(Things I found interesting recently.)
‘It’s the Latency, Stupid!’, a fantastic article explaining why latency is sometimes more important than simple bandwidth.
This was found via Karl Jeacle’s comments on eircom’s DSL, which are very illuminating in themselves — although probably not too interesting for non-Irish folks ;). But the relevant part is the explanation of why they enabled interleaving on eircom’s DSL network (summary: to get more reach, as far as I can see).
Interesting story of how Inktomi replicated knowledge across multiple, separated geographical offices, while doing it in an efficient, cross-platform, reliable and accessible way: first of all, they use TWiki, and second, it’s set up as a DistributedTWiki.
I found a load of snaps from my Casio Watch Camera that I hadn’t uploaded yet. I’d uploaded them, but forgot to add them to CVS ;) Here’s a nice one — a ca. 19th century hygrometer made in the Mason family’s opticians shop in Essex Bridge, Dublin, found in the museum at Collins Barracks:
U.N. Orders Wonka To Submit To Chocolate Factory Inspections:
UNITED NATIONS — Responding to pressure from the international community, the U.N. ordered enigmatic candy maker William ‘Willy’ Wonka to submit to chocolate-factory inspections Monday. ‘For years, Wonka has hidden the ominous doings of his research and development facility from the outside world,’ U.N. Secretary General Kofi Annan said. ‘Given the reports of child disappearances, technological advances in glass-elevator transport, and Wonka-run Oompa-Loompa forced-labor camps, the time has come to put an end to three decades of secrecy in the Wonka Empire.’
a memorable mistranslation found in a guesthouse at Annapurna Base Camp :
Help! I’m being underclocked! ;) Perhaps that explained the shortness of breath and dizziness…
(I did some scanning of the hundreds of photos from last year’s trip about a month ago, but haven’t had a chance to fix ’em all up yet. And I’m not uploading anything until I get to CA and some decent bandwidth.)
Craig’s now blogging! Great stuff. He’s on the blogroll.
A funny letter from New Scientist regarding the use of monkeys to collect specimens in the field, which was pioneered by John Corner in Singapore.
The botanist noticed that local fruit-pickers trained monkeys to collect fruit, and reasoned that a monkey could similarly be trained to collect flowers, leaves and nuts for his own work. The result was the collection of hundreds of otherwise inaccessible specimens — and this gem:
Travelling with mule and monkey on a narrow path in the uplands, he spied a new and unrecognised flower on a liana hanging from the path, down a near-vertical cliff face too steep for him to climb down. So he instructed the monkey to descend and collect the flower. But the monkey just looked at him questioningly with its head on one side.
‘Go down!’ repeated the eminent botanist. At which the monkey gave an eloquent shrug, took hold of the liana and pulled it up hand over hand to collect the flower. No human being, said Corner, had ever, before or since, made him feel so much of a fool.
Boing Boing notes that the SQL Slammer worm ’caused service outages at tens of thousands of Bank of America ATMs and wreaked havoc at Continental Airlines. Apparently, customers at most of the #3 American bank’s 13,000 automatic teller machines were unable to process transactions for a period of time.’
Does anyone else find it very scary to contemplate an ATM network connected to the internet, with a sufficiently open set of firewalls that a semi-documented Microsoftish SQL protocol can traverse as far as the ATM servers? Sure, it probably took a few hops, compromising a couple of SQL servers along the way, but each of the firewalls in question must have had that MS-SQL port open for those servers. Yikes.
Someone should teach those guys about network compartmentalization for security; something like an ATM network, where security is hugely essential, should never have a direct IP-based connection to the internet, no matter how many firewalls and gateways are in place.
Spam: NACS: Spam Detection. Great, Catherine’s new email system at UCI uses SpamAssassin. Nothing like getting bug reports from your SO ;)
On the other side, though, they’ve written an excellent set of pages on how to detect and act on the SpamAssassin markup in various MUAs.
it looks like the the latest internet worm is making the rounds, and this one’s a biggie. It’s been dubbed ‘SQLSlammer’, since it hammers on the Microsoft SQL ports, attempting to exploit yet another commonly-unpatched 7-month-old MS vulnerability. The best bit: it uses UDP broadcasts to do this, so the traffic load is massive compared to previous worms, so there’s lots and lots of backbone hosage as a result. Coverage:
Quick fix: update those router filters to deny all traffic, both UDP and TCP, on port 1434. (you shouldn’t need to update the firewall filters of course, because nobody’s stupid enough to allow access to open-internet MS SQL traffic, right? ;)
Hooray! finally ditched those ‘orrible tables. Thanks to glish.com’s CSS layout techniques guide for some nifty cut and paste action.
Kim Jong Il Unfolds Into Giant Robot (Onion). Met up with Paddy Benson last night for a few drinks, and he let me into the secret that The Onion is, once again, officially funny:
‘If we add Kim Jong Il’s transformation into a giant robot to his already defiant isolationist stance and his country’s known nuclear capability, the diplomatic terrain definitely becomes more rocky,’ U.S. envoy James Kelly said. ‘Kim has made it clear that, if sufficiently threatened, he will not hesitate to use nuclear weapons or his arm-mounted HyperBazooka.’
‘We are also forced to consider the possibility that Kim may attempt to robo-meld with other members of the Axis of Evil, forming a MegaMecha-Optima-Robosoldier. Kim would make a powerful right arm — or even a torso — for such a mechanism.’
Wotcher Paddy!
Matt Blaze has posted a very neat exploit against ‘weaknesses in most master-keyed lock systems, such as those used by offices, schools, and businesses as well as by some residential facilities (particularly apartment complexes, dormitories, and condominiums). These weaknesses allow anyone with access to the key to a single lock to create easily the master key that opens every lock in the entire system. Creating such a key requires no special skill, leaves behind no evidence, and does not require engaging in recognizably suspicious behavior. The only materials required are a metal file and a small number of blank keys, which are often easy to obtain.’
‘The vulnerability was discovered by applying the techniques of cryptanalysis, ordinarily used to break secret codes, to the analysis of mechanical lock design.’
Paper here.
Eircom have halved the price of their DSL offering to 54 euros (including VAT). It still has a cap at 4Gb. Still, getting there. I wonder what the competition will do…
Daphne Oram, one of the pioneers of electronic music, has died. (BBC)
Almost un-noticed by the wider world, one of the pioneers of electronic music has died. Without Daphne Oram, we may never had known what the Tardis sounded like. Electronic music – as much a part of today’s life as whistling a tune to yourself – grew up amid milk bottles, gravel, keys, and yards of magnetic tape and wires. These were the sort of tools typically scattered around the BBC’s Radiophonic Workshop in the 1950s and 60s, when they were used to generate wonderful and ethereal sounds for the airwaves. The mother of this great legacy was Daphne Oram. Aged 18, and armed with a passionate interest in sound, music and electronics, she started work at the BBC in 1943 as a sound engineer.
Another good trip report, from ‘babbage’ at perl.org.
Again, and interestingly, quite a few folks agreed with one of SA’s core tenets; no single approach (stats, RBLs, rules, distributed hashes) can filter effectively on its own, as spammers will soon figure out a way to subvert that technique. However, if you combine several techniques, they cannot all be subverted at once, so your effectiveness in the face of active attacks is much better.
Also interesting to note how everyone working with learning-based approaches commented on how hard it was to persuade ‘normal people’ to keep a corpus. Let’s hope SA’s auto-training will work well enough to avoid that problem.
in passing — babbage noted the old canard about Hotmail selling their user database to spammers. That must really piss the Hotmail folks off ;) I think it’s much more likely that, with Moore’s Law and the modern internet, a dictionary attack *will* find your account eventually.
Good tip on the legal angle from John Praed of The Internet Law Group: if a spam misuses the name of a trademarked product like ‘Viagra’, get a copy to Pfizer pronto. Trademark holders have a particular desire to follow up on infringements like this, as an undefended trademark loses its TM status otherwise.
David Berlind, ZDNet executive editor: ‘They don’t want to be involved (in developing an SMTPng)’. He might say that, but I bet their folks working on sending out their bulk-mailed email newsletters might disagree ;). Legit bulk mail senders have to be involved for it to work, and they will want to be involved, too.
Brightmail have a patent on spam honeypots? Must take a look for this sometime.
the plural of ‘corpus’ is ‘corpora’ ;)
Great report, overall.
It’s interesting to see that Infoworld notes that reps from AOL, Yahoo! and MS were all present.
Since the conf, Paul Graham has a new paper up about ‘Better Bayesian Filtering’, and lists some new tokenization techniques he’s using:
keep dollar signs, exclamation and most punctuation intact (we do that!)
prepend header names to header-mined tokens (us too!)
case is preserved (ditto!)
keep ‘degenerate’ tokens; ‘Subject:FREE!!!’ degenerates to ‘Subject:free’, to ‘FREE!!!’, and ‘free’. (ditto! well, partly. We use degeneration of tokens, but we keep the degenerate tokens in a separate, prefixed namespace from the non-degenerate ones, as he contemplates in footnote 7. It’s worth noting that case-sensitivity didn’t work well compared to the database bloat it produced; each token needs to be duplicated into the case-insensitive namespace, but that doubled the database size, and the hit-rate didn’t go up nearly enough to make it worthwhile.)
Most of these were also discovered and verified experimentally by SpamBayes, too, BTW.
When we were working on SpamAssassin‘s Bayesian-ish implementation, we took a scientific approach, and used suggestions from the SpamBayes folks and from the SpamAssassin community on tokenizer and stats-combining techniques. We then tested these experimentally on a test corpus, and posted the results. In almost all cases, our results matched up with the SpamBayes folks’ results, which is very nice, in a scientific sense.
(PS: update on the Fly UI story — ‘apis’ is not French, it’s Latin. oops! Thanks Craig…)
Kaitlin Duck Sherwood writes a trip report. Good tidbits:
many big players in the mail-sending side want to see an SMTPng; a new protocol which is spam-resistant.
Jon Praed of the Internet Law Group said that ‘better spam filters make his job easier: the more contortions that a spammer goes through to make sure that the messages go through, the easier it is to convince a judge that the spammer knew it was wrong.’ Excellent!
Andrew McGlinchey writes about a Fly UI: ‘I have seen one of the finest instances of user interface design ever, and I saw it in the men’s room at Schipol airport in Amsterdam. In each of the urinals, there is a little printed blue fly. It looks a lot like a real fly, but it’s definitely iconic – you’re not supposed to believe it’s a real fly. It’s printed near the drain, and slightly to the left.’
I’ve heard of this one before, and yes, it is an aiming-improvement UI. It started in France around the turn of the century, if I recall correctly. One important fact: it’s not a fly — it’s a bee. You see, it’s also a visual pun — the french for ‘bee’ is ‘apis’, geddit?
(I’d have commented on the blog, itself, but it’s one of those ‘create an account to comment’ places — too much trouble!)
He’s also spot-on about why tea is big in Ireland: ‘The climate is cool, grey and damp. Steady doses of warm drink with a nice gentle caffeine push really keeps you going.’ Hey, works in the Himalayas too ;)
BoingBoing, back in December, forwarded this snippet: ‘A report issued by UK-based Infrastructure Forum (‘TIF’) says spam-savvy thieves are using info from ‘out of office’ email autoresponders and cross-referencing it with publicly available personal data to target empty homes.’
Criminals are buying huge lists of email addresses over the internet and sending mass-mailings in the hope of receiving ‘out of office’ auto-responses from workers away on holiday.
By cross-reference such replies with publicly available information from online directories such as 192.com or bt.com, the burglars can often discover the name, address and telephone number of the person on holiday. Tif is advising users to warn their staff to be careful of the information they put in their ‘out of office’ messages.
“You wouldn’t go on holiday with a note pinned to your door saying who you were, how long you were away for and when you were coming back, so why would you put this in an email?” said David Roberts, chief executive at Tif. (via VNUNet)
My take on this? Bullshit.
I mean, how many house burglars (a) have the know-how to set up a fast internet connection, get hold of an addresses CD, and send a spam; and then (b) how often does a Reply-To address on a spam stay active once it’s sent — assuming it ever worked in the first place — before the ISP whacks their account? I would guess 6 hours at the most, and most spam runs wouldn’t even be halfway through by that stage (from what I hear).
Self-promoting bullshit of the highest order I reckon.
Steppe by Step (Guardian). “I started wondering if (the ‘six degrees of separation’ theory) was true today. … So 35 years on from the original experiment, I decided to test out the urban myth on a world stage: how many steps would it really take to get to someone on the other side of the planet?”
The London-based “city girl” author, Lucy Leveugle, makes it in 9 steps (hey, the world has expanded!) to Purev-Ochir Gungaa, a nomadic herdsman in the middle of the steppes of Outer Mongolia. Amazing.
308 referrer hits from www.xxxstoryarchive.com, 282 from amateur-porn.us, 282 from nude-lesbians.us, etc. Somehow I doubt it. All the hits are 404s, looking for e.g.
nn.nn.nn.nn – – [12/Jan/2003:18:52:13 +0000] GET /pics54754-96 HTTP/1.1 404 284 http://www.celebrity-nude-pics.com/ “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)”
Hits from hosts at AT&T WorldNet Services and an SBC PPPoX pool. They’re all MSIE 6 on Windows, and it’s been going on for a month or so.
Theory: sounds like MSIE’s download-to-‘view’-offline functionality has bugs; when it hits a 404, maybe it requeues that request but then sends it to entirely the wrong IP.
Alternative theory: it’s a pathetically underpowered DDoS. ouch!
Anyone else seen this?
Who knew relocating with a cat could be so tricky? Well, actually, I did. He hates travel. I’m considering just putting him in a crate and handing him off to a courier to do it.
Paul Graham’s Spam Conference seems to be doing great; they’ve moved to a bigger room, and are expecting 480 (!!) attendees.
I still can’t make it due to all this movage, but thankfully there’s a few SpamAssassin folks going, so we’ll still be able to snarf some good tricks with any luck.
In other news, the public mass-check submission run for SpamAssassin 2.50 is about to start; with the new with-bayes and with-net-tests dimensions in the matrix, it’s going to be the biggest run yet. Should be fun.
the blogs near me. This will, of course, change once I get to the US ;)
Frequent drinking cuts heart attack risk (New Scientist). ‘ Half an alcoholic drink every other day, be it wine, whisky or beer, can reduce the risk of heart attacks by a third, a new study shows. The 12-year study published in The New England Journal of Medicine found that the frequency of drinking was the key to lowering the risk of heart disease, rather than the amount, the type of alcohol, or whether or not it was drunk with food.’
Well, looks like it’s been announced; McAfee and NAI are buying Deersoft. I wish I could comment properly, but I’m in mid-packing right now and things are a total hectic mess :(
New Scientist: Turing tests filter spam email. “Simple tests designed to distinguish computers from humans are increasingly being used to clamp down on unsolicited, or ‘spam’, email advertising.”
The article notes that Yahoo! has imposed such a test to block automated account-signup-then-spam bots. (Thankfully — that might discourage some of the more automated 419 spammers.)
Sorry ’bout the lack of blogging — very busy ’round here, what with a new SpamAssassin release in the pipeline and a move to the US in the offing…
This morning (we living lately in the garret,) I rose, put on my suit with great skirts, having not lately worn any other, clothes but them. Went to Mr. Gunning’s chapel at Exeter House, where he made a very good sermon.
Anyway, still recovering from the holidays. Hope you all had a good one..
Yahoo!: Deadline Passes for European Digital Copyright Law. ‘A deadline for adopting a new EU law on copyright protection has passed with just two member countries signing up, dealing a blow to media and software companies beset by unauthorized duplication of their works across the Internet.’ The two countries are Greece and Denmark, which is odd, considering I thought Ireland had do so too.
Other actors in the private sector, such as Internet service providers, have weighed in heavily on the issue, opposing laws that could ultimately hurt consumer rights.
Yay ISPs!
BBC: An Irish republican song, A Nation Once Again, has been voted the world’s top tune according to a BBC World Service poll. ‘Following a late surge in votes, the Irish sing along crossed the finishing line ahead of a patriotic Hindi song, Vande Mataram.’
‘The poll had to deal with people trying to influence the vote through fan sites and spamming.’ No shit. The funniest thing about this poll was the way it suddenly stopped being about ‘the world’s top 10 tunes’ and suddenly became ‘how many ‘net users can each country mobilize to vote for a patriotic song’.
Still, I’m impressed the clicky fingers of the Irish net population (pop. 6 million) managed to beat those of India (pop. 1 billion)!
Guardian: DrugScope, the drug charity, says that an ‘intensive media campaign against the drug ecstasy has led to an increase in cocaine use among young people’. whoops.
‘Studies show the reason they no longer use ecstasy is because of the scare stories,’ said a spokesman for the charity. ‘They haven’t seen similar stories about cocaine and their belief is that cocaine is the safer drug. The reality is that cocaine, especially crack cocaine, is a much more harmful drug – it kills more people each year and more people have dependency on it.’
They also add a few UL-busting facts:
DrugScope’s guide argues that there are no recorded examples of heroin ever being cut with ground glass … no drug is instantly addictive and that addiction generally takes several months to develop … physical withdrawal from heroin is like a bad bout of flu, not a near-death experience.
Aaron’s trip to CA comes to a end in a big bang of serious meeting-up.
I read his blog using the rss2mail mail-based news aggregator he wrote (I live in e-mail, especially while I’m still on the wrong side of dialup), and I think this is the most homepage-link-laden blog entry I’ve ever read. 45 links, count ’em! Wow, I hope he can keep all those name-to-face mappings clear ;)
In other news: it seems that football (proper football, played with feet, ie. soccer) is bad for you: the World Cup penalty shoot-out caused a surge in heart attacks for England fans (New Scientist). Ban Football Now!
Son of Star Wars leaves drivers stranded (Guardian). Interesting collision between military and civvie radio technology.
The upgrading of the security and surveillance systems at (RAF Fylingdales base in Yorkshire, which is planned to be used as a UK base for new US ‘Star Wars’ projects) … is knocking out the electrical systems of expensive cars. … High power radar pulses trigger the immobilising devices of many makes of cars and motorcycles – BMW, Mercedes and Jeep among them. Many have had to be towed out of range of the base before they can be restarted.
Wing Commander Chris Knapman, of RAF Fylingdales, said it was not up to the base to resolve the problem. ‘We have had the frequencies we use for a very long time,’ he said. ‘They are allocated to commercial, military and government users, and the allocation is very tightly controlled. As far as we are concerned, the radars are working on frequencies which are well known, and most car manufacturers take that into account.’
A spokesman for Jeep said: ‘The problem is that the government gives manufacturers such a narrow band to operate in – so the radio wave (sic) we use for our key fob is severely restricted.’
AOL patents instant messaging (/.). ‘Specifically, any technology that provides ‘a network that allows multiple users to see when other users are present and then to communicate with them’ is covered.’
The CNet story which /. references points out that the patent was filed in 1997 — but that’s still 6 years after I wrote a similar perl script on the Maths Department UNIX machines in TCD. There’s a myriad of similar apps, of the same vintage, too.
The thing I find amazing is this, however — the AOL patent actually
cites prior art in its References section, namely the
xhtalk README file, dated 1992. There’s nothing different between
xhtalk and AOL Instant Messenger apart from the protocol and the look
and feel, and those aren’t key to the patent.
The US patent office really needs to start reading the patent applications before granting them.
ho ho, looks like Saddam Hussein also benefited from Crypto AG’s NSA back door ;)
Danny reports “the always excellent c’t magazine analyses the hypotheticals of the Dutch IP-surveillance scandal:
According to anonymous sources within the Dutch intelligence community, all tapping equipment of the Dutch intelligence services and half the tapping equipment of the national police force, is insecure and is leaking information to Israel. …”
Yikes. You’d think they’d have learnt from Ireland’s mistakes…. this article (update: moved to here) reports that massive back-door use by a third-party government occurred before in similar circumstances, during the Anglo-Irish negotiations of 1985.
For those of you who don’t know, these discussions were between the Republic of Ireland and the UK, and took place in London.
In order to allow the negotiating team to contact their government and civil service securely, a million-pound cryptographic system had been bought in order to secure the link between the Irish Embassy in London and the government in Dublin.
Unfortunately, this equipment was thoroughly compromised.
It turns out that the Swiss company from which the equipment was bought, namely Crypto AG, had cooperated with the NSA and the BND (the NSA’s German equivalent), to allow them to decipher the traffic trivially. (Judging from the snippet from another article below, sounds like this was done using a known-plaintext attack).
The NSA routinely monitored and deciphered the Irish diplomatic messages. All it took then was for the UK’s NSA equivalent, GCHQ, to pull some strings, and the UK government had a distinct advantage in the negotiations from then on.
Another source for details on Crypto AG’s breakage is Der Spiegel, issue 36/96, pages 206-207. Here’s some snippets:
The secret man (sic) have obviously a great interest to direct the trading of encryption devices into ordered tracks. … A former employee of Crypto AG reported that he had to coordinate his developments with “people from Bad Godesberg”. This was the residence of the “central office for encryption affairs” of the BND, and the service instructed Crypto AG what algorithms to use to create the codes.
Members of the American secret service National Security Agency (NSA) also visited the Crypto AG often. The memorandum of the secret workshop of the Crypto AG in August 1975 on the occasion of the demonstration of a new prototype of an encryption device mentions as a participant the cryptographer of the NSA, Nora Mackebee. …
Depending on the projected usage area the manipulation on the cryptographic devices were more or less subtle, said Polzer. Some buyers only got simplified code technology according to the motto “for these customers that is sufficient, they don’t not need such a good stuff.”
In more delicate cases the specialists reached deeper into the cryptographic trick box: The machines prepared in this way enriched the encrypted text with “auxiliary informations” that allowed all who knew this addition to reconstruct the original key. The result was the same: What looked like inpenetrateable secret code to the users of the Crypto-machines, who acted in good faith, was readable with not more than a finger exercise for the informed listener.
So what’s the bottom line? Use GPG! ;)
thanks to blogs, wifi and the web, bullshitting a keynote at a conference isn’t quite as easy to pull off as it used to be! From Dan Gillmor’s keynote at Supernova, via BoingBoing:
At PCForum, Joe Nacchio, the CEO of Qwest was on-stage, doing a Q and A. Joe was whining about how hard it is to run a phone company these days. Dan (Gillmor) blogged, “Joe’s whining.” A few moments later, he got an email from someone who wasn’t at the conference, someone in Florida, with a link to a page that showed that Joe took $300MM out of the company and has another $4MM to go — gutting the company as he goes.
Esther Dyson described this as the turning point. The mood turned ugly. The room was full of people reading the blog and everyone stopped being willing to cut Joe any slack.
Check out The World’s Top Ten — Nationalist Marching Songs, that is, as far as I can see — featuring:
Vande Mataram and Rakkamma Kaiya Thattu (India)
Dil Dil Pakistan (guess where)
A Nation Once Again (Ireland)
India’s winning.
Just in case they get cleaned out as vote-rigging, here’s what it looks like right now:
more geek politics: A first-hand account of Day One of the Johansen trial in Norway, from Politech. I really hope this goes well.
from Slashdot: Cisco patents ‘Intrusion detection signature analysis using regular expressions and logical operators’.
That is so, so sad. Filed January 15, 1999. There’s got to be a stack of prior art.
A google search throws up this trivial example first off —
the use of snoop | egrep 'PATTERN1|PATTERN2|PATTERN3'. More
searching reveals Lance
Spitzner’s page on Intrusion Detection for Checkpoint FW-1, which
looks like it was originally written in 1997. The alert.sh script
there uses grep(1) plentifully.
