Yes, that it only makes sense to develop something that (you think) is going to be used (and profitable) in the future. The thing is they are all right. Push the right processor for the job it's best at.
I recently 'fixed' a mail server that had that problem only an order of a magnitude more severe. The users were noticing mail started taking longer and longer to arrive to there box. After deliveries started taking 6+ hours to a local (on the same server) they finally called me. A misconfiguration was causing the server to accept mail to non-existent accounts, then they were being rejected and bounced back to the sender. Of course since the majority of the mail was coming from cable/dsl style addresses it was obvious it was from spam bots. The numbers were outrageous, one to two mail delivery attempts per second! Well over 100,000 messages to non-existent addresses per day. The reason the address was under attack is it has a domain very similar to a large university. Spammers were just sending mail from a@domain to zzzzzzzzzzzz@domain.
I implemented a number of things.
Check reverse dns on connect. No reverse DNS, no delivery. I don't do strict checking (both ways match) too many domains are setup wrong. This cuts out huge numbers of overseas spam, U.S. ISPs seem much more likely to have rDNS setup.
DJB tcpserver + validrcptto + spamcop. Deny the connection if it's in spamcops database. Check for valid rcpt to, don't allow mail to be sent to invalid users (prevents backscatter), drop the connection once 3 invalid users are passed over the same connection.
Qmail-scanner+clamscan+Spamassassin. If a virus is found, immediately give a 500 (permanent) error on the message. If the message score is too high, immediately give a permanent error.
The key being to filter out as many bogus connections at the cheapest step possible. DNS lookups are a lot cheaper then running the virus scanner and spamassassin.
Here's some numbers after I was finished. The log file in question runs from Mar-10-08-3:01AM CST to Mar-10-08-7:58AM CST and is 16MB. Total connectons established: 40632 Connections denied by rDNS: 18545 Connections denied by rblsmtpd: 15466 Invalid addresses: 7052 (may represent more then one address per connection) Unique IPs with invalids: 5425 Connections dropped due to excessive invalid addresses: 439 Spamassassin rejected mails: 112
This leaves right around 1000 emails that passed the scanner in that 5 hour period. I'd say around 80% are to users on high volume mail lists, a few legitimate emails, and the last 200 or so represent tricky spam thats hard to score because of its similarity with legitimate email. Lucky the majority of the remaining spam is going to just a few users, I'm guessing they've been loose with their address and many places have it and are spreading it around.
The problem with IP (intellectual property) is it should have been called imaginary property. The material costs of reproducing IP are close to $0.00. Compare this with making a hamburger, lets say the material costs of the first hamburger are $1. By the very nature of physical things, the costs of the second burger will be $1.
Theft of real property as always been a problem throughout history, didn't seem to stop humans from getting this far, and we know a thing or two about physical securty these days. Some companies will go bankrupt when the value of imaginary property is corrected. If no one is willing to pay for what you produce, then the value of your product is $0. If what you produce can be replicated for almost nothing, then the value of your product is far closer to $0 then most people would like to accept. Smart people will figure out how to give stuff away and make money at the same time, they're doing it now;).
Are you an artist or musician? Do you realize they've starved(ok, not been rich) most of history and were given money by their governments or rich philanthropist?
It doesn't fucking matter what the intentions are of the person leaving the sofa..
BZZZT, wrong. Only the owner of the sofa can file charges of theft on on the 'thief'. I cannot file charges on you for stealing my friends car, for example.
Thank You for failing the game, please try again. Many of the criminals doing said things in articles are in countries that turn a blind eye to such crimes.
Yep, it sucks to be big. If the person that found the exploit logs on to IRC and posts it, instead of mailing the authors of the code, how much time do you think they have before a new trojan or malicious attack websites are setup. I'd make a guess it's under an hour. As the application developer you have to take what you're given. Your enemy is not going to give you any quarter. They are not going to wait around for you to patch your apps and distribute them. The ball is in the blackhats hand, all you can hope to do is react fast enough.
Maybe I don't want my files indexed;). Maybe I don't want my computer grinding away doing some stupid shit I'm never going to use. Maybe I want a run line, that's actually a run command line. This is beyond noobs messing up a configuration, it's sheer fucking stupidity, something that deviates from every other operating system out there including previous versions of windows.
Yes, I am a system administrator, and yes I can make vista run decently well and crash free on a computer. That's because I've had 20 years experience doing this for a living. I don't remember seeing near as many issues from NT4/W2K > XP transition as Vista has presented. Main problems I have with it...
Another redesign of the UI. XP was simple enough to reset to W2K behavior. No need to retrain secretaries/lusers where there application links/files have gone. You can set Vista sorta kinda but not quite like XP behavior. Unfortunately for many people this means retraining them how to use there desktop again.
Different control panels. Microsoft hasn't figured this one out yet. People(luser in this case) don't fix their own computers, they call their power user friends to do it. By changing the control panels and network settings, all you've done is forced all the professional and amature IT people to learn new crap. Most people plug it in once and expect it to work, if it doesn't, they call somebody. It doesn't matter how simple and full of eye candy the screen is they won't be able to fix what the issue is.
Very good answer, human rights are universal, no matter if you're a woman or a man. There are many reasons outside the moral reasons too. Copulation is very low tech. You just need the very basics for it to work, food, water, shelter. On the other hand genetic engineering takes an educated society, electricity, and enough of an industrial economy to make all the necessary machines to make it work. Any global scale disaster puts human extinction at a much larger probability. Such hubris in our technology is asking for destruction.
The only power any government has is the power to crack down on criminals. Well, when there aren't enough criminals, one makes them. One declares so many things to be a crime that it becomes impossible for men to live without breaking laws.
You're thinking about this all wrong. By law stupid people should be forced not to wear seat belts. Maybe impact explosives should be installed in their cars too.
badcaps.net I've repaired about 20 motherboards with blown capacitors since reading that site. I cannot tell you how much money and time that has saved me. It's a hell of a lot easier (for me at least) to spend 20 minutes replacing 5 to 15 bad caps, then to put a new board in and trying to get windows working and praying that you don't have to reactivate the product over the phone.
I agree with you, though I'd rather keep the electricity on. People have turned off their brains and put some electronic device in its place. Putting your life, or the life of others on a single wirelessly transmitted, non-hardened (interference accepting) mode of communication is incredibly stupid.
Wireless networks have piles of failure modes, inter-personal jamming being one of the lest likely to occur. Higher then normal concentrations of users on a tower and back end congestion are things your going to run in to on a weekly basis. In real big emergencies the cell systems lock up from over use, if your a doctor you better have another means of being contacted.
The above things happen pretty commonly, if a rare but catastrophic occurs we're fucked. We've not had our space age toys very long, but we're completely dependent on them. There has been very little time for a large solar/cosmic event to occur. In the past humanity would have missed them completely, except those who could see some really pretty northern lights. These days a direct impact of a X class solar flare or other high energy cosmic event could have a devastating impact on first world societies.
Not to detract from your statement, but it should be noted.
1. Using SSH is a bad example, it's had many remote exploits in it's server and client in the past. It only takes one to root your box. I would really hate for my car to get pwnt.
2. It doesn't matter how many people currently know how to hack the system, all it takes is one to do it and post it on the internet. Obscurity is only temporary security.
Why can I not worry about the DMCA and remote automobile monitoring systems that could be used against me?
Once untrusted code has run on your machine, you can no longer trust your machine. Dammit, Do you mean I have to format my Windows boxes right after I install them.
I am one of these self-employed geeks. Whenever I run in to a hardware issue that doesn't manifest a simple solution quickly, I ask to take the computer with me overnight. That way I can run memtest without actually siting at their office wasting my time and my clients. Swapping out known good components is a quick way to find out what is going on if you've detected hardware problems. Before that, knoppix like boot operating systems can quickly remove the hard drive as part of the malfunction.
Most of my clients don't realize that I spend a good portion of my time waiting on there computer. Installing AV/anti-spam/rookit scanner then waiting for them to finish is time consuming. Most of the actual fixes take a short period of time (repairing the registry, replacing hardware, replacing corrupt files, etc). The biggest issue I have with most computer people is they don't even try to teach the user what went wrong and how to keep it from occurring again, in the case of viruses and such, not much a person can do about hardware failure other then keeping the case free of dust.
No. The cookies are stolen upon transfer. You need to transfer your login data and save a cookie to receive the subsequent responses (viewing more then one message).
Slashdot Mirror
>Do you start to detect a pattern here?
Yes, that it only makes sense to develop something that (you think) is going to be used (and profitable) in the future. The thing is they are all right. Push the right processor for the job it's best at.
I recently 'fixed' a mail server that had that problem only an order of a magnitude more severe. The users were noticing mail started taking longer and longer to arrive to there box. After deliveries started taking 6+ hours to a local (on the same server) they finally called me. A misconfiguration was causing the server to accept mail to non-existent accounts, then they were being rejected and bounced back to the sender. Of course since the majority of the mail was coming from cable/dsl style addresses it was obvious it was from spam bots. The numbers were outrageous, one to two mail delivery attempts per second! Well over 100,000 messages to non-existent addresses per day. The reason the address was under attack is it has a domain very similar to a large university. Spammers were just sending mail from a@domain to zzzzzzzzzzzz@domain.
I implemented a number of things.
Check reverse dns on connect. No reverse DNS, no delivery. I don't do strict checking (both ways match) too many domains are setup wrong. This cuts out huge numbers of overseas spam, U.S. ISPs seem much more likely to have rDNS setup.
DJB tcpserver + validrcptto + spamcop. Deny the connection if it's in spamcops database. Check for valid rcpt to, don't allow mail to be sent to invalid users (prevents backscatter), drop the connection once 3 invalid users are passed over the same connection.
Qmail-scanner+clamscan+Spamassassin. If a virus is found, immediately give a 500 (permanent) error on the message. If the message score is too high, immediately give a permanent error.
The key being to filter out as many bogus connections at the cheapest step possible. DNS lookups are a lot cheaper then running the virus scanner and spamassassin.
Here's some numbers after I was finished. The log file in question runs from Mar-10-08-3:01AM CST to Mar-10-08-7:58AM CST and is 16MB.
Total connectons established: 40632
Connections denied by rDNS: 18545
Connections denied by rblsmtpd: 15466
Invalid addresses: 7052 (may represent more then one address per connection)
Unique IPs with invalids: 5425
Connections dropped due to excessive invalid addresses: 439
Spamassassin rejected mails: 112
This leaves right around 1000 emails that passed the scanner in that 5 hour period. I'd say around 80% are to users on high volume mail lists, a few legitimate emails, and the last 200 or so represent tricky spam thats hard to score because of its similarity with legitimate email. Lucky the majority of the remaining spam is going to just a few users, I'm guessing they've been loose with their address and many places have it and are spreading it around.
The parent is modded -1 at the time, but really this is the first ISR joke that's dead on.
Maybe the dumbass should have brushed his teeth and not ate sweet crap before bed time. Fluoride strengthens teeth when used in a topical application.
Jesus H. Crist, this was modified as insightful.
;).
The problem with IP (intellectual property) is it should have been called imaginary property. The material costs of reproducing IP are close to $0.00. Compare this with making a hamburger, lets say the material costs of the first hamburger are $1. By the very nature of physical things, the costs of the second burger will be $1.
Theft of real property as always been a problem throughout history, didn't seem to stop humans from getting this far, and we know a thing or two about physical securty these days. Some companies will go bankrupt when the value of imaginary property is corrected. If no one is willing to pay for what you produce, then the value of your product is $0. If what you produce can be replicated for almost nothing, then the value of your product is far closer to $0 then most people would like to accept. Smart people will figure out how to give stuff away and make money at the same time, they're doing it now
Are you an artist or musician? Do you realize they've starved(ok, not been rich) most of history and were given money by their governments or rich philanthropist?
BZZZT, wrong. Only the owner of the sofa can file charges of theft on on the 'thief'. I cannot file charges on you for stealing my friends car, for example.
Your neighbors evidently didn't own a backhoe. ;)
Thank You for failing the game, please try again. Many of the criminals doing said things in articles are in countries that turn a blind eye to such crimes.
Yep, it sucks to be big. If the person that found the exploit logs on to IRC and posts it, instead of mailing the authors of the code, how much time do you think they have before a new trojan or malicious attack websites are setup. I'd make a guess it's under an hour. As the application developer you have to take what you're given. Your enemy is not going to give you any quarter. They are not going to wait around for you to patch your apps and distribute them. The ball is in the blackhats hand, all you can hope to do is react fast enough.
30 seconds before Mars landing
Scientist 1: You meant 5000 meters instead of 5000 feet
Scientist 2: OH FUCK!
Maybe I don't want my files indexed ;). Maybe I don't want my computer grinding away doing some stupid shit I'm never going to use. Maybe I want a run line, that's actually a run command line. This is beyond noobs messing up a configuration, it's sheer fucking stupidity, something that deviates from every other operating system out there including previous versions of windows.
Yes, I am a system administrator, and yes I can make vista run decently well and crash free on a computer. That's because I've had 20 years experience doing this for a living. I don't remember seeing near as many issues from NT4/W2K > XP transition as Vista has presented. Main problems I have with it...
Another redesign of the UI. XP was simple enough to reset to W2K behavior. No need to retrain secretaries/lusers where there application links/files have gone. You can set Vista sorta kinda but not quite like XP behavior. Unfortunately for many people this means retraining them how to use there desktop again.
Different control panels. Microsoft hasn't figured this one out yet. People(luser in this case) don't fix their own computers, they call their power user friends to do it. By changing the control panels and network settings, all you've done is forced all the professional and amature IT people to learn new crap. Most people plug it in once and expect it to work, if it doesn't, they call somebody. It doesn't matter how simple and full of eye candy the screen is they won't be able to fix what the issue is.
Very good answer, human rights are universal, no matter if you're a woman or a man. There are many reasons outside the moral reasons too. Copulation is very low tech. You just need the very basics for it to work, food, water, shelter. On the other hand genetic engineering takes an educated society, electricity, and enough of an industrial economy to make all the necessary machines to make it work. Any global scale disaster puts human extinction at a much larger probability. Such hubris in our technology is asking for destruction.
The only power any government has is the power to crack down on criminals. Well, when there aren't enough criminals, one makes them. One declares so many things to be a crime that it becomes impossible for men to live without breaking laws.
You're thinking about this all wrong. By law stupid people should be forced not to wear seat belts. Maybe impact explosives should be installed in their cars too.
This is why we must teach everybody how to use encryption.
badcaps.net I've repaired about 20 motherboards with blown capacitors since reading that site. I cannot tell you how much money and time that has saved me. It's a hell of a lot easier (for me at least) to spend 20 minutes replacing 5 to 15 bad caps, then to put a new board in and trying to get windows working and praying that you don't have to reactivate the product over the phone.
http://www.badcaps.net/forum/ has a lot of information.
I agree with you, though I'd rather keep the electricity on. People have turned off their brains and put some electronic device in its place. Putting your life, or the life of others on a single wirelessly transmitted, non-hardened (interference accepting) mode of communication is incredibly stupid.
Wireless networks have piles of failure modes, inter-personal jamming being one of the lest likely to occur. Higher then normal concentrations of users on a tower and back end congestion are things your going to run in to on a weekly basis. In real big emergencies the cell systems lock up from over use, if your a doctor you better have another means of being contacted.
The above things happen pretty commonly, if a rare but catastrophic occurs we're fucked. We've not had our space age toys very long, but we're completely dependent on them. There has been very little time for a large solar/cosmic event to occur. In the past humanity would have missed them completely, except those who could see some really pretty northern lights. These days a direct impact of a X class solar flare or other high energy cosmic event could have a devastating impact on first world societies.
Not to detract from your statement, but it should be noted.
1. Using SSH is a bad example, it's had many remote exploits in it's server and client in the past. It only takes one to root your box. I would really hate for my car to get pwnt.
2. It doesn't matter how many people currently know how to hack the system, all it takes is one to do it and post it on the internet. Obscurity is only temporary security.
Why can I not worry about the DMCA and remote automobile monitoring systems that could be used against me?
Microsoft has already patented one and zero
I am one of these self-employed geeks. Whenever I run in to a hardware issue that doesn't manifest a simple solution quickly, I ask to take the computer with me overnight. That way I can run memtest without actually siting at their office wasting my time and my clients. Swapping out known good components is a quick way to find out what is going on if you've detected hardware problems. Before that, knoppix like boot operating systems can quickly remove the hard drive as part of the malfunction.
Most of my clients don't realize that I spend a good portion of my time waiting on there computer. Installing AV/anti-spam/rookit scanner then waiting for them to finish is time consuming. Most of the actual fixes take a short period of time (repairing the registry, replacing hardware, replacing corrupt files, etc). The biggest issue I have with most computer people is they don't even try to teach the user what went wrong and how to keep it from occurring again, in the case of viruses and such, not much a person can do about hardware failure other then keeping the case free of dust.
I should have stated it this way in the first place....
Windows adds the unnecessary complexity of protectionism.
In the U.S. 5.8GHz wireless is only unlicensed for indoor use.
No. The cookies are stolen upon transfer. You need to transfer your login data and save a cookie to receive the subsequent responses (viewing more then one message).
Because their web interface programmers are using Windows or Macs.