taint.org: Justin Mason’s Weblog

Funny: NYPD alerts cops to ‘terror indicators’.

The NYPD has ordered its patrol force to be more vigilant about spotting and reporting possible signs of terrorism, including individuals who “express hatred for America.” …. The cards advise them to contact counterterrorism investigators when they have suspicions over anyone who is, among other things, carrying driver’s licenses from different states, videotaping utilities and tunnels or wearing fake uniforms.

Sounds like the Village People won’t be playing NYC any time soon, then ;)

Tags: anyone, counterterrorism, driver, force, funny, hatred, nypd, patrol, terror, terrorism, vigilant

Tech: I should note this here just in case anyone finds it useful. A handy tip for anyone visiting Caesar’s Palace; their ‘Business Center’ doesn’t have wifi yet, but (cough) one of their neighbours certainly does ;)

Tags: anyone, business, caesar, case, center, cough, palace, tech, tip, wifi

Mail: I’ve dusted off my old e-mail usability wishlist, made a couple of changes to reflect the current situation now that GMail has implemented some of them, and Wikified the page.

There’s still a couple that I think would be valuable, so anyone looking at new usability ideas for email is welcome to take a look ;)

Tags: anyone, couple, email, gmail, look, mail, page, situation, usability, wikified, wishlist

Software: sourcefrog: arch rocks: mirroring. This is incredibly cool:

Finally, GNU Arch lets you do this. Anyone can mirror a public archive. In fact, several sites such as sourcecontrol.net have set up to just mirror all the open source software they can find. Others mirror just intermittently, as a backup in case a primary archive is lost.

What’s more, because changesets are strongly GPG-signed, people using the archive can feel sure that they’re getting the changes as the original author wrote them, without any accidental or intentional modifications.

BTW, that ‘archive’ — in Arch-land, an archive is a source-code version control repository. In other words, if you want to track development work on a project, you take a private copy of the repository and sync up to every change as it is made remotely, in essence duplicating the central archive (although changes only go one way, obviously).

Then, if you have the privileges — you can merge any changes you make on that archive back up to the central one.

Very cool. I really need to take some time to get into Arch.

Tags: anyone, arch, archive, fact, gnu, mirroring, repository, software, source, sourcecontrol, sourcefrog

Tech: GPRS roaming works… technically. Joi Ito gets a $3,500 bill for checking his mail around the world. Yowch.

FWIW, I’ve never met anyone who’s used GPRS for anything other than the odd demo, or emergency use only, except for employees of the mobile carriers — and they get it for free.

My bet is that the basic failure was a disconnect between the real world and the specification stages — someone somewhere picked up one of those massively-inflated analyst reports a few years ago, said ‘I’d like a piece of that road-warrior market which will be worth $5 billion by 2005, it says here!’ and set prices (to stun) accordingly.

Tags: anyone, anything, bill, fwiw, gprs, ito, joi, mail, tech, world, yowch

Insults: Tom takes issue with my assumption that ‘anyone not living in a hole would know that SpamAssassin includes a probabilistic classifier’. Hmm. OK, I should have made it clear I meant anyone following anti-spam filter development. Henceforth I’ll over-qualify every statement on this weblog accordingly.

But at least I know that badgers are CLEARLY down, since they do live in a hole. DO YOUR RESEARCH, FARRELL.

Tags: anyone, assumption, classifier, development, filter, henceforth, hmm, hole, insults, issue, spamassassin

Spam: So, next Friday I’ll be in Cambridge, MA for the Spam Conference 2004, a one-day extravaganza of probabilistic classifiers, spam-bashing, and hopefully, some socializing too.

Anyone else planning to attend? If so, see you there!

Tags: anyone, conference, extravaganza, friday, planning, spam

Spam: Lee Maguire on pay-per-mail schemes. A great read — recommended to anyone who has given thought to this system.

It’s usually the fear of the odd overlooked gem that has rendered anti-spam techniques impotent. A salutation from a long lost friend with the subject ‘Hi’, an important business mail sent out-of-hours from the kid’s computer, that domain renewal reminder. Most people would apply no charge on the things they want to read, and a bajillion dollars on spam. And if there’s mail you don’t want to read but have to? Chances are you’re being paid to read them already - get back to work.

SoCal: an amazing satellite picture of the wild fires, courtesy of NASA’s Earth Observatory.

Tags: anyone, fear, gem, impotent, lee, maguire, mail, read, salutation, spam, system

So a little more investigation shows that the massive numbers of IPs spamming my referrer logs (like 1000 different IPs every day), are not open proxies as I at first thought; I tested 130, and none had any of the well-known proxy ports open.

My current guess is that they’re malware, such as those ‘ad banner spyware’ programs, and the makers of that software must be doing deals with spam companies to set up the spyware to periodically load URLs in order to referrer-spam for the spam bureau’s customers.

In this case, all the spammed URLs are owned and registered by one porn operation, which is either operating from Switzerland (according to the tech contact info) or Los Angeles (according to the DNS info in whois). (More likely the latter.)

All the IPs doing the spam page loads, are running on Windows XP and Windows 2000 systems as far as I can see, with ports 1025 and 5000 open, so alternatively, maybe they’re trojaned… but there doesn’t seem to be any good evidence indicating that. (those ports are reasonably innocuous.)

Anyone got any ideas? Here’s some sample access_log lines for 100 IPs, gzipped, if anyone wants to check them out.

Tags: anyone, day, info, investigation, ips, referrer, spam, spyware, urls, windows

The Reg: Do webcams break when Tony Blair walks by? A very interesting point; webcams, which provide perpetual surveillance by anyone who wants to, doesn’t quite fit in with modern political image control.

Tags: anyone, control, image, point, surveillance

Matt Blaze has posted a very neat exploit against ‘weaknesses in most master-keyed lock systems, such as those used by offices, schools, and businesses as well as by some residential facilities (particularly apartment complexes, dormitories, and condominiums). These weaknesses allow anyone with access to the key to a single lock to create easily the master key that opens every lock in the entire system. Creating such a key requires no special skill, leaves behind no evidence, and does not require engaging in recognizably suspicious behavior. The only materials required are a metal file and a small number of blank keys, which are often easy to obtain.’

‘The vulnerability was discovered by applying the techniques of cryptanalysis, ordinarily used to break secret codes, to the analysis of mechanical lock design.’

Paper here.

Tags: access, anyone, apartment, creating, evidence, key, lock, master, skill, system

Sliced liver, anyone? “The first public autopsy in Britain for 170 years brought back vivid memories of medical school - and an acute sense of hunger - for the Guardian’s junior doctor Michael Foxton.”

“The process of dismemberment is a deeply weird and dysphoric experience, and it is a dangerous border to cross. I remember the first time I had to do it, as a medical student in an operating theatre. It was a man with stomach cancer, who I had been talking to on the ward the morning before his operation. When the surgeon brought his knife down to make the first cut on his belly, it was everything I could do to stop myself reaching out and grabbing his hand to stop him. Doctors have to cross that line. We have to separate the thinking, smiling, family man from the clinical material. If I hadn’t done that I couldn’t possibly cut a hole and force a huge chest drain tube a centimetre across into a writhing patient on a respiratory ward at three in the morning, without going mad.”

Tags: anyone, autopsy, hunger, liver, man, morning, school, sense, sliced, ward