Slashdot Mirror


User: billstewart

billstewart's activity in the archive.

Stories
0
Comments
7,948
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,948

  1. Recipient-based charging on Attacking the Spammer Business Model · · Score: 1
    The suggestions to artificially impose a charge on sending email that isn't based on the actual costs of sending it are doomed to fail, because they don't make sense. The real cost of spam is the cost of the recipient's time, and the only charging-based systems that make sense are ones where the recipient's mail server or mail client demands "payment" from anybody who's not whitelisted. The payment might be actual money via micropayments, or might be a "hashcash" CPU-puzzle, or might be a TMDA
    "reply to this so I know your address is valid" auto-response, or a "type in the number from this JPG" Turing test.

    Some of these might become popular, some might not, but they have the advantage that you don't have to enforce them on everybody in the world before they work - you only have to enforce them on people who want to send mail to _you_.

  2. Lots of it isn't illegal on Attacking the Spammer Business Model · · Score: 1
    Sure, the Nigerian 419ers are scams, and some of the prescription medication sales violate or seriously skirt the edges of laws about who can sell what drugs to whom (personally, I think those laws are mostly wrong, because you own your own body and should be able to do what you want with it, but they're still existing laws), and many of them are false advertising about the efficacy of their penis extender pills. But a large fraction of the spam is for products that are legal, particularly porn web sites, where the spammer gets the sucker to the free front page and then the sucker decides that the babes look hot enough to be worth paying to see more. FTC can't fix that. And the mortgage lenders that advertise using spam probably aren't close to the lowest rates around, but if they don't violate the local usury laws then the FTC can't touch them either.

    On the other hand, credit card companies, who probably don't view spam as much different from junk mail, really don't like chargebacks.

  3. Floods of Bad Leads get noticed quickly on Attacking the Spammer Business Model · · Score: 1
    You're not just poisoning the overall pool of spammer leads, which drives a slow learning process - you're poisoning the pool of leads from _that_ spammer, which either forces the spammer to sort them before passing them on (screwing his profit), or to pass them on uncleaned, and the people who are paying him are likely to stop paying him quickly once they notice. They know that "Spammers Always Lie", but that doesn't mean they'll tolerate having spammers lie to _them_, and a spammer delivering unfiltered poisoned leads is not really any different to them than a scammer deliberately trying to sell them bogus leads.

    Of course, that mainly applies when the leads get sent in directly, like Viagra sellers, as opposed to web page readers or pump&dump stock scammers.

  4. URLs often encode your information on Attacking the Spammer Business Model · · Score: 1
    With some spammers this can work, but with others it doesn't. Spammer URLs often have a long random-looking code in them, which presumably points to a database record with your information in them. (That's not always the case - sometimes the number is a database record that tells their backend customer that they were the spammer who generated the lead.)

    So don't expect too much anonymity, but on the other hand, if you've got a domain name, you might as well have some believably-named subdomain like mail.yourdomain.com or smtp.yourdomain.com or free-email-accounts.yourdomain.net that's strictly a target for spam, with a few attractive-nuisance emails scattered around the web... At that point it becomes another probability game - 99.999% of them will ignore the fact that you're attacking them, and 0.001% will get pissed off and harass you or joe-job you.

  5. Way Overpriced! Use Palm Pilots... on Smart Badges For Better Meetings · · Score: 3, Interesting

    $40-$100 per day? Even in Hong Kong Dollars, that's way overpriced. For US$100, you can get a brand new Palm Pilot with infrared, so all you need to make it an nTag is an oversize clear pocket protector and some software. Alternatively, for under $100, you can get a Bluetooth-equipped Java-capable phone, and somebody could easily enough program one of those to do the job.

  6. Smart Alecks on E-Voting Expert Testifies · · Score: 1
    Hey, at least she seems to have been convinced that there are people actually concerned with the issue, because the Republicans _have_ been getting a lot of partisan flack from anti-Republicans who view it as a way to attach the Bush Machine.

    Smart alecks are people like me who say that the reason the Bush Machine likes unauditable voting machines is that "Stuffing ballot boxes the old-fashioned way is manual labor, and Republicans don't like to do manual labor."

  7. The message is about her, after all... on E-Voting Expert Testifies · · Score: 1

    Ok, not her as an individual miscreant, but her as a participant in a politically-inspired movement to get everybody to buy into non-auditable voting machines being sold and promoted by Friends of Bush. If she's viewing Rubin as somebody who's opposing this because they oppose Bush, rather than because he actually cares about the results, then that kind of response is appropriate political tactics. On the other hand, if she doesn't care whether that's the case, but is trying to defeat him because he's opposing her political position, then her use of those tactics is a bit more cynical. Either way, of course, she ought to be bounced out of office, but she is responding to a political risk of getting bounced out of office for being part of the Election Machine Machine if they lose.

  8. Driver's Licenses vs. Internal Passports on Gore Vidal Savages Electronic Voting · · Score: 1
    California Drivers' Licenses (which are the latest political flap) didn't require you to prove that your Citizenship Papers Are In Order until ten years ago, when State Reptile\\\\ Governor Pete Wilson decided that it wasn't safe to drive while speaking Spanish.. They weren't internal passports, they weren't "Not A Deadbeat Dad" certificates, they were simply the State declaring that you could drive safely.

    As for other states, it's the same way - it's not that Drivers licenses have been given out to illegal aliens for decades, but rather that states didn't impose non-driving-related requirements until recently. During the 1980s, the Feds changed the 1970s privacy laws to permit the States to collect SSNs from foolish volunteers, then changed them again to permit States to make SSNs mandatory, with the excuse of preventing bad drivers from getting licenses in multiple states after losing their home licenses, and then started using Federal highway money bribes to get states that weren't collaborating with them to play along, just as they did for forcing the drinking age up to 21. There have been states besides California that wanted to go with the right-wing political correctness flow and harass immigrants during the 90s or maybe even 80s, but it was all basically a new thing.


    Free countries generally restrict who's allowed to drive to protect other drivers. It's not strictly Constitutional, and it's an interference with the fundamental human rights of freedom to travel, but road safety is an important thing to preserve and nobody's come up with a really good alternative. Totalitarian societies, on the other hand, like to have pass laws, and internal passports, to keep the rabble in line and make sure the underclasses only go where the government wants to let them. You've probably noticed that over the last 10 years, the airlines have gotten the US government to let them require ID to fly (the government likes the amount of database feed they get, and the airlines get to stop travel agencies from buying lots of cheap discount tickets and reselling them), but even Greyhound has been talked into letting cops harass passengers, and in some cities, they're also demanding government photo ID, and increasing numbers of hotels are demanding photo ID, sometimes claiming it's because of local government requirements. I'll leave you to draw your own conclusions about whether the US climate is moving more towards freedom or totalitarianism.

  9. My Land On The Moon on Orbdev Files US Federal Suit Over Asteroid Claim · · Score: 1
    So back in 1979 I was going to school at Berkeley, and this guy came around the Plaza wearing a silver spacey costume, doing a schtick about selling land on the moon. I think it was an acre for $5, and you got a nice pretty framed certificate, that said exactly where it is. He made no bones about its validity - it's the same acre for everybody, and "I'm giving you one big pretty piece of green paper with a picture of the Moon on it and you're giving me one little piece of green paper with a picture of a dead politician on it." But he also had a nice folder of newspaper articles about him going around to different colleges selling land on the moon, and part of the schtick was about how he'd gotten arrested in some of those places, but hey, he wasn't committing fraud, he'd told you it was bogus. And part of it was how you had to be pretty careful to avoid taking LSD, because otherwise you might end up walking around dressed funny trying to sell people land on the moon. The deed's probably still in the back of my closet somewhere.


    However, as far as the legality of land claims goes, you can claim anything you want, but if you want some government or other official organization to enforce your claim for you or to pay you money in return for the value you've got, it's probably really gratifying to get somebody to actually respond with a "pound sand" letter, rather than either ignoring you or harassing you. Taking NASA to court was a stupid move, because if a court accepts it rather than just laughing at him, they'll undoubtedly squash the plaintiff and force him to pay NASA's legal costs for filing a frivolous case. My college acquaintance who declared himself King of West Antarctica (after doign the research to find a sliver that nobody'd claimed before the treaties not to do that) didn't even get a "pound sand" letter back from the UN when he informed them.

    Now, if it reaches the point that this joker actually gets himself a rocket to the asteroid before anybody else and wants to declare himself to be the local government and _evict_ NASA's probe or break it up for parts, NASA probably won't sue him in his own asteroid's court, but if he gets back to Earth they might sue him for it. By contrast, while the King of West Antarctica could theoretically visit his domain and do something there, I doubt he ever did.

  10. How Reusable Is It? on Ritz Disposable Digital Camera Hacked · · Score: 1

    OK, so we can now read the data ourselves instead of paying twice as much to have Walgreens do it. But how reusable is the camera itself? Are the batteries replaceable? How long do they last?

  11. RFC2267 is ISP best practice for IPv4 today on Gangs Extort Companies With DDoS Attacks · · Score: 1
    Hierarchy can make this more efficient, but only if addresses actually get assigned hierarchically. Most IPv4 Internet connections today are either using their ISP's address space or are using their own registered address space, so ISPs can do source address assurance today, and some do. RFC2267 recommends that all ISPs do this. That means that a user with a /24 can impersonate the other 253 addresses on their connection, but can't impersonate addresses on other connections, so if the user is doing Bad Things, they can be blocked.

    The main difficult case is end-users who have multiple ISP connections and may send packets out their ISP2 connection with their ISP1 address, but even that's manageable.

    Routers have traditionally not been very good at doing this kind of filtering, at least without burning large amounts of CPU because it's not implemented in the ASICs, but there's been increasing support recently. For ISPs using Cisco routers, the common approach is uRPF reverse packet filtering, which drops packets with a Source IP address that the router doesn't have a valid route for. Typically on end-user connections you run it in strict mode (which drops it if there isn't a route using the interface that the packet came from), and in the middle or peering edges of the network you'd run loose mode, which drops it if there isn't _some_ route known to the router.

    Some ISPs implement this, including one of the largest in the US (Disclaimer: my employer hasn't authorized me to give a shameless plug here, so I won't name them) and most ISPs are at least pretty good about filtering BGP route announcements to only permit addresses that the customer actually owns. That's not universal, and it's sometimes harder to validate ownership than you'd expect, so there's a certain amount of IP address space hijacking, typically of space where the original owners are a dead.com so they're not around to complain when somebody forges a request to one of the registries.

  12. Upgrade to 400 MHz and TWM ! on 'Reversible' Computers More Energy Efficient · · Score: 1
    Sure, reversible computing can radically increase your performance! Upgrade from that 4 GHz Pentium 4 with Windows 2004 to a 400 MHz XScale with Linux and TWM, and you'll find things go a lot faster, quieter, and smaller! (And if that's not fast enough, upgrade to MGR....)

    Slightly more seriously, though, you might try IceWM or Blackbox if you want something newer than TWM but still lightweight. Are there any other good low-overhead window managers?

  13. That's More Debuggers for Us! on Security FUD On Linux · · Score: 1

    So Microsoft is going to go out hunting for bugs in Linux? Great! We always need more debuggers! And if MS pays some of them, even better! If they'd publish the source code for Windows (no need for Free(tm) Software or Open Source or accepting patches, just publishing it so we can see it) we'd help them out with debugging too. But meanwhile, we can fix the bugs they find faster in Linux than they can fix the bugs in Windows they find, and it's usually a lot safer to patch Linux systems than Windows systems.

  14. 1/3 disks, 2/3 bloated computer on Building a Budget Storage Server · · Score: 5, Insightful
    They spent about $1000 of that cost on disks, and were too cheap to spend an extra $250 for RAID, but they spent $100+60 on a really cool keyboard and mouse and $100 for a really cute front-panel display.

    They spent $300 for a Pentium-3 and $200 for a high-end motherboard and $350 for the fastest most expensive memory they could find, when a "budget server" could do just fine with a ~$100-150 2GHz CPU+motherboard and $200 for 1GB of average-speed memory. (Their motherboard does sound good, though.) After all, the bottleneck here is the disk drives and network, not the CPU, though even on a budget server it's probably worth having the 1GB of RAM for caching and for staging CD or DVD burns.

    The $190 power supply seems expensive, but that may be realistic for a system that can expand to 8 drives. If you've got a UPS, you may not need as high-end a power supply, and a "budget" system might get away without it, but since they were too cheap to buy a 5th drive for RAID they're probably much more in need of highly reliable power. And their 3GHzP4 CPU and overpowered-for-a-server video card use too much power and put out too much heat - you can easily save 50-75 watts by making better choices, and probably 100. You could save even more by using a motherboard with built-in 2D video, but most of those don't have the high-performance networking support yet.

    Also, they didn't have a price for an operating system :-). That means that they're planning to use Linux, which is another reason not to waste power or cooling or money on a gamerz video card...

  15. Recordings can't reproduce chemistry on McDonald's Billion-Song iTunes Giveaway · · Score: 1

    That CD may hit all the accoustics near-perfectly, but it doesn't have any spare bits to reproduce the chemicals that were affecting your perception the night of the concert. So get some dope to smoke while listening to the CD...

  16. That's still noise on McDonald's Billion-Song iTunes Giveaway · · Score: 1
    If you're replacing quantization noise with dithering noise, it's still noise. On the other hand, if you can hear 16 vs. 24 bits for average music, your ears are more golden than mine. There's usually a lot more effect from microphone quality and location, concert hall noise for live music, etc.

    When I was in college ~25 years ago, and music was still mostly sold on vinyl, and noise was mostly still analog (:-) one of my housemates had a medium-quality stereo system, and said that his system had reached the point that he could hear the original music pretty well. He was into classical music, and at that point it was much more effective for him to buy records from better orchestras with better conductors than to buy better stereo equipment so he could hear mediocre orchestras really clearly.

  17. Slashdotted Already - Here's a copy on Nokia N-Gage Cracked · · Score: 0, Redundant
    It's already dogging out. Here's a copy

    Nokia's N-Gage mobile gaming device has been cracked
    Posted by Dennis on 11 November 2003 - 14:50 - Source: SPOnG.com


    Mr. Belvedere, our Club CD Freaks Moderator, used our news submit to tell us that Nokia's N-Gage device has been cracked according to this information. The Nokia N-Gage device is primarily a handheld gaming device but it can also be used as an MP3 player, wireless browser and last but not least as a telephone.


    The games that were designed for the N-Gage will of course only work with the Nokia device but not anymore. Now that the security on the N-Gage has been cracked the games can be played on other mobile phones as well such as the Siemens SX1:


    Nokia will today be licking its wounds and doing a fair amount of worrying, with the revelation that the N-Gage's security has been cracked like an egg, with other manufacturers' handsets able to play the machine's software.


    Specifically, the Siemens SX1 is already capable of running N-Gage games, with Sonic N being the only game seen in public, though it's expected that the others won't be too far behind.


    This is expected to be the start of a process that will see third-party hardware add-on sales of devices that will enable many phones to simply suck up the N-Gage content, then go on their merry way.


    Nokia's reaction to this new, seemingly unforeseen problem, will be interesting to observe, to say the least.


    Some screenshots and video's of the Siemens SX1 mobile phone running the Nokia N-Gage games can be found on Club-Siemens. More information on the hacked N-Gage can be read here and here.

  18. Jar Jar McBride on SCO to Take On Hollywood · · Score: 1

    Shouldn't be too hard for Lucasfilm to create a bargaining chip "Drop the Suit, or We'll Release Jar-Jar McBride"

  19. .... Profit! on SCO Will Pay You Not to Use Linux · · Score: 0
    Duh.. forgot to add

    3.... Profit!!

  20. Installing SCOware on Virtual Machines on SCO Will Pay You Not to Use Linux · · Score: 4, Funny

    Sure, I'll be happy to switch N virtual machines over to a binary-only SCOware or Microsoft instead of Linux, if they'll pay me enough per virtual machine. .

  21. sales@belkin.com techsupp@belkin.com on Belkin Routers Route Users to Censorware Ad · · Score: 1

    By popular demand, putting those addresses on the Internet occasionally leads to people trying to sell _Belkin_ stuff (like clues) and support _Belkin_ technically (like telling them that there's this terrible bug breaking their system) instead of buying stuff _from_ Belkin and getting help _from_ Belkin. It's not very frequent, and you can turn it off by returning the email addresses to the pool of unused character strings floating around the universe.

  22. Is that Free as in Bad Beer, or Rude Speech? on Belkin Routers Route Users to Censorware Ad · · Score: 1

    Yiiidge. Firewalls are supposed to help you keep junk _out_ of your computers, not bring it in.

  23. I Assumed it was Spam and Discarded It on Microsoft CA Settlement Claim Forms Hit Mailboxes · · Score: 1
    Oh, come on now, you get email that says "Subject: Microsoft will give you Free Money!" from some domain you've never heard of, looks a lot like spam. I never even opened it, but canned it from the headers. There's no obvious way that the State should have my email address, though perhaps I'd registered that with MS.

    Besides, anti-trust is a bogus claim anyway. If MS owes me any money back on what they charged for Win98SE and WinME, it's not because the products were too expensive (they weren't), or because they forced my manufacturer to sell a copy of it (they were a mom&pop assembly shop) - it's because the stuff didn't fix the bugs I cared about.

  24. Microsoft Outlook Calendar is good for this... on Microsoft Forgets To Renew Hotmail.co.uk · · Score: 1

    You'd think that if they're using Outlook, they could put "Remember to renew all your domain names" in their Calendar.... But maybe the Hotmail folks are using Hotmail instead.

  25. Stuffing ballot boxes is manual labor... on Touch-Screen Voting Snags Continue · · Score: 1

    ...and Republicans just don't _do_ that kind of thing, and aren't as good at it as the Democrats. That's why there's such a big push to go to automated systems without audit trails manufactured by large Republican contributors.