taint.org: Justin Mason’s Weblog

Voting: None Dare Call It Stolen - Ohio, the Election, and America’s Servile Press, by Mark Crispin Miller.

Miller and many others have obviously been spending a lot of work chasing down each incident in Ohio since last November, and there’s quite a lot of them. It’s impressive the degree to which recounts were evaded, if these allegations are true. There’s many shocking cases alleged than I could really fit here — but here’s some of the lowest points:

On December 13, 2004, it was reported by Deputy Director of Hocking County Elections Sherole Eaton, that a Triad GSI employee had changed the computer that operated the tabulating machine, and had “advised election officials how to manipulate voting machinery to ensure that preliminary hand recount matched the machine count.” This same Triad employee said he worked on machines in Lorain, Muskingum, Clark, Harrison, and Guernsey counties.

it strongly appears that Triad and its employees engaged in a course of behavior to provide “cheat sheets” to those counting the ballots. The cheat sheets told them how many votes they should find for each candidate, and how many over and under votes they should calculate to match the machine count. In that way, they could avoid doing a full county-wide hand recount mandated by state law.

In Union County, Triad replaced the hard drive on one tabulator. In Monroe County, “after the 3 percent hand count had twice failed to match the machine count, a Triad employee brought in a new machine and took away the old one. (That machine’s count matched the hand count.)”

The willingness to throw away functioning, reliable election systems, and replacing them with new, easy-to-subvert ones, is astounding. But on top of that, when concerned parties investigate and find danger signs, it’s easily buried:

Miller emphasizes that, even after the National Election Data Archive Project, on March 31, 2005, “released its study demonstrating that the exit polls had probably been right, it made news only in the Akron Beacon-Journal,” while “the thesis that the exit polls were flawed had been reported by the Associated Press, the Washington Post, the Chicago Tribune, USA Today, the San Francisco Chronicle, the Columbus Dispatch, CNN.com, MSNBC, and ABC.”

Miller’s conclusion: ‘the press has unilaterally disarmed’.

Tags: count, dare, election, employee, hand, lot, machine, none, recount, triad, voting

Art: Machine Molle bill themselves as ‘post-production’, but I suspect that’s understating their work — their site has Flash-playable copies of their videos for Royksopp’s ‘Remind Me’, Air’s ‘Electronic Performers’, and a recent ad for Areva, a Canadian power company. All are simply amazing. Go take a look. (link via Joe)

Tags: air, art, bill, flash-playable, machine, molle, post-production, remind, royksopp, site, work

eVoting: Craig passes on this link: apparently thousands of Orange County voters were given the wrong ballots in last week’s election. The result is that in 21 precincts, there were more ballots cast than registered voters. It gets better — apparently the voting machine vendor has said it will be impossible to figure out how many ballots are invalid as a result. It’d be funny if it wasn’t such a big deal…

Tags: cast, deal, election, evoting, link, machine, result, vendor, voting, week

Security: Dan Bricklin writes:

As I pointed out in ‘Copy Protection Robs The Future’, the only reason I have a copy (of VisiCalc) that can still work is that someone kept a ‘bootleg’ uncopyprotected copy around. The original disks may not have worked on a Longhorn machine. Just copying the files from the original 5 1/4″ floppy to a 3 1/2″ one that would fit in today’s machines certainly would result in a non-working copy, because of copy protection. We will regret ‘Digital Restriction/Rights Management’ in the future.

Here’s the essay he mentions: Copy Protection Robs The Future:

Copy protection, like poor environment and chemical instability before it for books and works of art, looks to be a major impediment to preserving our cultural heritage. Works that are copy protected are less likely to survive into the future. The formal and informal world of archivists and preservers will be unable to do their job of moving what they keep from one media to another newer one, nor will they be able to ensure survival and appreciation through wide dissemination, even when it is legal to do so.

Tying in nicely with The Long Now Foundation and the importance of the public domain.

Tags: bootleg, copy, future, longhorn, machine, protection, reason, robs, security, someone, visicalc

Spam: Cloaking Device Made for Spammers (Wired).

‘Try to find the real IP,’ he said. ‘This host is in rackshack.net, the most antispam ISP.’ A traceroute to the site indicated that it was being hosted on a computer apparently using cable modem service from Comcast.

It’s using DNS trickery and a set of reverse proxies. This is standard practice among a small number of the upper echelon of spammers these days.

Of course, many of the techniques used to do this — such as the subversion of Wintel PCs on cable modem networks — are highly illegal, so the spammer/crackers are heading deep into jail-time territory.

I’m really posting this because of this entry at Boing Boing, in which Cory notes: ‘I’m pretty skeptical about the untraceability of these systems — I suspect that rather, they are resistant to some tools, not resistant to others, and not hard to write new tools to uncover.’

They’re untraceable from where we’re standing — these are compromised machines. The only way to trace from that machine onwards, is for the abuse staff of those machines’ ISPs to help out, or to get hold of the machine itself. This is not so easy — which is why the spammers do it.

(I would have posted this as a comment on BB!, but they’ve stopped accepting comments, as noted previously. grr)

Anyway. As time goes on, the development of Wintel spamware-installing worms, and hands-on cracking of Unix servers to install trojans (PDF), is becoming more and more common. There’s definitely an increasing crossover between spammers, virus-writers and crackers, as the Wired News article notes.

This is very much illegal activity under existing computer crime laws, and much more serious than whatever the anti-spam legislation out there considers spamming to be. Maybe the big spammers are going increasingly ‘all-out’, given that the lawmakers are finally giving the anti-spam laws some teeth…

Tags: boing, cable, cloaking, computer, device, machine, modem, spam, spammers, wintel, wired

Linux: so it seems one of the GNOME guys wants to rewrite the rc.d boot script system in Python. Eek!

• scary OSNews interview
• Slashdot story
• My comment
• Richard Gooch’s cool need(8)/provide(8) tools

Games: Someone has broken into Valve Software’s network and stolen the source code for Half-Life 2 — shacknews:

• 1) Starting around 9/11 of this year, someone other than me was accessing my email account. This has been determined by looking at traffic on our email server versus my travel schedule.
• 2) Shortly afterwards my machine started acting weird (right-clicking on executables would crash explorer). I was unable to find a virus or trojan on my machine, I reformatted my hard drive, and reinstalled.
• 3) For the next week, there appears to have been suspicious activity on my webmail account.
• 4) Around 9/19 someone made a copy of the HL-2 source tree.
• 5) At some point, keystroke recorders got installed on several machines at Valve. Our speculation is that these were done via a buffer overflow in Outlook’s preview pane. This recorder is apparently a customized version of RemoteAnywhere created to infect Valve (at least it hasn’t been seen anywhere else, and isn’t detected by normal virus scanning tools).

Insanely bad news for Valve. :(

Tags: account, boot, email, gnome, linux, machine, script, someone, source, valve, virus

So for the past few weeks, I’ve been getting a lot less spam – like about 1/3 to 1/4 of the normal volume — to my jmason.org account.

I didn’t have a clue why; occasionally I mused that some spam gangs must have figured out that I needed all that spam to develop SpamAssassin, and cutting down on my volume would mean that I’d have to schlep stuff out of the spamtraps (which is a bit of a chore), so they’d unsubscribed me to cause some minor hassle ;)

In reality, what had happened was that my old secondary MX — which was secondarying for me because nobody had gotten around to updating it — had finally been updated, and was no longer accepting mail for jmason.org. So I had only one MX, and the erstwhile backup was bouncing anything it saw, immediately.

Lots of spamtools relay spam via the secondary MX — not sure why, we think it’s working on the assumption that secondaries are less likely to have effective filters.

So basically a good 2/3 to 3/4 of my spam was being sent to a machine that immediately bounced it ;)

The upshot: if you get a lot of spam, and don’t really care if you might occasionally lose real mail if your primary MXes are down, you could always set up a ‘fake’ secondary MX record. The spamtools will happily attempt to send spam to you via that machine (which may not even exist), and then give up after the first bounce – missing you entirely.

Big caveat: I wouldn’t suggest this for situations where your mail delivery needs to be reliable, though. Primary MXes do go down occasionally ;)

Tags: account, clue, jmason, lot, machine, mail, mxes, org, spam, volume

ReVirt is very, very cool security functionality:

ReVirt (part of the CoVirt project) is a complete Linux-on-Linux virtual machine with replay capability: you can explore the state of the entire virtual machine at any point in the past. For example, if you discover an intruder, you can ‘go back in time’ to see how they broke in, watch the exploit in progress, and discover what was compromised. The overhead of virtualization and logging is only 15-30%, even for kernel-intensive applications.

Can’t wait until this is stable…

Games: The Body Behind Vice City’s Tommy Vercetti (Escape Mag): an interview with the guy who did the motion-capture for Vice City:

What advice do you have for any readers interest in doing motion capture?

… Stuff your Spandex mo-cap suit. That’s the key.

Patents: SFGate: Inventors patent ideas to pre-empt their rivals: ‘(IP lawyer) Dennis Fernandez has come up with an idea for TV sets with built-in cameras and small screens that would let viewers talk to one another while watching a show. … Fernandez has no intention of actually building such a device. But the idea is his — and he has a certificate from the U.S. Patent and Trademark Office to prove it.’

And there was me thinking these things had to be non-obvious, and have novelty, to be patentable. :( What is the US PTO up to? And what’s going to happen if the European Patent Office get their way?

I’m beginning to think a pro-bono collection of freely-licensable defensive patents, filed by the FSF or similar, is the only way to work around this brokenness.

Tags: covirt, functionality, idea, machine, office, part, project, revirt, security, way

I’ve just fixed my desktop machine (had to buy a new CPU, unfortunately, after the old one died during shipping).

I then upgraded to Red Hat 9 (woo, very nice), switched to KDE for my desktop, and took a look at software suspend (because the machine is too noisy to leave on permanently in the corner of the living room).

However, the latter won’t work with my video card; instead, the machine reboots continually when resuming from suspend. Problem.

A bit of thinking about the problem came up with a nifty solution… I’d heard of folks using a VNC server for their main desktop, in order to connect to it from any machine they found themselves near, and not be ‘tethered’ to one particular desktop machine. The same system also means I can run my desktop with a virtual display, and just ‘connect’ to this from the real one. Then, when I want to suspend, I can just kill off the X server, suspend, and start up a new one after resume.

If you’re curious about how to do this, read on…

From: Justin Mason
Subject: setting up a VNC desktop

Software suspend won’t work with my video card; instead, the machine reboots continually when resuming from suspend. Problem.

A bit of thinking about the problem came up with a nifty solution… I’d heard of folks using a VNC server for their main desktop, in order to connect to it from any machine they found themselves near, and not be ‘tethered’ to one particular desktop machine. The same system also means I can run my desktop with a virtual display, and just ‘connect’ to this from the real one. Then, when I want to suspend, I can just kill off the ‘hardware’ X server, suspend, and start up a new one after resume.

First, install xf4vnc. This gives you a VNC server that can use the ‘Render’ extension, and therefore display anti-aliased text efficiently. Installation of this is a bit of a manual job, unfortunately, since the author hasn’t actually packaged it in any way. Not too hard though; just 3 copy commands; I don’t think you actually need any files apart from the two in the xf4vnc-linux-i386 group.

Create a file called ~/.xserverrc containing:

:: /usr/local/bin/Xvnc-xf4vnc -depth 16 -geometry 1152×864 -deferupdate 10 :0

Best to make the depth and geometry match your current display.

Next, create a script called ~/bin/x containing:

:: #!/bin/sh
:: X :1 &
:: sleep 4
:: vncviewer -compresslevel 0 -quality 9 -fullscreen -display :1 localhost:0

(ie. start an X display on :1, then display vncviewer to that display.) Don’t forget to make it executable with chmod.

Now, close your current X desktop, return to the console, and run startx to start a new one. This won’t display; instead, it’ll run GNOME/KDE/whatever using a virtual framebuffer. CTRL-Z and bg that process.

Run the x script. It’ll connect to your virtual desktop. That’s it!

You can now hit CTRL-ALT-Backspace to your heart’s content. When your display is killed, the applications and desktop remain untouched. When you rerun the x script, it’ll reconnect and nothing will have changed apart from the mouse pointer position. In fact, I just restarted my X server halfway through that sentence ;)

Have fun!

Tags: bit, desktop, display, machine, problem, resume, server, software, solution, vnc

Sitescooper: Aaron notes that the Wayback Machine has added support for diffing HTML, using technology licensed from DocuComp (demo), and he notes “HTML Diff is extremely difficult and they do a half decent job, but it’s got plenty of room to improve.”

Maybe they should look at Sitescooper: it’s had HTML diffing for the last 3 years, using diff(1) or Algorithm::Diff and some basic knowledge of HTML presentation. Though mind you, DocuComp might have some trouble having a look, as it’s free software, licensed under the GPL. :)

Of course, Sitescooper is a big, chunky lump of application, very oriented towards scraping an entire news site, downloading the latest news, stripping down the HTML and delivering that in one file — ie. exactly what you want for viewing news sites offline on a PDA, but when you want to use just nifty feature in there, you’re stuck with the whole application. It’s just not UNIX.

So, one thing I’ve been thinking about doing recently, is taking some of the code in Sitescooper and refactoring it into a UNIX toolset; a wget-style getting tool, which has Sitescooper’s knowledge of how to cache and rewrite URLs; a HTML-differ; and a few other tools. But this is still thinking, at the moment.

Tags: application, diff, docucomp, html, knowledge, machine, news, sitescooper, unix, wayback