Skip to content

Justin Mason's Weblog Posts

Who 0wnz your government?

Danny reports “the always excellent c’t magazine analyses the hypotheticals of the Dutch IP-surveillance scandal:

According to anonymous sources within the Dutch intelligence community, all tapping equipment of the Dutch intelligence services and half the tapping equipment of the national police force, is insecure and is leaking information to Israel. …”

Yikes. You’d think they’d have learnt from Ireland’s mistakes…. this article (update: moved to here) reports that massive back-door use by a third-party government occurred before in similar circumstances, during the Anglo-Irish negotiations of 1985.

For those of you who don’t know, these discussions were between the Republic of Ireland and the UK, and took place in London.

In order to allow the negotiating team to contact their government and civil service securely, a million-pound cryptographic system had been bought in order to secure the link between the Irish Embassy in London and the government in Dublin.

Unfortunately, this equipment was thoroughly compromised.

It turns out that the Swiss company from which the equipment was bought, namely Crypto AG, had cooperated with the NSA and the BND (the NSA’s German equivalent), to allow them to decipher the traffic trivially. (Judging from the snippet from another article below, sounds like this was done using a known-plaintext attack).

The NSA routinely monitored and deciphered the Irish diplomatic messages. All it took then was for the UK’s NSA equivalent, GCHQ, to pull some strings, and the UK government had a distinct advantage in the negotiations from then on.

Another source for details on Crypto AG’s breakage is Der Spiegel, issue 36/96, pages 206-207. Here’s some snippets:

The secret man (sic) have obviously a great interest to direct the trading of encryption devices into ordered tracks. … A former employee of Crypto AG reported that he had to coordinate his developments with “people from Bad Godesberg”. This was the residence of the “central office for encryption affairs” of the BND, and the service instructed Crypto AG what algorithms to use to create the codes.

Members of the American secret service National Security Agency (NSA) also visited the Crypto AG often. The memorandum of the secret workshop of the Crypto AG in August 1975 on the occasion of the demonstration of a new prototype of an encryption device mentions as a participant the cryptographer of the NSA, Nora Mackebee. …

Depending on the projected usage area the manipulation on the cryptographic devices were more or less subtle, said Polzer. Some buyers only got simplified code technology according to the motto “for these customers that is sufficient, they don’t not need such a good stuff.”

In more delicate cases the specialists reached deeper into the cryptographic trick box: The machines prepared in this way enriched the encrypted text with “auxiliary informations” that allowed all who knew this addition to reconstruct the original key. The result was the same: What looked like inpenetrateable secret code to the users of the Crypto-machines, who acted in good faith, was readable with not more than a finger exercise for the informed listener.

Full text here.

So what’s the bottom line? Use GPG! ;)

From: Julian Assange (spam-protected)

To: (spam-protected) (spam-protected)
Date: Mon, 14 Oct 1996 13:24:31 +1000 (EST)

Approved: (spam-protected)

Subject: BoS: Crypto AG = Crypto NSA/BNG ?

Thanks to Anonymous for this English translation of the German original.

secret services undermine cryptographic devices

Archive of “DER SPIEGEL” issue 36/96 pages 206-207

“Who is the authorized fourth”

Secret services undermine the protection of cryptographic devices.

Switzerland is a discreet place. Uncounted millions of illegal money find an asylum in the discreet banks of the republic. Here another business can prosper, which does not need any publicity: the production of cryptographic devices.

A top address for tools of secrecy was for several decades the company Crypto AG in Zug. It was founded in 1952 by the legendary Swedish cryptographer Boris Hagelin. Hundreds of thousands of his “Hagelin-machines”, pendants of the German “Enigma” devices, were used in World War II on the side of the Allies.

A prospectus of the company states: “In the meantime, the Crypto AG has built up long standing cooperative relations with customers in 130 countries.” Crypto AG delivers enciphering devices applicable to voice as well as data networks.

But behind this solid facade the most impudent secret service feint of the century has been staged: German and American services are under suspicion of manipulation of the cryptographic devices of Crypto AG in a way that makes the codes crackable within a very short time, and this allegedly happened until the end of the eighties.

Customers of Crypto AG are many honorable institutions, like the Vatican, as well as countries like Iraq, Iran, Libya, that are at the top of the priority list of U.S. services. At the beginning of the nineties the discreet company was suspected to play an unfair game. What was the source of the “direct precise and undeniable proofs” U.S. president Reagan referred to when he ordered the bombardment of Libya, the country he called the wire puller of the attack against the disco La Belle? Obviously the U.S services were able to read encrypted radio transmissions between Tripoli and its embassy in East Berlin.

Hans Buehler, a sales engineer of Crypto AG, got between the fronts of the secret service war. On March 18, 1992, the unsuspecting tradesman was arrested in Teheran. During the nine and a half months of solitary confinement in a military prison he had to answer over and over again, to whom he leaked the codes of Teheran and the keys of Libya.

In the end Crypto AG paid generously the requested bail of about one million German marks (DM), but dismissed the released Buehler a few weeks later. The reason: Buehlers publicity, “especially during and after his return” was harmful for the company. But Buehler started to ask inconvenient questions and got surprising answers.

Already the ownership of the Crypto AG was diffuse. A “foundation”, established by Hagelin, provides according to the company “the best preconditions for the independence of the company”.

But a big part of the shares are owned by German owners in changing constellations. Eugen Freiberger, who is the head of the managing board in 1982 and resides in Munich, owns all but 6 of the 6,000 shares of Crypto AG. Josef Bauer, who was elected into managing board in 1970, now states that he, as an authorized tax agent of the Muenchner Treuhandgesellschaft KPMG [Munich trust company], worked due to a “mandate of the Siemens AG”. When the Crypto AG could no longer escape the news headlines, an insider said, the German shareholders parted with the high-explosive share.

Some of the changing managers of Crypto AG did work for Siemens before. Rumors, saying that the German secret service BND was hiding behind this engagement, were strongly denied by Crypto AG.

But on the other hand it appeared like the German service had an suspiciously great interest in the prosperity of the Swiss company. In October 1970 a secret meeting of the BND discussed, “how the Swiss company Graettner could be guided nearer to the Crypto AG or could even be incorporated with the Crypto AG.” Additionally the service considered, how “the Swedish company Ericsson could be influenced through Siemens to terminate its own cryptographic business.”

The secret man have obviously a great interest to direct the trading of encryption devices into ordered tracks. Ernst Polzer*, a former employee of Crypto AG, reported that he had to coordinate his developments with “people from Bad Godesberg”. This was the residence of the “central office for encryption affairs” of the BND, and the service instructed Crypto AG what algorithms to use to create the codes. (* name changed by the editor)

Members of the American secret service National Security Agency (NSA) also visited the Crypto AG often. The memorandum of the secret workshop of the Crypto AG in August 1975 on the occasion of the demonstration of a new prototype of an encryption device mentions as a participant the cryptographer of the NSA, Nora Mackebee.

Bob Newman, an engineer of the chip producer Motorola, which cooperated with Crypto AG in the seventies to develop a new generation of electronic encryption machines, knows Mackebee. She was introduced to him as a “counselor”.

“The people knew Zug very good and gave travel tips to the Motorola people for the visit at Crypto AG”, Newman reported. Polzer also remembers the American “watcher”, who strongly demanded the use of certain encryption methods.

Depending on the projected usage area the manipulation on the cryptographic devices were more or less subtle, said Polzer. Some buyers only got simplified code technology according to the motto “for these customers that is sufficient, they don’t not need such a good stuff.”

In more delicate cases the specialists reached deeper into the cryptographic trick box: The machines prepared in this way enriched the encrypted text with “auxiliary informations” that allowed all who knew this addition to reconstruct the original key. The result was the same: What looked like inpenetrateable secret code to the users of the
Crypto-machines, who acted in good faith, was readable with not more than a finger exercise for the informed listener.

The Crypto AG called such reports “old hearsay” and “pure invention”. But the process, that was started by the company against the former employee Buehler, on the grounds that he had said that there might be some truth in the suspicions of the Iranian investigators, surprisingly ended in November of last year.

After the trial, that could have brought embarrassing details to the light, the company agreed to an settlement outside the court. Since that time Buehler is very silent with regard to this case. “He made his fortune financially,” presumed an insider of the scene.

“In the industry everybody knows how such affairs will be dealed with,” said Polzer, a former colleague of Buehler. “Of course such devices protect against interception by unauthorized third parties, as stated in the prospectus. But the interesting question is: Who is the authorized fourth?”

— “Of all tyrannies a tyranny sincerely exercised for the good of its victims may be the most oppressive. It may be better to live under robber barons than under omnipotent moral busybodies, The robber baron’s cruelty may sometimes sleep, his cupidity may at some point be satiated; but those who torment us for own good will torment us without end, for they do so with the approval of their own conscience.” – C.S. Lewis, _God in the Dock_ +———————+——————–+———————————-+ |Julian Assange RSO | PO Box 2031 BARKER | Secret Analytic Guy Union | (spam-protected) | VIC 3122 AUSTRALIA | finger for PGP key hash ID = | (spam-protected) | FAX +61-3-98199066 | 0619737CCC143F6DEA73E27378933690 | +———————+——————–+———————————-+

Comments closed

Bullshitty keynotes: not as easy as they used to be

thanks to blogs, wifi and the web, bullshitting a keynote at a conference isn’t quite as easy to pull off as it used to be! From Dan Gillmor’s keynote at Supernova, via BoingBoing:

At PCForum, Joe Nacchio, the CEO of Qwest was on-stage, doing a Q and A. Joe was whining about how hard it is to run a phone company these days. Dan (Gillmor) blogged, “Joe’s whining.” A few moments later, he got an email from someone who wasn’t at the conference, someone in Florida, with a link to a page that showed that Joe took $300MM out of the company and has another $4MM to go — gutting the company as he goes.

Esther Dyson described this as the turning point. The mood turned ugly. The room was full of people reading the blog and everyone stopped being willing to cut Joe any slack.

Comments closed

some spam quickies

I’ve just found Gary Robinson’s blog, which is a bit silly, as boasts the primary source after Paul Graham’s‘A Plan For Spam’ paper for modern Bayesian spamfiltering techniques. I’d only read Gary’s page describing the Robinson-combining technique, but he’s been doing a good job of blogging the anti-spam world in general recently. Hence, he’s made the blogroll ;)

Some choice links from his blog:

First off — Jon Udell points out why reply-to-whitelist systems are Bad:

The email thread that provoked this message will soon dissolve. Including [email protected] might have been useful, but the moment has passed. If I urgently need to contact [email protected] , I may have to grit my teeth and register to do so. But no ad-hoc communication is going to make it over that activation threshold.

And a different kind of whitelist — the IronPort Bonded Sender type, from Whitelists: the weapon of choice against spam (ZDNet):

After a one and half months of testing, IronPort identified hundreds of thousands of false-positives. At that rate, the mail generated by IronPort’s customers alone, which make up a small percentage of the total amount of e-mail that traverses the Internet, is resulting in over one million false-positives per year.

Hmm. Well, I’m not 100% convinced here — I did see Amazon.FR, who are apparently Bonded Sender customers, send a promotional mail to a mailing list. I also saw several reports from other places regarding the same mail. How often does a mailing list order goods from an e-commerce site? (But, having said that, that’s the only Bonded Sender issue I’ve seen in about 6 months — so let’s put that down to teething issues, or someone on the list who decided to act up when ordering some goods.), a new Wiki for spamfiltering.

Debra Bowen, a California State Senator, is proposing a hardcore new anti-spam bill. “It would bar unsolicited e-mail advertising and allow people who receive it to sue the senders for $500 per transmission. A judge could triple the penalty if he or she decided the violation was intentional. … ‘The ($500) fine’s really intended to get a whole generation of computer-savvy folks to help us do the enforcement,’ Bowen says. ‘Getting rid of spam is never going to be the district attorney’s first priority and it shouldn’t be.”‘ She notes also that she’s “seen estimates that it could grow to 50 percent in the next five years.” Too late — it’s already there, as far as I can tell.

FWIW, I like the sound of this — she’s requiring that commercial e-mail senders have an existing verified-opt-in relationship beforehand. Sounds good to me.

And finally, a very interesting set of tests on Robinson-combining strategies. Very interesting, that is, if you’re implementing a Bayesian spam filter. Otherwise quite boring. ;)

Comments closed

Cisco file ludicrously lame patent on regexps

from Slashdot: Cisco patents ‘Intrusion detection signature analysis using regular expressions and logical operators’.

That is so, so sad. Filed January 15, 1999. There’s got to be a stack of prior art.

A google search throws up this trivial example first off — the use of snoop | egrep 'PATTERN1|PATTERN2|PATTERN3'. More searching reveals Lance Spitzner’s page on Intrusion Detection for Checkpoint FW-1, which looks like it was originally written in 1997. The script there uses grep(1) plentifully.

Comments closed

wheel re-invention

AT&T reinvent the wheel (via New Scientist). “a user could safely sign up for a monthly email newsletter by specifying the source of the newsletter and limiting it to 12 messages over the next year. If the address fell into the hands of spammers, their messages would be blocked by the software before it reached the user’s inbox. ‘The ‘Single Purpose’ address system reduces spam by stopping it right before the user sees it,’ says John Ioannidis, at AT&T’s research laboratory in New Jersey, US. The software is currently at the prototype stage.”

In other words, they’ve re-written TMDA, The Tagged Message Delivery Agent. Nice one.

Comments closed

Toxic darkness

BBC – the Great Smog of 1952 recalled. “Fifty years ago, a choking cloud enveloped much of London and the Home Counties – a toxic fog which killed at least 4,000 people. Here, Barbara Fewster, 74, recalls the Great Smog of 1952.” A very Ballardian tale of this environmental disaster:

After a long time we arrived at Kew Bridge – that’s at least 10 miles from Hampstead – when my fiancé called out to me, ‘I’ve lost you, where have you got to?’ I must have veered off out of range of the sidelights.

At that point, a milk float passed by and my fiancé told me to get in so we could follow its taillights. He put his foot down. Well, then the milkman disappeared and we could hear the float bouncing over the grass on Kew Green. All I could do was get out of the car and continue walking. We later came across a car that had overtaken us earlier on in the journey – it was up a tree, crashed, and no sign of the occupant.

Comments closed

Spam Never Ends

‘Spam’ Likely to Clutter E-Mail for Some Time, says Jupiter Research (via Reuters).

“It’s getting easier to send spam messages. You can buy a CD-ROM with millions of e-mail addresses for next to nothing and send it out for next to nothing,” said Jared Blank, senior analyst at Jupiter.

“Spammers are clever people and there is clearly an arms race between spammers and people trying to prevent spam that just constantly escalates,” said Forrester analyst Jim Nail. “Having simple lists of spammers and domains — that’s not enough because spammers change domains or addresses to stay ahead.”

So, good news: I have a job. Bad news: well, I think that side is obvious ;)

Comments closed

The mother of all package tours

The mother of all package tours: With the world expecting an attack on Iraq any time now, no one in their right mind would take a holiday there – would they? You’d be suprised, says Johann Hari (Guardian).

A fascinating article, from so many angles — First, the tourists:

I met Julie and Phil. They seemed an almost comically suburban couple: polite, a little posh, all golf jumpers and floral smocks. But then Phil mentioned that his last holiday had been to North Korea. “Yeah, I’ve been twice since they opened the borders to tourists. I’m a bit of a celebrity there now. People come up to me in the streets and say, ‘Why have you come to our country twice?’.” …

Then there was Hannah. How to explain her? A frightfully well-spoken Englishwoman in her early 50s. When we first met, she dispensed with the small talk to say: “I think Saddam is a great man and the USA is a great big global bully. My theory is that he should be given Kuwait. It’s perfectly logical if you look at the map.” “I think he’s rather handsome too,” she went on. “Every woman does really. I’d rather like to inspect his weapon of mass destruction myself.”

And the politics:

Talking politics in Iraq is like a magic-eye picture, where you have to let your brain go out of focus, not your eyes. One very distinguished old man in a Mosul souk welcomed me warmly and told me how much he had loved visiting London in the 1970s. After much oblique prodding, he said warmly, “I admire British democracy and freedom.” He held my gaze. “I very much admire them.”

… As we wandered around, looking at the grim exhibits, one of the soldiers on duty guarding the museum told me that three of his brothers died in that war. Everybody in the country lost somebody – yet it is almost impossible to get anybody to talk about it. They speak in a small number of bloodless stock-phrases.

After more than 10 such encounters, it suddenly hit me that the people of Iraq are not even allowed to grieve their huge numbers of dead in their own way. They are permitted only a regulation measure of state-approved grief, which must be expressed in Saddam’s language: that of martyrdom and heroism, rather than wailing agony about the futility of a war which slaughtered more than a million people yet left the borders unchanged and achieved nothing.

Thanks to Ben Walsh for the forwardy goodness.

Comments closed


I am Mr Brunce Anthony, the bill exchange director at the NATIONAL WESTMINSTER BANK PLC.” Yes, it’s a 419 from that well-known third-world country, the UK.

(PS: Brunce?! what kind of name is that?! Everyone knows only Americans have that kind of ludicrous given name ;)

Date: Wed, 13 Nov 2002 10:40:51 +0100
From: “Brunce Anthony” (spam-protected)
To: (spam-protected)

Dear Sir,

I am Mr Brunce Anthony, the bill exchange director at the NATIONAL WESTMINSTER BANK PLC, 135 BISHOPSGATE LONDON EC2M 3UR.

I am writing this letter to solicit for support and assistance from you to carry out this business opportunity in my department. Lying in an inactive account is the sum of

Thirty Million United States Dollars($30,000,000.00)belonging 

to a foreign customer(Stanley Heard),the former President(Bill Clinton’s personal physician) and Chairman of the National Chiropractic Health Care Advisory Committee who happens to be deceased.

He died with his wife and two children in a plane crash on Board a small airplane that plunged into a river. Ever since he died the Bank has been expecting his next of kin to come and claim these funds.

To this effect, we cannot release the money unless some one applies for it as the next of kin, as indicated in our Banking Guideline. Unfortunately he has no family member here in the UK or America who are aware of the existence of the money as he was he was a contract physician to the Chairman of Royal Bank of Scotland.

At this juncture I have decided to do business with you in colloboration with

officials that matter in the Bank, to this effect we solicit your assistance, 

in applying as the next of kin, then the money will be proccesed and released to you, as we do not want this money to go into the Bank, Treasury as an unclaimed bill.

The Banking law and guideline stipulate that if such money remains unclaimed for a period of Five years the money will be transfered into the Bank s’ Treasury as unclaimed bill. Our request for a Foreigner as a next of kin is occassioned by the fact that the customer was a Foreigner and a British cannot stand as next of kin.

Sir, 15% of the money will be your share as a Foreign partner, while 5% will be for any expenses incured during the transaction, thereafter we would visit your country once the money hits your account for disbursement and investment.

Please reach me at the above email or fax if willing to do business with us.

Best regards,

Mr. Brunce Anthony

1 Comment

Sunday Times vs. spam

Danny O’Brien: Help stop the flood of spam, in the Sunday Times. Great article:

We have had enough of the filth pouring into our mailboxes. Danny O?Brien launches a Doors campaign to clean up e-mail and puts forward a six-point plan involving government, industry and you the reader


SOFTWARE MAKERS must improve antispam software, and fast. Filtering spam is good, but only masks the problem. Spam-spotting software must report what and who it has found back to the ISPs, so they can block further spams.


Comments closed

Man uses cell phone to take snap inside schoolgirl’s skirt

Man uses cell phone to take photo up schoolgirl’s skirt. You knew it was inevitable.

Police said Hamano was riding behind the girl on an escalator at JR Kashiwa Station when he took out his mobile phone, held it underneath the girl’s skirt and took a photo. The girl was alerted to his presence by the noise emitted by the phone camera’s shutter. She turned around to catch Hamano with his hands between her legs.

(via 0xdeadbeef, from MDN’s “waiwai” section)

Comments closed

Caoimhe Butterly

Guardian: Courage under fire. No matter what you think about what’s going on in Israel and Palestine, Caoimhe, and the other international observers, require your support:

Friday was a very close call. Caoimhe was shot in the left thigh as she stood in between a firing IDF tank and three young boys in the street. I spoke to her on the phone shortly after the attack as she lay in her hospital bed. She explained that she had been trying to persuade the IDF, after they shot dead a nine-year-old boy, to stop shooting at the children. They had told her to get out of their way or they would shoot her. It was while she was clearing the children off the streets that she was shot. She is sure she was a direct target; the tank was close by, the soldier pointed his gun at her and fired, and continued to do so as she crawled to an alleyway for shelter.

I asked an IDF spokesman for his explanation. ‘We are in the middle of a war and we cannot be responsible for the safety of anyone who has not been coordinated by the IDF to be in the occupied territories right now. While we do not want innocent Palestinians to suffer, or internationals to get hurt, we are trying to ensure the safety of the Israelis and we will not tolerate internationals interfering with IDF operations. It is not the job of internationals to stand in the line of fire, unless they are the son of God, but he hasn’t come yet.’

1 Comment

The case of the 500-mile email. (fwd)

A great tale of systems wierdness, via 0xdeadbeef:

‘We’re having a problem sending email out of the department.’ ‘What’s the problem?’ I asked. ‘We can’t send mail more than 500 miles,’ the chairman explained.

Date: Tue, 26 Nov 2002 14:57:40 -0800
From: (spam-protected) (glen mccready)
To: (spam-protected)
Subject: The case of the 500-mile email.

>Forwarded-by: Nev Dull (spam-protected)
>Forwarded-by: Kirk McKusick (spam-protected)
>From: Trey Harris (spam-protected)

Here’s a problem that *sounded* impossible… I almost regret posting the story to a wide audience, because it makes a great tale over drinks at a conference. :-) The story is slightly altered in order to protect the guilty, elide over irrelevant and boring details, and generally make the whole thing more entertaining.

I was working in a job running the campus email system some years ago when I got a call from the chairman of the statistics department.

“We’re having a problem sending email out of the department.”

“What’s the problem?” I asked.

“We can’t send mail more than 500 miles,” the chairman explained.

I choked on my latte. “Come again?”

“We can’t send mail farther than 500 miles from here,” he repeated. “A little bit more, actually. Call it 520 miles. But no farther.”

“Um… Email really doesn’t work that way, generally,” I said, trying to keep panic out of my voice. One doesn’t display panic when speaking to a department chairman, even of a relatively impoverished department like statistics. “What makes you think you can’t send mail more than 500 miles?”

“It’s not what I *think*,” the chairman replied testily. “You see, when we first noticed this happening, a few days ago–”

“You waited a few DAYS?” I interrupted, a tremor tinging my voice. “And you couldn’t send email this whole time?”

“We could send email. Just not more than–”

“–500 miles, yes,” I finished for him, “I got that. But why didn’t you call earlier?”

“Well, we hadn’t collected enough data to be sure of what was going on until just now.” Right. This is the chairman of *statistics*. “Anyway, I asked one of the geostatisticians to look into it–”


“–yes, and she’s produced a map showing the radius within which we can send email to be slightly more than 500 miles. There are a number of destinations within that radius that we can’t reach, either, or reach sporadically, but we can never email farther than this radius.”

“I see,” I said, and put my head in my hands. “When did this start? A few days ago, you said, but did anything change in your systems at that time?”

“Well, the consultant came in and patched our server and rebooted it. But I called him, and he said he didn’t touch the mail system.”

“Okay, let me take a look, and I’ll call you back,” I said, scarcely believing that I was playing along. It wasn’t April Fool’s Day. I tried to remember if someone owed me a practical joke.

I logged into their department’s server, and sent a few test mails. This was in the Research Triangle of North Carolina, and a test mail to my own account was delivered without a hitch. Ditto for one sent to Richmond, and Atlanta, and Washington. Another to Princeton (400 miles) worked.

But then I tried to send an email to Memphis (600 miles). It failed. Boston, failed. Detroit, failed. I got out my address book and started trying to narrow this down. New York (420 miles) worked, but Providence (580 miles) failed.

I was beginning to wonder if I had lost my sanity. I tried emailing a friend who lived in North Carolina, but whose ISP was in Seattle. Thankfully, it failed. If the problem had had to do with the geography of the human recipient and not his mail server, I think I would have broken down in tears.

Having established that — unbelievably — the problem as reported was true, and repeatable, I took a look at the file. It looked fairly normal. In fact, it looked familiar.

I diffed it against the in my home directory. It hadn’t been altered — it was a I had written. And I was fairly certain I hadn’t enabled the “FAIL_MAIL_OVER_500_MILES” option. At a loss, I telnetted into the SMTP port. The server happily responded with a SunOS sendmail banner.

Wait a minute… a SunOS sendmail banner? At the time, Sun was still shipping Sendmail 5 with its operating system, even though Sendmail 8 was fairly mature. Being a good system administrator, I had standardized on Sendmail 8. And also being a good system administrator, I had written a that used the nice long self-documenting option and variable names available in Sendmail 8 rather than the cryptic punctuation-mark codes that had been used in Sendmail 5.

The pieces fell into place, all at once, and I again choked on the dregs of my now-cold latte. When the consultant had “patched the server,” he had apparently upgraded the version of SunOS, and in so doing *downgraded* Sendmail. The upgrade helpfully left the alone, even though it was now the wrong version.

It so happens that Sendmail 5 — at least, the version that Sun shipped, which had some tweaks — could deal with the Sendmail 8, as most of the rules had at that point remained unaltered. But the new long configuration options — those it saw as junk, and skipped. And the sendmail binary had no defaults compiled in for most of these, so, finding no suitable settings in the file, they were set to zero.

One of the settings that was set to zero was the timeout to connect to the remote SMTP server. Some experimentation established that on this particular machine with its typical load, a zero timeout would abort a connect call in slightly over three milliseconds.

An odd feature of our campus network at the time was that it was 100% switched. An outgoing packet wouldn’t incur a router delay until hitting the POP and reaching a router on the far side. So time to connect to a lightly-loaded remote host on a nearby network would actually largely be governed by the speed of light distance to the destination rather than by incidental router delays.

Feeling slightly giddy, I typed into my shell:

$ units 1311 units, 63 prefixes

You have: 3 millilightseconds You want: miles

  • 558.84719 / 0.0017893979

“500 miles, or a little bit more.”

Trey Harris — I’m looking for work. If you need a SAGE Level IV with 10 years Perl, tool development, training, and architecture experience, please email me at (spam-protected) I’m willing to relocate for the right opportunity.

Comments closed

My TiVo thinks I’m gay

WSJ: If TiVo Thinks You Are Gay, Here’s How to Set It Straight: when a learning “personalisation” algorithm gets it massively wrong.

PS: I think it was Mimi Smartypants who noted that she occasionally misses the odd TV program, just so TiVo doesn’t get the wrong idea.

PPS: Joe McNally, who fwded this, notes that IMDB’s learner has gone a bit haywire recently, too: “If you liked ‘Iris’,” it told me the other week, “you’ll also enjoy ‘Planet of the Apes’.” Click further, and apparently you’ll also also enjoy ‘Pearl Harbour’, ‘Donnie Darko’ and ‘Bend It Like Beckham’. Sounds like a game of What Links?

PPPS: all irrelevant in Europe — TiVo’s west-pond-only.

Comments closed

Ireland vs Spam

According to the Minister for Communications, Marine and Natural Resources, Mr. D. Ahern, Ireland will “transpose into Irish law the requirements of European Parliament and Council Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector” before the end of 2003.

It will be nice to be able to point to the law, eventually — for what that’s worth. Since most spammers are USian, relaying via other countries, actually acting on the law will not be quite so simple. But it will be an improvement.

Comments closed

[forteana] Hashish ‘fell on to back of army lorry’ (fwd)

Hashish ‘fell on to back of army lorry’. “Spain’s defence ministry is still at a loss to explain how three-quarters of a tonne of hashish had turned up in an army truck. … ‘Anybody could have put the toxic substance there,’ said the defence minister”. Don’t worry minister, I’m sure the customs officials haven’t heard that one before…

Fantastic ending:

But now both he and the armed services are being ruthlessly lampooned by, among others, The Puppet Show News … Mr Trillo, a member of the strict Opus Dei Catholic lay order, is routinely portrayed as a uniformed pothead whose favourite pastime is getting stoned with the mascot of the Spanish Legion, a little white goat called Blanquita.

As both he and Blanquita mourned the lost Eurofighter by lighting up a giant joint at the weekend, the defence minister declared: “It’s the only way to fly.”

Date: Tue, 26 Nov 2002 10:43:29 +0000
From: “Martin Adamson” (spam-protected)
To: (spam-protected)
Subject: Hashish ‘fell on to back of army lorry’

The Guardian

Hashish ‘fell on to back of army lorry’

Giles Tremlett in Madrid Tuesday November 26, 2002

It is a matter, you might say, that is shrouded in dense, aromatic smoke – Spain’s defence ministry is still at a loss to explain how three-quarters of a tonne of hashish had turned up in an army truck in the country’s north African enclave of Melilla.

Embarrassed officials tried to claim that the troops it has permanently stationed in north Africa would never have succumbed to the temptation of smuggling the region’s most important cash crop across the Mediterranean.

The high-quality Moroccan hashish, almost certainly produced in the nearby Rif mountains, was found by police sniffer dogs in the port of Melilla as the truck waited to be shipped to Almeria.

“Anybody could have put the toxic substance there,” said the defence minister, Federico Trillo, after explaining that the truck had been parked, unattended, in Melilla’s port for about two days.

Local police disagreed. The truck had only been parked there for a few hours, they said. They suggested that the khaki kit bags stuffed full of shrink-wrapped dope could only have come from within the Spanish armed forces.

The questioning of eight uniformed suspects has shed no further light on the case and opposition politicians have called for a full explanation from Mr Trillo.

The drugs bust has done little to improve ties with nearby Morocco, which claims Melilla as its own and is constantly accused by Madrid of turning a blind eye to hashish-smuggling.

The find also came at a troubled time for the newly professional Spanish armed forces, which are failing to attract recruits and retain their aircraft: they lost their only trial version of the £50m Eurofighter in an accident last week.

Mr Trillo, a proud military man and stern Catholic conservative, hoped the standing of the armed forces had improved after special forces ejected six poorly armed Moroccan gendarmes from the Parsley islet over the summer.

But now both he and the armed services are being ruthlessly lampoonedby, among others The Puppet Show News, Spain’s equivalent of Spitting Image.

Mr Trillo, a member of the strict Opus Dei Catholic lay order, is routinely portrayed as a uniformed pothead whose favourite pastime is getting stoned with the mascot of the Spanish Legion, a little white goat called Blanquita.

As both he and Blanquita mourned the lost Eurofighter by lighting up a giant joint at the weekend, the defence minister declared: “It’s the only way to fly.”

Guardian Unlimited © Guardian Newspapers Limited 2002

Comments closed

diary of an autopsy

Sliced liver, anyone? “The first public autopsy in Britain for 170 years brought back vivid memories of medical school – and an acute sense of hunger – for the Guardian’s junior doctor Michael Foxton.”

“The process of dismemberment is a deeply weird and dysphoric experience, and it is a dangerous border to cross. I remember the first time I had to do it, as a medical student in an operating theatre. It was a man with stomach cancer, who I had been talking to on the ward the morning before his operation. When the surgeon brought his knife down to make the first cut on his belly, it was everything I could do to stop myself reaching out and grabbing his hand to stop him. Doctors have to cross that line. We have to separate the thinking, smiling, family man from the clinical material. If I hadn’t done that I couldn’t possibly cut a hole and force a huge chest drain tube a centimetre across into a writhing patient on a respiratory ward at three in the morning, without going mad.”
Comments closed

who, me?

now that’s a great name tag:

Comments closed

‘these children are the main entree for dinner’

I just dug up this classic piece of lunacy from the Montauk UFO contingent. Highly recommended if you like reading this kind of wierdness…

DA: Hmmm. Who do these aliens eat?

AC: They specifically like young human children, that haven’t been contaminated like adults. Well, there is a gentleman out giving a lot of information from a source he gets it from, and he says that there is an incredible number of children snatched in this country.

DA: Over 200,000 each year.

AC: And that these children are the main entree for dinner.

yum yum!

Comments closed

**Gore at Hallowe’en**

Blather: I See Dead People, by Mick Cunningham and Dave Walsh. “It’s Halloween, it’s Trinity College in Dublin, and we’re in a packed lecture hall … for an evening of public lectures entitled “Over Their Dead Bodies… The Secrets That Dead Bodies Tell”. And dead bodies speak volumes. ”

I went along to this — it was fantastic stuff, although extremely gory at times. Worth reading, and be thankful they don’t have copies of Dr. Harbison’s slides.

Comments closed

vote for IrelandOffline

hooray! IrelandOffline (in the person of chairman Dave) has been nominated for the Irish Internet Association‘s Net Visionary award for Social Inclusion.

Everyone (in Ireland I guess) is entitled to vote, so please, please do so and show your support for our call for decent internet access on this benighted isle.

Comments closed

A Prayer Before Dying

Wired – A Prayer Before Dying: “the astonishing story of a doctor who subjected faith to the rigors of science – and then became a test subject herself”, by Po Bronson:

In July 1995, back when AIDS was still a death sentence, psychiatrist Elisabeth Targ and her co-researchers enrolled 20 patients with advanced AIDS in a randomized, double-blind pilot study at the UC San Francisco Medical Center. All patients received standard care, but psychic healers prayed for the 10 in the treatment group. The healers lived an average of 1,500 miles away from the patients. None of the patients knew which group they had been randomly assigned to, and thus whether they were being prayed for. During the six-month study, four of the patients died
  • a typical mortality rate. When the data was unblinded, the researchers learned that the four who had died were in the control group. All 10 who were prayed for were still alive.

But read on — it’s not as simple as all that…

Comments closed

FTC’s ”Spam Harvest”

FTC: “Spam Harvest” Results Reap Help for Consumers Trying To Avoid Spam. Some good prosecutions (yay!):

The FTC alleged that NetSource One and James R. Haddaway, operating as WorldRemove, used spam and the Internet to sell a service they claimed would reduce or eliminate spam from consumers’ e-mail. The claims were false. In fact, using an undercover account to test the claims, the FTC found it received more spam after signing up for the service. The agency charged the defendants with violations of the FTC Act.

Plus some good official studies to back up our own, unscientific research:

In an effort to determine what online activities place consumers at risk for receiving spam, Northeast Netforce investigators seeded 175 different locations on the Internet with 250 new, undercover e-mail addresses and monitored the addresses for six weeks. The sites included chat rooms, newsgroups, Web pages, free personal Web-page services, message boards and e-mail service directories. One hundred percent of the e-mail addresses posted in chat rooms received spam; the first received spam only eight minutes after the address was posted. Eighty-six percent of the e-mail addresses posted at newsgroups and Web pages received spam; as did 50 percent of addresses at free personal Web page services; 27 percent from message board postings; and nine percent of e-mail service directories.

Plus, the lie of “targeting”:

Spam Harvest partners also found that the type of spam received was not related to the sites where the e-mail addresses were posted. For example, e-mail addresses posted to children’s newsgroups received a large amount of adult content and work-at-home spam.
Comments closed

meet the enemy

WSJ: For Bulk E-Mailer, Pestering Millions Offers Path to Profit.

I’m just trying to make a living like everyone else, says Ms. Betterly. … (she) quickly discovered that she could make a profit if she got as few as 100 responses for every 10 million messages sent for a client, and she figures her income will be $200,000 this year.

And she’s based in Tampa, Florida. What is it about Florida?!

Comments closed


Some folks reckon that mailservers should have reverse DNS — in other words, that the SMTP server should have a fully-valid forward-to-reverse mapping for its address, to cut down on spam and forgeries. All well and good.

Some other folks reckon that filtering on it is therefore a good way to cut down on spam.

It’s a nice idea, apart from 2 things:

  • filtering based on this suffers the same problem some DNSBLs have: a false positive hurts the user, rather than the person who is at fault; also the user is virtually powerless to fix it.

  • the correlation between spam and missing reverse DNS is no longer as strong as it used to be, as far as I can tell; spammers know they should pick a relay or proxy with a reverse DNS entry to get through filters, and as it becomes a requirement for relaying in general, more hosts have this anyway (regardless of exploitability or not).

Comments closed

recommended: Leaky Abstractions

Joel on Software now features a great new article on what he calls “Leaky Abstractions”. Some snippets:

  • Even though network libraries like NFS and SMB let you treat files on remote machines “as if” they were local, sometimes the connection becomes very slow or goes down, and the file stops acting like it was local, and as a programmer you have to write code to deal with this. The abstraction of “remote file is the same as local file” leaks. …

(jm: the ‘transparent does not always mean good’ problem)

  • Something as simple as iterating over a large two-dimensional array can have radically different performance if you do it horizontally rather than vertically, depending on the “grain of the wood” — one direction may result in vastly more page faults than the other direction, and page faults are slow. Even assembly programmers are supposed to be allowed to pretend that they have a big flat address space, but virtual memory means it’s really just an abstraction, which leaks when there’s a page fault and certain memory fetches take way more many nanoseconds than other memory fetches.

(jm: the ‘why objects are not always the way to do it’ problem)

And finally, he ends with a killer:

Ten years ago, we might have imagined that new programming paradigms would have made programming easier by now. Indeed, the abstractions we’ve created over the years do allow us to deal with new orders of complexity in software development that we didn’t have to deal with ten or fifteen years ago, like GUI programming and network programming. And while these great tools, like modern OO forms-based languages, let us get a lot of work done incredibly quickly, suddenly one day we need to figure out a problem where the abstraction leaked, and it takes 2 weeks. And when you need to hire a programmer to do mostly VB programming, it’s not good enough to hire a VB programmer, because they will get completely stuck in tar every time the VB abstraction leaks.

Well said! Read the article!

Comments closed


ICAP-server, an (imaginatively-named) daemon which implements ICAP. This seems to be a transcoding proxy server; in other words, it will convert HTML content on the fly, while you browse.

ICAP itself seems to be a protocol for rewriting HTTP responses; in other words, it allows a proxy server to include a small snippet of ICAP client code, and call out to an ICAP server to do the rewriting. Nifty.

Sounds like this could be very handy for low-bandwidth situations; use ICAP to “downshift” web pages into low-bandwidth versions. For example, banner ads can be trimmed out, heavy images converted to small, low-quality JPEGs, etc. One to watch (or help out with).

Ericsson used to have a commercial product which did something similar, but I can’t find it now…

Comments closed

Trinity College, home of the Jedi

Trinity College, Dublin is currently embroiled in a minor kerfuffle with Lucasfilm over “an uncanny resemblance between the 18th-century Long Room Library at Trinity, and the “Jedi Archives” in the latest episode of the “Star Wars” epic.” (Reuters)

The resemblance really is uncanny — I noticed it myself on watching the movie, but assumed there must have been a hundred similar libraries around the world. Sounds like Trinity think there’s only one after all. Given that it’s Trinity, maybe they’re right.

Compare: the Jedi archives vs. the Long Room.

Comments closed

the Anti-Telemarketing EGBG Counter-Script

the Anti-Telemarketing EGBG Counter-Script:

Telemarketers make use of a telescript – a guideline for a telephone conversation. This script creates an imbalance in the conversation between the marketer and the consumer. It is this imbalance, most of all, that makes telemarketing successful. The EGBG Counterscript attempts to redress that balance.

Half of the coolness here is the excellent, form/script-based design. Well suitable for printing out and sticking to the wall beside the ‘phone…

1 Comment

The Da Ming Hun Yi Tu

I’ve been reading an article in Edge Magazine, How To Get Rich, by Jared Diamond (author of Guns, Germs and Steel). He investigates more deeply into the differences between cultures, and the effect this has had on their history and dominance, as he did in GG+S; this time with economic might in mind.

For example, he notes that the Chinese, in the middle ages, were a sea-faring nation of astounding skill, exploring most of the coasts of Asia and Africa for trade. They were on the verge of rounding the Cape of Good Hope (and, in the words of Diamond, “colonising Europe” ;) when a new emperor with an anti-Navy bias took power, and recalled them. Since the entirety of China’s empire was ruled solely by one power, the emperor, that was that. (Compare with Columbus, who could “shop around” the many superpowers of Europe until his trip across the Atlantic was funded.)

Then, this morning, a pertinent link arrived via Kyle Moffat of forteana: an ancient Chinese map of Africa is now on show in Cape Town (BBC).

The Chinese map, covering more than 17 square metres, was produced in silk. It is thought to be a copy of a map sculpted into rock 20 or 30 years earlier. …

The Da Ming Hun Yi Tu, or Amalgamated Map of the Great Ming Empire, is a unique snapshot of history. Created in China in 1389, and clearly showing the shape of Africa, more than 100 years before Western explorers and map-makers reached the continent.

BTW, worth noting that I came across the Diamond article from a link in Clay Shirky’s guest-blog at Boing Boing. Clay, as usual, is throwing up lots of reading material, which I just don’t have time to read ;) so I’m syncing it all to my Palm with Sitescooper. Come on Xerox, where’s that electronic paper!?

Comments closed

The top 100 PageRanked CGI scripts

similar to the much-discussed-elsewhere http search trick, which figures out the top 100 websites according to PageRank, here’s the top 100 CGI scripts according to PageRank. They’re incomplete, since only scripts with “cgi-bin” in the URL will show up, but hey ho. The top ten:

And the winner is:


Comments closed

more Googlism

let’s ask Googlism some hard questions.

Googlism, what is the web?

  • the web is like canada

  • the web is dedicated to breathing life into women’s

  • the web is crippling

  • the web is ruined and i ruined it self

OK, what about the internet?

  • the internet is falling

  • the internet is not printed on paper

  • the internet is like is like a penis

  • the internet is no substitute

And Ireland?

  • ireland is dedicated entirely to development aid

  • ireland is at an end

  • ireland is again the “dirty man” of europe when it comes to

  • ireland is not disneyland

  • ireland is british (what?!)

  • ireland is looking for a german inhouse translator

Right. That’s quite enough I think…

Comments closed

more on vehicular travel

rOD links to Massholes, an incredible gripe site for residents of Massachusetts to bitch about shitty driving, for example:

Dear Masshole Driver,

WHAT on earth makes you think that making a right hand turn from the left hand lane is a good idea??? Really, I’d like to know.

Signed, The-nice-person-you-totally-cut-off-and-almost-killed

Incredible stuff. Sounds like they could do with the cool innovation recently introduced here — the “dob-a-dangerous-driver” line (1).

Let’s say you’re doing what a friend of mine did a few months ago: crossing the road, with your kid in a buggy, at a pedestrian crossing, with the lights in your favour — then a speeding driver breaks the lights at top speed and nearly totals the pair of you.

This great innovation then allows you to whip out your mobile phone (hey, this is europe, everyone has one (2)), and immediately report the car’s registration number — and 2 weeks later he receives a fine! Hey presto, instant justice. (3)

And in the last week, they’ve introduced penalty points for bad driving; 12 points and you lose your license. Things can only get better — for the pedestrians that is, at least. ;)

(1: no, it’s not really called that BTW)

(2: except me, that is — I’m so far ahead of the bleeding edge I’ve given them up)

(3: well, I’m exagerrating, I think there was more witness and due process involved, but it’s pretty close.)

(4: errno==EDANGLE: dangling footnote found)

Comments closed


ThinkGeek sent me a voucher for 30 bucks. Thanks ThinkGeek (or Sourceforge, I’m not sure which)! So here’s what I got:

Mousetrap For Your Fridge Or File Cabinet!

When is the last time you played with your marbles? Welp, dust off your old marble collection (or use the included marbles) and set them on a journey they’ll never forget.

You design the marble’s treacherous path down the steep slope of your fridge or file cabinet (or any metal surface, as these things are magnetic). You have at your arsenal a combination of chutes, funnels, catapults, spinners and sheer drop offs to arrange according to your mood and tastes.

Give your marble the gift of extreme sports, all in the comfort of your own home or office. Because happy marbles breed happy times…

Too cool. Thanks ThinkGeek/Sourceforge!

(On the other hand, BTW, their chosen shipper for Europe happily charges an extra 6 euros for “import duty”. but hey, the toy was free.)

Comments closed