spam

Slashdot just located another sleazy spammer

Dave Farquhar Spam ,

The Dayton Daily News ran a story today about another sleazy spammer. Naturally, it took Slashdot mere hours to dig up an address, based on clues from the article.
The guy leads a lifestyle even more over the top than that described by R. Collins Farquhar IV and Jacques Pierre Cousteau Bouillabaise de Raunche de la Stenche: Sleep until 1, work for five hours cluttering your inbox and mine while holding a brandy snifter and wearing a silk kimono and leather slippers, then go out for a night on the town.

If you’d like to, oh, I don’t know, send him a postcard from your hometown voicing your appreciation for what he does, click on the Slashdot link. Do a search for “Dayton.”

Don’t even think about DogDoo.com. That’s harrassment.

Fun with 419 spam

Dave Farquhar Spam ,

If you are a carbon-based, oxygen-breathing mammal with an Internet connection, you’ve undoubtedly received countless 419 scam spams.
In case you’re wondering what I’m talking about, I’m talking about messages coming from people from distant countries with vaguely African-sounding names who have had a close relative or business associate, usually with a high-ranking position, killed under tragic or mysterious circumstances, leaving behind a large amount of money that they now want your help in embezzling or laundering through your U.S. bank account, and in return for your services, they’ll give you a percentage.

And you thought you were the only one who had all these connections to powerful people. Sorry to burst your bubble, Sparky.

What do you do when you get one of these? Some people get irritated and delete them. Some people call me. It usually takes me about 4 seconds to figure out it’s a scam and finish their story (and mine’s usually better, if I do say so myself). Some people write back and mess with them. That takes time and creativity. Unfortunately, my oversupply of creativity is matched only, it seems, by my oversupply of humility and my shortage of time.

What you’re supposed to do (if you’re a U.S. citizen, which I know a good number of you are not) is forward the mail to 419.fcd@usss.treas.gov. Include the words NO LOSS. That helps the Feds know who’s doing this. They won’t contact you if you haven’t lost any money. But the key to catching crooks is data. So send ’em data. Typically I’ll paste the full mail headers back into the message as well.

If you’re lazy but want to mess with them, you can use the Business Reply Generator. Plug in the name of the guy who e-mailed you and the details of the letter, and it generates a rambling response. Copy and paste it and send it back to ’em. Some people are afraid of responding because they might get more of this stuff. I doubt it. These aren’t typical spammers who are paid in volume–they only make money if people respond and fall for the scam, which involves advancing money for bribes/expenses/whatever, until they lure the victim into a foreign country where they can kidnap and hold the victim for ransom and get even more money.

So I would think wasting their time is more likely to get you put on a don’t-waste-your-time-with-this-guy list than to get you put on a quick!-fire-up-the-mail-server-we-found-a-working-address list.

If nothing else, the automated reply generator is amusing. Click “more” to read the response it put together for me. I especially like the last sentence, which, the way I read it, means “I’ll post it on my Web site.”

Read more

Spam, spam, spam, spam–how I got less of it

Dave Farquhar Spam

Someday we’ll get a spam filter at work, and the day can’t come soon enough. On Wednesday I got fed up with getting 8-12 messages a day from “Fulfillment Center”–I was much more irate than usual today–so I took a desperate measure.
I dug up the abandoned freeware Windows tool Bounce Spam Mail (search for it with your favorite search engine; there’s no official homepage). As spam came in, I pasted its headers into Bounce Spam Mail and sent back a bounce. Sending back bounces hours later has never been effective for me, but in these instances, I only sent bounces when I was sitting right there when the mail came in. And it seems to have helped a little.

Ultimately, it’s better to have SpamAssassin on the mail server, or install POPFile. I’m stuck with Outlook connected to an Exchange server in corporate workgroup mode at work, and the last I’d checked you couldn’t use POPFile that way. But checking last night, now there’s a way you can, by installing POPFile followed by an add-on called Outclass.

My fake bounces aren’t ideal, but at least they seem to be better than nothing. But I’ll be installing POPFile and Outclass really soon.

Network infrastructure for a small office

Dave Farquhar Servers and Networking , , , , , , , , , , ,

We talked earlier this week about servers, and undoubtedly some more questions will come up, but let’s go ahead and talk about small-office network infrastructure.
Cable and DSL modems are affordable enough that any small office within the service area of either ought to get one. For the cost of three dialup accounts, you can have Internet service that’s fast enough to be worth having.

I’ve talked a lot about sharing a broadband connection with Freesco, and while I like Freesco, in an office environment I recommend you get an appliance such as those offered by Linksys, US Robotics, D-Link, Netgear, Siemens, and a host of other companies. There are several simple reasons for this: The devices take up less space, they run cooler, there’s no need to wait for them to boot up in case of power failure or someone accidentally unplugging it, and being solid state, theoretically they’re more reliable than a recycled Pentium-75. Plus, they’re very fast and easy to set up (we’re talking five minutes in most cases) and very cheap–under $50. When I just checked, CompUSA’s house brand router/switch was running $39. It’s hard to find a 5-port switch for much less than that. Since you’ll probably use those switch ports for something anyway, the $10-$20 extra you pay to get broadband connection sharing and a DHCP server is more than worth your time.

My boss swears that when he replaced his Linksys combo router/100-megabit switch with a much pricier Cisco combo router/10-megabit switch, the Cisco was faster, not only upstream, but also on the local network. I don’t doubt it, but you can’t buy Cisco gear at the local office supply store for $49.

For my money, I’d prefer to get a 24-port 3Com or Intel switch and plug it into a broadband sharing device but you’ll pay a lot more for commercial-grade 3Com or Intel gear. The cheap smallish switches you’ll see in the ads in the Sunday papers will work OK, but their reliability won’t be as high. Keep a spare on hand if you get the cheap stuff.

What about wireless? Wireless can save you lots of time and money by not having to run CAT5 all over the place–assuming your building isn’t already wired–and your laptop users will love having a network connection anywhere they go. But security is an issue. At the very least, change your SSID from the factory default, turn on WEP (check your manual if it isn’t obvious how to do it), and hard-code your access point(s) to only accept the MAC addresses of the cards your company owns (again, check your manual). Even that isn’t enough necessarily to keep a determined wardriver out of your network. Cisco does the best job of providing decent security, but, again, you can’t buy Cisco gear at your local Staples. Also, to make it easier on yourself, make sure your first access point and your first couple of cards are the same brand. With some work, the variety pack will usually work together. Like-branded stuff always will. When you’re doing your initial setup, you want the first few steps to go as smoothly as possible.

I’d go so far as to turn off DHCP on the wireless segment. Most wardrivers probably have the ability to figure out your network topology, gateway, and know some DNSs. But why make life easier for them? Some won’t know how to do that, and that’ll keep them out. The sophisticated wardriver may decide it’s too much trouble and go find a friendlier network.

Why worry about wireless security? A wardriver may or may not be interested in your LAN. But that’s one concern. And while I don’t care if someone mooches some bandwidth off my LAN to go read USA Today, and I’d only be slightly annoyed if he used it to go download the newest version of Debian, I do care if someone uses my wireless network to send spam to 250,000 of his closest friends, or if he uses my wireless network to visit a bunch of child porn or warez sites.

Enough about that. Let’s talk about how to wire everything. First off, if you use a switched 100-megabit network, you can just wire everything together and not give much thought to anything. But if you’re using hubs or wireless to connect your desktops, be sure to put your servers on 100-megabit switch ports. The servers can then talk to each other at full speed if and when that’s necessary. And a switch port allows them to talk at full speed to a number of slower desktop PCs at once. The speed difference can be noticable.

Another look at Mozilla’s anti-spam features

Dave Farquhar Spam ,

I downloaded and installed the most recent Mozilla 1.3 alpha build today (actually from Dec. 12).
For the past few weeks, I’d been using a nightly build I downloaded back in early November. It was buggy, but without assurance that any given night’s build would be any more or less stable than what I already had, I stuck with the familiar.

Initial impressions: The spam filtering still isn’t complete but it works (it just won’t act on the spam it finds–yet). The speed is comparable to anything else I’ve used, and one annoying bug in the mail client is gone. I’ve grown so used to having the spam filtering that I’ll put up with almost anything in order to have it–I get an unbearable amount of spam, and Mozilla quickly identifies it all for me. After a couple of months of using it, I think it’s pretty safe to say only one or two messages per week get past it anymore. I can definitely live with that.

Once when I visited news.google.com in the browser and clicked on a link, after I hit the back button I got a confusing “The file / can’t be found”. The nightly builds I used previously had the same bug. So far that’s the only one I’ve found, and the workaround is to visit a couple other sites, then go back to the troublesome one.

I’ve only been messing with it for a few hours so I can’t make any sound judgments on its quality. But as an evolutionary, not revolutionary, upgrade from its predecessor, it ought to be fairly stable.

If you’re desperate to get unburied from beneath an avalanche of spam and you’re willing to put up with a few quirks from your Web browser in order to do it, this is the most effective filter I’ve found yet.

Why I dislike Microsoft

Dave Farquhar Windows , , , , , , , , , , , , , , , , , , , , ,

“Windows 2000,” I muttered as one of my computers fired up so my girlfriend could use it. “Must mean something about the number of bugs that’ll be discovered tomorrow.”
She told me she liked Windows and asked me why I hated Microsoft so much.

It’s been a while since I thought about that. She speculated that I was annoyed that Bill Gates is smarter than me. (Which he probably is, but aside from a couple more books in print, it hasn’t gotten him anything I don’t have that I want.) There’s more to it than that.

I’m still annoyed about the foundation Microsoft built its evil empire upon. In the ’70s, Microsoft was a languages company, and they specialized in the language Basic. Microsoft Basic wasn’t the best Basic on the market, but it was the standard. And when IBM decided it wanted to enter the personal computer market, IBM wanted Microsoft Basic because nobody would take them seriously if they didn’t. So they started talking to Microsoft.

IBM also wanted the CP/M operating system. CP/M wasn’t the best operating system either, but it was the standard. IBM was getting ready to negotiate with Gary Kildall, owner of Digital Research and primary author of the OS, and ran into snags. Gates’ account was that Kildall went flying and kept the IBM suits waiting and then refused to work with them. More likely, the free-spirited and rebellious Kildall didn’t want to sign all the NDAs IBM wanted him to sign.

Microsoft was, at the time, a CP/M subcontractor. Microsoft sold a plug-in board for Apple II computers that made them CP/M-compatible. So IBM approached Microsoft about re-selling CP/M. Microsoft couldn’t do it. And that bothered Gates.

But another Microsoft employee had a friend named Tim Patterson. Tim Patterson was an employee of Seattle Computer Products, a company that sold an 8086-based personal computer similar to the computer IBM was developing. CP/M was designed for computers based on the earlier 8080 and 8085 CPUs. Patterson, tired of waiting for a version of CP/M for the 8086, cloned it.

So Seattle Computer Products had something IBM wanted, and Microsoft was the only one who knew it. So Microsoft worked out a secret deal. For $50,000, they got Patterson and his operating system, which they then licensed to IBM. Patterson’s operating system became PC DOS 1.0.

Back in the mid-1990s, PC Magazine columnist John C. Dvorak wrote something curious about this operating system. He said he knew of an easter egg present in CP/M in the late 1970s that caused Kildall’s name and a copyright notice to be printed. Very early versions (presumably before the 1.0 release) of DOS had this same easter egg. This of course screams copyright violation.

Copyright violation or none, Kildall was enraged the first time he saw DOS 1.0 because it was little more than a second-rate copy of his life’s work. And while Digital Research easily could have taken on Microsoft (it was the bigger company at the time), the company didn’t stand a prayer in court against the mighty IBM. So the three companies made some secret deals. The big winner was Microsoft, who got to keep its (possibly illegal) operating system.

Digital Research eventually released CP/M-86, but since IBM sold CP/M-86 for $240 and DOS for $60, it’s easy to see which one gained marketshare, especially since the two systems weren’t completely compatible. Digital Research even added multiuser and multitasking abilities to it, but they were ignored. In 1988, DR-DOS was released. It was nearly 100% compatible with MS-DOS, faster, less expensive, and had more features. Microsoft strong-armed computer manufacturers into not using it and even put cryptic error messages in Windows to discourage the end users who had purchased DR-DOS as an upgrade from using it. During 1992, DR-DOS lost nearly 90% of its marketshare, declining from $15.5 million in sales in the first quarter to just $1.4 million in the fourth quarter.

Digital Research atrophied away and was eventually bought out by Novell in 1991. Novell, although the larger company, fared no better in the DOS battle. They released Novell DOS 7, based on DR-DOS, in 1993, but it was mostly ignored. Novell pulled it from the market within months. Novell eventually sold the remnants of Digital Research to Caldera Inc., who created a spinoff company with the primary purpose of suing Microsoft for predatory behavior that locked a potential competitor out of the marketplace.

Caldera and Microsoft settled out of court in January 2000. The exact terms were never disclosed.

Interestingly, even though it was its partnership with IBM that protected Microsoft from the wrath of Gary Kildall in 1981, Microsoft didn’t hesitate to backstab IBM when it got the chance. By 1982, clones of IBM’s PC were beginning to appear on the market. Microsoft sold the companies MS-DOS, and even developed a custom version of Basic for them that worked around a ROM compatibility issue. While there was nothing illegal about turning around and selling DOS to its partner’s competitors, it’s certainly nobody’s idea of a thank-you.

Microsoft’s predatory behavior in the 1980s and early ’90s wasn’t limited to DOS. History is littered with other operating systems that tried to take on DOS and Windows and lost: GeoWorks. BeOS. OS/2. GeoWorks was an early GUI programmed in assembly language by a bunch of former videogame programmers. It was lightning fast and multitasked, even on 10 MHz XTs and 286s. It was the most successful of the bunch in getting OEM deals, but you’ve probably never heard of it. OS/2 was a superfast and stable 32-bit operating system that ran DOS and Windows software as well as its own, a lot like Windows NT. By Gates’ own admission it was better than anything Microsoft had in the 1990s. But it never really took off, partly because of IBM’s terrible marketing, but partly because Microsoft’s strong-arm tactics kept even IBM’s PC division from shipping PCs with it much of the time. BeOS was a completely new operating system, written from scratch, that was highly regarded for its speed. It never got off the ground because Microsoft completely locked it out of new computer bundles.

Microsoft used its leverage in operating systems to help it gain ground in applications as well. In the 1980s, the market-leading spreadsheet was Lotus 1-2-3. There was an alleged saying inside Microsoft’s DOS development group: DOS ain’t done ’til Lotus won’t run. Each new DOS revision, from version 3 onward, broke third-party applications. Lotus 1-2-3, although once highly regarded, is a noncontender in today’s marketplace.

Once Windows came into being, things only got worse. Microsoft’s treatment of Netscape was deplorable. For all intents and purposes, Microsoft had a monopoly on operating systems by 1996, and Netscape had a monopoly on Web browsers. Netscape was a commercial product, sold in retail stores for about $40, but most of its distribution came through ISPs, who bought it at a reduced rate and provided it to their subscribers. Students could use it for free. Since the Web was becoming a killer app, Netscape had a booming business. Microsoft saw this as a threat to its Windows franchise, since Netscape ran well not only on Windows, but also on the Mac, OS/2 and on a number of flavors of Unix. So Microsoft started bunding Internet Explorer with Windows and offering it as a free download for those who already had Windows, or had an operating system other than Windows, such as Mac OS. In other industries, this is called tying or dumping, and it’s illegal. Netscape, once the darling of Wall Street, was bought for pennies on the dollar by AOL, and AOL-Time Warner is still trying to figure out what to do with it. Once Microsoft attained a monopoly on Web browsers, innovation in that space stopped. Internet Explorer has gotten a little bit faster and more standards compliant since IE4, but Microsoft hasn’t put any innovation in the browser for five years. Want popup blocking or tabs? You won’t find either in IE. All of the innovation in that space has come in browsers with a tiny piece of the market.

One could argue that consumers now get Web browsers for free, where they didn’t before. Except every new computer came with a Web browser, and most ISPs provided a browser when you signed up. So there were lots of ways to get a Web browser for free in the mid-’90s.

And when it came to the excesses of the dotcom era, Netscape was among the worst. But whether Netscape could have kept up its perks given its business model is irrelevant when a predator comes in and overnight renders unsalable the product that accounts for 90% of your revenue.

Allegations popped up again after Windows 95’s release that Win95 sabotoged competitors’ office software, such as WordPerfect and Lotus 1-2-3. Within a couple of years, Microsoft Office was a virtual monopoly, with Lotus SmartSuite existing almost exclusively as a budget throw-in with new PCs and WordPerfect Office being slightly more common on new PCs and an also-ran in the marketplace. It’s been five years since any compelling new feature has appeared in Microsoft Office. The most glaring example of this is spam filtering. Innovative e-mail clients today have some form of automatic spam filtering, either present or in development. Outlook doesn’t. “Microsoft Innovation” today means cartoon characters telling you how to indent paragraphs.

And the pricing hasn’t really come down either. When office suites first appeared in 1994, they cost around $500. A complete, non-upgrade retail copy of Microsoft Office XP still costs about $500.

Pricing hasn’t come down on Windows either. In the early 90s, the DOS/Windows bundle cost PC manufacturers about $75. Today, Windows XP Home costs PC manufacturers about $100. The justification is that Windows XP Home is more stable and has more features than Windows 3.1. Of course, the Pentium 4 is faster and less buggy than the original Pentium of 1994, but it costs a lot less. Neither chip can touch Windows’ 85% profit margin.

And when Microsoft wasn’t busy sabotaging competitors’ apps, it was raiding its personnel. Microsoft’s only really big rival in the languages business in the ’80s and early ’90s was Borland, a company founded by the flambouyant Phillippe Kahn. Gates had a nasty habit of raiding Borland’s staff and picking off their stars. It didn’t go both ways. If a Microsoft employee defected, the employee could expect a lawsuit.

Well, Kahn decided to play the game once. He warmed up to a Microsoft staffer whose talents he believed weren’t being fully utilized. The employee didn’t want to jump ship because Microsoft would sue him. Kahn said fine, let Microsoft sue, and Borland would pay whatever was necessary. So he defected. As expected, Gates was enraged and Microsoft sued.

Soon afterward, Kahn and his new hire were in an airport when a Hare Krishna solicited a donation. Kahn handed him $100 on the spot and told him there was a whole lot more in it for him if he’d deliver a message to Bill Gates: “Phillippe just gave us $100 for hot food because he suspects after this lawsuit, your employees are going to need it.”

He delivered the message. Gates wasn’t amused.

It was a bold, brash move. And I think it was pretty darn funny too. But smart? Not really. Borland’s glory days were pretty much over 10 years ago. For every star Borland could lure away, Microsoft could lure away three. Borland’s still in business today, which makes it fairly unique among companies that have taken on Microsoft head-on, but only after several reorganizations and major asset selloffs.

The only notable company that’s taken on Microsoft in the marketplace directly and won has been Intuit, the makers of Quicken. Microsoft even gave away its Quicken competitor, Microsoft Money, for a time, a la Internet Explorer, in an effort to gain market share. When that failed, Microsoft bought Intuit outright. The FTC stepped in and axed the deal.

The thanks Microsoft has given the world for making it the world’s largest software company has been to sell buggy software and do everything it could to force companies and individuals to buy upgrades every couple of years, even when existing software is adequate for the task. While hardware manufacturers scrape for tiny margins, Microsoft enjoys 85% profit margins on its product. But Microsoft mostly sits on its cash, or uses it to buy companies or products since it has a terrible track record of coming up with ideas on its own. The company has never paid dividends, so it’s not even all that much of a friend to its own investors.

For me, the question isn’t why I dislike Microsoft. The question for me is why Microsoft has any friends left.

These guys want your spam

Dave Farquhar Spam

In case you haven’t heard, the FTC wants you to forward spam to them at uce@ftc.gov. But they’re not the only ones who want your spam.
So does Spam Archive. Their goal is to accumulate a nice cross-representative sample of spam, for example, to use in seeding Bayesian filters. It’s taken me about a week to accumulate 146 spam messages and with that sample set, now my Bayesian filter works more often than not. But wouldn’t it be nice to be able to go download an archive of, say, a couple thousand spam messages and seed a Bayesian filter with that?

Some Slashdotters questioned the group’s motives. The admin contact on the site has connections to a commercial anti-spam company. If this is a front for a for-profit company and they benefit from the contributions, I say so what? I’m not one of those “everything should be free” people. I certainly hope they will keep their word and make the spam archive available to all comers. And if they do that, I really couldn’t care less who benefits.

Red Hat and Debian fans debate desktop Linux

Dave Farquhar Linux , , , , , , , ,

Mail from longtime reader Steve Mahaffey on the state of desktop Linux. My responses interspersed within:
SM: It’s been a while since I’ve emailed you, though I still read your site almost daily and comment from time to time.

DF: I appreciate that.

SM: Other than our common faith the most important subject that I could comment on might be desktop Linux.

DF: And it’s been a while since I’ve written about either of those. Too long.

SM: In the past I’ve used Mandrake and Suse briefly, and Red Hat 7.2/3 more extensively. As a server, Red Hat 7.3, booted to runlevel 3, runs until the power goes off at my West Houston home long enough to outlast my UPS. On the other hand, as a desktop OS, Red Hat 7.3 with KDE or Ximian Gnome would crash 1-3 x per week, and Ximian Gnome would get corrupted, requiring me to delete various ./.gnome* config files or files in /tmp to fix it, which most users would not be able to fathom or guess at.

DF: The more advanced desktop environments seem to be pretty sensitive to something or other. I haven’t figured out what exactly. That’s part of the reason why I run IceWM on Debian on my desktop; it’s stable. Running Gnome apps under IceWM on Debian “Unstable” (the experimental, bleeding-edge Debian distro), I’ve been chasing a slow memory leak that eventually consumes all available physical memory and eventually leads to a crash, but it takes a month or two. More on what I think is going on in a minute.

SM: Red Hat 8.0 on my primary workstation, on the other hand, is currently at 43 days uptime. NO CRASHES, once or twice I have restarted the x-server, and once I had a problem with the gnome conifg files. I know that you use Debian mostly, but Red Hat, Lindows, Mandrake, Lycoris, or the like will be the ones to have a mass impact on the desktop. Seems like Lycoris or Lindows was Debian based, though.

DF: I know Lindows is based on Debian. I don’t know Lycoris’ origin. You are correct that Debian will have minimal impact on the desktop, at least in the home. Debian doesn’t give a rip about commercial success and it shows.

I saw Red Hat 8 and Mandrake 9 recently and I was impressed at how far they’ve come. I haven’t touched Red Hat since 6.2 or Mandrake since, well, 7.2 probably. They looked stable and fast. And I saw a minimal (no options picked) Mandrake 9 install the other night. It was 144 megs. I remember not long ago trying to do minimal Red Hat and Mandrake installs and they were 300 megs, at least. That’s definitely a step in the right direction.

SM: Anyway, besides much greater stability, I have enough functionality for most of my needs in programs like Open Office, gnucash, Mozilla or Galeon, Evolution or KMail, etc. Some may have other needs, only met via Windows only programs, of course. I have noticed that RH 8.0 seems on occasion to be slow, but not most of the time. The menus are a little funny … easy to add to the KDE menus, but they don’t always seem to work. With Gnome, it’s easier to add a custom panel to add a non-default application, but it does work then.

DF: Linux currently meets most of the needs I observe on the typical user’s desktop. Not necessarily power users, but for the basic users who are interested in typing simple documents like letters and memos, simple spreadsheets (and let’s face it, an awful lot of spreadsheets use very basic math, if any at all), e-mail, Web browsing, chat, and listening to music, Linux provides solutions that are as good as, if not superior to, those that run on Windows.

I also observe how many users don’t know how to add an application to Windows’ Start menu, or desktop, or that quick-launch thing on the taskbar. It may be easier on Windows, but it’s still not easy enough for most people.

Of course, this is coming from someone who keeps at least one shell window open at all times in Linux and launches apps from there because it’s faster and easier for me to type the first few letters of an app and hit tab and then enter than it is to navigate a menu. For people like me, Linux is much, much superior to Windows and always will be.

SM: RH 8.0 did recognize my nVidia card, but did NOT enable opengl 3d acceleration. I had to install the nVidia drivers from the nVidia web site to get opengl acceleration…apparently Red Hat has decided to not support that at this time. Another oddity is that I have had to turn on the cd sound to play audio CDs by using the kde mixer…can’t seem to do it with the gnome mixer, and don’t know where to hack a config file or file permissions to do this.

DF: Given Red Hat’s history with KDE, it’s ironic that some things work better in KDE than Gnome on Red Hat. Nvidia’s decision to only provide binary drivers (not source) hasn’t proven popular with a lot of Linux distributors, which probably has a lot to do with the OpenGL issues. Red Hat isn’t going to go out of its way to make nVidia look good, and might actually go out of its way to make nVidia not look as good as ATI or Matrox or other companies who are willing to provide straight source, taking the chance that users will blame nVidia rather than Red Hat or Linux. (That’s not a particularly safe bet, but it’s not out of character, given past history.)

SM: Other things… Evolution crashes a lot. I’ve given up and started using KMail (for IMAP since I use my own mail server with IMAP). Galeon is good, but it seems that I had some printing issues and I’ve been using Mozilla more. I’ll have to see how the Phoenix browser comes along…it might be the best choice. Flash and Java required a manual install.

DF: Evolution is stable for me in Debian (more stable than Outlook 2000 under Windows 2000) but I’ve heard that complaint. I have to wonder if Evolution might be picky about the libraries it’s linked to and what it’s compiled with and how? Debian is really conservative; Red Hat is much more apt to use C compilers that haven’t proven themselves just yet. It’s great that GCC 3.2 is so much faster, but if that speed is still coming at the price of stability, let’s back off, eh?

I like Galeon but I don’t print Web pages much. Phoenix is turning into a very nice browser. Lately I’ve been using Mozilla nightly builds for the spam filtering in the mail client and no other reason.

SM: All in all, maybe Red Hat 8.0 is still more a distro that is more suited for corporate environments that have IT personnel around to hand-hold, and which need only modest desktop application abilities. But, it’s coming quite close to the fabled “Aunt Minnie” friendly OS that will really give Microsoft fits.

DF: It’ll take time to get mainstream appeal but I believe it will. Linux PCs in Wal-Mart are a very good thing, because it gives exposure and feedback. The press hasn’t been too kind to the Linux PCs sold there, but if the criticisms are addressed, things will get better, faster, for all distributions. Windows nothing but a really bad Mac wanna-be for 10 years, but it ripened because it infiltrated mass-market PCs. The press applauded Microsoft as it washed its dirty laundry in public. Linux won’t get that same treatment, but I’ll take a criticizing press over a kiss-butt press any day of the week if the goal is product maturity. Windows has been 20 years in the making, but XP still crashes too much.

And as far as Red Hat vs. Debian goes, I may have to give Red Hat another look as a desktop OS soon.

SM: Most of your comments seem to center around Linux and server applications. This is not trivial or unimportant. However, I think that the time for desktop Linux may be getting quite close, and I’d be interested in your comments if you feel so inclined.

DF: My focus has changed in the past year. Two years ago, I did desktop support, and server work in emergencies. About a year ago, I started moving into server support and only did desktop support in emergencies. It’s been a year since I’ve dealt with end users on a regular basis, so I don’t know as much what’s wanted or needed on the desktop anymore and I definitely don’t think about it nearly as much since I’m almost never confronted with it.

I think my thoughts on it are still worth something, since it’s only been a year, but that kind of experience definitely doesn’t age well.

Getting back to the desktop, the apps we need are in place. What they need most now are must-have features that Microsoft won’t supply, or won’t supply quickly. Bayesian spam filtering in Mozilla is a prime example of Open Source beating MS to the punch. A great idea showed up on Slashdot, some early implementations showed up immediately, and within a month or two, it’s in Mozilla’s alpha builds. The public at large will have a usable implementation within a couple of months. And there will be others. I suspect we’ll see lots of examples of it in digital media. I mean, whose design would you rather use, the design of someone concerned only with corporate interests, or the design of a group of users concerned with their fair-use rights and yours and mine?

SM: Anyway, maybe you’ll find my observations to be of interest.

DF: Always.

I have seen the future, and it works!

Dave Farquhar Spam ,

Now appearing nightly, in the nightly Mozilla builds, the Open Source community is very proud to present a very special feature: Naive Bayesian spam filtering!
And you’re probably wondering why I’m excited about something as boring-sounding as that. Don’t worry. I’m no less sane than I was yesterday and I’ll prove it.

Bayes’ Rule is a method of pattern recognition. You tell it what is spam and what isn’t and over time it learns how to recognize what is and isn’t spam. Click here for an explanation of what it is and why it works.

Its main selling point is that when implemented properly and trained thoroughly, Bayesian filtering is very effective at identifying spam and produces nearly zero false positives.

So I excitedly downloaded and ran the Nov. 14 Mozilla nightly build. The filtering doesn’t presently filter, it only marks the messages as spam and non-spam. That’s OK, I can sort them and then zap them myself for a while. I trained it on about 1,400 non-spam messages (I only had a few dozen spams). It doesn’t identify much spam yet, but I’ve had zero false positives. It recognizes my most incessant spammer, the Smartmall Success Group (Kevin Butthead, take your Amway-meets-ecommerce scheme and stick it. I’m much more interested in joining the mafia.) and it’s starting to recognize unsolicited credit card spam.

Spam normally irritates me. Really irritates me. But now it’s a game. I look forward to spam coming in to see if Mozilla recognizes it. And it’s encouraging to watch it learn and get better. I’m going to win this battle. Within a month, I expect that time I waste deleting spam and making sure I didn’t delete anything important will be free for me to do something else with it. Like answer legitimate mail from people I’ve never heard of.

Some people argue this filtering belongs on the server, but not everyone is willing to filter spam on the server. My employer never will (because many of my employer’s departments engage in questionable e-mail practices themselves) and I’d be shocked if my ISP ever did. I can set up my own mail server, but this is a lot easier. It’s probably a lot easier for you too, even if you’re one of the half-dozen or so experienced Unix sysadmins who regularly read these pages.

If you’re like me and you have 1,000+ e-mail messages squirreled away somewhere, and you don’t mind playing with alpha-level code (which you don’t if you’re running Windows, since Microsoft is in the habit of shipping alpha code and charging you hundreds of dollars for the privelige of alpha- and beta-testing it for them), go get this thing. Start training it. And watch the spam go bye-bye.

And if you’re better than me about cleaning out your inbox, get it anyway. It’ll just take you longer to train it.

An emergency POP client

Dave Farquhar Windows

I went looking for a lightweight POP3 client last week for Windows so I could do some testing. I found Popcorn. I like it a lot.
For one thing, it’s a self-contained 216K executable that keeps its info in an .ini file in the same directory. Simple and elegant. Its user interface is certainly adequate. It’s not as fancy as Outlook or some other clients maybe, but it’s fine. Best yet, it’ll grab the headers and let you see them before you download your mail, which is a real boon on a dialup connection. Flag the spam, hit delete, then only download the stuff you want to read then and there.

Memory usage starts at about 2 megs, which makes it even more ideal for that 486 laptop with 8 megs of RAM running Win95 that you take with you on the road.

It’s a simple program for simple needs, with a couple of compelling features thrown in. Even if you’ve got a multi-gigahertz P4 with a gig or two of RAM, there’s probably something to like about it. Check it out.