taint.org: Justin Mason’s Weblog

Checking out an awesome new tee at Threadless, I noticed this:

uh-oh — Threadless do baby clothes. There goes my pocket money…

Tags: babies, cute, onesies, stuff, tees, threadless

Stuff: So C is a massive antiques nut, and got tickets for the Antiques Roadshow next month in LA. As a result, we’ve been shopping around for interesting stuff for her to bring along.

Here’s what I found at the antiques market last weekend:

Click on the pic to check out my multiplication skills!

Tags: click, month, multiplication, nut, result, roadshow, stuff, weekend

Web: Now this is very cool stuff: ‘Greasemonkey is a Firefox extension which lets you to add bits of DHTML (”user scripts”) to any webpage to change it’s behavior.’

In other words, you can rewrite any page viewed in Firefox, as it transits between the server and your client’s display; a form of transcoding.

Traditionally, transcoding is performed using a HTTP proxy which applies the transformation, or a specialised HTTP user agent which transcodes and outputs a whole new set of documents with the results.

That was all a little hacky for full-scale integration into your web browser, though, so Greasemonkey is a big improvement for that use-case.

Some good links:

• The Greasemonkey homepage
• The Greasemonkey script repository (wiki)
• Mailing list archives for greasemonkey users

And some demos:

• a good demo of using it to fix a Bloglines bug, by Michael Moncur
• an MSDN bug-fixing script
• a Boing Boing ad-blocking script
• truly awesome: persistent searches (think vFolders) in GMail!

Remember, these are single, sub-100-line JS scripts, running entirely locally in the user’s web browser. The last one gives you an idea of what coolness is possible…

My contribution: an ad-removal script for Metafilter. It took some 30 seconds of hacking to produce this — soooo easy. It’s a whole new world of site customisation and hackable filtering. You thought AdBlock was good, this is ever niftier ;)

Tags: boing, browser, extension, firefox, greasemonkey, http, script, stuff, user, web

Tech: This is the second entry talking about ‘Life Hacks’. Possibly the best tip I came away from the talk with, is this one:

All geeks have a todo.txt file. They use texteditors (Word, BBEdit, Emacs, Notepad) not Outlook or whathaveyou.

What we keep in our todo is the stuff we want to forget. Geeks say they remember details well, but they forget their spouses’ birthdays and the dry-cleaning. Because it’s not interesting.

It’s the 10-second rule: if you can’t file something in 10 seconds, you won’t do it. Todo.txt involves cut-and-paste, the simplest interface we can imagine.

It’s also the simplest way to find intercomation. EMACS, Moz and Panther have incremental search: when you type a “t” it goes to the first mention of “t”, add “to” and you jump to the first instance of “to”, etc.

Power-users don’t trust complicated apps. Every time power-geeks has had a crash, s/he moves away from it. You can’t trust software unless you’ve written it — and then you’re just more forgiving. Text files are portable (except for CRLF issues) between mac and win and *nix. Geeks will try the Brain, etc, but they want to stay in text.

I was already doing this, having learned the latter lesson ;), but I was making one mistake — I was trying to keep the TODO.txt file small by clearing out old stuff, done stuff, and cut-and-paste snippets of command lines, and by moving things into files in ’storage’ directories.

That doesn’t work. You think you’ll be able to grep for it later, but you’ll have forgotten what to grep for. You’ll even have forgotten what storage directory you used. The solution is to keep it all in one big file, and use i-search. That really does work.

In fairness, I actually have two files of this type. One is the “real” TODO.txt. But the other is a GPG-encrypted file containing usernames, URLs, passwords, nameservers, VPN settings, etc. I have a feeling this is another common Life Hack idiom, too…

Another great tip in the same vein, from JWZ — make an /etc/LOG:

Every machine I admin has a file called /etc/LOG where I keep a script of every system-level change I make (installing software, etc.) I rsync these LOG files around (keeping redundant copies of all of them in several places) so that if/when I need to re-build a server from scratch, it’s just a matter of following the script.

This has been working out great (when I remember to do it. Discipline! ;)

Tags: emacs, file, grep, storage, stuff, tech, text, tip, todo, txt, type

Tech: So Danny O’Brien’s ‘Life Hacks’ talk is one of the most worthwhile reflections on productivity (and productivity technology) I’ve heard. (Cory Doctorow’s transcript from NotCon 2004, video from ETCon.)

There’s a couple of things I wanted to write about it, so I’ll do them in separate blog entries.

(First off, I’d love to see Ward Cunningham’s ‘cluster files by time’ hack, it sounds very useful. But that’s not what I wanted to write about ;)

People don’t extract stuff from big complex apps using OLE and so on; it’s brittle, and undocumented. Instead they write little command-line scriptlets. Sometimes they do little bits of ‘open this URL in a new window’ OLE-type stuff to use in a pipeline, but that’s about it. And fundamentally, they pipe.

This ties into the post that reminded me to write about it — Diego Doval’s atomflow, which is essentially a small set of command-line apps for Atom storage. Diego notes:

Now, here’s what’s interesting. I have of course been using pipes for years. And yet the power and simplicity of this approach had simply not occurred to me at all. I have been so focused on end-user products for so long that my thoughts naturally move to complex uber-systems that do everything in an integrated way. But that is overkill in this case.

Exactly! He’s not the only one to get that recently — MS and Google are two very high-profile organisations that have picked up the insight; it’s the Egypt way.

There’s fundamentally a breakage point where shrink-wrapped GUI apps cannot do everything you want done, and you have to start developing code yourself — and the best APIs for that, after 30 years, has been the command-line and pipe metaphor.

(Also, complex uber-apps are what people think is needed — however, that’s just a UI scheme that’s prevailing at the moment. Bear in mind that anyone using the web today uses a command line every day. A command line will not necessarily confuse users.)

Tying back into the Life Hacks stuff — one thing that hasn’t yet been done properly as a command-line-and-pipe tool, though, is web-scraping. Right now, if you scrape, you’ve got to do either (a) lots of munging in a single big fat script of your own devising, if you’re lucky using something like WWW::Mechanize (which is excellent!); (b) use a scraping app like sitescooper; or (c) get hacky with a shell script that runs wget and greps bits of output out in a really brittle way.

I’ve been considering a ‘next-generation sitescooper’ a little bit occasionally over the past year, and I think the best way to do it is to split its functionality up into individual scripts/perl modules:

• one to download files, maintaining a cache, taking likely freshness into account, and dealing with crappy HTTP/HTTPS wierdness like cookies, logins and redirects;
• one to diff HTML;
• one to lobotomise (ie. simplify) HTML;
• one to scrape out the ‘good bits’ using sitescooper-style regions

Tie those into HTML Tidy and XMLStarlet, and you have an excellent command-line scraping framework.

Still haven’t got any time to do all that though. :(

Tags: brien, command, everything, hacks, life, line, pipe, productivity, stuff, tech, way

Spam: So, CEAS was great fun, and very educational:

• Got to meet up with various antispammers, including Daniel and Theo from the SpamAssassin dev team, Jeff Chan from SURBL, Dan Kohn from Habeas, Catherine Hampton from The SpamBouncer, Miles Libbey, John Levine, Neil Schwartzman — lots of good chats.
• MS really know how to feed a conference! I hear rumours there was an extra-special tinned-meat-product-based dish at the banquet…
• But their firewalling tendencies put a serious damper on keeping in touch with the outside world, at least until we set up an SSH tunnel on port 443 ;)
• During a lull, Dan Kohn fired off a hands-up census — a good 75% of the attendees (roughly) admitted to using SpamAssassin!

My highlight papers:

• IBM’s Chung-Kwei pattern-discovery system — the one which Mark dug up. Very interesting stuff; it turns out that bioinformatics is full of large corpora of data (genomes) which you then need to find patterns in. Funnily enough, so is SpamAssassin: s/genomes/spam/, s/patterns/regular expressions/. The more advanced pattern-discovery algorithms even allow complex patterns to contain alternative blocks, ‘don’t-cares’ and similar regular-expression-like features.

  The really good bit of Chung-Kwei is the Teiresias algorithm (more pages, online demo). Of course, being IBM research, it’s probably patented to the hilt, and may be tricky to license; but it’s certainly pointed us in a whole new interesting direction — anyone know any bioinformaticians?

  IBM is really gearing up on anti-spam research. 4 of the 6 papers listed on their website were presented this year, at CEAS.

• Another good paper was On Attacking Statistical Spam Filters, by Gregory L. Wittel and S. Felix Wu, which (similarly to Henry Stern’s submission, which I helped a little with) dealt with an attack on Bayesian filters.

  This is interesting stuff; we’re pretty sure it’s not as serious as it could possibly be, in SpamAssassin’s implementation, but it’s still a serious attack.

• The Impact of Feature Selection on Signature-Driven Spam Detection was an interesting paper on AOL’s new signature schemes. (The conference was sponsored by Cloudmark, BTW, but those guys were nowhere to be seen — in which case they missed this presentation ;)
• Reputation Network Analysis for Email Filtering was interesting, in that it mirrors to a degree the thinking behind web-o-trust.org, but in my opinion suffered due to a lack of thought about avoiding spoofing (by including IP address information in the FOAF file, it could do this now). However, once SPF becomes pervasive, this could be combined with that to generate personalised webs of trust usable for email whitelisting.
• Resisting SPAM Delivery by TCP Damping was very nifty; plug a classifier into your MTA, and thereby detect connections from spam relays. Once you’ve found them, you then throttle down their connection as they attempt to deliver spam. Some other TCP-level tricks can do nifty stuff like massively increasing the bandwidth consumption of the spamming machines. Very very nice!

I took copious notes on the SpamAssassin wiki, if anyone’s curious.

Tags: attack, ceas, dev, fun, got, ibm, research, spam, spamassassin, stuff

Software: Mark Twomey, in response to all the Win32 API stuff recently:

We now have a generation of computer users … who have never received or sent email from a so called ‘rich client’, never had to send a postal order off to order something from some distant vendor, and are not amazed by something like a search engine. ….

Those (’rich client’) people remind me of minicomputer users who crapped on the ‘crummy little operating systems’ used on ‘crummy little desktop computers.’

He’s right, you know — for de yoot, Windows is generally just a way to access Hotmail.

Tags: api, client, computer, crummy, email, generation, response, software, something, stuff, win

Conferences: LayerOne was seriously great! Got to meet up with some really interesting people; discuss some nifty stuff; and get some new angles on the whole hacking scene.

Seriously, that was well worthwhile, especially in terms of potential new ways to deal with spam, and issues to watch out for in terms of spammer techniques in future. A great techie conf, and the boozing^Wsocialising was pretty good too ;)

I’m actually giving some thought to going to Defcon after that…

Tags: conf, conferences, future, got, layerone, scene, seriously, spam, spammer, stuff, techie

Hacking: Amazing — the Action Replay cartridge is still around!

To be honest, I’m quite surprised that the PS2 hardware platform allows any of this stuff without some mod-chip-style soldering… but then, it’s pretty clear Datel have the technology to figure these things out. Impressive.

Aside: in my teens, I wrote demos on the Commodore 64 entirely in the Action
Replay’s built-in monitor. I tried using compilers that supported such luxuries as symbolic labels, variable names, etc., but the ability to halt the entire machine and debug extensively, with a single button press, was just too nifty ;)

Tags: action, cartridge, commodore, datel, hacking, hardware, impressive, platform, replay, stuff, technology

Games: Katamari Damacy (roughly translated as ‘Clumpsoul’) is a game where you roll around various landscapes, making a giant ball of ’stuff’.
Here’s a review. It looks like sheer genius; here’s hoping it gets a US/Euro release!

Tags: ball, clumpsoul, damacy, euro, game, games, genius, katamari, release, review, stuff

Spam: WSJ: For Orlando Soto, No Day Is Complete Without Some Spam.

Mr. Soto routinely comes home to some 150 e-mail pitches, and he loves getting them all … he buys stuff pitched in spam e-mail — again and again. He buys spam-pitched aromatherapy oils for his wife and pharmaceuticals for himself. … He buys stuff via spam for himself and to resell on Web sites he sets up — a business idea he got from a spam pitch. …

It’s mind-blowing — leaves you wondering how one man could be so gullible, and hand over so much money to some of the world’s dodgiest vendors, without even any concept of comparison shopping (and without falling victim to identity theft and a cleared-out bank account). Until you get to this line:

In the past, Mr. Soto says he has sent out spam himself,

Aha.

but he doesn’t any more for fear of the increasing multitude of federal and state spam regulations now on the books.

Of course. (link via Craig)

Tags: aromatherapy, business, day, home, orlando, spam, stuff, web, wife, wsj

Open Source: Clemens Vasters: Where do you want to go, Aiden? Sadly, Clemens misses the
point dramatically.

Point one: I’ve worked on open-source and proprietary software. I still do. I work on them both simultaneously (or, at least, proprietary 9-5 and open-source outside work hours ;). I have a good few of the things you’re supposed to have ‘by the time you’re 30′.

It’s not an all-or-nothing thing; working on open source doesn’t mean retreating into a garrett and staying up all night. Nothing is black-and-white like that, and surely Clemens should be able to recognise that aspect of the real world by now. ;)

Point two: Open source work does found a career. It acts as a fantastic testament to your ability — especially if you’ve written good code or organised a team. I’d be much more happy to hire someone who had demonstrated that ability, over people who had no OS dev experience, if I was interviewing candidates in the day job. (In fact, I have in the past. ;)

For one thing, a tar.gz from Sourceforge is a lot easier to verify than some assertion that when you worked for some big company, you were Very Important and did Amazing Things, but sorry, they were all secret and proprietary so you have no proof.

Point three: ‘It doesn’t matter whether you love what you are doing and consider this the hobby you want to spend 110% of your time on: It’s exploitation by companies who are not at all interested in creating stuff. They want to use your stuff for free. That’s why they trick you into doing it.’

This is total FUD — pretty much just shouting ‘it’s an IBM conspiracy!’

For the record, I’ve never even talked to anyone from IBM about open source, as far as I know — aside from when I stood up once at a conference and attempt to ask an IBM manager about their crappy software patent policy and how it conflicted with their avowed support of open-source. (Obviously their payoff cheque was late that month ;)

More good comments on slashdot, believe it or not (with the threshold at 3, that is).

(finally, an aside: I suspect the guy’s name was ‘Aidan’ BTW.)

Tags: ability, aiden, ibm, open, point, software, source, stuff, thing, time, work

Tech: PDF file: how do photocopiers decide not to photocopy modern banknotes? ‘a geometric pattern … of five 1 mm large circles’. Fascinating stuff from Markus Kuhn, as usual! (via HackThePlanet)

Tags: fascinating, hacktheplanet, pattern, pdf, stuff, tech

Vacation: We’re back. Well, technically, my body is back, but the silver thread is reeling in somewhere over Greenland. So I’m pre-classifying my mail and looking for urgent stuff with my eyes glazing over instead of doing anything more useful.

Scams: Interesting Wired News article: ‘Cyber-blackmail artists are shaking down office workers, threatening to delete computer files or install pornographic images on their work PCs unless they pay a ransom’. ‘The e-mail typically contains a demand that unless a small fee is paid … they will attack the PC … or download onto the machine images of child pornography.’

Of course, it’s simply spammed out, and they phish in anyone who is dumb enough to take it seriously and reply. But it does raise an interesting point, which I read about last week in this interview with Pete Townshend:

‘Perhaps Townshend (was) thinking of a case at Southwark Crown Court in 1998, in which the judge made it clear what constituted possession: that you were in possession of child pornography not just if you actively downloaded it, but if it appeared on your computer screen at all.’

So that sounds like, if child-porn images are found on a PC — and it doesn’t matter how they got there — the PC’s owner is liable. So theoretically this could be exploited to cause serious legal difficulties to a UK resident with a lack of computer literacy, or a bad email client that displays images in messages from unknown senders without user approval first. Another bad law.

Funny: Andy Kershaw in North Korea: songs about revolutionary cabbage-growing.

Tags: anything, body, child, computer, mail, pornography, possession, silver, stuff, thread, vacation

Music: All good things must come to an end. EMusic has been bought out by some bunch called ‘Dimensional Associates’, and will no longer offer its excellent download service; instead you’re limited to a measly 40 MP3s per month. (For context — last time I downloaded some listening material was on Monday, and I picked up about 80 MP3s in a single sitting.)

They’ve shut down their message boards; third-party discussion groups are filled with wailing and gnashing of teeth; and worst of all, I can’t even download the remaining stuff on ‘My Stash’ (the downloads-to-do list) because they’re overrun with rats deserting the sinking ship. (no reflection on the rats — I’m one myself.) Either that, or they’ve just turned them off; which is annoying as I had lots of music lined up to download when I got a chance.

This is very bad news — Apple’s iTunes is full of crappy music, Mac-only, and DRM-crippled; Rhapsody is Windows-only and DRM-crippled; there’s really no other legal MP3-download option.

I guess I’ll just have to go back to buying 1 or 2 CDs every few months when I’m buying stuff from Amazon (which I do nowadays anyway, in addition to EMusic) and just listening to the radio in general instead.

Thanks anyway, EMusic, for introducing me, helping me get into, or helping me rebuild my collection of such great music as:

• Ladytron
• Lemon Jelly
• Belle and Sebastian
• TRS-80
• Yo La Tengo
• Pepe Deluxe
• Layo And Bushwacka
• Asian Dub Foundation
• The Pixies
• Stereolab
• Johnny Cash
• Future Sound of London
• Freq Nasty
• Matmos
• Cornershop
• Thievery Corporation
• Cocteau Twins

It was great while it lasted.

Ah well, I guess I’ll save a tenner a month, which I can put towards the GameFly subscription…

Tags: bunch, dimensional, download, drm-crippled, emusic, end, month, music, offer, stuff

e-Voting: Wired has an absolutely mind-numbing list of issues with the security of Diebold voting machine procedures, including passwords printed in manuals which the staff can take home, that same password being reused for multiple systems including the on-site machines at polling stations, tamper-resistance measures being omitted, poll supervisors hired without background checks, bicycle locks being used to secure voting machines, one shared key used to ’secure’ the memory cards, etc.

‘The election process is mainly based on trust,’ Ginnold said. ‘We trust that poll workers are not going to be tampering with them.’

It’s simply insane to replace a known-good voting system (even if it’s just First-Past-the-Post instead of Proportional Representation, but that’s another issue) with a quick hack like this, IMO.

Please vote anyway, if you’re a CA citizen. And not for the fondling meathead, naturally.

DMCA: EFF: Unintended Consequences: Five Years under the DMCA. An incredible list of cases where the DMCA was used unfairly to restrict competition, research, or fair use, some of which I didn’t even know about. For example, I didn’t realise that the International Information Hiding Workshop Conference will no longer hold conferences on US soil after Professor Ed Felten was threatened over their SDMI paper.

Politics: Michael Moore on how to talk to your conservative brother-in-law. MM may play to the gallery now and again, but sometimes, he’s a genius:

Paying workers more money makes you money!

Dear brother-in-law, when you don’t pay people enough for them to take care of life’s essentials, it ends up costing you and everybody else a lot of money. When you pay your employees more money, what do you think they do with it? Invest it in stocks? Hoard it in offshore accounts? No! They spend it! And what do they spend it on? The stuff you make and sell! If you pay people squat, or lay them off, they can’t buy your stuff. They become a drain on the economy; some turn to crime, and when they turn to crime, it’s your Mercedes they want, not some junker Oldsmobile in their poor neighbour’s driveway.

Science: IgNobel prize winners 2003, including a prize for the nation of Liechtenstein for renting out the entire country for ‘corporate conventions, weddings, bar mitzvahs, and other gatherings’.

Tags: brother-in-law, diebold, dmca, e-voting, list, money, poll, security, stuff, voting, wired

Music: I’ve just stumbled across Ladytron on EMusic a couple of weeks ago, and they’ve totally taken over my playlist.

They’re kind of over-cool electro stuff in the style of Air, but with much more in the way of 80s-style synth noises. Massively over-cool: it seems the name is from a tune from Roxy Music’s first album, this interview has them namechecking ‘The Andromeda Strain’ and ‘Logan’s Run’, and virtually every tune is heavily Kraftwerky.

Still, I’m hooked… one note though: IMO, the first album, 604, is much better than the difficult second. AudioGalaxy seems to have a copy of ‘ Play Girl‘ from 604 — give it a listen.

Recommended tracks: I’m With The Pilots and Discotraxx – Paco! is worth a listen too, it includes the theme tune to Are You Being Served, believe it or not. ;)

Tags: album, couple, electro, emusic, kind, ladytron, playlist, stuff, style, tune

Scary stuff — the techie details of the trojan discussed in the NYT article today — Reverse-Proxy Spam Trojan - Migmaf (LURHQ):

LURHQ was able to obtain a copy of the trojan - detected from suspicious activity originating from a VPN user on a firewall on a network we monitor. What we found was the trojan was not a webserver at all, but instead: a reverse proxy server. Instead of hosting the content on the victim’s computer, the spammer instead maintained a ‘master’ webserver. We have dubbed this trojan ‘Migmaf’.

Tags: article, lurhq, migmaf, nyt, proxy, scary, stuff, techie, trojan, webserver

That’s the message from Robert Sapolsky, professor of biological sciences at Stanford and neurology at Stanford’s School of Medicine, from his studies of baboon behaviour in the Serengeti:

For the humans who would like to know what it takes to be an alpha man–if I were 25 and asked that question I would certainly say competitive prowess is important–balls, translated into the more abstractly demanding social realm of humans. What’s clear to me now at 45 is, screw the alpha male stuff. Go for an alternative strategy. Go for the social affiliation, build relationships with females, don’t waste your time trying to figure out how to be the most adept socially cagy male-male competitor. Amazingly enough that’s not what pays off in that system. Go for the affiliative stuff and bypass the male crap. I could not have said that when I was 25.

A handful of (the baboons) simply walked away from it over the years. Nathaniel was one, and Joshua was another. They had the lowest stress hormone levels you’ve ever seen in male baboons, and outlived their cohorts. The fact that this alternative strategy is actually the more adaptive one is one of the good bits of news to come out of primatology in quite some time. If that’s the future of primates, this planet is going to be in great shape in a couple of million years.

A great article, and pretty funny in places — especially where he discusses the results of baboons’ lack of a developed frontal cortex:

Even though there are tremendous individual differences among the baboons, they’re still at this neurological disadvantage, compared to the apes, and thus they typically blow it at just the right time. They could be scheming these incredible coalitions, but at the last moment, one decides to slash his partner in the ass instead of the guy they’re going after, just because he can get away with it for three seconds. The whole world is three seconds long–they’re very pointillist in their emotions.

More at the Edge Magazine site.

Tags: alpha, medicine, message, neurology, professor, school, stanford, strategy, stuff, time

Ah, some good old-fashioned sleazy MS stuff:

Chris O’Rourke, a Microsoft employee, described attending LinuxWorld, a trade fair in California, where he ‘purported to be an independent computer consultant’ working with several public school districts, according to an e-mail message he sent on Aug. 20, 2002. ‘In general, people bought this without question,’ Mr. O’Rourke wrote. ‘Hook, line and sinker.’

He said his goal was to glean intelligence about the competition. His guise, Mr. O’Rourke said, ‘got folks to open up and talk.’ Mr. O’Rourke did not respond to a fax and voice mail message seeking comment.

Hilarious — if you can’t beat ‘em, send in the clowns. Via the NYT.

Tags: aug, computer, consultant, employee, linuxworld, message, microsoft, school, stuff, trade

a message on Dave Farber’s IP list tipped EMusic.com as a little-known alternative to Apples new music store. So I took a look, and whaddya know, it’s incredible! Here’s the key points:

• A fantastic selection of my favourite genres: roots reggae, dancehall, ambient and drum and bass. This is exactly the stuff you can’t find on P2P nets nowadays, and it’s not on Apple’s store either. EMusic is not so hot for the top-40 stuff, but let’s face it, I will never want to listen to Britney’s latest anyway.

• ‘Try before you buy’ 30-second track tasters, so you can listen to
  • the tune just enough to see if you like it before committing.
• A flat monthly rate of 10 bucks, for 50 tracks a month.

• Download as plain old un-DRM-encumbered MP3s. So it’ll work fine on my Linux desktop, and pretty much any music-listening device you can possibly imagine for the next few years.

Wow. I’m so signing up for this. I think in 10 minutes I’ve identified my next 6 months’ listening material…

Tags: alternative, apples, com, emusic, list, look, message, music, store, stuff

I’ve been trying to reduce all the anti-war stuff, since there’s plenty of other sources for that and I reckon I’m boring everyone. But this story’s a doozie — US, UK intelligence agencies accuse Bush and Blair of distorting and fabricating evidence in rush to war:

A high-level UK source said last night that intelligence agencies on both sides of the Atlantic were furious that briefings they gave political leaders were distorted in the rush to war with Iraq. ‘They ignored intelligence assessments which said Iraq was not a threat,’ the source said. Quoting an editorial in a Middle East newspaper which said, ‘Washington has to prove its case. If it does not, the world will for ever believe that it paved the road to war with lies’, he added: ‘You can draw your own conclusions.’ …

‘The INC saw the demand, and provided what was needed,’ he said. ‘The implication is that they polluted the whole US intelligence effort.’

Tags: bush, doozie, everyone, evidence, intelligence, plenty, rush, source, story, stuff

More comments on that RHL9 review… interesting to see that RH ran into the same Unicode problem we did with SpamAssassin — namely that using Unicode charsets is horrifically slow compared to plain old ASCII. (This is the main reason we use ASCII internally in SpamAssassin.)

Bootup Scripts and Unicode: All the text processing utilities, grep, awk, sort, etc all work significantly slower when using the Unicode UTF locale. To speed the bootup, in the /etc/rc.sysinit and other SysV scripts, because the configuration is using 7bit ASCII these utilities are now invoked with LC_ALL=C utility to force the C locale.

(Also interesting to note who reported the bug, too ;)

Other nice additions:

• Keith Packard’s xrandr, to resize and rotate an X screen on the fly.
• redhat-config-(tab) to list all system config stuff from the commandline. At last, sensible naming for this stuff!
• Debuginfo RPMs, to install debug symbols for your system libraries on-the-fly.
• Subversion. (Although I’m a bit disappointed to read that svn doesn’t improve on CVS’ ability to do merges at all, which has drastically reduced my keenness to upgrade.)

Tags: ascii, bit, bootup, locale, review, rhl, spamassassin, stuff, system, unicode

Well, this is bad news. It seems one of the biggest bugbears for open Wifi hot-spots, ‘what if it’s used to spam’, may now be happening on a wide scale…

Unauthorized WLAN Connections Used to Send Spam (2 April 2003)

Data gathered from a wireless LAN (WLAN) honeypot showed that nearly 75% of intentional unauthorized connections made were used to send spam. (newsfactor.com)

The honeypots were set up in the City of London for 2 weeks, as default, open WLANs. This is the nearest I can come to a source. Both RSA Security UK and Z/Yen don’t list it on their press releases pages.

My thoughts: it could be the Jeem or Rewt spam-relaying trojans searching for open nets automatically, from infected machines. Strikes me that there wouldn’t be too many spammers war-driving around London, in person.

Thanks to Tony Earnshaw for forwarding it on from SANS NewsBytes…

Date: 09 Apr 2003 19:57:32 +0200
From: Tony Earnshaw (spam-protected)
To: (spam-protected)
Subject: SANS Newsbytes for today

SANS stuff is always interesting; those who care about their network and computer security should really subscribe - not to mention the SANS GIAC stuff.

The undermentioned is interesting to SA Talk.

– Unauthorized WLAN Connections Used to Send Spam (2 April 2003) Data gathered from a wireless LAN (WLAN) honeypot showed that nearly 75% of intentional unauthorized connections made were used to send spam.

http://www.newsfactor.com/perl/story/21168.html

Tony

–

Tony Earnshaw

e-post

tonniatbillydotdemondotnl

www

http://www.billy.demon.nl

---

This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger for complex code. Debugging C/C++ programs can leave you feeling lost and disoriented. TotalView can help you find your way. Available on major UNIX and Linux platforms. Try it free. www.etnus.com

---

Spamassassin-talk mailing list (spam-protected) https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Tags: com, connections, data, newsbytes, sans, security, spam, stuff, unauthorized, wlan

IP: a Hong Kong physician reports on SARS, the ‘atypical pneumonia’ that’s in the news. It’s quite scary stuff.

Masks are worn throughout the hospital. Staff are not going home to children. Please take the warning below seriously. My impression is that even with minimal contact with an infected person people have been becoming ill.

Tags: home, hospital, news, physician, pneumonia, sars, staff, stuff, the, warning

Craig’s now blogging! Great stuff. He’s on the blogroll.

Tags: blogroll, stuff

Wikipedia: Edit wars in progress. Fascinating stuff! (thanks to Crummy.com for the link).

Tags: com, crummy, edit, fascinating, link, progress, stuff, wikipedia

http://www.uncontrol.com/ — a flash applet which provides a good collection of nature-imitating mathematical eye candy. Number 16 is beautiful.

I used to write graphics demos on the C-64, which used a lot of this kind of stuff (although a hell of a lot simpler for obvious reasons). It occurs to me that Flash makes writing demos a lot easier; it provides a decent language (scripting as opposed to 6502 assembly), it gives you a good set of drawing tools (anti-aliasing, alpha blending, and 24-bit colour), the hardware no longer limits what you can do in 2-D graphics, and you can even buy software which takes care of the text effects like zooms, scrolling, bouncing etc. In other words, all the cool tricks are done for you ;)

I wonder what demo writers are doing nowadays, as a result? One side seems to be what these guys have done — actually go for really interesting, good-looking effects, rather than just the “how did they do that” factor. I would imagine the other side of the demo “bleeding edge” is doing a hell of a lot of 3-D stuff. (By hand. In assembler. ;)

Tags: applet, candy, collection, demo, eye, flash, hell, lot, side, stuff

I’ve just added weblogs.com support to taint.org. Been meaning to do it for a while, but plenty of other stuff got in the way in the meantime. :(

Tags: com, meantime, org, plenty, stuff, support, taint, way, while

Just got ADSL installed — it’s sweet. Napster rides again! Well, to tell the truth — gnapster rides again, the proprietary stuff was never going to work for me on Linux anyway, and they’ve been thoroughly shafted by the RIAA now.

Anyway, as a result, I’ve been getting very heavily into the Congo Natty back catalogue. Junglist! ;)

Tags: adsl, catalogue, gnapster, junglist, linux, napster, result, riaa, stuff, truth