I'm not arguing that it isn't a pain in the ass, I'm arguing that if you don't want this particular pain in the ass, don't buy it. Buy the non-pain-in-the-ass version.
If you don't like M$' monetary incentives, don't buy MS. Buyer beware, etc.
I'm aware of that, which is why I emphasized the other half of what I was saying (that people who are bitching about their upgrade disk not letting them install from scratch shouldn't buy the upgrade disk... *facepalm*)
So you're complaining that your disk intended to let you upgrade a previous installation isn't letting you install the operating system from nil, which it isn't intended to do?
The upgrade disk is intended for people who aren't you. People like you who aren't satisfied by the upgrade disk were supposed to buy the full version.
As for a full version being "more expensive".... what makes you think the upgrade isn't just "less expensive" than the baseline?
I'm your typical F/OSS fanboy, so it says something that I'm defending Microsoft right here...
Umm two things: 1) No shit, it is an upgrade disk 2) the XP upgrade disk required the same/similar. It required either that you had a windows OS installed or that you had the disk and could insert it.
Everyone who is asking "WTF why do they even have the list?!" needs to go back and read the seclists.org list. It is an archive of a mailing list post, one which tens or hundreds of sites probably also have archived.
I believe MySpace and GoDaddy are both to blame here for reasons that any sensical person can see. I think I'll be looking for a new registrar now.
I have flash 9 and it still tells me I need 8 and above. I think there's something about Firefox or Linux that is preventing it from detecting my version right. Does anyone have a youtube link?
The problem isn't that we have too much spam. The solution isn't getting better filtering. The solution is finding an annihilating the problem.
The problem and source of probably 95% of all spam is sent directly from Windows zombies. Prevent Windows computers from turning into zombies. To do anything else is like taking Advil when you have cancer and expecting it to cure you just because it makes a symptom or two much less noticeable.
Either use Linux () or better yet... close the holes like MS has been trying to do for so long.
Lastly, ISPs should block outgoing connections on port 25 if they think that their customers should not be sending mail directly and give them a server to relay through instead. This is better than blindly dropping e-mail they think is spam and leaving sender+receiver to wonder whats going on. ISPs should also be more proactive in notifying their customers of infected computers by looking for port scanning and large volumes of traffic on port 25.
You're missing a large part of his argument... these "bells and whistles" have no place in an operating system itself. If they want to give the API for bells and whistles to be added later, so be it... but he is claiming (and I wholeheartedly agree) that an OS should not require more resources than the most intense of computer games. Bells and whistles should be left out of the OS itself, especially when your OS is already a resource hog.
Like the other replies say though, where are the bells and whistles that you think theoretically justifies this massive resource need anyway? A few widgets and shine? That's nowhere near enough to justify the resource needs that have been seen so far. All of the same stuff can be done in with a fraction of the resources.
As the owner of numerous sites, I have to say that it is a problem to have so many free e-mail sites that allow users to just sign up and throw away the account. There is a reason that sites require valid e-mail addresses to register.... for accountability and need-of-contact situations. If a site requires a valid e-mail address and has an activation system and all... please take a clue and realize that maybe there's a reason for this.
Now, if you're going around signing up for free X-box and iPod pyramid schemes... the problem isn't that you need a toss-away e-mail account to do this with, but rather you need a new hobby.
The last thing that legit online forum and chat mediums need are more smurfs and trolls. I (and I'm sure others) wish that the internet would evolve slightly such that people have a main e-mail account and don't go around being a pain in the ass or being overly paranoid about receiving spam from signing up everywhere.
The solution to dodging spam is to go after the spammers, not dodge their spam.
Since most of this spam is sent by zombies, they care nothing about the success rate of the delivery. They just pump out thousands/millions of spam messages, hit each e-mail address once and move on. If it fails or appears to fail then it just moves to the next since single-digit success rates still result in thousands or millions of free advertising for the spammer.
As a result, using greylisting results in filtering a HUGE amount of spam out since it fakes a temporary failure from any new server connecting and waits for the server to try sending the mail again after a defined delay (according to the RFC, mailservers are supposed to try sending again if they get this temporary deferral).
I set this up on my primary server (ubuntu with postfix) and saw a 99% decrease in spam since none of the zombies care enough to try connecting again. By the time a zombie gets upgraded to be wise enough to evade this, it is likely to fail all kinds of other spam tests anyway (referring mainly to blacklists, though blacklisting can be extremely evil by nature).
If you run a mailserver, definitely look into setting this up. The wikipedia article explains the low-risk nature and exactly how it works: http://en.wikipedia.org/wiki/Greylisting
So they spend all of this time making some flash based pretty site, but then just throw up a default copy of phpBB as their BBS for their designers ("modders")?
If any of you had watched the conference video when it was first made public, you would know that the two researchers made it quite obvious in the video that the problem was with the 3rd party's card/drivers, NOT with the mac itself.
The mac was just being used as a host system for the attack, and the video explains/made it quite clear that the flaw was in the driver and would effect all operating systems. Look back to the news right after the conference about this, numerous articles have links (probably youtube) to the actual video that this is all about. All Apple is doing is saying "hey, they're right. The problem isn't in our software or hardware, so lets just make that clear"
The point isn't to "Demand that the server be taken down," but rather for law enforcement personnel to go to the channel and find who is giving the botnet commands, then track that user down and prosecute him for what he is doing.
It would be similar to how you could create such a graph from a site like MySpace or Facebook, except without the clutter and without the influence of people just wanting to whore friends.
The thought of seeing a graphical representation of this intrigues me. I can just picture what a graph overlayed on the contintental US would look like if the connections between X people were graphed to N generations, for varying numbers X and N (high X + low N, the opposite).
I wasn't implying that it was some evil strategy to save a few drops in the bucket, but rather that they don't take the time to investigate [possibly/likely wrong] cases of account closure as a result of click fraud when an appeal is filed.
The original post makes it sound like the article is about a person's rights with respect to blogging...
I'm not seeing what in this article has to do with his blogging (except for the fact that he's a well-known blogger and he came under fire), and I'm instead seeing something like "this guy is refusing to turn over some video footage to an ongoing investigation, so he's getting in trouble for it. Oh, by the way... he has a blog!"
I ran adsense on a couple of gaming sites I'm responsible for, and my account got suspended (well, more or less I got suspended permanently since they can block me via tons of the personal info they had with my registration).
I went through their appeals process and, after a long wait, got a canned response. Nobody was taking the time to personally investigate anything in the appeals, or at least it felt this way. I had logs and lots of other information and background, as well as a compromise to pull the ads from those sites and preserve a good record (aka working account) for future use. I had been planning some new major sites that would use adsense as a major revenue channel (via legit means, not some "omg click and get a free ipod" thing), but they apparently trust no one.
Parent post was correct in saying that they seem to just point and close any accounts with a hint of odd activity without thinking twice, since they have thousands (millions?) of other sources of trickle income to them.
I'm not a google fanboy, but I'm a strong supporter. This experience is the single, but very large, mar on their reputation, as far as I'm concerned.... Oh, and also that nonsense with MySpace, but business is business I suppose.
Slashdot Mirror
I support anything that makes them look horrible and alienates their users.
I'm not arguing that it isn't a pain in the ass, I'm arguing that if you don't want this particular pain in the ass, don't buy it. Buy the non-pain-in-the-ass version.
If you don't like M$' monetary incentives, don't buy MS. Buyer beware, etc.
I'm aware of that, which is why I emphasized the other half of what I was saying (that people who are bitching about their upgrade disk not letting them install from scratch shouldn't buy the upgrade disk... *facepalm*)
So you're complaining that your disk intended to let you upgrade a previous installation isn't letting you install the operating system from nil, which it isn't intended to do?
.... what makes you think the upgrade isn't just "less expensive" than the baseline?
The upgrade disk is intended for people who aren't you. People like you who aren't satisfied by the upgrade disk were supposed to buy the full version.
As for a full version being "more expensive"
I'm your typical F/OSS fanboy, so it says something that I'm defending Microsoft right here...
Umm two things:
1) No shit, it is an upgrade disk
2) the XP upgrade disk required the same/similar. It required either that you had a windows OS installed or that you had the disk and could insert it.
My main argument lies with (1).
Everyone who is asking "WTF why do they even have the list?!" needs to go back and read the seclists.org list. It is an archive of a mailing list post, one which tens or hundreds of sites probably also have archived.
I believe MySpace and GoDaddy are both to blame here for reasons that any sensical person can see. I think I'll be looking for a new registrar now.
what about a setup like this for mx:
5 foo-blackhole.domain.com
10 legit-mailserver.domain.com
15 bar-blackhole.domain.com
to stop the spammers that also start at the lowest priority ?
I can easily implement this to test its effectiveness, but does this have any negative repercussions?
I've been using it fine with many other sites. Right clicking on a running flash applet yields the "About Adobe Flash 9" option in the menu.
I have flash 9 and it still tells me I need 8 and above. I think there's something about Firefox or Linux that is preventing it from detecting my version right. Does anyone have a youtube link?
They say that Gatt.A can infect any platform like "omg noes Linux and Mac!" but according to http://www.pandasoftware.com/virus_info/encycloped ia/overview.aspx?IdVirus=122900&sind=0 the IDA (which it exploits) is present on multiple platforms, but there are other things about windows that made the virus function.
I don't know about everyone else, but this damages the credibility of the article for me.
I'll keep this short and to the point:
The problem isn't that we have too much spam. The solution isn't getting better filtering. The solution is finding an annihilating the problem.
The problem and source of probably 95% of all spam is sent directly from Windows zombies. Prevent Windows computers from turning into zombies. To do anything else is like taking Advil when you have cancer and expecting it to cure you just because it makes a symptom or two much less noticeable.
Either use Linux () or better yet... close the holes like MS has been trying to do for so long.
Lastly, ISPs should block outgoing connections on port 25 if they think that their customers should not be sending mail directly and give them a server to relay through instead. This is better than blindly dropping e-mail they think is spam and leaving sender+receiver to wonder whats going on. ISPs should also be more proactive in notifying their customers of infected computers by looking for port scanning and large volumes of traffic on port 25.
You're missing a large part of his argument... these "bells and whistles" have no place in an operating system itself. If they want to give the API for bells and whistles to be added later, so be it... but he is claiming (and I wholeheartedly agree) that an OS should not require more resources than the most intense of computer games. Bells and whistles should be left out of the OS itself, especially when your OS is already a resource hog.
Like the other replies say though, where are the bells and whistles that you think theoretically justifies this massive resource need anyway? A few widgets and shine? That's nowhere near enough to justify the resource needs that have been seen so far. All of the same stuff can be done in with a fraction of the resources.
As the owner of numerous sites, I have to say that it is a problem to have so many free e-mail sites that allow users to just sign up and throw away the account. There is a reason that sites require valid e-mail addresses to register.... for accountability and need-of-contact situations. If a site requires a valid e-mail address and has an activation system and all... please take a clue and realize that maybe there's a reason for this.
Now, if you're going around signing up for free X-box and iPod pyramid schemes... the problem isn't that you need a toss-away e-mail account to do this with, but rather you need a new hobby.
The last thing that legit online forum and chat mediums need are more smurfs and trolls. I (and I'm sure others) wish that the internet would evolve slightly such that people have a main e-mail account and don't go around being a pain in the ass or being overly paranoid about receiving spam from signing up everywhere.
The solution to dodging spam is to go after the spammers, not dodge their spam.
I don't know, probably something to do with a MySQL field type or overflow.
Since most of this spam is sent by zombies, they care nothing about the success rate of the delivery. They just pump out thousands/millions of spam messages, hit each e-mail address once and move on. If it fails or appears to fail then it just moves to the next since single-digit success rates still result in thousands or millions of free advertising for the spammer.
As a result, using greylisting results in filtering a HUGE amount of spam out since it fakes a temporary failure from any new server connecting and waits for the server to try sending the mail again after a defined delay (according to the RFC, mailservers are supposed to try sending again if they get this temporary deferral).
I set this up on my primary server (ubuntu with postfix) and saw a 99% decrease in spam since none of the zombies care enough to try connecting again. By the time a zombie gets upgraded to be wise enough to evade this, it is likely to fail all kinds of other spam tests anyway (referring mainly to blacklists, though blacklisting can be extremely evil by nature).
If you run a mailserver, definitely look into setting this up. The wikipedia article explains the low-risk nature and exactly how it works: http://en.wikipedia.org/wiki/Greylisting
http://designer.wallop.com/forums/
So they spend all of this time making some flash based pretty site, but then just throw up a default copy of phpBB as their BBS for their designers ("modders")?
Nice to see that they're all about creativity
And the day after tomorrow its the Day After Tomorrow on a chip!
perhaps this is off-topic, but you just prompted me to buy that book... it looks like a very good read.
If any of you had watched the conference video when it was first made public, you would know that the two researchers made it quite obvious in the video that the problem was with the 3rd party's card/drivers, NOT with the mac itself.
The mac was just being used as a host system for the attack, and the video explains/made it quite clear that the flaw was in the driver and would effect all operating systems. Look back to the news right after the conference about this, numerous articles have links (probably youtube) to the actual video that this is all about. All Apple is doing is saying "hey, they're right. The problem isn't in our software or hardware, so lets just make that clear"
The point isn't to "Demand that the server be taken down," but rather for law enforcement personnel to go to the channel and find who is giving the botnet commands, then track that user down and prosecute him for what he is doing.
It would be similar to how you could create such a graph from a site like MySpace or Facebook, except without the clutter and without the influence of people just wanting to whore friends.
The thought of seeing a graphical representation of this intrigues me. I can just picture what a graph overlayed on the contintental US would look like if the connections between X people were graphed to N generations, for varying numbers X and N (high X + low N, the opposite).
I wasn't implying that it was some evil strategy to save a few drops in the bucket, but rather that they don't take the time to investigate [possibly/likely wrong] cases of account closure as a result of click fraud when an appeal is filed.
The original post makes it sound like the article is about a person's rights with respect to blogging...
I'm not seeing what in this article has to do with his blogging (except for the fact that he's a well-known blogger and he came under fire), and I'm instead seeing something like "this guy is refusing to turn over some video footage to an ongoing investigation, so he's getting in trouble for it. Oh, by the way... he has a blog!"
I ran adsense on a couple of gaming sites I'm responsible for, and my account got suspended (well, more or less I got suspended permanently since they can block me via tons of the personal info they had with my registration). I went through their appeals process and, after a long wait, got a canned response. Nobody was taking the time to personally investigate anything in the appeals, or at least it felt this way. I had logs and lots of other information and background, as well as a compromise to pull the ads from those sites and preserve a good record (aka working account) for future use. I had been planning some new major sites that would use adsense as a major revenue channel (via legit means, not some "omg click and get a free ipod" thing), but they apparently trust no one. Parent post was correct in saying that they seem to just point and close any accounts with a hint of odd activity without thinking twice, since they have thousands (millions?) of other sources of trickle income to them. I'm not a google fanboy, but I'm a strong supporter. This experience is the single, but very large, mar on their reputation, as far as I'm concerned. ... Oh, and also that nonsense with MySpace, but business is business I suppose.