...more recent posts
Umm, this doesn't sound good:
Former CIA Director George J. Tenet yesterday called for new security measures to guard against attacks on the United States that use the Internet, which he called "a potential Achilles' heel."Who's he working for now?
"I know that these actions will be controversial in this age when we still think the Internet is a free and open society with no control or accountability," he told an information-technology security conference in Washington, "but ultimately the Wild West must give way to governance and control."
I understand the frustration, but this isn't the right solution:
Lycos Europe's "Make love not spam" campaign was intended as a way for users to fight back against the avalanche of junk mail messages coming their way.It is kind of funny though. Apparently it worked a bit better than expected and brought a few servers to their knees:
Participants were encouraged to download the Lycos screensaver which, when their PC was idle, would then send lots of data traffic to websites that peddle the goods and services mentioned in spam messages.
Lycos said the idea was to get the spam sites running at 95% capacity and generate big bandwidth bills for the spammers behind the sites.
Two of the sites being bombarded by data have been completely knocked offline. One other site has been responding to requests only intermittently as it struggles to cope with the traffic the screensaver is pointing its way.
The downing of the sites could dent Lycos claims that what it is doing does not amount to a distributed denial of service attack (DDoS). In such attacks thousands of computers bombard sites with data in an attempt to overwhelm them.
The Broadband Daily is a brand new group weblog featuring a bunch of bloggers I read already plus some new ones all opining on, you guessed it, broadband. Looks very nice.
On distinguishing humans from robots, which is something we've been dealing with around here lately.
Microsoft launches MSN Spaces:
With MSN Spaces, you can easily create and manage your blog from your computer or your mobile phone. It's a great way to share information and photos with your friends and family. And best of all, it's free!You know, Bill Gates is right, Microsoft is all about innovation. A blog service? At the very end of 2004? Who would have thought?
I thought I remembered posting about this before, but I can't find any reference to it. Liquid lenses for camera phones:
The company was founded two years ago to exploit two core technology patents covering lenses based on the principles of electro-wetting. This is the tendency of liquid to spread on a substrate, Paillard explains. "It means we can tune the shape of the drop to create a lens. Think about a tunable lens, like in the human eye," he suggests....Better lenses are crucial, especially in light of the first round of 1 megapixel cameraphones that are exhibiting lackluster image quality. Sheer megapixels are only part of the issue, and improvements there without corresponding improvements in the lenses and other sub systems are not going to do it. Here's to hoping their time frame isn't overly optimistic.
The company has a non-exclusive licensing deal with a subsidiary of Samsung to develop the lenses for use in its camera phones. Paillard expects products will be on the shelves by Q1 2006 at the latest, and maybe even in time for Christmas next year.
Clean System to Zombie Bot in 4 minutes
Slashdot thread on a USA Today investigation into how long it takes computers attached to the internet to be attacked and compromised:
According to the latest study by USA Today and Avantgarde, it takes less than 4 minutes for an unpatched Windows XP SP1 system to become part of a botnet. Avantgarde has the statistics in their abstract. Stats of note: Although Macs and PC's got hit with equal opportunity, the XP SP1 machine was hit with 5 LSASS and 4 DCOM exploits while the Mac remained clean. The Linux desktop also was impenetrable, but only was only targeted by 0.26% of all attacks.In the slashdot thread the well known geeks from Avantgarde had some more info. The interesting bit is the difference between XP SP1 and SP2 (Service Pack 1 and 2 - these are Microsoft security updates you XP users should be installing. Obviously 2 is the most recent.)
There was an SP2 machine included in the same test. It went unmolested, due largerly to the new firewall enabled by default. This particular test environment included no user activity, i.e. no email reading, no web browsing.Of course, it will probably take you more than 4 minutes of being connected to the net to download the SP2 patch! D'oh.
Generally speaking, I'm pleased with SP2. As long as you're running XP, and it won't affect your critical functionality adversely, install it. It won't be exploit proof moving forward, but it's the easiest way to patch the current set of problems.
In related news, Ars Technica recently did a roundup of spyware removal tools for Windows. No sense reading the whole thing, but they conclude that the free Ad-Aware is your best bet. You can download it here.
I am still trying to keep a grip on all the comment spam here, so I have neglected, so far, the other issue of referrer log spam. But that's on my list as well. Here's a post on clone blogs and referrer log spam that is interesting and frightening.
BTW, this site has been running for 5 years, with over 20,000 comments in the database. We've only been getting spam comments for a few months, but already we have deleted, as of this moment, 11,745. They should overtake real comments in number in another few weeks. Those are some industrious spammers.
All Things Considered audio segment on Bit Torrent. Good basic introduction to the technology and to the legal issues involved with peer to peer technology.
Buttress "is a broadcatching application to automatically download and run .torrent files from RSS feeds, without user input." This is what I want, but unfortunately I can't get it to work yet on OS X. I think it should though, not sure what I am doing wrong. It scans the RSS feeds okay, but then complains that it can't start up my Bit Torrent client.
The Buttress download contains an .exe file for windows users. Unix people should be able to run the .jar java file, although like I said I haven't been totally successful yet on OS X. I'll comment below if I ever get it working. Windows users may want to give it a look.