There are also a lot of military R&D programs that are lean, DARPA in particular. They are dubiously famous among contractors for pushing slim margins, compressing schedules, adding features, and generally insisting on maximizing their bang for their buck. Some of their programs may seem silly but many are based on improving military cost-effectiveness and ROI. The latter obviously dont get the same media coverage.
[Its] an idea so extravagant as to make a mockery of sustainable practices. "Grow their own food." This sounds like the latest in green party games: "The experts at Really Expensive and Pretentious Gimmicks will come to your home the day of the party and set up a pretend farm for your guests to play 'Green Acres.' Prices start at $250 per head."
Well, no. Yes and no. There isnt a threshold to cross, only an ever-increasing delay. And it resets every day (i.e. if its based on emails over the last 24 hours). My point WRT 'wrong scale' is that we dont need to worry about stopping each spam only adding enough tiny penalty for each email that tens of millions become economically unfeasible. An email would never bounce. Spreading the load over a lot of bots helps a lot, but it doesnt help enough, or at least I dont think it helps enough.
You're right about holding a connection open. I cant say I was proposing a fully thought-out protocol! Maybe have the server hold the SYN-ACK when establishing the connection? I'll hear agonized screams for trying to violate stack layering, but what the heck.
Frankly, I doubt that any spammer sends out 12 million emails from 1 machine.
Yep, agreed. So use the 1ms number instead of the 1ns number, and thats for 100,000 machines. Thats a big-***ed bot net:-)
The escalating delay penalty is not that different from the small compute-task concept in that it incurs a substantial penalty to the sender. The delay though can be implemented in an existing SMPT server. It might be a more acceptable alternative than blacklisting, although as you point out, it does nothing to force the issue of identifying a bot/zombie.
people with email sending addictions sent too many emails
Youre thinking on the wrong scale. Limits dont have to cut in until you hit thousands or tens of thousands to cut spam. Spam hit rates are now something like one hit per 12 million emails sent, and it *still* makes financial sense for spammers. To make spam economically unfeasible you dont need much of a delay penalty on that kind of volume. If you added 1ms latency penalty for each email per day per IP, even big mailing lists would hardly feel the effect. But a spammer would need 2000 years to get his 12th million email out. A microsecond penalty probably works, or even a nanosecond. For a 1 nS cumulative penalty, his 12th million email gets out in one day, but thats just one hit. His 2nd hit from another 12m emails is 3.3 days, his 3rd costs 7.5 days, and it rapidly gets worse.
Did you read the part where I said I had 'floods'? CFL floods replacing halogen floods. The halogens have a 45 degree pattern, and halogen spots are less than 30. The CFL floods have no discernible pattern although sticking a twist CFL in a cone-shaped reflector coaxes most of the light out one end more or less. I dont know what your point is, but Im saying CFL's dont replace incandescents well in *all* applications (cold and high-power directional), and that lawmakers in their lemming-like rush to greenhood dont take real life into account.
(*tinfoil* as a crude reflector? Gimme an effing break! Have you ever actually installed any outdoor lighting??)
I have outdoor CFL floods to light the skating rink. Right now they take about 45 minutes to come up to decent output (its ~10 degrees here). So I have to leave them on all the time, which pretty much kisses goodbye any energy savings. The light also sucks; its dim and not directional, adding to dim. All in all a bad excuse for light. So for more money, less light, and more energy used, they will still be mandatory in our state next year.
Right, so add the gas for the extra round trip to the CFL cost. Oh wait, you can only cherry-pick data when *promoting* green technology...
Dont matter I have 20ish CFL's in the house, all different makers, not a one is better than 50% at startup. If someone has a make/model that performs better (instead of just claiming it is) I'd love to hear about it.
Tethering a BB on Windows was exceedingly difficult...
Huh. Worked flawlessly for me. And Blackberry support was just outstanding, talked me through the setup step-by-step and didnt even talk down to me. Now as long as my phone is within 10' Bluetooth range it will connect via BT and dial-up if no other network connections are available.
I just got a Dell Mini9 with Ubuntu (and love it) but really wanted the same BT modem capabilities. I cant wait to try this 'Barry' thingy out!
Got my Blackberry (Pearl) at Sams Club and got a deal for unlimited data including email browsing and modem, through TMobile. Not the fastest connection as you'd expect but certainly good enough for email, and its 128kbps more than nothing. Ive been at client sites that had very restrictive net access, and routed entire subnets through my laptop and phone to get some engineering services working, like remote desktop and TRAC/subversion at remote sites. Again its slow, but it was way better than nothing and easier to implement than convincing IT staff to open holes in their firewalls (also easier to convince IT to open pinholes when they realize you completely bypassed their firewalls).
If only it was as simple as that. MS uses the extension to determine which app to associate it with, but the apps generally dont consider the extension canonical or even relevant, and instead scan the file to determine the data type. Thats why this virus both needs the extension renamed to wri, and why Wpad falls victim to it. Its MS wrapping a stupid idea in a clever idea that makes it bad.
I hear where you're coming from, and you make some fair points. But I stand by it my opinion, worthless though it may be:-) If anyone at this point doesnt get that you dont open anything, from anybody, no matter what, then you will probably learn that Darwin is harsh even to the innocent. Since this sequence (embedding a virus and changing the name to.wri) pretty much requires malicious intent, then to be infected you'd be opening a.wri file from an unknown source. You should at least be asking yourself, if you know what a.wri is then why did they send that format? instead of say rtf? And if you dont know what it is, then theres no excuse for opening it. Anyone who hasnt adopted a little healthy suspicion about, well, everything, is eventually going to get kicked a rung or two down the evolutionary ladder.
MS Notepad never gets issues either because it and your other examples are plain text editors. WordPad has all sorts of MS Word functionality built into it so you can view Word documents if you dont have Word installed. Problem is that Word has been (relatively) well shaken out but WordPad has not, since, hey its only WordPad so who gives a cripe.
The vulnerability is using WordPad to convert an infected Word document, by getting the user to open an infected attachment. Anyone stupid enough to get infected this way deserves everything Darwin can throw their way.
We pay for our schools, and pay well. Just spent $50 mil for a new school. Hired the best teachers from all over the state, pay them less than average, but we let them teach. The tax hit from our schools is tough to swallow, but it means everyone expects our schools to perform and perform well. And we watch and by and large stay involved even if we dont have kids in the school system. Even the most cynical tightwads know that our schools drive their property values.
Theres an old saying that there are only four ways to spend money: spend your money on your stuff, so you want it cheap and want quality; spend your money on someone else's stuff, so you just want it cheap; someone else's money on your stuff, so you want quality but dont care about price; and someone else's money on someone else's stuff, so expensive crap is just fine. Note all taxation falls in the last category.
Except local taxes for local schools. That's almost the first category. Thats why private schools are pretty good. That's why supporting schools with only town taxes is important. Screw state and federal assistance, and in particular screw ads on tests.
Im awash in acorns, never seen so many in my life. Some places in the lawn are 2 and 3 deep and I cant even walk near some of the big oaks. And the squirrels dont even bother with my bird feeder.
Not sure then how Rod Simmons is claiming New England has no acorns. Well, yes the answer to that is in TFA... he did all his research by reading newsgroups and BB's. I couldnt imagine a worse way to gather objective data, since no one would post normal or excessive acorn production, he doesnt compare newsgroup chatter to prior years with 'normal' acorn production, does no validation of claims, and still cherry-picks the results. Rod Simmons is an *idiot*.
Is it that hard to ask the russians or a private company to get your astronauts down?
For the ISS, maybe not. But using a Soyuz crew to essentially maintain our IBM launch detection satellites might be considered a slight conflict of interest.
I remember the same argument for nuclear submarines... that even though we really dont need any more at the moment, if you even temporarily shut down existing production you pretty much permanently lose the ability to produce submarines in the future. Or at least make it prohibitively expensive to restart the program since so much would have to be rebuilt from scratch. On the surface it sounds like a BS argument, but if you do a little analysis on it theres probably quite a bit of truth to it.
When I was doing a stint in field service a few years back I had 2 Moto pagers. After 3 weeks of being paged incessantly, driving all over NY and NJ on no sleep, and living out of the service van. I got utterly fed up, pulled off the next exit on the NJ Turnpike, found a bar, ordered a very tall vodka & vodka, and dropped all three pagers into the full glass. After 15 minutes of soaking in 80-proof and lemon wedges, they damned things still beeped at me from inside the glass. I'll never forget the sinking feeling of that failed Rebellion, watching my Pager Cocktail vibrate across the bartop.
There is no escaping from field service, from New Jersey, or from Motorola pagers.
Honestly, I dont think the media was biased in Ron Paul's case as much as they had no idea what to say about him. Bush, McCain, Huckabee, Clinton, Obama, you could write those news stories without even listening to their speeches or even engaging your brain. Ron Paul you had to think about, so of course he was ignored:-)
Slashdot Mirror
There are also a lot of military R&D programs that are lean, DARPA in particular. They are dubiously famous among contractors for pushing slim margins, compressing schedules, adding features, and generally insisting on maximizing their bang for their buck. Some of their programs may seem silly but many are based on improving military cost-effectiveness and ROI. The latter obviously dont get the same media coverage.
how the hell did he get support from ... Goldman Sachs, Citigroup, Morgan Stanley,
(bank bailout)
or Microsoft
("Google Monopoly Threat")
All sounds like a little quid pro quo to me!
[Its] an idea so extravagant as to make a mockery of sustainable practices. "Grow their own food." This sounds like the latest in green party games: "The experts at Really Expensive and Pretentious Gimmicks will come to your home the day of the party and set up a pretend farm for your guests to play 'Green Acres.' Prices start at $250 per head."
Well, no. Yes and no. There isnt a threshold to cross, only an ever-increasing delay. And it resets every day (i.e. if its based on emails over the last 24 hours). My point WRT 'wrong scale' is that we dont need to worry about stopping each spam only adding enough tiny penalty for each email that tens of millions become economically unfeasible. An email would never bounce. Spreading the load over a lot of bots helps a lot, but it doesnt help enough, or at least I dont think it helps enough.
You're right about holding a connection open. I cant say I was proposing a fully thought-out protocol! Maybe have the server hold the SYN-ACK when establishing the connection? I'll hear agonized screams for trying to violate stack layering, but what the heck.
Frankly, I doubt that any spammer sends out 12 million emails from 1 machine.
Yep, agreed. So use the 1ms number instead of the 1ns number, and thats for 100,000 machines. Thats a big-***ed bot net :-)
The escalating delay penalty is not that different from the small compute-task concept in that it incurs a substantial penalty to the sender. The delay though can be implemented in an existing SMPT server. It might be a more acceptable alternative than blacklisting, although as you point out, it does nothing to force the issue of identifying a bot/zombie.
people with email sending addictions sent too many emails
Youre thinking on the wrong scale. Limits dont have to cut in until you hit thousands or tens of thousands to cut spam. Spam hit rates are now something like one hit per 12 million emails sent, and it *still* makes financial sense for spammers. To make spam economically unfeasible you dont need much of a delay penalty on that kind of volume. If you added 1ms latency penalty for each email per day per IP, even big mailing lists would hardly feel the effect. But a spammer would need 2000 years to get his 12th million email out. A microsecond penalty probably works, or even a nanosecond. For a 1 nS cumulative penalty, his 12th million email gets out in one day, but thats just one hit. His 2nd hit from another 12m emails is 3.3 days, his 3rd costs 7.5 days, and it rapidly gets worse.
Did you read the part where I said I had 'floods'? CFL floods replacing halogen floods. The halogens have a 45 degree pattern, and halogen spots are less than 30. The CFL floods have no discernible pattern although sticking a twist CFL in a cone-shaped reflector coaxes most of the light out one end more or less. I dont know what your point is, but Im saying CFL's dont replace incandescents well in *all* applications (cold and high-power directional), and that lawmakers in their lemming-like rush to greenhood dont take real life into account.
(*tinfoil* as a crude reflector? Gimme an effing break! Have you ever actually installed any outdoor lighting??)
Mine are at full brightness instantaneously.
I have outdoor CFL floods to light the skating rink. Right now they take about 45 minutes to come up to decent output (its ~10 degrees here). So I have to leave them on all the time, which pretty much kisses goodbye any energy savings. The light also sucks; its dim and not directional, adding to dim. All in all a bad excuse for light. So for more money, less light, and more energy used, they will still be mandatory in our state next year.
Right, so add the gas for the extra round trip to the CFL cost. Oh wait, you can only cherry-pick data when *promoting* green technology...
Dont matter I have 20ish CFL's in the house, all different makers, not a one is better than 50% at startup. If someone has a make/model that performs better (instead of just claiming it is) I'd love to hear about it.
porn-peddler Wales
Citation for that? Here http://www.smh.com.au/news/web/facts-and-friction/2007/04/21/1176697155451.html
Radio Shack
You Can Get Better
But You Cant Pay More
Tethering a BB on Windows was exceedingly difficult...
Huh. Worked flawlessly for me. And Blackberry support was just outstanding, talked me through the setup step-by-step and didnt even talk down to me. Now as long as my phone is within 10' Bluetooth range it will connect via BT and dial-up if no other network connections are available.
I just got a Dell Mini9 with Ubuntu (and love it) but really wanted the same BT modem capabilities. I cant wait to try this 'Barry' thingy out!
Got my Blackberry (Pearl) at Sams Club and got a deal for unlimited data including email browsing and modem, through TMobile. Not the fastest connection as you'd expect but certainly good enough for email, and its 128kbps more than nothing. Ive been at client sites that had very restrictive net access, and routed entire subnets through my laptop and phone to get some engineering services working, like remote desktop and TRAC/subversion at remote sites. Again its slow, but it was way better than nothing and easier to implement than convincing IT staff to open holes in their firewalls (also easier to convince IT to open pinholes when they realize you completely bypassed their firewalls).
If only it was as simple as that. MS uses the extension to determine which app to associate it with, but the apps generally dont consider the extension canonical or even relevant, and instead scan the file to determine the data type. Thats why this virus both needs the extension renamed to wri, and why Wpad falls victim to it. Its MS wrapping a stupid idea in a clever idea that makes it bad.
I hear where you're coming from, and you make some fair points. But I stand by it my opinion, worthless though it may be :-) If anyone at this point doesnt get that you dont open anything, from anybody, no matter what, then you will probably learn that Darwin is harsh even to the innocent. Since this sequence (embedding a virus and changing the name to .wri) pretty much requires malicious intent, then to be infected you'd be opening a .wri file from an unknown source. You should at least be asking yourself, if you know what a .wri is then why did they send that format? instead of say rtf? And if you dont know what it is, then theres no excuse for opening it. Anyone who hasnt adopted a little healthy suspicion about, well, everything, is eventually going to get kicked a rung or two down the evolutionary ladder.
MS Notepad never gets issues either because it and your other examples are plain text editors. WordPad has all sorts of MS Word functionality built into it so you can view Word documents if you dont have Word installed. Problem is that Word has been (relatively) well shaken out but WordPad has not, since, hey its only WordPad so who gives a cripe.
The vulnerability is using WordPad to convert an infected Word document, by getting the user to open an infected attachment. Anyone stupid enough to get infected this way deserves everything Darwin can throw their way.
We pay for our schools, and pay well. Just spent $50 mil for a new school. Hired the best teachers from all over the state, pay them less than average, but we let them teach. The tax hit from our schools is tough to swallow, but it means everyone expects our schools to perform and perform well. And we watch and by and large stay involved even if we dont have kids in the school system. Even the most cynical tightwads know that our schools drive their property values.
Theres an old saying that there are only four ways to spend money: spend your money on your stuff, so you want it cheap and want quality; spend your money on someone else's stuff, so you just want it cheap; someone else's money on your stuff, so you want quality but dont care about price; and someone else's money on someone else's stuff, so expensive crap is just fine. Note all taxation falls in the last category.
Except local taxes for local schools. That's almost the first category. Thats why private schools are pretty good. That's why supporting schools with only town taxes is important. Screw state and federal assistance, and in particular screw ads on tests.
Now if you'd said Nvidia...
Great. Bring on the fanboys. Now *thats* just what this flame-fest of a topic needs...
Not sure then how Rod Simmons is claiming New England has no acorns. Well, yes the answer to that is in TFA... he did all his research by reading newsgroups and BB's. I couldnt imagine a worse way to gather objective data, since no one would post normal or excessive acorn production, he doesnt compare newsgroup chatter to prior years with 'normal' acorn production, does no validation of claims, and still cherry-picks the results. Rod Simmons is an *idiot*.
LOLOLOLOLOLOLOLOLOLOLOLOLOL
Just checking... is that "Laughing out loud out loud out loud out loud" or "Laughing out laughing out laughing out laughing out loud"? :)
Is it that hard to ask the russians or a private company to get your astronauts down?
For the ISS, maybe not. But using a Soyuz crew to essentially maintain our IBM launch detection satellites might be considered a slight conflict of interest.
I remember the same argument for nuclear submarines... that even though we really dont need any more at the moment, if you even temporarily shut down existing production you pretty much permanently lose the ability to produce submarines in the future. Or at least make it prohibitively expensive to restart the program since so much would have to be rebuilt from scratch. On the surface it sounds like a BS argument, but if you do a little analysis on it theres probably quite a bit of truth to it.
Who knew commercial electronics was a garnish? :-)
When I was doing a stint in field service a few years back I had 2 Moto pagers. After 3 weeks of being paged incessantly, driving all over NY and NJ on no sleep, and living out of the service van. I got utterly fed up, pulled off the next exit on the NJ Turnpike, found a bar, ordered a very tall vodka & vodka, and dropped all three pagers into the full glass. After 15 minutes of soaking in 80-proof and lemon wedges, they damned things still beeped at me from inside the glass. I'll never forget the sinking feeling of that failed Rebellion, watching my Pager Cocktail vibrate across the bartop.
There is no escaping from field service, from New Jersey, or from Motorola pagers.
Honestly, I dont think the media was biased in Ron Paul's case as much as they had no idea what to say about him. Bush, McCain, Huckabee, Clinton, Obama, you could write those news stories without even listening to their speeches or even engaging your brain. Ron Paul you had to think about, so of course he was ignored :-)