2009-10-13

Phishing and SPAM, A Crowd-Source Solution

You know… a long time ago, we told people to “just ignore” spam. Answering it, we said, would just get them to send more to us. If we ignore it, it will eventually go away. History has proven us wrong, very wrong indeed. We didn’t factor in that even a 0.01% idiocy rate is profitable when millions of people are tagged. Now, we’re telling them to just ignore phishing, like it will go away. It's time to admit we were wrong; It’s time to start fighting back.

Instead of telling people to ignore phishing, we should tell them to respond with a lie. Every piece of SPAM or Phishing attempt should be answered with bogus information. That way, the economies of scale change, they change in our favour. Instead of them sending out 10,000,000 emails and getting 100 replies from stupid people, they get 100,000 replies where only 100 are real. Then, they have to go through each one, sorting out the good from the bad. Not only do we get some satisfaction in wasting a little bit of the phisher’s time, we also protect the 100 really stupid idiots that responded with the truth.

Send out a batch of emails telling people they have won the lottery, and your email server gets buried under false replies. Send out a link for selling Viagra, and you get millions of orders with fake credit card numbers and a shipping address to the Vatican. Phish for passwords and get more back then you could ever process, mostly garbage. The Nigerian businessman should always get buried under requests for more information, false bank account numbers, and phone numbers for some telemarketing companies. Reply to everything; make a game of it. Let the phishers waste time sorting out the mess they get back. What have we got to lose? They already have our email addresses. The results can’t be any worse than they are now.

It's a simple crowd-source solution to SPAM and Phishing. Why should we try to figure out technical solutions to the problem of responding idiots. Tell everyone to respond with garbage; bury the phishers with data and leave them the task of creating technical tools to fix their problem. All we have to do is tell everyone to lie. That's pretty easy to do. It's fun too.

2009-07-15

A Teaspoon of Sewage

There is an old adage: If you take a barrel of sewage and add a teaspoon of wine, you get a barrel of sewage; if you take a barrel of wine and add a teaspoon of sewage, you get a barrel of sewage.

Digital Rights Management (DRM) is crap. A good part of my living is made setting up computers for end-users, making sure everything "just works" for them. I make a good living so I shouldn't complain too much about DRM; it is, after all, job security for me. But, I've grown to loath it with a passion. The majority of my time is spent dealing with arcane DRM systems like FlexLM, web activation, system IDs, and the like. It's all a load of crap.

I know that I could easily go off to the web and download cracked versions of nearly all this DRMed software that I'm fighting with and get them up and running for free. What's more, it would be easier to do than actually staying legal and fighting with the DRM. What kind of morons make it harder to legally use their products than it is to steal them? The people that are paying for their software are the people that want to stay legal, that have to stay legal for various reasons.

Yes, license management is a good idea for institutions because, honestly, sometimes we loose track of just how many licenses we're using. Even better, make them concurrent with a license server that stops too many people using them at the same time. But, why not just have a license server that asks "how many licenses do you have?" Why go through some arcane song and dance to get "activated" licenses when stealing said licenses would be easier. The people that actually pay are going to put in the right number of licenses when asked. The people that pay are the honest ones that want to stay legal. Why punish your paying customers by treating them like theives? Why make them do more work to pay you and use your product than the theives have to do to use your product for free? It makes no sense.

DRM is crap. If you add it to your software application, your application is crap. It makes no difference how good your code is otherwise, if you pollute it with DRM then you will accomplish nothing but piss-off your legal customer base. The theives don't care; DRM-stripped versions of your applilication will be out soon enough. People strip out DRM because it's fun; the stronger the DRM, the bigger the challenge. Only your legal customer base has to deal with DRM; it gets in the way of using what they paid for. If you release DRM-restricted applications, then you are releasing crap and people like me will write nasty things about you. What's more, we'll moan and complain to everyone that asks us to install your crap and suggest that they find something better. We'll also support and promote any free and open-source product that remotely competes with the crap you're releasing, just so we don't have to deal with DRM.

Yes, I've just spent the better part of my day dealing with one stupid crappy application that won't work with our new license server. Writing this is my way of venting; it beats yelling at the poor woman on the other end of the phone. She can't do anything about it; I can't do anything about it. Everyone is pissed-off because some idiotic managers demanded that their company's software be protected from theft - an impossible goal. It doesn't make it harder to steal; it just makes it harder to use. Why do you do this to your paying customers? Why?

2009-03-06

Sharing is Human

Sorry, I've moved this post to the Keliso blog: HERE
Google search indexing will catch up eventually.

Silly Laws

Sorry, I've moved this post to the Keliso blog: HERE
Google search indexing will catch up eventually.

2009-01-09

N810 - I Am Free

I've recently purchased a Nokia N810 Internet Tablet. I spent a lot of time reviewing the reviews, checking the spec's, comparing it to other devices, and it came out on top. The deciding factor was a little application that can be downloaded and installed. It's called "I-am-free" and is maintained by Owen Williams. This application displays a picture of a shiny gem, nothing more. Now, I've not actually installed it, and have no intention of doing so. The fact that it exists is enough.

It's existence is part joke but mostly a statement of beliefs. You see, for a few days, there existed an application on the iPhone store called "I Am Rich." It was put up by Armin Heinrich and it displays a picture of a shiny gem, nothing more. The difference between this application and the I-am-free application is, of course, price. The "I Am Rich" app cost $999, the maximum the iPhone store allows. If you think that no one would be insane enough to spend a grand on something that does nothing, well, eight people say your wrong. I suppose it would be more than eight if Apple hadn't pulled it off the iPhone store within a few days.

Thus, we have the real difference between the iPhone and the N810. The iPhone is a locked-down proprietary system where nearly everything you do with it will cost money. The N810 runs a version of Linux and nearly everything you can do with it is free. Sure, the N810 includes a GPS navigation application that wants you to pay for a subscription to get the advanced features, but there are several other completely free mapping apps that you can install. The N810 software repositories, the Linux way of distributing software, contain hundreds of other programs available, all for free.

Linux is a Free and Open Source Software (FOSS) operating system. That means that it's free, as in free beer, and free, as in free speech; both forms of freedom are important. Free, as in beer, means the the software is free of Digital Rights Management (DRM) and all the other stupid tricks companies put in to stop people from using their products without permission. DRM systems, these days, are so complicated that they are often the primary difficulty encountered while installing and using a piece of software. Free, as in beer, also means that you can use the software for free, which is good, very good. FOSS also means that if the software doesn't work the way you want, you are free to change it. This second freedom, free as in free speech, means that the source-code for the software is available to anyone that wants it. That means that you can modify it to meet your requirements. Or, if you're not a programmer, you can pay someone else to modify it. This kind of freedom may not be critical to your average Joe playing with an N810, but if you were a company using an application for business, then the ability to customise the code can be very useful. More importantly, it allows communities of people to collect around applications or particular hardware platforms, like the N810, and improve them. These communities often drive the development of free, as in beer, applications. Of the two FOSS freedoms, free as in free speech is the most important over the long term.

I know, because there is a vibrant community of people supporting the N810, that my new purchase will still be useful long after iPhone users have to send their toy in to Apple to get a replacement battery installed. Yes, it's so easy to change the N810's battery that I'm thinking of carrying spares while travelling. I know the N810 software repositories will exist long after Apple has yanked the last iPhone app from its store. Yes, anyone can put up an N810 repository if they want, several have already; I could put up my own repository and complile my own applications if I really wanted to, and I might at some point. And, when the day comes that technology standards have long-since left both the N810 and the iPhone behind, I know I will find a niche use for the N810 while the iPhone will be landfill. I can already think of several, from a car OBDII reader (car computer interface) to a digital photo frame. Being based on FOSS, the possibilites are only limited by the imagination.