That's not the case at all.

DKIM allows mail providers to detect that a message was tampered with in transmit, and DMARC tells mail providers to trash tampered messages.

Therefore, a mailing list has several options.

Option one is: don't tamper with the signed data in transit. This is very easy. It means not doing things like editing the subject line or adding signatures to the end of mails, but any good email client can auto label or filter mailing list messages anyway, so this is not a big deal.

Option two is: tamper with it, but resign under your own sending identity. This means the From header will be "wrong", but not really, because the message isn't really "from" the sender at this point. It would be more accurate to say the message resembles one sent by the original sender, but really, from a security POV, the mailing list could have done anything.

I prefer option one, myself, but either works.

All mailing lists that I am subscribed to have taken the more expedient option of banning Yahoo users from subscribing to their lists. This has the nice side-effect that it makes users switch to a more modern e-mail provider in the process. After everything was said and done, most users were actually quite thankful for this...

Guess what! It's people like yourself that make upgrading email virtually impossible. Congratulations on holding back the security of the email system for everyone, I hope you're pleased with yourself.

Mailing lists that rewrite people's email whilst refusing to resign it as themselves are doing a man in the middle attack on people's email. MITM attacks are bad, right? That's why browsers reject them. They make phishing easier, spam classification harder and generally make the email ecosystem worse. By doing the same thing as modern web browsers Yahoo is not being old and fusty as you imply, in fact, they are on the cutting edge. Believe me, if it weren't for the preponderance of awful decades-old mailing list managers other mail providers would already be doing the same thing.

The amazing features we get for these MITM attacks are ..... tags in the subject line, and, er, email list signatures. Both of which contain information redundant with the email headers, and both of which can be easily replicated by email client software.

Not worth it, not even close. Please fix your mailing list instead.

That does not equate to "DKIM is useless". Most email on the internet is DKIM signed at this point. If your clients don't use it, they're in the minority.

Nobody cares about DMARK? Seriously? If you're going to try and claim to be some kind of authority on anti spam, at least try and spell the names of the standards correctly! It's DMARC!

The asker of slashdot, and you, are both deeply confused about what these technologies are for.

The purpose of DKIM is not to be some kind of "anti evil bit". DKIM signing your mail does not imply it is or is not spam. The only thing DKIM does is make it easier for spam filters to identify the source of mail, so that mail stream can be more reliably classified. As it happens, many spammers don't want their email stream to be easily classified because they know their mail is not spam, so they don't sign with DKIM, but there's no inherent reason they can't and some spammers do. That's especially a problem for crappy marketing firms who genuinely believe people love their mails, but actually people don't. DKIM helps correctly classify mail in that case.

I'll repeat again. No good spam filter I'm aware of (sorry, plain old SpamAssassin doesn't count) treats the mere presence or absence of DKIM as a signal.

With one exception. That exception is when trying to fight phishing mail. If a mail claims to come from admin@yahoo.com then a good mail system will look up the yahoo.com DMARC records and see that yahoo.com claims all email from it should be signed using DKIM. If the mail isn't signed, then it can be rejected according to that DMARC policy. This means phishers can no longer forge mail that claims to be from a Yahoo address that it's not actually from. Also - mailing lists that do MITM attacks on people's mail, same thing.

If you ignore the ability to restrict personal data to particular people, news feed with intelligent ranking that tries to guess who your real friends are so you don't have to upset people who post a lot by defriending them, the ability to tag people in photos, the lack of any need for meaningless URLs and a seamless way of organising events ...... then sure. Facebook is just like the web.

GSM (2G) encryption did not authenticate the cell tower, whereas UMTS (3G) and above do. Cell tower authentication should break devices like the Stingray and other forms of fake base station, unless/until governments start forcing cell carriers to hand over the signing keys for tower identities. But as devices like Stingray exist more or less exclusively to get around the warrant requirement and no carrier would assist in that way without a court order, that places the police in the awkward position of asking a judge to write an order than can only be for avoiding the same judges authority....

So Clojure is not an interesting Lisp-like language? BTW there is a smalltalk for the JVM: http://www.redline.st/discover...

The problem is that some factions in the non-systemd camp are pursuing systemd "emulation" by using shims and forks. That way you just get a second rate systemd, and it will remove any motivation from upstream projects to support anything else than system. Using Ubuntu's "logind" is a short term gain, but a strategic failure for the non-systemd camp. They need their own implementation of needed infrastructure, not just copying or emulating systemd.

It sounds a lot like the non-systemd camp have no idea what they are actually for, they only know what they are against. So this kind of thing is not surprising to hear.

The "UNIX philosophy" is an empty slogan that switches people's brains off. It sounds great, until you try and build a real system with the features modern users demand, and then it turns in to an exploding nightmare of combinatorial complexity as every program tries to abstract itself from every other program in the name of political correctness. As already noted elsewhere, the programs people use serverside Linux to actually run barely resemble the UNIX command line tools and that's for good reasons ...

Is there really someone so stupid that they cannot tell the difference between a cartoon drawing and a real child?

There appears to be an entire united kingdom whose legal system is populated with such people.

Just FYI, the rule against illegal cartoons exists in the USA too. The Supreme Court struck down attempts to use CP laws in this way as being obvious nonsense, so Congress just went ahead and amended the law to make it explicitly illegal as opposed to implicitly illegal.

Unfortunately a lot of crap like this ends up being brought into otherwise sane legal systems thanks to pressure from the USA to "upgrade" national laws to meet the "latest standards". Japan has been pressured for years to tighten its CP laws, being publicly named and shamed etc - the primary justification for not doing so was fear of false positives. Like this one. And like the notorious cases where two teenagers can legally have sex but not photograph themselves doing it.

Fact is, politicians love being able to say they made the law tougher on paedophiles. It's a sure popularity winner. So it's inevitable you end up with idiocy like this.

South Korea is hardly the third world. If Danish shipyards can't beat them on price, why not?

The JVM is very language specific. For example it has op codes for allocating java objects. A truly cross language virtual machine doesn't have anything anywhere near that high level or specific to a particular language.

Whuuu? The JVM does not have opcodes for allocating "java" objects unless you use a very strange definition of the term - if it worked that way then how could other languages target it? The JVM has opcodes for allocating objects and calling methods on them, including opcodes like invokedynamic that exist purely to support non-Java languages like Javascript, Python, Ruby, etc.

The JVM has a really large variety of languages that target it. It's impressive. There are static languages like Java, Scala, Kotlin, Ceylon etc, there are dynamic scripting languages like JS (using the new Nashorn engine it's only about 2-3x slower than V8), there are Lisp like languages, there are implementations of Erlang and so on. And thanks to the fairly well specified "least common denominator" type system Java provides, code written in these languages can all interop pretty nicely.

If you think the JVM is language specific then I'd suggest looking at Ruby and Kotlin, two very different languages that are not much like Java, yet nonetheless both can run on top of the JVM.

The difference is for authentication for important stuff we have to show up in person with an ID and a real human checks the identity.

For some things you can also use a SuisseID which is just a regular PKI smartcard USB dongle thingy. I have one. After installing the software, you can log in to some Swiss websites by just clicking the login button in the web page. You might have to enter a password and the dongle then signs the SSL session. It's all standards based and the certificate in the hardware is based on your legally verified identity, i.e. you show a passport at the post office and get your personalised stick through the mail a few days later.

There's no such thing as EU VAT, it varies by state. Now you have to take into account the inter-country differences and remit taxes to each EU country independently, for certain classes of goods.

Er, if you ignore things like lack of a stable driver API then sure. Lots of users would have loved one of those.

But Linus encounters fewer problems like that because he has little in the way of vision for what desktop Linux should be. His job is to make a UNIX kernel along the same lines they were being designed 30 years ago. He is largely judged by how tightly he replicates a long-dusty commercial design. Desktop Linux on the other hand has no such luxuries because old commercial UNIX was never a force on the desktop. There, it has to both forge ahead its own path, and also look to competitors like MacOS X for good ideas.

And guess what? The genesis of SystemD bears a strong resemblance to launchd, the MacOS X init system. But because that's not something you would have found in Solaris or AIX, the UNIX "community" throws a fit.