Gah, this story is not what it appears to be from first glance. This is a story about an ISP (a known Spam Supporting ISP at that) blocking access to a website through its network.
Most times, a blacklist is used only for e-mail blocking and not website blocking. Alot of DNSbl maintainers specifically tell you that their list should NOT be used to block anything but e-mail.
Its just stupid and pointless to filter out websites - unless you want to support censorship.
Now, onto Verio blocking a spamming website. What a crock! Maybe they should start cleaning up their own act and throwing the spammers off of their network FIRST before trying to be a netkop.
Now for a shameless plug - the AHBL is online for those of you who use DNSbl on their mail servers.
The AHBL is in the process of designing just this type of system. But theres two problems right now:
1. We dont have the time like we used to have to develop this, so its going slowly, and we have implementation issues right now with security and authentication
2. The project is based off of old SOSDG code which is not open source (while 99% of our stuff is open source, we do keep certain key pieces of software to ourselves just in case we ever need it to support our work in the future). This means the end user clients will be closed source, which will upset alot of people.
All in all, it looks like it would be out in late 2004, providing we don't scrap it.
AOL is doing these users a favor. Most AOL users have no idea what windows messenger service is, and don't ever use it. By turning it off, they are doing something Microsoft *should* have done from the beginning.
AOL is taking a big risk by doing it, but in the end, they are the only ones who are taking a pro-active approach to closing holes in people's computers.
Ever take a look at the AOL Computer Checkup function in 9.0? It suggests fixes and other things to help patch your computer and close holes. AOL even offers McAffee Personal Firewall Express for free to download.
-------- Gates also doesn't seem to have a lot of faith in 64 bit technologies in the consumer space. "64 bit is coming to desktops, there is no doubt about that," he said. "But apart from Photoshop, I can't think of desktop applications where you would need more than 4 gigabytes of physical memory, which is what you have to have in order to benefit from this technology. Right now, it is costly." --------- This coming from the same person who said 640kb is more then enough for anyone?
and this one --------------- Gates is optimistic about meeting the challenge of the new security threats, he told reporters. "We have to. We invented personal computing. It is the best tool of empowerment there has ever been. If there is anything that clouds that picture, we need to fix it." --------------- I thought apple invented personal computing?
Thanks slashdot guys for butchering my article. Here is what was cut out:
The antispammers need serious help, their legal bills are huge. The legal funds are running dry at SpamCon. If you've wanted to donate some money to a good cause but haven't, now's your chance to help out!
0.8 is due out in the next few weeks. We are in the process of rewriting alot, including the installer.
0.8 should be based on Gecko 1.5.
If you want to help beta test 0.8, contact me and I'll give you info on where to get it. Otherwise, you can download 0.7 and SP1 right now and use it (0.7 is based on Gecko 1.2).
I hate to put it like this, but you people are idiots. Just because noone who's being attacked is talking publically, doesn't mean that nothing is being done or we don't know whats going on.
Evidence has been gathered, and more is known about the source of the attacks then is made public.
Well, one thing interesting I discovered - Earthlink appears to have patched their DNS servers so they return NXDOMAIN now instead of sitefinder. Cheers to a big ISP taking charge:)
Did anyone ever stop and think about this for a second -
1. Maybe SCO planted this code a long time ago, knowing full well what they would do a year or whenever later. They set themselves up for a lawsuit.
2. What if the opposite is true - SCO took Linux code and put it into UNIX? We can't verify which side put the code in first, because SCO's unix code isn't open. We do know however when the linux code was put in.
We already know SCO violated the GPL for their linux compatibility stuff.
I've standardized on RedHat 7.3 as being the distribution of choice for server installs.
IMHO, it has the best mix of latest packages and stability that RedHat 9 just doesn't have. Sure, it may use older packages such as perl 5.6.1, but there's nothing stopping you from taking the src rpm from the RedHat 9 release and recompiling it for 7.3. Thats what I do if I absolutely need something from the latest release.
I've setup a public server on 'waste.2mbit.com' for people to use if they want. Its somewhat unstable, but it works. Post your public key if you want to be added.
Problem is, sometimes those IPs which look like residential ADSL lines are actually static IP addresses. Take my main domain, 2mbit.com, its on a SBC static IP _BUSINESS_ ADSL line, but looks like any other random ADSL dyanmic IP user on their network.
Watch how fast DNSbl maintainers start shitcanning whole edu networks because of shit like this. So much for running a personal server off the dorm networks!
Slashdot Mirror
Gah, this story is not what it appears to be from first glance. This is a story about an ISP (a known Spam Supporting ISP at that) blocking access to a website through its network.
Most times, a blacklist is used only for e-mail blocking and not website blocking. Alot of DNSbl maintainers specifically tell you that their list should NOT be used to block anything but e-mail.
Its just stupid and pointless to filter out websites - unless you want to support censorship.
Now, onto Verio blocking a spamming website. What a crock! Maybe they should start cleaning up their own act and throwing the spammers off of their network FIRST before trying to be a netkop.
Now for a shameless plug - the AHBL is online for those of you who use DNSbl on their mail servers.
Another classic, but unrelated quote...
"Mine tastes like burning!"
The AHBL is in the process of designing just this type of system. But theres two problems right now:
1. We dont have the time like we used to have to develop this, so its going slowly, and we have implementation issues right now with security and authentication
2. The project is based off of old SOSDG code which is not open source (while 99% of our stuff is open source, we do keep certain key pieces of software to ourselves just in case we ever need it to support our work in the future). This means the end user clients will be closed source, which will upset alot of people.
All in all, it looks like it would be out in late 2004, providing we don't scrap it.
AOL is doing these users a favor. Most AOL users have no idea what windows messenger service is, and don't ever use it. By turning it off, they are doing something Microsoft *should* have done from the beginning.
AOL is taking a big risk by doing it, but in the end, they are the only ones who are taking a pro-active approach to closing holes in people's computers.
Ever take a look at the AOL Computer Checkup function in 9.0? It suggests fixes and other things to help patch your computer and close holes. AOL even offers McAffee Personal Firewall Express for free to download.
--------
Gates also doesn't seem to have a lot of faith in 64 bit technologies in the consumer space. "64 bit is coming to desktops, there is no doubt about that," he said. "But apart from Photoshop, I can't think of desktop applications where you would need more than 4 gigabytes of physical memory, which is what you have to have in order to benefit from this technology. Right now, it is costly."
---------
This coming from the same person who said 640kb is more then enough for anyone?
and this one
---------------
Gates is optimistic about meeting the challenge of the new security threats, he told reporters. "We have to. We invented personal computing. It is the best tool of empowerment there has ever been. If there is anything that clouds that picture, we need to fix it."
---------------
I thought apple invented personal computing?
Thanks slashdot guys for butchering my article. Here is what was cut out:
The antispammers need serious help, their legal bills are huge. The legal funds are running dry at SpamCon. If you've wanted to donate some money to a good cause but haven't, now's your chance to help out!
http://www.spamcon.org/legalfund/
Please donate!
For those of you who don't like how slow Mozilla/Firebird is, can I suggest using K-Meleon instead?
http://kmeleon.sourceforge.net/
0.8 is due out in the next few weeks. We are in the process of rewriting alot, including the installer.
0.8 should be based on Gecko 1.5.
If you want to help beta test 0.8, contact me and I'll give you info on where to get it. Otherwise, you can download 0.7 and SP1 right now and use it (0.7 is based on Gecko 1.2).
Actually, IE is based on a SpyGlass thing. Microsoft boned them over as well.
Also very similar to Microsoft's freedom to innovate crap.
I hate to put it like this, but you people are idiots. Just because noone who's being attacked is talking publically, doesn't mean that nothing is being done or we don't know whats going on.
Evidence has been gathered, and more is known about the source of the attacks then is made public.
Ugh, amazing. The Earthlink DNS servers are resolving sitefinder now. UGH
Check your name servers - the ones I have are 207.69.188.186/187.
Well, one thing interesting I discovered - Earthlink appears to have patched their DNS servers so they return NXDOMAIN now instead of sitefinder. Cheers to a big ISP taking charge :)
Here is the article that RMS responded to.
Has some more interesting stuff in it.
Did anyone ever stop and think about this for a second -
1. Maybe SCO planted this code a long time ago, knowing full well what they would do a year or whenever later. They set themselves up for a lawsuit.
2. What if the opposite is true - SCO took Linux code and put it into UNIX? We can't verify which side put the code in first, because SCO's unix code isn't open. We do know however when the linux code was put in.
We already know SCO violated the GPL for their linux compatibility stuff.
http://www.basicguru.com
I use Rapid-Q BASIC instead and it works quite well. Can design apps and have them ready in a tenth the time it would take me in C/C++.
Best part is that its completely free and is available for multiple platforms too.
I've standardized on RedHat 7.3 as being the distribution of choice for server installs.
IMHO, it has the best mix of latest packages and stability that RedHat 9 just doesn't have. Sure, it may use older packages such as perl 5.6.1, but there's nothing stopping you from taking the src rpm from the RedHat 9 release and recompiling it for 7.3. Thats what I do if I absolutely need something from the latest release.
Here is the second key (from my last posting)
3 44A4FC3B C12C4979179 345D35391D91 F8573DBB351 1C48E1802833 EE5FE417C3B DBFFC04FA195 4101D49BBCC 266A234A9514 7D58238E917 70C2CE78206E 963282B57FA STE_PUBLIC_KEY_END
WASTE_PUBLIC_KEY 20 1536 SOSDG Server
EC45895B437B28ADC391973BCDB40BCF66C079997
49358159FD1933273375F80C57192B7F6192C
AA9DC66ABDBBE00A1997413F5B184F7DE8E82
39A1ECFCFF6B11EB8F36769A31D3FD7610D80
53905BFDB91FF5857A007EFCB05440603ADC4
8645F8AB9BF173B1E259BC49C0C5E4F11429B
ADC0647B7B904E10DA8EFB090003010001
W
Hello, could you add my two keys:
9 5AD112E 7BED57A58C4 EC545A82F3B1 1DC0D949BF1 164C6297950B 4D58A293A10 7D526C9DD842 D7CE9A81E4D A2639C94DDE6 8DDF16DC511 DDF69D93B1DF C8B83DEA1DA STE_PUBLIC_KEY_END
WASTE_PUBLIC_KEY 20 1536 Brian
DEA65F9DC2D4B09257A1B78143F857EF5E9DCCCB2C
C6FAC14A3092D60D1C71D48B23686B173F591
B7E0245140834ABDADED318FD226F1F2C16AB
DE37977F54CC3812D007E947A6CEAA6013E94
C0AD2CACDDA04CCAE43262CB8BDD304099428
1D17500A59AB526FF8C2CCA418AF23E960477
A9533E9B460E8A45AF298A230003010001
W
Thanks
Stupid lameness filters getting in the way. ARGH. Second key is in the next posting.
I've setup a public server on 'waste.2mbit.com' for people to use if they want. Its somewhat unstable, but it works.
3 44A4FC3B C12C4979179 345D35391D91 F8573DBB351 1C48E1802833 EE5FE417C3B DBFFC04FA195 4101D49BBCC 266A234A9514 7D58238E917 70C2CE78206E 963282B57FA STE_PUBLIC_KEY_END
Post your public key if you want to be added.
WASTE_PUBLIC_KEY 20 1536 SOSDG Server
EC45895B437B28ADC391973BCDB40BCF66C079997
49358159FD1933273375F80C57192B7F6192C
AA9DC66ABDBBE00A1997413F5B184F7DE8E82
39A1ECFCFF6B11EB8F36769A31D3FD7610D80
53905BFDB91FF5857A007EFCB05440603ADC4
8645F8AB9BF173B1E259BC49C0C5E4F11429B
ADC0647B7B904E10DA8EFB090003010001
W
Oh, and for those who want to mirror it themselves:
http://waste.2mbit.com/waste.zip
That is the full website and sources.
I've setup a quick mirror at:
http://waste.2mbit.com
If you know of any other mirrors of the data, please e-mail me so I can add them to the main page.
One sentence for SCO:
Show us the fucking code in question already damn it.
Its that fucking simple. I think the entire open source community would agree with me on this.
Problem is, sometimes those IPs which look like residential ADSL lines are actually static IP addresses. Take my main domain, 2mbit.com, its on a SBC static IP _BUSINESS_ ADSL line, but looks like any other random ADSL dyanmic IP user on their network.
This is the danger of using DUL type lists.
Watch how fast DNSbl maintainers start shitcanning whole edu networks because of shit like this. So much for running a personal server off the dorm networks!