Every time I see a spam issue mention here on slashdot, I always take the time to metnion that spam exists because SMTP is intrinsicly flawed to allow it. Sure people can implement black-lists, or white-lists, but no such notion exists nativly in SMTP itself. A state can create as many laws as they want, but as long as SMTP is the standard messge passing protocal, spam will exist! This is one of those grey-area's where a law isn't very good to govern technology. You can pass a law into existence to make certain aspects of a technological protocal against the law, or you can simply let the technology be strong, and avoid reactionary law making. We should pass laws preventing the IEEE from introducing bad technology standards before we pass laws to prohibit the free usage of existing standards. A law should ban the SMTP protocal before banning the ability to send bulk email. Anti-spam laws are analogs to walking up to door-to-door salesmen, jsut that its easier to knock on 500,000 doors with SMTP that in real-life, yet the later is allowed! So in my perspective, altering SMTP is a good thing(tm). Forget finger, its considered unsecure, and will not work. What we need is to make SMTP more secure. We need built-in white-lists, we need to turn the "inbox" into a que of requests for being added to a white list. We need to chatify email.
The ia64 is considered a tier 2 architecture, and as such isn't on the release engineering teams radar yet. Once the tool-chain is self-hosting, aka the ia64 can nativly build the entire world+GENERIC kernel, then it will be considered for a tier 1 migration. This tid-bit of info just means that the ia64 is built on a cross build (with i386 gcc probably). The next step is to take these bits, and install them on real ia64 hardware, and attempt building the tool chain there. A lot of this work hinges on the need to have gcc 3.2 working on ia64, and I hear that there is still a bunch of work to be done in that area before the compiler produces quality code. What would be nice is to import the NetBSD code to the AMD64 stuff, but we need to more unity in the -CURRENt FreeBSD source tree before adding yet another arch. Whats nice is that bus-dma will allow drivers for one arch to work in others with minimal fuss, in theory anyways.;)
Given that FreeBSD -current 1:1 threads are not 100% yet, the native FreeBSD threads will not grant the optimal performance compared to the linux threads. Yahoo probably uses a RELEASE version, or a -STABLE version of FreeBSD on their production systems, so the KSE probably isn't an option anyways. Once KSE is finished, I'm sure we will reviste the "FreeBSD V. Linux" threads war again. No granted I'm a bit biased toward FreeBSD, but I think that since the same folks control the LIBC taht are also creating the KSE (kernel scheduled Entities, aka kernel aware threads) that FreeBSD will have a bit tighter integration when all things are said and done.
While the OpenBSD hackathon is a big event, it is eclipsed by others.
The A-list hacker event of the year takes place every summer in Las Vegas. Since 1993, some of the brightest and craftiest minds have gathered at a conference called DEFCON to mingle with like-minded people, drink alcohol and learn tips from old-school hackers.
Over the years, however, the "underground" reputation of DEFCON has disappeared. Attendees are increasingly suit-and-tie, computer-security professionals, gawkers, media and government officials.
"It's cheesy now," scoffs de Raadt. "Nothing happens there -- it's just a party."
My conference is better than your conference, yaar! Naannaa--booboo
Well.. no... I was in fact thinking of "Near-End-Attenuation", as opposed to "Far-End-Attenuation". But its interesting to see other people call it something else, and both terms mean the same thing depending on who you ask, or what books you read. I thought about shielding too, and decided that the whole thing proabbly is shielded to some degree already. I figured that even when shielding, one should still be conservative with noise levels as a matter of principal. I figured why bother with wires when optics really isn't that expensive if your fabricating the circutry yourself. The expensive part is the cable, the other expensive part is a myth perpetrated by the industry. We are not talking about gigabit frequency chips on both ends , just cheap stuff like IR diodes, and yes... LEDs are very low noise compared to a ethernet transeiver (in relative terms).
Ever heard of Near-End-Atenuation? No? Its the electo-magnetic interferance suffered by telecomm gear when lots a wires draw near each other at the switch. Well, thats the snow-ball effect. No single rain-drop thinks it is the cause of the flood! Anyways, if this sensor gear is so sensitive, then ethernet might be too noisy, electro-magneticly speaking! I would sugest a fiber-optic linkage with a low-powered led that is significantly less noisy, in relative terms comparied to a wire. In an ideal situation the sesor would be away from the data collectors anyways. Oh, and BTW - wireless would in theory trip the sensor too! Seems as if optics is the only real true solution, in my mind anyways.;)
Ok I got this game today on an impulse buy, over at BestBuy while looking at dvd's. I has very high hopes for this game due to all the hype its generated over the past few months in development. I was lead to believe that the game was developed in in parralle to the movie, and they intermingle somehow. That might be true given the cinematic sequences everywhere in the game (aka sceens from the movie). Granted I've only gotten into the game for about an hour, and this is my knee-jerk reaction to it thus far. First off, the controls are static, and cannot be adjusted to my personal tastes. The Xbox version is designed around the s-controller, and that all fine and dandy if you have a late generation xbox, but I got an early generation that came with the bigger (original) controllers. It would be highly desirable to modify the layout of the buttons so that they made sense in my configuration. Secondly is the choice to go with a 3rd person mode, as opposed to a first-person shooter style. Granted the game actually can jump between a 3rd, and 1st person mode, but the 1st person mode can not actually do anything except orbit the cross-hairs around the character. To move (aka run/walk/crawl) *requires* you be in 3rd person mode. I think they only have 1st person mode for shooting weapons like sniper rifles with the true affect only achievable in FPS mode. The game doesn't allow you to arbitrarily save your progress in a way conventional to most other games, like pausing the game, and saving it. No, you are only given the option to save at specific check points in the game. The game is only a single player venture, which means there's no fun to be had in a death match with my friends!
On the positive side of things, I can say that the game looks awesome! The lack of FPS is made up for in some really awesome character moves. Being able to put your characters back up to a wall, and peek around corners is refreshing. The punch/kick combos are enjoyable to mixup, and the matrix rule-bending is just like the movie; the characters have a bit of extra power in their kicks, and punches, and the style they use is like the Yee Woo Ping style kung-foo as seen in the movies. The music is good! I enjoyed listening to that techno band from Las Vegas (Crystal Method?) during the first sequence of the game, and I'm sure they got other good music too! The game is in High definition to the order of 1080i, and thats really good for an Xbox title. It might be the first I've seen go that high res.
All in all I'm about 50/50 on this game thus far. As I've stated above, it really annoying to play with the controls configured they way they are, but the quality of the game seems to *almost* makeup for it. I definatly rate "Return to Castle Wolfenstein" much higher, but I guess they are two differnet types of games (apples/oranges).
I'm all for a really small/rescue partition with crunched init, fsck, mount, sh, and a few other essential tools to recover a broken system. The kernel could be altered in such a way that if it couldn't mount the root file system, it could mount the/rescue FS, and the fsck could happen. This would be a FreeBSD (shoot me) "safe mode" of sorts.
If things were so broken that you couldn't fix them with the various built-in ways, a "rescue disk" (aka bootable cdrom, floppy) would have to be used to mount a pseudo root to in turn fsck the real root FS.
That interesting hwo you use the word "server" very loosly. Are you talking about a proccess in the user-land, or a kenel function? I'm a bit unclear when you went into the NEXT being a coccoa server, or something like that. Thanks in advance. =)
Static because of the paranoia we have about libraries becoming corrupted. Consider this nightmare situation: Your computer panics, and in so it somehow gets a bit of filesystem corruption. You softboot, and discover that the FS corruption occurred in your libc and now all you dynamically linked executable that almost all of which link to libc are utterly useless. If fsck were dynamically linked it would be unable to examine/fix the file systems. That is why the/bin, and/sbin are all statically built, because these nightmares have happened before to some of use on other UNIX systems. WE do not dare to make that mistake on the most stable OS on earth! Also, what is somebody decided to put his libraries on/usr (mounted on its own filesystem), and have dynamically linked init on the root filesystem? The answer is the kernel wouldn't' be able to boot the system into single, or multi-user modes. There are many reasons to have static/bin and/sbin. On the other hand there are also a few reasons to not build them statically. Space is one major issue. The root filesystem would lessen in size dramatically if libc, and others, were not replicated into each executable. It would also open the door to more small version of FreeBSD that fit on floppies, and stuff. The only issue with dynamically linked/bin and/sbin is the need to fall back upon staticly built version of the same stuff in case your libs get corrupted. I think we might copy NetBSD and make a/rescue folder with crunched executables. Crunching is akin to compiling all your/bin and/sbin into one singulare binary file, and depending on how you invoke the binary, renders a different executable. Sorta like if I called crunch.bin as "fsck" it would bring the fsck code to the surface, or if the same crunch.bin were called as "ls" it would be ls. Inside the crunch.bin is dynamically linked , and archived executables. Hopefully that one file would not be damaged in fs corruption.
FreeBSD is often cited as being a better choice for government funding of development work due to its far less onerous licensing. Basically, code from FreeBSD can be lifted by anyone who is interested in using it. Apple's Mac OSX is based on FreeBSD but heavily modified and Microsoft has been known to borrow a snippet or two.
... and I would like to point out that Microsoft has borrowed from BSD, but not neccesarily FreeBSD. More like the original BSD that the others (Free, NET, and Open) came from. As far as I know OS X is based on NEXT, and a bit of FreeBSD userland (It depends who you ask).
ISP's do not need to offer SMTP services because it could be an add on service, an extra thing to pay for. ISP's could simply let other companies on the net offer email services, and the ISP only act as the go between for you. It's a good idea to slowly unload the email to somebody else, and replace it with something else. Your reaction is typical, and the reason SMTP still exists, and will not die.
When you can have the s-controller now, minus the green/blue collors. I still like the more bulky controllers that the X-Box originally came with since I have a fairly manly handsize. Although, I have to admit that having a smaller controller for the women that come over to play would be good. Its all about the game comfort!
The answer is not attaching more bad ideas to an already bad protocol. The ultimate answer is in the protocol designers. A government/state can pass as many laws governing the interaction of people/things with the bad protocols, but the IETF/IEEE will still create them, and certify them. People should just wake up and realize that SMTP is to blame for this big mess. ISP's should stop offering SMTP outright, and think of ways to replace it. Chat programs are probably a better way to pass messages anyways. SMTP has become a massive bazaar that is full over everyone on earth, and since it is completely open, its also completely ok to send bulk mail. Forging headers is another issue, but simply spewing email is intrinsically allowed by the protocol, and thus taken advantage of. If everyone one on earth had a computer, and everyone on earth sent email to everyone else on earth every day, would that be spam? No, because it would cross the line into accepted practice, and that is what we are starting to see due to the sheer bulk of spam sent to everyone on a daily basis. The point is that as long as SMTP exists, so will spam. The answer is to replace SMTP with something that doesn't allow spam to exist by removing the ability to anonymously send people messages.
This reminds me of the "master control" program in Tron, but I don't know why. I might have to try it as a phone sentry for those anoying telemarketers who keep calling.
Re:Wow...it took them this long...
on
The Costs of Patching
·
· Score: 2, Interesting
That is exactly the issue we face at my large coorporation. We finally got to the point that we download the patches centrally, create a mega-patch consiting of the various Qxxxxxx patches from MS, and then test those on a staging server that minics various vital functions thoughout the enterprise. We had problems with loose cannons going around and appling windows-updates to production servers that then had problems with a certain piece of software, or what not. Anyways... you right.. half the time spent by MS techs is quality testing the patches.
Couldn't Mr. Hawash write a letter to the Supreme Court asking for relief? Or at least to the Attorney general's office! I mean, there is no instructions available as to what a person should do if held under those circumstances. Are they even allowed to send letters to friends/family? Isn't it easy to overturn these kinds of draconian laws if your done wrong by them, sort of like the Gideon Vs Wainwright (1963) case? IT might take time, and Mr. Hawash may have to spend a great deal more time in prison without due process, or being party to his lawyer, and lack of "innocent until proven guilty", as set forth in the bill of rights. Indeed the founders wanted to prevent this type of maneuver by the British at the time of the revolution. It is utterly sad that we have come full circle to become the tyrants we once spilt blood to reject. I guess 300 hundred years does that to the collective memory of a nation. A person should have the right to travel where they want, associate with anybody they wish, and conduct themselves in a militia if they so choose. These are the things that the Bill of rights initially sough to protect. Would Benjamin Franklin have been arrested as a terrorist if he were alive today! Still, I have a hard time believing this Mr. Hawash was even participating in the alleged activities he is believed to be held for. Indeed, the government is keeping this a big secret! If this were in a public court we could all know the truth, but the secret police doesn't have to obey the laws. Oh wait, that's right! WE allowed them to have the law changed in the knee-jerk reaction of a law known as the "Patriot Act", signed by the Retard... err... president of the United States of America, Mr. George W. Bush! Like Mr. Bush suggested/insinuated to the Iraqi' public durring one of his televised speeches to them, the situation of a tyranical leader could be solved with one bullet. I leave that last sentence to your own interpretation. I feel sorry for him being the guy that was in office durring the 9/11 fiasco, and I feel even sadder for the people under his rule, including myself. If this keeps going, the Chinies might endup having more freedom that the folks inthe USA.
This is a situation where the law is countering an effect of a bad protocal. SMTP is the badness here, not so much the people that abuse it (but *they* are bad). It should be the responsibility of the people on the internet to simply ignore the spam since they are willinging participating in email to start with. I realize that SPAM is bad, but it is only possible because SMTP sucks donkie's. Same as war driving, it is very possible to drive around and find a free AP to exploite just as it is easy to scan the net for open SMTP rellays to exploit. The laws should place the burden on the standards organizations that certify things like SMTP, and the conglamerations of multi-national coorporations that controll the internet backbone that don't lift a finger to halt the bad protocals. In other words, SMAP is a feature, not a bug. It's practicalyl built into the protocal. Altering headers is possible, and could even bee viewed as a legitimate form of self protection/security.
The article seems to shed a positive light on the NH law proposal, which places the burden of network security on the operator, and the negligence for not securing the Access-Point if they get h@x0r3d. That makes a lot of sense because it not my fault that when I walk down the street and your Access point is bombarding me with your signal. I cannot help but to receive the signal if its there. The analogy is walking around at high-noon and being subjected to sunlight, because I cannot help this unless I burden myself to apply a coating of sun-screen. That sun-screen lotion is the wireless equivalent of a firewall but the major difference is that the sun screen is there for my optional protection. It not my burden to protect myself from your spewing of wireless packets since they do not cause me harm.
The wireless protocol stands for themselves, and in a court of law they would be easy to examine line by line until the judge/jury is brain dead from the tech-jargon. Not to mention the various accredited folks who can demonstrate with freely available software that WEP is more of an annoyance. MAC based filtering is weak since it is possible to spoof the mac address with most 802.11b hardware drivers. Simply bombard the AP until the ARP table refreshes with you mac as the end point that *should* be getting the traffic. The solution most folks I know use is a hybrid of various methods. One way is to make each wireless node use VPN to the router behind the AP, and use WEP (as an annoyance) on the ether. Disabling the 802.11 beacon is the first thing that should be done, else it your fault for advertising the existence of your wireless network in the first place. As I mention before, MAC filtering helps as an annoyance to would-be-infiltrators. Finally, rename your SID to anything except "WIRELESS" as many folks get on by simply looking for the default SID.
This is my advice, as a war-driver, I know all the tricks. Enjoy!;)
People do. Sorta like the gun analogy: "guns don't kill people, people kill people", and it is individuales that are swapping files. The notion of contra-ban software is silly.
Slashdot Mirror
Every time I see a spam issue mention here on slashdot, I always take the time to metnion that spam exists because SMTP is intrinsicly flawed to allow it. Sure people can implement black-lists, or white-lists, but no such notion exists nativly in SMTP itself. A state can create as many laws as they want, but as long as SMTP is the standard messge passing protocal, spam will exist! This is one of those grey-area's where a law isn't very good to govern technology. You can pass a law into existence to make certain aspects of a technological protocal against the law, or you can simply let the technology be strong, and avoid reactionary law making. We should pass laws preventing the IEEE from introducing bad technology standards before we pass laws to prohibit the free usage of existing standards. A law should ban the SMTP protocal before banning the ability to send bulk email. Anti-spam laws are analogs to walking up to door-to-door salesmen, jsut that its easier to knock on 500,000 doors with SMTP that in real-life, yet the later is allowed! So in my perspective, altering SMTP is a good thing(tm). Forget finger, its considered unsecure, and will not work. What we need is to make SMTP more secure. We need built-in white-lists, we need to turn the "inbox" into a que of requests for being added to a white list. We need to chatify email.
The ia64 is considered a tier 2 architecture, and as such isn't on the release engineering teams radar yet. Once the tool-chain is self-hosting, aka the ia64 can nativly build the entire world+GENERIC kernel, then it will be considered for a tier 1 migration. This tid-bit of info just means that the ia64 is built on a cross build (with i386 gcc probably). The next step is to take these bits, and install them on real ia64 hardware, and attempt building the tool chain there. A lot of this work hinges on the need to have gcc 3.2 working on ia64, and I hear that there is still a bunch of work to be done in that area before the compiler produces quality code. What would be nice is to import the NetBSD code to the AMD64 stuff, but we need to more unity in the -CURRENt FreeBSD source tree before adding yet another arch. Whats nice is that bus-dma will allow drivers for one arch to work in others with minimal fuss, in theory anyways. ;)
Given that FreeBSD -current 1:1 threads are not 100% yet, the native FreeBSD threads will not grant the optimal performance compared to the linux threads. Yahoo probably uses a RELEASE version, or a -STABLE version of FreeBSD on their production systems, so the KSE probably isn't an option anyways. Once KSE is finished, I'm sure we will reviste the "FreeBSD V. Linux" threads war again. No granted I'm a bit biased toward FreeBSD, but I think that since the same folks control the LIBC taht are also creating the KSE (kernel scheduled Entities, aka kernel aware threads) that FreeBSD will have a bit tighter integration when all things are said and done.
My conference is better than your conference, yaar! Naannaa--booboo
Well.. no... I was in fact thinking of "Near-End-Attenuation", as opposed to "Far-End-Attenuation". But its interesting to see other people call it something else, and both terms mean the same thing depending on who you ask, or what books you read. I thought about shielding too, and decided that the whole thing proabbly is shielded to some degree already. I figured that even when shielding, one should still be conservative with noise levels as a matter of principal. I figured why bother with wires when optics really isn't that expensive if your fabricating the circutry yourself. The expensive part is the cable, the other expensive part is a myth perpetrated by the industry. We are not talking about gigabit frequency chips on both ends , just cheap stuff like IR diodes, and yes... LEDs are very low noise compared to a ethernet transeiver (in relative terms).
Ever heard of Near-End-Atenuation? No? Its the electo-magnetic interferance suffered by telecomm gear when lots a wires draw near each other at the switch. Well, thats the snow-ball effect. No single rain-drop thinks it is the cause of the flood! Anyways, if this sensor gear is so sensitive, then ethernet might be too noisy, electro-magneticly speaking! I would sugest a fiber-optic linkage with a low-powered led that is significantly less noisy, in relative terms comparied to a wire. In an ideal situation the sesor would be away from the data collectors anyways. Oh, and BTW - wireless would in theory trip the sensor too! Seems as if optics is the only real true solution, in my mind anyways. ;)
Ok I got this game today on an impulse buy, over at BestBuy while looking at dvd's. I has very high hopes for this game due to all the hype its generated over the past few months in development. I was lead to believe that the game was developed in in parralle to the movie, and they intermingle somehow. That might be true given the cinematic sequences everywhere in the game (aka sceens from the movie). Granted I've only gotten into the game for about an hour, and this is my knee-jerk reaction to it thus far. First off, the controls are static, and cannot be adjusted to my personal tastes. The Xbox version is designed around the s-controller, and that all fine and dandy if you have a late generation xbox, but I got an early generation that came with the bigger (original) controllers. It would be highly desirable to modify the layout of the buttons so that they made sense in my configuration. Secondly is the choice to go with a 3rd person mode, as opposed to a first-person shooter style. Granted the game actually can jump between a 3rd, and 1st person mode, but the 1st person mode can not actually do anything except orbit the cross-hairs around the character. To move (aka run/walk/crawl) *requires* you be in 3rd person mode. I think they only have 1st person mode for shooting weapons like sniper rifles with the true affect only achievable in FPS mode. The game doesn't allow you to arbitrarily save your progress in a way conventional to most other games, like pausing the game, and saving it. No, you are only given the option to save at specific check points in the game. The game is only a single player venture, which means there's no fun to be had in a death match with my friends!
On the positive side of things, I can say that the game looks awesome! The lack of FPS is made up for in some really awesome character moves. Being able to put your characters back up to a wall, and peek around corners is refreshing. The punch/kick combos are enjoyable to mixup, and the matrix rule-bending is just like the movie; the characters have a bit of extra power in their kicks, and punches, and the style they use is like the Yee Woo Ping style kung-foo as seen in the movies. The music is good! I enjoyed listening to that techno band from Las Vegas (Crystal Method?) during the first sequence of the game, and I'm sure they got other good music too! The game is in High definition to the order of 1080i, and thats really good for an Xbox title. It might be the first I've seen go that high res.
All in all I'm about 50/50 on this game thus far. As I've stated above, it really annoying to play with the controls configured they way they are, but the quality of the game seems to *almost* makeup for it. I definatly rate "Return to Castle Wolfenstein" much higher, but I guess they are two differnet types of games (apples/oranges).
Thats what you get for having interesting content! The SlashDOS machine has struck again!
it really should be an option! Your right!
Right!
/rescue partition with crunched init, fsck, mount, sh, and a few other essential tools to recover a broken system. The kernel could be altered in such a way that if it couldn't mount the root file system, it could mount the /rescue FS, and the fsck could happen. This would be a FreeBSD (shoot me) "safe mode" of sorts.
I'm all for a really small
If things were so broken that you couldn't fix them with the various built-in ways, a "rescue disk" (aka bootable cdrom, floppy) would have to be used to mount a pseudo root to in turn fsck the real root FS.
That interesting hwo you use the word "server" very loosly. Are you talking about a proccess in the user-land, or a kenel function? I'm a bit unclear when you went into the NEXT being a coccoa server, or something like that. Thanks in advance. =)
It would seem feasible to put chrunched binaries into the kernel itself, but that would be nasty kernel bloat!
Static because of the paranoia we have about libraries becoming corrupted. Consider this nightmare situation: Your computer panics, and in so it somehow gets a bit of filesystem corruption. You softboot, and discover that the FS corruption occurred in your libc and now all you dynamically linked executable that almost all of which link to libc are utterly useless. If fsck were dynamically linked it would be unable to examine/fix the file systems. That is why the /bin, and /sbin are all statically built, because these nightmares have happened before to some of use on other UNIX systems. WE do not dare to make that mistake on the most stable OS on earth! Also, what is somebody decided to put his libraries on /usr (mounted on its own filesystem), and have dynamically linked init on the root filesystem? The answer is the kernel wouldn't' be able to boot the system into single, or multi-user modes. There are many reasons to have static /bin and /sbin. On the other hand there are also a few reasons to not build them statically. Space is one major issue. The root filesystem would lessen in size dramatically if libc, and others, were not replicated into each executable. It would also open the door to more small version of FreeBSD that fit on floppies, and stuff. The only issue with dynamically linked /bin and /sbin is the need to fall back upon staticly built version of the same stuff in case your libs get corrupted. I think we might copy NetBSD and make a /rescue folder with crunched executables. Crunching is akin to compiling all your /bin and /sbin into one singulare binary file, and depending on how you invoke the binary, renders a different executable. Sorta like if I called crunch.bin as "fsck" it would bring the fsck code to the surface, or if the same crunch.bin were called as "ls" it would be ls. Inside the crunch.bin is dynamically linked , and archived executables. Hopefully that one file would not be damaged in fs corruption.
Woops! wrong article!
Uh.... yeah... hello, reality here!
ISP's do not need to offer SMTP services because it could be an add on service, an extra thing to pay for. ISP's could simply let other companies on the net offer email services, and the ISP only act as the go between for you. It's a good idea to slowly unload the email to somebody else, and replace it with something else. Your reaction is typical, and the reason SMTP still exists, and will not die.
I like the notion of electric fences around the front door to kill door to door sells men, but thats just me. =)
When you can have the s-controller now, minus the green/blue collors. I still like the more bulky controllers that the X-Box originally came with since I have a fairly manly handsize. Although, I have to admit that having a smaller controller for the women that come over to play would be good. Its all about the game comfort!
The answer is not attaching more bad ideas to an already bad protocol. The ultimate answer is in the protocol designers. A government/state can pass as many laws governing the interaction of people/things with the bad protocols, but the IETF/IEEE will still create them, and certify them. People should just wake up and realize that SMTP is to blame for this big mess. ISP's should stop offering SMTP outright, and think of ways to replace it. Chat programs are probably a better way to pass messages anyways. SMTP has become a massive bazaar that is full over everyone on earth, and since it is completely open, its also completely ok to send bulk mail. Forging headers is another issue, but simply spewing email is intrinsically allowed by the protocol, and thus taken advantage of. If everyone one on earth had a computer, and everyone on earth sent email to everyone else on earth every day, would that be spam? No, because it would cross the line into accepted practice, and that is what we are starting to see due to the sheer bulk of spam sent to everyone on a daily basis. The point is that as long as SMTP exists, so will spam. The answer is to replace SMTP with something that doesn't allow spam to exist by removing the ability to anonymously send people messages.
This reminds me of the "master control" program in Tron, but I don't know why. I might have to try it as a phone sentry for those anoying telemarketers who keep calling.
That is exactly the issue we face at my large coorporation. We finally got to the point that we download the patches centrally, create a mega-patch consiting of the various Qxxxxxx patches from MS, and then test those on a staging server that minics various vital functions thoughout the enterprise. We had problems with loose cannons going around and appling windows-updates to production servers that then had problems with a certain piece of software, or what not. Anyways... you right.. half the time spent by MS techs is quality testing the patches.
Couldn't Mr. Hawash write a letter to the Supreme Court asking for relief? Or at least to the Attorney general's office! I mean, there is no instructions available as to what a person should do if held under those circumstances. Are they even allowed to send letters to friends/family? Isn't it easy to overturn these kinds of draconian laws if your done wrong by them, sort of like the Gideon Vs Wainwright (1963) case? IT might take time, and Mr. Hawash may have to spend a great deal more time in prison without due process, or being party to his lawyer, and lack of "innocent until proven guilty", as set forth in the bill of rights. Indeed the founders wanted to prevent this type of maneuver by the British at the time of the revolution. It is utterly sad that we have come full circle to become the tyrants we once spilt blood to reject. I guess 300 hundred years does that to the collective memory of a nation. A person should have the right to travel where they want, associate with anybody they wish, and conduct themselves in a militia if they so choose. These are the things that the Bill of rights initially sough to protect. Would Benjamin Franklin have been arrested as a terrorist if he were alive today! Still, I have a hard time believing this Mr. Hawash was even participating in the alleged activities he is believed to be held for. Indeed, the government is keeping this a big secret! If this were in a public court we could all know the truth, but the secret police doesn't have to obey the laws. Oh wait, that's right! WE allowed them to have the law changed in the knee-jerk reaction of a law known as the "Patriot Act", signed by the Retard... err... president of the United States of America, Mr. George W. Bush! Like Mr. Bush suggested/insinuated to the Iraqi' public durring one of his televised speeches to them, the situation of a tyranical leader could be solved with one bullet. I leave that last sentence to your own interpretation. I feel sorry for him being the guy that was in office durring the 9/11 fiasco, and I feel even sadder for the people under his rule, including myself. If this keeps going, the Chinies might endup having more freedom that the folks inthe USA.
This is a situation where the law is countering an effect of a bad protocal. SMTP is the badness here, not so much the people that abuse it (but *they* are bad). It should be the responsibility of the people on the internet to simply ignore the spam since they are willinging participating in email to start with. I realize that SPAM is bad, but it is only possible because SMTP sucks donkie's. Same as war driving, it is very possible to drive around and find a free AP to exploite just as it is easy to scan the net for open SMTP rellays to exploit. The laws should place the burden on the standards organizations that certify things like SMTP, and the conglamerations of multi-national coorporations that controll the internet backbone that don't lift a finger to halt the bad protocals. In other words, SMAP is a feature, not a bug. It's practicalyl built into the protocal. Altering headers is possible, and could even bee viewed as a legitimate form of self protection/security.
The article seems to shed a positive light on the NH law proposal, which places the burden of network security on the operator, and the negligence for not securing the Access-Point if they get h@x0r3d. That makes a lot of sense because it not my fault that when I walk down the street and your Access point is bombarding me with your signal. I cannot help but to receive the signal if its there. The analogy is walking around at high-noon and being subjected to sunlight, because I cannot help this unless I burden myself to apply a coating of sun-screen. That sun-screen lotion is the wireless equivalent of a firewall but the major difference is that the sun screen is there for my optional protection. It not my burden to protect myself from your spewing of wireless packets since they do not cause me harm.
;)
The wireless protocol stands for themselves, and in a court of law they would be easy to examine line by line until the judge/jury is brain dead from the tech-jargon. Not to mention the various accredited folks who can demonstrate with freely available software that WEP is more of an annoyance. MAC based filtering is weak since it is possible to spoof the mac address with most 802.11b hardware drivers. Simply bombard the AP until the ARP table refreshes with you mac as the end point that *should* be getting the traffic. The solution most folks I know use is a hybrid of various methods. One way is to make each wireless node use VPN to the router behind the AP, and use WEP (as an annoyance) on the ether. Disabling the 802.11 beacon is the first thing that should be done, else it your fault for advertising the existence of your wireless network in the first place. As I mention before, MAC filtering helps as an annoyance to would-be-infiltrators. Finally, rename your SID to anything except "WIRELESS" as many folks get on by simply looking for the default SID.
This is my advice, as a war-driver, I know all the tricks. Enjoy!
People do. Sorta like the gun analogy: "guns don't kill people, people kill people", and it is individuales that are swapping files. The notion of contra-ban software is silly.