If a company gets dictatorial, we can
boycott its revenue stream. Governments never relinquish control short of a revolution.
If a company makes terrible decisions, we can set up an alternative system. Companies can try to make your life harder, but governments can actually use force in outlawing another system.
On the whole, government control of these resources is a bad thing. The best thing is to engineer it so that is no need for a single governing body at all. That way there is no lock-in to any governing body.
Aren't there already several alternate roots for DNS we could all be supprting? That's the way to keep DNS free--have many competing providers. Some can be corporate, some volunteer.
As for ridding the system of assigned numbers (IANA), that's tougher.
Entering all that metadata that would make keyword searches viable would certainly help, but people already have the ability to do that - it's not worth the time or effort.
I'd like a camera that could accept voice metadata, turn it to text, and preserve it when it went onto the filesystem, using whatever metadata the filesystem supports.
That way I could easily hit the button on the camera, say "vacation with supermodel"[0], and search on that later. Although we'd need something more than ext{2,3} which could hold proper user-defined metadata.
Note 0: The simple metadata storage system would not have a lie detector.;P
Can I build fast, non-scripted, closed source apps for KDE like I can for GNOME? Or do I still have to pay the 4 digit price tag for a commerical QT DEV license?
Let me get this straight. You're complaining because you want to write closed-source apps (presumably for money, why else would you close the source), and TrollTech won't give you the library for free?
How ridiculous. If you're in business, you're in business. Quit whining for handouts. You won't give away the apps you write, so why complain about others?
One of the things I like about the so-called 'viral' open source licenses is that it creates a clear boundary between Free and non-Free. If you want to write non-Free apps, then get your hands out of the Free cookiejar.
Now, if the Unix creators introduced a new API, or changed a Unix API when Linux was successful, did that change the success of Linux?
Let me change the example:
Now, let's say that Microsoft introduced a new Java API, or changed a Java API when Java was successful, did that change the success of Java?
Well, it did change things. Java has lots of problems on the "run anywhere" side of things as it is, and when major java programs were written with MS-only APIs, cross-platform dreams were totally over.
I suspect that.NET will also have major Win32-only parts. If a goal of mono is just to be a development platform, fine. If anyone thinks that apps written for MS.NET will be cross-platform, then they haven't been reading their recent history.
And if Mono is just about a dev environment, then why bother? I can't really see why I should switch to C#.
This could turn into the same sort of gang-induced protection rackets as in meatspace. What would a company or individual do if a cracker group sent them an email saying, in effect, "Do $this or you're off the net."
It's hard to see a good technical solution for this. It's a tort--and possibly assault---like any other physical intimidation tactic, and will probably only stop if legal means are brought to bear.
Unfortunately, tort suits are hard to press across continents.
Typical Linux distributions have no open ports by default, use a firewall [...]
Which distributions are these? No open ports? An already-configured site-specific iptables setup?
I think you're on crack. The first thing I do with any new install is to comment the hell out of inetd.conf, clear other unnecessary crap out of rc[2-5].d, and make up some iptables rules.
I like creating bare systems from debian or openbsd because they have only a small amount of other crap running.
E.g., if the URL is http://spammer.com/offer_5/unique_id_123123i765, then we just hit http://spammer.com/
What if it's http://unique_id_123123i765.spammer.com/?
Well, you've got me there. I don't have a solution to the problem of verifying your email address.
I also don't know how to prevent spammers from making a DOS on any box they like by sending out 1 million spams with an innocent URL.
And setting up a centrally-kept whitelist will have any of the problems associated with centrally kept lists like ORBS and RBL. What gets on the list? What comes off? Who checks?
I think you're missing the point. Anything that reaches your mail server is treated the same - it wouldn't be done by mail readers.
But that's not the way we run Bayesian filtering. It's done by the client, for his own mail, not at the server. Bayesian filtering relies on feedback from a user.
One comment's up and already the gotfuturama.com site's down.
I'm sorry to see Futurama go. It started getting really funny, and I will use "Bite my shiny metal ass" in response to silly feature requests for many years.
I bought the first episode DVDs already. *Sigh* and I will buy the rest when they come out...
Actually, the opposite would happen: since all links in all spams get hit, this technique would make putting UIDs into URLs worthless for the purpose of authenticating users.
I don't think so. All links in all spams wouldn't get hit.
Mail that got swallowed or bounced undevlierable wouldn't follow the links.
Mail that went to non-punishing email clients (like companies who are afraid of liability when DDOSing sites) wouldn't hit the URL.
And there are many reasons not to punish. I would, but I've got fast ADSL and lots of bits per month to spend. But if I were on metered dialup in the UK where I get charged every second I'm on the line, I wouldn't want my spamfilter to take six minutes downloading mail because it's punishing spammers.
Here's an idea: Can't the filter strip the path-part of the URL and just hit the root URL on the server? It punishes the same machine (unless it's a complex reverse-proxy setup, where it only punishes the proxy, but that's probably good enough).
E.g., if the URL is http://spammer.com/offer_5/unique_id_123123i765, then we just hit http://spammer.com/.
...and someone asked me about the wisdom of gets(), I'd also be pointing at Dennis Ritchie and yelling, "It was him! Burrrn him!"
Good for Toronto...
on
SARS Contained
·
· Score: 4, Funny
...bad for lunch.
I live in Toronto, and all the great asian restaurants near work were half-empty instead of jam-packed due to SARS overreaction. I had never had such an easy time getting a table for lunch.
Passive memory, not active. People have a huge capacity for passive memory, and can remember things passively very quickly (that is, they recognize it upon seeing it). Users already have enough stuff to memorize, so don't make them memorize bizarre key-combinations.
Arg. Not again. Many "usability" people take this to mean that vim has a horrible interface. Of course, it is a terribly economic interface, even though I had to automate many "bizarre" keys. In fact, it is the most usable editor I have used.
If the alternative is constantly reaching for the rodent to find some context menu entry, count me out. You can pry vim out of my cold, dead, hands.
...it lives and dies by the efficacy of the CAs. If the CAs suck, then the credentials they send with email mean nothing.
I like the idea, but I wonder which sort of orgs are going to be their "PCAs"? ISPs pretty much allow any comer onto their network, so giving all users a cert wouldn't stop people from making temporary accounts for spam.
Perhaps the ease with which MTAs could cut off CAs (like cutting off domains) would help give incentive to ISPs (or whoever is the PCA) to crack down on their customer base, but that strategy is only marginally successful today. Why would creds make this strategy any better?
Perhaps MTAs would be harder to config as open relays, because authn is required. But what percent of spam comes through open relays? If it's a big percentage, then this may help.
Has anyone analyzed this scenario? I'd like to hear some informed thoughts on what sort of email regime we could expect if this were implemented.
whatever merit I see in this I doubt it could succeed in less than a long time.
But how long did IM protocols take to become used widely? P2P? SMS? A parallel protocol, if the client-side works, and it serves a need, tends to get coverage pretty quick.
I'd like to see geeks take the lead here. If there was a prototype email client (or, better, plugins to existing clients) and server released as OSS, I'd bet it would get some use.
With a big enough geek userbase, I'd bet some high-profile mailing lists might require the new protocol for submission (to curb any spam problem) and from there, ISPs might support it.
Maybe I'm just dreaming, but I think if the need exists, a suitable implementation will gain popularity relatively quickly.
Unfortunately, although sombody seems to know what SMTP2 should look like I'm not one of them.
This guy has a spam filter that gets zero false pos/negs.
One of the important tests is the spammers do not know your identity, but your friends do. If I find my name in the body of the message, it is not from a spammer. But if a message Cc's several messages to the same isp, I know it is dictionary spam.
I looked at your program, and it does not work as advertised. I get spam with my name in the body. You may not be so unlucky yet.
Second, you filter on things that will trivially return false positives, like case-sensitivity on you company name. You program assumes that anyone who capitalizes it is a spammer.
Third, I have several friends on the same ISP (your ISP, actually) and we routinely have email conversations which have three, four, or more addresses from the same domain.
On any severely small sample of good mail, you can make a perfect filter, but in the general case, it will fail miserably.
I like this sort of grassroots dissemination through the internet. Now if American/. readers were to act on it in any great number, and act as polite but concerned citizens, they can be a force for good.
Remember! The Internet is not just for porn! It's also about organizing politcal action to keep porn legal!
Lemme get this straight...
on
AOL Sues Spammers
·
· Score: 0, Offtopic
...if I'm a subscriber, I get to see the dupes before anyone else? Cool.
Either the apps you've deployed on those machines are more I/O hungry than CPU hungry, or you've wasted dollars on mismatched architecture.
You're right, of course. I misspoke. The serious crunching I was thinking of is simple algorithmically and is very I/O-bound.
Where CPU matters, we use clusters of small sparc boxes. There is talk of dumping them for a couple of high-end sparcs, but the flexibility of many smaller machines is hard to throw away, since the workload shifts quite frequently.
Not at my workplace. We're mostly a Solaris shop, but it's not buying us much. We have to load new boxen chock full of GNU software to make them comfortable to work on.
Much of our software is Java, C or Perl-based. The Solaris JavaVM sucks donkey dicks (it's no better than linux, anyway), we use GCC (not Forte), and our Perl is portable to linux with a single scp.
Solaris buys us performance on machines with more than 16 CPUs. But we don't have any! Anything that needs serious cycles goes on the S/390 or AS/400s.
When the leases come up, it will be interesting to see how many Solaris boxes go out, and linux boxes come in.
[Your] unique group of tags can be followed for the entire day you spend at the mall.
Fair enough, but is there no way to get around this?
I know the stores wouldn't use an RFID tag that's easily disabled (otherwise you'd have shoplifters running around stores disabling tags and walking out with the items). But what about a hard-to-disable tag (say, use public key cryptography to send a shutdown message to the tag, or activate a self-destruct of some kind)?
My point is that there's probably a technological way to get efficient inventory control and POS performance without losing privacy.
Slashdot Mirror
Government control is worse, not better!
On the whole, government control of these resources is a bad thing. The best thing is to engineer it so that is no need for a single governing body at all. That way there is no lock-in to any governing body.
Aren't there already several alternate roots for DNS we could all be supprting? That's the way to keep DNS free--have many competing providers. Some can be corporate, some volunteer.
As for ridding the system of assigned numbers (IANA), that's tougher.
I'd like a camera that could accept voice metadata, turn it to text, and preserve it when it went onto the filesystem, using whatever metadata the filesystem supports.
That way I could easily hit the button on the camera, say "vacation with supermodel"[0], and search on that later. Although we'd need something more than ext{2,3} which could hold proper user-defined metadata.
Note 0: The simple metadata storage system would not have a lie detector. ;P
Let me get this straight. You're complaining because you want to write closed-source apps (presumably for money, why else would you close the source), and TrollTech won't give you the library for free?
How ridiculous. If you're in business, you're in business. Quit whining for handouts. You won't give away the apps you write, so why complain about others?
One of the things I like about the so-called 'viral' open source licenses is that it creates a clear boundary between Free and non-Free. If you want to write non-Free apps, then get your hands out of the Free cookiejar.
Let me change the example:
Well, it did change things. Java has lots of problems on the "run anywhere" side of things as it is, and when major java programs were written with MS-only APIs, cross-platform dreams were totally over.
I suspect that .NET will also have major Win32-only parts. If a goal of mono is just to be a development platform, fine. If anyone thinks that apps written for MS .NET will be cross-platform, then they haven't been reading their recent history.
And if Mono is just about a dev environment, then why bother? I can't really see why I should switch to C#.
I hope they were able to run these without video cards. I can't imagine 1100 brand-new sweet ATI video cards sitting idle for years...
This could turn into the same sort of gang-induced protection rackets as in meatspace. What would a company or individual do if a cracker group sent them an email saying, in effect, "Do $this or you're off the net."
It's hard to see a good technical solution for this. It's a tort--and possibly assault---like any other physical intimidation tactic, and will probably only stop if legal means are brought to bear.
Unfortunately, tort suits are hard to press across continents.
Which distributions are these? No open ports? An already-configured site-specific iptables setup?
I think you're on crack. The first thing I do with any new install is to comment the hell out of inetd.conf, clear other unnecessary crap out of rc[2-5].d, and make up some iptables rules.
I like creating bare systems from debian or openbsd because they have only a small amount of other crap running.
Well, you've got me there. I don't have a solution to the problem of verifying your email address.
I also don't know how to prevent spammers from making a DOS on any box they like by sending out 1 million spams with an innocent URL.
And setting up a centrally-kept whitelist will have any of the problems associated with centrally kept lists like ORBS and RBL. What gets on the list? What comes off? Who checks?
It seems to me this idea will not fly.
But that's not the way we run Bayesian filtering. It's done by the client, for his own mail, not at the server. Bayesian filtering relies on feedback from a user.
One comment's up and already the gotfuturama.com site's down.
I'm sorry to see Futurama go. It started getting really funny, and I will use "Bite my shiny metal ass" in response to silly feature requests for many years.
I bought the first episode DVDs already. *Sigh* and I will buy the rest when they come out...
I don't think so. All links in all spams wouldn't get hit.
And there are many reasons not to punish. I would, but I've got fast ADSL and lots of bits per month to spend. But if I were on metered dialup in the UK where I get charged every second I'm on the line, I wouldn't want my spamfilter to take six minutes downloading mail because it's punishing spammers.
Here's an idea: Can't the filter strip the path-part of the URL and just hit the root URL on the server? It punishes the same machine (unless it's a complex reverse-proxy setup, where it only punishes the proxy, but that's probably good enough).
E.g., if the URL is http://spammer.com/offer_5/unique_id_123123i765, then we just hit http://spammer.com/.
As someone who uses perl quite a bit, using this 1.0 gave me a line I've seen before only in my nightmares:
Aaaaaggghh! Must ... have ... warnings ...
...and someone asked me about the wisdom of gets(), I'd also be pointing at Dennis Ritchie and yelling, "It was him! Burrrn him!"
...bad for lunch.
I live in Toronto, and all the great asian restaurants near work were half-empty instead of jam-packed due to SARS overreaction. I had never had such an easy time getting a table for lunch.
Oh well... the dream is over.
Arg. Not again. Many "usability" people take this to mean that vim has a horrible interface. Of course, it is a terribly economic interface, even though I had to automate many "bizarre" keys. In fact, it is the most usable editor I have used.
If the alternative is constantly reaching for the rodent to find some context menu entry, count me out. You can pry vim out of my cold, dead, hands.
I was thinking the same thing: He broke silence? Maybe we should remove his cvs commit access to it until he learns better.
...it lives and dies by the efficacy of the CAs. If the CAs suck, then the credentials they send with email mean nothing.
I like the idea, but I wonder which sort of orgs are going to be their "PCAs"? ISPs pretty much allow any comer onto their network, so giving all users a cert wouldn't stop people from making temporary accounts for spam.
Perhaps the ease with which MTAs could cut off CAs (like cutting off domains) would help give incentive to ISPs (or whoever is the PCA) to crack down on their customer base, but that strategy is only marginally successful today. Why would creds make this strategy any better?
Perhaps MTAs would be harder to config as open relays, because authn is required. But what percent of spam comes through open relays? If it's a big percentage, then this may help.
Has anyone analyzed this scenario? I'd like to hear some informed thoughts on what sort of email regime we could expect if this were implemented.
2 whole months!
I wonder what really made him quit?
Thanks for participating. Good ideas.
But how long did IM protocols take to become used widely? P2P? SMS? A parallel protocol, if the client-side works, and it serves a need, tends to get coverage pretty quick.
I'd like to see geeks take the lead here. If there was a prototype email client (or, better, plugins to existing clients) and server released as OSS, I'd bet it would get some use.
With a big enough geek userbase, I'd bet some high-profile mailing lists might require the new protocol for submission (to curb any spam problem) and from there, ISPs might support it.
Maybe I'm just dreaming, but I think if the need exists, a suitable implementation will gain popularity relatively quickly.
Unfortunately, although sombody seems to know what SMTP2 should look like I'm not one of them.
This guy has a spam filter that gets zero false pos/negs.
One of the important tests is the spammers do not know your identity, but your friends do. If I find my name in the body of the message, it is not from a spammer. But if a message Cc's several messages to the same isp, I know it is dictionary spam.I looked at your program, and it does not work as advertised. I get spam with my name in the body. You may not be so unlucky yet.
Second, you filter on things that will trivially return false positives, like case-sensitivity on you company name. You program assumes that anyone who capitalizes it is a spammer.
Third, I have several friends on the same ISP (your ISP, actually) and we routinely have email conversations which have three, four, or more addresses from the same domain.
On any severely small sample of good mail, you can make a perfect filter, but in the general case, it will fail miserably.
I like this sort of grassroots dissemination through the internet. Now if American /. readers were to act on it in any great number, and act as polite but concerned citizens, they can be a force for good.
Remember! The Internet is not just for porn! It's also about organizing politcal action to keep porn legal!
...if I'm a subscriber, I get to see the dupes before anyone else? Cool.
You're right, of course. I misspoke. The serious crunching I was thinking of is simple algorithmically and is very I/O-bound.
Where CPU matters, we use clusters of small sparc boxes. There is talk of dumping them for a couple of high-end sparcs, but the flexibility of many smaller machines is hard to throw away, since the workload shifts quite frequently.
Not at my workplace. We're mostly a Solaris shop, but it's not buying us much. We have to load new boxen chock full of GNU software to make them comfortable to work on.
Much of our software is Java, C or Perl-based. The Solaris JavaVM sucks donkey dicks (it's no better than linux, anyway), we use GCC (not Forte), and our Perl is portable to linux with a single scp.
Solaris buys us performance on machines with more than 16 CPUs. But we don't have any! Anything that needs serious cycles goes on the S/390 or AS/400s.
When the leases come up, it will be interesting to see how many Solaris boxes go out, and linux boxes come in.
Fair enough, but is there no way to get around this?
I know the stores wouldn't use an RFID tag that's easily disabled (otherwise you'd have shoplifters running around stores disabling tags and walking out with the items). But what about a hard-to-disable tag (say, use public key cryptography to send a shutdown message to the tag, or activate a self-destruct of some kind)?
My point is that there's probably a technological way to get efficient inventory control and POS performance without losing privacy.