Yoav Nir wrote:being //totally familiar with the alternatives//, of course ...There are billions of hosts connected to the Internet and they’re running whatever they feel like, People used to believe the Earth was flat and that worked for them then, too.People use Windows because it works for them. You have apparently not used Ubuntu Linux, which is similar enough to Apple to overcome your objections.Unix and Linux don’t unless you layer a huge layer of GUI makeup to hide the ugliness away, as in Mac OS, iOS and Android. I see. Windows sucks dead turkey buzzards because 13-year-old Bulgarian hackers can crack it, butI’ve been using Unix with makeup since 2000 BTW, but Windows bashing is so 2006. objecting to it is "out of style", so the objections no longer hold water and suddenly, all is now good and Windows is now secure. Or something like that. Akin to "Polio is no longer infectious" and "Lead is now safe to drink", as long as someone can make the right fun of the people who keep warning us about those things. Yeah, and it came from criminals using identifiable sources (call them ISPs) that stomped theYour argument does not hold water. Spam existed long before botnets. spammers once the ISPs were notified. We ISPs had spam on a //definite retreat// in early 1998(*); and //then// the bot-nets arrived to rescue it (mid-1998 and after.) After that, the "senders" of spam became millions of innocent people across the world, and the work to track down the originator became too great to pursue. (*) I personally chased the infamous Robert Soloway off five consecutive //Chinese// (PRC) servers by showing them what the guy was all about. That was when the PRC still gave a damn (they no longer seem to.) Soloway owes me $37,500 and Robert Braverman of Oklahoma $10,050,000, not that either of us will collect. The DOJ contacted me for feedback on Soloway's sentence and I told them to throw the book at him, especially considering he continued to spam after losing to Braverman and being enjoined by the court from ever spamming again. I hope they gave him the full five years; and we haven't heard from him again, so his jail time seems to have convinced him to do something else for a living. No. It was //enforcement and accountability//. Virus authors saw a use for invading machinesIt’s the anti-spam measures that those IT professionals have been using that have forced spammers to seek other means of distribution such as botnets. more lucrative than putting up messages on the user's screen saying "F4 says it's groovie." Anti-spam tools came AFTER that. Prove it. Show me. Show us what that would be. Because it would already exist, if "it" were so easyIf they didn’t use that, they’d use something else, to come up with. There is no next step (see "prove otherwise" above.) Once the bot-nets are gone, we (ISPs) will once again be able to track down the original source of spam. Whether we can put our legal fingers on them is another matter, but if it is widely recognized that country X refuses to deal with its spammers and the worldwide ISP community begins en masse to quit accepting mail from country X, country X will get the message. This is how it used to work (in respect to ISPs more so than countries) up til early 1998. There was a worldwide informal community of ISPs at that time and that community was AGGRESSIVELY anti-spam. Japan used to be awful. By 1998 I blocked all of 210/8 because they were so bad. They being presentation-sensitive and otherwise upright people, appear to have issued a national policy statement that things needed to be cleaned up, because they are now some of the most proactive people on the net, combating spam. One rarely gets a spam from a Japanese network. So very, very good for them and they are no longer persona non-grata on my networks. distributed = botor else we’d see more things like Flashback or that Java botnet that runs everywhere. bots die, distributed dies. media-company subpoenas to ISPs concerning "shared" pirated media content show what can be done when there is //a will to act//. You get lots of spam because the US Government doesn't take the problem seriously enough.I get tons of span because my email address is posted in a lot of places on the Internet: IETF mailing lists, I-Ds and RFCs. It is a lot more concerned with protecting gray-mail spammers making money, than it is in protecting the general public. The proof is the 2003 "CAN-SPAM" law which means what it says - because there was No Accountability for the fact that the politicians did not complete the homework they gave themselves, which was to define how unsolicited commercial email was to be legally required to label to itself as such. That law needs to be repealed so suing spammers becomes self-financing again. BushCo passed CAN-SPAM in an emergency to head off California's aggressive anti-span laws due to take effect 1 January 2004. And you get lots of spam because 95% of people still use Microsoft's swiss-cheese software - one new exploit every 15 days - and don't use unix / linux / mac osx = mach + bsd unix, for one new exploit every 7.5 years. BushCo also let Microsoft of the hook for having LOST a major antitrust suit and facing what could have been a useful dismemberment: the applications company would have written for Linux and the OS side would have failed and gone out of business, as was warranted. Now it all gets to go down the tubes at once. I did say that the "everything is pervious" argument is just silly, when the question is how EASILY can a system be hacked to suborn its use and the answer is that unix is orders (plural) of magnitude harder to get into than Windows. Yes, we understand WHY they do it. The sad fact is that 1/7 of the human population has an IQIt makes economic sense to send spam to people like me (some of us take the bait), so the spammers will do it one way or another. that subjects them to tests that they fail (like "you won the UK lottery that you never entered, so send me (a person you never heard of) money to get hold of your winnings.") If Windows needed a patch, then it was broken. If it needs 24 patches per year, it is very seriouslyUnpatched Windows systems are an easy target for them, broken. So thank you for admitting my claims about the defects of Microsoft's software to be valid. Curiously, patched Windows systems are an easy target too. You patched against a virus that was detected because it already got out into the public (causing damage) and was picked up by e.g. Symantec and McAfee to write a patch for. But what about the next virus concerning the very same otherwise unpatched-as-yet code? Microsoft simply doesn't know how to fix the issue - or does know and simply doesn't want to bite the bullet. Same outcome: using Microsoft software on the open Internet is a manifest threat to the user and all victims of that user's will-one-day-inevitably-be-broken-into PC. MTBRNI (mean time before risk of next infection) = 15 days. Sorry, but that gets a deserved frowny face :( I usually say that unix is four orders of magnitude more secure than Windows, but if we compare the MTBRNI we get log10(2700/15) ~= 2.26 orders of magnitude; so I apologize for my exaggeration. I'll keep 2.25 orders of magnitude in mind. I'll take the 98% worldwide cleanup my solution offers - gladly.but eliminating those will not solve the spam problem. And you're right: I don't control what people may do. I can say "please don't step in that hole and risk serious injury to yourself and others", and they're entitled to ignore my advice, step in the hole, incur serious injury to themselves and others and then even go so far as to say that they should be excused because they were only doing what everyone like them does blindly, fecklessly and unconsciously. I'm banking on virality: the more people who migrate to something Unix-based - e.g. Ubuntu (free of charge), and never suffer viruses or spyware again, the more people will have "free of worry" solutions to offer those around them, and we may get (one can always hope) a hysteresis curve of adoption of Open Source systems and rejection of the pervious Microsoft world - and another epochal computer revolution worth writing up in the History books. Believing Copernicus and Galileo only took having open eyes and an open mind to accomplish in a relatively short time despite the desperate and bitter opposition of the Church -- here used as a symbol for "Received Wisdom", such as "people use what they want to." People use what they were taught to use and what other people use. People can always learn to use better software when the //institutions they depend on for knowledge of these things// abandon beliefs of former centuries - perhaps "Windows" itself is "so 1990s" that we'll begin en-masse asking ourselves why we still use it. |