intimate version of Phamaceutical spam) Stockspam (Market tips / 'pump-and-dump') Gambling spam (see above) Mysterious subject spam (to get you to click and open to read the spam/comeon inside)
I ran my pop3 client and it downloaded, scanned, and completely deleted all of them in about 1.5 minutes
temcat, being (needlessly) fascetious, said/quoted:
OK guys and gals, the gist of the offer: this guy provides a filter that will throw off emails containing file attachments, HTML (assumed by the use of both characters in the email), quoted printable content, percent signs, dollar signs, numbers, URLs and email addresses (includes items like.this and like@this). Since we all know that no legitimate emails ever contain those items, this is sure the way to go.
No legitimate email from people contacting you for the very first time at a Internet-wide, public email address do not need to use any of the 'spammer character set' to send you a email. The 'bozo' email I got is proof that email communications is possible under such extreme filtering conditions. And anyway, if you don't want to risk losing an important email mistakenly marked as spam, the POP3 client can be told to save them as 'spam' so you can go through such messages at your leisure. So all you've lost is some time and hard disk storage. If you don't want to wade through the spam or store it on disk needlessly, have the POP3 client do the task for you. Had a concientious email correspondent honored your SpamByte code and not used a free email service that is apt to tack URL's to the ends of messages as promotional signatures, you would have gotten email from them with no problems, even with a 'zero tolerance' SpamByte of 0.
Ridicule/belittle me or the software I wrote to quash email spam if you want (I'd rather you'd not in the interest of common courtesy) -- I am available by email at iamcf13@hotpop.com for initial contact by the Internet public at large (English only, please). Serious discussions can be conducted via an alternate means from there if need be.
Before July, 2004, I was 'horrendously angry' at spammers. It was this seething, all-encompasing anger that motivated me to write the software in the first place.
After July, 2004, I now pity spammers and continue to collect the currently scant few null/'bozo' spams I get from them at iamcf13@hotpop.com as curiosities as well as proof of the effectiveness of my method.
Spammers can bombard me with 'bozo spam' as mentioned earlier but why waste their effort sending me spam for websites that are difficult/impossible to navigate to without the convennience of URLs and/or email addresses for starters? All that would do would be to motivate me to add some sort of Bayesian filtering to my programs -- something I wanted to avoid doing in the first place as I decided t
Now that Seagate 'owns' Maxtor, will they make Maxtor drives better or just kill the product line off and just use Maxtor's facilities to churn out Seagate HDs? I had two Maxtors HDs crap out on me years ago and I washed my hands of them due to that. If you must buy/use a Maxtor HD, use it as a giant 'scratch pad' and don't save anything permanent on it!
As for Western Digital, other than their HDs running hot, I've had no data loss from them and would recommend them to anyone who can't get/afford Seagate.
Note: If you hate ads, please do not read or 'badmouth' this post or mod it down in 'anticommercial retaliation'. If you hate email spam, please read this post.
Now, at iamcf13@hotpop.com, where I have 'max filtering in effect', I only get spam that looks like this:
+OK 406 octets Return-Path: <ikoey8y36vihioyt@yahoo.com> Received: from 222.115.40.214 (unknown [222.115.40.214])
by mx3.hotpop.com (Postfix) with SMTP id 27CC51B0D23E
for <iamcf13@hotpop.com>; Sat, 3 Dec 2005 10:01:01 +0000 (UTC) Received: from by ; Sat, 03 Dec 2005 05:55:12 -0400 Message-ID: <[20 Date: Sat, 3 Dec 2005 10:01:01 +0000 (UTC) From: ikoey8y36vihioyt@yahoo.com To: undisclosed-recipients:; Subject: (CF13-SMTP [SpamByte=000:]) no subject X-MTA: CF13-SMTP(TM) / CF13-POP3(TM) http://www.cf13.com/ X-CF13-SMTP-ID-Message: <20051206190956.CF13-POP3@69.168.168.192.in-addr.a rpa>
.
or like this:
+OK 1061 octets Return-Path: <heated@libel.org> Received: from c-24-11-215-156.hsd1.mi.comcast.net (c-24-11-215-156.hsd1.mi.comcast.net [24.11.215.156])
by mx1.hotpop.com (Postfix) with SMTP id 02C6BE8390
for <iamcf13@hotpop.com>; Tue, 6 Dec 2005 01:34:51 +0000 (UTC) Received: from unknown (HELO arguably) (192.168.212.39)
by c-24-11-215-156.hsd1.mi.comcast.net with SMTP; Mon, 5 Dec 2005 20:28:21 -0500 Content-Transfer-Encoding: 7bit Message-Id: <11581682156.87374113983@c-24-11-215-156.hsd1.mi.c omcast.net> Content-Type: text/plain; charset=us-ascii To: iamcf13@hotpop.com From: Joyce Mcgee <heated@libel.org> Subject: (CF13-SMTP [SpamByte=000:]) Expand your Penis 20% Larger in weeks Date: Tue, 6 Dec 2005 01:34:53 +0000 (UTC) X-HotPOP-Delivered-To: iamcf13@hotpop.com X-MTA: CF13-SMTP(TM) / CF13-POP3(TM) http://www.cf13.com/ X-CF13-SMTP-ID-Message: <20051206191144.CF13-POP3@69.168.168.192.in-addr.a rpa>
World first Patch Technology for penis Enlargement/pt/
Contraceptives should be used on every conceivable occasion. Change is good, but dollars are better. It's hard to work in groups when you're omnipotent.
When you have loved as she has loved, you grow old beautifully.
.
From 2005-11-30 to 2005-12-19, my POP3 client 'ate' 2,109 spam emails on iamcf13@hotpop.com while allowing 6 'null spams' (see first example) and 1 'bozo spam' (see second example) to get through. This equates to a 'failure rate' of about 1/3 of 1% --in other words, for every 300 spams 'eaten', one would get through...
Since my approach has been ridiculed and belittled here in the past I'll just let the facts and figures in this post speak for themselves. It would be nice if I could use my SMTP server and then I could block or drop the email spam at the SMTP level instead which would be much more efficient. Since [variants of] Bayesian filtering is still popular in antispam software today, my approach could be used as a 'pre-processor' to cut down the input to the Bayesian email filtering module by droping 'obvious' spam and processing only 'suspect spam' (see second example). As a benefit, such filters wouldn't be inundated and waylaid by normal 'Bayesian busting' spam email that is only a carrier unit for the spammer URLs, email addresses, contact info, and shiping and pricing information contained within them.
With my approach, spammers will have to be painfully and obviously verbose in order to get around my filtering method. In fact, to do so, would make it impossible for the email recipient to easily surf to the spammer's site.
I am frustrated as a parent that the human body and sexuality that is natural, legal, etc...is considered too dirty for television, but antisocial violent behavior that is both illegal and unnatural is "fine for family viewing". It's a strange world we live in!
Such programming would eventually/inevitably drive up birth rates, depress wages due to the abundance of ready (willing, and able?) labor, increase corporate competition with lower pricings on goods and services, which lead inexoriably to depressed corporate profits.
The FCC stance on nudity and foul language likely started out because of the so-called 'Puritainism' effect brought about by the arrival of the 'Mayflower Gang' here to America from England in 1620 -- remember the 'Ripple Over The Nipple' from the 2004 SuperBowl football game?....
Over time, corporate America used the 'vast wasteland' that is broadcast television to pander to the 'lowest common denominator' in order to maximize their profits. Why else is 'reality programming' still hot all these years later after Season One of Survivor? (2000) It's because 'reality programming' is cheap to produce and is oh so titilating to that 18-45 year-old demographic that the corporate advertisers desire SO much to buy their wares....so much so that they anger classic pop music fans when they use such tunes to sell their stuff. Remember back in 1995 when Microsoft paid $2,000,000.00(?) to use The Rolling Stones Start Me Up to sell Windows 95 when it first came out?...
If you haven't reached 'the good life' by age 45, corporate America has essentially no further use for you as a consumer--much less a customer....
Back in the 1980's when computer game piracy was at its peak(?) I heard firsthand that copies of this game would deliberately reformat the disk they were on upon detection!
As with the case of Lotus 1-2-3, a write-protect tab solved that 'problem' and a copy of this once-popular gamesim worked as normal.
After enough consumer backlash, game copy protection became more subtle or was somehow integrated into the gameplay of the games themselves somehow.
To this day, the best example of this I know of were the 'launch codes' from another EA hit game STARFLIGHT (I).
It's a shame Electronic Arts has devolved into a tool of major sports franchises and not as the cutting edge computer game company they used to be with such releases like STARFLIGHT, its sequel, and the 2 'CONSTRUCTION SET' gamesims they put out for pinball and music composition....
Another major copy protect annoyance are the 'gotta-have-the-CD-in-the-drive-at-all-times' kinds of protection -- very lame and potentially destructive to your valuable investment in the CD game itself and CD-ROM drive it is spinning needlessly in....
The simple solution to all forms of media/IP piracy are low, competitive prices but that would conflict with the corporate duty to make as much profit as (legally?) possible. Because of this, we now live in a world filled with DRM, DMCA violations, and IP copyrights that will likely outlive everybody alive who reads this post....:(
The corporate stance of the media industry as a whole is essentially this: Your purchases have worn out and you want them again on 'replacement media' for a small replacement charge? Fsck that! Buy another damn copy at full retail price! (If it's still in print if you're lucky.)
This happened to me years ago when my cassette tape copy of John William's E. T. The Extra-Terrestrial soundtrack wore out from playing it constantly (and enjoying it). Fortunately(?), I was able to rebuy it again on CD. In a perfect world, the term 'out of print' would be unheard of and licensed media bought could be replaced for just 'materials, shipping, and handling'. But the industry model of artificial scarcity brings with it corporate greed and eventual subsequent consumer dissatisfaction. Notice how the advice nowadays is to wait for 'ultimate edition' DVD releases of favorite movies instead of buying the bare-bones release now and the 'ultimate edition' later if/when it comes out? Perhaps the 'shining' example of this 'atrocity' is the 'two DVD release' of KILL BILL as 'two separate volumes' instead of as one, complete 'set'.
Touching on DRM for a bit, look at the hypocrisy of USA government/big business persecuting 'DVD Jon' and that guy from Russia that cracked DVD Content Scrambling System and Adobe's protected PDF format respectively. Why is it, due to DMCA, legal to import strong cryptograpy into the USA to protect the secrecy of your own affairs but to reverse-engineer domestically created encryption schemes that 'protect media' for personal uses only is a felony offence worthy of serious fines and jail time? Has society come to the point that human life is so cheap that we can throw them away (in prison for 'minor', non-violent offences) and just make more in 9 months or less so long as the 'precious cash' keeps flowing between big business and big government here in the USA?
'Twould be nice if the USA copyright system went back to the original 14-year max format established by the Founding Fathers. If that were the case, these and other 'Slashdot Favorite Films' for example would be public domain by now....
Adi Shamir once proposed the following hash function:
Let n = p*q be the product of two large primes, such that
factoring n is believed to be infeasible.
Let g be an element of maximum order in Z_n^* (i.e. an
element of order lambda(n) = lcm(p-1,q-1)).
Assume that n and g are fixed and public; p and q are secret.
Let x be an input to be hashed, interpreted as a
non-negative integer. (Of arbitrary length; this may be
considerably larger than n.)
Define hash(x) = g^x (mod n).
Then this hash function is provably collision-resistant, since the ability to find a collision means that you have an x and an x' such that
hash(x) = hash(x')
which implies that
x - x' = k * lambda(n)
for some k. That is a collision implies that you can find a multiple of lambda(n). Being able to find a multiple of lambda(n) means that you can factor n.
I would suggest this meets the specs of your query above.
Cheers,
Ron Rivest
Ronald L. Rivest Room 324, 200 Technology Square, Cambridge MA 02139 Tel 617-253-5880, Fax 617-258-9738, Email
The nice thing about Adi Shamir's hash function is that it, as well as the RSA cryptosystem co-created with Rivest and Len Adleman is all based on simple modular exponentiation.
Too bad the Feds consider arbitrary precision mathematics used for encryption purposes to be 'a munition' and 'a controlled export'....:(
Years ago, they raked Phil Zimmerman over the coals over his email cryptosystem PGP then (eventually) left him alone.
Can't cryptosavvy individuals secure the details of their affairs with strong encryption WITHOUT being hassled by 'the Man'?...
P.S. However, Rivest came up with a scheme that gives you 'confidientiality *without* encryption' through a scheme he calls Chaffing and Winnowing
Years ago I cobbled together some apps that screenscraped the HTML from one eBay category I was deeply interested in, rotated the 'marketspeak' to the end of the item description, and alphabatized the result.
Very effective. It was essentially like (Amazon.com's hated, patented) '1-click shopping'.
Along with sniping, I benefited handsomely from these 'tools'.
Nowadays, I'm busy and haven't had time to update those proggies...:)
Probably can't use them (and definitely cant sell them) as it would be a DDoS on eBay that would eventually drive them out of business due to low final bids in their auctions. Imagine such '1-click shopping' coupled with sniping and practiced ardently by (nearly) all of eBay's millions of members.... O_O;
That's why the snipe is effective: ultimately it works because it doesn't allow time for second thoughts. It also doesn't allow any time for shill bidding.
Stopping shill bidding is the BEST reasion to snipe on eBay.
If eBay makes sniping impossible, they are as good as bankrupt....
I lost my very first few ebay auctions but I came around quick to sniping, I only got outsniped a handfull of times in the past 100+ auctions whenever i bid on something.
I've used Auctionstealer's free service and it seems to work as advertised--still lost some eBay auctions but at least the bids were put in automatically in the closing minute of the auctions. Of coures, if you pay, you get more sniping abilities....
I'm not a shill for Auctionstealer, just someone who heard about it and checked it out....
(Note: I am not a shill/user of his software but am a fellow coder always on the lookout for good, elegant, useful code and ideas to use in future projects....)
Before I conclude, I have one other thing I wish to mention that defines security. This is the fact that ProtoNova is the only web server in existence guaranteed to be free from Buffer Overflow attacks on the stack at the application level. Let's see you try to get a guarantee like that from Apache or Microsoft. While I can't control problems with the underlying OS or libraries, I can control how I write my own code. Here's my secret to how I can make such a guarantee: Dynamically allocate all memory I use on the heap. 90% of all bug fixes for exploits (potential or otherwise) coming out of various organizations (ahem, Microsoft) are for Buffer Overflow attacks on the stack. A buffer overflow on the heap is far less dangerous than a stack-based overflow. If you don't know the difference, let me show you that I really do know what I'm talking about (whereas most journalists generally have no clue) using some C code - that is, the language most web servers are written in:
// Include necessary headers to compile #include <stdio.h> #include <stdlib.h>
// Start of the "main" function - used to tell the OS where // to start processing source code. int main(int argc, char **argv) { // Tells the computer to create 256 places in memory _on the stack_ for storage.
char str[256];
// This just tells the user how to use the program. // Not really important, but useful.
if (argc < 2)
{
printf("Syntax: BadProgram TypeInAReallyLongString");
exit(1);
}
// This copies the data the _user_ specified into str.
strcpy(str, argv[1]);
// This prints the contents of str.
printf("%s\n", str);
return 0; }
(For you programmers out there, please ignore the comments. I realize they are "basic/newbie," but I'm attempting to explain source code to newbies).
The example above is extremely dangerous. Why? It is because there is only room reserved for 256 places in the computer's memory. What happens if the user enters data for 1000 places? This is where the danger comes in. The stack is where function calls like "main" are stored. When 1000 memory locations are copied from the user to str, the stack beyond the 256 is overwritten with whatever the user has entered. Typically, this will result in a crash when the function "main" "return"s...however, if those 1000 places in memory are carefully crafted, they can execute arbitrary code when "main" "return"s. This could be anything from a virus to a complete system takeover.
So, what is the solution to this? It should be obvious: Don't put anything the user enters, even remotely related, onto the stack...ever:
// Include necessary headers to compile #include <stdio.h> #include <stdlib.h>
// Start of the "main" function - used to tell the OS where // to start processing source code. int main(int argc, char **argv) { // Tells the computer to create a place _on the stack_ for // storage of a pointer to memory _on the heap_.
char *str;
// This just tells the user how to use the program. // Not really important, but useful.
if (argc < 2)
{
printf("Syntax: BetterProgram TypeInAReallyLo
Slashdot Mirror
I have no formal benchmark figures.
3 09227 ,
All I can offer are the following observed 'guestimates'
per http://slashdot.org/comments.pl?sid=171793&cid=14
I calculate my POP3 program's processing speed at 660KB a minute and 40 messages a minute. This takes into account my PC's CPU speed of 1.1 GHz and a broadband connection to the Internet.
In practice I have observed the program deleting 1-2 spams a second when
they were short and didn't have any imbedded file attachments.
If you are stopping about 90% of the spam before it is transmitted with the SMTP DATA command, I'd have to say that is very good! Using a mailserver designed as described here. with 0 Spambyte codes for the users should bring the suppressed spam percentage up to 99.67% Whatever spam gets through can be fed to a 3rd party Bayesian filter program for further processing/rejection/deletion.
The actual Windows-based mailserver I coded can only handle (very) small or personal domains. I have been unable to find a simple, sample Visual C multithreaded program project that can handle a large number of simultaneous threads and has clear, concise, straightforward code. The method I use spins off SMTP miniservers in a separate thread for each incomming connection. If someone could provide the URL to sample code I can download and use right away to show me how to code a Windows-based SMTP mailserver better than this, it would be greatly appreciated. This is a serious request for help in this matter.
Thank you for your consideration.
Spammers have more money than you do. They have more resources than you do. More bandwidth, more sending hosts, more CPU power. Now come up with a solution that works under those circumstances.
I solved my spam problem and talked about it here.
I was Slashdotted so my approach had some merit with some of the crowd here.
But in the end I was 'marginalized' for my efforts to make email useable again.
Anyway, you can read the Slashdot thread and visit my site if you want to for more information and to learn how I cut my spam received down to 1/3 of 1% (0.003333...)
Note: Due to the Slashdotting, the software is unavailable at the moment. I also have to tweak the software a bit to prevent it from hanging on bad, non-rfc compliant emails the spammers have sent me in the past. My site has helpful freeware/shareware there but it looks like the antispam freeware/shareware there got me 'shouted down' here for my efforts.
The spam problem has gotten worse and worse since I wrote the software. While everyone else buys expensive hardware email filters, use several 'complicated' pieces of software working together to fight spam, advocate a new email standard, or just bemoan the problem, I feel a genuine sense of accomplishment of fighting the problem at its most fundamental level and succeeding.
Thank you for your consideration.
I wont even go into a Walmart unless it is absolutely necessary because the stench of poor people is so overwhelming.
Then why is money called filthy lucre?
(Paper) Money stinks after it has been handled by several/dozens/thousands of people--especially paper money that is so worn, dirty, smelly, and dilapidated, it should be destroyed and replaced on sight!
Then there is the (in)famous story of Lazarus and the rich man in the Bible....
And my personal favorite, the Warrant music album title Dirty Rotten Filthy Stinking Rich. (Sure does describe those greedy RIAA executives to a T, eh?)
Don't like the smell? Go cashless. (Of course, the Bible 'speaks out' about the 'end result' of that as well.)
The stench cuts both ways.
Don't like money and all it represents? Live like a self-reliant hermit on private/(public) land if you can. (Look what happend to the Unabomber, Ted Kaczynski. His brother 'fingered' him anonymously and pledged some of the reward money to the [survivors of] the victims. That backfired--he was 'outed' anyway. Was the reward money a factor? Possible/likely. But Ted 'arrested himself' when his manifesto got published in a public forum and his brother identified him from his writing style.)
Get used to it. "Money makes the world go around." Cabaret (1972)
slashdot captcha word for this post: mediator (coincidence?)
Opening the java source will give spammers access to the source code to the eval function. With it, spammers can make email address harvesters that can extract email addresses 'hidden' in javascript by running it through eval.
:P
Down goes a line of defence against email harvesting!
Even having your email address imbedded in an image won't stop 'manual spammers'!
You've been duly warned....
Until Microsoft produces a product I feel is worth $250 CDN. Windows is simply not worth what it sells for.
What if a loaf of bread cost $250 CDN, would you steal it? It is food after all--and is a necessity of life along with breathable air, water, clothing, and shelter.
Look what happend to Jean Valjean in Les Miserables when he stole a loaf of bread just to stay alive!
19 years in prison!
I don't know how long he was there for just the bread theft though....
What if your situation was reversed--would you pirate MacOSX instead of paying for it?
Just because software is 'non-essential' to human existence (not air, food, clothing, or shelter) doesn't mean it's all right to steal it like any other good or service.
Commerce is an application of the Golden Rule--the creators of goods and services are rewarded for their efforts when they are purchased. Stealing them just 'takes the bread out of their mouths' and forces them to pass the increased costs due to theft on to us in the form of higher prices--an established fact!
Who wants that?
Brilliant, derivative, and subversive all at the same time!
:P
This parody was put together by pros who (wisely) remain anonymous.
Otherwise the legal eagles behind Symantec and the record label that put out
Marky Mark (Wahlberg) and the Funky Bunch's GOOD VIBRATIONS would be all over them
in a heartbeat!
Some parodys are forgettable crap--like the one 2Live Crew did years ago that became a SCOTUS-level court case that eventually 'made' this much, much better parody possible.
This is definitely time capsule material! (^_^)
I don't know if even Wierd Al Yankovic is capable of this level of excellence apart from his 'main title song' to UHF which I consider to be his masterpiece.
P. S. This file needs to be mirrored on the Internet far and wide in the fine tradition of 'Ballmer's Ipod' and 'endoftheworld.swf'.
...unless the mfgs get rid of the RCA analog A/V jacks on the newfangled adskip-proof A/V gear....
:P
One more reason to hang onto your working legacy VCR/VHS/BETA systems and media....
VHS will have to be banned/outlawed wholesale in order to make such a 'transition' to adskip-proof appliances complete....
Food for thought, folks....
Well said commodoresloat!
:P (>_<);;;
:(
Of course the antidote for commercial interests would be to simply put out non-annoying, conscise, informative, even entertaining ads like they did in the early days of TV (where it was mostly product placement within the sponsored shows).
Or make em all like minimovies like The legendary 1984 Apple Computer ad.
Now that's how to do an ad!
The only other ad in the same league would be the (in)famous Where's the Beef? ad for Wendy's with the late great Clara Peller in it.
By comparison, the new ad series for ask.com Googlelike search engine interface is just plain tiresome....
Had the producers juxtaposed the ad content/message with 2001 somehow properly, tastefully, and with the blessing of Stanley Kubrick's estate, they would have had an ad classic on their hands.
Oh well, missed opportunity.
All TV watchers aren't mindless sheeple....
Unfortunately, the advertisers are convinced that most of them are....
Per IMDB, it looks like they got Trevor Jones to score the sequel as he did the original (magnificently) and (hopefully) have the London Symphony Orchestra perform the score. Too bad they can't get Marcus Dodds to conduct as he passed away in 1984 according to the IMDB.... (-_-) ;_;
What else could it be?
:(
:)
Making resale of old electronic devices illegal will make sale of DRM-crippled electronics mandatory...possibly worldwide!
Stock up on DRM-free electronic devices now and use them with loving care....
That'd be 'ghoulish'. There was an outcry using footage of dead actors (such as Humphery Bogart) in Coke (cola) commercials if I remember rightly.
Nah, let the dead rest in peace and let us remeber their contribution(s) to the world whether for good or for ill....
Rest in peace Jim 'Ernest P. Worrell' Varney....
P.S. If they do the 3rd film, perhaps they'll have Slinky Dog in it
featured prominently (yet silently) in the background of various scenes.
Or maybe the other toys will mourn his passing in the film -- going to
that 'great junkheap in the sky'....
To get a 'soundalike' to do Slinky Dog for a 3rd film would be wrong and besmirch
Varney's memory and his memorable characterization of Slinky Dog.
This is somewhat similar to Steve Whitmire doing Kermit The Frog -- taking over for
the late, great James Maury Henson when he passed away back in 1991. Steve (now) does Kermit practically as good as Jim did but I know it is just not the same any more....
Food for thought.
Do what I do: Use the POP3 client to check multiple email addresses using multiple SpamByte and 'wantspam' settings, I have (semi)private email addresses that have a more relaxed SpamByte code that the 0 I use for my public, Internet-at-large email address iamcf13@hotpop.com
I can't afford a business-grade Internet connection at the moment to run one or else I would. Otherwise, the ISP will (usually) block port 25 outbound to all ip addresses except their mailserver and will frown upon/crack down on 'running servers' on a non-commercial Internet connection.
Run the POP3 client in 'wantspam' mode and sift throught the emails yourself.
I just checked iamcf13@hotpop.com via their browser interface
This is a small sample of the 121 messages there...
Sender / Subject / Date / Size
Dannie Dempsey / Get ready for love in just 15 minutes / Yesterday, 12:15 AM / 1.3 KB
jsk58 / Do you want to know what Erectile Dysfunction means? / Yesterday, 12:38 AM / 0.8 KB
Mrs. lucienne / FW: Heya hows it going? / Yesterday, 1:13 AM / 27.0 KB
Minna Hinton / Personalising technology solutions. / Yesterday, 1:22 AM / 1.0 KB
Lotto Success / GlobalWon is ALIVE...And you're invited to the party / Yesterday, 1:49 AM / 7.8 KB
zteacy / With our Super Viagra you will be able to chop the wood with your penis. / Yesterday, 2:01 AM / 1.1 KB
berating / news alert / Yesterday, 2:05 AM / 22.6 KB
Overall, a varied mix of
Foreign, non-English messages/spam rendered in in unreadable chararcter sets.
Phishing/ID theft attemps.
Pharmaceutical spam.
Sexspam (Cialis, Viagra and the like - the intimate version of Phamaceutical spam)
Stockspam (Market tips / 'pump-and-dump')
Gambling spam (see above)
Mysterious subject spam (to get you to click and open to read the spam/comeon inside)
I ran my pop3 client and it downloaded, scanned, and completely deleted all of them in about 1.5 minutes
temcat, being (needlessly) fascetious, said/quoted:
OK guys and gals, the gist of the offer: this guy provides a filter that will throw off emails containing file
attachments, HTML (assumed by the use of both characters in the email), quoted printable content, percent signs,
dollar signs, numbers, URLs and email addresses (includes items like.this and like@this).
Since we all know that no legitimate emails ever contain those items, this is sure the way to go.
No legitimate email from people contacting you for the very first time at a Internet-wide, public email address
do not need to use any of the 'spammer character set' to send you a email. The 'bozo' email I got
is proof that email communications is possible under such extreme filtering conditions. And anyway, if you don't
want to risk losing an important email mistakenly marked as spam, the POP3 client can be told to save them as 'spam' so
you can go through such messages at your leisure. So all you've lost is some time and hard disk storage. If you don't
want to wade through the spam or store it on disk needlessly, have the POP3 client do the task for you. Had a concientious
email correspondent honored your SpamByte code and not used a free email service that is apt to tack URL's to the ends of
messages as promotional signatures, you would have gotten email from them with no problems, even with a 'zero tolerance' SpamByte of 0.
Ridicule/belittle me or the software I wrote to quash email spam if you want (I'd rather you'd not in the interest of common courtesy) -- I am available by email at iamcf13@hotpop.com
for initial contact by the Internet public at large (English only, please). Serious discussions can be conducted via an alternate means from there if need be.
Before July, 2004, I was 'horrendously angry' at spammers. It was this seething, all-encompasing anger that motivated me to write the software in the first place.
After July, 2004, I now pity spammers and continue to collect the currently scant few null/'bozo' spams I get from them at iamcf13@hotpop.com as
curiosities as well as proof of the effectiveness of my method.
Spammers can bombard me with 'bozo spam' as mentioned earlier but why waste their effort sending me spam for websites that are difficult/impossible to navigate
to without the convennience of URLs and/or email addresses for starters? All that would do would be to motivate me to add some sort of Bayesian filtering to my programs -- something I wanted to avoid doing in the
first place as I decided t
Now that Seagate 'owns' Maxtor, will they make Maxtor drives better or just kill the product line off and just use Maxtor's facilities to churn out Seagate HDs? I had two Maxtors HDs crap out on me years ago and I washed my hands of them due to that. If you must buy/use a Maxtor HD, use it as a giant 'scratch pad' and don't save anything permanent on it!
As for Western Digital, other than their HDs running hot, I've had no data loss from them and would recommend them to anyone who can't get/afford Seagate.
Note: If you hate ads, please do not read or 'badmouth' this post or mod it down in 'anticommercial retaliation'. If you hate email spam, please read this post.
/pt/
Fed up with email spam, I wrote my own filter
Now, at iamcf13@hotpop.com, where I have 'max filtering in effect', I only get spam that looks like this:
+OK 406 octets
Return-Path: <ikoey8y36vihioyt@yahoo.com>
Received: from 222.115.40.214 (unknown [222.115.40.214])
by mx3.hotpop.com (Postfix) with SMTP id 27CC51B0D23E
for <iamcf13@hotpop.com>; Sat, 3 Dec 2005 10:01:01 +0000 (UTC)
Received: from by ; Sat, 03 Dec 2005 05:55:12 -0400
Message-ID: <[20
Date: Sat, 3 Dec 2005 10:01:01 +0000 (UTC)
From: ikoey8y36vihioyt@yahoo.com
To: undisclosed-recipients:;
Subject: (CF13-SMTP [SpamByte=000:]) no subject
X-MTA: CF13-SMTP(TM) / CF13-POP3(TM) http://www.cf13.com/
X-CF13-SMTP-ID-Message: <20051206190956.CF13-POP3@69.168.168.192.in-addr.a rpa>
.
or like this:
+OK 1061 octets
Return-Path: <heated@libel.org>
Received: from c-24-11-215-156.hsd1.mi.comcast.net (c-24-11-215-156.hsd1.mi.comcast.net [24.11.215.156])
by mx1.hotpop.com (Postfix) with SMTP id 02C6BE8390
for <iamcf13@hotpop.com>; Tue, 6 Dec 2005 01:34:51 +0000 (UTC)
Received: from unknown (HELO arguably) (192.168.212.39)
by c-24-11-215-156.hsd1.mi.comcast.net with SMTP; Mon, 5 Dec 2005 20:28:21 -0500
Content-Transfer-Encoding: 7bit
Message-Id: <11581682156.87374113983@c-24-11-215-156.hsd1.mi.c omcast.net>
Content-Type: text/plain; charset=us-ascii
To: iamcf13@hotpop.com
From: Joyce Mcgee <heated@libel.org>
Subject: (CF13-SMTP [SpamByte=000:]) Expand your Penis 20% Larger in weeks
Date: Tue, 6 Dec 2005 01:34:53 +0000 (UTC)
X-HotPOP-Delivered-To: iamcf13@hotpop.com
X-MTA: CF13-SMTP(TM) / CF13-POP3(TM) http://www.cf13.com/
X-CF13-SMTP-ID-Message: <20051206191144.CF13-POP3@69.168.168.192.in-addr.a rpa>
World first Patch Technology for penis Enlargement
Contraceptives should be used on every conceivable occasion.
Change is good, but dollars are better.
It's hard to work in groups when you're omnipotent.
When you have loved as she has loved, you grow old beautifully.
.
From 2005-11-30 to 2005-12-19, my POP3 client 'ate' 2,109 spam emails on iamcf13@hotpop.com while allowing 6 'null spams' (see first example) and 1 'bozo spam' (see second example) to get through. This equates to a 'failure rate' of about 1/3 of 1% --in other words, for every 300 spams 'eaten', one would get through...
Since my approach has been ridiculed and belittled here in the past I'll just let the facts and figures in this post speak for themselves. It would be nice if I could use my SMTP server and then I could block or drop the email spam at the SMTP level instead which would be much more efficient. Since [variants of] Bayesian filtering is still popular in antispam software today, my approach could be used as a 'pre-processor' to cut down the input to the Bayesian email filtering module by droping 'obvious' spam and processing only 'suspect spam' (see second example). As a benefit, such filters wouldn't be inundated and waylaid by normal 'Bayesian busting' spam email that is only a carrier unit for the spammer URLs, email addresses, contact info, and shiping and pricing information contained within them.
With my approach, spammers will have to be painfully and obviously verbose in order to get around my filtering method. In fact, to do so, would make it impossible for the email recipient to easily surf to the spammer's site.
Isn't that the
I am frustrated as a parent that the human body and sexuality that is natural, legal, etc...is considered too dirty for television, but antisocial violent behavior that is both illegal and unnatural is "fine for family viewing". It's a strange world we live in!
Such programming would eventually/inevitably drive up birth rates, depress wages due to the abundance of ready (willing, and able?) labor, increase corporate competition with lower pricings on goods and services, which lead inexoriably to depressed corporate profits.
The FCC stance on nudity and foul language likely started out because of the so-called 'Puritainism' effect brought about by the arrival of the 'Mayflower Gang' here to America from England in 1620 -- remember the 'Ripple Over The Nipple' from the 2004 SuperBowl football game?....
Over time, corporate America used the 'vast wasteland' that is broadcast television to pander to the 'lowest common denominator' in order to maximize their profits. Why else is 'reality programming' still hot all these years later after Season One of Survivor? (2000) It's because 'reality programming' is cheap to produce and is oh so titilating to that 18-45 year-old demographic that the corporate advertisers desire SO much to buy their wares....so much so that they anger classic pop music fans when they use such tunes to sell their stuff. Remember back in 1995 when Microsoft paid $2,000,000.00(?) to use The Rolling Stones Start Me Up to sell Windows 95 when it first came out?...
If you haven't reached 'the good life' by age 45, corporate America has essentially no further use for you as a consumer--much less a customer....
Years and years (and years) ago, I read in the TV GUIDE that PBS was going to foot the bill(?) to mount and air ALL of Shakespeare plays.
Did they ever finish with that project? URLs would be nice....
I'm curious....
Back in the 1980's when computer game piracy was at its peak(?) I heard firsthand that copies of this game would deliberately reformat the disk they were on upon detection!
:(
As with the case of Lotus 1-2-3, a write-protect tab solved that 'problem' and a copy of this once-popular gamesim worked as normal.
After enough consumer backlash, game copy protection became more subtle or was somehow integrated into the gameplay of the games themselves somehow.
To this day, the best example of this I know of were the 'launch codes' from another EA hit game STARFLIGHT (I).
It's a shame Electronic Arts has devolved into a tool of major sports franchises and not as the cutting edge computer game company they used to be
with such releases like STARFLIGHT, its sequel, and the 2 'CONSTRUCTION SET' gamesims they put out for pinball and music composition....
Another major copy protect annoyance are the 'gotta-have-the-CD-in-the-drive-at-all-times' kinds of protection -- very lame and potentially destructive to your valuable investment in the CD game itself and CD-ROM drive it is spinning needlessly in....
The simple solution to all forms of media/IP piracy are low, competitive prices but that would conflict with the corporate duty to make as much profit as (legally?) possible. Because of this, we now live in a world filled with DRM, DMCA violations, and IP copyrights that will likely outlive everybody alive who reads this post....
The corporate stance of the media industry as a whole is essentially this: Your purchases have worn out and you want them again on 'replacement media' for a small replacement charge? Fsck that! Buy another damn copy at full retail price! (If it's still in print if you're lucky.)
This happened to me years ago when my cassette tape copy of John William's E. T. The Extra-Terrestrial soundtrack wore out from playing it constantly (and enjoying it). Fortunately(?), I was able to rebuy it again on CD. In a perfect world, the term 'out of print' would be unheard of and licensed media bought could be replaced for just 'materials, shipping, and handling'. But the industry model of artificial scarcity brings with it corporate greed and eventual subsequent consumer dissatisfaction. Notice how the advice nowadays is to wait for 'ultimate edition' DVD releases of favorite movies instead of buying the bare-bones release now and the 'ultimate edition' later if/when it comes out? Perhaps the 'shining' example of this 'atrocity' is the 'two DVD release' of KILL BILL as 'two separate volumes' instead of as one, complete 'set'.
Touching on DRM for a bit, look at the hypocrisy of USA government/big business persecuting 'DVD Jon' and that guy from Russia that cracked DVD Content Scrambling System and Adobe's protected PDF format respectively. Why is it, due to DMCA, legal to import strong cryptograpy into the USA to protect the secrecy of your own affairs but to reverse-engineer domestically created encryption schemes that 'protect media' for personal uses only is a felony offence worthy of serious fines and jail time? Has society come to the point that human life is so cheap that we can throw them away (in prison for 'minor', non-violent offences) and just make more in 9 months or less so long as the 'precious cash' keeps flowing between big business and big government here in the USA?
'Twould be nice if the USA copyright system went back to the original 14-year max format established by the Founding Fathers. If that were the case, these and other 'Slashdot Favorite Films' for example would be public domain by now....
2001: A Space Odyssey (1968)
Close Encounters Of The Third Kind (1977)
Alien (1979)
Blade Runner (1982)
E.T. The Extra-Terrestrial (1982)
Aliens (1986)
Superman (1978)
Star Wars (1977)
The Empire Strikes Back (1980)
Return Of The Jedi (1983)
The first six STAR TREK movies (1979,1
(from material at the Pure Crypto Project - http://senderek.de/pcp/ )
Quote below from http://senderek.de/pcp/pcp-security.html
The nice thing about Adi Shamir's hash function is that it, as well as the RSA cryptosystem co-created with Rivest and Len Adleman is all based on simple modular exponentiation.
Too bad the Feds consider arbitrary precision mathematics used for encryption purposes to be 'a munition' and 'a controlled export'....
Years ago, they raked Phil Zimmerman over the coals over his email cryptosystem PGP then (eventually) left him alone.
Can't cryptosavvy individuals secure the details of their affairs with strong encryption WITHOUT being hassled by 'the Man'?...
P.S. However, Rivest came up with a scheme that gives you 'confidientiality *without* encryption' through a scheme he calls Chaffing and Winnowing
Enjoy!
In the past.
:)
Years ago I cobbled together some apps that screenscraped the HTML from one eBay category I was deeply interested in, rotated the 'marketspeak' to the end of the item
description, and alphabatized the result.
Very effective. It was essentially like (Amazon.com's hated, patented) '1-click shopping'.
Along with sniping, I benefited handsomely from these 'tools'.
Nowadays, I'm busy and haven't had time to update those proggies...
Probably can't use them (and definitely cant sell them) as it would be a DDoS on eBay that would eventually drive them out of business due to low final bids in their auctions. Imagine such '1-click shopping' coupled with sniping and practiced ardently by (nearly) all of eBay's millions of members.... O_O;
That's why the snipe is effective: ultimately it works because it doesn't allow time for second thoughts. It also doesn't allow any time for shill bidding.
:)
Stopping shill bidding is the BEST reasion to snipe on eBay.
If eBay makes sniping impossible, they are as good as bankrupt....
I lost my very first few ebay auctions but I came around quick to sniping, I only got outsniped a handfull of times in the past 100+ auctions whenever i bid on something.
Dont pay for a sniping program, use http://www.auctionstealer.com/ instead and 'get on with your life.'
I've used Auctionstealer's free service and it seems to work as advertised--still lost some eBay auctions but at least the bids were put in automatically in the closing minute of the auctions. Of coures, if you pay, you get more sniping abilities....
I'm not a shill for Auctionstealer, just someone who heard about it and checked it out....
(Note: I am not a shill/user of his software but am a fellow coder always on the lookout for good, elegant, useful code and ideas to use in future projects....)
From
http://www.slproweb.com/download/ProtoNova_ID.chm
Discussion on Security
[snip]
Before I conclude, I have one other thing I wish to mention that defines security. This is the fact that ProtoNova is the only web server in existence guaranteed to be free from Buffer Overflow attacks on the stack at the application level. Let's see you try to get a guarantee like that from Apache or Microsoft. While I can't control problems with the underlying OS or libraries, I can control how I write my own code. Here's my secret to how I can make such a guarantee: Dynamically allocate all memory I use on the heap. 90% of all bug fixes for exploits (potential or otherwise) coming out of various organizations (ahem, Microsoft) are for Buffer Overflow attacks on the stack. A buffer overflow on the heap is far less dangerous than a stack-based overflow. If you don't know the difference, let me show you that I really do know what I'm talking about (whereas most journalists generally have no clue) using some C code - that is, the language most web servers are written in:
(For you programmers out there, please ignore the comments. I realize they are "basic/newbie," but I'm attempting to explain source code to newbies).
The example above is extremely dangerous. Why? It is because there is only room reserved for 256 places in the computer's memory. What happens if the user enters data for 1000 places? This is where the danger comes in. The stack is where function calls like "main" are stored. When 1000 memory locations are copied from the user to str, the stack beyond the 256 is overwritten with whatever the user has entered. Typically, this will result in a crash when the function "main" "return"s...however, if those 1000 places in memory are carefully crafted, they can execute arbitrary code when "main" "return"s. This could be anything from a virus to a complete system takeover.
So, what is the solution to this? It should be obvious: Don't put anything the user enters, even remotely related, onto the stack...ever: