Category: Uncategorized

The self-aggrandization prize goes to Craig Venter

Published November 5, 2003

Science: I'm the human genome, says 'Darth Venter' of genetics (Observer).

Craig Venter, the controversial geneticist who led private industry's decoding of the human genome, has revealed a startling secret. The genome - unravelled two years ago - is his.
To the surprise of scientists, Venter has admitted that much of the DNA used by his company, Celera Genomics, as part of this decoding effort came from his cells. The news has annoyed his colleagues, who claim that Venter subverted the careful, anonymous selection process they had established for their DNA donors.

I missed this story when it came out, but it's a biggie. Instead of mapping the genome of a scientifically-chosen representative, we have the genome of an egomaniac CEO, who spent the entire project self-aggrandizing and attention-seeking.

Just as well the publicly-funded, international Human Genome Project was around to keep them honest for the most part...

Some more choice quotes:

'It doesn't surprise me. It sounds like Craig,' said Nobel laureate James Watson, co-discoverer of the structure of DNA.
As to his reasons for his actions, Venter was unequivocal. 'How could one not want to know about one's own genome?' he said. Neither was he fazed about accusations of egocentricity. 'I've been accused of that so many times, I've got over it,' he said.
Celera's science board was not so understanding. 'Any genome intended to be a landmark should be kept anonymous. It should be a map of all of us, not of one, and I am disappointed if it is linked to a person,' said board member Arthur Caplan.
He added that the drive to sequence the human genome was an opportunity for personal glory as well as scientific discovery. Venter's action emphasised the first motive.

Herring Fart Chat

Published November 5, 2003

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Science: Fish farting may not just be hot air (New Scientist):

Biologists have linked a mysterious, underwater farting sound to bubbles coming out of a herring's anus. No fish had been known to emit sound from its anus nor to be capable of producing such a high-pitched noise.
... Three observations persuaded the researchers that the FRT is most likely produced for communication: Firstly, when more herring are in a tank, the researchers record more FRTs per fish. Secondly, the herring are only noisy after dark, indicating that the sounds might allow the fish to locate one another when they cannot be seen. Thirdly, the biologists know that herrings can hear sounds of this frequency, while most fish cannot. This would allow them to communicate by FRT without alerting predators to their presence.

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Exmh CVS

iD8DBQE/qThjQTcbUG5Y7woRAgEOAKDBmfaPgFrrGwTIndzQXJpQvoJGQwCcDyMa qkAWXoutn5Ki64fTK05emHA=
=E1La
-----END PGP SIGNATURE-----

Jody — still going strong

Published November 5, 2003

Spam: I just got another Jody spam; 40 points this time, and featuring the very latest in spam fashion, a .biz URL.

It's amazing! The 'Jody' fake testimonial crops up in 9060 results on the web and 78600 results on USENET. The oldest spam Google Groups has with this text was posted back on 26th May 1998, which makes it 5 and a half years old by now. (Check it out for some classic period ASCII art, misspellings, and LOTS OF SHOUTING!!!!)

Last time I posted about it, Ben actually tracked down a 'Mitchell Wolf M.D., Chicago, Illinois' -- Jody's supposed spouse. Presumably he's retired on the the 'USD 147,200.00 every 45 days' that Jody was amassing from her 'hobby', though. ;)

Sampler Victorious

Published November 4, 2003

Ireland: The best programme on Irish TV, by far, is Sampler. It's a great magazine series covering Ireland's underground scenes, with several nice scoops, including being the only set of film cameras around for the police brutality that made the May 6th 2001 Dublin 'Reclaim the Streets' protest infamous. Great soundtrack, too.

Naturally, it's also had a long and illustrious history of no support from RTE, who just seem to hate the whole idea and would prefer they just had a nice, non-controversial chat show instead.

Well, Sampler just won 'Best Special Interest Programme' at the Irish Film and Television Awards. Nice one! (Not that you'd know it from the IFTA website, which hasn't updated the awards pages in 2 years. -- update: Simon points out I'm looking at the wrong site: the real one is here.)

Disclaimer: Luke, the producer, is a good mate of mine. But it's still
a great programme. ;)

Go take a look! Episodes 2 to 5 are online in full, in RealVideo format -- and encoded at a pretty decent bitrate.

Justin the Scoopist

Published November 4, 2003

Timeliness: w00t! I blog about Jason Salavon, and 4 days later Boing Boing and plasticbag.org both pick up on it. (and rightly so.)

It gets better -- then there's this posting about the EVACS e-voting system, and a week later, Wired News cover it!

... OK, I'm totally exagerrating the latter one. Obviously Wired News go into a lot more detail and do a bit more research. ;) In fact, it's a very good article; here's a killer quote from Software Improvement's Matt Quinn, the lead engineer on EVACS:

Quinn ... says he is 'gob smacked' by what he sees happening among U.S. electronic voting machine makers, whom he says have too much control over the democratic process.
It has been widely reported that Ohio-based Diebold Election Systems, one of the biggest U.S. voting-machine makers, purposely disabled some of the security features in its software. According to reports the move left a backdoor in the system through which someone could enter and manipulate data. In addition, Walden O'Dell, Diebold Election System's chief executive, is a leading fundraiser for the Republican Party. He stated recently that he was 'committed to helping Ohio deliver its electoral votes to the president next year.''
'The only possible motive I can see for disabling some of the security mechanisms and features in their system is to be able to rig elections,' Quinn said. 'It is, at best, bad programming; at worst, the system has been designed to rig an election.'
'I can't imagine what it must be like to be an American in the midst of this and watching what's going on,' Quinn added. 'Democracy is for the voters, not for the companies making the machines.... I would really like to think that when it finally seeps in to the collective American psyche that their sacred Democracy has been so blatantly abused, they will get mad.'
But he says that the security of voting systems in the U.S. shouldn't concern Americans alone.
'After all, we've all got a stake in who's in the White House these days. I'm actually prone to think that the rest of the world should get a vote in your elections since, quite frankly, the U.S. policy affects the rest of the world so heavily.'

IRELAND IS THE LARGEST CONSUMER OF TEA IN THE WORLD (per head)

Published November 3, 2003

Ireland: I've just come across Dervala's take on the I am Canadian Molson ad. Total genius!

At Home with the Fuhrer

Published November 3, 2003

Bizarre: Given some historical context, it's funny how absolutely insane this sounds: Guardian: At Home with the Fuhrer.

My discovery was an article headlined 'Hitler's Mountain Home' - a breathless, three-page Hello!-style tour around Haus Wachenfeld, Hitler's chalet in the Bavarian Alps. In it, the author, the improbably named Ignatius Phayre, tells us that 'it is over 12 years since Herr Hitler fixed on the site of his one and only home. It had to be close to the Austrian border'. It was originally little more than a shed, but he was able to develop it 'as his famous book Mein Kampf became a bestseller of astonishing power'.
The great dictator, it seems, was quite the interiors wizard: 'The colour scheme throughout this bright, airy chalet is light jade green. The Führer is his own decorator, designer and furnisher, as well as architect... has a passion about cut flowers in his home.'
And he is seldom alone in his mountain hideaway, as he 'delights in the society of brilliant foreigners, especially painters, musicians and singers. As host, he is a droll raconteur... '
Oh, and look who's practising his archery in the garden: 'It is strange to watch the burly Field-Marshal Göering, as chief of the most formidable airforce in Europe, taking a turn with the bow-and-arrow at straw targets of 25 yards range.'
And on it gushes, all accompanied by various photos of Hitler and friends admiring the view, examining plans for the house, and one delightful shot of Adolf relaxing on a deckchair with 'one of his pedigree alsatians beside him'.

Next time you read an over-excited 'inside the home of' article, bear in mind that the subject might be a psychopathic dictator bent on world domination and mass murder.

(The article then descends into a convoluted mess of copyright claims and counterclaims, BTW, in case you're interested. But the bizarre stuff is what got me ;)

Sampler Victorious

Published November 3, 2003

The best programme on Irish TV, by far, is Sampler. It's a great magazine series covering Ireland's underground scenes, with several nice scoops, including being the only set of film cameras around for the police brutality that made the May 6th 2001 Dublin 'Reclaim the Streets' protest infamous. Great soundtrack, too.

Naturally, it's also had a long and illustrious history of no support from RTE, who just seem to hate the whole idea and would prefer they just had a nice, non-controversial chat show instead.

Disclaimer: Luke, the producer, is a good mate of mine. But it's still
a great programme. ;)

Go take a look! Episodes 2 to 5 are online in full, in RealVideo format -- and encoded at a pretty decent bitrate.

Needs more thought

Published November 3, 2003

Politics: Nelson Mandela banned from visiting the US. oops! But they've fixed it:

The good news is that the United States government has removed Nelson Mandela, Tokyo Sexwale and Sidney Mufamadi from its list of global terrorists. The bad news is that the removal is only for the next 10 years. ....
'To make an exception for those who struggled against apartheid would require congress to change the law, and that would be a very lengthy process,' (Virginia Farris, the public affairs spokesperson for the US embassy in Pretoria) said.

Via Wendy M. Grossman, who reckons myself and the other SpamAssassin guys are Mrs. Beeton. ;)

Ho hum

Published November 2, 2003

Spam: I just received a spam containing this (HTML tags made readable by translating angles to round brackets):

Subject: Re: ZR, the master walked
(BODY bgColor=#ffffff) (font color=white) hellgrammite vocabularian distaff cardamom curvilinear pyhrric whizzing fruition canvasback maritime calcareous byline peddle cautionary smooch detain deadwood thrash centaur hurd coruscate confession bloom damsel gallon downtown morphine respirator psycho consolidate nee boycott (/font) Ban(/neve)ned C(/elmsford)D Gov(/validate)ernment d(/staccato)on't wan(/goat)t m(/embank)e t(/trident)o s(/logjam)ell i(/constantine)t. Se(/falloff)e N(/judson)ow - (then a link, finally!!) (font color=white)neuroses aghast mazurka ribose architectural tranquillity heterosexual custom coquette mauritius downgrade croydon mechanist devious nh lange circumscribe infancy drool between foppish momentous doug induce (/font)

What a mess. Regardless, SpamAssassin gave it a 17.4 and autolearned it as spam ;)

Spam load and Hallowe’en

Published November 1, 2003

Spam: The volume of spam continues to rise inexorably. Brightmail are now estimating that 54% of all mail messages are spam.

Nowadays, my personal mail account is getting about 70 a day, rising to over 200 a day at the weekends. It's getting tiresome; pretty much all of it gets marked as spam and diverted, but I still have to wade through it 'just in case', and to build the corpus. I guess I need to extend my .procmailrc to divert high-scoring spams somewhere I can check even less frequently ;)

That's not the really annoying thing, though. I use tagged addressing when I publish my email address, most of the time. It works very well to identify spam sources overall, and divert 'dead' addresses that are getting spam, into the spamtraps. That's the plus.

But the curse of writing spam filters is that you need a good archive of spam; and one of our SpamAssassin corpus guidelines is to attempt to trim out duplicate spams where possible. Many spammers will wind up sending more-or-less identical spam messages, modulo random subject lines, hash-busters, etc., and with (let's say) 8 tagged addresses in their lists, I'll get 8 copies of that spam, and have to pay a little bit of attention to trim it down to 1 copy for the corpus.

Damn spam-filter development! All this corpus building is hard work ;)

BTW, note how spam load rises at the weekends; (Tim Hunter, Paul Terry and Alan Judge of eircom.net also noted this in their paper presented at LISA '03 yesterday ;). There's a good reason -- spammers attempt to deliver their spam while abuse staff are not at their desk. Same thing applies in the network security world; many of those attacks have taken place over a US holiday weekend.

Hallowe'en: best too-late idea for a hallowe'en costume: 'Top Gun GWB' in his flight suit. In the end, I played half of the 'Dr. Frankenstein and Monster' pair (I was the monster, as C really is a scientist, and computer 'science' doesn't count). Best costume seen: a very impressive onnagata kabuki player.

Spam load and Hallowe’en

Published November 1, 2003

The volume of spam continues to rise inexorably. Brightmail are now estimating that 54% of all mail messages are spam.

Damn spam-filter development! All this corpus building is hard work ;)

Tim Bray on Dublin

Published October 31, 2003

Ireland: 'The weather is bloody this time of year, the traffic is worse, but it's a fine town.' Agreed!

So I met up with SpamAssassin Dan, SpamAssassin Theo, and POPFile author John Graham-Cumming yesterday, down in San Diego -- much spam stuff was discussed.

Great to meet up -- not so great to miss the last train back to Irvine to my own inability to correctly read a timetable, and have to drag Dan and Theo out that way. oops, sorry guys! Not so smart, but at least we got to carry on the discussion for an hour or two more...

IBM attempting to patent the ‘wallet’

Published October 30, 2003

Patents: New Scientist reports that IBM have applied for a patent on "an electronic password 'wallet' that securely stores all your passwords, with overall access via a single password. The wallet pops up on screen whenever you are asked for a password. You enter the master password and the wallet then answers the online request by pasting in the appropriate password for that site."

This should be familiar to anyone who's used Mozilla's Form Manager feature, which fits the patent claims perfectly. That page notes that the Mozilla feature was created in 1999, just under 3 years before the patent application. Let's hope the USPTO remember to do a Google search this time!

Statistical Art

Published October 29, 2003

Art: Jason Salavon: Selected projects, 1997 - 2003.

Salavon operates by taking data from various sources (DVDs of late-night talk shows, homes for sale in various states, MTV's 10 Greatest Music Videos of All Time, Playboy centerfolds, etc.), then statistically combining them and converting that into another image, movie, or whatever.

The results are excellent. Check out Homes for Sale and Every Playboy Centerfold, The Decades (normalized).

I remember somebody asking me what I thought 'computer art' (sic) should be like, after I dissed yet another lame pixellated Photoshop/Flash thingy. Now I have something to point at ;) I'm well impressed.

Patents and Innovation, via slashdot

Published October 29, 2003

Patents: Slashdot gets a lot of stick for cluelessness. Now and again, though, you find well-presented arguments you won't read elsewhere. Try these:

An excellent summary of James Burke's book, The Day the Universe Changed; I haven't read it, but it sounds good. Reportedly, there's a section covering a period in British history when patent law was extended to cover 100 years; 'Like copyright today a person could not extend on a process developed on the day of their birth - they and their children (and even many of their grandchildren) would be dead long before the patent expired.'

Meanwhile, Germany refused to respect these terms, and their industry flourished -- 'a backwards agrarian society became an industrial powerhouse that far exceeded the capabilities of the British industry they 'stole' from, within a working lifetime.'

Details of how Lowell, Massachusetts became an industrial-era milling powerhouse through the US 'stealing' British patents: 'an English immigrant, Samuel Slater ... had worked his way up from apprentice to overseer in an English factory using the Arkwright system. Drawn by American bounties for the introduction of textile technology, he passed as a farmer and sailed for America with details of the Arkwright water frame committed to memory.'

Games: GameChronicles on the GTA:VC - Scarface connection. A nice summary of all (or at least, most) of the Scarface homages in the game.

Go W3C!

Published October 29, 2003

Patents: World Wide Web Consortium Presents US Patent Office with Evidence Invalidating Eolas Patent: 'W3C Director Tim Berners-Lee urges USPTO Director to review prior art, take action'.

The specific prior art exhibits cover several 1993 postings by Dave Raggett to the www-talk mailing list.

Let's hope the USPTO admits that their patent examiners never bothered to do a Google search ;)

Go W3C!

Published October 29, 2003

World Wide Web Consortium Presents US Patent Office with Evidence Invalidating Eolas Patent: 'W3C Director Tim Berners-Lee urges USPTO Director to review prior art, take action'.

The specific prior art exhibits cover several 1993 postings by Dave Raggett to the www-talk mailing list.

Let's hope the USPTO admits that their patent examiners never bothered to do a Google search ;)

Freedroid

Published October 29, 2003

Games: Commodore 64 old-timers may remember Andrew Braybrook's classic Paradroid, easily one of the best games for that platform, and a classic by any standards. Here's a copy of the Zzap! 64 review from 1986. Many thumbs up, and the bottom line was that Paradroid ranked as 'THE classic shoot-em-up'.

Paradroid trivia: in the days before .plan files, Zzap! 64 published a development diary by AB! Here's the birth of one of the game's key mechanisms, the 'transfer game':

Tuesday May 21: An average morning's contemplation until ...ZAP WHIZ POW ! An idea for a game within the main one, fighting for control of a new robot. Instead of just a graphical sequence showing the takeover of a new robot, why not have to play for it, you against the robot's brain? Base it on logic circuits and use some existing routines. A whole new game segment in a small space!

Cool.

The authors' company, Graftgold, has a website, detailing its history. Sadly, it maps the decline of the 80's-style small games company, and ends on this note: 'I would recommend the games industry to anyone wanting an exciting career buts its certainly not an easy ride. Most publishers we worked with either went bust, sold out or simply did not publish the game to our expections despite tight contracts. The trouble is the developer does their bit first then the publisher can choose the level to do their bit. Unless you can get real commitment by way of big advances you cannot rely on a publisher.'

Shame. Anyway. I'm not the only Paradroid fan out there -- it seems a bunch of fellow enthusiasts have come up with FreeDroid, a homage to Paradroid which seems to be evolving into an RPG! It's quite impressive -- the gameplay is virtually identical to the original. Fedora Linux users can install it using apt-get install freedroid.

BTW, related: here's two attempts at a canon for computer gamers, at costik.com and the Ludologist (of which I've played 121). What I find interesting about them is how clearly one is American and Apple-II-based and the other European and Commodore-64/Amiga-based. Stay tuned for the third, Spectrum-based canon. ;)

More on the ACT EVACS E-Voting System

Published October 28, 2003

Voting: Nathan Cochrane mailed in some great tidbits about the ACT EVACS e-voting system. (thanks!)

First off, this Debian-news posting notes some snippets from an Age article by Nathan; Here's some longer excerpts. It features some great quotes: 'the only platform that provided robustness and voter confidence was GNU Debian Linux, with all source code released under the General Public License (GPL).'

And this one:

'Classical voting systems, notably the Australian paper ballot, are designed precisely on such anti-trust grounds,' Jones said. 'We simply assume from the start that each and every participant in the system is a partisan with a vested interest in doing everything possible to help his or her favorite candidates.'
He said paper and pencil voting systems, such as that first used in Victoria in 1858, meet this test. Electronic voting does not.

This letter to LWN notes: 'You might be interested to know that some of the work on this project is being done by 'big name' open source people, including Andrew Tridgell (aka Mr Samba), Dave Gibson (orionoco wireless LAN driver), Martin Pool (apache), and Rusty Russell (netfilter and other gross kernel hacks)', and links to the code's CVS repository!

It seems those guys performed the work on behalf of a Canberra open-source consultancy group, Software Improvements; Here's the product brochure.

This posting to iRights gives a few more details.

It all looks like an excellent job all 'round, as far as I can see.

On Pay-Per-Mail

Published October 27, 2003

Spam: Lee Maguire on pay-per-mail schemes. A great read -- recommended to anyone who has given thought to this system.

It's usually the fear of the odd overlooked gem that has rendered anti-spam techniques impotent. A salutation from a long lost friend with the subject 'Hi', an important business mail sent out-of-hours from the kid's computer, that domain renewal reminder. Most people would apply no charge on the things they want to read, and a bajillion dollars on spam. And if there's mail you don't want to read but have to? Chances are you're being paid to read them already - get back to work.

SoCal: an amazing satellite picture of the wild fires, courtesy of NASA's Earth Observatory.

More on the ACT EVACS E-Voting System

Published October 27, 2003

Nathan Cochrane mailed in some great tidbits about the ACT EVACS e-voting system. (thanks!)

And this one:

'Classical voting systems, notably the Australian paper ballot, are designed precisely on such anti-trust grounds,' Jones said. 'We simply assume from the start that each and every participant in the system is a partisan with a vested interest in doing everything possible to help his or her favorite candidates.'

He said paper and pencil voting systems, such as that first used in Victoria in 1858, meet this test. Electronic voting does not.

It seems those guys performed the work on behalf of a Canberra open-source consultancy group, Software Improvements; Here's the product brochure.

This posting to iRights gives a few more details.

It all looks like an excellent job all 'round, as far as I can see.

More pics of the wild fires, and going for a SONGS

Published October 27, 2003

SoCal: some great pictures from Derek Balling down in San Diego. Check out those skies!

Nukes: Great! The OC Weekly reports 'the much-maligned San Onofre Nuclear Generating Station (SONGS) has finally gotten some recognition -- but probably not the kind it wants: it now ranks (third) among the U.S. facilities most likely to suffer a meltdown, according to the Union of Concerned Scientists, a scientific group that monitors nuclear safety.'

A serious meltdown at SONGS would result in a massive release of radioactivity that could immediately kill more than 100,000 people in South County and northern San Diego County and ultimately cause hundreds of thousands of cases of cancer and genetic defects.

That's 15 miles away from me, fact fans. Mind you, having grown up directly west of Sellafield's discharge pipes, I'm used to a bit of radioactivity ;)

It’s the end of the world as we know it…

Published October 27, 2003

SoCal: Wild fires are raging throughout Southern California.

Last night, I was reading J. G. Ballard's Millenium People (thanks Lean, it's great!) outside on the balcony, when the Santa Ana winds whipped up suddenly, blowing hot and dry and laden with ash -- then the coyotes started howling.

It felt very much like the end of the world... freaky stuff.

Everything is covered in ash; the air smells of wood smoke; the sun is a minute cent-at-arm's-length red disc; everything is lit in a very odd reddish-orange tint. And the nearest fire is 30 or so miles away. I'd hate to see what they're like up close...

Somehow I missed all this in Australia... I hear Sydney was like this for a week over Christmas that year.

Some links:

LA Times map of where the wild fires are
Boing Boing links to various blogs on the subject
GET OFF THE FREEWAY YOU IDIOT! ;)

It’s the end of the world as we know it…

Published October 27, 2003

Wild fires are raging throughout Southern California.

It felt very much like the end of the world... freaky stuff.

Somehow I missed all this in Australia... I hear Sydney was like this for a week over Christmas that year.

Some links:

LA Times map of where the wild fires are
Boing Boing links to various blogs on the subject
GET OFF THE FREEWAY YOU IDIOT! ;)

Farting novelty dog bomb scare!

Published October 25, 2003

Funny: A novelty dog toy which breaks wind as it bends over has sparked a major security alert at a US airport.

'Mr Rogerson, 31, from Leeds, was grilled by FBI agents and looked on in amazement as they took a series of swabs from the replica animal's rear end.'

On the reliability of e-voting machines

Published October 23, 2003

Tech: Diebold tech support:

'I have been waiting for someone to give me an explanation as to why Precinct 216 gave Al Gore a minus 16022 when it was uploaded. Will someone please explain this so that I have the information to give the auditor instead of standing here "looking dumb".'

Wonderful.

Tribe.net

Published October 23, 2003

Networking: Tribe.net has a nifty feature over Friendster; you are encouraged to create 'tribes' for things, ideas, and places. Friendster, by contrast, discourages this.

Anyway, for the laugh, I've created a variety of tribes; Ireland , Dublin, and even a tribe for SpamAssassin. Let's see what happens...

Worst album covers ever

Published October 23, 2003

Funny: C sends along a few classic album covers taken from this site. Here's my favourites:

John
- Bult - Julie's Sixteenth Birthday : Certainly the most disturbing of the bunch...

There's plenty more...

Worst album covers ever

Published October 23, 2003

C sends along a few classic album covers taken from this site. Here's my favourites:

John
- Bult - Julie's Sixteenth Birthday : Certainly the most disturbing of the bunch...

There's plenty more...

God expresses displeasure at Mel Gibson’s Christ film

Published October 23, 2003

Movies: Lightning strikes Jesus on Gibson's Christ film set:

The incident, in which The Rock and The Count of Monte Cristo star Jim Caviezel did not sustain an injury, is the second bolt to hit the set of the movie in Italy. 'I'm about a hundred feet away from them,' producer Steve McEveety said, 'when I glance over and see lightning coming out of Caviezel's ears.'

Tentacle Porn has a long and illustrious history

Published October 23, 2003

Japan: The Guardian: Melbourne row over art 'porn':

'Police in Australia have investigated pornography claims against an art gallery which exhibited a painting drawn from a 19th-century woodcut by the Japanese artist Hokusai.
The painting, The Dream of the Fisherman's Wife, is by an Australian, David Laity, and is valued at £5,400. It is being shown in a Melbourne gallery. Like the 1814 original, it depicts a woman copulating with an octopus.

Katsushika Hokusai was an influential Japanese painter and woodcut designer in the 18th and 19th centuries -- more info and pictures here. (There's a great exhibition of his work on at the Chester Beatty Library in Dublin right now, which is where I caught it.)

He coined the term 'Manga' to describe a collection of sketches. Who knew he also came up with the totally bizarre 'tentacle porn' subgenre of anime?

E-Voting: ACT’s open-source e-voting system

Published October 22, 2003

Voting: I've pointed to this before, but I use taint.org partly as a searchable database of annotated bookmarks, so -- for reference -- here's the Australian Capital Territory's EVACS system, an entire, open-source e-voting system:

EVACS is the computer system that provides for electronic voting and electronic counting for ACT Legislative Assembly elections. It provides for counting according to the Hare-Clark electoral system rules set out in the Electoral Act 1992.
EVACS was written using Linux open source software to ensure appropriate transparency. A copy of the source code is available in a zip file (127 kb). The source code for the casual vacancy module is in a separate file (38 kb). For more information contact Software Improvements.

Still not perfect -- it uses electronic ballot stations, instead of paper ballots -- but it does support paper ballots. And it's open source; note the keyword above -- 'appropriate transparency'. They said it, not me ;)

Tentacle Porn has a long and illustrious history

Published October 22, 2003

The Guardian: Melbourne row over art 'porn':

'Police in Australia have investigated pornography claims against an art gallery which exhibited a painting drawn from a 19th-century woodcut by the Japanese artist Hokusai.

The painting, The Dream of the Fisherman's Wife, is by an Australian, David Laity, and is valued at £5,400. It is being shown in a Melbourne gallery. Like the 1814 original, it depicts a woman copulating with an octopus.

He coined the term 'Manga' to describe a collection of sketches. Who knew he also came up with the totally bizarre 'tentacle porn' subgenre of anime?

SF film tip: ‘The Revolution Will Not Be Televised’

Published October 22, 2003

Movies: Inhabitants of San Francisco! Or people nearby who fancy watching a great documentary! According to the SFGate.com Morning Fix, the Castro theater will be showing the amazing documentary The Revolution Will Not Be Televised between Oct 24-30.

I've blogged this before, but quick recap: it's an incredible movie documenting what happened in the Venezuelan Presidential Palace on April 11th 2002, when President Hugo Chavez was briefly deposed by a coup d'etat. It covers the entire period, and amazingly has pretty-much full access to everything that Chavez, his cabinet, and his loyal soldiers did and said. A sample:

'On the day of the coup, we only began realising what was actually going on when the state TV signal was cut. Up until then, people had been shot and there was a terrible sense of confusion, but still the reality of what was taking place hadn't exactly sunk in. Then later that night, the media started saying that Chavez had fled to Cuba and that he had resigned, when in fact he was in the palace -- and so were we. It became clear then that something very calculated and sinister was unfolding.'

Really, it's well worth watching. Due to its comments on the actions, and spin, of the current US administration, Harry Knowles reckons it'll never get a public release in the US outside a film festival (and I'd agree) -- so you're going to have to watch it in a lefty theater or nothing.

(BTW the website needs some work though -- it uses the horrible 'reinventing the scrollbar' DHTML trick, urgh.)

On ‘Intellectual Property’

Published October 22, 2003

Patents: One thing that gets pretty confusing when one investigates the whole patents/open-source/copyright protection field, is the nature of the term Intellectual Property.

What's called 'IP' consists of three parts: copyright, patents, and trademarks. This extract from Harvard's 'Intellectual Property in Cyberspace' series notes:

In the eighteenth century, lawyers and politicians were more likely to refer to patents and copyrights as 'monopolies' than they were to refer to them as forms of 'property.' ... Thomas Jefferson was the most prominent adherent of this view, but many others shared his attitude to varying degrees. ....
Another, more general manifestation of the same trend has been the growing power of the phrase 'intellectual property.' Before the Second World War, use of the phrase as shorthand for copyrights, patents, trademarks, and related entitlements was rare. Since that time, it has become steadily more common. n105 Today, it is the standard way for lawyers and law teachers to refer to the field.
Why does the popularity of the term matter? The answer ... is that legal discourse has power. Specifically, the use of the term 'property' to describe copyrights, patents, trademarks, etc. conveys the impression that they are fundamentally 'like' interests in land or tangible personal property -- and should be protected with the same generous panoply of remedies. ....
Regrettably, the pleas by Cohen and a few others that judges jettison the concept of 'property' and frankly confront the public policy implications of protecting certain kinds of information fell largely on deaf ears. The 'propertization' of the field continued -- and is now well-nigh complete.

It's common to read commentary by outsiders -- journalists especially -- who conflate all three forms of 'IP', and therefore assuming that all three should be considered as 'equal' to physical property. In other words, they fall into this trap.

In reality, a trademark should have much more protection than a patent; copyright over 'bits' is not the same thing as physical ownership of atoms; the concept of the public domain is a whole lot different between 'things' and 'bits'; there's a difference.

To this end, this disclaimer from the UN World Summit on the Information Society is very significant; they've recognised these issues.

This working group has come to recognize that the term 'intellectual property rights' carries bias and encourages simplistic overgeneralization. Therefore this working group does not carry the name IPR. In particular, this group does not endorse the legal school of thought, which advocates that productions of the mind shall be treated in a similar way as real estate property. This legal doctrine implicitly backs the concept that copyrights should last for ever.

Nice work! (thanks to Russell McOrmond and Seth Johnson for noting it.)

Meld for graphical merging

Published October 22, 2003

Software: Great LWN weekly edition last Friday; not only is there a very nice article about SpamAssassin, debunking the 'open spam filtering rules considered harmful' myth, but there's a great tool tip: Meld, a new graphical merging tool.

Basically, when you have two pieces of text, and want to merge them together into one, you need a merge tool. This is a tricky job; most people just get the tool to stick them all in one file, CVS-style, and try to figure it out visually. It's fraught with problems.

Hence the idea of using a GUI to ease the task. There have been other graphical merge tools before; I know of the proprietary one bundled with ClearCase, and tkdiff. However, both of these just aren't very good -- it's quite simply too hard to figure out exactly what direction which piece of text came from.

Looks like meld is a fantastic effort to fix this; take a look at the screenshots. The key is the approach they've taken of having a drawable area in the middle between the two differing texts; this is used for lines and graphical indications of what came from where. It really seems to work, from what I can see.

Dodgy computer games studies

Published October 21, 2003

Science: A lab rat writes up a report on his participation in two psychology studies on 'Video Game Violence' and 'Violence In the Media.'

Sadly, it seems clear that the video-game violence study will return biased results due to flawed test conditions.

Of the three games played, the most violent -- a first-person shooter -- was modified, either through incompetence or deliberate tweaking, to use frustrating control settings and a high level of difficulty; whereas the least violent -- a sim game -- was set up with all the defaults and automatic help enabled.

In my experience, frustration, in any task, has a direct correlation with anger levels. So a frustrating game, violent or not, will probably give more aggressive responses in a violence measurement -- hence the FPS game above will almost definitely be cited as 'inciting violent emotions'.

Bad scientists! No doctorate!

PS: hmm, I wonder if the paper will document the exact configuration
of the games?

Linux: Happy birthday, KDE! I love it. Most recent discovery: the excellent support for printing in KDE 3.1 using the kprinter GUI.

fantastic New Yorker article

Published October 21, 2003

Politics: The Stovepipe, by Seymour M. Hersh:

The notes said that Jafar was then asked, 'But this doesn't mean all W.M.D.? How can you be certain?' His answer was clear: 'I know all the scientists involved, and they chat. There is no W.M.D.'

fantastic New Yorker article

Published October 21, 2003

The Stovepipe, by Seymour M. Hersh:

The notes said that Jafar was then asked, 'But this doesn't mean all W.M.D.? How can you be certain?' His answer was clear: 'I know all the scientists involved, and they chat. There is no W.M.D.'

Control your life support via the Internet!

Published October 20, 2003

Security: Romania Emerges As Nexus of Cybercrime (AP). Contains this glorious nightmare scenario:

BUCHAREST, Romania - It was nearly 70 degrees below zero outside, but the e-mail on a computer at the South Pole Research Center sent a different kind of chill through the scientists inside.
'I've hacked into the server. Pay me off or I'll sell the station's data to another country and tell the world how vulnerable you are,' the message warned.
Proving it was no hoax, the message included scientific data showing the extortionist had roamed freely around the server, which controlled the 50 researchers' life-support systems.

One question: why was an internet-connected computer controlling the life support systems? eeek.

Control your life support via the Internet!

Published October 20, 2003

Romania Emerges As Nexus of Cybercrime (AP). Contains this glorious nightmare scenario:

BUCHAREST, Romania - It was nearly 70 degrees below zero outside, but the e-mail on a computer at the South Pole Research Center sent a different kind of chill through the scientists inside.

'I've hacked into the server. Pay me off or I'll sell the station's data to another country and tell the world how vulnerable you are,' the message warned.

Proving it was no hoax, the message included scientific data showing the extortionist had roamed freely around the server, which controlled the 50 researchers' life-support systems.

One question: why was an internet-connected computer controlling the life support systems? eeek.

Compare and Contrast

Published October 20, 2003

Politics: Eli Lilly wants it both ways. First off pro-free-market:

Not many U.S. companies would put 'maintenance of free market' at the top of their worry list, but the pharmaceutical industry has genuine reasons for concern.

But then, anti-free-market!:

Starting immediately, if a Canadian wholesaler tries to order more Lilly product than Lilly's estimate of what is appropriate for Canadian use, 'they will not be able to have it,' Smith said.

‘Don’t eat slugs’

Published October 20, 2003

Funny: The Medical Journal of Australia has issued a warning: Australians, don't eat slugs. 'The warning came after a Sydney student contracted a potentially deadly form of meningitis after eating a slug for a $20 bet.'

Secsed-up

Published October 20, 2003

Humour: Data::Secs2 -- canoncial string for nested data. A format for representing nested data structures in accordance with SEMI E5-94, Semiconductor Equipment Communications Standard 2 (SECS-II), apparently pronounced "'sex two' with gusto and a perverted smile."

The manual page goes on:

In order not to plagarize college students, credit must be given where credit is due. Tony Blair, when he was a college intern at Intel Fab 4, in London invented the SEMI SECS standards. When the Intel Fab 4 management discovered Tony's secsification of their host and equipment, they elected to have security to escort Tony out the door. This was Mr. Blair's introduction to elections which he leverage into being elected prime minister. In this new position he used the skills he learned at the Intel fab to secsify intelligence reports on Iraq's weopons of mass distruction.

'Secsed-up', surely!?

Using a Web of Trust to stop spam

Published October 20, 2003

Spam: Been thinking about a distributed 'web of trust' approach to fighting spam.

Kevin Burton conversing with Raph about a web-based trust metric.
Bram writes about using (non-distributed) trust metrics against spam. With code ;)
Trust Management on the WWW, by none other than Rohit Khare and Adam Rifkin!
Trust Networks on the Semantic Web, a paper.

Combine those with another key point -- that we do not need PKI, crypto, or any other changes to identify senders in current SMTP -- and it could be done today, I think.

Why we don't need crypto to identify an SMTP sender

Every email message delivered via SMTP across the internet will contain these headers:

the From line
one or more Received headers

Traditionally, whitelisting uses just the From line, which is vulnerable to spoofing. SpamAssassin used this up to version 2.3x. Spammers started spoofing mails where 'From' was the same as 'To', and since most people had themselves in the whitelist, that worked. boo.

In 2.3x or 2.4x, we added code to extract the IP addresses from the Received headers, and use a combined token -- ( from_address, ip_address ) -- as the sender's address.

(In fact, we use just the top 24 bits of each IP to deal with situations like DHCP or dialup pools, where a relay may get a different IP every now and again. That's close enough, at least.)

This is much harder to forge without doing a full-scale TCP spoofing attack; which is why the SpamAssassin auto-whitelist generally works well.

So basically, to identify someone strongly enough to provide a spam fix in plain old vanilla current SMTP, gen up a string containing their 'From' address, along with all the /24 masks of the IP addresses found in the 'Received' headers.

Remove your relays' IP addresses, and you have an unspoofable ID for that person's SMTP traffic. Any spammer who wants to spoof that, will have to compromise their mail server (or a server in the same /24). That's not cost-effective for spamming.

Note that whitelisting based on that is effectively what the SpamAssassin auto-whitelist does. But for that to be more useful than the AWL, it has to extend over the internet to those people your friends haven't corresponded with yet; ie. it's got to be distributed.

(If you would like to comment on this scheme, I'd prefer if you could post comments at this QuickTopic forum.)

Using a Web of Trust to stop spam

Published October 20, 2003

Been thinking about a distributed 'web of trust' approach to fighting spam.

Kevin Burton conversing with Raph about a web-based trust metric.
Bram writes about using (non-distributed) trust metrics against spam. With code ;)
Trust Management on the WWW, by none other than Rohit Khare and Adam Rifkin!
Trust Networks on the Semantic Web, a paper.

Combine those with another key point -- that we do not need PKI, crypto, or any other changes to identify senders in current SMTP -- and it could be done today, I think.

Why we don't need crypto to identify an SMTP sender

Every email message delivered via SMTP across the internet will contain these headers:

the From line
one or more Received headers

In 2.3x or 2.4x, we added code to extract the IP addresses from the Received headers, and use a combined token -- ( from_address, ip_address ) -- as the sender's address.

(In fact, we use just the top 24 bits of each IP to deal with situations like DHCP or dialup pools, where a relay may get a different IP every now and again. That's close enough, at least.)

This is much harder to forge without doing a full-scale TCP spoofing attack; which is why the SpamAssassin auto-whitelist generally works well.

(If you would like to comment on this scheme, I'd prefer if you could post comments at this QuickTopic forum.)

That Forbes Article

Published October 19, 2003

Open Source: Forbes: Linux's Hit Men.

The dispute, which was leaked to an Internet message board, offers a rare peek into the dark side of the free software movement--a view that contrasts with the movement's usual public image of happy software proles linking arms and singing the 'Internationale' while freely sharing the fruits of their code-writing labor.

(Here we go again -- the old 'free software is communism' line, cf. the 'Give Communism A Try!' / Nazi Penguin posters SCO made up earlier this year.)

The article goes on to bemoan how software companies who write proprietary extensions into GPL-licensed software, have to comply with the terms of the license.

It's all a bit of an obvious dig -- but I am looking forward to the follow-up article -- that's the one where the author bemoans how commercial software companies send out their 'enforcers' to extort money from companies who don't bother paying the royalties and runtime license fees their licenses require.

PS: Hmm, 'software prole' -- maybe I'll adopt that in the same way
Suresh has adopted 'lower-middle-class Unix sysadmin':

The other title came from a spammer who asked Ramasubramanian what she'd done that made him report her to her ISP.
'I gave her a standard set of links and information on why spam is bad, and took the time to explain all this to her. She then asked me what I did for a living. When I replied that I was a Unix administrator at an ISP, she blew up and said, 'I thought you were a successful businessman and marketer, but you are only a lower-middle-class Unix sysadmin. Don't you dare talk to me like this!!!''

Oh look, Suresh has a journal, too; I never realised. Cool.

SCO’s no-show invoices

Published October 19, 2003

SCOvLinux: GrokLaw: Groklaw's Open Letter Linked to SCO's Backing Off Invoicing.

'SCO Group Inc is backing-down from threats to invoice organizations running Linux while extending SGI's compliance deadline.
'A company spokesperson said yesterday SCO's plan to invoice organizations, on the basis that Linux illegally contains SCO code, had changed following what he claimed was success of its UnixWare licensing program. . . .
'Members of the open source community warned SCO last month in an open letter they would initiate civil action under anti-fraud and consumer protection statutes.'

My take: 'What? You mean extortion through fraudulent invoicing is illegal? Oops, call the mail room!'

BTW, anyone who hasn't read the GrokLaw Open Letter to SCO yet, really should. It's a great summary of all the many points where SCO is wrong.

MS on Choice

Published October 18, 2003

Music: This is great. Microsoft's general manager for the Windows Digital Media division, Dave Fester, on iTunes for Windows:

If you use Apple's music store along with ITunes, you don't have the ability of using the over 40 different Windows Media-compatible portable music devices. When I'm paying for music, I want to know that I have choices today and in the future.

Oh, the schadenfreude. (I wonder how many MP3-compatible portable music devices there are?)

AdvogatoDay

Published October 18, 2003

Tech: So, I just looked at NTK; it has a brief bit about Bram Cohen 'having solved content distribution, (announcing) he was now tackling other simple problems: reputation systems, version control and perhaps after lunch the NP-complete set.'

Hmm, interesting! Let's take a look at his diary -- and what do I find but a whole load of entries on using trust metrics against spam. Bugger. Looks like I have my weekend reading cut out for me.

Also notable: Advogato has added native RSS support, which makes this pretty pointless; and they've also added an XML-RPC interface. Expect to see taint.org entries getting copied up there soon, as a result. ;)

Uptown, Downtown and Midtown

Published October 17, 2003

Language: AussieInAmerica on {up,down,mid}town:

Something that is common here in Atlantic Canadian and northeast American small cities is to refer to the CBD (or city centre/downtown) as 'uptown', especially if coming to the city from its environs. BUT... once I am 'uptown' , I would then refer to my location as 'downtown'. In other words, 'uptown' is the city centre/ CBD only if you are not there yet. 'Uptown' becomes 'downtown' once you arrive there. AND, since many smaller cities have one main street that leads in and out, if you head out of 'downtown' up that street you are going 'uptown'. Follow? It works for us and I can't recall any confusion.
(Author:) Hmm, I'm glad you folk have got it sorted out! I am reminded of Grover's existential crisis on Sesame Street as he was coming to grips with 'here' and 'there'. Every time he pitter-pattered over to 'there', it turned into 'here'.

Great site. Some pretty good Strine, too -- 'Jeggoda Sinny?' really is a common query!

Spamcop and ‘Al-Quada’, sitting in a tree

Published October 17, 2003

Humour: The null device reports a spam entitled, 'julian haight funds terrorists b alqoswmw l lgng'.

Julian haight spamcops CEO is rumoured to have conections with Al-Quada, one of the most disruptive terrorist orginisations on earth. hes specialty is cyber terrorism. which disperses highly needed homeland security funds by rendering multi million dollar industrys unprofitable.
haights main motive is the perversion of American free enterprise.

Oh, the poor spammers! One comment quotes Samuel Johnson: 'patriotism is the last refuge of a scoundrel'.

Also present is some lovely pictures of Carlton, with trams, greenery, grey skies, and that distinctive turn-of-the-century Aussie architectural style. A couple of years ago, I lived just around the corner in North Melbourne; looking at those photos, it seems like I could just pop out the front door and walk through it all on the way down to the Vic market. They thoroughly evoke day-to-day just-outside-the-CBD Melbourne.

Spamcop and ‘Al-Quada’, sitting in a tree

Published October 17, 2003

The null device reports a spam entitled, 'julian haight funds terrorists b alqoswmw l lgng'.

Julian haight spamcops CEO is rumoured to have conections with Al-Quada, one of the most disruptive terrorist orginisations on earth. hes specialty is cyber terrorism. which disperses highly needed homeland security funds by rendering multi million dollar industrys unprofitable.

haights main motive is the perversion of American free enterprise.

Oh, the poor spammers! One comment quotes Samuel Johnson: 'patriotism is the last refuge of a scoundrel'.

iTunes adding indie tunes

Published October 17, 2003

Music: Indie Labels Debut At iTunes Music Store: 'I happened to notice a Thievery Corporation release from Eighteenth Street Lounge Music in the 'Just Added' section...doing some more exploring, I found releases from Matador (Interpol, Pizzicato Five) and Nettwerk (BT) as well.' (thx Karlin !)

Hmm -- that's good news for iTunes, but pretty bad news for EMusic. Those labels are all very well-represented on EM.

Wonder if I can run iTunes under Wine?

Recycling – Australia has it right

Published October 16, 2003

Environment: The Irish Times reports:

The State is facing a waste crisis that is threatening to bury the country, according to the Minister for the Environment, Mr Cullen. He said yesterday every person in this State was now producing 700 kg of household and commercial waste a year.
'That is three times more than they do in the Netherlands. If this continues, the figure will rise to two tonnes per person by 2015,' he said.
Landfills in six out of 10 regions in the country had less than three years capacity left, yet people were producing enough waste to cover every single town in Ireland. 'We have to change. Doing nothing is not an option,' Mr Cullen said.

Well, duh. So what have they done? They've setup a website, raceagainstwaste.com, with a page on recycling replete with techie details of how recycling works, then suggesting such gems as 'if they do not already run one, suggest to your local authority that it considers starting a plastics recycling scheme.'

Brilliant. I'm sure they'll listen. Nice delegation, Mr Cullen!

In the meantime, apparently 92.2% of the 'waste stream' is sent to landfills instead of recycling.

I'm not just knocking here -- the amazing thing about recycling is that it's been done right elsewhere. All this wheel-reinvention is totally superfluous. Here's the details on Victoria, Australia's kerbside recycling system; it's pretty simple.

Each household gets 1 large basin-type plastic tray thing, in which you can put washed, unsealed, recyclable plastic containers. You tie up bundles of recyclable paper into another pile when you leave out the rubbish. And finally, you get a wheelie bin for the rest; stuff that really is rubbish. The bin guys then keep the 3 types of rubbish separate when they pick it up.

Yes, it takes a little bit of time to wash the plastic containers and tie up the paper into bundles. But nobody minds; they're doing the right thing! It's a hell of a lot better than chucking the lot into a single container and hoping that some expensive machine at the far end can sort it all out again.

It's also better than the current Irish and US systems, where we're expected to bring certain kinds of trash to a centralized drop-off point ourselves. First off, this is very impractical unless you've got a car to do it in -- and sufficient motivation to do so; and secondly, the bulkiest rubbish -- packaging, paper and plastic -- is not included, just glass.

The Bin Tax

Published October 15, 2003

Over the past few months, Dublin has seen increasing resistance to newly-introduced rubbish-removal charges, or as they're being called, 'the bin tax'.

The charges are:

levied in addition to the 'local services' charges in income tax,
- which already cover rubbish removal.

The last point is key -- UK residents may be reminded of a similar flat-rate tax introduced by Thatcher in the 80's... and we all know how that ended.

The result is that a large number, 75% of the population in the affected areas, have taken the course of non-payment of the charges.

There's been lots of organised protest throughout Dublin, with constant picketing outside bin depots. Joe Higgins TD (a member of the Dail, the Irish parliament) and County Councillor Clare Daly have spent three weeks in jail so far, due to protesting on this issue.

Now, things are really starting to heat up -- reportedly, the bin workers are starting to support the campaign, refusing to cross protest lines and refusing to drive lorries from depots if protesters are present. In some depots, they have even joined the picketers!

It's not all good though -- yesterday, national news shocking footage (SMIL) of a protester being dragged for several hundred feet by a speeding van.

This one's getting interesting.

Snippets

Published October 15, 2003

Bits: BarbieOS, a cutdown version of Debian from Mattel. Really. 'BarbieOS 1.0 is the result of almost a year's worth of marketing research into what pre-adolescent girls want in a mobile Linux solution aimed at being a desktop replacement.' (via Ben)

Great site -- also has US.BLAST.D Worm Wreaks Havoc on US Post Office, Mail Delivery Halted ('Until a patch can be created by Microsoft and deployed by the MCSEs who maintain the nation's critical infrastructure, President Bush has urged all Americans to lock in a safe or a drawer all of their pens, pencils, stamps, white paper and envelopes so that they cannot be exploited by the virus and used to write out more copies of itself.'

-- and An Open Letter from RIAA President Hillary Rosen to Music Pirates Everywhere ('Currently an RIAA-backed online service known as Pressplay allows users to subscribe for $18.95 a month to a small library of popular works and listen to them via half-quality audio streams if they have broadband connections. Users may download 10 songs a month to burn to CDs if they wish. Pressplay exclusively supports the Windows Media Audio format, and therefore each song benefits from active scripting support, expiration dates, copy protection and proven Microsoft security. With embedded scripts, each song can also enhance the user experience by opening web pages featuring more music they might like to buy. After only 8 months online and a strategic partnership with AOL, Pressplay currently boasts more than 100 subscribers and is growing every day.')

Spam: Bayesian comment filter for Movable Type, nifty. Pity it's still using the Paul Graham method, which is not so hot. (thx Antoin!)

The Funniest Thing I’ve Read

Published October 15, 2003

Humour: Guardian Talk: The Barefoot Doctor, live online. This is the funniest thing I've read in months -- thanks Tom!

(Background: 'The Barefoot Doctor' is the 'healer' who writes for The Observer Magazine on 'wellbeing, alternative therapies and medicines and ways to cope with modern life'. Everything can apparently be healed through kidney massage and a few essential oils.)

Q: A case study, Mr Barefoot: my bus has crashed - I've got a compound fracture in my right leg, the bone is sticking out from under the skin and is wedged into the 'Used Tickets' receptacle, my skull has had a good old thump against the seat in front and is impersonating a boiled egg after the first thump with the teaspoon, and my ribs have been broken into bits like a packet of smokey bacon crisps someone has stood on.
What herbs and aromatic oils would you recommend?
Doc: you may jest - however, aromatic oils or potions can be extremely effective in speeding the healing process eg - manuka honey,lavender, marigold etc - thanks for bringing it up
Q: oooh good answer. yes i'm going out to buy some manuka honey right away. what do you do with it, is it nice on toast?
lavender, marigolds? is he opening a kitchen department?
Q: My unfortunate friend received a quite severe beating in the street a few days ago and has since been passing blood in his urine, in copius amounts.
Can recomend any effective massage oils for my friend? Its quite urgent because he's beginning to talk incoherently about bright lights, can't move and fainting.
Thank you, 3000
(... snip several hundred similar hilariously bitchy 'questions'... Barefoot Doctor disappears for a while...)
Q: Where is he? Maybe the Barefoot Cab Driver who learnt to drive by karmic chanting has driven into a tree -- or can't find first gear?

(BTW the real 'barefoot doctors' were a different kettle of fish entirely; 'part-peasant, part-doctor' commune-level health workers in revolutionary China.)

For Reference: Why Greylisting Sucks

Published October 15, 2003

Spam: I've been meaning to collate a page about why I don't like greylisting. My previous posting is relatively useful, but it needs an update, so here it is:

First off, every single message is delayed until a database match is found for the combination of sending IP, envelope-from and envelope-to. As Alan Leghart pointed out, 'So...we punish everyone in the world, and hope that a delay of one or more hours is considered 'acceptable'? Maybe some people already expect a mail to take several hours to reach a recipient. In that case, you need to fix your mail server.'

Secondly, large mailing lists that use VERP (generating keyed From addresses for each mail for good bounce-handling) will require manual whitelisting for each list, or each host.

Yahoo! Groups, for example,
uses VERP for all its lists, and also will not retry delivery if the first attempt fails.

There's even buggy SMTP servers that do not support retrying, believe it or not.

(Once again, as for many spamfilter designs, the unusual SMTP clients are the 'edge cases' that cause the most trouble.)

Manual whitelisting == work == what spam filtering is trying to reduce == bad.

Thirdly, and most seriously, it assumes spammers would never introduce retries into their spam-tools if it took off. Tempfailing, what this is based on, is effective right now because spamtools don't retry. But every proposed spam solution has to consider what would happen if every server admin in the world implements it, and spammers then want to subvert it.

For a spamtool to retry, it just needs to track 4xx responses, and if it encounters one, save these items of data:

From, To addrs and HELO string used
proxy IP used (btw proxies are almost never shut down successfully, so the spammer can generally assume this can be reused next time)
random seed used to generate random hashbuster tokens etc., so the body text matches

That's really not a lot of data -- 64 bytes per address that requires a retry. Then, an hour or more later, do the retry.

So, IMO, 'greylisting' will work fine in the short term, until it becomes reasonably common -- then the spamtool developers will start adding retry code.

Then we're back to square one -- except some legit mail takes much longer to get delivered, and the bandwidth wasted by spam has doubled, due to all those retrying spams. That's not really progress.

The Funniest Thing I’ve Read

Published October 15, 2003

Guardian Talk: The Barefoot Doctor, live online. This is the funniest thing I've read in months -- thanks Tom!

Q: A case study, Mr Barefoot: my bus has crashed - I've got a compound fracture in my right leg, the bone is sticking out from under the skin and is wedged into the 'Used Tickets' receptacle, my skull has had a good old thump against the seat in front and is impersonating a boiled egg after the first thump with the teaspoon, and my ribs have been broken into bits like a packet of smokey bacon crisps someone has stood on.

What herbs and aromatic oils would you recommend?

Doc: you may jest - however, aromatic oils or potions can be extremely effective in speeding the healing process eg - manuka honey,lavender, marigold etc - thanks for bringing it up

Q: oooh good answer. yes i'm going out to buy some manuka honey right away. what do you do with it, is it nice on toast?

lavender, marigolds? is he opening a kitchen department?

Q: My unfortunate friend received a quite severe beating in the street a few days ago and has since been passing blood in his urine, in copius amounts.

Can recomend any effective massage oils for my friend? Its quite urgent because he's beginning to talk incoherently about bright lights, can't move and fainting.

Thank you, 3000

(... snip several hundred similar hilariously bitchy 'questions'... Barefoot Doctor disappears for a while...)

Q: Where is he? Maybe the Barefoot Cab Driver who learnt to drive by karmic chanting has driven into a tree -- or can't find first gear?

(BTW the real 'barefoot doctors' were a different kettle of fish entirely; 'part-peasant, part-doctor' commune-level health workers in revolutionary China.)

For Reference: Why Greylisting Sucks

Published October 14, 2003

I've been meaning to collate a page about why I don't like greylisting. My previous posting is relatively useful, but it needs an update, so here it is:

Secondly, large mailing lists that use VERP (generating keyed From addresses for each mail for good bounce-handling) will require manual whitelisting for each list, or each host.

Yahoo! Groups, for example,
uses VERP for all its lists, and also will not retry delivery if the first attempt fails.

There's even buggy SMTP servers that do not support retrying, believe it or not.

(Once again, as for many spamfilter designs, the unusual SMTP clients are the 'edge cases' that cause the most trouble.)

Manual whitelisting == work == what spam filtering is trying to reduce == bad.

For a spamtool to retry, it just needs to track 4xx responses, and if it encounters one, save these items of data:

From, To addrs and HELO string used
proxy IP used (btw proxies are almost never shut down successfully, so the spammer can generally assume this can be reused next time)
random seed used to generate random hashbuster tokens etc., so the body text matches

That's really not a lot of data -- 64 bytes per address that requires a retry. Then, an hour or more later, do the retry.

So, IMO, 'greylisting' will work fine in the short term, until it becomes reasonably common -- then the spamtool developers will start adding retry code.

Then we're back to square one -- except some legit mail takes much longer to get delivered, and the bandwidth wasted by spam has doubled, due to all those retrying spams. That's not really progress.

KDE patch, and my cat

Published October 14, 2003

Linux: So, I like being able to move windows around using the keyboard very quickly. In particular, one nifty feature of Sawfish was corner.jl, a Sawfish lisp snippet which 'provides functions to move a window into a screen corner.'

Some background: my desktop layout is essentially divided into 4 corners (e.g. 4 xterms in a 'one in each corner' layout), or 2 sides (e.g. mail reader on the left, web browser on the right), depending on the size of the windows.

Using corner.jl, one could just throw the mouse into any part of a window's area, hit a key, and the window would move where you wanted it.

I've since moved to KDE, and missed that functionality. So a while back, I reimplemented it as a patch to kwin. Here it is, and bug 65338 is the KDE bug entry tracking it as a feature request.

Not much traction in persuading the KDE folks to apply it, but hey, that's open source for ya. The patch will always be around anyway ;)

Pets: My cat brings me presents.

Specifically, today he brought me a mouse's liver and left it on the doorstep. At least I think it's a mouse's liver; the scale seems right. No sign of the rest of the mouse, though...

This is with no less than 3 bells on his collar; I don't know how he does it, unless it's simply that the rodents round here are just not used to the concept of predation.

BTW, the mouse's liver wound up flushed down the toilet.

Getting Postfix to use an SSH tunnel for outgoing SMTP

Published October 14, 2003

Given all the fuss over blocking dynamic IPs due to spam, I've long sent outgoing SMTP via my server (which lives on a static IP). I download my mail from that using fetchmail over an SSH tunnel, and have done for a while. It's very reliable, and that way it really doesn't matter where I download from -- quite neat. Also means I don't have to futz with SMTP AUTH, IMAP/SSL, Certifying Authorities, or any of the other hand-configured complex PKI machinery required to use SSL for authentication.

However, I've been using plain old SMTP for outgoing traffic, by just poking a hole in the access db for the IP I'm on. A bit messy and generally not-nice.

So I decided to make it sensible and deliver using SMTP-in-an-SSH-tunnel. In the same SSH tunnel, in fact ;) With Postfix, it turned out very easy -- here's how to do it:

Add this option to the SSH commandline in the SSH tunneling script (I'm presuming you have one ;):

-L 8025:127.0.0.1:25

That'll port-forward port 25 on the remote system to port 8025 on localhost, so that if a connection is made to port 8025 on localhost, it'll talk to port 25 on the remote host. Std SSH tunneling there.

Now for Postfix -- add this to /etc/postfix/main.cf:

default_transport = smtp:localhost:8025

This means that Postfix will always use SMTP to localhost on port 8025 for any non-local deliveries.

Run service postfix reload (cough, Red Hat-ism) and that's it! A whole lot easier than I was expecting... Postfix rocks.

SPF again

Published October 13, 2003

Spam: Craig is publishing SPF records. Worth noting that I've been publishing SPF records for jmason.org for a month or two, even though the protocol hasn't even stabilised yet -- working on the 'if you build it, they will come' approach ;)

Anubis looks great; I've been meaning to hack up something like that. Nifty!

‘It will solve starvation among shareholders, but not the developing world’

Published October 13, 2003

Science: EU broadside at GM firms' 'lies' (Ananova):

'They tried to lie to people, they tried to force it upon people ... it is the wrong approach and we simply have not accepted that and European citizens have not accepted it. You simply cannot force it upon Europe.
'So I hope they have definitely learned a lesson from it and especially when they now try to argue that this will try to solve the problems of starvation in the world. After all, why didn't they start with such products, so they could prove to the world that this was exactly what they were interested in doing?
'It will solve starvation among shareholders, but not the developing world unfortunately.

That's the EU Environment Commissioner, Margot Wallstrom, launching a broadside against 'US biotech companies', accusing them of 'forcing' unsuitable GM technology onto Europe.

Ouch.

It's interesting to note that much of their biotech companies' tactics seem to work well in the US, but overseas, the tactics play out predominantly as blatant strong-arming, astroturfing support, and being 'economical with the truth', as the phrase goes.

Some rethinking of their strategy might be helpful -- although really, IMO, some thought as to how to make their products relevant to consumers, instead of money-spinning for their shareholders, might work best of all. Making some moves towards the much-vaunted 'solving starvation in the developing world' might just be the best way to that.

‘It will solve starvation among shareholders, but not the developing world’

Published October 13, 2003

EU broadside at GM firms' 'lies' (Ananova):

'They tried to lie to people, they tried to force it upon people ... it is the wrong approach and we simply have not accepted that and European citizens have not accepted it. You simply cannot force it upon Europe.

'So I hope they have definitely learned a lesson from it and especially when they now try to argue that this will try to solve the problems of starvation in the world. After all, why didn't they start with such products, so they could prove to the world that this was exactly what they were interested in doing?

'It will solve starvation among shareholders, but not the developing world unfortunately.

That's the EU Environment Commissioner, Margot Wallstrom, launching a broadside against 'US biotech companies', accusing them of 'forcing' unsuitable GM technology onto Europe.

Ouch.

Firing Automatic Weapons Upwards Considered Harmful

Published October 13, 2003

Humour: BBC: Serbia wedding guests 'down plane'.

Guests at a wedding in central Serbia have apparently shot down a small aircraft by mistake.
They were celebrating in the traditional way - firing off shot after shot into the air above the wedding party. Unfortunately, there was a two-seater aircraft flying overhead. One eye-witness told reporters the plane was shot in the left wing.

oops!

Spam: Spammers try fooling filters with digital signatures (ZDNet). oh look, they quote myself and Theo ;)

BitTorrent and Google’s IP

Published October 13, 2003

Tech: Sam Ruby on Foo Camp. Foo camp sounds cool; a little bit circle-jerky, but still interesting. But that's not what I wanted to write about -- the thing I wanted to mention was BitTorrent; it just struck me recently -- one key thing about BT that makes it great is that it's designed by the UNIX philosophy -- make one tool that does one thing very well, and make it pluggable, so it can be used by other things easily.

It doesn't have a GUI to search for torrents -- the user does that in their web browser, mail, by swapping notes on napkins, whatever. It just does P2P file transfer very very well -- and that's file transfer of some file or another, hence legality issues around P2P are side-stepped. BT is cool.

Patents: Cluetrain on patents:

Well, Google is (jm: going after patents). And the VCs are paying for it. Hell, some of them insist on it. That's what I gathered last night, while schmoozing at the opening evening at PC Forum. First, Larry Page, Google's founder and CEO, told me he hates patents and would rather not deal with them as an issue at all. Then Google board member and lead VC John Doerr surprised a small gaggle of patent skeptics (including Page, Dave Winer and myself) that he loved patents. Patents are one of the things that make America great, he said, and went on to insist that they encourage innovation, cure cancer, raise the dead, and bring peace in our time. (Or something like that. Whatever, he likes patents a lot). So don't expect Google to abandon their hunt for patent lawyers anytime soon.
Listening to John, I began to think one problem is that just caring about patents puts your mind inside the system, where it gets stuck to intellectual flypaper. Or worse, political flypaper.

Linux graffiti

Published October 10, 2003

Funny: some Linux graffiti from Norway -- a bit more accomplished than IBM's efforts, but still -- Linux?! (link via the ArcterJournal)

SMTP Sender Authentication

Published October 10, 2003

Spam: SMTP Sender Authentication, by David Jeske of Y! Groups (pointer from Jeremy.

Schemes similar to this -- calling back to a sending server to verify that a mail was really sent via that host -- have been proposed before in several venues, the most high-profile and public being the ASRG list. Here is a message I sent to that list in April 2003 discussing a few of those schemes:

J C Lawrence's 'forward chained digital signatures' on Received headers
William at elan.net's 'complex callback verification requirying full message tracking server functionality with dns extensions'
Russ Nelson's Q249
Our own 'porkhash'

I still like this style of system, I think, but in terms of deployability and simplicity, I'm supporting Sender-Permitted From for now -- which similarly forces senders to use registered relays for a given SPF-supporting domain, but using DNS as the protocol and IP addresses as the hard-to-forge identity component.

Another bonus of SPF is that it's simple, easy to implement, has *running code* out there now, and is being pushed strongly by a pragmatic and sane driving person (in the form of Meng Weng Wong). It's not always easy in the anti-spam field to find a solution like that ;)

BTW, SPF also, similarly, breaks envelope sender forging. However, I agree, this is one egg that has to be broken to help stop spam (or at least force spammers to use their own domains and IPs.)

SMTP Sender Authentication

Published October 10, 2003

SMTP Sender Authentication, by David Jeske of Y! Groups (pointer from Jeremy.

J C Lawrence's 'forward chained digital signatures' on Received headers
William at elan.net's 'complex callback verification requirying full message tracking server functionality with dns extensions'
Russ Nelson's Q249
Our own 'porkhash'

BTW, SPF also, similarly, breaks envelope sender forging. However, I agree, this is one egg that has to be broken to help stop spam (or at least force spammers to use their own domains and IPs.)

Jewish Superheroes

Published October 10, 2003

Odd: The Jewish Hero Corps, featuring Magen David, Menorah Man, Dreidel Maidel, Yarmulkah Youth, Hypergirl/Matza Woman, and several others. However, The Golem -- as seen in The Amazing Adventures of Kavalier & Clay -- is strangely absent.

Iraq: guerrilla tactics planned from the start?

Published October 10, 2003

Iraq: Parallels with Vietnam becoming ominous for US commanders (Irish Times, subscriber-only). An interesting view on the situation Iraq:

US commanders in Iraq now believe that during the invasion, lower-echelon Iraqi troops mounted a token defence against US armour and air power while thousands of Republican Guard members went to ground in order to wage a prolonged guerrilla war during the subsequent occupation.
As the current attacks evolve in sophistication and momentum, US troops believe that the current phase of the war is not an ad-hoc development, but part of a pre-planned strategy designed to frustrate US plans to rebuild Iraq.
Further indicators as to the source of the insurgency lie in the weaponry and tactics employed. US convoys and patrols are repeatedly attacked with IEDs configured as roadside bombs along with RPG strikes. ... It is believed that the plastic explosives and RPGs were released from military stores in the run-up to the invasion and pre-deployed among the population for a war of attrition.
Wounding rather than killing the enemy is a classic feature of this type of war of attrition. By wounding as many enemy troops as possible, the guerrilla army ties up the resources of the occupying force as it seeks to evacuate and treat its personnel.
The architects of the current attacks recognise that it is far more expensive for the US to medically evacuate and treat injured soldiers than to simply process them for burial. For the insurgents, the psychological effect of their attacks is greatly enhanced with families and politicians in the US confronted with mutilated and disfigured soldiers returning from Iraq.
It would appear that the war in Iraq did not end on May 1st. It simply entered a new phase designed to render Iraq ungovernable.

No 'US commanders' are named, so it's all off-the-record.

Humour: on a lighter note, BBC Radio 4's Loose Ends, recorded in the Spiegeltent in Dublin last weekend, featuring 'writers Anne Enright and John Arden, Desmond Guinness of the Irish Georgian Society, comedian Dara O'Briain, Chieftain Paddy Moloney and Loose Ends regular Emma Freud.'

Iraq: guerrilla tactics planned from the start?

Published October 10, 2003

Parallels with Vietnam becoming ominous for US commanders (Irish Times, subscriber-only). An interesting view on the situation Iraq:

US commanders in Iraq now believe that during the invasion, lower-echelon Iraqi troops mounted a token defence against US armour and air power while thousands of Republican Guard members went to ground in order to wage a prolonged guerrilla war during the subsequent occupation.

As the current attacks evolve in sophistication and momentum, US troops believe that the current phase of the war is not an ad-hoc development, but part of a pre-planned strategy designed to frustrate US plans to rebuild Iraq.

Further indicators as to the source of the insurgency lie in the weaponry and tactics employed. US convoys and patrols are repeatedly attacked with IEDs configured as roadside bombs along with RPG strikes. ... It is believed that the plastic explosives and RPGs were released from military stores in the run-up to the invasion and pre-deployed among the population for a war of attrition.

Wounding rather than killing the enemy is a classic feature of this type of war of attrition. By wounding as many enemy troops as possible, the guerrilla army ties up the resources of the occupying force as it seeks to evacuate and treat its personnel.

The architects of the current attacks recognise that it is far more expensive for the US to medically evacuate and treat injured soldiers than to simply process them for burial. For the insurgents, the psychological effect of their attacks is greatly enhanced with families and politicians in the US confronted with mutilated and disfigured soldiers returning from Iraq.

It would appear that the war in Iraq did not end on May 1st. It simply entered a new phase designed to render Iraq ungovernable.

No 'US commanders' are named, so it's all off-the-record.

Happiness measured

Published October 9, 2003

Science: Fantastic article in New Scientist volume 180 (4 Oct 2003), covering how science is beginning to identify the keys to a happy life, and perform studies measuring people's happiness.

That's a subscribers-only link unfortunately, but I'll excerpt a few choice snippets:

First off, money:

Can money buy happiness? The short answer is, yes - but it doesn't buy you very much. And once you can afford to feed, clothe and house yourself, each extra dollar makes less and less difference. ... In the past half-century, average income has skyrocketed in industrialised countries, yet happiness levels have remained static (see Graph). It seems absolute income doesn't make much difference once you have enough to meet your basic needs. Instead, the key seems to be whether you have more than your friends, neighbours and colleagues.

Looks:

First the bad news: good-looking people really are happier. When Diener got people to rate their own looks, both with and without make-up, there was a 'small but positive effect of physical attractiveness on subjective well-being'.

But don't compare your looks with what the media puts out:

In a new study, Laurie Mintz and her colleagues from the University of Missouri-Columbia found that women who saw advertisements featuring lithe and flawless young models for just one to three minutes rated their own bodies more negatively and showed an increase in depression. Mintz was alarmed how quickly the women's self-esteem was undermined. And she believes people are becoming more dissatisfied as new technology allows the media to create ever more unrealistic images.
Mintz recommends less drastic steps to contentment: avoid unrealistic media images; understand that such pictures are airbrushed and 'Photoshopped' to perfection; appreciate your body for what it does rather than how it looks.

Friends:

It is hard to imagine a more pitiful existence than life on the streets of Calcutta or in one of its slums, or making a living there as a prostitute. Yet despite the poverty and squalor they face, such people are much happier than you might imagine. 'We think social relationships are partly responsible,' says Diener.

And a global comparison:

The latest global analysis of how levels of satisfaction and happiness vary from country to country shows that the most 'satisfied' people tend to live in Latin America, Western Europe and North America. Eastern Europeans are the least satisfied.
... There is plenty more about national happiness levels that has researchers scratching their heads. One of the most significant observations is that in industrialised nations, average happiness has remained virtually static since the second world war, despite a considerable rise in average income (see Graphic). The exception is Denmark, where people have become more satisfied with life over the past 30 years - no one is quite sure why.

and the effects of consumerism:

A growing number of researchers are putting the static trend down to consumerism. Survey after survey has shown that the desire for material goods, which has increased hand in hand with average income, is a 'happiness suppressant'.
One study, by Tim Kasser at Knox College in Galesburg, Illinois, found that young adults who focus on money, image and fame tend to be more depressed, have less enthusiasm for life and suffer more physical symptoms such as headaches and sore throats than others (The High Price of Materialism, MIT Press, 2002). Kasser believes that people tend to embrace material values when they are feeling insecure (retail therapy, anyone?). 'Advertisements have become more sophisticated,' says Kasser. 'They try to tie their message to people's psychological needs. But it is a false link. It is toxic.'

Lots of good bits. Pity it's subscribers-only!

EMusic is dead

Published October 9, 2003

Music: All good things must come to an end. EMusic has been bought out by some bunch called 'Dimensional Associates', and will no longer offer its excellent download service; instead you're limited to a measly 40 MP3s per month. (For context -- last time I downloaded some listening material was on Monday, and I picked up about 80 MP3s in a single sitting.)

They've shut down their message boards; third-party discussion groups are filled with wailing and gnashing of teeth; and worst of all, I can't even download the remaining stuff on 'My Stash' (the downloads-to-do list) because they're overrun with rats deserting the sinking ship. (no reflection on the rats -- I'm one myself.) Either that, or they've just turned them off; which is annoying as I had lots of music lined up to download when I got a chance.

This is very bad news -- Apple's iTunes is full of crappy music, Mac-only, and DRM-crippled; Rhapsody is Windows-only and DRM-crippled; there's really no other legal MP3-download option.

I guess I'll just have to go back to buying 1 or 2 CDs every few months when I'm buying stuff from Amazon (which I do nowadays anyway, in addition to EMusic) and just listening to the radio in general instead.

Thanks anyway, EMusic, for introducing me, helping me get into, or helping me rebuild my collection of such great music as:

Ladytron
Lemon Jelly
Belle and Sebastian
TRS-80
Yo La Tengo
Pepe Deluxe
Layo And Bushwacka
Asian Dub Foundation
The Pixies
Stereolab
Johnny Cash
Future Sound of London
Freq Nasty
Matmos
Cornershop
Thievery Corporation
Cocteau Twins

It was great while it lasted.

Ah well, I guess I'll save a tenner a month, which I can put towards the GameFly subscription...

Spammer ‘Cloaking Devices’

Published October 9, 2003

Spam: Cloaking Device Made for Spammers (Wired).

'Try to find the real IP,' he said. 'This host is in rackshack.net, the most antispam ISP.' A traceroute to the site indicated that it was being hosted on a computer apparently using cable modem service from Comcast.

It's using DNS trickery and a set of reverse proxies. This is standard practice among a small number of the upper echelon of spammers these days.

Of course, many of the techniques used to do this -- such as the subversion of Wintel PCs on cable modem networks -- are highly illegal, so the spammer/crackers are heading deep into jail-time territory.

I'm really posting this because of this entry at Boing Boing, in which Cory notes: 'I'm pretty skeptical about the untraceability of these systems -- I suspect that rather, they are resistant to some tools, not resistant to others, and not hard to write new tools to uncover.'

They're untraceable from where we're standing -- these are compromised machines. The only way to trace from that machine onwards, is for the abuse staff of those machines' ISPs to help out, or to get hold of the machine itself. This is not so easy -- which is why the spammers do it.

(I would have posted this as a comment on BB!, but they've stopped accepting comments, as noted previously. grr)

Anyway. As time goes on, the development of Wintel spamware-installing worms, and hands-on cracking of Unix servers to install trojans (PDF), is becoming more and more common. There's definitely an increasing crossover between spammers, virus-writers and crackers, as the Wired News article notes.

This is very much illegal activity under existing computer crime laws, and much more serious than whatever the anti-spam legislation out there considers spamming to be. Maybe the big spammers are going increasingly 'all-out', given that the lawmakers are finally giving the anti-spam laws some teeth...

Whoops

Published October 9, 2003

Funny: So, I guess this is the Korean equivalent of Dublin's Mao restaurant? Hitler Bar. (thx Eoin)

USPTO ‘chime in’ with tips for EU’s patent laws

Published October 8, 2003

Patents: While I was reading LWN's excellent writeup on the results of the EuroParl patent vote, I came across this very worrying snippet:

Readers in the United States may be interested to know that the U.S. government has chimed in with opposition to article 6a, which states that patents can not be used to block interoperability.

Sure enough, it links to an FFII page noting

'the US' believes that conversion between patented file formats should generally not be allowed without a license, and therefore demands deletion of Art 6a.'

'the US' is in quotes because FFII reckon that evidence suggests that this is the US Mission's IPR representatives forwarding the text direct from the US Patent Office, since the USPTO is an agency of the Dept of Commerce.

.... 'It is part of a US Government 'Action Plan' to 'promote international harmonisation of substantive patent law' in order to 'strengthen the rights of American intellectual property holders by making it easier to obtain international protection for their inventions'. This plan has been promoted aggressively by top officials of the US Patent Office in international fora such as WIPO, WSIS and OECD as well as through bilateral negotiations.'

BTW, that is exactly the wording used in the USPTO's 21st Century Strategic Plan paper. FFII go on to comment on their letter, including this note:

'The US' is propagating conventional wisdom such as 'the more patents the more property, the more property the more innovation', which is in sharp contrast to consensus of all serious scholars of software economics, as expressed in numerous studies conducted in the USA and in reports by the US Academy of Sciences.
Moreover, 'the US' has been ignoring the voice of its own software industry, which is, as shown by last year's FTC hearings, characterised by 'continued animosity against software patents' and whose major players, including such companies as Adobe, Oracle and Autodesk, all opposed software patentability at the USPTO hearing of 1994. The same USPTO which is ghostwriting this paper in the name of 'the US' today proceded to legalise program claims shortly after the 1994 hearing, thereby completely ignoring the voice of the US software industry.

One comment on the LWN story notes: 'as the United States is seeking to rewrite European law to their
agenda, what steps can European Citizens take to help turn the USPTO agenda around into something approaching the spirit of the US Constitution and those who wrote it?'

A good question.

Mekong Naga fireballs

Published October 8, 2003

Odd: Naga fireballs: Timing still a mystery for scientists (Bangkok Post):

Methane and phosphine, a mix of phosphorus and hydrogen, were found in waterways near the Mekong. These gaseous substances were believed to cause the fiery balls, researchers said, though they were not sure exactly how or why they occur. Plant and animal remains release methane as they break down which probably combines with chemical fertiliser, containing phosphorus nutrient, used on farms in the area, to cause the fireballs. The soil in the riverbed is rich with the element.
However, the occurrence of crimson balls also required energy and microbes, which researchers cannot explain.
Mr Saksit called inexplicable aspects of the display a miraculous event while Mr Pinit predicted the study would cause him more headaches. He still did not know why the fireballs tended to emerge only on the full moon night of the 11th lunar month every year.

Laos to 'cash in' on Naga fireballs (The Nation):

Authorities from Vientiane Municipality's Pak Ngum district and the Lao National Authority have prepared sites along the banks of the Mekong River and its tributary, the Nam Ngum, for tourists to view the fireballs rising from the currents tomorrow night, an official said yesterday.
Pak Ngum, where the Nam Ngum river meets the Mekong, is located some 50 kilometres south of the Laotian capital and opposite Nong Khai's Phon Pisai district. Although it has no hotels, residents are willing to provide home stays for tourists, said an official at the Pak Ngum district office.

Spam: CNET removes anti-spam software 'made by spammers' (The Reg). oops!

iTrike — the World’s First Solar-Powered Internet Rickshaw

Published October 8, 2003

Green: iTrike: the World's First* Solar-Powered Internet Rickshaw, from wireless.psand.net. Psand.net have done a great job in the past mucking about with wireless at green events in the UK from what I can see -- I think I've even blogged about 'em -- but they've outdone themselves this time. Cool!

PS: mmm, proper cider... yum.

Diebold voting machines, DMCA, Michael Moore

Published October 7, 2003

e-Voting: Wired has an absolutely mind-numbing list of issues with the security of Diebold voting machine procedures, including passwords printed in manuals which the staff can take home, that same password being reused for multiple systems including the on-site machines at polling stations, tamper-resistance measures being omitted, poll supervisors hired without background checks, bicycle locks being used to secure voting machines, one shared key used to 'secure' the memory cards, etc.

'The election process is mainly based on trust,' Ginnold said. 'We trust that poll workers are not going to be tampering with them.'

It's simply insane to replace a known-good voting system (even if it's just First-Past-the-Post instead of Proportional Representation, but that's another issue) with a quick hack like this, IMO.

Please vote anyway, if you're a CA citizen. And not for the fondling meathead, naturally.

DMCA: EFF: Unintended Consequences: Five Years under the DMCA. An incredible list of cases where the DMCA was used unfairly to restrict competition, research, or fair use, some of which I didn't even know about. For example, I didn't realise that the International Information Hiding Workshop Conference will no longer hold conferences on US soil after Professor Ed Felten was threatened over their SDMI paper.

Politics: Michael Moore on how to talk to your conservative brother-in-law. MM may play to the gallery now and again, but sometimes, he's a genius:

Paying workers more money makes you money!
Dear brother-in-law, when you don't pay people enough for them to take care of life's essentials, it ends up costing you and everybody else a lot of money. When you pay your employees more money, what do you think they do with it? Invest it in stocks? Hoard it in offshore accounts? No! They spend it! And what do they spend it on? The stuff you make and sell! If you pay people squat, or lay them off, they can't buy your stuff. They become a drain on the economy; some turn to crime, and when they turn to crime, it's your Mercedes they want, not some junker Oldsmobile in their poor neighbour's driveway.

Science: IgNobel prize winners 2003, including a prize for the nation of Liechtenstein for renting out the entire country for 'corporate conventions, weddings, bar mitzvahs, and other gatherings'.

Idyllwild and Language Trivia

Published October 6, 2003

Life: so myself and C took a one-night-only trip up to Idyllwild this weekend, hiking up to that rock formation and camping overnight. Great fun.

The rock is called 'Suicide Rock'. It's good to see morbid naming is international, but I should note that the prize for best placenames has to go to Victoria, Australia's Mount Buggery, though.

(I drove past Mt. Buggery last year, and, disappointingly, it seems they've renamed it on the official maps. But the other 'I can't believe we're still crossing this bloody mountain range and haven't made it to Melbourne yet' placenames still exist.)

Language: Riverbend blog notes interesting trivia in passing: Winnie the Pooh, in Arabic, is 'Winnie Dabdoob'.

Open Source: GROKLAW on the WSIS fiasco earlier this summer. Briefly, the WSIS -- the World Summit on the Information Society -- came out with a position pro-open-source, and quite a few large companies seemed to say 'eek!' and promptly lobbied as hard as they could to give that line a vasectomy.

Interestingly, they did the same to the spam-related positions, cutting 'a number of proposals, including prosecution of spammers' down to a watery 'take appropriate action on spam at national and international levels'. Snore. Fantastic work, guys.

Weblogs: When did Boing Boing stop taking comments? (looks) seems to be around about this entry of Sep 10. As far as I can see, this is the last comments page.

Shame -- I'm with Jeremy on this one.

Dublin: is this entry, by London's 3W the real winner of the competition to design the new U2 studio in Dublin's Sir John Rogerson's Quay?

when big contracts go bad

Published October 3, 2003

Software: A big-contract software dev horror story from the University of Cambridge. KPMG and Oracle come out of it with a lot of egg on their face. (found on Simon Cozens' blog).

Lee Maguire notes an interesting artifact on the W3C site: 'BenoÃ®t BÃ©zaire'. This is encoded UTF-8 -- which was then turned into HTML entities! Oops...

Booting Linux

Published October 3, 2003

Linux: so it seems one of the GNOME guys wants to rewrite the rc.d boot script system in Python. Eek!

Games: Someone has broken into Valve Software's network and stolen the source code for Half-Life 2 -- shacknews:

1) Starting around 9/11 of this year, someone other than me was accessing my email account. This has been determined by looking at traffic on our email server versus my travel schedule.
2) Shortly afterwards my machine started acting weird (right-clicking on executables would crash explorer). I was unable to find a virus or trojan on my machine, I reformatted my hard drive, and reinstalled.
3) For the next week, there appears to have been suspicious activity on my webmail account.
4) Around 9/19 someone made a copy of the HL-2 source tree.
5) At some point, keystroke recorders got installed on several machines at Valve. Our speculation is that these were done via a buffer overflow in Outlook's preview pane. This recorder is apparently a customized version of RemoteAnywhere created to infect Valve (at least it hasn't been seen anywhere else, and isn't detected by normal virus scanning tools).

Insanely bad news for Valve. :(

Florida State Government Spammed Me!

Published October 2, 2003

Spam: Well, this is just incredible. I've just been spammed by a .gov domain -- myfloridahousemail.gov.

The irony of my first .gov spam coming from Florida is inescapable.

The message came from an IP address registered to State of Florida/Dept. of Management Services, bldg 4050 esplanade way suite 115d, Tallahassee, FL 32399-0950 US. That address looks genuine. It really does look like it came from the Florida House of Representatives.

And it was sent to a spamtrap which is on a few spammer address lists, but has never been a genuine user address. And, obviously, I don't live in Florida ;)

Read the spam here.

Another bad USPTO software patent

Published October 2, 2003

Patents: MS patents 'phone-home' failure reporting.

There's a catch, in that it's not just plain old 'phone home', as seen in probably a hundred products since 1960 -- they've added a 'match the reported error messages against a db of known issues on the server side' step. So that's vaguely inventive -- well, no, it's totally obvious, but at least nobody I can think of off the top of my head has done that before. (Well, I lie, it sounds a bit like KDE's crash reporting tool which does a similar search before reporting a bug.)

The notable comment, though, is
this:

There is a significant institutional culture issue that has a strong influence on how the Office functions that took root several decades ago and has, regretfully, increased, monotonically, over time. The management attitude, in a nutshell, is that patents aren't 'examined', they are 'processed'. The examination process is driven by production 'goals'; to be rated in the key rating category of 'Production Goal Achievement' as 'fully successful' you must have at least 95%; less than that you are marginal; less then 90% you are 'unsatisfactory', meaning your entire rating is 'unsatisfactory' meaning a '90 day letter' to get it 'fully successful' else you are fired. Also there are other time related requirements to meet, such as no amended application pending more than two months without an action. Persons get fired (yes, this does happen) almost always for low production or exceeding time limits for actions, almost never for improperly allowing claims.

Great.

Tech: It seems it's stunningly easy to rip off GPRS customers. Another well-designed system I don't think.

Another bad USPTO software patent

Published October 2, 2003

MS patents 'phone-home' failure reporting.

The notable comment, though, is
this:

There is a significant institutional culture issue that has a strong influence on how the Office functions that took root several decades ago and has, regretfully, increased, monotonically, over time. The management attitude, in a nutshell, is that patents aren't 'examined', they are 'processed'. The examination process is driven by production 'goals'; to be rated in the key rating category of 'Production Goal Achievement' as 'fully successful' you must have at least 95%; less than that you are marginal; less then 90% you are 'unsatisfactory', meaning your entire rating is 'unsatisfactory' meaning a '90 day letter' to get it 'fully successful' else you are fired. Also there are other time related requirements to meet, such as no amended application pending more than two months without an action. Persons get fired (yes, this does happen) almost always for low production or exceeding time limits for actions, almost never for improperly allowing claims.

Great.

Tech: It seems it's stunningly easy to rip off GPRS customers. Another well-designed system I don't think.

Shark Sandwich

Published October 2, 2003

Comedy: some Spinal Tap snippets:

a review of a live performance, noting the demise of the band's own Web-based music downloading service, Tapster -- David St. Hubbins is quoted saying 'they shut down Tapster out of force of habit.'
Derek Smalls notes regarding Tapster, 'It has to start with saying, 'look we're worried about being ripped off', so we started TAPSTER ourselves...so we're ripping ourselves off. If a problem comes up, we'll sue ourselves and we'll pocket the difference.' (guess this was before the aforementioned shutdown.)
The A-Z of Spinal Tap: 'For U2's Popmart tour, the show's designer Willie Williams and the band decided the group should emerge from a giant lemon.' ... 'The Edge comes down from the stairs, and to start his guitar he has to kick a switch on his foot-pedal. Well, he ended up on his hands and knees, feeling around for the pedal. Later he said to me, 'There I was at the debut, the premiere opening night, and this voice came into my head: I'm Derek Smalls.''
So, as mentioned in the movie, Nigel and David grew up in Squatney, East London. But did you know that Derek Smalls grew up in Nilford -- 'a 'very small, very wretched, very dire little place' on the River Null, near Wolverhampton. Also known as Nilford-on-Null.'

Daytime Fireballs

Published October 1, 2003

Astronomy: APOD: A Daytime Fireball Over South Wales. Great picture
of a fireball disintegrating in the daytime sky.

I saw a similar daytime fireball streak through the sky when I was in Fraser Island in Australia last year; a little bit smaller than this one, mind you ;) Unfortunately, I didn't get a picture in time. Very cool though!

Daytime Fireballs

Published October 1, 2003

APOD: A Daytime Fireball Over South Wales. Great picture
of a fireball disintegrating in the daytime sky.

Spammers Now Relaying via SMTP AUTH

Published October 1, 2003

Spam: A nasty new development -- spammers are now exploiting closed relays to send spam, by brute-force attacking their SMTP AUTH interfaces. SMTP AUTH is a system used to allow legitimate mail server users to send outgoing mail securely, by authenticating them first. ( sample documentation here.)

This ROKSO file indicates one spammer's modus operandi:

These relays were abused using SMTP AUTH. That is, the spammer supplied a valid username/password pair to the server, was authenticated, and therefore granted permission to send mail anywhere. Such attacks are therefore successful only when weak passwords are used. This spamhaus constantly scans the net to find abusable servers to use in subsequent spam runs. All brands of servers (sendmail, exchange, mdaemon, rockcliffe, etc) are equally targeted, as long as they support SMTP AUTH. The attacker tries several username/password pairs - such as with 'admin/admin' - following a certain pattern and hoping to find a combination that lets him in.
An analysis done in july 2003 has shown that a total of 276 combinations are attempted (of course new ones can have been added in the meanwhile): Usernames: webmaster, admin, root, test, master, web, www, administrator, backup, server, data, abc each with the following passwords: username, username12, username123, 1, 111, 123, 1234, 12345, 123456, 1234567, 12345678, 654321, 54321, 00000000, 88888888, admin, root, pass, passwd, password, super, !@#$%^&* as well as with a blank password.
MDaemon users beware! The account creation tool of recent versions of MDaemon defaults the password to the account name. If the default is accepted, the account will be open to be exploited by this spamhaus.

Incredible. There's no way at the SMTP/IP level to tell that this relay was compromised; blacklisting will definitely cause collateral damage in response; so content analysis is pretty much necessary, as far as I can see.

And in another worrying development: it turns out that the latest Outlook worm, W32.Swen, doesn't bother trying to randomly generate usernames etc. or send via SMTP directly. Instead, it asks the user for their username, password and SMTP server!

Spammers Now Relaying via SMTP AUTH

Published October 1, 2003

A nasty new development -- spammers are now exploiting closed relays to send spam, by brute-force attacking their SMTP AUTH interfaces. SMTP AUTH is a system used to allow legitimate mail server users to send outgoing mail securely, by authenticating them first. ( sample documentation here.)

This ROKSO file indicates one spammer's modus operandi:

These relays were abused using SMTP AUTH. That is, the spammer supplied a valid username/password pair to the server, was authenticated, and therefore granted permission to send mail anywhere. Such attacks are therefore successful only when weak passwords are used. This spamhaus constantly scans the net to find abusable servers to use in subsequent spam runs. All brands of servers (sendmail, exchange, mdaemon, rockcliffe, etc) are equally targeted, as long as they support SMTP AUTH. The attacker tries several username/password pairs - such as with 'admin/admin' - following a certain pattern and hoping to find a combination that lets him in.

An analysis done in july 2003 has shown that a total of 276 combinations are attempted (of course new ones can have been added in the meanwhile): Usernames: webmaster, admin, root, test, master, web, www, administrator, backup, server, data, abc each with the following passwords: username, username12, username123, 1, 111, 123, 1234, 12345, 123456, 1234567, 12345678, 654321, 54321, 00000000, 88888888, admin, root, pass, passwd, password, super, !@#$%^&* as well as with a blank password.

MDaemon users beware! The account creation tool of recent versions of MDaemon defaults the password to the account name. If the default is accepted, the account will be open to be exploited by this spamhaus.

Sterling on bad tech

Published September 30, 2003

Bruce Sterling: 10 Technologies That Deserve to Die. I can't disagree with any of these, really -- except for manned spaceflight -- I'm not giving up on that one dammit! ;)

Very informative details of what happened with the NY power failure, from an insider at one of the nuke plants supplying power.

Hooray -- my new Gamecube's arrived!

Quicksilver

Published September 30, 2003

Neal Stephenson's new book upends geek chic -- Paul Boutin, Slate. Three thousand pages?! Yeesh.

find-hidden-word-text – read hidden text in Word docs

Published September 29, 2003

find-hidden-word-text - a command-line UNIX tool to ease the task of discovering hidden text in MS Word documents.

More specifically, it is an implementation of Method 2 from Simon Byers' paper, Scalable Exploitation of, and Responses to Information Leakage Through Hidden Data in Published Documents.

In other words, it'll display just the hidden text (if any exists) in Word docs. Go forth and discover accidental leaks!

Art-Market, ArtPrice, Servergroup, Groupe Serveur etc. spamhaus

Published September 29, 2003

So a few months ago, I setup a cookie-producing mailto honeypot page at foojlist.php.

Well, I just got the first bite -- and it's a live one. It's our old friends at artprice.com. They're a French spamhaus, operating from Saint-Romain-au-Mont-d'Or, France, and reports claim that it's all the work of one guy -- Thierry Ehrmann.

There's lots of reports in USENET, and here's their SBL listing, noting 'extremely intense french spam source.'

This posting to NANAE notes that Colt France are not responding to complaints about them, either -- but notes that 'in France collecting e-mail addresses with the intention to send commercial mails without permission of the holders can be punished by law (article 226-18 of the Code Pe'nal - up to 5 years of prison or 300.000 euro)'. Interesting!

Full details of the spam, and the access_log entries from their web-scraper's accesses, are attached.

Here's the spam:

Received: from mail1.artmarket.com (mail1.artmarket.com [194.242.43.183])
by dogma.slashnull.org (8.11.6/8.11.6) wixh ESMTP id h8SLJZV12710
for < ( email addr deleted ) @fooj.jmason.org>; Sun, 28 Sep 2003 22:19:35 +0100
Date: Sun, 28 Sep 2003 22:19:35 +0100
Message-Id: (spam-protected)
From: A  R  T (spam-protected)
To: < ( email addr deleted ) @fooj.jmason.org>
Subject: [adv] 1700 - 2003  Story of the Art Market
MIME-Version: 1.0
Content-Type: text/html;    charset=iso-8859-1
Content-Transfer-Encoding: 8bit
<HTML><HEAD>
<TITLE>Artists search engine by Artprice TM - copyright Artprice.com</TITLE>
<META http-equiv=''Content-Type'' content=''text/html; charset=iso-8859-1''>
<META name=''UNSUB'' content=''<!--26398522_1-->''>
<META name=''ROBOTS'' content=''NOINDEX''>
</HEAD>
<BODY bgcolor=''#FFFFFF'' text=''#000000''>
<TABLE cellspacing=''0'' cellpadding=''0'' align=''center'' border=''0''>
<TR> 
<TD><IMG src="''http://web.artprice.com/img/affil.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/search.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/fs.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD><A" href="''http://www.artistbiography.com/''><IMG" src="'http://web.artprice.com/img/bio.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/sig.gif''></TD>
<TD><A" href="''http://web.artprice.com''><IMG" src="'http://web.artprice.com/img/Home.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/G.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><A" href="''http://web.artprice.com''><IMG" src="'http://web.artprice.com/img/Home.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/sig.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/fs.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>A</B></TD>
<TD><IMG src="''http://web.artprice.com/img/map.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>R</B></TD>
<TD><IMG src="''http://web.artprice.com/img/HelpBlack.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/search.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/AMI/AMInsight.gif''></TD>
</TR>
<TR>" 
<TD><IMG src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD><A" href="''http://web.artprice.com/corporate/EN/Visite/pages/nb.htm''><IMG" src="'http://web.artprice.com/img/HelpBlack.gif'" border=''0''></A></TD>
<TD align=''center'' bgcolor=''#FF0000''><B>T</B></TD>
<TD><IMG src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/today.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/E.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/F.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>P</B></TD>
<TD><IMG src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/search.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/F.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/G.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Home.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/today.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/D.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/F.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/sig.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/A.gif''></TD>
</TR>
<TR>" 
<TD><IMG src="''http://web.artprice.com/img/Mediums/B.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/D.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/G.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/H.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>R</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Account.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>I</B></TD>
<TD><IMG src="''http://web.artprice.com/img/contact.gif''></TD>
<TD><A" href="''http://web.artprice.com/corporate/EN/Visite/pages/3818.htm''><IMG" src="'http://web.artprice.com/img/HelpBlack.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/today.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>C</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/L.gif''></TD>
</TR>
<TR>" 
<TD><IMG src="''http://web.artprice.com/img/Mediums/D.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>E</B></TD>
<TD><IMG src="''http://web.artprice.com/img/map.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>C</B></TD>
<TD align=''center'' bgcolor=''#FF0000''><B>O</B></TD>
<TD align=''center'' bgcolor=''#FF0000''><B>M</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/G.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Home.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/search.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/sig.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Home.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/fs.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/contact.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/contact.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/H.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Account.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/search.gif''></TD>
</TR>
<TR>" 
<TD><IMG src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/B.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/bio.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Account.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/today.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/affil.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Account.gif''></TD>
<TD><A" href="''http://www.artprice.net''><IMG" src="'http://web.artprice.com/img/map.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/B.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/L.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/F.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/bio.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/B.gif''></TD>
<TD" align=''center''><A href="''http://www.art-online.com''> </A></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Home.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
</TR>
<TR>" 
<TD><IMG src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/F.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/fs.gif''></TD>
<TD><A" href="''http://www.americanartists.com/''><IMG" src="'http://web.artprice.com/img/bio.gif'" border=''0''></A></TD>
<TD align=''center'' bgcolor=''#000000''><B><FONT color=''#FF0000''>A</FONT></B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/B.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Home.gif''></TD>
<TD><A" href="''http://web.artprice.com/corporate/EN/Visite/pages/arch02.htm''><IMG" src="'http://web.artprice.com/img/HelpBlack.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/affil.gif''></TD>
<TD" align=''center''><B><FONT color=''#FF0000''>R</FONT></B></TD>
<TD><IMG src="''http://web.artprice.com/img/sig.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Account.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD" align=''center''><B><FONT color=''#FF0000''>T</FONT></B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/affil.gif''></TD>
<TD><A" href="''http://web.artprice.com/corporate/EN/Visite/pages/3834.htm''><IMG" src="'http://web.artprice.com/img/HelpBlack.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/H.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/search.gif''></TD>
</TR>
<TR>" 
<TD><IMG src="''http://web.artprice.com/img/bio.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B><FONT color=''#000000''>M</FONT></B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/fs.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
<TD" align=''center''><B>A</B></TD>
<TD><IMG src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
<TD" align=''center''><B>R</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/B.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/F.gif''></TD>
<TD" align=''center''><B>K</B></TD>
<TD><IMG src="''http://web.artprice.com/img/ps.gif''></TD>
<TD><A" href="''http://www.artprice.de''><IMG" src="'http://web.artprice.com/img/Home.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD" align=''center''><B>E</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/B.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
<TD" align=''center''><B>T</B></TD>
<TD><A href="''http://web.artprice.com/corporate/EN/Visite/pages/jb02.htm''><IMG" src="'http://web.artprice.com/img/HelpBlack.gif'" border=''0''></A></TD>
</TR>
<TR> 
<TD><IMG src="''http://web.artprice.com/img/contact.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/G.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/contact.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/affil.gif''></TD>
<TD" align=''center''><B>C</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/D.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/sig.gif''></TD>
<TD><A" href="''http://www.13thcenturyart.com/''><IMG" src="'http://web.artprice.com/img/HelpBlack.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Home.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/E.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/affil.gif''></TD>
<TD" align=''center''><B>O</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Account.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/D.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD" align=''center''><B>M</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/bio.gif''></TD>
</TR>
</TABLE>
<BR><BR><BR>
<TABLE" border=''0'' bgcolor=''#FFFFFF'' align=''center''><TR>
<FORM method=get action=''http://web.artprice.com/en/artistsearch.aspx''><TD>
<A href="''http://web.artprice.com''>
<IMG" src="'http://web.artprice.com/Img/B/artprice_140.gif'" align=''absmiddle'' border=''0'' alt=''artprice''></A> 
<INPUT type=text name=searcharti size=39>
<INPUT type=submit value=''OK'' style=''CURSOR: hand''>
<INPUT type=hidden name=l value=en>
</TD>
</FORM>
</TR></TABLE>
<CENTER>
<FONT size=''1'' face=''Arial''>
THE WORLD LEADER IN ART MARKET INFORMATION - WELT-LEADER IN KUNSTMARKT-INFOS
<BR>LEADER MONDIAL DE L'INFORMATION SUR LE MARCHE 
DE L'ART</FONT>
</CENTER>
<BR><BR><BR>
<BR><BR><BR>
<BR><BR><BR>
<BR><BR><BR>
<BR><BR><BR>
<BR><BR><BR>
<BR><BR><BR>
<TABLE cellspacing=''3'' background=''http://web.artprice.com/Img/B/pixBl.gif''>
<TR> 
<TD> <FONT face=''Arial'' size=''1''>
<b>To remove</b> your email: (spam-protected)
please click below:<br><a 
href="'http://list.artaddiction.com/?m=(email_address_hidden)%40fooj.jmason.org'>
(spam-protected)
</a><br>
In" case the above link does not work you can go to<br>
http://list.artaddiction.com/<br>
or reply to this message as it is.<br>
Please allow us 72 H for your e-mail to be removed.<br>Thank you for your co-operation. </FONT></TD>
<TD><FONT face=''Arial'' size=''1''>
<b>Pour désinscrire</b> votre email : (spam-protected)
cliquez ci-dessous :<br><a 
(spam-protected)
Si le lien ci-dessus ne fonctionne pas, vous pouvez aller sur :<br>
http://list.artaddiction.com/
<br>ou répondez svp à ce message sans en modifier le contenu.<br>
Votre désinscription sera effective dans les 72 H.<br>Merci de votre coopération. </FONT></TD>
</TR><TR><TD colspan=''2''><FONT size=''1'' face=''Arial''>En conformité avec la loi 
78-17 du 6/1/78 (CNIL), vous pouvez demander à ne plus figurer sur notre 
fichier de routage.<BR>
<IMG src="'http://web.artprice.com/img/LogoArtp_90.jpg'" border=''0'' align=''absmiddle''>IX 
:28<BR>
</FONT><FONT face=''Arial, Helvetica, sans-serif'' size=''1''>Artprice.com - Domaine 
de la Source BP 69 - F-69270 St Romain au Mont D'or - RCS : 411 309 198</FONT></TD>
</TR></TABLE></BODY></HTML>

And, after decoding the address it was sent to, here's the access_log entries the address was scraped with:

194.242.43.13 - - [26/Sep/2003:21:09:34 +0100] ''GET /foojlist.php HTTP/1.0'' 200 4066 ''-'' ''Art-Online.com 0.9(Beta)''

That's one line from their scraping run, during which they scraped every single page on spamassassin.taint.org, including tar and zip archives, CGI scripts, everything -- making 534 requests between 21:07:31 and 21:16:49.

The Google File System

Published September 28, 2003

Boing Boing links to a paper on the design of the Google Filesystem, Google's in-house redundant-array-of-inexpensive-PCs cluster filesystem.

It's very, very nice -- and full of interesting tidbits about Google's architecture.

'the system must efficiently implement well-defined semantics for
- multiple clients that concurrently append to the same file. Our files are often used as producer- consumer queues or for many-way merging. Hundreds of producers, running one per machine, will concurrently append to a file. Atomicity with minimal synchronization overhead is essential. The file may be read later, or a consumer may be reading through the file simultaneously.'
'The workloads also have many large, sequential writes that append data to files. Typical operation sizes are similar to those for reads. Once written, files are seldom modified again. Small writes at arbitrary positions in a file are supported but do not have to be effcient.'

A perfect example of traditional UNIX system design!

You Might Be An Anti-Spam Kook If…

Published September 27, 2003

You Might Be An Anti-Spam Kook If... -- very funny list from Vernon Schryver, concerning the many Final Ultimate Solutions to the Spam Problem (FUSSP) (link via Raph).

Raph says he, too, has a FUSSP, but says 'I realize that using a trust metric to defeat spam, while probably effective, won't be easy.' Nevertheless, I'd be interested in hearing it, for one. Go on Raph, write it up! ;)

Funny: Whisky boss 'amazed' by spy interest: 'The boss of a tiny Scottish distillery says he is amazed to learn that US spies have been monitoring his whisky plant for weapons of mass destruction.'