Back before we had open source operating systems, we had Unix and its relatives, and the Posix standards were developed as an industry-neutral platform for developing portable Unix applications. The US government adopted Posix support as a standard requirement for all computer purchases - hardware had to run Posix, and application software had to run on Posix. It was easy to get waivers for it, so everybody did, and eventually Microsoft built some Posix support on top of Windows NT so that procurement people could check the box on their contracts saying they'd met the requirement without actually having to use it for real applications.
Too bad, especially since Microsoft Office hadn't really taken over the world - Word was popular, but so was Word Perfect, and both were relatively ugly and usually character-based WYSIWYG rather than fully GUI-based.
Good grief, if you're pointing to 68k.org, you should remember the OS9 operating system from ?Microware? that ran on 68ks and 6809s. The domainregistry.ie page and 68k.org pages you point at do correctly refer to Mac OS 9.
Yes, the "We'll just download it off the internet" model isn't very confidence-inspiring to a government procurement officer, and it doesn't provide the necessary chain of responsibility to get things fixed. Businesses often have similar concerns about using it. But there's a fix for this - Open-souce support companies!
Cygnus, one of the originals, provided lots of custom support, ports to new hardware, driver development, etc. This model works well for customers that need more customized support. Of course, they've been bought by Red Hat.
Red Hat and similar mass-market operating system packaging companies provide uniform environments for customers that need uniformity rather than customization. It's supported at least as well as Microsoft, because in addition to the random developers in the background, there are people at the packaging company who develop pieces that are needed for the mass-market install&upgrade market as well as doing extensive testing.... Ok, maybe this is a bit optimistic (:-), but I haven't had Linux crash on me even weekly, compared to at least daily for most Microsoft OS's, and keeping the kernel and the window system separate means that even though I've seldom had a window system crash on Linux, it does much less damage than a Microsoft Windows window system hang, and somehow vi and emacs never carried viruses like Word and Excel, and/bin/mail and its more clueful GUI friends never got into the rampant virus epidemics that Exchange / Outlook get.
Back when I was a college student, I started drinking herbal teas, because when you're up late studying it's nice to have something hot and tasty to drink, but you can't keep guzzling the real stuff by the liter and expect to ever get to sleep again. These days, you can have your decaf triple latte (aka nice warm milk to help you sleep) along with that ProVigil pill.
Just about all the wireless devices I've seen are really made for PC Card, aka PCMCIA and/or Cardbus, and if there's a PCI version, it's an adapter to plug their PCMCIA card in. At least one 802.11a manufacturer I talked to said that they weren't planning to do PCI and didn't think the other major players were either - if you want it, get a PCI-to-Cardbus adapter. So it's odd that a box made for the wireless gateway-frob market is using mini-PCI and the bigger one has PCI.
No, it's not cracked - even 64 bits is at the level of "really hard for a large distributed effort", as in the distributed.net people have been cracking for a couple years on the slightly harder RC5 and haven't finished. (It took them 250 days for RC5-56 in 1997.) 128 bits is 2**64 times as hard, which is a big number.
On the other hand, RC4 has limitations on how it can be used - things like "never ever use the same key twice", which are broken independent of key length. MS PPTP had 6-7 major holes, including at least two ways to use the same key twice. WEP also found a couple of ways to use it wrong, even if you use 128-bit keys.
The WEP standard chose to use the fundamental crypto algorithms in badly broken ways, but if you don't do stupid things to break RC4's security, there are some things that are very nice about it. It's dirt simple, and the little complexity it has is in the initial key setup. Key setup time and code size don't change significantly for key lengths between 8 and 248 bits, and the data encryption phase is all byte-based so it doesn't depend on the key length at all.
The WEP standards group was trying to avoid US Pretending-To-Be-Anti-Communist export laws (and also French and Chinese policies), so they took a conservative approach and designed a system that could be used with short known-to-be-easily-cracked keys, but could also be used with medium-but-still-inadequate keylengths or acceptable keylengths if you set the correct values in the ROMs. Of course, like Microsoft PPTP before them, they did so in an incompetent manner without adequate adult supervision, so their work was shredded by some of the same people at Berkeley who helped shred the initial RC4/40 "export-quality" code, and who also shredded the GSM Telephony incompetent encryption algorithms over lunch one day.
I've been told by somebody working at an 802.11a manufacturer that the specs for that are designed to have significant parts of the system run on the host computer's CPU rather than the card, and that therefore there'd be issues with getting Linux drivers unless the manufacturers funded them.
Some of the concerns are the amount of processing horsepower required for security and maybe also for some of the communications functions, since it's easier to add computational horsepower when you're not crammed into a small card competing for space and heat load with the radio circuitry, and also convenience in upgrading the system, especially if upgrades may require even more substantial increases in CPU crunching, such as bigger RSA modular multiply/exponentiations.
The importance of convenient upgrades has been amply demonstrated by the repeated failures of WEP:-)
Teergrubes are tarpits to stick spammers in. They look like perfectly correct SMTP servers, e.x.c.e.p.t. t.h.e.y. a.n.s.w.e.r. v..e..r..y.. s..l..o..w..l..y.. and maybe generate lots of error messages requiring repetition, and basically they leave the spammer's machine tied up for a long time with very little effort. A legitimate mailing list server that encounters a teergrube will normally survive, because it's usually multithreaded, or at least has almost all its recipients as legitimate users, but an occasional few minutes of one thread stuck in a trap isn't a major problem. But a spammer who's encountering a large number of teergrubes (especially if he picked them all up at once from a spidertrap) will have lots of threads tied up for a long time and may not have enough spare capacity to bother real targets. There are a number of implementations around.
And somewhere out there is a far nastier variant on a teergrube that can keep a typical smtp session up for hours with only a few kilobits/minute, using tricks like setting TCP windows very small, NAKing lots of packets so TCP retransmits them, etc. (It basically works by saying "No, SMTP/TCP/IP isn't a set of protocol drivers in my Linux kernel, it's a definition of a set of messages and there's no reason I should user a bunch of well-tuned efficient reliable kernel routines when I can send raw IP packets myself designed for maximal ugliness."
Spamido is an automated tool for collecting spammers' addresses so they can be fed back to other spammers.
Wpoison and Sugarplum are spidertraps that generate lots of fake addresses for a long time.
I've posted a separate article about fun tricks with round-robin DNS to feed spammers FQDNs that resolve to open relays, which will forward to other open relays. And if you know machines running Teergrubes, they're excellent addresses to feed spiders.*
If you're not messing with DNS, though, there are lots of addresses that can cause trouble:
sales@spammerdomain.com, where the domain may be your spammer (if you customize your spidertrap) or a random spammer. They'll probably reject abuse@ and other obvious administrators, but names like "sales" and "purchasing" and "marketing" and anything that might get a real user is good.
randomjunkuser@spammerdomain.com. If they're not verifying the list before using it, this is good.
randomjunkuser@randomjunksubdomain.spammerdomain .c om
randomjunkuser@spamhausdomain.com, at some site that encourages spammer customers.
randomjunkuser@randomjunksubdomain.spammers-ISP. ne t - does the spammer's ISP check for bad DNS hits?
randomjunkuser@othercustomer-of-spammers-hosting -I SP.net. Your mission is to get the spammer's ISP to throw off the spammer. If you want to be much ruder, you can use real-presidents-name@othercustomer-of-spammers-hos ting-ISP.net.but both of those attacks require more customization to hit spammers you're having ongoing problems with, as opposed to shotgunning them all.
unsubscribeme-address@unsubscribemedomain.com - anything not immediately recognizable as "remove@". Give some other spammer's list builder a bunch of addresses to work with.
Spamware that sends its own mail probably rejects 127.0.0.1, but spamware that abuses open relays won't notice, because it'll be the abused relay that resolves the domain name. Sendmail may be bright enough not to freak out with 127.0.0.1, though you could have fun with 127.0.0.2. And don't give them whitehouse.gov, but you might give them a FQDN that resolves to whitehouse.gov's IP address.
But you can do better than that - Give them FQDNs that resolve to Open Relay sites, and use Round-Robin DNS if you can. If you've got your own domain, you can spare plenty of FQDNs, like mail2.mydomain.com.
The spammer or open relay will send spam to mail2.mydomain.com, which resolves to [relay1.school1.kr].
Relay1.school1.kr will relay it to mail2.mydomain.com, which your round-robin resolves to [relay2.school2.kr].
Relay2.school2.kr will send it to mail2.mydomain.com, which your round-robin resolves to [somebox.cn.net].
somebox.cn.net will send it to mail2.mydomain.com which..... ad nauseum, ad erroneum.
Depending on how you set up the round-robin, and where the relay machines get their DNS resolution done, you may be able to make them run in a tight little loop around the Korean broadband, or burn expensive international bandwidth between China and Sweden.
Or you could give them random names at various spammer and spamhaus sites, or FQDNs that resolve to the addresses of spammers or spamhausen, or remove-me addresses of other spammers. They may filter out their own, and don't give them obvious addresses like abuse@ or postmaster@, but surely they won't recognize most of them, especially the latest Corrupt Nigerian Official trying to launder embezzled money.
It's nice that you said that Dr. Zowie's using a 10-line proxy to be able to use alternate routes, but what's its name, where do we get it, and/or what's the source code? Thanks!
Yes, there are some people whose brains are wired a bit differently and just can't get spelling right, just as some people are dyslexic or have other minor wetware glitches. It always surprises me the number of bad spellers I run into in the computer business, because their primary job includes getting syntax and spelling perfectly correct in a language that's not their mother toungue, but it's pretty common; perhaps there's enough feedback loop in programming that you get trained to do everything correct and you didn't have that when you were learning English's pseudorandom excuses for spelling rules.
But that's no excuse for misspellings in material you're typing into a computer that has a spellchecker -- if you know you can't spell, or if you spell fine but type badly, there's a tool right there that'll fix the problem - use it!. It may still give you bad advice about correct words to use, so if you don't grok spelling or if English isn't your first language, you'll occasionally have incorrect words, but it's an easy start. There are also grammar checkers, but they unfortunately haven't reached really high quality, so a lot of their advice is bogus.
While I dislike most of Microsoft Office, one thing I really like is the user interface for the spellchecker. It doesn't jump out and dialog-box you, it just quietly underlines words or sentences it doesn't like in red or green squigglies. You can right-click on one and you'll get its comment about the word or sentence, and may offer you alternatives - sometimes it even offers you useful alternatives:-)
Yes, you've got to use a USB keyboard and mouse instead of your current one, and you'll miss the grooves you've warning into the plastic obsessing on your favorite games, but you didn't buy a box with 12 IDE drives to use the for gaming! You bought it to be a server or movie production studio, or you bought it to build your own Tivo, and it's going to sit under the table and connect to your old machine by Ethernet or Wireless.
Modern "legacy-free" computers work just fine with USB keyboards and mice, and if you don't like new mice, get a USB-to-serial converter to support your antique Logitech. The Firewire and USB2 mean you can plug in fast external devices, either inputs like video cameras or storage devices, and and as a bonus you can refill your MP3 player from the 3 YEARS OF CONTINUOUS MP3s it can hold:-)
Of course, 90% of what you could do ten years ago on a high-end SGI can now be done on a palmtop or generic PC, because Moore's law has made both CPUs and graphics processors much faster.
According to the articles, the Herbalife signs all look pretty much the same because the company sells them. If they stop selling more signs to their "independent distributors", maybe they mean that directive - but if they keep selling signs, then they're just trying to look good. Answers will be coming soon to a telephone pole near you:-)
MLMs aren't all scams, it's only 90% that are that give the others a bad name:-) To the extent that they're legitimate businesses rather than pyramid scams, it's because they're selling a real product that real customers are likely to want to pay for, and the MLM/pyramid/network structure is just a mechanism for hiring salespeople that scales with the product's ability to attract customers.
But if this company doesn't put its name on the advertising, that says it's *only* trying to sell distributorships, not products. Which is to say, it's real product is scamming other people into paying to become distributors, not to sell product.
Around here, about half the signs are "Work From Home" and about half are "Lose 30-40 Pounds", so it's some balance between pure scammage and probable scammage.
First of all, you don't make money at it, so the only way tax deductions help is if you can use the business to convert expenses that would otherwise be personal into business expenses, which is hard. And if you are one of the rare people making money on it, the main way you can reduce taxes is by deciding it's a cash business and not reporting any of the income, which may be difficult depending on what Herbalife reports to the IRS.
Sure, you can deduct the expenses of the business, as long as you make money one year out of three (which basically means you can lose money for two years before giving up.) But that only covers your car and printing expenses - it doesn't cover the value of your labor, which is the big cost of putting up the signs. If you pay someone else to install your loser-signs, you can deduct what you pay them, but they have to pay income taxes on it, so that's no help, unless you can scam a bit of money into your otherwise-non-taxpaying kids' names. (If you pay yourself wages, it would be a wash, except that you'll then owe self-employment tax (aka Social Security) so you're paying out even more.) It's a big lose.
You can only deduct your home office if it's dedicated to being a home office and meets a variety of other rules. You can't simply deduct 1/4 of your rent because half your living room and garage are full of posters and boxes of unsold dangerous pills, or because you've got your computer on the table in the family room along with the TV. And if you do own your home, the money you've deducted for using it as a home office has tax consequences down the road as well. Don't bother with the home office deduction unless you're running a real business.
Star Wars borrowed from *everybody* and *everything*! The tie-fighter scenes aren't significantly different from World War 2 movies, and aren't intended to be. It's good Saturday Afternoon Space Opera, and Late Night TV Black&White Movies and John Wayne Westerns and Dune and Joseph Campbell and lots of other things, and if the Antique Mythology gets filtered through Buck Rogers on its way from Hercules to here, That's Just Fine! Myths don't have to be old to be good storytelling, and recent source materials do often have old myths behind them, though certainly not always..
In spite of Brin's very perceptive rant, referenced by other articles here, there's more distinction between good and evil in Star Wars than most movies of the time - compare it to, say, The French Connection and other Watergate-era movies, where the protagonist isn't particularly better than the Bad Guys.
No, it didn't say "Episode IV" or "A New Hope" in the original. That was later, just like turning the original Jabba The Hut from a not-very-memorable-in-person Casablanca-like Fat Man into His Green Jabbaness was also a revision after "Revenge Of The Jedi" was so wildly successful.
It's nice to have version N+0.0.1 of Mozilla finally reach the official 1.0.0.0.RC.1, but for me the big issue in the last couple of versions has been "What plugins work?". While I'm a strong believer in the "HTML is supposed to be a content distribution language, not a page layout language" sort of purism, many of the web pages I want to read aren't (:-), and often they'll include things like Flash, RealAudio, Quicktime, etc., and I'd especially like to be able to see the movie formats.
But I've had real trouble installing the things successfully in Mozilla - plugin installers often "know" that they belong to Netscape, and don't seem to be visible to Mozilla, especially if I have both browsers installed on my Win98 machine. Which plug-ins are going to work? Will the Mozilla developers test the installation procedures? And how do you keep Internet Exploiter from stealing dominant-browser status?
Unintentional attacks do happen - that article on Slashdot pointing to www.myserver.org instead of www.myserver.com, or some TV commercial giving out your 888 number instead of the correct 877 number or whatever, or having somebody type your phone number into their ginsu-fax-o-matic by accident and having the thing keep calling you. Yes, it wasn't deliberate, but it feels just about the same.
Some DDOSer once cracked one of my DSL lab machines and was pinging home to his box at MIT - except it wasn't really MIT, he'd gotten the byte order wrong on his IP address somehow and was trying to phone home to Japan.
Too bad, especially since Microsoft Office hadn't really taken over the world - Word was popular, but so was Word Perfect, and both were relatively ugly and usually character-based WYSIWYG rather than fully GUI-based.
Good grief, if you're pointing to 68k.org, you should remember the OS9 operating system from ?Microware? that ran on 68ks and 6809s. The domainregistry.ie page and 68k.org pages you point at do correctly refer to Mac OS 9.
C'mon, the very name implies "These aren't the games you're looking for, you can move along".
Back when I was a college student, I started drinking herbal teas, because when you're up late studying it's nice to have something hot and tasty to drink, but you can't keep guzzling the real stuff by the liter and expect to ever get to sleep again. These days, you can have your decaf triple latte (aka nice warm milk to help you sleep) along with that ProVigil pill.
Just about all the wireless devices I've seen are really made for PC Card, aka PCMCIA and/or Cardbus, and if there's a PCI version, it's an adapter to plug their PCMCIA card in. At least one 802.11a manufacturer I talked to said that they weren't planning to do PCI and didn't think the other major players were either - if you want it, get a PCI-to-Cardbus adapter. So it's odd that a box made for the wireless gateway-frob market is using mini-PCI and the bigger one has PCI.
There are some advantages to remakes of bad movies :-)
On the other hand, RC4 has limitations on how it can be used - things like "never ever use the same key twice", which are broken independent of key length. MS PPTP had 6-7 major holes, including at least two ways to use the same key twice. WEP also found a couple of ways to use it wrong, even if you use 128-bit keys.
The WEP standards group was trying to avoid US Pretending-To-Be-Anti-Communist export laws (and also French and Chinese policies), so they took a conservative approach and designed a system that could be used with short known-to-be-easily-cracked keys, but could also be used with medium-but-still-inadequate keylengths or acceptable keylengths if you set the correct values in the ROMs. Of course, like Microsoft PPTP before them, they did so in an incompetent manner without adequate adult supervision, so their work was shredded by some of the same people at Berkeley who helped shred the initial RC4/40 "export-quality" code, and who also shredded the GSM Telephony incompetent encryption algorithms over lunch one day.
Some of the concerns are the amount of processing horsepower required for security and maybe also for some of the communications functions, since it's easier to add computational horsepower when you're not crammed into a small card competing for space and heat load with the radio circuitry, and also convenience in upgrading the system, especially if upgrades may require even more substantial increases in CPU crunching, such as bigger RSA modular multiply/exponentiations.
The importance of convenient upgrades has been amply demonstrated by the repeated failures of WEP :-)
And somewhere out there is a far nastier variant on a teergrube that can keep a typical smtp session up for hours with only a few kilobits/minute, using tricks like setting TCP windows very small, NAKing lots of packets so TCP retransmits them, etc. (It basically works by saying "No, SMTP/TCP/IP isn't a set of protocol drivers in my Linux kernel, it's a definition of a set of messages and there's no reason I should user a bunch of well-tuned efficient reliable kernel routines when I can send raw IP packets myself designed for maximal ugliness."
If you're not messing with DNS, though, there are lots of addresses that can cause trouble:
But you can do better than that - Give them FQDNs that resolve to Open Relay sites, and use Round-Robin DNS if you can. If you've got your own domain, you can spare plenty of FQDNs, like mail2.mydomain.com.
Depending on how you set up the round-robin, and where the relay machines get their DNS resolution done, you may be able to make them run in a tight little loop around the Korean broadband, or burn expensive international bandwidth between China and Sweden.
Or you could give them random names at various spammer and spamhaus sites, or FQDNs that resolve to the addresses of spammers or spamhausen, or remove-me addresses of other spammers. They may filter out their own, and don't give them obvious addresses like abuse@ or postmaster@, but surely they won't recognize most of them, especially the latest Corrupt Nigerian Official trying to launder embezzled money.
It's nice that you said that Dr. Zowie's using a 10-line proxy to be able to use alternate routes, but what's its name, where do we get it, and/or what's the source code? Thanks!
But that's no excuse for misspellings in material you're typing into a computer that has a spellchecker -- if you know you can't spell, or if you spell fine but type badly, there's a tool right there that'll fix the problem - use it!. It may still give you bad advice about correct words to use, so if you don't grok spelling or if English isn't your first language, you'll occasionally have incorrect words, but it's an easy start. There are also grammar checkers, but they unfortunately haven't reached really high quality, so a lot of their advice is bogus.
While I dislike most of Microsoft Office, one thing I really like is the user interface for the spellchecker. It doesn't jump out and dialog-box you, it just quietly underlines words or sentences it doesn't like in red or green squigglies. You can right-click on one and you'll get its comment about the word or sentence, and may offer you alternatives - sometimes it even offers you useful alternatives :-)
Modern "legacy-free" computers work just fine with USB keyboards and mice, and if you don't like new mice, get a USB-to-serial converter to support your antique Logitech. The Firewire and USB2 mean you can plug in fast external devices, either inputs like video cameras or storage devices, and and as a bonus you can refill your MP3 player from the 3 YEARS OF CONTINUOUS MP3s it can hold :-)
I haven't tried it on anything bigger than 2Kx2K, but it's really an excellent tool.
Of course, 90% of what you could do ten years ago on a high-end SGI can now be done on a palmtop or generic PC, because Moore's law has made both CPUs and graphics processors much faster.
According to the articles, the Herbalife signs all look pretty much the same because the company sells them. If they stop selling more signs to their "independent distributors", maybe they mean that directive - but if they keep selling signs, then they're just trying to look good. Answers will be coming soon to a telephone pole near you :-)
But if this company doesn't put its name on the advertising, that says it's *only* trying to sell distributorships, not products. Which is to say, it's real product is scamming other people into paying to become distributors, not to sell product.
Around here, about half the signs are "Work From Home" and about half are "Lose 30-40 Pounds", so it's some balance between pure scammage and probable scammage.
Sure, you can deduct the expenses of the business, as long as you make money one year out of three (which basically means you can lose money for two years before giving up.) But that only covers your car and printing expenses - it doesn't cover the value of your labor, which is the big cost of putting up the signs. If you pay someone else to install your loser-signs, you can deduct what you pay them, but they have to pay income taxes on it, so that's no help, unless you can scam a bit of money into your otherwise-non-taxpaying kids' names. (If you pay yourself wages, it would be a wash, except that you'll then owe self-employment tax (aka Social Security) so you're paying out even more.) It's a big lose.
You can only deduct your home office if it's dedicated to being a home office and meets a variety of other rules. You can't simply deduct 1/4 of your rent because half your living room and garage are full of posters and boxes of unsold dangerous pills, or because you've got your computer on the table in the family room along with the TV. And if you do own your home, the money you've deducted for using it as a home office has tax consequences down the road as well. Don't bother with the home office deduction unless you're running a real business.
In spite of Brin's very perceptive rant, referenced by other articles here, there's more distinction between good and evil in Star Wars than most movies of the time - compare it to, say, The French Connection and other Watergate-era movies, where the protagonist isn't particularly better than the Bad Guys.
No, it didn't say "Episode IV" or "A New Hope" in the original. That was later, just like turning the original Jabba The Hut from a not-very-memorable-in-person Casablanca-like Fat Man into His Green Jabbaness was also a revision after "Revenge Of The Jedi" was so wildly successful.
But I've had real trouble installing the things successfully in Mozilla - plugin installers often "know" that they belong to Netscape, and don't seem to be visible to Mozilla, especially if I have both browsers installed on my Win98 machine. Which plug-ins are going to work? Will the Mozilla developers test the installation procedures? And how do you keep Internet Exploiter from stealing dominant-browser status?
Some DDOSer once cracked one of my DSL lab machines and was pinging home to his box at MIT - except it wasn't really MIT, he'd gotten the byte order wrong on his IP address somehow and was trying to phone home to Japan.