×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Yahoo DMARC Implementation Breaks Most Mailing Lists

UnderCoverPenguin Re:Am I understanding this correctly? (83 comments)

No.

Are digest messages considered forgery?

Nor am I suggesting a back door for spammers. I do think it is likely that list servers will not be trusted to do proper Sender Authentication. Both the list message and the original message would have to pass sender authentication.

If the list server acted exactly as a proper MTA would, then the message would only be subject to a single level of sender authentication. My idea would subject the forwarded message to double authentication: Once for the original sender and the second for the list server.

about a week ago
top

Yahoo DMARC Implementation Breaks Most Mailing Lists

UnderCoverPenguin Re:SPF.. (83 comments)

such action would be a direct violation of the section of the RFC I quoted. The "robot" is not the author; its mailbox does not appear in the header field intended for the mailbox of the author. The "robot" is also not the agent that introduced the message for transmission, it is retransmitting a message already in the system.

If I had a secretary and I instructed him to forward messages related to certain topics to designated recipients, he would be the author of the new messages that contain the original messages. The section I quoted allows this. How is this different from having a list server perform the same task?

A multi-post digest is reasonably consided a new message. One that is "authored" by the list server. With the list owner as the responsible agent. As best I can decern, the people at IETF do not think this is a violation. So, why not a digest with just one post?

I think you and I are viewing this from two different perspectives. You seem to view the list server as part of the mail transport and delivery infrastructure. I view the list server as an "electronic secretary" interacting with, but outside of the mail infrastructure.

Granted, proper use of Resent-From and Resent-Sender would be the best solution. How likely do you think it would be for all the Sender Authentication systems to be updated to use these fields? I think very unlikely. So, that leaves it to the list server admins (and, possibly, developers) to implement a work around.

about a week ago
top

Yahoo DMARC Implementation Breaks Most Mailing Lists

UnderCoverPenguin Re:Am I understanding this correctly? (83 comments)

Forwarded email breaks all these kinds of "sender authentication" systems, and that's unlikely to change in the near future. Mailing lists are one type of forwarded email, but not the only type.

Properly used, the Resent-From and Resent-Sender fields could help with this. Of course, this would require the Sender Authentication systems to properly handle these fields.

Another option occurred to me since I made my previous post. The original message could be made an attachment to the message sent by the list server. This way, both the list message and the original message would be available for DMARC/SPF/whatever sender authentication.

about a week ago
top

Yahoo DMARC Implementation Breaks Most Mailing Lists

UnderCoverPenguin Re:SPF.. (83 comments)

RFC5322 also says this:

Note: Reintroducing a message into the transport system and using
            resent fields is a different operation from "forwarding".
            "Forwarding" has two meanings: One sense of forwarding is that a
            mail reading program can be told by a user to forward a copy of a
            message to another person, making the forwarded message the body
            of the new message. A forwarded message in this sense does not
            appear to have come from the original sender, but is an entirely
            new message from the forwarder of the message. Forwarding may
            also mean that a mail transport program gets a message and
            forwards it on to a different destination for final delivery.

So, one could make the case that a list server is a robot reading and forwarding messages, therefor it is technically not wrong for the list server to put its own address in the From field and a contact address for the list owner in the Sender field. Note that list servers that batch posts in to messages containing several posts already do this.

(Replies to the author and/or list could be directed by the Reply-To and Cc fields. Suggest author in Reply-To and list in Cc.)

Of course, best solution would be for DMARC and SPF (and the list servers) to be configured to properly use the Resent-From and Resent-Sender fields. Unfortunately, I think that DMARC and SPF will be left as they are, thus forcing the list servers to bare burden of a work around.

about a week ago
top

Judge (Tech) Advice By Results

UnderCoverPenguin Re:Too long, didn't read. (162 comments)

I think often it is a desire to help by someone who misjudges the ability, desire to learn, and time someone is prepared

And perception.

Example: A friend of mine was still using MS Office 2003 because he hated MS Office 2007. Then, one day, he received an Office 2007 document that Office 2003 could not handle. I asked him to give me a copy of the file, then opened it in Open Office. He happily did what he needed to do, saved his changes, copied the file back to his PC and emailed it to whomever needed it. Then he asked me what version of Office I was running. When I showed him, he said "That's not acceptable. No one will be able to use the document I just sent." Even after everyone he sent the updated document to had no problem, he still didn't believe Open Office an acceptable alternative. He still hates the "new" MS Office, but is using it because "there is no alternative."

about two weeks ago
top

Why There Are So Few ISP Start-Ups In the U.S.

UnderCoverPenguin Re:Address exhaustion (223 comments)

As long as you don't hide it from your customers I don't see a problem with providing IPv6 addresses to your customers and perform NAT for accessing IPv4 hosts.

For that matter, could NAT IPv4 to IPv4. Many businesses, including huge multi nationals, do this for their internal networks. In some cases they even NAT between major segments of their networks, so are not limited to just 16 million addresses (Not claiming any of them have that many, but a merger between 2 large companies can result in address collisions. One of my former clients, a multi national, merged with another multi national. Within a few hours of the closing, the respective IT departments had the 2 networks linked together. Client PCs were able to access shared (non-Microsoft based) services through NAT. The few cases where peer-to-peer connectivity was required were also handled very quickly. All without modifying the existing DHCP configurations, and only a very few changes to the internal DNS.

about two weeks ago
top

60 Minutes Dubbed Engines Noise Over Tesla Model S

UnderCoverPenguin Re:Not only for Tesla or videos (544 comments)


The solution? Manufacturers actually add speakers next to the engine, exhaust and inside the car.

Interesting, because more and more in-vehicle entertainment systems are touting Active Noise Cancellation to reduce engine and road noise inside the vehicle.

about two weeks ago
top

Wal-Mart Sues Visa For $5 Billion For Rigging Card Swipe Fees

UnderCoverPenguin Re:Customers may benefit... maybe (455 comments)

Plus Walmart beating up Visa on price is almost certainly going to benefit consumers in the long run and Walmart is big enough to actually succeed. The cost of credit card swipe fees gets rolled into the prices we pay for products so if they get lowered at least some of that money will flow through to us as end customers. Not all of course but definitely some.

More likely that Visa (and others) will make up the difference by raising rates on smaller retailers. They will be forced to raise their prices, which will make WalMart's prices look better.

about three weeks ago
top

One Person Successfully Removed From US No-Fly List

UnderCoverPenguin Re:Shocked and saddened (286 comments)

There is also the problem of "not in my backyard". Many people living or working near facilities (both in the the US and in other countries) where any of these prisoners might be moved to have been very opposed to "their" facility receiving any of the Gitmo prisoners.

about three weeks ago
top

One Person Successfully Removed From US No-Fly List

UnderCoverPenguin There are still similar names and copies of lists (286 comments)

Besides the possibility of a match to a similar name, even if only "official" copies of the the no-fly list are consulted, I would not be surprised if copies of her entry linger in the various copies of that list.

(A friend of mine who has a name similar to someone on a sex offenders' list was mistakenly added as a variant spelling of the original listing. Even after getting a court order to remove his listing, it had propagated to other copies and was eventually merged back in to the original as updates were passed around the various government agencies. He then got an order to amend his listing to state it was invalid, but (A) that merely added a new entry, with no guarantee which entry would show first, and (B), most checkers don't look beyond seeing of there is a match.)

about three weeks ago
top

Minecraft Creator Halts Plans For Oculus Version Following Facebook Acquisition

UnderCoverPenguin How hard to support multiple VR headsets? (300 comments)

Oculus isn't the only VR headset. They may be the current best (I don't actually know). At least conceptually, the inputs and outputs are reasonably understood. So what makes it hard for an application that supports the Oculus headset to support others?

about three weeks ago
top

Code Combat: Free, Open Source, Multiplayer Programming Lessons

UnderCoverPenguin Re:Retro (30 comments)

There also was "Robot War" and "Droid Arena" (after RSL was added to the game) My girlfriend used to be one of the top players on DA.

about a month ago
top

Code Combat: Free, Open Source, Multiplayer Programming Lessons

UnderCoverPenguin Re:Retro (30 comments)

Corewars was fun when I was a kid in the 80s. I even wrote a Red Code simulator for the Apple //e, using the low res graphics to show the status of the battle "ground". (Had to a delay in the main interpreter so people could watch watch the battle.)

about a month ago
top

The Poor Neglected Gifted Child

UnderCoverPenguin Re:Reality in the USA.... (529 comments)

on top of that Teachers are scared to death of kids that are smarter than them, and will punish the smart kid.

Very true. And very sad. My nephew has seen this happen to smart kids.

about 1 month ago
top

The Poor Neglected Gifted Child

UnderCoverPenguin Re:Linus Pauling (529 comments)

Here, I'll save you some time: gifted kids don't need help.

They also don't need to be held back - or worse, labeled as ADD.

The kids that can advance faster should be allowed to advance faster.

about 1 month ago
top

New Jersey Auto Dealers Don't Want to Face Tesla

UnderCoverPenguin Re:This is just getting stupid. (342 comments)

Stupid, yes.

How much of an obstacle?

The most difficult requirement is the franchise agreement. Maybe if Tesla split itself in to 2 companies, one for manufacturing, the other for retail and service operations, they could satisfy this requirement.

A 1000 sq ft "show room" in a mall is possible. Every Apple store I have been in has had at least 1000 sq ft of sales floor, plus back room space.

On site servicing could be possible depending on how strict the definition of "on site" is. Example, when Circuit City still had stores, the one near me had a store in the mall with an installation facility in a corner of the mall's parking lot. ("Anchor stores" like Sears often have attached auto service facilities, but I seriously doubt any mall would allow Tesla to do that.)

about a month ago
top

Ask Slashdot: Modern Web Development Applied Science Associates Degree?

UnderCoverPenguin Re:I'm confused (246 comments)

English I and II are almost certainly required by any accredited school. Most accredited schools also have a humanities requirement, so Government and Anthropology are not unreasonable.

I would consider Algebra I a remedial course, so I agreed, replace it.

I also agree the programming tools class can be covered in other classes, including Project Management (Software).

Move Intro to Unix to the first semester. Or maybe second, if Intro to Computers is needed. This will give them a foundation for the suggested web server admin class.

Intro to Programming Logic should include a programming language. One very different from Javascript, so the students get a broader perspective. (I started programming at a very early age, so I don't know what would be good for some one starting post high school, or even in high school.)

And I agree with others that a fifth course per semester should be added. Include a third programming language.

about a month and a half ago
top

The Spy In Our Living Room

UnderCoverPenguin Re:Well arguably it can't see in the dark (148 comments)

An image taken in IR is as good as the resolution of the camera. Of course, some details important details will be missing, but many ordinary photographs also miss important details.

about a month and a half ago
top

Should programming be a required curriculum in public schools?

UnderCoverPenguin Re:Problem Solving (313 comments)

Flowcharts no longer exist? When did that happen?

News to me

Actually, flow charts are a form of programming. A good place to start. Something like a simple variant of Simulink or LabView would even allow the computer to run the logic depicted in the diagram.

about a month and a half ago

Submissions

top

Citizen Science: Who makes the rules?

UnderCoverPenguin UnderCoverPenguin writes  |  about 4 months ago

UnderCoverPenguin (1001627) writes "At MakeZine, David Lang talks about the some of the legal issues around a planned, amature science "expedition", as well as some other amature science projects.

In the not too distant past, most science was amature. Over the past 20 or so years, society has been making it harder for amatures to do real science despite the technical costs falling. With the recent upswing of the "maker movement", amature science has seen an increase as well, but is running into an assortment of legal issues.(An exception is astronomy, where amatures continue to play important roles. Of course, astronomy doesn't involve chemicals or other (currently) "scary stuff".)

Can amature science make a come-back? Or are the legal obsicles too entrenched?"
top

Review: Sintel

UnderCoverPenguin UnderCoverPenguin writes  |  more than 3 years ago

UnderCoverPenguin (1001627) writes "Last night, I watched Sintel (sintel.org). Technically, it was a beautiful showcase for Blender. The models and animations were very well done. The fight and chase scenes were excellent. I think the movie can stand on its own among professionally made short movies of similar style and genre. Story-wise, the plot was weak and predictable. Also, the end of the final fight was too bleak and disturbing for the likely audience. Spoiler: I think the ending would have been better if the woman had been killed by the dragon. Unfortunately, I don't have the skill needed to re-do the ending myself."
top

Stage 1 works perfectly, Stage 2 fails to seperate

UnderCoverPenguin UnderCoverPenguin writes  |  more than 5 years ago

UnderCoverPenguin (1001627) writes "In the 3rd launch of Falcon 1 (http://spacex.com), the first stage, with the latest version of the Merlin engine, works perfectly. Unfortunately, the second stage failed to separate. (http://www.spacex.com/updates.php) Hopefully it was only a minor setback, despite the huge cost."

Journals

UnderCoverPenguin has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...