S E R V E R   S I D E
View current page
...more recent posts

Clean System to Zombie Bot in 4 minutes

Slashdot thread on a USA Today investigation into how long it takes computers attached to the internet to be attacked and compromised:

According to the latest study by USA Today and Avantgarde, it takes less than 4 minutes for an unpatched Windows XP SP1 system to become part of a botnet. Avantgarde has the statistics in their abstract. Stats of note: Although Macs and PC's got hit with equal opportunity, the XP SP1 machine was hit with 5 LSASS and 4 DCOM exploits while the Mac remained clean. The Linux desktop also was impenetrable, but only was only targeted by 0.26% of all attacks.
In the slashdot thread the well known geeks from Avantgarde had some more info. The interesting bit is the difference between XP SP1 and SP2 (Service Pack 1 and 2 - these are Microsoft security updates you XP users should be installing. Obviously 2 is the most recent.)
There was an SP2 machine included in the same test. It went unmolested, due largerly to the new firewall enabled by default. This particular test environment included no user activity, i.e. no email reading, no web browsing.

Generally speaking, I'm pleased with SP2. As long as you're running XP, and it won't affect your critical functionality adversely, install it. It won't be exploit proof moving forward, but it's the easiest way to patch the current set of problems.
Of course, it will probably take you more than 4 minutes of being connected to the net to download the SP2 patch! D'oh.

In related news, Ars Technica recently did a roundup of spyware removal tools for Windows. No sense reading the whole thing, but they conclude that the free Ad-Aware is your best bet. You can download it here.
- jim 12-01-2004 12:32 am [link] [5 comments]

I am still trying to keep a grip on all the comment spam here, so I have neglected, so far, the other issue of referrer log spam. But that's on my list as well. Here's a post on clone blogs and referrer log spam that is interesting and frightening.

BTW, this site has been running for 5 years, with over 20,000 comments in the database. We've only been getting spam comments for a few months, but already we have deleted, as of this moment, 11,745. They should overtake real comments in number in another few weeks. Those are some industrious spammers.
- jim 11-30-2004 6:38 pm [link] [368 comments]

All Things Considered audio segment on Bit Torrent. Good basic introduction to the technology and to the legal issues involved with peer to peer technology.
- jim 11-29-2004 9:00 pm [link] [add a comment]

Buttress "is a broadcatching application to automatically download and run .torrent files from RSS feeds, without user input." This is what I want, but unfortunately I can't get it to work yet on OS X. I think it should though, not sure what I am doing wrong. It scans the RSS feeds okay, but then complains that it can't start up my Bit Torrent client.

The Buttress download contains an .exe file for windows users. Unix people should be able to run the .jar java file, although like I said I haven't been totally successful yet on OS X. I'll comment below if I ever get it working. Windows users may want to give it a look.


- jim 11-27-2004 1:19 am [link] [add a comment]

Wow. Technorati This favelet/bookmarklet. Handy.
- jim 11-26-2004 8:29 pm [link] [add a comment]

Russel Beatie continues to make his case that mobile handsets are where the action is:

Apple shipped 4 million iPods in the past quarter, Palm shipped 1.5 million Treos and Dell shipped 8 million PCs..... Very nice, but Nokia shipped over 50 million handsets in the same timeframe.

- jim 11-26-2004 8:27 pm [link] [1 ref] [5 comments]

The good folks at Downhill Battle have released Blog Torrent, a PHP project that simplifies offering Bit Torrent downloads from your PHP enabled website.

[W]hat blogtorrent does is give users "easy download" links in addition to links to the torrent files. The "easy download" link gives them the torrent file they want wrapped in an executable installer. The installer just installs Bittorrent, asks them where to save the file, and starts getting the torrent they want.
This isn't brain surgery. It's just installing the Bit Torrent client invisibly when (windows users, for now) click on the download link. But even though that isn't much (can't people install the client themselves? Well, sometimes not...) it should help. And it makes uploading Torrents easier too. Something to watch for sure.
- jim 11-25-2004 6:08 pm [link] [add a comment]

Internal IBM interview with John McCalpin: On the POWER7, Simultaneous Multi-Threading - and the true origins of AIX. (via HTP)

POWER7? Good God these guys plan ahead (POWER5 is the cutting edge at the moment, while Apple's G5 is a simplified version of the POWER4.) Super geeky, but interesting if you are into such things. I love the "Level: Introductory" label applied to the article. Yeah, "introductory" if you are a hardware engineer working for IBM.

Also liked this exchange:

dW: That is a shame. I have one more on the subject of OSes -- was AIX really designed by space aliens?

McCalpin: I hadn't heard that one....
Hmmm. Classic non-denial denial? The truth is out there.
- jim 11-24-2004 8:03 pm [link] [add a comment]

KISS: Keep It Simple and Sloppy.

Adam Bosworth has been writing some interesting posts lately. He used to work at Microsoft where he was responsible for developing Microsoft Access PC Database, the HTML engine for Internet Explorer 4 and 5, as well as directing most of their XML development work from 1997 to 1999. He later worked as Chief Architect and Senior Vice President of Advanced Development at BEA Systems. And he now works at Google. (Slightly out of date bio link.) In other words, he knows a few things!

He recently spoke at the 2nd International Conference on
Service Oriented Computing (ICSOC04,) and reprinted his speech on his weblog. It's long but very interesting. Well, okay, interesting to me at least. He is able to look at where the web is going from a very high altitude without losing touch with the finer details of implementation.

If you think about web architecture you should read this piece. It is basically the same as my philosophy of how to build things, except I'm not so smart or experienced (understatement of the year) to have put it as well as he has.
- jim 11-19-2004 6:53 pm [link] [2 refs] [add a comment]

The Treo 650 is on sale now directly from Sprint (warning: link to very dorky treo message board.) Might possibly be only available to current Sprint customers (there is some mixed experiences here.) $599 with $150 rebate for Sprint customers of 18 months or longer.

Okay, this phone rocks. The question is: does it make any sense at all to buy such an expensive mobile device when it can't be used on any of the new high speed wireless networks?
- jim 11-18-2004 7:34 pm [link] [2 comments]

older posts...