I run 17 domains out of my apartment on a 3Mbps DSL and an ARIN class C.
Six months ago, I was getting about 500 spams/day across them all. Last week's daily average was 46,000.
Thanks to spamassassin, my costs are low. I once rolled my own RBL, SPF, and keyword blocking, but SA's coverage of them all is outstanding. I also recommend the SARS filters for SA.
What is really interesting to me is how much the distribution of delivery varies so widely over domain and username spaces. Some get none (literally zero), others get bombarded, with nothing different except the domain name itself.
Anonymity on the Internet is a dubious prospect at best in most cases. Unless you're using a hijacked or unpaid public connection, I recommend you assume you are speaking your views as yourself publicly, and accept accountability for doing so.
Remember anon.penet.fi? As soon as the heat came down, so did the veil of anonymity.
"Don't hate the sinner, hate the sin" sounds an awful lot like "don't hate the player, hate the game." And what many view as sin seems to be increasingly becoming just part of the game. Interesting social behavioral evolution in that context.
Don't confuse accountability, responsibility, and liability.
1. Accountability means you can point your finger at me and I'll say "yep, my bad." 2. Responsibility means I then have to fix it. 3. Liability means that you then get to take my wallet.
What troubles me lately is that some of the spammers are starting to wise up to certain loopholes in the RFCs. Namely, that mail with an envelope sender of <> or a recipient of postmaster@example.com must be accepted. I've begun receiving spams of this nature in increasing quantities, and without effective countermeasures, they get right through -- because the RFCs say they should.
The solution I'm currently experimenting with is to use simscan with qmail to pipe the mail through spamassassin before indicating final acceptance to the remote MTA. Even if it's sent by <> or sent to postmaster, SA3's scoring rules identify it remarkably well and the sending MTA gets a 5xx and it's game over. As another poster mentioned, 5xx errors are a great way to reduce bounce spam. Plus, legitimate senders who get false positives will know something went wrong, instead of their email going into the black hole of a spam folder.
IANAL(tm), but I would imagine that with no commerce involved, no parties have any actual damages, and therefore no cause against him. Except maybe chopper 7, I guess, for the cost of the ride they were duped out of. But IMHO going after him would be bad form on anyone's part. Let's chalk it up to a good practical joke at our collective expense, figuratively speaking. He got us but good, and that's that.
Suppose a user installs two programs. The EULAs of each stipulate that (s)he agrees to not uninstall the software nor let anything else uninstall it, and that (s)he permits the software to uninstall whatever else it sees fit.
The user has just agreed to contradictory things, thus illuminating the degree to which users (expectably and reasonably) have no clue where EULA-speak is concerned.
Who wins? If both companies sue the hell out of each other and the courts call bullshit, we all do. Until that unlikely event, it's war in the trenches. Me, I'm packing plenty of MREs for the long haul.
The only time I've ever had a box rooted was a few years ago in DC (I was careless with WU-ftpd; lesson learned). I was able to trace back through this particular attacker's sloppiness, and gathered a lot of useful info. When I called the Washington DC bureau of the FBI to report the incident and share what I had learned, I was told, "um, our computer guy's not here right now. Can you call back tomorrow?"
It may surprise you to consider that producers of television entertainment are not in the business of delivering entertainment to consumers.
They are in the business of delivering consumers to advertisers.
Delivering entertainment to consumers is simply a side-effect of their reason for being in business -- it's just one means to achieve their purpose. As soon as it doesn't work, there's no reason for them to keep producing the side-effect (your shows) instead of looking for a better way to deliver your attention to advertisers.
As a voter in DC, I was surprised to be asked "Paper or Electronic?" by the voting staffer. I knew I could ask for paper, but I was inclined to expect to have to do so explicitly. Very pleased with the experience.
$0.02,
ptd
If memory serves me right, Thermos was a classic example of failure to protect a trademark. Apparently, even employees of the Thermos company itself referred to other vendors' products as "a thermos", in writing, and *poof* they were screwed.
One wonders if slashdot enjoys crippling sites and confounding its own readers... otherwise surely they'd post coral-ified or other robust caching links.
Not sure what a "reputed than thou" forwarding source is. If you're saying SPF and SRS are flawed, I disagree. If you're saying that both must be deployed for forwarding to work, I agree.
If you want to ignore SRS, then either (a) don't forward emails or (2) don't publish SPF records.
If you want to publish SPF records and support forwarding, then deploy SRS too.
It doesn't suck, and I typically read/. more from my treo 600 than I do from firefox. But it does need a little help.
Here's my wishlist for what/. needs to improve in its "lite"/wap/palm version:
1. Let me log in for crying out loud. I'm a paid subscriber dammit! Plus, slashdot activity contributes to mod points, and my wireless activity goes completely unrecognized. Give me credit for credit due.
2. I love the "top 5" comments, and sometimes that's all I want to see. But please, do let me see all comments if I want to. Sometimes one of the "top 5" comments will generate lots of good discussion in reply that I then miss.
3. Let me post. We all know you can't get "first post" if you have to wait until you can get to a "real" screen. Just today I was bitten by this big time -- by the time I got back to my desk to say "hey, why not display pr0n on a girl's boobs", the joke was already old.
4. Dunno if this happens on wap phones, but at least on my treo 600, the last character in a post or on a page is often dropped. Makes links broken, and often removes the final punctuation character from a poster's comment. It's probably also related that <blockquote> sections and other formatting doesn't carry over to "next page".
All of that said, I wish every site had a lite/wap version that was even as broken as slashdot's. It's very quick and handy. Viewing normal HTML pages sucks over GPRS. Even a less-than-optimal lite interface is MUCH better than none at all for information browsing.
Slashdot can do better here, but it is still a leader.
I believe debugging output and error messages go hand in hand where improvements of this kind are concerned.
In the area of error messages, we need a better balance between "understandable" and "informative". Today, it's usually one extreme or the other. Either error messages are too "friendly" to the point that they're rather meaningless (as in the notorious "Web site not found"), or on the other extreme, they're so "complicated" that the novice user has no idea what happened (as in "an xxx exception occurred at xxx, here is the stack trace, register states, and many many more confusing numbers").
It would be nice if we (as a society that happens to use computers) could adopt a guide that gives the technically-savvy enough info to go on, but still helps the novices understand what went wrong in terms they can understand too. A balanced approach.
Such an error reporting scheme, if successful, could almost certainly NOT be designed by marketing weenies nor by geeks alone, but through mutual collaboration and willingness to compromise on both sides. Hmm, no wonder it's so challenging.
Ultimately, it's not going to be about tactics like patents and lawsuits and licenses. It's going to be about the populus and the freedoms they deserve and want. The problem is that they don't realize it currently, because the technology is so new that they only thus far believe they want "whiz-bang features".
We, the faithful, already know what is "right". And, I believe, as the general public becomes more technologically knowledgeable (as has happened in the automotive industry in the last century), the population will indeed come to realize the civil technology freedoms they require to retain the immutable freedoms that America's founders intended as they were manifested in the society of that time. Until they do, the corporate powers that see further into the future than grandma does will (temporarily) win.
But once the masses do "get it", civil technology (and general consumer) revolt will not only be necessary, but will be practical and, indeed, so obviously in the interests of the masses that it will be unstoppable.
Corporate America and Congress take note. Civil technology revolt is coming. The question is not "whether", but only "when". When it happens, on which side will you place yourself? How will you strategically manoever yourselves then?
Slashdot Mirror
I then recommend they get a mac, knowing full well that they will probably shy away from the idea and get me another 12-pack in six months anyway.
Everybody plays, everybody wins.
$0.02,
ptd
Six months ago, I was getting about 500 spams/day across them all. Last week's daily average was 46,000.
Thanks to spamassassin, my costs are low. I once rolled my own RBL, SPF, and keyword blocking, but SA's coverage of them all is outstanding. I also recommend the SARS filters for SA.
What is really interesting to me is how much the distribution of delivery varies so widely over domain and username spaces. Some get none (literally zero), others get bombarded, with nothing different except the domain name itself.
So truly, YMMV.
$0.02,
ptd
Remember anon.penet.fi? As soon as the heat came down, so did the veil of anonymity.
$0.02,
ptd
$0.02,
ptd
1. Accountability means you can point your finger at me and I'll say "yep, my bad."
2. Responsibility means I then have to fix it.
3. Liability means that you then get to take my wallet.
$0.02,
ptd
$0.02,
ptd
Excellent. Gentlemen, if you want a party with no girls, this is the one!
The solution I'm currently experimenting with is to use simscan with qmail to pipe the mail through spamassassin before indicating final acceptance to the remote MTA. Even if it's sent by <> or sent to postmaster, SA3's scoring rules identify it remarkably well and the sending MTA gets a 5xx and it's game over. As another poster mentioned, 5xx errors are a great way to reduce bounce spam. Plus, legitimate senders who get false positives will know something went wrong, instead of their email going into the black hole of a spam folder.
$0.02,
ptd
IANAL(tm), but I would imagine that with no commerce involved, no parties have any actual damages, and therefore no cause against him. Except maybe chopper 7, I guess, for the cost of the ride they were duped out of. But IMHO going after him would be bad form on anyone's part. Let's chalk it up to a good practical joke at our collective expense, figuratively speaking. He got us but good, and that's that.
The user has just agreed to contradictory things, thus illuminating the degree to which users (expectably and reasonably) have no clue where EULA-speak is concerned.
Who wins? If both companies sue the hell out of each other and the courts call bullshit, we all do. Until that unlikely event, it's war in the trenches. Me, I'm packing plenty of MREs for the long haul.
$0.02,
ptd
I was aghast, needless to say.
$0.02,
ptd
$0.02,
ptd
It may surprise you to consider that producers of television entertainment are not in the business of delivering entertainment to consumers.
They are in the business of delivering consumers to advertisers.
Delivering entertainment to consumers is simply a side-effect of their reason for being in business -- it's just one means to achieve their purpose. As soon as it doesn't work, there's no reason for them to keep producing the side-effect (your shows) instead of looking for a better way to deliver your attention to advertisers.
$0.02,
ptd
As a voter in DC, I was surprised to be asked "Paper or Electronic?" by the voting staffer. I knew I could ask for paper, but I was inclined to expect to have to do so explicitly. Very pleased with the experience. $0.02, ptd
If memory serves me right, Thermos was a classic example of failure to protect a trademark. Apparently, even employees of the Thermos company itself referred to other vendors' products as "a thermos", in writing, and *poof* they were screwed.
$0.02,
ptd
Radiation! I knew there had to be an explanation for the extreme unattractiveness of the native Troy population (note I did *not* say trojans).
One wonders if slashdot enjoys crippling sites and confounding its own readers... otherwise surely they'd post coral-ified or other robust caching links.
Simple, really.
SPF+SRS works. This group's failure is entirely based in politics.
Back in 2000, this was the original plan of a Washington, DC startup called ZebraPass. They failed spectacularly.
Here's my wishlist for what /. needs to improve in its "lite"/wap/palm version:
1. Let me log in for crying out loud. I'm a paid subscriber dammit! Plus, slashdot activity contributes to mod points, and my wireless activity goes completely unrecognized. Give me credit for credit due.
2. I love the "top 5" comments, and sometimes that's all I want to see. But please, do let me see all comments if I want to. Sometimes one of the "top 5" comments will generate lots of good discussion in reply that I then miss.
3. Let me post. We all know you can't get "first post" if you have to wait until you can get to a "real" screen. Just today I was bitten by this big time -- by the time I got back to my desk to say "hey, why not display pr0n on a girl's boobs", the joke was already old.
4. Dunno if this happens on wap phones, but at least on my treo 600, the last character in a post or on a page is often dropped. Makes links broken, and often removes the final punctuation character from a poster's comment. It's probably also related that <blockquote> sections and other formatting doesn't carry over to "next page".
All of that said, I wish every site had a lite/wap version that was even as broken as slashdot's. It's very quick and handy. Viewing normal HTML pages sucks over GPRS. Even a less-than-optimal lite interface is MUCH better than none at all for information browsing.
Slashdot can do better here, but it is still a leader.
$0.02,
ptd
In the area of error messages, we need a better balance between "understandable" and "informative". Today, it's usually one extreme or the other. Either error messages are too "friendly" to the point that they're rather meaningless (as in the notorious "Web site not found"), or on the other extreme, they're so "complicated" that the novice user has no idea what happened (as in "an xxx exception occurred at xxx, here is the stack trace, register states, and many many more confusing numbers").
It would be nice if we (as a society that happens to use computers) could adopt a guide that gives the technically-savvy enough info to go on, but still helps the novices understand what went wrong in terms they can understand too. A balanced approach.
Such an error reporting scheme, if successful, could almost certainly NOT be designed by marketing weenies nor by geeks alone, but through mutual collaboration and willingness to compromise on both sides. Hmm, no wonder it's so challenging.
We, the faithful, already know what is "right". And, I believe, as the general public becomes more technologically knowledgeable (as has happened in the automotive industry in the last century), the population will indeed come to realize the civil technology freedoms they require to retain the immutable freedoms that America's founders intended as they were manifested in the society of that time. Until they do, the corporate powers that see further into the future than grandma does will (temporarily) win.
But once the masses do "get it", civil technology (and general consumer) revolt will not only be necessary, but will be practical and, indeed, so obviously in the interests of the masses that it will be unstoppable.
Corporate America and Congress take note. Civil technology revolt is coming. The question is not "whether", but only "when". When it happens, on which side will you place yourself? How will you strategically manoever yourselves then?