Filed under: Analysis / Opinion, Retail, Odds and ends

Even morons buy Apple products.

There's a story on ifoAppleStore today about one Mr. Donald Goodrich, who was having trouble with his iPhone. As many customers have done, Mr. Goodrich brought his iPhone to his local Genius Bar in Cincinnati, OH. While talking with an Apple Store employee, he allegedly said, "I'm so mad, I could pop a 9mm at it," meaning the iPhone.

According to police, he then said, "I'll do it right now! Look!" and pulled his shirt aside to show the employee the handgun he was carrying. While that employee escorted him to the Genius Bar (clearly not the right place for Mr. Goodrich), another called police who quickly arrived and arrested him.

We should note that Mr. Goodrich did have a permit to carry a concealed weapon and was cooperative with his arresting officer. We should also note that flashing it to a young person in a crowded mall while visibly upset and threatening to use it was a very dumb idea. Also, as Brandon points out in the comments below, the mall housing the Apple Store is private property and has posted "no weapons" signs.

TUAWMan threatens to shoot iPhone at Genius bar originally appeared on The Unofficial Apple Weblog (TUAW) on Fri, 02 Oct 2009 13:00:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments [From Man threatens to shoot iPhone at Genius bar]

Posted by mikki at 11:55 PM | Permalink | Comments (0)

For some years now, the opponents of Network Neutrality have had the same basic fallback strategy: When all else fails, make it about Google. So no surprise that AT&T, in a letter supposedly about the rather technical issue of “traffic pumping” opens with an attack on Google and Net Neutrality. Because if we have learned anything from our national healthcare debate, it is that it is more important to make this about how awful the other side is rather than debate the merits.

To clarify what is actually going on for those just tuning in. First, read this excellent summary of what “traffic pumping” is by Jonathan Lee.

read more

[From AT&T Falls Back on "It's All About Google" Strategy]

Posted by mikki at 11:04 AM | Permalink | Comments (0)

The NYC Resistor hackers have installed an MP3 player in a decommissioned training hand-grenade, because they could, and because it is the kind of deliciously bad idea that is hard to resist. Receipt of the grenade in its shipping box occasioned something of a stir at NYC Resistor, it appears.

There was much fear and freak out. But cooler heads prevailed and a phone call was made. "Hey Matt, did you order metal objects of a dubious nature?" "Yes, yes I did." There was a great deal of internal strife over this particular event as ordering munitions to the space is strictly forbidden. Upon review and discussion it was decided that while purchasing decommissioned training grenades was not in fact illegal in NYC (as far as we know), it was not something we would ever do again. That being said. I immediately set forth on a childhood dream project. I put an 1/8th inch jack into the pin hole for the gr3nade. It looked GOOD. Totally flush... very pretty. So I decided to run with it. I ran the cabling into the gr3nade... hacksawed it open. Inserted a Sansa 2 GB mp3 player. And then tried to SMD rework it. This ended poorly as the first sansa basically got burned by the rework station and died. The second I avoided using the rework station and instead recruited bre and his arms for a session of intense soldering onto very tiny solder points.

mp3 grenade in it's final design glory (via Make)

Posted by mikki at 08:48 AM | Permalink | Comments (0)

My take on Macintosh security:


Ah, a new release.... must be time for another slew of articles aimed at getting press and money for the "security" folks out there. For those of us with Macintoshes, here is my take on the whole Macintosh virus situation.
Every time a new OS release comes out, a whole mess of security "professionals", especially those with recent books (such as Miller's The Mac Hacker's Handbook), are being interviewed by every Tom, Dick, and Harry, and repeat the same drivel that we've been hearing about Macintosh security for years, which basically amounts to:

Oh yeah? Well, if more Macintoshes were sold, then there'd be a lot more viruses for the Mac, I tell you.... just you wait!

Now, it may well be true that if there were more Macs out there, there would be more reason to go after the Macintosh and it would tend to lead people to write more viruses for them. It may also not be true, and I've never seen any indications that there is a statistical basis for this complaint.

However, let's take for the moment that it's a possibility and start looking at the kinds of exploits that tend to show up for the Macintosh in these articles. Generally speaking, and I'm not going to cite individual articles here because I haven't done a complete statistical analysis of them, the kinds of exploits that show up for the Macintosh are trojan horses, a class of malicious software that the user downloads and runs or installs. Once you've done that, you're open to a number of potential problems, including the stealing of data and the deletion of files that are not protected.

There are 2 key take-aways about trojan horses on the Mac: first, they are not the same as viruses; and second, they are limited in what they can do to your system unless you give them power. Now, this part in bold is important. If you download a questionable piece of software from the Internet (or any software for that matter, since most really don't need this facility) and the software prompts you for a password to your system during the installation process, you should be seriously considering saying "no". If you say yes, you do not have any granular control of what it might do to your system, as you have provided it with escalated privileges to access all data and services on your Macintosh.

Here are a few other things that make a big difference to Macintosh users: no in-the-wild viruses. There are basically no programs that exist today that can infect Macintoshes without the user taking specific action (opening a program in particular). Through the use of Quarantine, which has been around since Leopard, Apple tries to warn you the first time you open a piece of software, telling you where it was downloaded from asking you if you're sure you want to run it. It only happens the first time you run each program, so it doesn't provide an overwhelming number of "are you sure" dialogs.

Once you install a program on one Macintosh, the liklihood of it spreading virally (without you or the user of the computer specifically starting the program in question) is really, really low. I say really, really low, because there were some programs that managed this feat before Leopard due to hiding executables in what looked like data files. However, quarantine makes that virtually impossible these days.

Most importantly, the kinds of worms that have infected Windows and other systems over the years (a worm being a particularly viscious type of malware that makes its entrance behind the scenes, infects the computer and uses it as a jumping off place to infect more), have been almost absent from the Mac (there was a report of one in 2006/2007 using Bonjour as a vector, but that was patched by Apple on all affected systems and the worm appeared to only show up after that problem was disclosed).

People can argue until their blue in the face about why Macs tend to have a lot less trouble than PCs. Frankly, the amount of open administrative software that lies on (especially older) Windows machines is a good portion of the problem here. For years, Windows 2000 and other versions had the ability for network administrators to broadcast a message to every user on a network that was then displayed on their screens. This was a horrible idea, since it had absolutely no security whatsoever involved in it and basically allowed anyone with knowledge of your network address to send a message to your screen that popped up as if it were from the OS. To make matters worse, there were security problems with the program that put up the window and they were exploited to deliver worms and other viruses on the Windows platform. This is not an isolated case, either.

Architecturally, there's definitely more that Apple can do about security on the Macintosh and I hope that we continue to see the kind of sandboxing that is being used by Apple on the iPhone slowly creep its way into the Mac. By using this judiciously, they could keep only authorized programs from doing things on the system and they could make a much better permissions model for the otherwise-dangerously all or nothing approach that the installers tend to take these days. I'd love to see something along the lines of an installation dialog for VMWare (as an example) that requests permission to "add kernel extensions and startup items" and then have the OS grant just permissions to install items in those places. More importantly, for programs that use the installer just to put things into special locations, such a scheme could prevent them from doing other things behind the scenes (like installing kernel extensions) without your knowledge. I know I'd think twice if a graphics program requested permission to install a kernel extension.

But, for the time being, the Macintosh is a pretty safe platform, as long as users are vigilant. Keep up to date on your software updates and don't run programs with questionable pedigrees.

NOTE: Today's Wired article pretty much caused this article to be written. I have to say that you must admire a magazine that continues such superlative reporting as telling us that "In Snow Leopard, Apple has added security enhancements including Executive Disable"... executive disable? Sounds like something you'd use in a bad movie to remove your competition, did you mean Execute Disable (XD), a technology that's been around for years and was one of the most touted security features of the last 3 generations of processors? Oh, you know, that whole accuracy thing isn't important. Wonder how well you did on the other facts? Probably about the same, interview a couple of guys who are shilling a book and reprint their stuff as well as whatever you can find in a quick Google search. No offense to Google. For more humor, the next line: "Apple also added hardware-enforced Data Execution Prevention" is basically a reference to the Exact Same Technology. Curiously, Apple's only technology mention is of "hardware-based execute disable for heap memory", which I'll note doesn't mention disabling executives at all!

Posted by mikki at 02:10 PM | Permalink | Comments (0)

Spammers Claiming To Be Assassins Try To Scam People Out Of Money - News Story - WRC | Washington:


WASHINGTON -- Spammers claiming to be assassins have been trying to scam people out of thousands of dollars using e-mail threats.
In the e-mail that is making the rounds on the Internet, spammers claim they have been hired to kill recipients, but will graciously drop the contract if recipients send them money.
Maryland's Attorney General Doug Gansler said the e-mails are part of the second generation of so-called phishing scams.
Scam artists send out hundreds of thousands of e-mails containing the threat. If they get just a small percentage of recipients to comply, they can reap huge profits.
"Clearly, they work because they keep doing it," he said.
The e-mail begins "Good day, I have been paid $50,000 in advance to terminate you. Do not contact the police or FBI, because if you do, I will know and might be pushed to do what I have been paid to do."
The e-mail continues, "You will need to pay $20,000 to the account I will provide for you before we will set our first meeting. You don't need my phone contact for now till I am assured you are ready to comply."
"People shouldn't respond to any of these e-mails that they themselves don't initiate," Gansler warned. "They should never send any money to anyone who sends you an e-mail saying that I need this, that and the other."
Most people News4 talked to said they would never fall for the scam.
"It's sort of terrible that people out there are that opportunistic and want to sort of prey on people's fears, and obviously on such a fear as primal as that," said computer user Brian Dahinden.
"I think that I would probably ultimately hit the delete button," Dahinden said.
"I usually just delete it. I don't open. I delete all of my trash," said computer user Ellen Murphy.
Police said people who receive the e-mails should not delete them but, rather, save them and report them to the Secret Service, state's attorney general's office or the Federal Bureau of Investigation.

Posted by mikki at 07:30 PM | Permalink | Comments (0)

Notorious Spam King Scheduled to be Sentenced on Monday by the U.S. District Court:

Notorious spammer Robert Alan Soloway is scheduled to be sentenced on Monday by the U.S. District Court in Seattle after pleading guilty to single counts of mail fraud, e-mail fraud, and tax evasion. The long list of individuals testifying in federal court for the sentencing of the so-called 'King of Spam' has resulted in an unusual two-day hearing which began on Friday. Soloway is the second person to be convicted of criminal spamming under the 2004 "Can-Spam" law. More...

Posted by mikki at 05:42 PM | Permalink | Comments (0)

Cyber Incident Blamed for Nuclear Power Plant Shutdown:


A nuclear power plant in Georgia was recently forced into an emergency shutdown for 48 hours after a software update was installed on a single computer.

The incident occurred on March 7 at Unit 2 of the Hatch nuclear power plant near Baxley, Georgia. The trouble started after an engineer from Southern Company, which manages the technology operations for the plant, installed a software update on a computer operating on the plant's business network.

The computer in question was used to monitor chemical and diagnostic data from one of the facility's primary control systems, and the software update was designed to synchronize data on both systems. According to a report filed with the Nuclear Regulatory Commission, when the updated computer rebooted, it reset the data on the control system, causing safety systems to errantly interpret the lack of data as a drop in water reservoirs that cool the plant's radioactive nuclear fuel rods. As a result, automated safety systems at the plant triggered a shutdown.

Southern Company spokeswoman Carrie Phillips said the nuclear plant's emergency systems performed as designed, and that at no time did the malfunction endanger the security or safety of the nuclear facility.

Phillips explained that company technicians were aware that there was full two-way communication between certain computers on the plant's corporate and control networks. But she said the engineer who installed the update was not aware that that the software was designed to synchronize data between machines on both networks, or that a reboot in the business system computer would force a similar reset in the control system machine.

"We were investigating cyber vulnerabilities and discovered that the systems were communicating, we just had not implemented corrective action prior to the automatic [shutdown]," Phillips said. She said plant engineers have since physically removed all network connections between the affected servers.

Computer security experts say the Hatch plant incident is the latest reminder of problems that can occur when corporate computer systems at the nation's most critical networks are connected to sensitive control systems that were never designed with security in mind.

Specifically, experts worry that vulnerabilities were introduced into the systems that regulate the electrical grid as power companies transferred control of generation and distribution equipment from internal networks to supervisory control and data acquisition, or SCADA, systems that can be accessed through the Internet or by phone lines, according to consultants and government reports.

The move to SCADA systems boosts efficiency at utilities because it allows workers to operate equipment remotely. But experts say it also exposes these once-closed systems to cyber attacks.

"Part of the challenge is we have all of this infrastructure in the control systems that was put in place in the 1980s and '90s that was not designed with security in mind, and all of sudden these systems are being connected to [Internet-facing] business networks" said Brian Ahern, president and chief executive of Industrial Defender Inc., a Foxborough, Mass.-based SCADA security company.

Joe Weiss, managing partner at Cupertino, Calif.-based Applied Control Solutions, said Hatch is not the only plant that has suffered this type of unusual event. But he said it is one of a handful of public events of this type because the Nuclear Regulatory Commission documents all unusual events, in contrast to non-nuclear facilities that do not make their unusual events public.

"Consequently, it is expected that non-nuclear facilities have experienced similar events," Weiss said. "The Hatch event illustrates the unintended consequences that could occur when business information technology systems interconnect with industrial control systems without adequate design considerations."

Weiss said unplanned, automatic shutdowns such as what happened at the Hatch plant are costly, forcing utilities to purchase power from other parts of the grid to the tune of about $1 million a day. But more importantly, Weiss said, automatic shutdowns unnecessarily challenge nuclear safety systems.

"Anytime you have to shut down, especially with an automatic shutdown, you're challenging the safety systems," he said. "What happened [at Hatch] was absolutely what the plant was designed to do, but there's always that chance that something could go wrong."

The NRC has for years had regulations in place that require that all plants be able to defend against cyber attacks. But the agency is still in the final stretch of implementing more specific cyber-security regulations that would require plants to detail their plans for defending their digital networks as a condition of maintaining their operating license, said Scott Morris, deputy director for reactor security at the NRC.

"The plants are expanding their use of digital technology to put more megawatts on the grid, and because of that these lessons are going to occur," Morris said. "But our expectation is that when these types of events happen, that [plant operators] correct the problem and share the information broadly with the rest of the industry."

Unplanned nuclear plant shutdowns used to be a fairly common event, but not anymore, Weiss said. In fact, he said, another shutdown of a U.S. nuclear plant was also precipitated by a cyber event. In August 2006, Unit 3 of the Browns Ferry nuclear plant went into a shutdown after two water recirculation pumps failed. An investigation found that the controllers for the pumps locked up due to a flood of computer data traffic on the plant's internal control system network.

Weiss said many people in charge of SCADA systems have sought to downplay the threat that hackers pose to these complex networks. But he cautioned that internal, accidental cyber incidents at control system networks can be just as deadly as a carefully planned attack from the outside.

In June 1999, a steel gas pipeline ruptured near Bellingham, Wash., killing two children and an 18-year-old, and injuring eight others. A subsequent investigation found that a computer failure just prior to the accident locked out the central control room operating the pipeline, preventing technicians from relieving pressure in the pipeline.

"To people in the IT world, cyber means 'attacks,' but what I tell people is that in our world the predominant cyber events are unintentional," he said. "The flip side of that is if it can happen unintentionally, it can probably be caused intentionally and be a whole lot worse."

News of the Hatch incident also comes as the cyber-security posture of the electric and nuclear power industry is coming under increasing scrutiny from Congress and government investigators. Last month, the Government Accountability Office issued a scathing report about cyber security weaknesses at the Tennessee Valley Authority, the nation's largest public power company and operator of three nuclear plants, including Browns Ferry.

The GAO found that TVA's Internet-connected corporate network was linked with systems used to control power production, and that security weaknesses pervasive in the corporate side could be used by attackers to manipulate or destroy vital control systems. The agency also warned that computers on TVA's corporate network lacked security software updates and anti-virus protection, and that firewalls and intrusion detection systems on the network were easily bypassed and failed to record suspicious activity.

Posted by mikki at 11:48 AM | Permalink | Comments (0)

Popular Photo Sharing Site's DNS records Hijacked by Turkish Hacking Group:


DNS records of one of the most popular photo sharing websites, Photobucket, were hacked yesterday by Turkish Hacking Group. The site returned a hacked page courtesy of the NetDevilz hacking group, a Turkish web site defacement group most widely known for its defacement of the adult video site Redtube earlier this year. Photobucket users across the world are reporting minor outages of the service and problems when trying to access their accounts, the consequence of what looks like the type of DNS records hijacking that redirected Comcast.net to a third-party domain last month. More...

Posted by mikki at 03:20 PM | Permalink | Comments (0)

Google's App Engine Breakdown Casts Concerns Over Cloud Computing:


Google's application-hosting service, "Google App Engine," suffered an outage on Tuesday, highlighting one of the downsides of the new cloud computing services, reports Nancy Gohring of IDG News Service. Between 9 a.m. and 11:30 a.m. PST and again later in the day, a significant percentage of users trying to access the service were unable to do so, according to a post on the Google App Engine forum. "This outage was the result of a bug in our datastore servers and was triggered by a particular class of queries," wrote a member of the App Engine Team who called himself "Pete." More...

Posted by mikki at 03:20 PM | Permalink | Comments (0)

British Hacker Accused of Biggest Military Hack Fights Extradition to U.S.:


Five judges at the UK's highest court are currently in process of evaluating a final appeal against extradition by a computer enthusiast wanted in Washington for the "biggest military hack of all time". Gary McKinnon (nicknamed "Solo"), 44, is accused of causing hundreds of thousands of dollars of damage after breaking into dozens of computers owned by NASA, the Pentagon and the U.S. military. His last appeal to the High Court in London failed after two senior judges ruled he should face trial in the United States. The law lords are expected to give their ruling before the end of July. More...

Posted by mikki at 12:42 PM | Permalink | Comments (0)

FTC Halts Cross Border Domain Name Con Artists:


A U.S. District Court Judge has ordered a halt to the illegal practices of Canadian operators who deceptively posed as domain name registrars and sent bogus bills to thousands of U.S. small businesses and nonprofit organizations for their annual "WEBSITE ADDRESS LISTING." Many of the businesses and nonprofits believed they would lose their domain names unless they paid the bill, so they paid. The Federal Trade Commission alleged that in most cases the defendants did not provide domain registration services, did not provide the "search optimization" services it claimed to provide, and bilked small businesses and nonprofits out of millions of dollars. More...

Posted by mikki at 12:40 PM | Permalink | Comments (0)

Inside view of a cyberattack:


The folks at Revision3 have a detailed article about a Denial of Service (DoS) attack which was perpetrated upon them over Memorial Day weekend 2008. The kicker is that the attack was either intentional or negligent misconfiguration on behalf of a RIAA "watchdog" company named MediaDefender.
It's unclear whether appropriate civil litigation will follow, but I'm happy to hear that the FBI is looking into this. From my perspective, the most plausible explanation is that MediaDefender's servers have been designed to plant poison files on publicly-accessible "trackers" and to attack them automatically when their access is shut down at some later point. If they are to assume that all publicly-accessible trackers are engaged in illegal activity, then it would "make sense" (in their twisted view) that anyone who cut off their access would be doing so in order to allow piracy to continue on their servers. Having made that flawed leap, they then institute an attack to take the server down. This is the type of behavior that's even more poisonous than a few kids hacking up a DDoS.

I hope they sue MediaDefender in order to reclaim lost revenue and flight this kind of bad citizenry on the net.

Posted by mikki at 10:06 AM | Permalink | Comments (0)

Uprooting of the DNS Root:


The folks at Renesys pointed out earlier this week some interesting activity surrounding the L-root name server, highlighting some activity that should give us all yet another reason to be concerned about the security and integrity of the Internet DNS... considering that a great deal of malware today tends to corrupt the DNS resolution path in order to further exploit compromised end-systems, and that corruption, or any other actual end-system compromise, might well be unnecessary if the root were compromised -- well, think of the possibilities! More...

Posted by mikki at 05:34 PM | Permalink | Comments (0)

Fraud-prevention pitchman becomes ID theft victim - CNN.com:


SAN JOSE, California (AP) -- Todd Davis has dared criminals for two years to try stealing his identity: Ads for his fraud-prevention company, LifeLock, even offer his Social Security number next to his smiling mug.


Now, LifeLock customers in Maryland, New Jersey and West Virginia are suing Davis, claiming his service didn't work as promised and he knew it wouldn't, because the service had failed even him.

Attorney David Paris said he found records of other people applying for or receiving driver's licenses at least 20 times using Davis' Social Security number, though some of the applications may have been rejected because data in them didn't match what the Social Security Administration had on file.

Davis acknowledged in an interview with The Associated Press that his stunt has led to at least 87 instances in which people have tried to steal his identity, and one succeeded: a guy in Texas who duped an online payday loan operation last year into giving him $500 using Davis' Social Security number.

Paris said the fact Davis' records were compromised at all supports the claim that Tempe, Arizona-based LifeLock doesn't provide the comprehensive protection its advertisements say it does.

"It's further evidence of the ineffectiveness of the services that LifeLock advertises," said Paris, who is lead attorney on the three new lawsuits, the latest of which was filed this month.

Davis learned about the fraud in Texas when the payday-loan outfit called to collect on the loan, he said. He didn't get an alert beforehand because the company didn't go through one of the three major credit bureaus before approving the transaction.

Davis said it's possible driver's licenses have been issued to other people in his name because of the widespread availability of his personal information -- and because of what he described as the flimsy mechanisms in place to report that kind of fraud.

Paris noted that LifeLock charges $10 a month to set fraud alerts with credit bureaus, even though consumers can do it themselves for free.

But Davis stands by his company and his advertising gimmick, which has appeared in newspapers and on billboards, radio and MTV. He even broadcasts it by bullhorn on walking tours through crowded downtowns.

"There's nothing on my actual credit report about uncollected funds, no outstanding tickets or warrants or anything," he said. "There's nothing to indicate my identity has been successfully compromised other than the one instance. I know I'm taking a slightly higher risk. But I'll take my risk for the tremendous benefit we're bringing to society and to consumers."

The lawsuits, for which Paris is seeking class-action status, highlight the fundamental limits on how much security identity-theft companies can provide.

Companies like LifeLock can help guard against only certain types of financial fraud by helping consumers set up alerts with credit bureaus, which inform them when someone tries to open a new line of credit or boost their credit limit to finance a buying binge, for example.

The services don't guard against many types of identity theft such as use of a stolen Social Security number on a job application or for medical services, or even the instance of an arrestee giving police a stolen Social Security number to shield his own identity.

LifeLock is also being sued in Arizona over its $1 million service guarantee, which the plaintiffs claim is misleading because it only covers a defect in LifeLock's service, and in California by the Experian credit bureau. Experian accuses LifeLock of deceiving consumers about the breadth of its protection and abusing the system for attaching fraud alerts to credit reports.

Security experts say complaints about the company reinforce the time-honored wisdom of keeping your Social Security number secret.

"There's been a lot of marketing, a lot of hype about LifeLock," said Paul Stephens, director of policy and advocacy with the Privacy Rights Clearinghouse, a nonprofit consumer advocacy organization. "The question is, 'How much protection does it really buy you?"'

"There is no company that can guarantee they can protect you (completely) against identity theft," Stephens said. "Absolutely nobody can do that."

Posted by mikki at 09:01 AM | Permalink | Comments (0)

Most Spam Sites Tied to a Handful of Registrars - Security Fix:


New research suggests that more than three quarters of all Web sites advertised through spam are clustered at just 10 domain name registrars.

The data comes from millions of junk messages collected over the past year by Knujon ("no junk" spelled backwards and pronounced "new john"), an anti-spam outfit that works by convincing registrars to dismantle spam sites.

Knujon's co-founder Garth Bruen said the links in spam messages touting fake pharmacies, knock-off designer products, pirated software and phony lending institutions redirect users to a relatively minuscule subset of sites that are generally under the control of a small number of companies.

Bruen focuses most of his energy on calling attention to spam sites that list blatantly false information in their WHOIS records, the global online directory designed to list the contact data for individuals who register Web sites.

The Internet Corporation for Assigned Names and Numbers (ICANN), the Marina Del Rey, Calif.-based group charged with overseeing the domain name system, requires all Web domain registrars to collect and maintain accurate WHOIS data for all domain holders. Under the terms of their contracts with ICANN, registrars are supposed to cancel any Web site registrations with inaccurate WHOIS data if the domain holder does not update their records within 15 days of receiving notice from the registrar.

It should surprise no one that spammers rarely provide their real credentials when registering new sites. But the trouble is that relatively few registrars police their own WHOIS records, or bother to do any kind of rudimentary checks to verify that the information is accurate when the domain holder first registers the site. And, until very recently, Bruen said, ICANN hasn't done much about it.

"ICANN doesn't have any authority or mandate to deal with spam or Internet abuse, but it does have a mandate to make sure the WHOIS records are accurate," Bruen said. "A lot of our work has focused on what's clearly within ICANN's management and what's in the registrar's contractual agreement with ICANN. And ICANN doesn't like the fact that they're being forced to comply with their own standards by third parties."

Over the past several months, Knujon has submitted so many automated complaints about inaccurate WHOIS records at registrars that it crashed ICANN's database on several occasions.

Bruen said he tried to warn ICANN that this would happen.

"The absurd thing about this is I flew out there in June and said 'Here's the direction we're heading in with Knujon, and from what I can tell, your database can't handle what we have to submit'," Bruen recalls telling the ICANN folks.

Bruen said ICANN tacitly acknowledged in a recent newsletter that the complaint database crashes and that Knujon was responsible for filing 40 percent (19,873 out of 50,189) of all WHOIS inaccuracy reports submitted to ICANN in the latest reporting period.

In April 2007, ICANN launched a new program to address WHOIS compliance issues, including an annual WHOIS data accuracy audit. It also combed through all of the inaccurate WHOIS reports and sent certain registrars a "Notice of Concern," though it declined to publicly name those companies.

So who are the top 10 registrars most favored by spammers? You can see the list along with Knujon's methodology here. A few of the names on it are unsurprising simply by virtue of their market share. Number five -- Bellevue, Wash., based eNom -- is the second largest registrar, according to DomainTools's registrarstats.com. Number six -- Pompano Beach, Fla., based Moniker -- has the eighth largest market share among registrars.

But size doesn't explain most of the names on the list. The registrars that scored the worst overall - Xinnet Bei Gon Da Software, BEIJINGNN, and Todaynic -- are all located in China, and are 18th, 47th and 99th in terms of market share, respectively.

Perhaps the most interesting name on the list is number 7 - a registrar out of Broomfield, Colo., called Dynamic Dolphin. According to Knujon, more than 10 percent of the company's 45,000-plus domains have false WHOIS data, and more than 17 percent of the domains registered through the company have been observed being advertised through spam.

A bit of digging into Dynamic Dolphin revealed that it is owned by a company called CPA Empire, which in turn is owned by Media Breakaway LLC. Those of you who read this post a few weeks back will recognize this company: Its CEO is Scott Richter, a notorious, self-avowed spammer who claims to have quit the business. As I noted in that post, anti-spam groups claim that Media Breakaway recently hijacked more than 65,000 IP address for use in sending e-mail and hosting commercial Web sites.

Dynamic Dolphin is a reseller of registrar services offered by number 9 on the list, an Indian company named Direct Information PVT Ltd. (Directi) and doing business as PublicDomainRegistry.com.

To its credit, Directi has been fairly active of late in removing spammy and outright nasty customers from its domain portfolio. Last year, the company canceled more than 18,000 registrations tied to the Russian Business Network (RBN), an ISP that experts say served as a front for organized Russian cyber criminals and child pornographers.

RBN was scattered to the four winds in November 2007, after stories from The Washington Post and other media outlets exposed the company's business activities and supporting networks. Experts say RBN may be dispersed, but it is hardly gone. Anti-spam groups have spotted cyber-crime activity that fits RBN's modus operandi at a number of Chinese ISPs and registrars since its original online base of operations was boarded up

Posted by mikki at 02:53 PM | Permalink | Comments (0)

Serious Gmail Flaw: Security Group Demonstrates Sending Unlimited Spam Using Google’s Own Servers:


Researchers at Information Security Research Team (INSERT) have dissevered a serious flaw in Google’s Gmail service. The group demonstrates how anyone with no special Internet access privileges other than being able to connect to SMTP (TCP port 25) and HTTP (TCP port 80) servers is able to exploit a single Gmail account in order to be granted nearly unrestricted access to Google’s massive whitelisted SMTP relay infrastructure.

From the Report:

As part of our recent work on the trust hierarchy that exists among email providers throughout the Internet, we have uncovered a serious security flaw in Google’s free email service, Gmail. This vulnerability exposes Google’s email servers in a way that allows an attacker to use them as open spam and phishing relays. This issue is related to the risk of a malicious user abusing Gmail’s email forwarding functionality. This is possible because Gmail’s email forwarding functionality does not impose proper security restrictions during its setup process and can be easily subverted. By exploiting this problem an attacker can send unlimited spam and phishing (i.e. forged) email messages that are delivered by Google’s very own SMTP servers. Since the messages are delivered by Google’s own servers, an attack based on this flaw is able to bypass all spam filters that are based on the blacklist / whitelist concept. We were able to confirm that this vulnerability is indeed exploitable by crafting a proof of concept attack that allowed us to send forged email messages unrestrictedly through Google’s server infrastructure. We have also verified that this flaw allows attackers to bypass spam filters by using our method to send messages that are usually flagged as spam. While sending these messages directly from our network in the traditional way had the messages classified as spam, by sending the very same messages using our exploit, the messages were delivered directly to the victim’s inbox, thus bypassing filters. All email providers that offer Google’s SMTP servers any special level of trust (e.g. whitelist status) are vulnerable. We have contacted Google about this issue and are waiting for their position before releasing further details.

Posted by mikki at 01:32 PM | Permalink | Comments (0)

C64 emulator for iPhone:

Filed under: Analysis / Opinion, Software, Odds and ends, Apple, iPhone

Posted by mikki at 11:53 AM | Permalink | Comments (0)

iPhone as Tricorder:

Filed under: Humor, iPhone

Posted by mikki at 11:37 AM | Permalink | Comments (0)

Significant Chunk of IP Address Space Hijacked by Notorious Mass Emailing Company:


nternet address space long ago issued to San Francisco Bay Packet Radio, an organization that was involved way back in the 1970s in testing ARPANET, a predecessor to the global commercial Internet that we all use today. That organization was given the rights to do whatever it wanted with 134.17.0.0/16 address block.

That entire swath of Internet space is now registered to an entity in Westminster, Colo., called SF Bay Packet Radio LLC, but except for a similar name, this company has no relation to San Francisco Bay Packet Radio… ? A review of records posted by both Spamhaus.org and e-mail provider Outblaze.com shows that a large number of Internet addresses on the company’s Internet space have been blacklisted for sending junk e-mail… Spamhaus spokesperson said that JKS Media/Media Breakaway had indeed hijacked the IP space from its previous owner, and that the IP space should be revoked under the rules set out by ARIN.

Posted by mikki at 11:29 AM | Permalink | Comments (0)

Full story

The COFEE, which stands for Computer Online Forensic Evidence Extractor, is a USB "thumb drive" that was quietly distributed to a handful of law-enforcement agencies last June. Microsoft General Counsel Brad Smith described its use to the 350 law-enforcement experts attending a company conference Monday.

The device contains 150 commands that can dramatically cut the time it takes to gather digital evidence, which is becoming more important in real-world crime, as well as cybercrime. It can decrypt passwords and analyze a computer's Internet activity, as well as data stored in the computer.

It also eliminates the need to seize a computer itself, which typically involves disconnecting from a network, turning off the power and potentially losing data. Instead, the investigator can scan for evidence on site.

More than 2,000 officers in 15 countries, including Poland, the Philippines, Germany, New Zealand and the United States, are using the device, which Microsoft provides free.

Posted by mikki at 08:38 AM | Permalink | Comments (0)

Availability Is Not Security If an Abandoned Sea Anchor Cut the Cable?:
I see in some fora people are still arguing that security involves countering malicious actors, and availability alone is not security, even if people are depending on availabity.

Were all those recent cable cuts in the Med. and the Persian Gulf not security issues, even though some of the affected companies are now planning to spend $300-400m on physical security to fix the problem?

If the culprit had been a Russian mobster or Al Qaeda or the CIA rather than (in one case) an abandoned ship anchor, then it would have been security, but now it's not?

-jsq

Posted by mikki at 08:41 PM | Permalink | Comments (0)

Comments on an IP Address Trading Market:
With IPv4 addresses becoming scarcer, there has been talk that a trading market will develop. The idea is that those holding addresses they do not really need will sell them for a profit. More alarming is that there have been a few articles about how the Regional Internet Registries (RIR) are contemplating creating such a market so that they can regulate it, conceding that it will happen anyway and taking the "if you can't be 'em, join 'em" attitude. This is all a bit disturbing. Maybe I'm naïve, but it's a little unclear to me how an unsanctioned trading market could really operate without the RIRs at least being aware... More...

Posted by mikki at 07:09 PM | Permalink | Comments (0)

Another thought provoking piece from John Quarterman

Egerstad Arrested: Uses Tor to Snoop Snoopers; Is This a Crime?:


So this fellow was just arrested and some of his computers confiscated:

Dan Egerstad, a security consultant, intercepted data carried over
a global communications network used by embassies around the world in
August and gained access to 1000 sensitive email accounts. They contained
confidential diplomatic memos and other sensitive government emails.

After informing the governments involved of their security failings and
receiving no response, Egerstad published 100 of the email accounts,
including login details and passwords, on his website for anyone curious
enough to have a look. The site, derangedsecurity.com, has since been
taken offline.

—
Swedish Police Swoop on Dan Egerstad - UPDATE
by Fergie,
Fergie's Tech Blog,
14 Nov 2007

So Egerstad gets arrested, yet
this man, who says "Privacy no longer can mean anonymity" walks around free.

-jsq

Posted by mikki at 02:13 AM | Permalink | Comments (0)

Stephen Hawking writes a kids' sf trilogy:


Stephen Hawking has written a kids' science fiction trilogy called George's Secret Key to the Universe, the first volume of which is to be published in 29 countries this year, with subsequent volumes coming once a year. His goal is to create a rigorously scientific work of sf that turns kids onto sf -- that's my kind of book! Hawking's co-writers are his daughter (who came up with the idea) and the French physicist Christophe Galfard, whose thesis was based on Hawking's work.

The trio wanted to "provide a modern vision of cosmology from the Big Bang to the present day," without presenting it as magic, Galfard said. "All of what we see (in the universe) corresponds exactly to what has happened already," he added.

The sole element of fiction in the book involves supercomputer that opens a door allowing George and his friends to travel into space aboard an asteroid.

"I don't know of any other book quite like George's Secret Key to the Universe," Hawking, 65, said. "I think we may be unique."

Link to George's Secret Key to the Universe,

Link to Cosmos article

(via Futurismic)

Posted by mikki at 12:24 PM | Permalink | Comments (0)

Boffins bend space and time to measure neutron star:

Einstein shouts 'told you so' though tear in space-time

Astronomers have caught three neutron stars in the act of distorting space-time, just as Einstein predicted. Bendy space-time has been seen around black holes before, but this is the first time astronomers have seen it around any other body.…

Posted by mikki at 11:10 AM | Permalink | Comments (0)

FCC Must Protect Innovation, Privacy in e911 Rulemaking:


CDT, the Electronic Frontier Foundation and Sun Microsystems this week urged the Federal Communications Commission (FCC) to be cautious in considering an "automatic" location requirement for VoIP providers for use during e911 emergency calls. In comments filed today with the FCC, the groups noted that while the e911 system is a vital part of our public safety net, VoIP services are unable to provide "automatic" location information (without user input), and a requirement that they do so would harm innovation and competition. The comments also cautioned that some proposed solutions to address the VoIP location requirement would destroy users' privacy.

Posted by mikki at 03:54 PM | Permalink | Comments (0)

Woz Admits To Speeding Ticket For 104 MPH In Prius - TechNow News Story - KNTV | San Francisco:


Apple co-founder Steve Wozniak admits that he was speeding in his Prius-hybrid.

Wozniak said he got a ticket for going 104 miles per hour on Interstate 5 earlier this year, according to the San Jose Mercury News.
A judge did not buy his excuse that he was used to the kilometer speeds used overseas, and fined him about $700.

Wozniak said he was surprised by how smooth the car sailed at high speeds.

He does he not recommend those speeds -- his 55 miles per gallon dropped to between 31 and 37 miles per gallon at 104 miles per hour.

Posted by mikki at 05:31 PM | Permalink | Comments (0)

Google disables own blog as spam | Tech news blog - CNET News.com:


Google may be getting a little overly zealous in its antispam efforts. The company says it accidentally disabled one of its own corporate blogs after mistaking it for spam.

Google Blogoscoped first reported the problem with Google's Custom Search blog. Apparently, the blog had an odd message full of misspellings and incorrect grammar that said:

"Google Custom Search, is the wonderful product from Google which many webmasters have been looking and dream for. It allows webmasters to create their own custom search engines to search only the sites he/she wants. ? I?ll cover up more on this powerful tool very soon in my next blog." It was signed "Srikanth."

The blog is now back to normal, with no new posts since July 17. Here is the explanation from a Google spokesman as to what happened:

"Blogger's spam classifier misidentified the Custom Search Blog as spam. If a spammer gets caught by our automated classifier, the blog owner will receive notification of this identification. At the owner's request, the Blogger team will review the blog to verify that the blog in question isn't spam. In this case, the Custom Search Blog bloggers overlooked their notification, and after a period of time passed, the blog was disabled. The content wasn't deleted, but it was removed from the URL.

After the blog was disabled, the URL went back into rotation. A subsequent person came in, claimed the URL, and posted the new content about Google Custom Search, which was not an official post. So, it was a case of 'URL squatting' and not a security issue or any kind of hack.

Even after blogs are disabled as spam, the owner can write in requesting a review for her or his blog to be restored. If the review proves that the owner's content was not in fact spam, the blog will be restored with all content. So, when we saw what happened on Tuesday--and were well aware that our content wasn't spam--we restored the official Google Custom Search Blog. The individual who had claimed the URL and published the blog post in reference still has his content; it's just hosted at a new URL."

Posted by mikki at 05:00 PM | Permalink | Comments (0)

TheStar.com - entertainment - 50 glorious years of 'kill da wabbit':


At any other time, the film would not have been made. Imagine the pitch: "Let's steal time and funding from our other projects so we can go way over budget making a cartoon with no jokes, and no real gags. The score will be a German opera. Kids won't get it. Most adults won't get it, but I don't care because I think it's funny."

Fortunately, the time was 1956, the director was Chuck Jones, and the place was the Warners Bros. backlot animation studio dubbed "Termite Terrace." The result – released 50 years ago this week – was "What's Opera, Doc?," voted by animators in the 1994 book The 50 Greatest Cartoons: As Selected by 1,000 Animation Professionals to be the greatest cartoon of all time.

It is the antithesis of the routine cartoon. In place of snappy one-liners we see Elmer Fudd and Bugs Bunny singing their parts with complete sincerity and commitment. The backgrounds are beautifully textured paintings. The score is powerful and moving. Bugs cuts a striking figure in a metallic brassiere before Madonna was even born. It's audacious and decadent and beautiful and bold and everything the vast majority of cartoons would never dare to be.

Years later, it was my immense pleasure to meet Chuck and spend several hours with him. Never before, and never since, have I encountered someone as smart, funny, passionate and wry, all rolled into one delightful and charming package. I can only imagine the magic at work as he and fellow geniuses Friz Freleng, Bob Clampett, Mike Maltese, Maurice Noble, Mel Blanc, Carl Stalling and a host of others created thousands (yes, thousands) of cartoons featuring history's greatest ensemble cast.

Chuck told me he and his team of writers and animators never saw themselves as making cartoons for anyone but themselves. Months, and sometimes years, passed before their work ended up in theatres, and by then they had made so many new cartoons public reaction just wasn't on their radar. It was because they made cartoons to humour themselves, and because studio executives didn't much care what they did so long as they stayed on time and on budget, that "What's Opera, Doc?" was possible.

The key was placing it between two Wile E. Coyote and Road Runner cartoons in the production schedule. Formulaic by design, those ones could be done fast and cheap. Knock off the Coyote films ahead of schedule and under budget, reallocate the time and money to "What's Opera, Doc?" so the overall budgets remained intact, and voila! A masterpiece created right under the noses of studio executives who would have vetoed the idea long before Elmer Fudd could have raised his spear and donned his magic helmet.

A few years ago, when I staged a tribute to Chuck and his incredible body of work, showing 15 of his greatest cartoons on the big screen as they were originally meant to be seen, it wasn't "What's Opera, Doc?" that got the biggest reaction, initially. The nearly 500 people in attendance gave their most enthusiastic reaction to the opening credits of "One Froggy Evening" featuring Michigan J. Frog, and "Rabbit of Seville," the famous Bugs Bunny-Elmer Fudd barbershop ditty. Both great cartoons, to be sure, and both on any animation historian's top 10. The interesting thing was that for weeks afterward, people told me how moved they were by "What's Opera, Doc?" Some had never seen it before. Others had seen it on TV, but absent the big screen and big sound, they had failed to fall under its spell. Seeing it that day, the way audiences first saw it in 1957, they were enthralled.

That's what makes "What's Opera, Doc?" the greatest cartoon ever, and that is why a piece of such grandeur will never be repeated.

That's not to say good work hasn't been done in recent years. The laughs are plentiful with The Simpsons in its heyday, Family Guy most of the time, and South Park when they find that sweet spot between satire and absurdity. On the big screen, Pixar tells stories as captivating as the greatest Disney epics of the past, and pulls the viewer into spectacular and compelling worlds.

They are all great in their own way, but they are to be expected. Animated sitcoms are supposed to be funny and irreverent and mildly scandalous. Feature films are supposed to have rich character development, radio-worthy songs, and captivating storylines. Bugs Bunny cartoons are not supposed to feature a lisping Viking rabbit hunter enthusiastically professing his operatic love for a bunny in drag.

These days, cartoons are made for the small screen, for syndication, for licensing, for Happy Meal toys and theme park rides. Gone are the days when someone like Chuck could trick the system and go on a flight of fancy to animation immortality with such a hugely impractical and absolutely beautiful film.

No one who knows and loves "What's Opera, Doc?" will ever hear Wagner's "Der Ring des Nibelungen" without hearing, in their own minds, "Kill da wabbit . . . kill da wabbit." While classical music aficionados may be offended by that fact, I'm okay with it. More than okay with it.

 

Steve Watt owns AnimationConnection.com, Canada's only studio-authorized animation art gallery. He is also the proud owner of a rare original production drawing of Elmer Fudd from "What's Opera, Doc?," a piece of art he will never sell.

Posted by mikki at 10:27 PM | Permalink | Comments (0)

Ah, the fun of having such a cool toy. My short time playing with the iPhone has been enlightening. I have noticed the following really important attributes, pro and con.

Pro:
Deters zombies. I have not seen ONE zombie since getting the iphone
Makes me a better dancer. Yes, the iPhone is definitely improving my rock steps.
Repels technophobes. The mere sight of the iPhone causes them to run.
Gives me better gas mileage. Yep, the iPhone adds at least 1/2 a mile per gallon.
Coolness factor approaching 11.
Great video renditions so I can watch fight practice and do the inside rather than outside blocks :-)
Good sound quality as an iPod. Yay.

Con:
AT&T/Cingular - still sucks.
No bluetooth file exchange. Major league piss me off factor
No user definable ringtones (yet)
No chat client (yet)
No ability to add 3rd party applications (yet)
Edge

I STILL think this is the best phone on the planet, and I am really enjoying it. I am hoping that our wonderful community of cool people will find some way to load a nice application on there to open up bluetooth file exchange in future, and Apple will get going with the rest of the stuff the phone needs soon.

Posted by mikki at 03:50 PM | Permalink | Comments (0)

Thanks to the small child for standing in line at the AT&T store (yeah, she got paid). Thanks to her we were #9 in line. There were about 70 people in line when we finally got in. They made a huge deal out of telling us that we were not allowed to open the boxes in the store, then let people in 3 or 4 at a time. They would ask how many you wanted, what size, what accessories, then attempt to check you out. That's where things got sticky.

The AT&T servers started having serious difficulties almost immediately. At our particular terminal, it took 40 minutes to check out. Yep, that's right... 40 minutes. Things kept "breaking" and otherwise not working properly. We FINALLY got out of there with our sealed bag (yep, the bags were self sealing so you couldn't open them in the store).

As we were leaving, the announcement was made that they were now sold out of 8 gig models.

So, getting home, I plugged in the iPhone to my powerbook, it opened iTunes, it synced everything including my email accounts, found my home network and connected to it, and uses the same type interface as the iPod and AppleTV in iTunes to sync music, videos and photos.

I do NOT like the keyboard yet. It's going to take some time to get used to since I type with my thumbs when I am using teeny tiny keyboards like this. This one won't really let you. It wants your index finger. Feh. Perhaps they will fix that in the future.

Course, since I don't have SERVICE in my HOUSE, I can't say how the actual PHONE part works yet. Heh heh. Ironic, no?

Update: The phone part works well when there is signal. Problem is, it's AT&T so the signal totally SUCKS. They don't drop calls because you can't PLACE them. *bah*

Posted by mikki at 09:06 AM | Permalink | Comments (0)

I'm still laughing :-)

Beware the Magical IPhone:


Beware the Magical IPhone
06.27.07 | 2:00 AM
There's been a lot of media attention directed at the iPhone recently. Some of it has been positive, some negative, but none have come forth to acknowledge the obvious, sinister context of Apple's latest toy. This device, portrayed as a harmless product of science, is obviously designed to introduce our children to witchcraft and sorcery.
The central pentagram in Apple's vile altar of temptation takes the form of "gestures," hand movements used to control the device. Wiggle your fingers at the iPhone and it does your bidding. Does that not sound familiar? Is that not one of the main ingredients in the blasphemous bisque of sorcery?
Keep in mind as you consider this dire news that Apple is also one of the main proponents of so-called "voice recognition" technology. Every Macintosh computer they ship includes this "feature," allowing you to command your computer using the power of your voice, much as Harry Potter commands demons to do Satan's work.
Another feature provided by the iPhone is the ability to play videos from anywhere in the world. Think of your child gazing into this device, viewing events taking place elsewhere on the planet and even looking back through time. The device itself has a "friendly" rounded look to it. Is this Apple's way of introducing children to the concept of a crystal ball? Will the next iPhone be a perfect transparent sphere? Very likely.
In addition, the iPhone has the ability to sense the environment around it. For instance, it can tell when you've turned it on its side. No doubt you're thinking, "You move it? Like a magic wand?"
It's worse than that, much worse. Certainly there is a similarity to that obscenely phallic symbol of a sorcerer's Satan-fueled power, but it goes much further. The iPhone's ability to sense motion, proximity and light is clearly designed to make it seem less like an object and more like a "familiar spirit," a sort of witch's helper explicitly banned by Leviticus and Deuteronomy.
Not convinced? The iPhone also includes a built-in web browser, one that has no limitations on the sort of filth it can access. The internet is well known for being willing to answer any question posed to it, at least from an atheist perspective. Right-thinking people realize that knowledge should be limited to that which is healthy for the mind and soul, but the internet does not agree.
And finally, what do iPhone users and witches have in common? Contracts. The iPhone requires a two-year contract with a cellular-phone company, while witchcraft requires an eternal contract with the Devil, but the parallels are clear.
Now consider the implications of all this. A child growing up in this secular age is introduced to a little technological "friend" that it can control with gestures and words, one that lets it look at other places and times, one that is happy to answer any question, especially if the "correct" answer denies God and the Bible. Shortly thereafter the child -- your child -- is approached by a witch or wizard with similar "devices" like magic wands and crystal balls, which require nothing more than the signing of a contract. Is there any reason the child would resist these overtures?
This is no coincidence! Apple is not working alone under some sort of cloak of secrecy. This has been planned for decades, if not centuries! Science-fiction writer Arthur C. Clarke, a noted secular humanist, gloated over this sort of "innovation" when he revealed that future advanced technologies would make people unable to distinguish them from magic.
The media are not the watchdogs of these evil devices that are being shoved down our throats and the throats of our children, they are Satan's salesmen!
Avoid the iPhone! Avoid all of Apple's products, and Microsoft's as well! If you're reading this online, it may already be too late.

Posted by mikki at 10:26 AM | Permalink | Comments (0)

Well, when I broke my iPod, I figured that I'd just wait a week and get the iPhone. After all, that's what Apple is advertising you can do.... saying the iPhone is their best iPod to date. Sounds great, eh? Cept for one thing... the biggest iPhone you can get is 8 gigs. The biggest iPod is 80 gigs. My music collection (and I'm not nearly finished digitizing it all) is about 20 gigs. That's not a terribly happy thing.

So off to the Apple store yesterday at Tyson's Corner. The place was packed! Not only the Apple store, but the whole damn mall. It was a gorgeous day yesterday and all these people were inside shopping! UGH! We noticed that all of the employees were wearing T shirts with the date 6/29 on them, heralding the upcoming iPhone release, so I asked what the plans were for it. They said they knew nothing whatsoever about the release itself, and they were pretty annoyed that Apple was keeping them in the dark. They said that all they know is that something happens at 6pm 6/29. Mumble.

So, I figure that with a bit of duct tape, I can put the iPhone and iPod together and make a phone with enough storage to make me happy :-).

Posted by mikki at 09:24 AM | Permalink | Comments (0)

Widescreen YouTube on AppleTV!:

Last month Apple anounced YouTube for Apple TV, and it was released on Wednesday. I downloaded the update and played with it a bit and I quickly realized there was a definite lack of quantity of available video. There was some speculation last month that not everything would be playable or converted to H.264 versions required for AppleTV, but there doesn't seem to be any rhyme or reason why some videos are available in AppleTV and most aren't.

You can sign in and view your listed of videos marked as favorites, but of the 30 I had previously marked, only 3 were available to play. I went to my computer and marked off another 10, and only 3 more were playable. I did some searches and found usually only 5 or less results for stuff that normally returns 50 or more results.

But the biggest surprise was seeing widescreen video properly handled in the YouTube player on AppleTV. One of my biggest peeves with viewing YouTube on my computer is that anything ripped from a HDTV (16:9 widescreen) source gets smushed into the default player's 4:3 aspect. I was hoping YouTube would someday make their flash player adjust to original source size.

If you do a search for "rodrigo y gabriella" (they're a cool acoustic guitar duo that mix classical and rock techniques) in AppleTV, you only get this one result of the 300+ you get in a computer browser search. But if you play it, it fills the screen of your HDTV with a fairly high quality version of their live set. The odd thing is on your computer, you'll get a vertically compressed version by default and even when shown full-screen.

So it appears the YouTube player for AppleTV only sees a minority of total available YouTube video right now, but of those available, the AppleTV player properly handles aspect ratio accordingly, playing both standard and widescreen aspect ratios. That's something even the browser-based player can't seem to handle.

Posted by mikki at 09:46 AM | Permalink | Comments (0)

MIT students demonstrate wireless power transfer:


Mark Frauenfelder:

RayK says

In an experiment, a team from MIT were able to power a 60W light bulb from two meters away. Calling their demonstration 'WiTricity,' the researchers believe that a system is possible that could send electricity to your battery powered devices within a room sized space.

It's a Tesla-dream come true.

WiTricity is based on using coupled resonant objects. Two resonant objects of the same resonant frequency tend to exchange energy efficiently, while interacting weakly with extraneous off-resonant objects. A child on a swing is a good example of this. A swing is a type of mechanical resonance, so only when the child pumps her legs at the natural frequency of the swing is she able to impart substantial energy. Another example involves acoustic resonances: Imagine a room with 100 identical wine glasses, each filled with wine up to a different level, so they all have different resonant frequencies. If an opera singer sings a sufficiently loud single note inside the room, a glass of the corresponding frequency might accumulate sufficient energy to even explode, while not influencing the other glasses. In any system of coupled resonators there often exists a so-called “strongly coupled” regime of operation. If one ensures to operate in that regime in a given system, the energy transfer can be very efficient.

Posted by mikki at 12:50 PM | Permalink | Comments (0)

From CircleID:

ARIN Provides Latest Word on Need to Move to IPv6: Will Anyone Heed the Warning? (Does anyone care?):


NetworkWorld is running an article today that talks about the announcement from ARIN (the American Registry for Internet Numbers) of the ARIN Board resolution calling upon ARIN to no longer be "neutral" in the IPv4 vs IPv6 space and instead work to actively encourage migration to IPv6... Until now, ARIN and the other RIRs have generally been fairly neutral in the IPv4 versus IPv6 debate and have not shown a preference in allocation, but this announcement from ARIN shows the first signs of change. More...

Posted by mikki at 12:43 PM | Permalink | Comments (0)

I got a brandy new LG VX9900 phone from Verizon. My previous car had proprietary hands-free tech that would only pair ONE certain phone to be useful through the center console. That phone was a 2001 vintage Motorola. Now I was free to upgrade my phone! W00t! Given that the Treo isn't very happy with the Prius (which is really something that Palm ought to fix), I got the LG.

Here's where things get stupidly complicated. The Treo allowed me to upload ALL contacts to the phone book stored in the car. This is a good thing, because the LG will not sync with the Mac, thus I can't put all of my contacts onto the LG as yet. This is ridiculously stupid, since the VX9900 is really a cool phone, with a full sized keyboard that you slide the top part of the phone away to use, a REALLY nice screen, and other relatively cool features. It is not as flexible as the Treo, but it's also MUCH less expensive. So why do I have two phones? Good question. I bought the Treo with GSM which only Cingular/AT&T has. BUT, it has really lousy coverage near my house. Verizon has great coverage. Why not dump the Treo and use just the LG? Well, because I want an iPhone which only comes with Cingular (blah). When the iPhone comes out I will sell the Treo on ebay or something, and see if the iPhone will interface with the Prius AND iSync, however the Verizon phone will still be very useful for the many coverage areas in which Cingular no workie.

The upshot of things is that since my contacts are loaded into the car, I can use either the Treo OR the LG in the car by choosing the appropriate little icon on the touch screen. I can then access the phone book that is already loaded into the car, regardless of which phone I use. I can update the phone book in the car through the Treo. Hopefully with Leopard, iSync will suddenly begin to support LG phones (please please please).

In our next installment, I will talk about the world's lamest feature of the Prius - the backup camera. LAME! Also the coolest feature - gas mileage. I'm averaging 43 mpg driving the car like a regular car. That will increase as I drive it like a hybrid. Joy :-)

Posted by mikki at 12:05 PM | Permalink | Comments (0)

ICANN Board votes against .xxx:

The application by ICM for the .xxx sTLD has been rejected by the ICANN Board by a 9-5 vote in favor of a resolution to reject the application. Susan Crawford's comments on why she voted against this resolution echo my feelings. I have continued to vote in favor of granting .xxx to ICM and voted against this resolution to reject the application. ICANN is not chartered to be involved in trying to determine whether specific content is appropriate or not. ICANN should not be determining whether top level domains (TLDs) will solve the world's problems or not. We were asked to review an application based on whether the application met the requirements of the Request for Proposal (RFP). My view is that the applicant met the requirements of the RFP and that not granting the applicant their request for the right to run the .xxx TLD is wrong. If the RFP was wrong, this should be taken into consideration when thinking about the next round and not affect our current decision.

On the other hand, as a member of the board, I will respect the majority vote of the board. We have been working on this proposal for years and we have spent a tremendous amount of effort in trying to understanding the arguments and evidence presented to us by a huge number of parties. I urge the public and people who have not been tracking this issue not to over-simplify this issue and read Susan's comments carefully. This is NOT about whether we are for or against pornography. This is about the ICANN process and the role of ICANN.

Posted by mikki at 12:07 PM | Permalink | Comments (0)

Sound is great. Putting photos up for screen savers is great. Playing certain programs and movies is great. BUT....

AppleTV does not play .mov files, which makes no sense to me. The basic premise is that if you can't import the file into an iTunes library, you can't play it on AppleTV. I have many .avi files and .mov files I have collected. Apple CLAIMS to have a conversion for those via Quicktime Pro or, if you can bring them into iTunes at all, you can convert them into a format compatible with iPods and AppleTV should play that. However, each .avi file I've tried, after it takes HOURS to convert 45 minutes worth of program, has excellent audio but a white screen for video. The same thing happened with a .mov file I tried. Attempting to import the .mov file directly into iTunes gives you a black screen. Of course, this is very disappointing. If it's yet another stupid DRM broken feature, I'm going to be unhappy.

Posted by mikki at 08:10 PM | Permalink | Comments (0)

Oh is this ever a wonderful little box. It was a snap to set up, except that it comes with NO VIDEO CABLES! Thanks so much, Apple. Could have at least shipped it with a component video cable. Anyway, the thing has an HDMI port, a component video output, optical and analog audio, a USB port, and an ethernet port. Be aware there is NO S-VIDEO output, so in case you have an older TV this will not function. It supports both 720p and 1080i (doesn't look like it supports 1080p yet...).

Setup is trivial. I plugged it into my Integra processor and turned the thing on. *poof* there it was. I'm currently syncing it to my video libraries. Apparently it makes copies of the video which can be a pain in the butt for large torrent files, but once it's done it should be fine and I'll be able to watch TORCHWOOD the way it should be seen. For music it's much faster. The optical audio input is a BIG win and makes a significant difference to the sound. Hooray.

In an attempt to sync photos, I seem to have crashed the connection between iTunes and the AppleTv box. I attempted to choose Aperture as the photo application which caused my devices list on iTunes to disappear and the picture to be lost for a few seconds. The music, however, continued to be fine. Restarting iTunes brought the devices list back and did not disrupt the music. Second time was the charm here, and Aperture was actually a selection in the dropdown menu. BIG WIN! It is now synching photos as well as everything else. Now I will see how quickly I can actually fill an AppleTV.

Looks like it's going to take a L O N G time to complete all this sync. Such is life :-).

The UI is typical Apple slick, easy for idiots, the manual is easy to understand and gives you a wonderful selection of probable scenarios for setup and use. The TV shows cute little album covers (when available) and length of time left in whatever song and times out to Apple's selection of photos. I have a feeling that will be replaced with my own photos once the sync finishes.

So... This is great! I like it! It's cool! I'm going to be playing with this thing all day long now, much to the dismay of my law partner. Woo hoo!

Posted by mikki at 12:37 PM | Permalink | Comments (0)

We had some server issues that caused a temporary non-functionality of this lovely and wonderful site. Not to worry. We're BAAAAACK :-).

Posted by mikki at 11:36 PM | Permalink | Comments (0)

A "must have" for those games of office politics. Skiff approved.

Amusing Four words: USB-powered office c...:


Four words: USB-powered office cannon

Posted by mikki at 11:12 AM | Permalink | Comments (0)

I'm one of those very strange people who hates the sound of a ringing telephone (regardless of what ringtone it uses) as it signals an annoying interruption to whatever it was I was doing. I especially hate hate hate telemarketers, "courtesy calls," "you're our customer so let's sell you this other thing" calls, "would you take this survey of your recent experience with us" calls, "confirm your appointment" calls, or most any other ridiculous annoyance calls that are not from people I care about who have something important to say. I much prefer email or IMs most of the time because I can get to that when I feel like it not not be interrupted in my latest brilliant attempt to write something or while cleaning the fish tank or feeding the aminals.

Imagine my glee when I found this little device called the "Interceptor ID" which allows me to block calls before they even ring my telephone! Glee glee glee. After a set up process in which I installed a "white list" of people whose numbers will ring through, all other numbers go to an automated announcement telling the caller to send email. How handy is THAT? Whenever I make an outbound call, it automatically adds it to the "ring through" list (which I can change on the fly if necessary, if I'm calling someone I don't like, etc. etc.).

While not perfect, since calls from Ed McMahon notifying me I've one a million dollars won't come through, I watched with great joy as it blocked 3 calls this morning from people whom I'd previously told to USE EMAIL. Joy! Rapture! Everlasting Geekish Glee! *insert snoopy dance here*

Posted by mikki at 10:27 AM | Permalink | Comments (0)

Wired AP News:


Hackers Attack Key Net Traffic Computers

By TED BRIDIS
Associated Press Writer

>WASHINGTON (AP) -- Hackers briefly overwhelmed at least three of the 13 computers that help manage global computer traffic Tuesday in one of the most significant attacks against the Internet since 2002.

Experts said the unusually powerful attacks lasted for hours but passed largely unnoticed by most computer users, a testament to the resiliency of the Internet. Behind the scenes, computer scientists worldwide raced to cope with enormous volumes of data that threatened to saturate some of the Internet's most vital pipelines.

Experts said the hackers appeared to disguise their origin, but vast amounts of rogue data in the attacks were traced to South Korea.

The attacks appeared to target UltraDNS, the company that operates servers managing traffic for Web sites ending in "org" and some other suffixes, experts said. Company officials did not immediately return telephone calls from The Associated Press.

Among the targeted "root" servers that manage global Internet traffic were ones operated by the Defense Department and the Internet's primary oversight body.

"There was what appears to be some form of attack during the night hours here in California and into the morning," said John Crain, chief technical officer for the Internet Corporation for Assigned Names and Numbers. He said the attack was continuing and so was the hunt for its origin.

"I don't think anybody has the full picture," Crain said. "We're looking at the data."

Crain said Tuesday's attack was less serious than attacks against the same 13 "root" servers in October 2002 because technology innovations in recent years have increasingly distributed their workloads to other computers around the globe.

---

Posted by mikki at 05:23 PM | Permalink | Comments (0)

ITU Stops Trying to Take over Internet:


For some time there's been a possibility of the functions of ICANN
being subsumed by the ITU, but it appears that's not going to happen:

The Internet should continue to be overseen by major agencies including
ICANN and the ITU, rather than any new "superstructure," the new head of the International Telecommunications Union said on Friday.

Hamadoun Toure, who took up the reins of the
United Nations agency this month, said the ITU would focus on tackling cyber-security and in narrowing the "digital divide" between rich and poor countries.

Internet should be run by key players: new ITU boss
Reuters,
Fri Jan 12, 1:04 PM ET

Given the track record of properly constituted international bodies such
as ITU and networking (I'm thinking of the ISO-OSI protocols),
the current ad hoc and limited nature of ICANN is a good thing.
Sometimes ICANN even remembers that it's not supposed to be doing governance;
it's supposed to be doing technical oversight in a few limited technical areas.

Most of the real work of coordinating the Internet is actually done by
the root and ccTLD domain registrars and operators, the various regional
address assignment authorities, and numerous other groups, companies,
and individuals who just get on with it.

The Internet has many problems which need addressing, including phishing,
spam, and speed, but more governance in the ITU or UN (or U.S. Dept. of
Commerce) sense seems unlikely to solve any of them.

-jsq

PS: Thanks to

James Seng.

Posted by mikki at 06:06 PM | Permalink | Comments (0)

MIT writer says Vista drove her to Mac:

Filed under: Switchers, Education

Technorati Tags: education, switchers

Posted by mikki at 03:05 PM | Permalink | Comments (0)

Don't get me wrong, I'm all for prohibiting pedophiles from finding children to molest, but this has me a bit worried. Many things could go wrong here. I'm definitely not saying "MySpace" is somehow a constitutional right, but I'm quite concerned that this won't stop here. First off, will convicted sex offenders who have obviously broken the law already, REALLY register every single email address and IM handle they have? Will parents now see places like myspace as "safe" and think they can abrogate their responsibility to check out what their kids are doing online because all the bad guys have been kept out? What about the new ones who haven't been convicted yet?

There are already too many excuses for parents to not supervise their kids' time online. I'm hoping this does not become another one.

Va. A.G. Wants Sex Offenders to Register E-Mail Addresses, IM Names:


RICHMOND, Va. - Virginia is looking to keep kids from chatting online with sexual predators by requiring convicted sex offenders to register their e-mail addresses and Instant Messaging identities with the state's Sex Offender Registry.

Attorney General Bob McDonnell wants the Commonwealth to be the first to team up with MySpace.com. The social networking site is creating a software system that would identify a sex offender should they try to log on to the site.

Posted by mikki at 02:27 PM | Permalink | Comments (0)

25 Years of Internet Mail:

Well, it depends on what you count as the beginning of Internet mail,
but Sendmail, Inc., naturally counts from when Eric Allman wrote
the first version of Sendmail in 1981, and is holding a shindig

tomorrow, 25 October 2006 at the Computer History Museum in Mt. View, California.

Of course, Ray Tomlinson beat that by a decade when he implemented the first known networked mail system in 1971, and Tom Van Vleck implemented mail on CTSS at MIT in 1965, as well as Multics mail, about 1969.

But the Internet didn't exist back then, and at least the experimental Internet did in 1981, so Eric's got a fair claim on the beginning of Internet mail.

-jsq

Posted by mikki at 08:59 PM | Permalink | Comments (0)

Slowing the Net:


What does a repressive regime do to avoid free discussion?

TEHRAN (Reuters) - Iran's internet service providers (ISPs) have started
reducing the speed of Internet access to homes and cafes based on new
government-imposed limits, a move critics said appeared to be part of
a clampdown on the media.

An official said last week that ISPs were now "forbidden" by the
Telecommunications Ministry from providing Internet connections faster
than 128 kilobytes per second (KBps), the official IRNA news agency
reported. He did not give a reason.

Internet technicians say speeds of 256 KBps, 512 KBps or higher are
increasingly common internationally. Iranian surfers will now find it
much slower to download music or anything else from the Web. Businesses
have not been affected by the move.

Iran cuts Internet speeds to homes and cafes
Reuters, Wednesday October 18, 03:41 PM

Meanwhile, in no doubt completely unrelated news:

Michael Chertoff, head of US Homeland Security, warned that people
don't need to travel to a country with "-stan" in its name to become
radicalized and commit acts of violence. Instead, they can now turn to
the Internet. "They can train themselves over the Internet. They never
have to necessarily go to the training camp or speak with anybody else
and that diffusion of a combination of hatred and technical skills in
things like bomb-making is a dangerous combination," Chertoff said at a
conference of international police chiefs, according to Reuters. "Those
are the kind of terrorists that we may not be able to detect with spies
and satellites."

US: Terrorists telecommuting to work
by Nate Anderson,
10/17/2006 11:22:49 AM

Yesterday, FBI Director Robert Mueller showed up at the same conference
and delivered a similar message. "Terrorists coordinate their plans
cloaked in the anonymity of the Internet, as do violent sexual predators
prowling chat rooms," he said, according to CNet.

Mueller took a further step, though, arguing that the US needs stricter
data retention guidelines. "All too often, we find that before we can
catch these offenders, Internet service providers have unwittingly
deleted the very records that would help us identify these offenders
and protect future victims," Mueller said. The solution? Forcing ISPs
to retain data for set periods of time.

FBI head calls for data retention rules
by Nate Anderson, 10/18/2006 10:29:11 AM

Well, I'd better get back to the no doubt
completely unrelated net neutrality posts.
The U.S. already has Internet connections far faster than those in Iran.
A tenth as fast as those in Korea and Japan.
So this can't be a problem for the U.S., can it?

-jsq

Posted by mikki at 04:37 PM | Permalink | Comments (0)

Beyond Whois - Data Mining IANA Protocol Numbers:

We all know about how the "whois" database is being mined by spammers and other scum.

This morning I woke up to find a scam email in my inbox, nothing odd about that.  What was odd, however, was that it was very clear that this email was created by mining the IANA protocol number assignments.

Posted by mikki at 05:41 PM | Permalink | Comments (0)

Beyond Whois - Data Mining IANA Protocol Numbers:

We all know about how the "whois" database is being mined by spammers and other scum.

This morning I woke up to find a scam email in my inbox, nothing odd about that.  What was odd, however, was that it was very clear that this email was created by mining the IANA protocol number assignments.

Posted by mikki at 05:40 PM | Permalink | Comments (0)

EFF Sues for Information on Electronic Surveillance Systems:

FBI Withholds Records on Tools to Intercept Personal Communications

Washington, D.C. - The FLAG Project at the Electronic Frontier Foundation (EFF) filed its first lawsuit against the Department of Justice Tuesday after the FBI failed to respond to a Freedom of Information Act (FOIA) request for records concerning DCS-3000 and Red Hook -- tools the FBI has spent millions of dollars developing for electronic surveillance.

DCS-3000 is an interception system that apparently evolved out of "Carnivore," a controversial surveillance system the FBI used several years ago to monitor online traffic through Internet service providers. One Department of Justice report said DCS-3000 was developed to "intercept personal communication services delivered via emerging digital technologies" and that it was used "as carriers continue to introduce new features and services." According to the same report, Red Hook is a system to "collect voice and data calls and then process and display the intercepted information."

The FLAG Project first filed its FOIA request for information about the surveillance systems on August 11, 2006. The FBI acknowledged receipt of the request, but the agency has not responded within the time limit required by law.

"Recent allegations of domestic spying by the U.S. government already have both lawmakers and the general public up in arms. Americans have a right to know whether the FBI is using new technology to further violate their privacy," said EFF Staff Attorney Marcia Hofmann. "The Department of Justice needs to abide by the law and publicly release information about these surveillance tools."

EFF's FLAG Project, launched last month, uses FOIA requests and litigation to expose the government's expanding use of technologies that invade privacy.

"Transparency is critical to the functioning of our democracy, especially when the government seeks to hide activities that affect the rights of citizens," EFF Senior Counsel David Sobel, who directs the FLAG Project. "We have recently seen numerous instances where federal agencies have sought to conceal surveillance activities that raise serious legal issues."

For the full FOIA suit filed against the Department of Justice:
http://www.eff.org/flag/dcs/dcs_complaint.pdf

For more on the FLAG Project:
http://www.eff.org/flag/

Contacts:

Marcia Hofmann
Staff Attorney
Electronic Frontier Foundation
marcia@eff.org

David Sobel
Senior Counsel
Electronic Frontier Foundation
sobel@eff.org

Posted by mikki at 03:32 PM | Permalink | Comments (0)

:: Douglas Rushkoff - Weblog :::


I hope people I've inspired with my work would band together to help me out in my later years if I needed it. Which is at least part of the reason why I'm sending what I can to support cosmic thinking patriarch Robert Anton Wilson, whose infirmity and depleted finances have put him in the precarious position of not being able to meet next month's rent.

In case the name doesn't immediately ring a bell, Bob is the guy who wrote Cosmic Trigger - still the best narrative on how to enter and navigate the psycho-spiritual realm, and co-wrote the Illuminatus Trilogy, an epic work that pushes beyond conspiracy theory into conspiracy practice. Robert Anton Wilson will one day be remembered alongside such literary philosophers as Aldous Huxley and James Joyce.

But right now, Bob is a human being in a rather painful fleshsuit, who needs our help. I refuse for the history books to say he died alone and destitute, for I want future generations to know we appreciated Robert Anton Wilson while he was alive.

Let me add, on a personal note, that Bob is the only one of my heroes who I was not disappointed to actually meet in person. He was of tremendous support to me along my road, and I'm honored to have the opportunity to be of some support on his.

Any donations can be made to Bob directly to the Paypal account olgaceline@gmail.com.
You can also send a check payable to Robert Anton Wilson to
Dennis Berry c/o Futique Trust
P.O. Box 3561
Santa Cruz, CA 95063.

Posted by mikki at 05:44 PM | Permalink | Comments (0)

Don't want your machine taken over by spam bots to become a zombie, spewing spam from your brandy new DSL line? Buy a Mac :-). Or at least figure out how to button up your current OS to make sure that the bad guys can't use it to mess with the rest of us.

Meantime, I must thank the amazing Gaige for cutting down my personal spam load to perhaps 10% of what I WAS getting. The vast majority of what's left is filtered beautifully by Spam Sieve. Thanks guys!

BBC NEWS | Technology | More than 95% of e-mail is 'junk':


More than 95% of e-mail is junk, be it spam, error messages or viruses, report mail monitoring firms.

Analysis of the contents of millions of e-mails has revealed that less than 4% is legitimate traffic.

Further work has shown that most of this junk mail is originating on hijacked home computers.

E-mail security firm Return Path said 99% of the computers it monitors that send mail have been taken over by spammers or virus writers.

Return Path reached its estimate by calculating a "reputation score" for the 20 million net addresses of those machines.

The score was derived by analyzing the e-mail traffic sent through those addresses, the number of complaints filed about that address, and if the owner of that address responds to complaints.

The vast majority of these net addresses were not good net citizens, said George Bilbrey, spokesman for Return Path.

Only 1% of net addresses could be regarded as legitimate sources of mail.

Posted by mikki at 12:49 AM | Permalink | Comments (0)

Stolen laptop with veterans' info recovered | News.blog | CNET News.com:


An official announcement was made Thursday that a laptop computer containing the personal information of around 26.5 million veterans and military personnel has been recovered, CNN reports.

The laptop disappeared from a government employee's home in May in what could be one of the biggest thefts of Social Security numbers ever. The employee who took home the laptop, which also included veterans' and their spouses' dates of birth, did so in violation of Department of Veterans' Affairs policy.

Veterans' Affairs secretary Jim Nicholson says there have been no instances of identity theft reported to date.

Posted by mikki at 12:22 PM | Permalink | Comments (0)

Apple v Does - Free Speech Wins/Bloggers are Journalists:


I am extremely happy to tell you that there is a ruling [PDF] in the Apple v. Does litigation from the Appeals Court. As I told you, Groklaw joined in an amicus brief [PDF] on the issue of whether bloggers are journalists. (I naturally cared deeply about being able to protect my sources, one of the issues raised in the case.) The Appeals Court says they are. I'll put the entire ruling up as text as soon as I can, but I just couldn't wait to tell you about this. Lauren Gelman, at the Center for Internet and Society,Stanford Law School, who did the heavy lifting on the amicus brief, says this about the ruling: The Court also held that the website editors were journalists entitled to claim California’s Journalist Shield to prevent them from being held in contempt for not disclosing sources and to claim the First Amendment’s protections for journalists.This is a *huge* win! Now journalists can feel safe knowing that they can protect their sources’ identity no matter in which medium they choose to disseminate news (as we argued in our amicus brief).

Posted by mikki at 12:15 AM | Permalink | Comments (0)

This is kind of cool. You can share which weblogs you read and are subscribed to by going to this loverly place and setting up a free membership. share.opml.org. Of course, make sure to put up Psycho Sensei's feed at http://www.psychosensei.com/index.rdf so that we get the recognition we totally deserve as being the blog of choice for all Psychos :-).

Posted by mikki at 01:52 PM | Permalink | Comments (0)

I'm starting to get quite worried about RFID applications and the misuse thereof. People don't understand the dangers of these chips, nor do they even have a real choice regarding whether these devices are being used or not. We're not even told most of the time when they're in use. We are required by the government to use them in multiple cases thus far. For example, our passports are going to be chipped. They SAY that you can only read them when you're a few inches away. How many inches? Can you walk by a street cafe and pick up whether the four people at the table in the front happen to be American citizens with RFID passports? Say that cafe is in Baghdad. Then what?

Gone in 60 seconds--the high-tech version | CNET News.com:


Let's say you just bought a Mercedes S550--a state-of-the-art, high-tech vehicle with an antitheft keyless ignition system.

After you pull into a Starbucks to celebrate with a grande latte and a scone, a man in a T-shirt and jeans with a laptop sits next to you and starts up a friendly conversation: "Is that the S550? How do you like it so far?" Eager to share, you converse for a few minutes, then the man thanks you and is gone. A moment later, you look up to discover your new Mercedes is gone as well.

Now, decrypting one 40-bit code sequence can not only disengage the security system and unlock the doors, it can also start the car--making the hack tempting for thieves. The owner of the code is now the true owner of the car. And while high-end, high-tech auto thefts like this are more common in Europe today, they will soon start happening in America. The sad thing is that manufacturers of keyless devices don't seem to care.

Wireless or contactless devices in cars are not new. Remote keyless entry systems--those black fobs we all have dangling next to our car keys--have been around for years. While the owner is still a few feet away from a car, the fobs can disengage the auto alarm and unlock the doors; they can even activate the car's panic alarm in an emergency.

First introduced in the 1980s, modern remote keyless entry systems use a circuit board, a coded radio-frequency identification (RFID) technology chip, a battery and a small antenna. The last two are designed so that the fob can broadcast to a car while it's still several feet away.

Posted by mikki at 07:44 PM | Permalink | Comments (0)

So THAT'S where my friend JBVB went to! Cool.

How RFID hackers can steal gas, cars, and office access:


Cory Doctorow: Annalee Newitz has a great feature on RFID hackers in this month's Wired -- she tells the story of various RFID hackers who exploit vulnerabilities in RFID tags to hotwire cars, steal gas, break into your office, and get up to other naughtiness:
James Van Bokkelen is about to be robbed. A wealthy software entrepreneur, Van Bokkelen will be the latest victim of some punk with a laptop. But this won't be an email scam or bank account hack. A skinny 23-year-old named Jonathan Westhues plans to use a cheap, homemade USB device to swipe the office key out of Van Bokkelen's back pocket.
"I just need to bump into James and get my hand within a few inches of him," Westhues says. We're shivering in the early spring air outside the offices of Sandstorm, the Internet security company Van Bokkelen runs north of Boston. As Van Bokkelen approaches from the parking lot, Westhues brushes past him. A coil of copper wire flashes briefly in Westhues' palm, then disappears.

Van Bokkelen enters the building, and Westhues returns to me. "Let's see if I've got his keys," he says, meaning the signal from Van Bokkelen's smartcard badge. The card contains an RFID sensor chip, which emits a short burst of radio waves when activated by the reader next to Sandstorm's door. If the signal translates into an authorized ID number, the door unlocks.

The coil in Westhues' hand is the antenna for the wallet-sized device he calls a cloner, which is currently shoved up his sleeve. The cloner can elicit, record, and mimic signals from smartcard RFID chips. Westhues takes out the device and, using a USB cable, connects it to his laptop and downloads the data from Van Bokkelen's card for processing. Then, satisfied that he has retrieved the code, Westhues switches the cloner from Record mode to Emit. We head to the locked door.

Link

Posted by mikki at 07:55 PM | Permalink | Comments (0)

AOL to launch free AIM phone service | CNET News.com:


America Online is planning to launch by the end of the month AIM Phoneline, a free service that will let AOL Instant Messenger users receive incoming calls from any phone, an AOL spokeswoman said Thursday.

Voice over instant messaging is built into AIM, Google Talk, Yahoo Messenger and MSN Messenger, but AIM Phoneline would be the first to offer a free phone number. Those services compete with the popular net telephone provider Skype, which was acquired by eBay last year.

Users will be able to pay $14.95 a month to upgrade to AIM Phoneline Unlimited, which would allow them to make calls to any number in the U.S. and 30 other countries, the spokeswoman said.

AOL, a division of Time Warner, also plans to roll out later this month a blogging service called AIM Pages that will alert people when contacts in their buddy list update their AIM Pages blog, she said.

Posted by mikki at 10:55 PM | Permalink | Comments (0)

CDT Report Identifies Large Corporate Adware Funders:


Large well-respected companies are helping to fund the virulent spread of unwanted and potentially harmful "adware" by paying for advertisements generated by those programs, a new report by CDT finds. In "Following the Money: How Advertising Dollars Encourage Nuisance and Harmful Adware and What Can be Done to Reverse the Trend," CDT details how -- through a complicated network of intermediaries -- major advertisers pay to have their products and services advertised though pop-ups and other ads generated by unwanted advertising software or "adware." (Note: After the initial publication of this report, four of the advertisers named in the document -- Waterfront Media, PeoplePC, LetsTalk.com and GreetingCards.com -- contacted CDT to clarify their adware policies and practices. The current version of the report reflects those updates).

Posted by mikki at 04:44 PM | Permalink | Comments (0)

Intel Mac tricked into triple-boot config | Reg Hardware:


Intel-based Macs can now play host to three operating systems and boot into any one of them at will. The triple-boot technique has been outlined on the OnMac.net website, home of the first code to allow the new machines to run Windows XP.

The procedure's not trivial, though it makes use of Apple's BootCamp utility to ease you through the installation of Windows XP. After installing XP, the process walks you through adding a Linux distrubution off a live Linux CD to the dynamically re-partitioned Mac hard drive. This Linux uses a swapfile for virtual memory rather than the more commonplace swap-specific partition due to limitations in the permitted partition structure.

Posted by mikki at 11:36 PM | Permalink | Comments (0)

Nobody seems to understand that this is exactly the same thing as telling the post office to archive every copy of every letter "just in case" or the telephone company to record all telephone conversations and archive them "just in case." This is yet another ridiculous attempt for government to get into our personal lives.

ISP snooping gaining support | CNET News.com:


The explosive idea of forcing Internet providers to record their customers' online activities for future police access is gaining ground in state capitols and in Washington, D.C.

Top Bush administration officials have endorsed the concept, and some members of the U.S. Congress have said federal legislation is needed to aid law enforcement investigations into child pornography. A bill is already pending in the Colorado State Senate.

Mandatory data retention requirements worry privacy advocates because they permit police to obtain records of e-mail chatter, Web browsing or chat-room activity that normally would have been discarded after a few months. And some proposals would require providers to retain data that ordinarily never would have been kept at all.

Posted by mikki at 12:52 PM | Permalink | Comments (0)

Top News Article | Reuters.com:


BERLIN (Reuters) - German police have arrested seven members of an international gang of so-called "phishers", who hacked into computers of internet banking customers and raided their accounts, authorities said on Tuesday.

"The investigation is continuing but what we can say now is they were able to obtain thousands of individual pieces of data," a spokeswoman for the BKA federal crime office said.

Three other members of the ring are still under investigation.

The word "phishing" is said to derive from a combination of two words, which describes the act of hackers "fishing" for "passwords".

A statement posted on the BKA Web site said the shutdown of the phishing ring of Germans and Lithuanians had prevented "millions of euros of losses" that online banking customers would have incurred if the phishers had carried out their plan.

Posted by mikki at 09:34 PM | Permalink | Comments (0)

Boing Boing: Shakespeare's "Shall I compare thee to a summer's day?" as code:


Shakespeare's "Shall I compare thee to a summer's day?" as code
Here's William Shakespeare's Sonnet 18 ("Shall I compare thee to a summer's day?") converted into the programming language ActionScript:
// Sonnet 18: Shall I compare thee to a summer's day?
// by William Shakespeare
// ported to ActionScript 2.0 by Satori Canton
//
// Original poem can be viewed at:
// http://plagiarist.com/poetry/915/
var summer:Object = {};
var thee:Object = {};

summer.name = "Summer Day";
thee.name = "Thee";

summer.lovelyness = 9;
thee.lovelyness = 10;

summer.temperature = 98;
thee.temperature = 98.6;

summer.lease = new Date(2006, 7, 31).getTime() - new Date(2006, 5, 1).getTime();
thee.lease = new Date(2042, 6, 12).getTime() - new Date(1970, 8, 25).getTime();

summer.complexion = 0xFFCC33;
thee.complexion = 0xFFCCCC;

Posted by mikki at 11:49 AM | Permalink | Comments (0)

DHS scores F on cybersecurity report card | CNET News.com:


The U.S. Department of Homeland Security earned failing marks in an annual computer security report card released Thursday by a congressional oversight committee.

That means the federal agency tasked with principal responsibility for the nation's cybersecurity has now received a grade of "F" from the U.S. House of Representatives Committee on Government Reform for three straight years--in other words, every year of its young existence.

It's not alone. Of the 24 departments on the scorecard (click for PDF), seven others, including Energy, Agriculture, Veterans Affairs, State, and Defense, also received failing marks for 2005. The scores for both Defense and State had hovered above passing-- at D and D+, respectively--in 2004. The overall grade across all government agencies was D+, unchanged from last year.

The shortcomings were little surprise but are nonetheless "appalling," said Gene Spafford, a Purdue University computer science professor who has long been urging greater cybersecurity research and more development dollars. He served on a presidential advisory committee that released a scathing report last year called "The Cyber Security Crisis: A Failure of Prioritization."

Posted by mikki at 06:34 PM | Permalink | Comments (0)

Busted: debit card crime ring linked to OfficeMax breach:


Xeni Jardin:

Snip from CNET report:

Law enforcement officials in New Jersey have arrested 14 people in connection with a crime spree that has forced banks across the nation to replace hundreds of thousands of debit cards. The suspects, all U.S. citizens, are accused of using stolen credit and debit card information to produce counterfeit cards that were used to make fraudulent purchases and withdrawals from card-holder accounts, Hudson County Prosecutor Edward DeFazio said. Most of the arrests were made during the past two weeks.

Some of the stolen credit card information came from the office-supply chain OfficeMax and other businesses, DeFazio told CNET News.com on Monday. "We had cooperation from the security people from many victimized businesses," he said.

Posted by mikki at 08:51 AM | Permalink | Comments (0)

Encrypted VOIP from PGP creator Zimmermann: Zfone:


Xeni Jardin:

Over on Slashdot, CmdrTaco shares timely and exciting news for law-abiding Americans who don't care for involuntary three-way calls with the NSA (it's big news for anyone in the world who likes to keep private conversations private):

Philip Zimmermann, creator of PGP wrote in to tell me about Zfone, his new system for encrypting any SIP VoIP voice stream. His first release is Mac & Linux only. I tested it with him using Gizmo as our client and it was pretty trivial to use. While it should work on most any SIP compatible VoIP client, he hopes that clients like OpenWengo and Gizmo will incorporate Zfone directly into the UI. Zfone has no centralization, and has been submitted to the IETF. He hasn't yet determined a license, but he believes strongly in releasing source code for all encryption products. A windows client is forthcoming.

Link.

Continue reading "Encrypted VOIP from PGP creator Zimmermann: Zfone" »

Posted by mikki at 08:49 AM | Permalink | Comments (0)

Quite the interesting thing. Years ago, before the formation of ICANN, when the intellectual property cartel was fighting to keep the Internet to themselves, the Domain Name Rights Coalition along with other enlightened groups and individuals, argued that the Internet is the greatest marketplace of ideas ever created. For the first time, the voice of the individual could achieve as much recognition as the voice of powerful publishers. This concept, over 10 years later, is still frightening the cartel, but it is catching on. The revolution is in progress, and there's no stopping it.

A peek into the future:


From politics to movie-making, from NASA to NASCAR, exciting new changes are occurring -- and so is the very process of innovation. For one thing, corporations and universities no longer dominate the world of new ideas. Instead, we're living in an age of individual innovation spurred on by the Internet as well as a form of group project best represented by resources like Wikipedia, the online encyclopedia that is edited by the masses instead of an elite cadre of professional editors.

Posted by mikki at 01:29 PM | Permalink | Comments (0)

At what point does the idea of "Internet Bullying" become ridiculous? At the point where the person being "bullied" fails to SHUT OFF THE COMPUTER! Yes, this pisses me off, and here's why: I have been involved with BBS "rooms," usenet, IRC, and occasionally AOL chat rooms etc. and, just like in real life, personalities often clash. When this happens in real life, what do you do if you know that a substantial group of people does not LIKE you for whatever reason? Do you keep forcing your presence on them and then whine, cry or SUE if they tell you you're a pain in the butt or call you names? I don't think so. You find OTHER friends. At least you do if you have a brain.

There is a big difference between what you CAN do and what you SHOULD do. I CAN go into an IRC channel entitled something like "#woman_hating_right_wing_vegetarian_hunters_for_Jesus" but SHOULD I? And if I finally decide to, should I be outraged if I get "picked on" or kicked and banned from the room? Should I call a lawyer? Or should I open my own channel called "#men_hating_left_wing_carnivore_nonhunters_for_Cuthulu?" Even better, should I shut off the computer and get a life?

Of course, if the abuse turns to stalking, or to real-life problems, then it becomes harassment or another type of crime, and the police should be called. But damn, the kind of nonsense referred to from what I can see here (besides the allegation that someone travelled all the way across the country just to change someone's US Mail, which I find rather unlikely) is much more akin to suing for your sister looking at you in the back seat of the car. "Judge, she's LOOKING AT ME." Get over it. Grow up. Get a life. Get a clue. Turn off the computer. Go watch some nice violent TV or something.

law.com - Chat Room Chatter Draws Lawsuit:


Do the courts have jurisdiction over what people say in Internet chat rooms?

That question is being played out in what some lawyers claim is a first-of-its-kind lawsuit in Ohio, where a man claims he was humiliated online in an Internet chat room, and has filed a lawsuit over the incident.

The plaintiff, George Gillespie of Medina County, Ohio, is suing America Online for allegedly failing to do anything about the abuse he endured in the chat room, and the two chat room participants who allegedly caused him emotional distress by teasing him. Gillespie v. America Online, No. 05CIV1255 (Medina Co., Ohio, Ct. C.P.).

According to court documents, the chat room participants "acted in an outrageous manner, which they knew or should have known would cause serious emotional distress to the plaintiff ... The Defendants' conduct was so extreme and contemptible as to go beyond all possible bounds of decency."

Posted by mikki at 01:35 PM | Permalink | Comments (0)

NSA inadvertently uses banned data-tracking "cookies" at Web site:


By ANICK JESDANUN AP Internet Writer (AP) - NEW YORK-The National Security Agency's Internet site has been placing files on visitors' computers that can track their Web surfing activity despite strict federal rules banning most of them.

Posted by mikki at 01:05 PM | Permalink | Comments (0)

Web Browser Diversity:

As I give talks, I continue to find, to my continued surprise, that many people don't know that there is any
alternative to Internet Explorer (IE).
The other day a webmaster of long acquaintance said something to the effect of:

Sure, I tailor my web pages for IE.
What else would anybody use?
And why would they?

(I usually attribute quotations or even paraphrases, but let's let that one remain nameless.)

Why? Because IE draws security exploits like honey draws flies. Because it has deep design flaws. Because it is less capable than all the other major browsers. Because having a single browser used by 90% of desktop users is inherently unsafe, no matter what the browser is, because it is a monoculture, which means that there is a possibility that an exploit could attack a large proportion of all desktop machines all at the same time. This isn't an academic concern, either, since there have been numerous IE exploits, including some, such as scob, for which there was no patch.

What else would they use?

There are quite a few choices readily available right off the net.

• Firefox, which was developed by a former IE user who got tired of having to clean his system every few days of spyware and viruses introduced via IE.
• 
  Opera, a nice lightweight (in terms of code size, not functionality) browser.
  
• 
  Netscape 8, which
  according to this c|net article,
  can emulate either Firefox or IE, without IE's main security flaws.
  
• 
  Deepnet Explorer, which the same article says is built on the IE codebase but cleaned up.
  
• 
  Safari, which comes with the Macintosh OSX operating system.
  

All of these browsers have tabbed browsing and RSS feeds, neither of which
does IE yet have.

Personally, I don't see emulating IE (as Deepnet Explorer and Netscape 8 can do) as a feature, because it lets webmaster be lazy and code only for IE, thus leaving excuses for users to use only IE.

Also, I favor browsers that work on multiple operating systems, so that you can keep a familiar browser even if you choose to change operating systems. So I'd recommend Firefox or Opera for that reason. They're also the two browsers I use.

-jsq

Posted by mikki at 12:46 PM | Permalink | Comments (0)

Oh really? You think? It's rather pathetic that my mailbox has been completely flooded with TONS of spam each and every day, especially during the overnight hours.

US 'winning war' on e-mail spam:


The number of unsolicited e-mails received in the US has dropped thanks to new measures, a report finds.

Posted by mikki at 05:34 PM | Permalink | Comments (0)

Like many photographers with HUGE libraries of digital photos, I eagerly awaited the unveiling of Apple's Aperture. At first glance, it looked like just what I needed - an easy organizer for digital photos that also does rudimentary "tweaking" of photos. So off I ran to the Apple Store online and bought the product. As always, it was shipped quickly and arrived happily at my house. That's when the disappointment began....

So there I was, sitting in front of my 2 mhz dual processor G5 with many trailing hard drives, with tens of thousands of photos on it, and put attempted to install the product. Nope, won't install unless you have at least 1 Gig of RAM. Annoying. Oh well, I had that on my laptop, and approximately 30,000 photos on there, so why not install it there, organize everything up, and then work on the G5 after I get more memory. It installed on the laptop, so far so good.

Then I found that in order to organize your files, Aperture copies them all. Gee, can't do that with the laptop with only 100 gigs of hard drive space. That's annoying, says me. It would have been very nice if Aperture could use the already existing iPhoto libraries without making copies, but alas this was not to be. Ok, so I backed everything up onto a firewire drive, deleted the photos from the powerbook, then imported everything back over, starting with small chunks.

Despite the small chunks, import crashed Aperture many times. In addition, it was S L O W. Very S L O W. In fact, it was so annoyingly slow that I just gave up and set things up to import the whole thing while I went to sleep.

Upon waking up, I found that just about everything had imported happily into Aperture without unhappy crashes. This was good. However, despite it being an organizer, there was no way I could find to take the entire library of files and look for duplicates, then perhaps choose the largest file and delete the others. Wouldn't THAT be a nifty thing to do? Nope, isn't such a function that I could find, so I started going through project after project, trying to find duplicates then resort the photos. This, was also insanely S L O W.

So tell me - they SAY that Aperture is supposed to replace iPhoto for those of us who have huge numbers of files. However, if it's barely usable because of its lack of speed and features that digital photographers might need, why bother? I really hope that 1.1 fixes some of this stuff.

Anyone know any REALLY STUDLY organizer programs for the Mac?

p.s. More annoyance. Tried to rate a photo. It rated it, then changed the display, showing only 200 photos, then S L O W L Y loaded the photos back in, and scrolled back to the top of the window, so I would have to then scroll all the way back down again, waiting for the display to catch up. Foo.

Posted by mikki at 06:17 PM | Permalink | Comments (1)

So here's my question - given the intelligence of most AOL users, how would they know the difference between a bot and a "person?" Most unsolicited IMs I get are made up of letters such as "R U M or F" or "How R U?" Could it be that the bot is actually brighter than the average AOL user? :-)

New IM worm chats with intended victims | CNET News.com:


You can now instant message with a worm.

A new worm that targets users of America Online's AOL Instant Messenger is believed to be the first that actually chats with the intended victim to dupe the target into activating a malicious payload, IM security vendor IMlogic warned Tuesday.

According to IMlogic, the worm, dubbed IM.Myspace04.AIM, has arrived in instant messages that state: "lol thats cool" and included a URL to a malicious file "clarissa17.pif." When unsuspecting users have responded, perhaps asking if the attachment contained a virus, the worm has replied: "lol no its not its a virus", IMlogic said.

The malicious file disables security software, installs a backdoor and tweaks system files, the company said. Then it starts sending itself to contacts on the victim's buddy list.

Posted by mikki at 04:26 PM | Permalink | Comments (0)

But wait a minute! Isn't ICANN supposed to be dealing with the technical management of the Internet, which obviously includes security? Am I missing something?

9/11 Commissioners Criticize Lack of Cybersecurity Progress...:


9/11 Commissioners Criticize Lack of Cybersecurity Progress

Posted by mikki at 04:23 PM | Permalink | Comments (0)

JURIST - Paper Chase: Federal judge rules Blackberry settlement invalid:


[JURIST] US District Judge James R. Spencer [JTBF profile] of the Eastern District of Virginia [official website] Wednesday rejected the disputed settlement pact between the maker of the Blackberry [product website] comunications device, Research in Motion Ltd. (RIM) [corporate website], and the patent owner of the technology behind the device, NTP, Inc. The $450 million settlement, which the companies agreed to in March, but never finalized, would have ended NTP’s infringement suit against RIM, which wanted to enforce the agreement. Spencer will next determine whether to issue an injunction that completely halts Blackberry sales and service in the US. Industry experts believe the ruling will force RIM to settle the suit for as much as $1 billion. Nasdaq stopped trading Blackberry's shares shortly before the ruling was made public. AP has more.

Posted by mikki at 11:17 PM | Permalink | Comments (0)

Why should "cyberterror" be different than any other type of "terror?" With the word being bandied about by anyone who believes it adds emphasis. Just pray that we don't have a "war on cyberterror" where our civil liberties online are curtailed even further.

Cyberterror 'overhyped,' security guru says:


Officials claiming terrorists pose serious danger to computer networks direct attention away from common criminals, expert says.

Posted by mikki at 01:08 PM | Permalink | Comments (0)

This is fabulous! If it truly works, and can truly be made so cheaply, and if corporations get behind it, and buy them and send them to those who need it, we could certainly spread literacy, education, and learning around the world. How cool!

BBC NEWS | Technology | UN debut for $100 laptop for poor:


A prototype of a cheap and robust laptop for pupils has been welcomed as an "expression of global solidarity" by UN Secretary General Kofi Annan.

The green machine was showcased for the first time by MIT's Nicholas Negroponte at the UN net summit in Tunis.

He plans to have millions of machines in production within a year.

The laptops are powered with a wind-up crank, have very low power consumption and will let children interact with each other while learning.

"Children will be able to learn by doing, not just through instruction - they will be able to open up new fronts for their education, particularly peer-to-peer learning," said Mr Annan.

He added that the initiative was "inspiring", and held the promise of special and economic development for children in developing countries.

Posted by mikki at 11:16 AM | Permalink | Comments (0)

Mars, Venus Reign This Month:


Mars and Venus present a treat to sky gazers in November, marking two memorable points of light at opposite ends of the sky. Mars reaches its brightest point early in the month and will be easy to find even while in the city. See our neighboring red planet now because it will not be this brilliant until 2018.

Look for Mars in the eastern sky after dark, as it is a brilliant, unmistakable orange-red. You can find it in the south after midnight, and you can see it in the western sky in the early morning hours.

Officially, the red planet reaches opposition on Monday, which means that from Earth's point of view, Mars is opposite from the sun. In other words, when the sun sets in the west, Mars rises in the east. Interestingly, the nearly full moon and Mars rise together Nov. 14.

The full moon -- and that can mean any full moon -- is always opposite the sun. By Thanksgiving, Mars sets earlier and rapidly becomes dimmer.

Facing south, when night arrives and Mars begins to enter stage left, Venus is exiting stage right. Find Venus deep in the south-southwestern sky at dark. While Mars has a distinctly orange-red tint, Venus is a very bright white.

Saturn rises in the east-northeast around 11:30 p.m. now, and by mid-month the great ringed planet will ascend the eastern heavens in the 10 p.m. hour. You can find this gaseous, giant planet in the constellation Cancer.

Jupiter races through the morning sky just ahead of the rising sun in the east-southeast. In the middle of the month, this gaseous giant planet rises about 6 a.m., and by month's end climbs the eastern horizon about 5:15 a.m. It's should be easy to see from the city.

The fleet Mercury follows Jupiter toward the end of the month and makes a cameo appearance ahead of the rising sun. Look for it hugging the horizon. This is not a good year for the reliable mid-November Leonid meteors, which are likely to be washed out by the moon.

Posted by mikki at 09:10 AM | Permalink | Comments (0)

Oklahoma Man Wins $10 Million Judgment Against a Spammer: "On Thursday the 22nd, Robert Braver, an Oklahoma ISP owner who is a long time activist against both spam and junk faxes, received a default judgment of over $10 million against high profile spammer Robert Soloway and his company Newport Internet Marketing. Soloway has frequently been cited as one of the ten largest spammers in the world."

(Via CircleID: All Posts.)

Posted by mikki at 02:21 PM | Permalink | Comments (0)

Another example of people stepping up to the plate without having to resort to waiting (and waiting, and waiting) for the government to do it for them

Geek Cavalries Turn Post-Katrina Landscape into Wireless Lab: "Independent providers and private companies join together to help hurricane victims -- with little government support."

(Via Technology Review: Government, Law & Policy.)

Posted by mikki at 12:02 PM | Permalink | Comments (0)

Isn't this ironic? Our lovely Arnold, who built his reputation as a blood spilling nasty violent dude in movies that were rated as "ok" for teens, decides that video games are much more dangerous than watching disgusting entrails all over your 60 inch plasma screen in high definition. Strange, no?

The Terminator bans himself: "Blog: California Gov. Arnold Schawzenegger, who played the title role in 'Conan the Barbarian' and starred as a cyborg assassin..."

(Via CNET News.com.)

Posted by mikki at 05:29 PM | Permalink | Comments (0)

The courts are getting wise to the power grabs by the content cartel. Hooray!

Court overturns broadcast flag | News.blog | CNET News.com: "The U.S. Court of Appeals for the D.C. Circuit ruled on Friday that the Federal Communications Commission did not have the authority to prohibit the manufacture of computer and video hardware without the so-called 'broadcast flag.' The FCC's regulations were intended to limit unauthorized Internet redistribution of TV broadcasts."

(Via CNet.)

Posted by mikki at 11:30 AM | Permalink | Comments (0)

An explanation for Microsoft's anti-gay stance?: "

United States: John Aravosis has been poking around and has discovered that Microsoft pay a $20,000 a month retainer to fundie leader Ralph Reed. The precise reason why isn't known, but Aravosis suspects it might explain something:

Now, just think a minute. Microsoft finds itself under criticism from the local evangelical leader, religious right shareholders, bigoted employees and who knows who else. They don't know what to do. Who do they turn to? Well, if I'm in a religious right pickle, I'd turn to my $20,000 a month retainered religious right consultant, the former leader of the religious right, Ralph Reed.

And which side do we think the former head of the religious right would favor were he advising Microsoft what do when trapped between the Scylla and Charybdis of the gays vs. the religious right?

A. Stick to your guns and defend the gays? or
B. Find a way to stiff the gays and move more in line with the religious right?

Well, shiver my timbers, Microsoft ended up going with option B.

The article includes his sources, copies of invoices etc. Equal Rights Washington has issued an open letter to Microsoft urging to break off the relationship.

Isn't this cute?

Microsoft paying Religious Right leader Ralph Reed $20,000 a month retainer - AMERICAblog, 26th April 2005 (via The Sideshow).

While we're bashing Microsoft, here are the latest super-accurate terms used to find the Prattle home page on the MSN search engine.

(Via The Pagan Prattle Online.)

Posted by mikki at 07:10 PM | Permalink | Comments (0)

Think perhaps they might be getting clueful? Maybe? Please?

Feds Rethinking RFID Passport: "In the wake of privacy concerns about the government's new RFID passports, the State Department is reconsidering a plan it previously rejected. The plan would offer privacy protection, including encryption. By Kim Zetter."

(Via Wired News.)

Posted by mikki at 11:17 AM | Permalink

Blog Without Getting Burned: "

EFF Releases How-To Guide for People Who Want to Blog Safely and Anonymously

San Francisco, CA - With the privacy of bloggers and their news sources coming under fire in the court system, it's crucial that web writers know how to express themselves without risking their jobs or social lives. Yesterday the Electronic Frontier Foundation (EFF) released 'How to Blog Safely (About Work or Anything Else),' a how-to guide for bloggers worried about protecting their privacy and free speech.

The guide covers basic measures people can take to keep their blogs anonymous and explores what the law says about discussing work-related issues online. Some advice is common sense; for example, don't post a picture of yourself if you want to stay anonymous. But for bloggers who want strong guarantees of privacy, EFF suggests using technologies like Tor or Anonymizer to prevent your blog-hosting company from logging your computer's unique Internet Protocol (IP) address. Bloggers who fear they could be fired for blogging are also given an introduction to laws that prevent an employer from punishing them for speaking out online.

'There is a lot of misinformation out there about the ways people could get into trouble for blogging,' said EFF Policy Analyst Annalee Newitz. 'We hope advice about online anonymity and the law will help more people engage in free expression without living in fear of reprisals, legal or otherwise.'

Contacts:

Annalee Newitz
Policy Analyst
Electronic Frontier Foundation
annalee@eff.org

Kurt Opsahl
Staff Attorney
Electronic Frontier Foundation
kurt@eff.org

(Via EFF: Press.)

Posted by mikki at 11:02 PM | Permalink

The Cavebear has very good points. Check them out.

In many respects the internet is going to hell in a hand basket.

Spam, phishing, DNS poisoning, DDoS attacks, viruses, worms, and the like make the net a sick place. It is bad enough that bad folks are doing this. But it is worse that just about every user computer on the net offers a nice fertile place for such ill behavior to be secretly planted and operated as a zombie under the control of a distant and unknown zombie farmer.

Most people still think that the the main risk of being on the net is the risk that one's own machine might be damaged from things lurking out there on the net.

Some of us are coming to the converse point of view - that the net is being endangered by the masses of ill-protected machines operated by users.

For a decades upon decades Ma Bell (AT&T) insisted that the telephone networks be protected against the dangers of non-Bell phones and other equipment. This reached the height of absurdity with the Hush-A-Phone case when AT&T claimed that an innocent plastic hand could deafen operators, shock linemen off of poles, and otherwise wreck havoc.

Continue reading "Protecting the Internet - Certified Attachments and Reverse Firewalls?" »

Posted by mikki at 11:52 AM | Permalink | Comments (0)

A very sad day in the history of the Mac. Perhaps it's a coincidence that my Powerbook hard drive also died the same day.

The computer interface expert who launched the Macintosh project for Apple Computer dies of cancer at age 61.
[CNET News.com]

Posted by mikki at 11:20 PM | Permalink | Comments (0)

Yes, this is indeed a very good question. But perhaps maybe a more pertinent question would be, why do Mac Users STILL have to use Windows crap? I've come across MANY web sites that require a Windows box for them to work right. Wasn't part of the whole idea of web based applications CROSS PLATFORM interoperability?

One of the ridiculous applications that still requires Windoze is PayPal's shipping label printing program. Obviously, this is a ridiculous limitation given that the USPS site to which PayPal supposedly merely provides a front end to, works just fine with Macs. So, rather than continue to use my husband's ONE machine in the whole house that runs Windoze, I bought Virtual PC. Within its first month of running on my Mac, it broke with a "boot.ini" fatal error that could not be fixed even after deinstalling and then reinstalling the software. So I guess not only does Windows itself still suck, but even its emulators suck.

In an article detailing his experiences with both Macs and Windows-based PCs, SF Gate columnist Mark Morford asks, "Why Does Windows Still Suck? Why do PC users put up with so many viruses and worms? Why isn't everyone on a Mac?" Morford goes on to say: "As every Windows user knows, PCs are ever waging a losing battle with a stunningly vicious array of malware and worms and viruses, all aimed at exploiting one of about ten thousand security flaws and holes in Microsoft Windows... [MacMinute]

Posted by mikki at 05:37 PM | Permalink | Comments (0)

From CircleID

Given the recent panix.com hijacking, I will give an outline of the current ICANN transfers process for gtlds. In the case of panix.com, evidence so far indicates that a third party that holds an account with a reseller of Melbourne IT, fraudulently initiated the transfer. The third party appears to have used stolen credit cards to establish this account and pay for the transfer. That reseller is analyzing its logs and cooperating with law enforcement. [CircleID]

Posted by mikki at 10:03 PM | Permalink | Comments (0)

Consider this - an ISP, one of the oldest on the Internet, has a valuable domain name known world-wide. They "lock down" said domain name, in accordance with ICANN registrar rules, which supposedly requires several steps with verification procedures, in order to transfer the domain. Despite this, the domain was transferred; hijacked, in fact, to Melbourne IT. Of course, this took all panix users off the Internet, and all of their email went somewhere besides their in boxes.

The fallout from this action is going to be quite interesting. Some ISPs are talking about just pointing their DNS to reflect the correct information (a la pre-hijacking). Of course, this would effectively cut the registry, Verisign's stranglehold on the root zones. Granted, not all of the servers that get their information solely from Verisign would reflect the pre-hijacked state, but enough would to make a significant difference. This, of course, would be an end-run around ICANN AND Verisign. Definitely an interesting concept.

So think of this next time we have yet another debate on Internet governance, and who gets to "run" the Internet. The answers is now the same as it ever was - the ISPs.

From circleid.com

There's a thread on NANOG to the effect that Panix, the oldest commercial Internet provider in New York, had its domain name 'panix.com' hijacked from Dotster over to MelbourneIT and it has pretty well taken panix.com and its customers offline. Looks like this may be among the first high-profile unauthorized transfer under the new transfer policy. It begs the question, despite the existence of the dispute policy under the new system, what provisions should there be for a situation like... [CircleID]

Posted by mikki at 01:48 PM | Permalink | Comments (0)

From Larry Lessig

If I had the time, and the money, I'd do the deep analysis that it would take to explain to myself why it is I constantly hope to be surprised by Mr. Gates. Yet I never am. Here's BoingBoing reporting the red-baiting of Mr. Gates.

It's one thing to read this sort of thing from a studio exec, or head of a record label -- surrounded as they are by the sort that surround them. But the people I've met at Microsoft are miles beyond this sort of silliness. Does Mr. Gates not even talk to them?

Posted by mikki at 03:03 PM | Permalink | Comments (0)

And sometimes people don't tolerate companies that use screwed up lawsuits to attempt to stifle innovation. Hooray for them.

It's another quarter of financial bad news for the firm engaged in litigation over Unix and Linux. [CNET News.com]

Posted by mikki at 12:12 PM | Permalink | Comments (0)

Uh oh.... time to increase the bribe budget

update Judge orders company to unbundle Windows Media Player and to share server technology. Appeals aren't over yet, though.
[CNET News.com]

Posted by mikki at 12:09 PM | Permalink | Comments (0)

And yes, it's about bloody time!

A campaign by anti-spam groups has persuaded a large US net service provider to ban spammers using its network. [BBC News | TECHNOLOGY]

Posted by mikki at 10:50 AM | Permalink | Comments (0)

Psycho Sensei can now accept comments on her lovely blog once again. You can add your comments merely by following the instructions. It has been an up and down battle, given that even moderating comments made life difficult when I would receive 50 to 60 spam comments each day and would have to go through all of them in order to filter the real ones. So, now you will have to create a typekey account and log in. Yes, I finally got that part working. So, comment away and make the Psycho Sensei happy.

Posted by mikki at 12:04 PM | Permalink | Comments (0)

So there I was, happily posting things to my weblog from netnewswire, when it suddenly decided to stop working, telling me that the server was returning "error 302" whatever that means. So it seems that from now on I get to tell all my marvelous readers about things only manually. How totally annoying. So let's see if we can get this stuff working eventually. Oh, the fun of life.

Posted by mikki at 08:41 PM | Permalink | Comments (0)

According to Wired News, the FCC is using the "terrorism" excuse to deny the public information about the reliability of wireless network infrastructure.

The FCC began collecting information about the phone network in 1991 and made the information public, precisely because the regulators thought the public had a valid need for that information.

But since Sept. 11, the need to protect against highly skilled, well-educated terrorists who use the Internet to examine infrastructure outweighs the advantages of full disclosure, according to an FCC official.

We have always been at war with Oceania.

Posted by mikki at 06:54 PM | Permalink

According to Wired we have even less privacy than we may have thought.

E-mail privacy suffered a serious setback on Tuesday when a court of appeals ruled that an e-mail provider did not break the law in reading his customers' communications without their consent.

The First Court of Appeals in Massachusetts ruled that Bradford C. Councilman did not violate criminal wiretap laws when he surreptitiously copied and read the mail of his customers in order to monitor their transactions.

Councilman, owner of a website selling rare and out-of-print books, offered book-dealer customers e-mail accounts through his site. But unknown to those customers, Councilman installed code that intercepted and copied any e-mail that came to them from his competitor, Amazon.com. Although Councilman did not prevent the mail from reaching recipients, he read thousands of copied messages in order to know what books customers were seeking and gain a commercial advantage over Amazon.

Authorities charged Councilman with violating the Wiretap Act, which governs unauthorized interception of communication. But the court found that because the e-mails were already in the random access memory, or RAM, of the defendant's computer system when he copied them, he did not intercept them while they were in transit over wires and therefore did not violate the Wiretap Act, even though he copied the messages before the intended recipients read them. The court ruled that the messages were in storage rather than transit.

The court acknowledged in its decision that the Wiretap Act, written before the advent of the Internet, is perhaps inadequate to address modern communication methods.

But critics said the decision represents a huge privacy setback for e-mail users.

"By interpreting the Wiretap Act's privacy protections very narrowly, this court has effectively given Internet communications providers free rein to invade the privacy of their users for any reason and at any time," said Kevin Bankston, an attorney with the Electronic Frontier Foundation. "This decision makes clear that the law has failed to adapt to the realities of Internet communications and must be updated to protect online privacy."

In his dissenting opinion, which contained a detailed description of how e-mail works, Justice Kermit V. Lipez wrote that Congress never intended for e-mail temporarily stored in the transmission process to have less privacy than messages in transit. And he acknowledged that "the line that we draw in this case will have far-reaching effects on personal privacy and security."

Posted by mikki at 08:57 PM | Permalink | Comments (0)

Ed Felten has a typically insightful post on his Freedom to Tinker blog concerning the incoherency of universal, transparent digital rights management (A Perfectly Compatible Form of Incompatibility). After all, how can one have such a universal, transparent system when:

The whole point of DRM technology is to prevent people from moving music usefully from point A to point B, at least sometimes. To make DRM work, you have to ensure that not just anybody can build a music player -- otherwise people will build players that don't obey the DRM restrictions you want to connect to the content. DRM, in other words, strives to create incompatibility between the approved devices and uses, and the unapproved ones. Incompatibility isn't an unfortunate side-effect of deficient DRM systems -- it's the goal of DRM.

A perfectly compatible, perfectly transparent DRM system is a logical impossibility. [emphasis in original]

Read on...

Posted by mikki at 11:28 AM | Permalink | Comments (0)

Just what we all need. NOT. Once again the Content Cartel scores a win and US Consumers score a big lose.

A House of Representatives panel approves a sweeping new copyright bill that would boost penalties for peer-to-peer piracy and increase federal police powers against Internet copyright infringement. [CNET News.com]

Posted by mikki at 07:11 PM | Permalink | Comments (0)

Once again, people are arguing who should govern the net, rather than the bigger and more important question: Who gets to decide?

A U.N. summit ends with a consensus that developing countries must have more influence on the way the Internet is run, but conclusions about what should be done are vague. [CNET News.com]

Posted by mikki at 08:45 PM | Permalink | Comments (0)

The "War on Terror" has been used quite effectively to scare Americans and Congress into believing that the more privacy is eliminated, the safer the United States will be. Hopefully, we won't have to deal with the dire consequences that will occur when they find out how wrong they are.

Without fanfare, the government dispenses with two projects aimed at protecting the privacy of American citizens from official snooping. The work on more sophisticated data-mining techiques continues, however. [Wired News]

Posted by mikki at 08:27 PM | Permalink | Comments (0)

Psychosensei says HOORAY for Harvard. Nice to see they're using their endowment for the betterment of science worldwide.

Harvard researchers said yesterday they had created 17 new colonies of human embryonic stem cells to be shared freely with scientists around the globe, more than doubling the world's available supply of the medically promising but ethically contentious cells. [Washington Post: Nation and Politics]

Posted by mikki at 08:13 AM | Permalink

The Psycho Sensei HATES html'ized email. It causes havoc to many email programs, sends tons of unnecessary programming stuff, and can be dangerous. Attempting to explain this, and to explain how to turn html off in certain email programs has been problematic. However, a wonderful new website does it VERY well.

If you'd like to get rid of that horrid html'ized email from your in box, or to refrain from sending it, use this wonderful handy link.

Posted by mikki at 02:11 PM | Permalink | Comments (0)

It is rare that the Psycho Sensei finds, in this world, a software company that not only responds to technical support email, but ACTS on it. Unlike Retrospect, whose support truly sucks the big wazooo, the folks at Intelliscanner who made my wonderful barcode scanner and cool software that lets me put all my movies and books and CDs into a database, also FIXED a problem within 24 hours of verification.

The Psycho Sensei is very happy with their performance, and awards them the Psycho Sensei Tech Support Award For Making Psycho Sensei Happy :-)

Posted by mikki at 10:08 AM | Permalink | Comments (0)

So why am I getting more spam than ever? Maybe it's because attempting to stop a technological problem with non technological methods is ineffective. Having lawmakers, who are about as computer literate as my grandmother, instead having staffers do most of their computer based work, attempting to craft a law complex enough to stop the deluge of garbage, is laughable.

There are plenty of technocrats available who would gladly give their expertise and input to solve spam issues. However, Congress has not made use of them. Why not? Is it because they believe that geeks are not savvy enough in the ways of politics to mix geek speak with Congress speak? Or is it instead because they wanted to seem as if they were doing something when in actuality, nothing was accomplished?

In many cases of issues of popular opinion, the Congressional band-aid approach works just fine. The issue may be popular, but the actual non-effects of the feel good legislation are only felt by a few. The vast majority of the voters think that the Congress Critter has done a wonderful thing and continue to vote for him or her. Win for Congress without much effort. However, this method may likely lose bigtime in an arena where everyone is affected and the law is obviously bogus.

Perhaps next time, they might actually ask people with useful input.

Posted by mikki at 08:54 AM | Permalink | Comments (0)

Take a look at THIS story. How could the USPTO be lame enough to grant a patent like this? What's next? Psycho Sensei says "DUH"

Two Web entrepreneurs accuse Network Solutions and Register.com of selling e-mail addresses and URLs that infringe on their naming method patent. [CNET News.com]

Posted by mikki at 05:33 PM | Permalink | Comments (0)

After a tip from Gaige I went to the website for IntelliScanner Collector and bought their wonderful barcode scanner and software to put my collection of EVERYTHING into electronic form without a royal pain in the butt.

It even makes cool websites of all your STUFF .

I love this cool new toy.

Posted by mikki at 09:41 PM | Permalink | Comments (0)

HOORAY! The Psycho Sensei is VERY pleased that at long last these SCUM who use up my paper, my ink, and my phone line to send me CRAP are being forced to pay for some of this! Yes! Perhaps this will stop some of the other nincompoops from continuing this heinously awful and annoying method of selling their garbage.

The FCC puts the wood to Fax.com, hitting the company with the stiffest fine ever imposed for sending unsolicited faxes that violate federal do-not-fax rules. [Wired News]

Posted by mikki at 10:51 AM | Permalink | Comments (0)

These are beautiful. Have a look at This Handy Link [tm]

Posted by mikki at 11:15 AM | Permalink | Comments (2)

Friday at approximately 7PM I went to the T Mobile store at Dulles Town Center and asked for my Sprint PCS number to be moved to my Sony Ericsson P900 phone on T Mobile. They said that was no problem, and it might take maybe 2 days or so to move the number, but most were up within 24 hours. That seemed a long time, but I said ok and the process began, or so I thought.

By Sunday nothing had happened, and calling the number still gave me my Sprint PCS voice mail. So I sent off email to T Mobile and to Sprint. Sprint said they never received any requests to move the number. T Mobile said they were confused, and did I really even send anything in? Needless to say, I was not very pleased and went zipping off to the FCC website about portability, which said the wireless industry had agreed to a 2 1/2 hour number switch, wireless to wireless. Armed with this information, off to T Mobile customer service hell.

Fifteen minutes on hold yielded a very confused person who had my paperwork saying there was indeed a request there, but I had to talk to another department that would make sure it went through TODAY. I thought this might be peachy keen. 20 more minutes on hold and the person I spoke to next said it would be 7 business days. Well that wasn't 2 1/2 hours by any stretch of the imagination. But maybe I could talk to someone in yet another department. ANOTHER 30 minutes on hold and I got someone who said that a "date error" stopped the process and apparently, nobody had done anything since then and it might indeed now be 7 business days. However, so that I would not be without service totally, I got a temporary activation and number so that I could at least use the damn phone pending this switch.

Moral of the story - don't expect anyone to keep their word.

Posted by mikki at 12:33 PM | Permalink | Comments (0)

Our T1 is down, so when you finally see this message, they have brought it back up again. The reason why this is truly stupid is because months ago a Verizon guy came by and said that the cable running from our house to the street is bad, and must be replaced. He put in a "temporary fix." They were supposed to come and put in a permanent fix, but never did. So guess what broke?

Psycho Sensei is not amused.

Posted by mikki at 10:16 AM | Permalink | Comments (0)

It's hardly surprising that the Office of Hateful Security can't tell a server from a client. After all, they can't tell a terrorist from a little old lady. Still, I found this highly amusing.

From Good Morning Silicon Valley

At least it's an improvement over last year. The federal government?s overall grade on cybersecurity rose over the past year, from an F in 2002 to a D in 2003, according to the latest Federal Computer Security Report Card. This is the fourth year in a row that many federal agencies have received poor grades for failing to secure their computer networks. Eight of them received a grade of F, among them the Department of Homeland Security -- which was apparently too busy working out the bugs in its Total Information Awareness System to bother securing its own network. As one might imagine, the subcommittee that prepared the report card was horrified by the low grades. "It is disturbing that 19 of the agencies are still out of line," said Rep. Adam Putnam, R-Fla.. "I don't underestimate the challenge, but the fact of the matter is they need to do it. ... Some folks have proved it can be done, and not just small agencies."

Posted by mikki at 03:07 PM | Permalink | Comments (0)

Although we hate spam and would LOVE to do the following things to them, I guess we can't tell anyone...

From the United States Attorney for the Northern District of CA

November 21, 2003

The United States Attorney's Office for the Northern District of California announced that Charles T. Booher, 44, of Sunnyvale, was arrested by FBI agents in Sunnyvale yesterday morning on a criminal complaint charging him with making death threats against employees of a Canadian Internet advertising company in violation of Title 18, United States Code, Section 875(c) (Threatening Interstate or Foreign Communications).

According to the affidavit supporting the criminal complaint, from May to July 2003, Mr. Booher repeatedly made threats by email and telephone against employees of the Canadian company which Mr. Booher wrongly believed to be the source of unsolicited email advertising he had received about penile enlargement medication.  In particular, the affidavit describes the following threats, among others: 

•In a May 31 email, Mr. Booher stated that he was "sending a package full of Anthrax spores to your address" and would "put a bullet in your head"

•In a June 14 email, Mr. Booher threatened to first "disable" a named employee by a "quick 22 calibre shot to [his] lower spine," then torture him with a "power drill and ice pick" after subduing him with "duck tape and plastic shrink wraps."  

•In a voice mail message, Mr. Booher threatened to castrate all employees kill them "with a shotgun and thirty rounds of ammunition and a hunting rifle" if they failed to "get your [profanity] popups off my screen."

•In another voicemail message, Mr. Booher informed the employees that he had "a nice collection of weapons" and would "hunt [them] down" in "sunny Canada" unless they removed him from an "email list."

Continue reading "This Man Said What We All Think" »

Posted by mikki at 09:22 PM | Permalink | Comments (0)

Psycho Sensei has improved to the point of being able to think about other things besides soup and throat lozenges. So now I can talk about my REALLY COOL new Sony/Ericsson P900 phone.

I LOVE it! It's truly a PDA/phone combination that is not only small enough to fit in my hand comfortably, large enough to have a screen I can see and use, flip back keypad so that I can actually dial without using a stylus, bluetooth so I can EASILY transfer files back and forth (hooray for isynch and bluetooth file transfer on the Mac!!!), a bluetooth car kit, and etc. etc.

It's a great phone. It makes me happy. Hooray for technology.

Posted by mikki at 01:58 PM | Permalink | Comments (1)

Yay BBC! It's about time they did something cool with these timeless works of the late, great Douglas Adams.

Production is under way on the Tertiary Phase of The Hitchhiker's Guide to the Galaxy, with episodes due to begin airing on Radio 4 in spring 2004.

As we reported in September, independent company Above the Title have the rights to adapt Douglas Adams' novels for radio. It's now become clear that three of the Hitchhikers' novels are indeed getting their first radio adaptation.

A six-part adaptation of Life, the Universe and Everything will be up first in the spring. This will be followed towards the end of 2004 by an eight-week serialisation combining So Long and Thanks for All the Fish with Mostly Harmless.

More Here

Posted by mikki at 11:41 AM | Permalink | Comments (0)

"When called by a panther, don't anther" - Ogden Nash

Maybe I should have listened. As wonderful as the new Panther operating system is for macs, the server version should come with a big warning label that says "Caution - This Product Could Blow Away All Of Your Server Configurations - Leading to heart palpitations, dangerous behavior, and sleep disorders."

The plan - replace ancient G3 server technology with a nice G4. Implementation was to include a low, careful progression of steps, mapping out exactly where things should be, carefully copying things from one machine to another, leaving the G3 in place until completion, testing each piece as I went along, etc. I prepared the G4 by putting in SCSI cards so I could add tape backup, replacing one of the hard drives to a much bigger one, adding some memory, and basically making it a kick ass server. Then I read that Panther Server has a wonderful new feature that allows you to export all of your server settings in one fell swoop. Well gee, I thought....why not upgrade the G3 to
panther, then export all of the settings to the G4. What a time saver! Yeah, great idea.

Except for one thing.....upgrading to Panther caused EVERYTHING to stop working. Everything. All virtual hosts were gone. All server administration settings were gone. Attempting to connect to the administration functions failed. Attempting to rebuild the virtual hosts in the web server configurations would not save, and gave a strange dialog box about bugs I should report to Apple. This was all, obviously, not good joss.

After planning ritual sepiku, a much more rational friend told me that perhaps I should just restore the boot disk from the backup I had made the week before. Wow, what a concept! :-) So I prepared to do this by installing a new bootable version of the operating system on another disk, which I would then tell the machine was the boot disk, so I could wipe the original boot disk and bring it up via restore. Well, that didn't work either. Try as I might, the machine outright refused to boot off of any other disk but the boot disk or the CD for the OS,
which immediately wants you to install the new OS. I was too tired to fight with it anymore, and was about to just toss it all out the window, when I figured, why not check the G4 and see if it behaves in a rational manner. After all, I could just move most of the files over there in one fell swoop, and cross my fingers, cast a few spells, and see if it works.

It did work. After a few fits and starts, and the time ticking closer and closer to dawn when I turn into a pumpkin, I actually seem to have gotten most things to work. I'm sure it will need some tweaks, and the slow careful configuration I wanted to do is history, but things I think MOSTLY work. Once I wake up, maybe a few more spells will be in order.

Posted by mikki at 11:58 AM | Permalink | Comments (0)

Repeat after me - I will NEVER install a new operating system, making the assumption it will not blow away ALL of my settings. Now repeat it 10 more times.

I installed Panther server over 10.2.8 server on my G3 server box. It ATE all of the configuration files, and would not even LET me reconfigure, saying it couldn't connect to server administration, etc. etc. After trying various ways to boot from another drive, and wipe the boot drive and restore things to a previous backup, I found I was also unable to restore anything properly, so I basically had a fit and began my plan to migrate everything over to a faster server a bit earlier than I'd planned.

So I will be restoring more of this week's and last week's postings as I can. Bear with me.

Posted by mikki at 01:38 AM | Permalink | Comments (0)

Due to some really cool people at the Internet Cafe up the street from Habitat, going around the imbeciles at Bonaire Live, we have access. Woo hoo! Thanks to Michael, here is the first batch of pictures:

Click To See Psycho Pictures

Yay!

Posted by mikki at 12:24 PM | Permalink | Comments (0)

Apparently, our T1 cable has been deteriorating over time, causing a complete failure yesterday. A temporary fix is installed. Apparently the big guns will come "real soon now" and give us a new cable. Due to the tenacity of the RS, Verizon did indeed show up on Sunday and did indeed trace down the problem and fix it. For this, we are pleased.

Posted by mikki at 08:54 AM | Permalink | Comments (0)

It seems that database corruption has claimed my blogs. Therefore, for at least a short time, they will live here, on another machine, under another URL while I attempt to fix that which has been mangled. This will, unfortunately, necessitate a massive amount of work that I was not planning on, but will hopefully be completed by the time we go on vacation 10/1. Yes, the Psycho Sensei is leaving the country. Woo hoo.

Posted by mikki at 12:24 PM | Permalink | Comments (0)

Want a sense of just how much traffic VeriSign is receiving from its SiteFinder service? Alexa, with its Alexa Toolbar and associated traffic tracking services, makes it easy to find out...Over the past three months, taken as a whole, VeriSign had traffic rank 1,559. But today its traffic rank is 19, meaning... [CircleID]