What's the point of knowing that a piece of incoming mail is coming from a mail server that is registered to come from the domain it is reportedly coming from? Since 90% of spam is being sent by zombie PC's these days; the virus writers will just go to the extra effort of sending spam out the zombie PC through the owners' ISP mail server, and to your inbox. Voila; instant spam from a legitimate mail server. Oh but I'm wrong, you're going to tell me; because the user needs to authenticate with the mail server for every piece of mail he sends. Well, show me someone who types in their SASL password _every_single_time_they_send_a_mail. So now the virus writers just have to exploit bugs in the MUA (probably by passing a draft message to the "send_mail" function in some DLL; that will dutifully pull the stored password out of the MUA configuration, and send the mail. Even if you force someone to type in their password for every piece of mail, there are keyloggers that will happily sit there and wait for the password to appear, and then communicate that to the waiting spam-engine..
This isn't that hard to do. sender-id, spf, etc, does nothing. We already know most semi-legitimate spammers are publishing SPF records on their throwaway domains which takes care of the other 10% of spam...
Fix this properly. Declare it within the law to assassinate anyone who sends a piece of spam. Then merely wait.
So there's some bad blood between groklaw and maureen.. I couldn't care less.. I go to Groklaw to see facts and read the interpretations; but occasionally the interpretations don't match the reported facts and that's ok... They're interpretations; not necessarily truths...
But the editorializing just hurts groklaws credibility... Had PJ reported just the facts that would have been great. Adding crap like "blarney", etc, just lowers the bar and makes it all seem childish and ironically; calls into question groklaws credibility...
When will/. get some editors that actually pay attention to stuff?
The most frightening thing is that if you read the evolving thread on the shell script in question, the "developers" seem to have trouble understanding what simple commands do. "What does 'find' do?"... Yet, there's enough of them that they end up producing something that, at least, appears like it might function, and might serve some relatively benign but nefarious purpose...
A bunch of years ago I went through the same turmoil. My partner and I had an idea for a product. We built a prototype and it worked pretty well. We thought "heck, why don't we release the source to the firmware on the card, that way it's easy for people to write linux/bsd drivers, and modify the behavior if they want."... Fast forward; we sold a few thousand cards, barely made any money, and now have larger companies selling effectively duplcates of our card, and now we, without money, have to roll over because we have no way to defend ourselves. Sure, we had a couple of patentable ideas, but it took 3 years and 1 month for the patent to come through, and now that we have it, no money to defend it..
The linux/*BSD community is always more than happy to pay about half what it costs to make something. So unless you're cranking out tens of thousands of these things a month, you may as well not bother. The linux/*BSD community isn't big enough to support a flow of tens of thousands a month without the windows market there to help.
I wish these guys well; but don't predict much happiness.
The article doesn't say _anything_ about wince running the fuel injectors, or the ABS, or air bags, or brakes, or steering... It mentions only annoying stuff that has no business being in a car anyway.... Having an in-vehicle DVD player itself is probably more likely to cause crashes than what operating system is being run on said DVD player.
Yes, I'm old. I drive a 21 year old diesel truck with no electronics and 440,000 miles on the odometer.
Yawn. Who cares? A lifetime achievement award for making a bunch of low-quality plot-recipe movies and becoming stinking rich as a result; and we have to give him an award?
Once everyone who can reasonably afford to, has gone up in space, floated around the cabin a bit, and drunk their vodka-bubbles, what are they going to do for an encore? Take people to Mars? Once the novelty has worn off, people realize there's nowhere to go for your 10 day vacation because everything interesting is 3 generations away...
Just a passing fad like radio, television, and spam.
I realize this is tangential to the article.... But the world-wide deaf community really lost out... They had the opportunity to create a global sign language (with local modifications of course) but no, we have ASL, GSL, ISL, one-finger spelling, etc... A global sign-language would have become the defacto cross-cultural communication method and ultimately, it wouldn't be quite so much a pain in the ass to live in a world dominated by the hearing.
I took an ASL course and practiced a fair bit. I taught my 8 month old (now 3 years) ASL. For 6 months, that was his principal method of communication... An 8 month old that can ask for more milk is an impressive thing.
I run a large european auto maker's website. Here are the stats for the last 30 days...
Visitor Browser 8/14/04 - 9/14/04
Visitor Browser 4,795,922
Internet Explorer 4,336,610 90.42%
Mozilla 219,831 4.58%
AOL 127,381 2.66%
Uncategorized 66,469 1.39%
Opera 25,215 0.53%
This covers all markets, including north america. I tend to think this is more demographically diverse than a tech gadget company.
Not bad. Just over 3 months from idea to implementation. When you want something written, suggest it on slashdot and wait.
http://linux.slashdot.org/comments.pl?sid=108136&c id=9194177
in the case of SIP, (Vonage, etc), the media travels as a seperate stream and you need to have access to the SIP packets to figure out what media packets to capture... However, the media packets could be anything, like voice data, and/or video data, and/or text messages, like Messenger for example, which also uses SIP. So not only does the gubment get to snoop on voice conversations, they get to snoop on video, and they get to snoop on your text messages. And as far as encryption goes, the encryption keys get sent in the SIP so a MITM can just as easily decrypt your media. Unless you do your own point to point with encryption, then you lose.
I've worked at 3 companies. Those pranks were pulled by someone at all of them. Now it's common place.
I wonder when they'll scale up to urinating in the water cooler? Happens at every company.
Nothing to see here, kindly go back to your homes...
I mentally switched to IBM drives a couple of years ago so whenever I bought a server or configured one for a client to purchase, I spec'd IBM drives. Now I'm back to Seagate. A friend was pro-maxtor all the way. Out of 100 drives in various servers, he's had to replace about half of them. Most of them upwards of twice each. He's disgusted. Another one of my clients spec'd a RAID array out of 120G Maxtors. 2 out of 4 disks have already been replaced..
I just started my 4th job in 20 years. I haven't modified my resume since 1987. I haven't shown it to anyone since around then, and I certainly didn't use it to get the last 3 jobs. It's not who you know, or how good your resume' or cover letter is. It's what you do with your life. It's the Open Source projects you contribute to, along with the value of those contributions. It's the geeks you have lunch with every week. It's the friends you maintain. These are the things that will get you the jobs. 3 months ago when I decided it was time to do something new, I started asking my friends who was hiring. I went on an interview, and 2 weeks later I was offered the job but didn't want it. Mentioned it to a friend who I hadn't spoken to in 6 months, but who called me out of the blue. He said "If I'd known you were looking, I'd have hired you." Within a week I was hired, and a month after that, I'm working there. (time needed to finish what I was doing at the old place).
Then be the envy of all your new co-workers. Come equipped with your own Aeron Chair, your own bookshelf, your own toy-shelf, and bring your own MP3 spool.
...for a company not doing very well. I am the lowest paid employee at my company. ie: all of my employees get paid more than I do. The company has no profits. Sometimes I don't even get a paycheck. Sometimes part of payroll gets put on my personal VISA. Welcome to owning your own business. Imagine how you'd feel in this position, to discover that some of your employees were taking advantage of the situation, by not showing up and getting someone else to clock in? I have an employee who habitually shows up an hour late, takes 2 hour lunches, and leaves when the clock strikes 5:00. Yet complains when his cow-orker, who does the same work, gets paid more.
Yeah, I love most of my employees. They do terrific work and I pay them as much as I can afford. But I'd implement whatever I could to keep them in line if they were taking advantage of me.
Slashdot Mirror
This isn't that hard to do. sender-id, spf, etc, does nothing. We already know most semi-legitimate spammers are publishing SPF records on their throwaway domains which takes care of the other 10% of spam...
Fix this properly. Declare it within the law to assassinate anyone who sends a piece of spam. Then merely wait.
But the editorializing just hurts groklaws credibility... Had PJ reported just the facts that would have been great. Adding crap like "blarney", etc, just lowers the bar and makes it all seem childish and ironically; calls into question groklaws credibility...
The most frightening thing is that if you read the evolving thread on the shell script in question, the "developers" seem to have trouble understanding what simple commands do. "What does 'find' do?" ... Yet, there's enough of them that they end up producing something that, at least, appears like it might function, and might serve some relatively benign but nefarious purpose...
Kinda like linux....
I would add a second RFID tag to my passport. One that I could remove whenever I needed to show my passport to someone with an RFID scanner.
(course, I could be wrong about how all this RFID stuff works)
The linux/*BSD community is always more than happy to pay about half what it costs to make something. So unless you're cranking out tens of thousands of these things a month, you may as well not bother. The linux/*BSD community isn't big enough to support a flow of tens of thousands a month without the windows market there to help.
I wish these guys well; but don't predict much happiness.
The article doesn't say _anything_ about wince running the fuel injectors, or the ABS, or air bags, or brakes, or steering... It mentions only annoying stuff that has no business being in a car anyway.... Having an in-vehicle DVD player itself is probably more likely to cause crashes than what operating system is being run on said DVD player. Yes, I'm old. I drive a 21 year old diesel truck with no electronics and 440,000 miles on the odometer.
If I see another "OpenBSD is the most secure", I'm going to kill someone; so help me god....
Yawn. Who cares? A lifetime achievement award for making a bunch of low-quality plot-recipe movies and becoming stinking rich as a result; and we have to give him an award?
Once everyone who can reasonably afford to, has gone up in space, floated around the cabin a bit, and drunk their vodka-bubbles, what are they going to do for an encore? Take people to Mars? Once the novelty has worn off, people realize there's nowhere to go for your 10 day vacation because everything interesting is 3 generations away... Just a passing fad like radio, television, and spam.
A 20 pound bicycle needs a 30 pound lock. A 30 pound bicycle needs a 20 pound lock. A 50 pound bicycle doesn't need a lock. (from a friend of mine).
I realize this is tangential to the article.... But the world-wide deaf community really lost out... They had the opportunity to create a global sign language (with local modifications of course) but no, we have ASL, GSL, ISL, one-finger spelling, etc... A global sign-language would have become the defacto cross-cultural communication method and ultimately, it wouldn't be quite so much a pain in the ass to live in a world dominated by the hearing. I took an ASL course and practiced a fair bit. I taught my 8 month old (now 3 years) ASL. For 6 months, that was his principal method of communication... An 8 month old that can ask for more milk is an impressive thing.
I run a large european auto maker's website. Here are the stats for the last 30 days... Visitor Browser 8/14/04 - 9/14/04 Visitor Browser 4,795,922 Internet Explorer 4,336,610 90.42% Mozilla 219,831 4.58% AOL 127,381 2.66% Uncategorized 66,469 1.39% Opera 25,215 0.53% This covers all markets, including north america. I tend to think this is more demographically diverse than a tech gadget company.
Well, maybe. Have you ever been paid to fix his write-only code? The man has never heard of #define.
So Cisco controls all the switches and routers on the internet? Fools are they who paid Cisco for them!
Not bad. Just over 3 months from idea to implementation. When you want something written, suggest it on slashdot and wait. http://linux.slashdot.org/comments.pl?sid=108136&c id=9194177
in the case of SIP, (Vonage, etc), the media travels as a seperate stream and you need to have access to the SIP packets to figure out what media packets to capture... However, the media packets could be anything, like voice data, and/or video data, and/or text messages, like Messenger for example, which also uses SIP. So not only does the gubment get to snoop on voice conversations, they get to snoop on video, and they get to snoop on your text messages. And as far as encryption goes, the encryption keys get sent in the SIP so a MITM can just as easily decrypt your media. Unless you do your own point to point with encryption, then you lose.
gmail filesystem anyone?
/dev/gmailfs /home
dump 0f
I've worked at 3 companies. Those pranks were pulled by someone at all of them. Now it's common place. I wonder when they'll scale up to urinating in the water cooler? Happens at every company. Nothing to see here, kindly go back to your homes...
I can't believe no one is going after Maxtor.
I just started my 4th job in 20 years. I haven't modified my resume since 1987. I haven't shown it to anyone since around then, and I certainly didn't use it to get the last 3 jobs. It's not who you know, or how good your resume' or cover letter is. It's what you do with your life. It's the Open Source projects you contribute to, along with the value of those contributions. It's the geeks you have lunch with every week. It's the friends you maintain. These are the things that will get you the jobs. 3 months ago when I decided it was time to do something new, I started asking my friends who was hiring. I went on an interview, and 2 weeks later I was offered the job but didn't want it. Mentioned it to a friend who I hadn't spoken to in 6 months, but who called me out of the blue. He said "If I'd known you were looking, I'd have hired you." Within a week I was hired, and a month after that, I'm working there. (time needed to finish what I was doing at the old place). Then be the envy of all your new co-workers. Come equipped with your own Aeron Chair, your own bookshelf, your own toy-shelf, and bring your own MP3 spool.
...for a company not doing very well. I am the lowest paid employee at my company. ie: all of my employees get paid more than I do. The company has no profits. Sometimes I don't even get a paycheck. Sometimes part of payroll gets put on my personal VISA. Welcome to owning your own business. Imagine how you'd feel in this position, to discover that some of your employees were taking advantage of the situation, by not showing up and getting someone else to clock in? I have an employee who habitually shows up an hour late, takes 2 hour lunches, and leaves when the clock strikes 5:00. Yet complains when his cow-orker, who does the same work, gets paid more. Yeah, I love most of my employees. They do terrific work and I pay them as much as I can afford. But I'd implement whatever I could to keep them in line if they were taking advantage of me.