As the fictional Vlad Taltos put it, killing people doesn't solve anything, but it does keep them out of your hair until you figure out what you need to do next. A few years ago a couple of Russian-immigrant spammers in New Jersey were also murdered - the general guess was that they'd burned somebody with the pump&dump stock scam they were running.
Spam isn't going away until the economics make it no longer profitable. Laws can sometimes affect the economics (opportunity cost of being in jail, etc., but only if you're caught.) If BlueFrog helps, great, or if techniques like tagged email addresses make the spammer need to send out a million times more messages per sucker, that may be economic leverage enough. Zombie hunting is a fairly critical need for current anti-spam work, but just as relay blocking a few years ago pushed spammers to other techniques, if we kill all the zombies, they'll find something new.
As rstory says, "not even close" to all ISPs do it after all these years - I'm really pleasantly surprised to see the study reporting 80% compliance, but I haven't looked at their statistics enough to see how good their coverage is. (For instance, do Chinese ISPs or Korean apartment buildings block spoofed packets?) The carrier I work for was an early adopter of RFC2267, and it's helped us clean up a lot of potential user-behaviour problems as well as making security a lot simpler.
uRPF works pretty well on most Cisco router models - typically you use strict enforcement on end-user access lines and loose enforcement on connections from other ISPs. There are some problems that are harder, such as customers that are homed to multiple ISPs for reliability reasons - you can't strict-enforce on them, and you have to be careful to accept route advertisements for both halves of their connections, and deal with the issues if they change one of their ISPs, so it's harder to automate. On the other hand, most of those customers run firewalls and aren't likely to allow outbound spoofed packets. There are other people, often consumers or SOHO, doing lightweight dual-homing, e.g. they have a cable modem and a DSL line and aren't always symmetric about their routing.
Best Current Practices for ISPs have recommended spoof-proofing since at least 1998 (RFC2267 / RFC 2827 / BCP38), which block transmission of packets purporting to be from IP addresses that aren't registered for that access line, and it's really nice to see that it's had 80% takeup (I work for a carrier that was one of the early adopters.) If you've got a/24 (old Class C), you might still be able to spoof one of the other computers at your site and annoy your sysadmins, but it's still identifiable as one of your addresses.
If you can spoof IP, you can spoof many UDP applications successfully - spoofing TCP is not impossible, but it's much much harder, because you not only have to guess sequence numbers (can be easy or hard, depending on whether your TCP stack vendor listened to Steve Bellovin's early warnings), but for both protocols you aren't going to see the response packets from the packet destination.
This means that Zombies on ISPs that allow spoofing can participate in UDP or ICMP DDOS attacks, such as smurf broadcasts or large-response DNS queries forged from the victim's IP address. (Spoof-proofing prevents these attacks.) But they can't do email spam in ways that hide their IP address, because email requires a TCP connection and multiple Layer-7 handshakes. So if they're spamming, you'll be able to see that the email came from port123.router456.cable-modem-carrier.example.net instead of the real IP addresses for Paypal or Chase Bank. (And if those financial institutions had the sense to use SPF, you'd be able to recognize those addresses and discard the spam.)
I can't check the details, because they've been Slashdotted as well as spammer-dotted, but that's basically the kind of thing that the BlueSecurity system does. Spam one BlueFrog user and suddenly thousands of users go hit you with unsubscribes - I don't remember if they're hitting you with legitimate or bogus ones (probably both? presumably at least some honeypot addresses.)
It's not trying to "find" human-to-human transmission - that might happen at random (and I agree with you that humans will be happier if a mutation that does that reduces its transmissability in birds.)
Most of the major influenza versions have the capability to infect humans as well as birds, pigs, whatever, as long as there's a transmission mechanism that can get enough virus particles into susceptible tissue in the host. Disposing of infected dead birds seems to be at least somewhat effective for getting it to humans, just as eating infected birds seems to be somewhat effective in getting it to cats.
Yeah, those can get ugly. I had a client with a similar problem (dictionary attack against a secondary MX server we were providing) who was getting tens of millions of spams a day, and we didn't have a way to identify valid vs. invalid addresses (client's out-of-date Exchange server didn't support that) so we had to forward them all to the client's primary-MX spam filter box, which promptly fell on the floor and died from overload. The first attack was on a weekend, and we had an entertaining Monday trying to understand what happened and how to prevent it - they couldn't set their box to reject everything from our MX server, because it also provided primary-MX to some of their major real customers. Nothing happened all week, so we hoped it was a one-shot, but the next weekend they were back. And the next Monday, we jointly decided that while secondary MX was once a good way to improve your reliability when the primary fails, that the problem wasn't fixable so we should shut it down.
But if you're running your own email server, you can have a lot more fun with dictionary attacks - make sure to seed the web with some dummy addresses like aaaa@yourdomain and zzzz@yourdomain to encourage the spammers to get some bad addresses, and any IP address that tries to reach a bogus address on your system gets banned or teergrubed because you know it's a spammer. (No longer a perfect solution - spammers these days are using zombie farms and not just single servers, but identifying and banning a bunch of zombies is a Good Thing too, because you know They'll Be Back.)
Hey, it's a nice friendly article showing up at 8am! Sure, move all the TV ads to morning when I'm having coffee and those silly morning people are watching TV, and don't bother showing them in the evening when I'm actually watching TV - No problem!
Of course, beer probably makes people more receptive to advertising as well; this could be a problem.
> I also think it amusing that Kansas was the only place affected 18 years ago. I suppose, in Kansas, neither diseases nor humans evolve?
This is another example of Bush Administration scaremongering that contradicts their other propaganda. The scaremongers keep talking about bird flu "acquiring the ability to spread from human to human". But what does that mean? It means "evolving", even though the Bushie Pandering-to-the-religious-right policy is to encourage them to deny evolution and keep them isolated from the rest of the marketplace of ideas.
But it's not just Darwinian Evolution - it's Lysenkoist Evolution. Those bird flu germs aren't just randomly aquiring traits that might cause a problem some day - they're actively trying to find ways to attack the human race and compromise our Precious Bodily Fluids. So even if you slip off-message and notice that there's evolution involved, it's still a Threat To Your Family that needs a Powerful Paternalistic Government to protect you and your family from Evil.
(Yes, this is somewhat off-topic from the main article thread, but it does seem pretty tightly connected here.)
Smallpox hasn't been seen in the wild in a long time - the only known stockpiles of the germs are in US and Russian germ-warfare labs. The Bush Administration (particularly Scooter "Germ Boy" Libby) made a big political push to scare the US into developing lots of smallpox vaccine, innoculating a big chunk of the population, and therefore risking some resurgence of the disease because of occasional vaccine problems, allegedly because the Russian supplies of the germs might be stolen by or sold to terrorists. (After all, there's no risk that the US WMD stockpiles would ever be compromised or abused, unlike, say, the US military weaponized anthrax that was used in the attack on Congress after 9/11.)
Polio's a much different problem. It's still out there in the wild, and while most of the world has been innoculated against it, there are places that haven't been. The most serious outbreaks have been in Nigeria, where a bunch of evil stupid self-aggrandizing demagogue politicians have been telling their people not to get vaccinated because the vaccine is a Western Christian CIA Whitey plot against African Muslims and will do Terrrrible Awfulllll things to their children like sterilize them or give them AIDS. That's led to thousands of children being crippled by a disease that's easily preventable, and keeps the disease circulating where it's more likely to infect people who weren't successfully vaccinated (either because they didn't have access to the vaccine or because it was randomly ineffective with them or they got a bad vaccine batch or whatever, or because they've got AIDS or other problems compromising their immune systems.)
The article _says_ it's a deficiency disease, not an infectious disease (and yes, it's pretty shameful that we've got problems like that these days.)
Whole milk vs. skim milk doesn't make a difference - it's vitamin-enriched milk vs. non-vitamin-enriched milk, and milk-drinking vs. non-milk-drinking. But a lot of the problem is that rather than educating the population about getting enough vitamins, the public health folks are doing top-down solutions like drugging milk, grains, salt, and drinking water, and making monocultural assumptions about how effective that is. Some African-Americans, most East Asians, and some other ethnic groups don't generally drink milk the way those of us with Northern European ancestry do, because they have trouble digesting it, so vitamin-enriching milk isn't very helpful, in spite of the US dairy industry's attempt to get everybody to drink milk. (I've seen articles on the net suggesting that various ethnic groups, particularly Europeans, have inherited mutations that make cow milk more digestable than in standard humans. I'm not sure which African groups have trouble with it - I'd expect that cattle-herding societies like much of north-eastern Africa would also be able to digest milk well, so maybe it's more regional.)
And then there's sun-screen - Black people bring their own, and living in cities in the North as opposed to farms in the South or Africa cuts down a lot on sunshine. Recent articles have suggested that Europeans and light-skinned Asians have separate mutations for the Vitamin D bit that let their ancestors move north.
He won't be in "gaol" unless you Brits (or Aussies, or whoever) go extradite him and prosecute him too. Not that I have any problem with that, after we're done with him.
But actually, it's only "jail" for now - if we're lucky it'll be followed by "prison".
There are some serious concerns, and there's not a chance in the world of Congress writing a good bill about it. Writing legislation about things you don't understand seldom helps problems - it just sometimes shifts the balance of power by doing favors for your friends in return for future favors.
In most big technical companies, it's tough enough to get your *management* to understand the critical technical issues. (If you work in a small startup, there's a good chance that some of the main players do understand, but if you're big enough to have VC-funded management and an HR department, it's pretty likely that have the management aren't technical enough.) Getting *Congresscritters* to understand anything technical is much tougher, and the FCC are a variable set of political hacks, ranging from occasional people who are outstandingly good to other people who are more concerned about regulating TV coverage of Janet Jackson's boobs.
The MoveOn.org petition-distributors don't understand the real issues, so the things they're telling the Democrat Congresscritters aren't helping their ignorance any. Some of the big customers understand some of the real issues. The telecom company managers have demonstrated that while they may understand some of the issues, they'd rather do a bone-headed arrogant "It's Our Money" regulatory play than try to talk technology to the public.
China's government may be aggressively bullying ISPs into blocking content they don't like their own citizens to read or see, whether it's political or religious or sexual, but they don't seem to have taken any significant action against spammers, either the SMTP senders or especially the Spamvertised Web Sites and phishing sites that suckers respond to. So they're still annoying the rest of the world with their content. Maybe they beat up an occasional spammer in public, but mostly it seems to be left alone.
Too many mailbox-serving-ISPs have messages like this, that say "I don't like something about your email server but I won't tell you specifically what it is. Maybe it's A, B, or C.". Sure, things A, B, and C might be Bad, but that doesn't mean that any individual one is their real objection, (especially if you're not doing any of those) so there's nothing that you as an email sender or the Email server provider or ISP that the user is using that lets you fix it. Instead, all you get to do is call the destination ISP's Tech Support Line, who tell you that something must have been wrong with your configuration, and that A, B, and C are common Bad Things that they block. And their supervisor can't tell you anything useful either, if you succeed in getting him/her.
By contrast, a message that says "You're on Blacklist X, so go away or get off the list at http://www.example.net/spammer-apologies!" is at least semi-useful, if the blacklist actually responds to questions (some do, some don't.) I usually see 451 messages from Greylisting, so just because you got blocked the first time doesn't mean your mail won't be accepted 30 minutes later.
A while back they blocked email from most of Europe, because they were getting too much spam from Europe, and they didn't give their users a way around it, even if they _wanted_ mail from there.
By contrast, one of the ISPs where I get email also uses country-based blacklists, but lets the user pick which countries. So I block all email from China, Korea, and Nigeria, but I know some people in Japan and Israel so that mail from there only gets extra-heavy filtering instead of total blockage.
In general, the old model that said that an ISP provided Internet access and also an email account and some web hosting isn't really current. Sure, most ISPs do provide email accounts, and probably use them for administrative email, but there are lots of good places to get email, whether webmail or POP/IMAP-mail or whatever, and it's often not worth using your ISP's email service even if it's included for free - shop around for an email provider you like.
I found the article's comments implying "Not TCP => Not Routable" quite annoying also, but I don't think he just meant "Not IP". Obviously if the application uses TCP or UDP it's going to have IP underneath and therefore be routable (unless you're doing some leftover-1980s hackery like implementing TCP over ISO CLNP or whatever.) And you could build an application that took a different flow-control approach than TCP that might be more efficient but still use IP and therefore still be routable (though usually people who want to do that sort of thing keep UDP and roll their own apps at Layer 7.)
But he's probably talking about some kind of application that's intended for local-area application only and wants to avoid the overhead of TCP, UDP, and IP addressing, header-bit-twiddling, flow control, slow-start, kernel implementations optimized for wide-area general-purpose Internet networks, etc., and rolls its own protocols that assume a simpler problem definition, much different response times, and probably just pastes some simple packet counters over Layer 2 Ethernet, probably with jumbo frames.
If you've implemented your ugly hackery properly, you still _could_ bridge it over wide areas using standard routers even though it doesn't have an IP layer. That doesn't mean it would work well - TCP's flow control mechanisms were designed (particularly during Van Jacobson's re-engineering) to deal with real-world problems including buffer allocation at destination machines and intermediate routers and congestion behaviour in wide-area networks with lots of contending systems, which a LAN-cluster protocol might not handle because it "knows" problems like that won't happen. Timing mechanisms are especialy dodgy - they might have enough buffering to allow for LAN latencies in the small microseconds, but not enough to support Wide Area Network latencies that include speed-of-light (~1ms per 100 miles one-way in fiber) or insertion delay (spooling the packet onto a transmission line takes time, e.g. 1500 byte packet onto 1.5 Mbps T1 line takes about 8ms, and jumbo-frames obviously take longer.)
Sorry for the clunky title, but that's what I could fit in a Subject Line box.
Historically there were two common contents for motd - fortune, and a note from the administrator saying that the file system was almost full so please clean up your files, and this applied to just about any multi-user server with just about any operating system. Moore's Law has changed this for most systems I've dealt with - disk capacities have been growing rapidly and prices dropping rapidly, and disk drives really are no longer running 99% full except for individuals' PCs that are full of MP3s or videos. Sometimes you'll see messages like that from MS Exchange Mail Server operators who are running shared mailbox servers on expensive fast disks, but otherwise the disk capacity most places finally outpaces user demand.
Unfortunately, bureaucrats acting as amateur lawyers have typically replaced that message with some badly written threatening legalese drivel that has no clue about what the laws actually say; they'd be just as well off with a message that said "The Wizard says: Go away and come back tomorrow!"
If you had Cygwin running on your Windows box, you'd have most of your favorite Unix-like utilities available, including cat, X Windows, and a wide range of other useful tools.
It sounds like they're doing interesting work, as long as nobody takes it too seriously or starts, like, trying to make money off of it (in which case you'll see some form of astroturfing zombie army emerge to tweak the bogosphere's Mood Indices.) What happens to LiveJournal moods in September, or graduation time, or Christmas break, or release-date-for-some-popular-game?
You can usually tell when a small company has hired a professional HR manager - there are about 100 employees, and the HR department kills the every-Friday-afternoon beer party.
I've dealt with a range of different company sizes, from the old-style huge company I've worked with to the little techie shops my friends and customers have often worked for. The folks in the HR department may have psych degrees, but they generally don't understand how tech people think, work, relate to their work, or relate to each other. They _sometimes_ have a clue about how sales people think and work, but HR people who understand techies are really rare golden folks, and you usually only run into them if they're at consulting companies brought in to help your company out of a jam.
I don't think that an HR person needs to be able to read a Java-graphics-widget-set manual to understand how a developer and tech writer talk to each other through the process, but they do need to be able to read things like "The Existential Pleasures of Engineering" or at least read science fiction or have some familiarity with Monty Python or other fundamental works of our culture, as opposed to "The Inner Game of Golf" or "How To Feel Really Really Self-Motivated about Success" if they're doing HR for sales people.
HR people are usually good at dealing with employment bureaucracy - hiring rules, legal requirements, medical insurance, payroll, administering salaries in line with market trends, etc. Sometimes they're good at employee counseling, and you'll find good psych types there handling things like alcoholism or family-related stress. But how often have you seen the HR folks spending time with your department looking at the personal dynamics between people, coaching managers in how to manage the folks working for them? I'd be happy if the HR people could make sure that the resumes they forward to us are for people who understand what all the buzzwords they use mean; I guess they're mainly adding value by filtering out responses that _didn't_ include the right buzzwords, and by understanding the clues that mean "got fired from last job due to ongoing criminal activity" or checking whether they actually attended the colleges they say they did. But if they don't know how developers talk to each other, or what kinds of stories consultants tell with their clients, or what depth of math background is needed for the kinds of problems we solve, then they're seldom likely to add value by sending the ESFJs to one department and the INTPs to another, much less interpreting MMPIs in ways that are any use at all.
Nor do I usually see them forwarding that kind of information on to managers, who might like to know that one developer is an INTP who needs to be encouraged to see the value of shipping code before all possible features have been added, while another is an ISTJ who needs regular short meetings to discuss whether the tools have sufficient generality to really capture the potential user spaces before starting to write the user interfaces for it, or is an ENFP who needs to be given some critical concepts about the functionality and the capability limits so that the user interface actually supports the right features and also needs a supply of chocolate bars to bribe other developers into communicating with the documentation people.
Back in the early 80s, when Affirmative Action was becoming a social issue, we had a lot of HR types spend a lot of time with us to deal with attitudes about cultural diversity (ok, and to deal with lawsuits), and there was a lot of good psych work in some of that as well as generally useful tools for dealing with situations, not only about cultural relationships but also about getting my ISTJ football-player boss to understand different work styles. On the other hand, when the HR department comes around with courses about "Change Is Good!" and buttons saying "We're Navigating Change!", that's really a clue to get your resume in shape for the upcoming layoffs. (I did wear the button
One of the main points of mandating RFIDs in things is to help out the Bush Administration's friends in the business, but another major point is to get people to start carrying around RFIDs to be more trackable. So yes, lying about how far they can *really* be read is part of the point.
People get into all kinds of trouble assuming that conventions that work in their society work in other societies. A surname is a _last_ name, which in the more popular versions of the Western European conventions is a family name. Most Asian names put the family name first, as you've clearly demonstrated, but the surname doesn't become first, just because it's the family name - the surname is still last, even though it's the individual's name and doesn't perform the semantic functions that a western surname does.
But even Europeans have other naming conventions - Hispanic names typically have lots of family-name parts, so "José López Portillo y Pacheco" is López Portillo, not Pacheco. Icelanders retain the older Scandinavian naming customs that Leif Ericson is the son of Eric Whoeversson (I forget if it's strictly patronymic, so Helga Ericsdottir, or if women are named matronymically.) Russian names have the patronymic as a middle name. Irish and Scottish names have mostly abandoned the patronymic systems in favor of family-name surnames, so Ronald MacDonald would be from Clan MacDonald rather than the son of somebody named Donald, but I don't know that they've completely done that, and even then the Gaelic names are more likely to be uncooperative. For instance, the musician Aodh Og O'Tuama has a given name of Aodh Og. Multipart family names with place names in them are common in Germanic and Romance languages - "van der Waals" vs. "Vander Wal" vs. "vandergriff", "de la Cruz", etc. I'm not sure what Ithiel de Sola Pool's family name is - I think it's "de Sola Pool", but I've seen him referred to as just "Pool".
Spam isn't going away until the economics make it no longer profitable. Laws can sometimes affect the economics (opportunity cost of being in jail, etc., but only if you're caught.) If BlueFrog helps, great, or if techniques like tagged email addresses make the spammer need to send out a million times more messages per sucker, that may be economic leverage enough. Zombie hunting is a fairly critical need for current anti-spam work, but just as relay blocking a few years ago pushed spammers to other techniques, if we kill all the zombies, they'll find something new.
uRPF works pretty well on most Cisco router models - typically you use strict enforcement on end-user access lines and loose enforcement on connections from other ISPs. There are some problems that are harder, such as customers that are homed to multiple ISPs for reliability reasons - you can't strict-enforce on them, and you have to be careful to accept route advertisements for both halves of their connections, and deal with the issues if they change one of their ISPs, so it's harder to automate. On the other hand, most of those customers run firewalls and aren't likely to allow outbound spoofed packets. There are other people, often consumers or SOHO, doing lightweight dual-homing, e.g. they have a cable modem and a DSL line and aren't always symmetric about their routing.
If you can spoof IP, you can spoof many UDP applications successfully - spoofing TCP is not impossible, but it's much much harder, because you not only have to guess sequence numbers (can be easy or hard, depending on whether your TCP stack vendor listened to Steve Bellovin's early warnings), but for both protocols you aren't going to see the response packets from the packet destination.
This means that Zombies on ISPs that allow spoofing can participate in UDP or ICMP DDOS attacks, such as smurf broadcasts or large-response DNS queries forged from the victim's IP address. (Spoof-proofing prevents these attacks.) But they can't do email spam in ways that hide their IP address, because email requires a TCP connection and multiple Layer-7 handshakes. So if they're spamming, you'll be able to see that the email came from port123.router456.cable-modem-carrier.example.net instead of the real IP addresses for Paypal or Chase Bank. (And if those financial institutions had the sense to use SPF, you'd be able to recognize those addresses and discard the spam.)
I can't check the details, because they've been Slashdotted as well as spammer-dotted, but that's basically the kind of thing that the BlueSecurity system does. Spam one BlueFrog user and suddenly thousands of users go hit you with unsubscribes - I don't remember if they're hitting you with legitimate or bogus ones (probably both? presumably at least some honeypot addresses.)
Most of the major influenza versions have the capability to infect humans as well as birds, pigs, whatever, as long as there's a transmission mechanism that can get enough virus particles into susceptible tissue in the host. Disposing of infected dead birds seems to be at least somewhat effective for getting it to humans, just as eating infected birds seems to be somewhat effective in getting it to cats.
But if you're running your own email server, you can have a lot more fun with dictionary attacks - make sure to seed the web with some dummy addresses like aaaa@yourdomain and zzzz@yourdomain to encourage the spammers to get some bad addresses, and any IP address that tries to reach a bogus address on your system gets banned or teergrubed because you know it's a spammer. (No longer a perfect solution - spammers these days are using zombie farms and not just single servers, but identifying and banning a bunch of zombies is a Good Thing too, because you know They'll Be Back.)
Of course, beer probably makes people more receptive to advertising as well; this could be a problem.
This is another example of Bush Administration scaremongering that contradicts their other propaganda. The scaremongers keep talking about bird flu "acquiring the ability to spread from human to human". But what does that mean? It means "evolving", even though the Bushie Pandering-to-the-religious-right policy is to encourage them to deny evolution and keep them isolated from the rest of the marketplace of ideas.
But it's not just Darwinian Evolution - it's Lysenkoist Evolution. Those bird flu germs aren't just randomly aquiring traits that might cause a problem some day - they're actively trying to find ways to attack the human race and compromise our Precious Bodily Fluids. So even if you slip off-message and notice that there's evolution involved, it's still a Threat To Your Family that needs a Powerful Paternalistic Government to protect you and your family from Evil.
(Yes, this is somewhat off-topic from the main article thread, but it does seem pretty tightly connected here.)
Polio's a much different problem. It's still out there in the wild, and while most of the world has been innoculated against it, there are places that haven't been. The most serious outbreaks have been in Nigeria, where a bunch of evil stupid self-aggrandizing demagogue politicians have been telling their people not to get vaccinated because the vaccine is a Western Christian CIA Whitey plot against African Muslims and will do Terrrrible Awfulllll things to their children like sterilize them or give them AIDS. That's led to thousands of children being crippled by a disease that's easily preventable, and keeps the disease circulating where it's more likely to infect people who weren't successfully vaccinated (either because they didn't have access to the vaccine or because it was randomly ineffective with them or they got a bad vaccine batch or whatever, or because they've got AIDS or other problems compromising their immune systems.)
Whole milk vs. skim milk doesn't make a difference - it's vitamin-enriched milk vs. non-vitamin-enriched milk, and milk-drinking vs. non-milk-drinking. But a lot of the problem is that rather than educating the population about getting enough vitamins, the public health folks are doing top-down solutions like drugging milk, grains, salt, and drinking water, and making monocultural assumptions about how effective that is. Some African-Americans, most East Asians, and some other ethnic groups don't generally drink milk the way those of us with Northern European ancestry do, because they have trouble digesting it, so vitamin-enriching milk isn't very helpful, in spite of the US dairy industry's attempt to get everybody to drink milk. (I've seen articles on the net suggesting that various ethnic groups, particularly Europeans, have inherited mutations that make cow milk more digestable than in standard humans. I'm not sure which African groups have trouble with it - I'd expect that cattle-herding societies like much of north-eastern Africa would also be able to digest milk well, so maybe it's more regional.)
And then there's sun-screen - Black people bring their own, and living in cities in the North as opposed to farms in the South or Africa cuts down a lot on sunshine. Recent articles have suggested that Europeans and light-skinned Asians have separate mutations for the Vitamin D bit that let their ancestors move north.
But actually, it's only "jail" for now - if we're lucky it'll be followed by "prison".
In most big technical companies, it's tough enough to get your *management* to understand the critical technical issues. (If you work in a small startup, there's a good chance that some of the main players do understand, but if you're big enough to have VC-funded management and an HR department, it's pretty likely that have the management aren't technical enough.) Getting *Congresscritters* to understand anything technical is much tougher, and the FCC are a variable set of political hacks, ranging from occasional people who are outstandingly good to other people who are more concerned about regulating TV coverage of Janet Jackson's boobs.
The MoveOn.org petition-distributors don't understand the real issues, so the things they're telling the Democrat Congresscritters aren't helping their ignorance any. Some of the big customers understand some of the real issues. The telecom company managers have demonstrated that while they may understand some of the issues, they'd rather do a bone-headed arrogant "It's Our Money" regulatory play than try to talk technology to the public.
China's government may be aggressively bullying ISPs into blocking content they don't like their own citizens to read or see, whether it's political or religious or sexual, but they don't seem to have taken any significant action against spammers, either the SMTP senders or especially the Spamvertised Web Sites and phishing sites that suckers respond to. So they're still annoying the rest of the world with their content. Maybe they beat up an occasional spammer in public, but mostly it seems to be left alone.
By contrast, a message that says "You're on Blacklist X, so go away or get off the list at http://www.example.net/spammer-apologies!" is at least semi-useful, if the blacklist actually responds to questions (some do, some don't.) I usually see 451 messages from Greylisting, so just because you got blocked the first time doesn't mean your mail won't be accepted 30 minutes later.
By contrast, one of the ISPs where I get email also uses country-based blacklists, but lets the user pick which countries. So I block all email from China, Korea, and Nigeria, but I know some people in Japan and Israel so that mail from there only gets extra-heavy filtering instead of total blockage.
In general, the old model that said that an ISP provided Internet access and also an email account and some web hosting isn't really current. Sure, most ISPs do provide email accounts, and probably use them for administrative email, but there are lots of good places to get email, whether webmail or POP/IMAP-mail or whatever, and it's often not worth using your ISP's email service even if it's included for free - shop around for an email provider you like.
But he's probably talking about some kind of application that's intended for local-area application only and wants to avoid the overhead of TCP, UDP, and IP addressing, header-bit-twiddling, flow control, slow-start, kernel implementations optimized for wide-area general-purpose Internet networks, etc., and rolls its own protocols that assume a simpler problem definition, much different response times, and probably just pastes some simple packet counters over Layer 2 Ethernet, probably with jumbo frames.
If you've implemented your ugly hackery properly, you still _could_ bridge it over wide areas using standard routers even though it doesn't have an IP layer. That doesn't mean it would work well - TCP's flow control mechanisms were designed (particularly during Van Jacobson's re-engineering) to deal with real-world problems including buffer allocation at destination machines and intermediate routers and congestion behaviour in wide-area networks with lots of contending systems, which a LAN-cluster protocol might not handle because it "knows" problems like that won't happen. Timing mechanisms are especialy dodgy - they might have enough buffering to allow for LAN latencies in the small microseconds, but not enough to support Wide Area Network latencies that include speed-of-light (~1ms per 100 miles one-way in fiber) or insertion delay (spooling the packet onto a transmission line takes time, e.g. 1500 byte packet onto 1.5 Mbps T1 line takes about 8ms, and jumbo-frames obviously take longer.)
Historically there were two common contents for motd - fortune, and a note from the administrator saying that the file system was almost full so please clean up your files, and this applied to just about any multi-user server with just about any operating system. Moore's Law has changed this for most systems I've dealt with - disk capacities have been growing rapidly and prices dropping rapidly, and disk drives really are no longer running 99% full except for individuals' PCs that are full of MP3s or videos. Sometimes you'll see messages like that from MS Exchange Mail Server operators who are running shared mailbox servers on expensive fast disks, but otherwise the disk capacity most places finally outpaces user demand.
Unfortunately, bureaucrats acting as amateur lawyers have typically replaced that message with some badly written threatening legalese drivel that has no clue about what the laws actually say; they'd be just as well off with a message that said "The Wizard says: Go away and come back tomorrow!"
May the gods of Blue Mountain send you online greeting cards until you've learned the error of your ways!
If you had Cygwin running on your Windows box, you'd have most of your favorite Unix-like utilities available, including cat, X Windows, and a wide range of other useful tools.
It sounds like they're doing interesting work, as long as nobody takes it too seriously or starts, like, trying to make money off of it (in which case you'll see some form of astroturfing zombie army emerge to tweak the bogosphere's Mood Indices.) What happens to LiveJournal moods in September, or graduation time, or Christmas break, or release-date-for-some-popular-game?
I've dealt with a range of different company sizes, from the old-style huge company I've worked with to the little techie shops my friends and customers have often worked for. The folks in the HR department may have psych degrees, but they generally don't understand how tech people think, work, relate to their work, or relate to each other. They _sometimes_ have a clue about how sales people think and work, but HR people who understand techies are really rare golden folks, and you usually only run into them if they're at consulting companies brought in to help your company out of a jam.
I don't think that an HR person needs to be able to read a Java-graphics-widget-set manual to understand how a developer and tech writer talk to each other through the process, but they do need to be able to read things like "The Existential Pleasures of Engineering" or at least read science fiction or have some familiarity with Monty Python or other fundamental works of our culture, as opposed to "The Inner Game of Golf" or "How To Feel Really Really Self-Motivated about Success" if they're doing HR for sales people.
HR people are usually good at dealing with employment bureaucracy - hiring rules, legal requirements, medical insurance, payroll, administering salaries in line with market trends, etc. Sometimes they're good at employee counseling, and you'll find good psych types there handling things like alcoholism or family-related stress. But how often have you seen the HR folks spending time with your department looking at the personal dynamics between people, coaching managers in how to manage the folks working for them? I'd be happy if the HR people could make sure that the resumes they forward to us are for people who understand what all the buzzwords they use mean; I guess they're mainly adding value by filtering out responses that _didn't_ include the right buzzwords, and by understanding the clues that mean "got fired from last job due to ongoing criminal activity" or checking whether they actually attended the colleges they say they did. But if they don't know how developers talk to each other, or what kinds of stories consultants tell with their clients, or what depth of math background is needed for the kinds of problems we solve, then they're seldom likely to add value by sending the ESFJs to one department and the INTPs to another, much less interpreting MMPIs in ways that are any use at all.
Nor do I usually see them forwarding that kind of information on to managers, who might like to know that one developer is an INTP who needs to be encouraged to see the value of shipping code before all possible features have been added, while another is an ISTJ who needs regular short meetings to discuss whether the tools have sufficient generality to really capture the potential user spaces before starting to write the user interfaces for it, or is an ENFP who needs to be given some critical concepts about the functionality and the capability limits so that the user interface actually supports the right features and also needs a supply of chocolate bars to bribe other developers into communicating with the documentation people.
Back in the early 80s, when Affirmative Action was becoming a social issue, we had a lot of HR types spend a lot of time with us to deal with attitudes about cultural diversity (ok, and to deal with lawsuits), and there was a lot of good psych work in some of that as well as generally useful tools for dealing with situations, not only about cultural relationships but also about getting my ISTJ football-player boss to understand different work styles. On the other hand, when the HR department comes around with courses about "Change Is Good!" and buttons saying "We're Navigating Change!", that's really a clue to get your resume in shape for the upcoming layoffs. (I did wear the button
Hey, let's go play laser-tag!
One of the main points of mandating RFIDs in things is to help out the Bush Administration's friends in the business, but another major point is to get people to start carrying around RFIDs to be more trackable. So yes, lying about how far they can *really* be read is part of the point.
But even Europeans have other naming conventions - Hispanic names typically have lots of family-name parts, so "José López Portillo y Pacheco" is López Portillo, not Pacheco. Icelanders retain the older Scandinavian naming customs that Leif Ericson is the son of Eric Whoeversson (I forget if it's strictly patronymic, so Helga Ericsdottir, or if women are named matronymically.) Russian names have the patronymic as a middle name. Irish and Scottish names have mostly abandoned the patronymic systems in favor of family-name surnames, so Ronald MacDonald would be from Clan MacDonald rather than the son of somebody named Donald, but I don't know that they've completely done that, and even then the Gaelic names are more likely to be uncooperative. For instance, the musician Aodh Og O'Tuama has a given name of Aodh Og. Multipart family names with place names in them are common in Germanic and Romance languages - "van der Waals" vs. "Vander Wal" vs. "vandergriff", "de la Cruz", etc. I'm not sure what Ithiel de Sola Pool's family name is - I think it's "de Sola Pool", but I've seen him referred to as just "Pool".
Hey, there're two canonical jokes about token rings, so we might as well cover them both up front. Pass me the pipeweed, dude....