Vint Cerf interviewed on spam, malware etc. : pretty much the EFF party line, I think: “every man for himself”. also talks about net neutrality
(tags: vint-cerf internet filtering spam malware abuse network-neutrality anti-spam eff)video of a fake e-Passport being accepted by airport security reader : an e-Passport for “Elvis Aaron Presley”, no less, happily scanned by an Amsterdam passport security station. hahahaha!
(tags: elvis funny security e-passports video via:slashdot rfid)Facebook adds Ireland as a Friend : ‘Dublin will be the centre for Facebook’s international operations and will provide a range of online technical, sales and operations support to Facebook’s users and customers across EMEA region.’ good news
(tags: facebook dublin ireland web2.0 emea)RFC-5321 (Obsoletes: 2821) : The newest rev to the Simple Mail Transfer Protocol (via fanf)
(tags: rfcs rfc-2821 standards internet smtp email rfc-5321)RFC-5322 (Obsoletes: 2822) : the newest rev to the Internet Message Format for email (via fanf)
(tags: via:fanf rfc rfc-2822 rfc-5322 standards email internet)
Justin's Linklog Posts
Tech Bubble 1.0 Stars: Where Are They Now? : wow, who the hell are these people? totally forgotten
(tags: web1.0 interwebs via:nishad trivia history)YA Mac apps list : bookmarking for more crufting of the OSX laptop
(tags: macos mac applications todo)Franklin Street Statement on Freedom and Network Services : a definition of a “Free Service”, an open-source form of SaaS. uses the Affero GPL
(tags: saas cloud-computing software open-source gnu gpl affero web floss fsf freedom free-software)The Risk of ePassports and RFID – THC Blog : hacker group THC release an RFID-passport cloning/modification tool, noting that e-Passports are fundamentally insecure due to their trust of self-signed certificates. Also raises the Smart-IED attack danger: ‘A Smart-IED waits until a specific person passes by before detonating or let’s say until there are more than 10 americans in the room.’
(tags: via:schneier security terrorism risks rfid e-passports certificates pki)
Vim (Vi IMproved) for Mac OSÂ X : tick another item off my switch to-do list
(tags: vim gvim macos editors)
Well, some bits of this are easy: here’s a MacOS X version of GVim and Vim, which works nicely, is easy to install, and is simply vim/gvim. Great stuff!
But some bits are harder. Remember I was complaining about that silly ± / § key in the top corner of UK/Irish MacBook Pro keyboards? Some investigation reveals that I’m far from alone in this:
‘it fucks up application switching’
There are a number of apps that offer key remapping, but for no apparent reason they limit themselves to "popular" remappings only, such as swapping the Control and Caps-Lock keys etc. I presume this is because that was easy to code ;)
The one that does work fully is Ukelele. Watch out though — it comes with a raft of caveats. It’s buggy, at least dealing with my MBP keyboard under OSX 10.5.5; the "Copy Key" functionality doesn’t work, and you need to start using a key mapping file from the Ukelele package, not a system one or one you’ve downloaded, otherwise it’ll silently produce an output file that doesn’t recognise any keys at all. On top of this, each time you make changes, you need to log out and log back in again for them to try them out. (Small mercies: at least you don’t need to do a full reboot, I suppose.)
<img src=’http://taint.org/x/2008/macbook-pro-keyboard-euro-return.png‘ align=’right’>I’m not impressed by this whole keyboard issue. If you look at photos of the US MacBook Pro keyboard, it’s clear that it doesn’t have the stunted tetris-style Enter and Left-Shift keys that the UK/Irish one does. It also has the tilde key in the normal place, the top left, instead of some bizarre symbol that isn’t even used in this keyboard’s locale, and as Ash Searle noted, when you’re a developer, the # is a hell of a lot more useful than the £ symbol. They’ve basically screwed with a good US keyboard design to bodge in a few extra keys they needed to deal with the tricky European corner cases.
All that would be relatively minor, however, if I could remap the keys to suit my tastes — but it was pretty damn tricky to do that. Key remapping needs to be an easy feature!
I’m still working on the fixed key layout file, but I may post it here once it’s finished to save other Googlers the bother…
Update:: here’s the fixed key layout file:
Irish Fixed.keylayout
Save that to ~/Library/Keyboard Layouts/ , then open System Preferences -> International, select Input Menu, and choose Irish Fixed from the list, and ensure “Show input menu in the menu bar” is on. Close that window, then select “Irish Fixed” from the input menu left of the clock on the menu bar. Log out, and log back in again, and the keys should be sane…
(thanks to Sonic Julez for the MBP key image)
9li : Bruno 9Li — cool Brazilian psychedelic, high-contrast art
(tags: bruno-9li art graphics psychedelia)
Neuros set-top box lets you crowd-subtitle TV : ‘Neuros has a new technology to superimpose text from a dedicated chat room in real time on a TV set, allowing a sort of ‘crowd narration’ for events or shows.’ ‘crowd heckling’ more like; this is a great idea that Danny O’Brien talked about a few years back
(tags: for:malaclyps tv set-top-box video chat irc discussion heckling backchannels)Is That Your Final Answer? : ‘As Putin rears his head and comes into the air space of the United States of America, where do they go? It’s Alaska. It’s just right over the border. Some people out there in our nation don’t have maps.’ it’s like Frances McDormand in Fargo, channeling Dan Quayle
(tags: funny omgwtfbbq sarah-palin foreign-policy incomprehensible babbling gibberish via:mat)
Addictions, Think Amazon, not Google : Brian “Krow” Aker: ‘Google’s AppEngine is much closer to […] “Digitial Sharecropping” […] S3 and EC2 have little tie in to them. You can end up with a physical addiction to the services but the mental addiction to a framework does not exist. S3 is just storage and EC2 for most is just a hosted Linux image.’ +1!
(tags: google gae aws ec2 amazon hosting s3)The Porterhouse to get a shiny new bottling line : hooray, great news for Irish beer drinkers sick of Guinness
(tags: porterhouse beer ireland brewing)
As previously noted, I’ve just bought myself a nice shiny MacBook Pro, to replace an old reliable 5-year-old Thinkpad T40, which ran Linux.
Initially, I was contemplating installing Linux on this one too, and dual-booting. But right now, I’ve decided to give MacOS X a go — why not? I find it’s worthwhile updating aspects of my quotidian computing environment every now and again, and it seems everyone’s doing it. ;) I’ll log my experience on this blog as I go along.
(Worth noting that this isn’t my first Mac; back in 1990, I was the proud owner of a free Macintosh Plus for a year, courtesy of TCD’s "Project Mac" collaboration with Apple Ireland. I wrote a great Mandelbrot Set explorer app.)
First off, the good news: the hardware is very nice indeed. It’s light in weight, esp. compared to my T61p work laptop, the screen clarity is fantastic, and the CPU fairly zooms along — unsurprisingly, given that the T40 was 5 years old.
In addition, the multi-touch touchpad is wonderful; I’m looking forward to lots more multi-touch features.
Unfortunately, some of the other hardware design decisions were pretty wonky. By default it’s quite tricky to keep the laptop running with the lid closed — it seems a decision was made to use passive cooling via the keyboard, so once the lid is closed, that heat cannot escape, causing overheating. There’s a third-party extension I can install to allow it anyway, but it’s festooned with warnings to overclock the fan speed to make up for it… ugh. Since I need the ability to be able to remotely login to my laptop from work if I should happen to forget something, or to kick off a long transfer before I come home, this means I have to leave the laptop open permanently, which I didn’t want to do.
In addition, I initially thought my brightness control was broken, since the laptop screen fluctuates in brightness continually. Turns out this is a feature, responding to ambient light — a poorly-documented one, but at least it’s easy to turn off in System Preferences once you know it’s there.
(Unfortunately, a lot of MacOS seems to consist of poorly-documented features that are hidden "for my own good". The concept of switching seems to involve me abdicating a good deal of what I’d consider adult control of the machine, to the cult of Steve Who Knows Better. This is taking some getting used to.)
On to the software… what’s getting my goat right now are as follows:
Inability to remap keys (CapsLock key, the useless "+-" key, a lack of "spare" keys for scripted actions)
Up in the top left corner of "international" MacBook keyboards, there’s a useless key with a "+-" and double-S symbol on it. I don’t think I’ve ever typed those symbols in my entire life. I want a ~ there, since that’s where the ~ key lives, but for some reason, MacOS doesn’t include keyboard-remapping functionality to the same level as X11’s wonderful "xmodmap". It seems this third-party app might allow me to do that, or maybe something called ‘KeyRemap4Macbook’?
This Tao Of Mac HOWTO seems helpful on how to support the "Home"/"End" keys, for external keyboard use.
Focus Follows Mouse
This is a frequent complaint among UNIX-to-Mac switchers. It seems that some apps do a hacky version of it, but then you’ve got this inconsistent thing where you lose track of which apps will automatically pick up focus (Terminal, iTerm) and which ones need a click first (Firefox, indeed everything else). Unfortunately, it seems an app called CodeTek VirtualDesktop would have fixed it, but seems to have been abandoned. :(
Programmable Hotkeys
I use a few hotkeys to do quick window-control actions without involving the mouse; in particular, F1 brings a window to the front, F2 pushes it to the back, F12 minimizes a window, Ctrl-Alt-LeftArrow moves a window half a screen left, and Ctrl-Alt-RightArrow moves a window half a screen to the right. Those are pretty simple, but effective.
This collection of Applescript files, in conjunction with Quicksilver, look like I may be able to do something similar on the Mac. Here’s hoping. LifeHacker suggests that the default for minimize is Cmd-M, so that’s what I need to remap from, at least…
This is a big issue — Dan Kulp had a lot of hot-key-related woes, and wound up going back to Linux as a result. Evan reported the same. I like the idea of MacOS, but my tendonitis-afflicted wrists need their little shortcuts; I’m not willing to compromise on avoiding mouse usage in this way.
(by the way, in order to get F1/F2/F12 back, check the "Use the F1-F12 keys to control software features" box in the Keyboard control panel. Thanks to this page for that tip; it has a few other good tips for UNIX switchers, too.)
Upgrades and Software
So, there’s two main contenders for the "apt-get for Mac" throne — Fink vs MacPorts. Fink takes the Debian approach of downloading binary packages, while MacPorts compiles them from source, BSD/Gentoo-style, on your machine. Since I’m not looking at the source, or picking build parameters, or auditing the code for security issues there and then, I don’t see the need to build it — Fink wins.
One thing though — the installer for Fink informed me that I needed to run "Repair Permissions", which took a while, and found some things that had somehow already been modified from their system defaults, I’m not sure why. This left me slightly mystified. I then was later told that this is now considered ‘voodoo’. wtf.
Mind you, Daring Fireball suggests that the Mac software update are so poorly implemented that they require essentially rebooting in single-user mode, which sounds frankly terrifying. I hope that’s not the case.
BTW, it’s worth noting that IMO, AWN is as nice as — possibly nicer than — the Dock. ;)
Anyway, that’s post #1 in a series. Let’s see how I get on from here. (thanks to Aman, Craig and Paddy for various tips so far!)
Linux x86_64 frozen by heavy I/O on Dell PowerEdge 2950 : starting to think we may be running into this on our build machine; annoying. bookmarking for future reference
(tags: poweredge dell hardware linux drivers performance sysadmin)Wikipedia:Articles for deletion/Deletionpedia : hahaha. WP deletion gnomes argued that Deletionpedia should not have an entry due to non-notability, just 24 minutes after that entry was created
(tags: wp wikipedia funny deletion processes bureaucracy deletionpedia)Atrivo/InterCage depeered : the ISP’s AS (AS27595) is now offline, due apparently to coordinated lobbying of its upstreams
(tags: atrivo isps abuse intercage spam malware hosting)
baltic-avenue: An open source clone of S3 : built on top of Google App Engine. interesting hack!
(tags: gae s3 aws amazon baltic-avenue google)
THE FOURTH QUADRANT: A MAP OF THE LIMITS OF STATISTICS By Nassim Nicholas Taleb : ‘Statistics can fool you. In fact it is fooling your government right now. It can even bankrupt the system (let’s face it: use of probabilistic methods for the estimation of risks did just blow up the banking system).’ (via Gary Stock)
(tags: banking probabilistic-methods probability statistics investment black-swans nassim-nicholas-taleb via:gstock essays the-edge)International Expert Group – Report – The Innovation Partnership : ‘the findings and recommendations of the International Expert Group on Biotechnology, Innovation and Intellectual Property’. Very anti-Bayh-Dole and the “old IP” patent-everything regime as it pertains to biotech. great stuff (via Techdirt)
(tags: via:techdirt bayh-dole ip patents biotech canada reports)Greg Kroah-Hartman rips Canonical a new one : over allegations that they do not contribute enough development effort to the Linux ecosystem; in all major components, they push a truly miniscule amount of patch code upstream
(tags: canonical linux greg-kroah-hartman code open-source free-software distros packaging upstream debian)
A unique place for creating and preserving knowledge : swan song for Iona Technologies. as an ex-Ionian, all I can say is +1; great place to work in the ’90s
(tags: iona dublin ireland software business 1990s)Deletionpedia : ‘an archive of about 63,556 pages which have been deleted from the English-language Wikipedia.’
(tags: wp:vfd deletion wikipedia archives web)Michelle Malkin » The story behind the Palin e-mail hacking : Yahoo!’s password recovery feature is pretty trivial to defeat: ‘seriously 45 mins on wikipedia and google to find the info, Birthday? 15 seconds on wikipedia, zip code? well she had always been from wasilla, and it only has 2 zip codes (thanks online postal service!)’
(tags: yahoo passwords security web sarah-palin 4chan)
valhenson: Focus follows mouse on Mac OS X: Only $14.95! : more on the OS X FFM mess
(tags: focus-follows-mouse focus x11 macos mouse ui)Stevey’s Blog Rants: Settling the OS X focus-follows-mouse debate : if I’m to consider using OS X, this needs to work; I’m a FFM zealot
(tags: zealotry focus-follows-mouse focus ui osx mac x11 window-management)
now to install Ubuntu ;)
Update: here’s the first bug, spotted in Apple’s "thank you for registering your Mac" mail:
Hi. Welcome to Apple. We're just as excited as you are. ........................................................................... Thanks for registering your new Mac. We have the following on record in your name: [[IREG_PRODUCT_HTML]]
Templates are hard!
Build a Web Page Monitor with Google Docs : incredible. the GDocs spreadsheet supports getting a remote URL, extraction using XPath, and RSS output, making it a pretty credible scraping platform
(tags: google-docs google xpath rss feeds scraping)PayPal phishes their own customers : ‘Your monthly account statement is available anytime; just log in to your account at https://SECURE.UNINITIALIZED.REAL.ERROR.COM/au/HISTORY.’ doh
(tags: paypal phish phoul funny errors anti-spam via:risks)laptopsdirect.ie crappy reviews : wow. I dodged a bullet when I bought my work Thinkpad T61p last year; since then they’ve accumulated a truly atrocious customer service reputation. avoid
(tags: laptopsdirect.ie laptops shopping ireland boards.ie reviews customer-service cluetrain)
Groklaw – Anonymous Speech in Email Upheld in Spammer Case : Groklaw goes into the detail of how and why the Virginia anti-spam law could be overturned. Ugh. I strongly believe that spam = UBE, not UCE, and political spam is still spam, so this is particularly disappointing for me
(tags: ube uce spam law legal virginia jeremy-jaynes groklaw anti-spam)VMware server tweaks : ugh. quite a lot of voodoo here, need to investigate to see if any of these improve performance on our little build farm vmware server
(tags: vmware performance linux tweaks kernel)consumer tips in response to the XL Airlines collapse : tour operator/airline went bust, leaving its customers well in the lurch. Those who booked flights directly on their website, using a debit card, have lost their money. Most travel insurance doesn’t cover airline collapse. Moral: use a credit card
(tags: credit-cards safety consumer xl-airlines travel-agents atol flights travel)
Commtouch Plug-in for SpamAssassin : SA plugin to add the proprietary Commtouch filter to an existing SpamAssassin system; nifty
(tags: commtouch spamassassin anti-spam filtering plugins)
Va. Supreme Court Strikes Down State’s Anti-Spam Law : argh! IMO the judge has confused misleading forged headers with anonymous speech
(tags: anonymity legal law jeremy-jaynes spam anti-spam virginia)Watch out for that Dropbox Public Folder : Joe has a good point: ‘you hereby grant all other Dropbox users a non-exclusive, worldwide, royalty-free, sublicensable, perpetual and irrevocable right and license to use and exploit Your Files in your public folder.’ wtf
(tags: dropbox ip backup legal terms-and-conditions legalese)Microsoft Open Source inside Google Chrome : namely the Windows Template Library, now distributed under the (OSI-approved) Microsoft Public License. strange days (via reddit)
(tags: microsoft open-source osi google chrome wtl windows)Irishmen buy up island of England : ‘an Irish consortium has emerged as the buyer of the island of England in The World development, a man-made scheme off the coast of Dubai.’ hahaha!
(tags: funny ireland england dubai unintended-consequences property the-world)
Techdirt: How Patents Have Harmed University Research : the majority of university technology transfer offices have never made money, according to this. mind-boggling
(tags: bayh-dole patents ip universities academia tech-transfer techdirt)VTun – Virtual Tunnels over TCP/IP networks : ‘The easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression and encryption’. looks like it. UDP-based, no Windows support, but in Ubuntu’s “universe” apt repository
(tags: vtun tunneling linux unix networking ip tcp udp security)Perl Best Admin Practices : good advice to those of us running systems built on perl. Every interpreted language needs a document like this
(tags: perl wiki advice sysadmin best-practices guidelines fhs unix)
Four Tweaks for Using Linux with Solid State Drives : good tips (via Jeremy)
(tags: for:hughescr linux ssd disks optimization performance tmpfs kernel)VW Should Bring Back The Microbus And Make It Electric : and a pony! (via fergusb)
(tags: want electric-vehicles cars volkswagen techcrunch over-ambitious and-a-pony)
Twitter API Rate Limiting : ‘Clients are allowed 70 requests per 60 sixty minute time period, starting from their first request. This is enough to make just over one request per minute, per hour, which should meet the needs of most applications.’ Fingers crossed this can be lifted for twit.ie
(tags: aggregation rate-limiting api http twitter twit.ie)Pipes: BBC AOD filter : select a BBC radio show, get an RSS feed of “Audio on Demand” RealAMRadio files as they are posted. (“radio4” works as the station ID for that station)
(tags: bbc radio4 radio realaudio via:hublog)Work at Home . . . for a Criminal? : good round-up of how those “work at home” scam spams work
(tags: work spam scams fraud teleworking telecommuting)
EC2 hack: make metadata visible in ‘ec2-describe-instances’ output : by creating one-off security groups to hold the metadata. hack, will be deprecated by AWS in a future release, but hey it works right now
(tags: ec2 via:elasticgrid hacks patterns aws)
Brian Scanlan mailed me with this blurb, worth blogging for any AWS users in the Dublin area:
Are you a software developer or IT professional working in the Dublin area?
Would you like to learn more about Amazon Web Services?
Amazon spent over ten years developing a world-class technology and content platform that powers Amazon web sites for millions of customers daily. Most people think "Amazon.com" when they hear the work; however developers are excited to learn that there is a separate arm of the company, known as Amazon Web Services or AWS.
Using AWS, developers can build software applications leveraging the same robust, scalable and reliable technology that powers Amazon’s retail business.
Amazon Data Services Ireland are delighted to welcome Simone Brunozzi (simoneb at amazon.com), AWS Evangelist for Europe, to Dublin, where he will give an overview of Amazon Web Services, including S3, EC2 and EBS, SimpleDB and more.
Tuesday 16th September 2008 at 7pm, The Digital Exchange Auditorium, Crane Street, Dublin 8
Maps and directions to the venue are here. Refreshments will be served.
All welcome – but places are limited, so please sign-up by mailing aws-dublin-event at amazon.com before Thursday 11th September.
I have no connection to this; not even sure if I’ll be going, as I went to the last one anyway and it was a bit short on technical tips ;) . But worth blogging anyway.
eircom advertising on ThePirateBay.org?! : oh dear, someone really screwed up there
(tags: piracy pirate-bay eircom ads doubleclick google oops funny via:damien)Cheney Waits Until Last Minute Again To Buy Sept. 11 Gifts : pure Onion genius
(tags: cheney 9/11 theonion onion humor us-politics)We haven’t changed the name of the conference to ‘Over Quota’ : moral: don’t try hosting anything useful on Google App Engine until it’s ready — which it decidedly isn’t yet
(tags: app-engine google quota fail bandwidth hosting via:simonw)
Atari 800 “Donkey Kong” source code review : retrogaming fans find source for 1983 game cartridge, then original developer appears with commentary. hooray for internets!
(tags: atari history retrogaming retro donkey-kong assembler coding 8-bit programming)
prescription swim googles : for $28. woo
(tags: glassyeyes glasses prescription goggles swimming beach want)Design By Humans : great tees on this US site
(tags: shirts tee-shirts apparel shopping want t-shirts)
This is a little late, since I was off on holliers when it came to light — Galway News reports ‘hundreds hit by skimming scam’:
The account details of shoppers who used credit or laser cards to pay for their groceries and other items in a number of Galway shops and supermarkets were illegally skimmed by a gang who apparently managed to interfere with the Chip & PIN terminals at the stores’ check-out counters.
The Irish Times story:
However, it has emerged some cardholders had several thousand euro taken from their accounts overseas before they realised what was happening and alerted their card provider. And it is feared that thousands of other customers do not yet realise their cards have been cloned. Garda sources have confirmed the case involves thousands of cards.
The Galway investigation is centred on one large shop in the county. Gardaí believe several thousand cards have had all of their details skimmed, including pin numbers, over the past month. Some of the cards have already been cloned and used in Canada and other countries where, unlike Ireland, chip and pin protective technology is not in use.
In the Galway case […] Detectives are working on the theory that somebody in the Galway shop may have facilitated the card skimming for an Eastern European crime syndicate.
Gardaí do not believe the payment terminals were tampered with. Gardaí have recovered CCTV images of suspects from in-store cameras.
In the past, cards have been copied using very small hand held devices through which a card is quickly and discreetly skimmed at the point of payment. The information is then copied, or cloned, onto a blank card which is then used like a regular payment card.
Skimming devices around the size of a cigarette lighter can store details from thousands of cards.
The payment terminals from the Galway shop have been taken by gardaí for technical examination as a precaution. The Garda Bureau of Fraud Investigation is leading the inquiry.
This Boards.IE thread is a real eye-opener, containing lots of reports from victims of this scam — many reports saying that they suspect it was in Joyces’ Supermarket in Knocknacarra, although one poster reckons ‘there are now over 20 suspect premises in Galway City and outskirts’. blimey.
On a related note — while shopping in my local supermarket at the weekend, I was pleased to note that when I paid with my credit card, I was asked to sign the slip, instead of using Chip-and-PIN. So it looks like at least one retailer is taking additional care.
On the other hand, the thread also notes many cases of skimming which took place from in-store ATMs in small convenience stores — those are very widespread now. eek. :(
Independent group’s trigger-happy copying : allegations that Irish newspapers have copied content from blogs. There’s been a lot of cases of this recently. good round-up from Cian Ginty
(tags: plagiarism ireland newspapers independent)
Review of bicycle helmet effectiveness studies : quite a few case-control studies consistently demonstrating the protective effects of bicycle helmet use on shared roadways
(tags: cycling helmets safety health statistics)Spammer-X’s numbers on spam profitability : he claimed that he made net $336k per year from spamming in 2004
(tags: via:tzink spammer-x spam money pay profit motives)
GoDaddy is rejecting mail with URLs that appear in the Spamhaus PBL. As this thread on the Amazon EC2 forum notes, this is creating false positives, causing nonspam mail to be rejected. Here’s what GoDaddy reportedly said about this policy:
Unfortunately, our system is set to reject mails sent from or including links listed in the SBL, PBL or XBL. Because the IP address associated to [REMOVED] is listed in the PBL, any emails containing a link to this site will be rejected. This includes plain-text emails including this information.
If this is true, it’s utterly broken.
Spamhaus explicitly warn that this is not to be done, on the <a href="http://www.spamhaus.org/pbl/index.lasso”>PBL page:
Do not use PBL in filters that do any ‘deep parsing’ of Received headers, or for other than checking IP addresses that hand off to your mailservers.
And more explicitly in the Spamhaus PBL FAQ:
PBL should not be used for URI-based blocking! Consider the false positive potential: legitimate webservers hosted with services such as dyndns.com or ath.cx! Or consider that ISPs and other networks are encouraged to list any IP ranges which should not send mail, and that could include web servers! Use SBL or XBL (or sbl-xbl.spamhaus.org) for URI blocking as described in our Effective Spam Filtering section. Use PBL only for SMTP (mail).
Critically, the PBL now lists all Amazon EC2 space, since Spamhaus interpret Amazon’s policy as forbidding email to be delivered via direct SMTP from there. (Note — email, not HTTP.)
With this filter in place at GoDaddy, that now means that if you mail a URL of any page on any site hosted at EC2 to a user of GoDaddy, your mail won’t get through.
Note: this is much worse than blocks of SMTP traffic from EC2. In that case, an EC2 user can relay their legit SMTP traffic via an off-EC2 host. In this case, there is no similar option in HTTP that isn’t insufferably kludgy. :(
Dublin’s new M50 electronic toll tags : what a mess! there are no less than 8 tag operators and a bewildering array of prices and penalties. typical
(tags: ireland dublin m50 tolls roads pricing)Sustained IO on EBS == No Bueno : worrying stats for Amazon EBS data throughput, dropping from 160 MB/s to a rather paltry 42.4 MB/s
(tags: amazon ebs ec2 speed networking hosting benchmarks)MXLogic on the economics of spam : Sam Masiello of MXLogic works out that phishers may be netting a 7300% profit margin; this is why spam’s not going away. mind you he does this by believing Gartner figures, which is never a good idea
(tags: sam-masiello mxlogic via:tzink phishing spam money)
Cian Ginty at the Irish Times writes:
As clunky helmets, yellow reflective gear, and Lycra could be used as a stereotype for Irish cyclists, it might come as a surprise that women wearing high heels are a common sight on bicycles in Copenhagen.
The general image of cycling here is vastly different to so-called bicycle cultures where cycling is normalised and there is talk of a "slow bicycle movement".
"Among thousands and thousands of cyclists on my daily routes, I think I see one or two reflective vests a week, if that," says Mikael Colville-Andersen, a cycling advocate living in Copenhagen.
With Denmark, the Netherlands and Germany – where bicycle usage is high – the helmets and reflective clothing we think of as "a must" for cyclists are far from standard.
It then goes on to rehash some of the stuff that has cropped up recently on cycling blogs about cycling safety, helmets, etc.
The only problem with casualization of cycling, removing gear like helmets, is that without corresponding changes to the road and cycleways to make them safer, it will increase accidents and fatalities. I looked this up a couple of weeks back when I came across an anti-helmet site. Chasing up the figures and doing some research, it became clear that if you simply want to cycle without hurting yourself, the facts were not on their side — helmets save lives, especially when dealing with shared roadways as we have here.
Copenhagenization is a result of a better, safer road environment for cyclists, as seen in Denmark and the Netherlands, which makes safety gear not as much of a requirement. But on the other hand, Ireland’s roads are designed mainly for cars, and Dublin Council have done little to help — that makes safety gear a requirement, unfortunately :(
However, I think this is the real reason why people don’t cycle in Dublin:
Let’s take a fictional person, let’s call her Kassandra. Kassandra lives a little north of Copenhagen and rides every to work every day between 07:25 and 07:55 and back again between 15:35 and 16:05. Kassandra doesn’t mind a little light showers, but if the intensity increases to over 0.4 mm over 30 minutes (light rain), then she thinks it is too wet. Kassandra works five days a week and has weekends and holidays free. That gives her 498 trips between September 2002 and the end of August 2003.
How often does Kassandra get wet either to or from her job that year? The answer is, in fact, rarely. On those 498 trips it was only 17 times. That is only 3.5% or on average 1.5 trips a month.
3.5%. Compare that with what’s happened in Dublin this month — I’d estimate that’s meant that at least half of my rides have involved some degree of rainfall, occasioning many cries of woe.
It takes dedication — and lots of wet-weather gear — to ride a bike here…
(Of course, having said that, I look out the window and it’s immediately sunny ;)
Update: Ryan Meade corrects me in the comments:
Justin, you need to take a look at Owen Keegan’s paper to Velo-City 2005, “Weather and Cycling in Dublin : Perceptions and Reality”. The probability of getting wet is actually pretty comparable to the Copenhagen scenario detailed above – 5.5% for a 30 minute journey if you take 0.2mm per hour at the threshold for “getting wet”. On the other hand the vast majority of both cyclists and motorists think it’s more than 15%, with half thinking it’s above 30%.
Amazing how the psychological, "glass half-empty" factor influences my thinking on this. I had no idea!
I was away on holidays last week, and when I got back, I found my feed reader full of some good discussion as to whether today’s bigger spam botnets — Srizbi, Rustock, Mega-D, Cutwail/Pushdo — are sharing components, such as "landing" sites, exploits, customers, and even command and control networks. It started with this post on the FireEye Malware Intelligence Lab’s blog noting:
‘Some malware researchers have described Srizbi and Rustock as rival botnets, our data indicates that this apparent rivalry is a sibling rivalry at best. Srizbi and Rustock seem to be supported (controlled) by the same parent (bot herder).’
and in this followup:
‘We can clearly see that Srizbi, Pushdo and Rustock are using same ISP, and in many cases, IPs on the same subnet to host their Command and Control servers. It seems extremely unlikely to our research team that three previously "rival" Botnets would share nearly consecutive IP space, and be hosted in the same physical facility. Of all the data centers and IPs in the world, the fact that they are all on the same subnet is very intriguing. This fact makes the FireEye research team conclude that either the Botnets are operated by the same organization, or that the datacenter (McColo) is a shell corporation that leases out it’s IP space and bandwidth for nefarious actions.’ […]
‘IPs at a typical datacenter are leased out in a /30 or more commonly, a /29 block. However, here we can see that in a given succession of IPs, the three Botnets have C&C servers dispersed throughout. This gives us an impression that same Bot herder leased out a larger range and then distributed it amongst its different Botnets.’
Marshal say: ‘at the very least, the major botnets have common customers.’
Dark Reading cover it like so:
Rustock, which recently edged Srizbi for the top slot as the biggest spammer mostly due to a wave of fake Olympics and CNN news spam, and Srizbi, known for fake video and DVD spam, have been using the same Trojan, Trojan.Exchanger, to download their bot malware updates, researchers say. “This is the first time” we had seen this connection between the two botnets, says Fengmin Gong, chief security content officer for anti-botnet software firm FireEye. “That’s why when we saw it, it was surprising. They definitely have a relationship,” he says. “There’s not the rivalry we used to think about.” […]
Joe Stewart, director of security research for SecureWorks, says the Srizbi-Rustock connection is most likely due to a spammer using both zombie networks — not that the operators of the two botnets are actually collaborating. “What is confusing people is that you’re seeing Rustock bots sending out emails that essentially infect people with Srizbi, so they think it must be Srizbi that’s sending it, but it’s not,” he says. “Srizbi is not just one big model. It’s rented out to lots of different spammers."
A major spammer may be trying to diversify by using the two botnets, he says. “It could be because they want to separate their malware-seeding operation from their spamming operation,” Stewart says. “Maybe their bots are getting blacklisted faster when they’re sending out URLs with fake video files because they’re easy to spot, so their spam doesn’t get through. So they send malware from this botnet, and spam from this one, to keep out of the blacklists longer.”
I agree that Joe’s scenario is very likely; the spammers aren’t always the same people who operate the botnets, and it only makes sense that some of them would spread their business among multiple nets, to minimize the risk that all of their output would be blocked if one ‘net runs into trouble (or indeed, good filtering ;). But seeing C&C servers sharing LANs also strikes me as unusual. One to watch.
Anyway, it’s good to see that the malware research blogs are now actively tracking and posting updates when the botnets change topics and format; this info is very valuable for us in anti-spam, as it allows us to map from the received spam mails back to the sending botnet, and determine which rules are good at detecting each botnet. Thanks, guys.
(image credit: cobalt123, used under CC license)