A couple good websites for malware info
Looking around for opinions or reviews of the MSBSA (Microsoft Baseline Security Analyser) I ran across a couple websites to pass along.
infectionvectors.com
malwarehelp.org
infectionvectors.com
malwarehelp.org
Sunday Book Recommend: The Universe In a Single Atom
There is a difference between the study of human thought and behavior, and the actual experience of living. Even the most objective scientist has to live and socialize, otherwise he might be considered a sociopath. This is an extreme example of course, but the point is that we can find the experience of life, thought, and human behaviour to be a fascinating work of study without conflicting with a faith or religion. This is accomplished by integrating our experience of human interaction with the framework of whichever faith you hold.
We can learn about others in the context of living ourselves, even though the neurology of our brains include a tendency toward illusions and our motivations can often filter how we see the actions of others. The trick is, instead of placing the another person within the framework of your own faith and drawing judgement, keep an objective view of their actions while you consider how the experience falls within your own path of learning. Then choose your actions accordingly.
The book I am recommending is a somewhat technical view of the integration of psychology and the Buddhist philosophy. Buddhist philosophy is not an argument against any view of God. This book examines how the empirical evidence of science can be considered and integrated with spiritual experience. The first third or so describes in general terms how the Buddhist philosophy accomplishes this, and the rest of the book provides some compelling concepts about how our senses interact with the world around us and provide an infinite number of spiritual puzzles in the process.
The title of the book comes from the view that in any small situation, the greater meaning can be experienced. In technical classes I often enphasize the importance of breaking a challenge down to a manageable level, then after solving it, blow it back up to scale. This is the key to dealing with anything larger than ourselves, and you will be astonished by what you can grasp if you practice this approach.
Purchase this book from the outlet of your choice:
The Universe In A Single Atom: The Convergence of Science And Spirituality
In Print ISBN: 076792066X
CD Audiobook: 0739322656
Also available at http://www.audible.com
We can learn about others in the context of living ourselves, even though the neurology of our brains include a tendency toward illusions and our motivations can often filter how we see the actions of others. The trick is, instead of placing the another person within the framework of your own faith and drawing judgement, keep an objective view of their actions while you consider how the experience falls within your own path of learning. Then choose your actions accordingly.
The book I am recommending is a somewhat technical view of the integration of psychology and the Buddhist philosophy. Buddhist philosophy is not an argument against any view of God. This book examines how the empirical evidence of science can be considered and integrated with spiritual experience. The first third or so describes in general terms how the Buddhist philosophy accomplishes this, and the rest of the book provides some compelling concepts about how our senses interact with the world around us and provide an infinite number of spiritual puzzles in the process.
The title of the book comes from the view that in any small situation, the greater meaning can be experienced. In technical classes I often enphasize the importance of breaking a challenge down to a manageable level, then after solving it, blow it back up to scale. This is the key to dealing with anything larger than ourselves, and you will be astonished by what you can grasp if you practice this approach.
Purchase this book from the outlet of your choice:
The Universe In A Single Atom: The Convergence of Science And Spirituality
In Print ISBN: 076792066X
CD Audiobook: 0739322656
Also available at http://www.audible.com
Microsoft suing John Doe for having a spambot network
Finally, a Microsoft lawsuit we can all cheer for !!
In the article linked below, it seems MS infected one computer with some code and found that seconds later it was announcing its presence to a few botnets and moments later it was contacted hundreds of times and minutes later it was sending millions of spam.
So Microsoft is fixing the problem of botnets where they really know how to be affective. In the courtroom I am sure the nn year old college student that started this botnet will succumb to the pressure and be shamed by the scrutiny. Not to mention the millions he pays Microsoft will be used to reverse the damage cause by the phishing scams he sent.
The question is, Will lawsuits like this deter spam or just force them to find sneakier ways of remaining anonymous? For the answer, ask the RIAA how things have been going for them lately.
http://www.aunty-spam.com/microsoft-tracks-zombies-to-the-source-sues-zombie-seeders-and-spammers/
In the article linked below, it seems MS infected one computer with some code and found that seconds later it was announcing its presence to a few botnets and moments later it was contacted hundreds of times and minutes later it was sending millions of spam.
So Microsoft is fixing the problem of botnets where they really know how to be affective. In the courtroom I am sure the nn year old college student that started this botnet will succumb to the pressure and be shamed by the scrutiny. Not to mention the millions he pays Microsoft will be used to reverse the damage cause by the phishing scams he sent.
The question is, Will lawsuits like this deter spam or just force them to find sneakier ways of remaining anonymous? For the answer, ask the RIAA how things have been going for them lately.
http://www.aunty-spam.com/microsoft-tracks-zombies-to-the-source-sues-zombie-seeders-and-spammers/
Master Foo and the Script Kiddie
Check this out:
http://www.catb.org/~esr/writings/unix-koans/script-kiddie.html
And there are more:
http://www.catb.org/~esr/writings/unix-koans/
http://www.catb.org/~esr/writings/unix-koans/script-kiddie.html
And there are more:
http://www.catb.org/~esr/writings/unix-koans/
What is "Tempest" and can they really do this?
The concept of Tempest has to do with preventing a party from eavesdropping on electronic media from a distance. Because much of the material is classified, there has always been a temptation to fill in theblanks with our imaginations, and a lot of misinformation gets spread around.
...or is it misinformation? (just kidding)
Since I get asked about this alot, here are two links to pages that will help you make up your own mind on the matter. There is no question it can be done, (eavesdropping I mean, not making up your mind) its a matter of what you think governments and others might be doing with the technology that gets the imagination racing.
The Complete Unofficial Tempest Information Page
http://www.eskimo.com/~joelm/tempest.html
Compromising Emanations: Eavesdropping risks of computer displays (.pdf)
http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-577.pdf
...or is it misinformation? (just kidding)
Since I get asked about this alot, here are two links to pages that will help you make up your own mind on the matter. There is no question it can be done, (eavesdropping I mean, not making up your mind) its a matter of what you think governments and others might be doing with the technology that gets the imagination racing.
The Complete Unofficial Tempest Information Page
http://www.eskimo.com/~joelm/tempest.html
Compromising Emanations: Eavesdropping risks of computer displays (.pdf)
http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-577.pdf
Free speech, predators, and private schools
A catholic school has just set a policy forbissing student from blogging (link below), under the idea that they are trying to protect students from online predators. Students and parents alike are upset, but there are those that agree with the school. My head started spinning with the various angles one could take for discussion on this topic:
1. Free speech in the constitution affects only federal law, so that argument in this situation doesn't work. But on the other hand, we tend to believe that liberty includes free speech, wether the law is made that way our not. Doesn't society have a say in how the constitution is actually practiced?
2. To what extent does any institution, be it school or employer, have the right to regulate the behaviour of its members outside working hours or off campus? Are any attempts really for the good of the people or just for itself?
3. Parents complain that schools don't do enough, but then when schools try to step up, parents often complain that their rights are being violated.
4. Is it easy to overreact in these situations leaving behind common sense? What if the school really is just trying to protect kids from dangerous situations by preventing them from sticking too much ID info into a such a public place. Kids will have lapses of bad judgement online and will often not listen to guidence. Removing their choices is sometimes necessary.
5. What if, as soon as we fall for number 4 above, this kind of reason gets abused and used as a smoke screen by organizations who really just want to squash criticism or regulate the expression of thoughts and ideas; because they obviously do know better than the rest of us about what is harmful.
6. Some would say "If you don't like the policy, go elsewhere" Is that really the simple bottom line or is that just a way to avoid facing the issue. Sometimes, just going elsewhere isn't really an option.
7. The Internet has become a new method of social warfare for students. Bullies and cowards often use blogs to intimidate peers. This is a real problem and is very difficult to prevent or defend.
Whatever you decide, I do think it is extremely important to bring these issues up for discussion. I am not so much a blof fanatic as I am a fan of making sure there is always an outlet for expression, some level of checks and balances so the only ideas we are exposed to are not just those regulated by some authoritative body. There is always a chance that an incorrect or misguided concept may catch traction and cause issues. But that in itself is part of the game.
As they say in sports, you can look at the teams on paper but you still have to actually play all 9 innings to see what will happen.
http://www.app.com/apps/pbcs.dll/article?AID=/20051024/NEWS03/510240319/1007
1. Free speech in the constitution affects only federal law, so that argument in this situation doesn't work. But on the other hand, we tend to believe that liberty includes free speech, wether the law is made that way our not. Doesn't society have a say in how the constitution is actually practiced?
2. To what extent does any institution, be it school or employer, have the right to regulate the behaviour of its members outside working hours or off campus? Are any attempts really for the good of the people or just for itself?
3. Parents complain that schools don't do enough, but then when schools try to step up, parents often complain that their rights are being violated.
4. Is it easy to overreact in these situations leaving behind common sense? What if the school really is just trying to protect kids from dangerous situations by preventing them from sticking too much ID info into a such a public place. Kids will have lapses of bad judgement online and will often not listen to guidence. Removing their choices is sometimes necessary.
5. What if, as soon as we fall for number 4 above, this kind of reason gets abused and used as a smoke screen by organizations who really just want to squash criticism or regulate the expression of thoughts and ideas; because they obviously do know better than the rest of us about what is harmful.
6. Some would say "If you don't like the policy, go elsewhere" Is that really the simple bottom line or is that just a way to avoid facing the issue. Sometimes, just going elsewhere isn't really an option.
7. The Internet has become a new method of social warfare for students. Bullies and cowards often use blogs to intimidate peers. This is a real problem and is very difficult to prevent or defend.
Whatever you decide, I do think it is extremely important to bring these issues up for discussion. I am not so much a blof fanatic as I am a fan of making sure there is always an outlet for expression, some level of checks and balances so the only ideas we are exposed to are not just those regulated by some authoritative body. There is always a chance that an incorrect or misguided concept may catch traction and cause issues. But that in itself is part of the game.
As they say in sports, you can look at the teams on paper but you still have to actually play all 9 innings to see what will happen.
http://www.app.com/apps/pbcs.dll/article?AID=/20051024/NEWS03/510240319/1007
"Splogs" Spam invades blogging and ruins another good thing
Several of the major blog sites have had trouble recently with thousands and perhaps millions of messages being injected into the flow of their sites.
The easier the blog service is to use, the easier it becomes to create a script that automates the posting of advertising noise. New blogs that are nothing but lists of products and comments made to legit blogs are filling up search results and disrupting sensible communication.
The primary defense spammers use is "free speech". They remind me of the annoying coworker that insists on saying off the wall and often foolish things whenever a good conversation kicks up until people stop gathering in the break room to socialize.
"So Bob, what did you think about the debates last night?"
"Well, I thought....."
"Hey, I think the one guy on the left farted. Who is up for some Poker!!"
"No thanks, um er .... sigh, I'll see you later Bob"
The easier the blog service is to use, the easier it becomes to create a script that automates the posting of advertising noise. New blogs that are nothing but lists of products and comments made to legit blogs are filling up search results and disrupting sensible communication.
The primary defense spammers use is "free speech". They remind me of the annoying coworker that insists on saying off the wall and often foolish things whenever a good conversation kicks up until people stop gathering in the break room to socialize.
"So Bob, what did you think about the debates last night?"
"Well, I thought....."
"Hey, I think the one guy on the left farted. Who is up for some Poker!!"
"No thanks, um er .... sigh, I'll see you later Bob"
Rental Car GPS Leads to Nightmare Vacation
Perhaps the funniest part of this article is the presence of gooogle ads for GPS systems at the top of the page.
Nevertheless...
What happened to this couple would be frightening. I found myself one evening in the middle of one of the worst parts of the Oakland CA area. I was wearing a tie and wrestling with one of those folding maps while driving an obvious rental car. I was careful not to make eye contact with too many people there. But the fuuny thing is, I did not know the peril I was in until I noticed the look on the faces of some SF residents I was relaying the story to.
Moving on, one of the most misunderstood aspects of GPS is that the accuracy of your read-out has more to so with the accuracy of the underlying map than it has with the GPS system itself. So what strikes me about this article is that Avis must have accepted maps possibly without confirming their accuracy. I would imagine that Avis does not want to get into the business of cartography to make their own. It isn't easy, and its very expensive.
In our new world of businesses having to rely on the services of others in an interpretable supply chain network. Trusting one company means you are implicitly trusting their partners. For branding reasons, these partners are often not disclosed.
Here is the story.
http://www.aunty-spam.com/rental-car-gps-leads-to-nightmare-vacation/
Nevertheless...
What happened to this couple would be frightening. I found myself one evening in the middle of one of the worst parts of the Oakland CA area. I was wearing a tie and wrestling with one of those folding maps while driving an obvious rental car. I was careful not to make eye contact with too many people there. But the fuuny thing is, I did not know the peril I was in until I noticed the look on the faces of some SF residents I was relaying the story to.
Moving on, one of the most misunderstood aspects of GPS is that the accuracy of your read-out has more to so with the accuracy of the underlying map than it has with the GPS system itself. So what strikes me about this article is that Avis must have accepted maps possibly without confirming their accuracy. I would imagine that Avis does not want to get into the business of cartography to make their own. It isn't easy, and its very expensive.
In our new world of businesses having to rely on the services of others in an interpretable supply chain network. Trusting one company means you are implicitly trusting their partners. For branding reasons, these partners are often not disclosed.
Here is the story.
http://www.aunty-spam.com/rental-car-gps-leads-to-nightmare-vacation/
New Palm models leaked
..and in typical fashion, Palm ensures customers will not be fully satisfied by making several stupid decisions:
Even though the new TX model will include wifi, (finally for #@$! sake !) it will have a weaker processor than the previous T2 for no good reason. The new TX will also be priced the same as a lifedrive, which is also dumb, as it should be about $100 less.
addendum; No sooner did I make the comment about price, did I find a notice on the Palm site itself correcting other sources. It will be a bit cheaper than the Lifedrive !! The power of blogging, thank you I will take some credit.
Official Palm salespitch
Palm has an awesome OS, yet decided to run Windows mobile on the new Treo. This company could rule if they weren't such knuckleheads. Since I am a Palm user and fan, I am double frustrated. I would love to walk away but I can't, all I can do is criticize them and continue to try to avoid pocket PCs.
new Palm models; TX and z22 reviewed.
Even though the new TX model will include wifi, (finally for #@$! sake !) it will have a weaker processor than the previous T2 for no good reason. The new TX will also be priced the same as a lifedrive, which is also dumb, as it should be about $100 less.
addendum; No sooner did I make the comment about price, did I find a notice on the Palm site itself correcting other sources. It will be a bit cheaper than the Lifedrive !! The power of blogging, thank you I will take some credit.
Official Palm salespitch
Palm has an awesome OS, yet decided to run Windows mobile on the new Treo. This company could rule if they weren't such knuckleheads. Since I am a Palm user and fan, I am double frustrated. I would love to walk away but I can't, all I can do is criticize them and continue to try to avoid pocket PCs.
new Palm models; TX and z22 reviewed.
"Bloggers" may not be eligible for Shield Law protection
This is a blog. But I do not consider myself a "blogger" anymore than I consider myself to be any other direct category. It is a fun hobby, and at times I hope it is a service to my clients in that I can continue to communicate long after the close of the deal or the end of a class.
So I guess I would not call myself a journalist either. But I should unless I wish to be held accountable for slanderous statements such as "Microsoft, McDonalds and similar large corporations get away with unthinkable moral violations because not even God is as forgiving as the profit motive."
The good part is that as a "blogger" (if I were one) I am but one ant in an insignificant hill of milions of others mouthing off because the internet is anonymous and easy. And now the federal government is spending time and our tax dollars arguing over how to classify this method of sharing ideas.
Some blogs are very influential and have changed minds and in some cases the course of significant events. Each of those blogs began one day with a first reader, then grew from word of mouth by hitting the right nerve at the right time.
Maybe the problems suggested in the article referenced below are so difficult to solve because we need a completely new way to describe what is considered "delivering news". Instead of one talking head viewed by millions everynight on television, what is the impact of a dilluted stream of almost random data delivered through a global medium and left TRULY in the hands of the "marketplace"?
"Bloggers" may not be eligible for Shield Law protection
So I guess I would not call myself a journalist either. But I should unless I wish to be held accountable for slanderous statements such as "Microsoft, McDonalds and similar large corporations get away with unthinkable moral violations because not even God is as forgiving as the profit motive."
The good part is that as a "blogger" (if I were one) I am but one ant in an insignificant hill of milions of others mouthing off because the internet is anonymous and easy. And now the federal government is spending time and our tax dollars arguing over how to classify this method of sharing ideas.
Some blogs are very influential and have changed minds and in some cases the course of significant events. Each of those blogs began one day with a first reader, then grew from word of mouth by hitting the right nerve at the right time.
Maybe the problems suggested in the article referenced below are so difficult to solve because we need a completely new way to describe what is considered "delivering news". Instead of one talking head viewed by millions everynight on television, what is the impact of a dilluted stream of almost random data delivered through a global medium and left TRULY in the hands of the "marketplace"?
"Bloggers" may not be eligible for Shield Law protection
Remember "The Screen Savers" from TechTV?
The current form of the show is called "This Week In Tech" its participants, Leo Laporte, Kevin Rose, and the guy that used to wear the kilt, are referred to by the acronym "The Twits". This time the show is available as a podcast, something I haven't had any time for because I still watch the archaic television and listen to audiobooks. You can however download the episodes via bitTorrent, the method I recommend. Here is the link:
This Week in Tech
While you are at it, check out the kilt guy in his own downloadable show:
Digital Life
This Week in Tech
While you are at it, check out the kilt guy in his own downloadable show:
Digital Life
TCP/IP Enabled Speakers
I have a theory that once IPv6 is adopted globally everything, and I mean everything on the planet will have an address, and we may just eat up the trillions of possibilities in the new scheme. Some countries are already assigning IPv6 addresses to insects and windshield wipers. As long as we are still on IPv4 however, we are limited to things like refrigerators and loud speakers.
Actually this is a great idea. If they would include 802.11g wifi with the integrated amplifiers we would have a solution to the problems of where to hide the wires. But with high end performance loudspeakers like these, convenience isn't so much the motivation as better sound.
If you like music, I recommend the Alesis M1 Active Reference Monitors. For the money, about $350 for the pair, you get tight, punchy bass and crisp highs with the benefits of reference performance. For many, its hard to justify the expense of several grrr or more for audiophile speakers, particularly if your ears wouldn't know the difference anyway. The Alesis monitors are pure pleasure, and without having to stick a woofer on the floor that annoys your neighbors in the apartment below.
Network enabled speakers have great gadget value, so for fun checkout the Polk TCP/IP speakers, and then look into actually purchasing a pair of the "old-fashioned" Alesis monitors for your listening room.
Actually this is a great idea. If they would include 802.11g wifi with the integrated amplifiers we would have a solution to the problems of where to hide the wires. But with high end performance loudspeakers like these, convenience isn't so much the motivation as better sound.
If you like music, I recommend the Alesis M1 Active Reference Monitors. For the money, about $350 for the pair, you get tight, punchy bass and crisp highs with the benefits of reference performance. For many, its hard to justify the expense of several grrr or more for audiophile speakers, particularly if your ears wouldn't know the difference anyway. The Alesis monitors are pure pleasure, and without having to stick a woofer on the floor that annoys your neighbors in the apartment below.
Network enabled speakers have great gadget value, so for fun checkout the Polk TCP/IP speakers, and then look into actually purchasing a pair of the "old-fashioned" Alesis monitors for your listening room.
Newsgroup limits with Comcast
As I am a new customer with Comcast high speed, I am still learning the ins and outs of the service. In San Diego, I used Time Warner cable and I was very happy with them. They did not filter ports, they did not limit bandwidth, they did not back you into a corner to become a "home networking" customer, nor did they limit access to any of their services.
With Comcast there is a 2 gig limit/month on newsgroup access, which on a (as they describe it) 6M pipe one could expire on the first day of the month in a matter of minutes.
Turns out, they outsource to giganews, and this level of access is called the "bronze level". For a fee, one can upgrade to better services and more bandwidth. I am really not to suprised or upset by this actually. In fact I think its reasonable.
Usenet is not something everyone needs or uses. In fact I rarely run across a student that is active with it. This is a shame because usenet is an excellent resource, once you learn to work the culture and its quirks. It is however, very bandwidth intense and therefore expensive for an ISP to offer. By its uncensored and unbriddled nature, a provider is not supposed to make decisions about the content on usenet when it mirrors the groups.
So the question is this; If an ISP wanted to offer unlimited usenet for free yet reduce its cost, they would have to filter certain group hierarchies, or offer limited use that is good enough for most customers and charge a little for people who exceed typical access. From the business side, I have no issue with what Comcast has chosen to do by outsourcing and giving me the choice to upgrade.
.....but wait......what if this starts to creep into general internet use and not just services like usenet? I download huge amounts of Linux ISOs each month because I have never seen a live Linux distro I didn't want to try out. Limiting access to this kind of download defeats the purpose of one important facet of Open Source technology: Access to all, regardless of economic class or means. Which is as it should be in spite of M$ stand that such a thing is "Un-American". An ISP charging extra fo people to download "free" (is in speech) material is a dangerous idea.
This is one of those scarry times when the word "reasonable" plays an important role. In the meanwhile, we hope market forces keep everything in balance.
Below is a link to Giganews, and to an alternative that looks really cool too. If I try either, I will keep you posted on my experience.
Giganews Signup and Pricing
With Comcast there is a 2 gig limit/month on newsgroup access, which on a (as they describe it) 6M pipe one could expire on the first day of the month in a matter of minutes.
Turns out, they outsource to giganews, and this level of access is called the "bronze level". For a fee, one can upgrade to better services and more bandwidth. I am really not to suprised or upset by this actually. In fact I think its reasonable.
Usenet is not something everyone needs or uses. In fact I rarely run across a student that is active with it. This is a shame because usenet is an excellent resource, once you learn to work the culture and its quirks. It is however, very bandwidth intense and therefore expensive for an ISP to offer. By its uncensored and unbriddled nature, a provider is not supposed to make decisions about the content on usenet when it mirrors the groups.
So the question is this; If an ISP wanted to offer unlimited usenet for free yet reduce its cost, they would have to filter certain group hierarchies, or offer limited use that is good enough for most customers and charge a little for people who exceed typical access. From the business side, I have no issue with what Comcast has chosen to do by outsourcing and giving me the choice to upgrade.
.....but wait......what if this starts to creep into general internet use and not just services like usenet? I download huge amounts of Linux ISOs each month because I have never seen a live Linux distro I didn't want to try out. Limiting access to this kind of download defeats the purpose of one important facet of Open Source technology: Access to all, regardless of economic class or means. Which is as it should be in spite of M$ stand that such a thing is "Un-American". An ISP charging extra fo people to download "free" (is in speech) material is a dangerous idea.
This is one of those scarry times when the word "reasonable" plays an important role. In the meanwhile, we hope market forces keep everything in balance.
Below is a link to Giganews, and to an alternative that looks really cool too. If I try either, I will keep you posted on my experience.
Giganews Signup and Pricing
