I was surprised to read the article in the paper about these guys -- the NYT actually printed their picture.
I wonder if the NYT hates spam as much as the rest of us do, and knows that publishing articles about specific spammers will cause certain unpleasantnesses for those spammers?
As modems have tiny little CPUs in them, and very little memory, the V.44 and other compression schemes they use are not very effective. Zip, Compress, and other host-based compressions algorithms which require much more memory and cpu than V.44 and friends always compress much better than the modem's compression.
Except that MySQL can not be used in TPC benchmarking because it lacks the most critical part, ANSI SQL92 conformant transactions.
Technically speaking, yes. But, if you read the section where they state the differences between this benchmark and the "real" TPC-C, they admit that they don't actually check that the database is ACID. So you could theoretically run MySQL against this benchmark. I haven't looked at the code, but if this benchmark has only been run on the SAPDB database before, it probably is more work porting to a new database than the authors care to admit.
Come to think of it, it would be interesting to see if you could run the benchmark with a bogus null database, and see what the speed-of-light performance is.
If you don't advertise on Overture, you won't get any hits because of Overture
If I go to Overture, or any of their customers, like yahoo, and search for my company, I easily find it, even though we haven't bought advertising there.
Let's ignore, for the moment, the quality of any of the search engines. When I awkgle through the web logs at my company, more than 99% of all the hits from a search engine come from google. There's no evident second place finisher in this race -- There's Google at number one, and then a whole bunch of noise. Now, we don't advertise on Overture (or google, either). What do others see?
It might kinda work if every ISP whitelists, but if only some did, it would create huge problems. Some evil spammer sets the From address to a non-whitelisted-server user, who then gets millions of bounce messages? Ouch.
Secure data can sneak out via MS word
on
Storage Security
·
· Score: 4, Interesting
Several years ago, I had a dual-boot Linux/Windows machine at work, doing all my real work in Linux. HR would periodically email "important" memos to the whole company as MS word.doc attachments. Note this was before OpenOffice, or any of the other.doc converters were available for Linux. Rather than rebooting, just to read some HR drivel about proper use of the parking lot, I'd often just "strings(1)" the.doc file, and get the gist of what they were saying.
One particular memo was about the servicing of the water coolers, and went out to the whole company. When I strings'ed the memo, though, at the top was a draft of an employee's termination letter! Oops. Apparently, this was the undo buffer for Word -- the writer of the memo had just written the termination letter, printed it, deleted it from the document, and wrote the water cooler memo in the same instance of word. However, if opened this doc in Word, I couldn't access the hidden info, no matter what I tried.
Since then, I've always wondered how much other sensitive information has snuck out, via MS Word.
Re:What about temp files?
on
Storage Security
·
· Score: 3, Interesting
I know that AltaVista was created by DEC, but instead of focusing on how fast their search was, they should have spent more effort on how effective the search was. That way, their message could have been "our alphas are so fast, we can do more than search, we can also sort well". After google, the message everyone understood was that, "Alphas may be fast, but they get beaten by better software running on commodity hardware".
BTW, every vi hacker should know that using:x saves keystrokes over:wq
What's laughable (now) is that the previous search engines all where trying to optimize the wrong problems. Altavista bragged about how DEC Alpha CPUs, with their 64 bit CPUs returned results faster. Others bragged about covering more of the web. Others hyped the fact that they returned the most results.
Google reminded them all that the most important thing in a search engine isn't how fast it runs (though that's important), but that it returns the most relevant results first.
I think that this lesson holds for many projects and companies today.
Almost all of the credit card solicitations get your address from the credit bureaus. You can write to each of the three majors, and opt out. I've done this, and it has dramatically reduced the number of offers that I get. Reducing them is not just a convenience, it also reduces the chance of identity theft, or someone stealing the credit card application from the mail. Look up the opt-out instructions on the credit bureau websites (can't opt-out online, yet):
As we move to the so-called "PostPC" era, there is more and more embedded software, compared to traditional desktop and server software. Often this embedded software, which controls toasters, VCRs, and all kinds of gizmos, is shipped in ROM. If not in ROM, it is shipped in ways which are very difficult, or impossible for the end-user to access or change. What is the role of the GPL in this case? If someone ships GPL'ed code in such a device, it is hard to even know that. And if so, what value is having the source, if you can't change it? It seems like slashdot is reporting more and more cases of GPL violations for embedded software -- is the FSF seeing this also?
Remind me again, why do we have the concept of states' rights, and different laws in the various states now? Nowadays, when people and goods are so fluid, and move around so much, isn't it a huge waste of resources to have 50+ different government agencies deciding and arguing over whether to collect taxes on internet sales? Whether you are for or against these sales taxes, isn't it crazy that it would vary from state to state?
Is the X Consortium relevant anymore?
on
A Sound Server For X
·
· Score: 4, Interesting
Is the X Consortium (err, the Open Group), even relevant anymore? Substantially all the good work for X is done under the auspices of the XFree86 folks, or the higher level toolkits (GTK, KDE, etc.).
The last big push from the Open Group was Broadway, which was an X protocol based plugin for web browsers. Look at how popular it is today! Their XPrint work is just as successful.
I don't get the logic here. Artist posts MP3s on a website, and sales go up. At any time before that, anyone could have ripped her CDs, and distributed it on napster, kazaa, gnutella, etc. etc. Why didn't sales go up then?
Very interesting. A couple of followup questions -- what are Praed's statistics? How many lawsuits, how many succesfull? Also, what are the typical results of a successful suit? Are they enough to stop a spammer, or small enough to be considered a "cost of doing business"? And if he is successful frequently enough, would there be interest in establishing a legal fund to support this activity? And can we get an interview with him on "Ask Slashdot?"
A single Pentium 90, 235 million spam messages stopped in 10 months
I'm curious if you have any idea how many spammers that represents.
Also, isn't it easy for a spammer to workaround a spam honeypot -- create a hotmail account, add it to your spam list, and verify that it did go through.
IANAL, but from a legal standpoint, I don't think that gets around the jurisdictional issues. Just like it is illegal in most states to participate in online gambling, no matter where the server is, sending spam would be just as illegal, no matter where the server is. I guess that you'd have to at least set up a dummy corporation/entity in , and even then, I don't know that you've circumvented the jurisdictional issues.
Because a lot of filters don't know how to decipher this. For me, this makes it a lot easier to filter, though. I get no legitimate e-mail encoded this way, so I just have procmail dump any e-mail encoded this way. Problem solved, and without the CPU burden of decoding or running expensive spam filters.
Why can't we have legal restrictions on spam?
on
Plan for Spam, Version 2
·
· Score: 5, Interesting
Conventional wisdom seems to say that we can't outlaw spam. I don't understand why this is. My state has a do not call list. Since signing up for it, I have gotten zero phone solicitations, down from 2 or 3 a day. It is illegal to make a phone solicitation to a cell phone, and also, I get zero phone spams on my cell phone.
Some states, like California, have anti-spam laws, but curiously, they only cover spam sent from California to California. My state's telephone do-not-call list covers all calls to my number, no matter where they originate.
Now, I understand that there would be problems with international spam, but stopping domestic spam would be a huge boon to everyone. It seems like this legislation would be wildly popular, and easy to pass.
There's been a lot of effort to try and close Open SMTP relays, in order to reduce spam. But the conventional wisdom seems to be that a few large spammers are responsible for most spam, and these spammers essentially have their own, or use, spam-friendly ISPs.
Does anyone have an idea how much spam comes through open relays vs. spam friendly ISPs?
Slashdot Mirror
I wonder if the NYT hates spam as much as the rest of us do, and knows that publishing articles about specific spammers will cause certain unpleasantnesses for those spammers?
The article didn't mention how many minutes it took for the FTC to get these 46k complaints...
I think desperate is more likely.
As modems have tiny little CPUs in them, and very little memory, the V.44 and other compression schemes they use are not very effective. Zip, Compress, and other host-based compressions algorithms which require much more memory and cpu than V.44 and friends always compress much better than the modem's compression.
Technically speaking, yes. But, if you read the section where they state the differences between this benchmark and the "real" TPC-C, they admit that they don't actually check that the database is ACID. So you could theoretically run MySQL against this benchmark. I haven't looked at the code, but if this benchmark has only been run on the SAPDB database before, it probably is more work porting to a new database than the authors care to admit.
Come to think of it, it would be interesting to see if you could run the benchmark with a bogus null database, and see what the speed-of-light performance is.
If I go to Overture, or any of their customers, like yahoo, and search for my company, I easily find it, even though we haven't bought advertising there.
Let's ignore, for the moment, the quality of any of the search engines. When I awkgle through the web logs at my company, more than 99% of all the hits from a search engine come from google. There's no evident second place finisher in this race -- There's Google at number one, and then a whole bunch of noise. Now, we don't advertise on Overture (or google, either). What do others see?
It might kinda work if every ISP whitelists, but if only some did, it would create huge problems. Some evil spammer sets the From address to a non-whitelisted-server user, who then gets millions of bounce messages? Ouch.
Two words: Joe job.
One particular memo was about the servicing of the water coolers, and went out to the whole company. When I strings'ed the memo, though, at the top was a draft of an employee's termination letter! Oops. Apparently, this was the undo buffer for Word -- the writer of the memo had just written the termination letter, printed it, deleted it from the document, and wrote the water cooler memo in the same instance of word. However, if opened this doc in Word, I couldn't access the hidden info, no matter what I tried.
Since then, I've always wondered how much other sensitive information has snuck out, via MS Word.
Don't forget about swap or paging space, either.
I know that AltaVista was created by DEC, but instead of focusing on how fast their search was, they should have spent more effort on how effective the search was. That way, their message could have been "our alphas are so fast, we can do more than search, we can also sort well". After google, the message everyone understood was that, "Alphas may be fast, but they get beaten by better software running on commodity hardware".
BTW, every vi hacker should know that using :x saves keystrokes over :wq
Google reminded them all that the most important thing in a search engine isn't how fast it runs (though that's important), but that it returns the most relevant results first.
I think that this lesson holds for many projects and companies today.
http://www.equifax.com
http://www.experian.com
http://www.tuc.com
As we move to the so-called "PostPC" era, there is more and more embedded software, compared to traditional desktop and server software. Often this embedded software, which controls toasters, VCRs, and all kinds of gizmos, is shipped in ROM. If not in ROM, it is shipped in ways which are very difficult, or impossible for the end-user to access or change. What is the role of the GPL in this case? If someone ships GPL'ed code in such a device, it is hard to even know that. And if so, what value is having the source, if you can't change it? It seems like slashdot is reporting more and more cases of GPL violations for embedded software -- is the FSF seeing this also?
Remind me again, why do we have the concept of states' rights, and different laws in the various states now? Nowadays, when people and goods are so fluid, and move around so much, isn't it a huge waste of resources to have 50+ different government agencies deciding and arguing over whether to collect taxes on internet sales? Whether you are for or against these sales taxes, isn't it crazy that it would vary from state to state?
The last big push from the Open Group was Broadway, which was an X protocol based plugin for web browsers. Look at how popular it is today! Their XPrint work is just as successful.
I don't get the logic here. Artist posts MP3s on a website, and sales go up. At any time before that, anyone could have ripped her CDs, and distributed it on napster, kazaa, gnutella, etc. etc. Why didn't sales go up then?
The real question is, can I get federal loans to pay my tuition at this college?
Very interesting. A couple of followup questions -- what are Praed's statistics? How many lawsuits, how many succesfull? Also, what are the typical results of a successful suit? Are they enough to stop a spammer, or small enough to be considered a "cost of doing business"? And if he is successful frequently enough, would there be interest in establishing a legal fund to support this activity? And can we get an interview with him on "Ask Slashdot?"
I'm curious if you have any idea how many spammers that represents.
Also, isn't it easy for a spammer to workaround a spam honeypot -- create a hotmail account, add it to your spam list, and verify that it did go through.
IANAL, but from a legal standpoint, I don't think that gets around the jurisdictional issues. Just like it is illegal in most states to participate in online gambling, no matter where the server is, sending spam would be just as illegal, no matter where the server is. I guess that you'd have to at least set up a dummy corporation/entity in , and even then, I don't know that you've circumvented the jurisdictional issues.
Content-Type: text/html (or text/plain)
Content-Transfer-Encoding: base64
Because a lot of filters don't know how to decipher this. For me, this makes it a lot easier to filter, though. I get no legitimate e-mail encoded this way, so I just have procmail dump any e-mail encoded this way. Problem solved, and without the CPU burden of decoding or running expensive spam filters.
Some states, like California, have anti-spam laws, but curiously, they only cover spam sent from California to California. My state's telephone do-not-call list covers all calls to my number, no matter where they originate.
Now, I understand that there would be problems with international spam, but stopping domestic spam would be a huge boon to everyone. It seems like this legislation would be wildly popular, and easy to pass.
Does anyone have an idea how much spam comes through open relays vs. spam friendly ISPs?