Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Prep for the CompTIA A+ certification exam. Save 95% on the CompTIA IT Certification Bundle ×

SpaceX Cargo Capsule Reaches International Space Station 89

Despite having some trouble with maneuvering thrusters a few days ago, SpaceX's Dragon cargo capsule has successfully reached the International Space Station. from the article: "Astronauts aboard the outpost used the station's robotic arm to pluck the capsule from orbit at 5:31 a.m. EST as the ships sailed 250 miles over northern Ukraine. Flight controllers at NASA's Mission Control in Houston then stepped in to drive the capsule to its berthing port on the station's Harmony connecting node."

Submission + - VMware 5.0 Released->

earlytime writes: VMware releases vSphere 5 today. After much publicity about it's new licensing scheme, techies worldwide get to take the new release for a spin an see if all of the new features are worth the fuss. From TFA : "With the release of VMware vSphere 5, VMware is helping customers accelerate their journey toward a more efficient and automated cloud infrastructure," said Bogomil Balkansky, senior vice president, cloud infrastructure products, VMware. "The enhancements and new innovations we've introduced in VMware vSphere 5 provide a robust, reliable platform for business applications, enabling customers to effectively respond to the growing needs of their business and giving them confidence in their IT transformation."
Link to Original Source

Comment Re:The simple way to end phishing. (Score 1) 436

Agreed. You have to fight the problem at the source. take the profit out of spamming & phishing and it will be drastically reduced. what we do now is like pouring perfume in the sewer because is smells so bad.

First thing you've got to do is recognize that email is broken. we need an "smtp 2.0" which eliminates the spoofable "feature" of smtp mail, and ensures positive id for the sending and receiving servers. There are many ways to do this, but a place to start is to require DomainKeys on smtp 2.0 servers, which goes a long way towards this end.

Once we know who is talking to us, and who we're talking to, we can finally address the real issue. It costs almost nothing to send a billion emails, but it costs plenty to sort through a billion spams. If I can't spoof my source domain, then it becomes much more expensive to send spam if I have to authenticate when claiming to be a legitimate e-mail domain like yahoo, gmail or hotmail.

Also devise a scheme where it is computationally expensive to send an email, but is trivial to receive one. It wouldn't be expensive to send 1000 outgoing messages an hour, but 1000(or more) a minute will require serious hardware. The harder I make the challenge, the fewer emails a bogus (a small server is unlikely to be legitimately sending millions of messages) server can try to deliver.

smtp 2.0 servers would be set to favor established domains to which we frequently send & receive messages, also to set a hard limit for the number of messages an unknown domain can send to us. Since nobody will accept more than a handfull of emails from my newly registered domain, I have to drop a lot more money on bogus domains which i can't even use for a year or two. you can protect legitimate new domains by following a "certified SSL" protocol for validating the identity of a domain owner. anybody without a certified domain or an established domain will have a really hard time getting their spam delivered.

Of course the attackers will find weaknesses in the processes and protocols, but we can simply ensure that servers are ready to migrate to the rules of mail 2.1, which fills in the gaps of smtp 2.0. If your servers aren't updated to a recent smtp version, I can stop "preferring" your mail.

A right is not what someone gives you; it's what no one can take from you. -- Ramsey Clark