2003-08-28 · 06:16

SPEWS/Osirusoft RBL goes away

According to this Slashdot article, the SPEWS real-time block list is no longer operational. A comment-free version of the same basic story is here. The article points to a lot of discussion on news.admin.net-abuse.email, too, which amkes for interesting reading. Osirusoft shut down SPEWS after being the target of an ongoing distributed-denial-of-service (DDos) attack. The manner in which it was shut down caused lots of bounces (including for my friend Bob Thompson and Kent State University, among others). The problem is that when Joe Jared, Osirusoft operator, shut down his service, he did so by telling the server to blacklist every IP address. Sites that rely solely on SPEWS thus dropped all their incoming mail on the floor.
What does this mean to you, the Exchange administrator? As Andy Lester points out, outsourcing your spam protection completely to a third party puts your mail service at the mercy of that third party. Exchange 2003 includes RBL support, and it’s a useful adjunct to heuristic or keyword-based filters. However, RBLs themselves don’t provide a complete solution, and you should choose your RBL provider carefully to make sure that a) they provide support for their service and b) they have the resources to stick out this kind of attack.

Comments Off on SPEWS/Osirusoft RBL goes away

Filed under General Stuff, Musings

2003-08-26 · 16:34

Adios, Tablet PC

On Saturday, I took my Acer C102 Tablet PC back whence it came. I bought it in late July, so it had almost a month (including two trips to Redmond and one to Salt Lake) to win me over. The bottom line is that it’s not enough of a laptop for my needs. When in Redmond, I made a point to take it with me to every meeting I attended– but I never used it! The relatively slow CPU and limited RAM had a lot to do with it, too, as did the fact that I can type way faster (and more legibly; just ask my high school English teachers) than I can write. I still think the Tablet PC form factor has a lot of potential, especially as more customized applications like Classroom Presenter and TabletPlanner come out, and I would have liked to try using the Tablet as a presentation machine. However, all was not lost; my spiffy new ThinkPad T40 is almost as thin as the C102, and it’s hella fast, with great battery life and 1GB (expandable to 2GB) of RAM. I guess I’ll keep tabs on the Tablet world and see how it’s doing next summer; by then, there should be machines with better screen resolution and more CPU horsepower.

Comments Off on Adios, Tablet PC

Filed under General Tech Stuff

2003-08-25 · 10:10

Several more cards

Wow, my wife’s creativity is endless! I can’t believe no one is posting comments. I guess my techno-nerd stylings have scared away all readers with a taste for rubber stamps and crafty scrapbook stuff. (Hey, maybe if I write “Stampin’ Up!” ten or so times this page will rise to the top of Google’s search. Worth a try, eh? Stampin’ Up !Stampin’ Up! Stampin’ Up! Stampin’ Up! Stampin’ Up! Stampin’ Up!) Note: the cards themselves are here now.

Comments Off on Several more cards

Filed under Friends & Family

2003-08-24 · 18:44

Be careful what you ask for

Famous last words: “I want one just like that.” We’re hiring someone new, so I decided to order a new T40 and give my not-so-old T30 to the new guy. This is a time-honored tradition, since John did it with his T30. I asked Peter to order me one just like John’s, never dreaming that it meant “no wireless”. Of course, John a) doesn’t travel much b) doesn’t have a WLAN at home, and c) doesn’t have a WLAN at work. Of course he didn’t order a machine with built-in wireless. I, on the other hand, use it heavily, so now I am facing a dilemma:

  • Violate my warranty and slap in an IBM wireless card, which means I could run 802.11a/b (there’s an a/b/g card on their website, but I can’t find it for sale separately)
  • Void the warranty and install my own card
  • Try to get CDW to help me out in some way
  • Suck it up and use my old Cisco PC Card adapter.

In the meantime, a word of advice: spec your own darn notebook. Update: Turns out that IBM sells a combo a/b/g card (part #31P9701 or 91P7301, depending on who you ask) so all I need to do is snag one of those somehow.

Comments Off on Be careful what you ask for

Filed under General Tech Stuff

2003-08-22 · 17:43

Need a TiVo? Get one for $90

Everyone should heed High Priestess Julie: get a TiVo. Now, for a pittance, you too can join the TiVolution. (Personal to John: this has your name written all over it.)

1 Comment

Filed under HDTV and Home Theater

2003-08-22 · 17:31

More cards

And another one… actually, it’s now in the gallery.

Comments Off on More cards

Filed under Friends & Family

2003-08-22 · 00:23

Rock the Boat Audio

Dad’s boat had a radio; I say “had” because someone stole it over the winter, while the boat was in dry storage. This is a little surprising for two reasons: it wasn’t a very good radio, and the thief didn’t take the sleeve that it fits into. For Dad’s birthday, I wanted to get him a replacement, so I went shopping from the comfort of my recliner. First stop was West Marine, where I found a tiny assortment of overpriced, junky-looking radio. Next, I plugged “marine radio” into Google and found Rock the Boat. THis is what I love about the Internet– a niche-focused retailer that concentrates only on one small area and does it really well. They had the radio I wanted, so I ordered it. When I arrived, I found that it was black, despite the website picture that showed a white radio (which was what I wanted, as the boat’s dash is a dazzlingly white expanse of fiberglass). I mailed the Rock the Boat folks, and they quickly dispatched UPS to pick up the black unit while simultaneously sending out the correct unit. It arrived in plenty of time for Dad’s birthday, and they could not have been more friendly or courteous. I would be very happy to do business with them again (as long as it’s not the result of someone stealing this radio…)

Comments Off on Rock the Boat Audio

Filed under Reviews

2003-08-21 · 13:39

The other big security story

I figure everyone is sick of hearing about Blaster by now. (Quick recap: 1. Apply patches. 2. Install a firewall. 3. Use up-to-date AV software). There’s another, lesser-known story out there that I think is pretty interesting: the master FTP server for GNU was compromised, and now they’re scrambling to assess the damage and repair it. It’s hard to discuss this without sounding like a fear monger, but I’ll try to explain why this is so important.
ftp.gnu.org, the machine that was compromised, is the official central repository for all FSF software. All of the other FSF distribution points (and there are many) mirror its contents. – usually automatically. If you’ve added an FSF package to your system any time in the last 6 months, chances are that it came from ftp.gnu.org or one of its mirrors. Of course, if you’ve built any Linux distro in the last 6 months, odds are that you used multiple packages from ftp.gnu.org. Heck, the gcc compiler, which all free Linux software is built with, is officially distributed from ftp.gnu.org, so one might argue all software compiled with a compiler in the last 6 months is potentially impacted. (i.e. someone put a trojan in the compiler sources, placed those sources on ftp.gnu.org. Now anyone that builds that compiler has a trojaned compiler, one which outputs only trojaned binaries).
To recap: any FSF package downloaded from any FSF mirror might have been compromised. The FSF hasn’t been cryptographically signing their packages (like Windows Update does) so there’s no way to directly verify their integrity other than taking MD5 hashes, but that in turn depends on finding an “original” version of each pacakge and recomputing the hashes. They’re going to start signing their packages, as explained here, but… well, horse, barn door, shut.
If this same compromise had happened to Microsoft, you can imagine the press firestorm that would have followed. The press reporting on this has been pretty mild; no one seems to think it’s exceptional that an important machine, presumably run by competent admins, was compromised and that no one noticed for four months.
Interestingly, the FSF says that they believe that everything on ftp.gnu.org currently is safe, but they haven’t said anything about any piece of software any time in the last 6 months. Their action thus far has been to wipe everything off of ftp.gnu.org and replace stuff that they feel confident hasn’t been tampered with. This is the right thing to do from a security standpoint, but it doesn’t inspire a lot of confidence in the security of the packages on their server and mirrors.

Comments Off on The other big security story

Filed under General Stuff

2003-08-19 · 18:37

As the world turns, airport-lounge style

I’m in the south terminal WorldClub at the Detroit airport. Behind me are two overstressed business travelers. One is arguing with her daughter, who has apparently invited some hussy named Dorothy to sleep over while Mom’s out of town. Mom’s take seems to be that Dorothy should be at her ill father’s hospital bedside, but in any event no one is welcome to sleep over while she’s out of town (and she’s home a lot). Competing with her is a middle-aged man who had a short, angry conversation with what I assume was his wife, muttered (rather loudly, actually) “I need a beer”, and returned to pick up the conversation anew. Someone in his family is ill too, and claims to want to die, but won’t, or isn’t, or something. All I can tell is that he’s very angry about the whole situation. I would move, but then I’d have to give up my chair and, much more importantly, my power outlet. Nothing doing. At least I can drown my angst with some excellent Vermont sharp cheddar, which NWA has thoughtfully provided for those of us who would rather graze than eat aboard their flying spam cans shiny 757s.

Comments Off on As the world turns, airport-lounge style

Filed under Travel

2003-08-19 · 13:59

This time it’s scrapbooking

Another note to Pauline: a) please get a faster Internet connection. b) Here’s a scrapbook page for your consideration… actually, it’s in the gallery now.

Comments Off on This time it’s scrapbooking

Filed under Friends & Family

2003-08-19 · 06:13

Very cool Tablet PC application

Scoble pointed out this very cool new Tablet PC application: Classroom Presenter. It’s like Powerpoint, at least superficially, but it can operate in a mode where the instructor can step through the slides while attendees, or students, or whatever-you-want-to-call-’em can see the same slides on their laptops or palmtops. This is a terrific solution for large conferences or presentations in the tech industry. For example, at MGB about 15% of the attendees to our class were not native English speakers, and many of them were frustrated by the pace of slide advances. We gave them printed copies of the slides, but that wouldn’t be feasible at someplace like TechEd. The downside is that the clients have to run a separate application (although it supports Tablet PC ink, too). I may give this a try here at el rancho and see whether it’s worth using in the kinds of environments I teach in.

Comments Off on Very cool Tablet PC application

Filed under General Tech Stuff

2003-08-18 · 09:58

Four stamping projects

Personal to Pauline: here are the pictures you wanted to see: one, two, three, and four.
UPDATE: make that five projects, as you can plainly see.

Comments Off on Four stamping projects

Filed under Friends & Family

2003-08-17 · 21:29

Proudly Serving My Corporate Masters (Barr)

Proudly Serving My Corporate Masters is subtitled “What I Learned in Ten Years As a Microsoft Programmer”. If only that were true! Instead, we get about 145 pages of what it’s like to work on MS software projects, followed by another 100+ pages of apologia for various Microsoft-related issues, including out-of-date explanations of the MS antitrust trial and other competitive issues (see for yourself at the author’s site). I really wanted to like Barr’s book, and parts of it (like the list of ancient dialects of BASIC– I remember most of those, dang it!) brought back happy memories of my own time in the early PC world. Ultimately, though, the book doesn’t live up to its billing; Barr spends almost no time talking about the actual experience of being a developer at MS (except to rant about the breaking-the-build process), which is why I wanted to read the book in the first place.
Some good did come of it: I found the Old Computer Museum and went on a nostalgia tear. Final score: not recommended, unless you can find it in a library.

Comments Off on Proudly Serving My Corporate Masters (Barr)

Filed under Reviews

2003-08-17 · 21:17

A Soldier’s Duty (Ricks)

Thomas Ricks wrote one of my favorite-ever books, an account of Marine Corps recruit training titled Making the Corps. When I learned that he’d written a novel, A Soldier’s Duty, I was excited to read it; now that I’ve read it, I think my excitement was mostly justified. Ricks’ book delves into a knotty question, shining a sly, knowing light on the modern military as he does so.
The two primary characters are both Army majors, Buddy Lewis and Cindy Sherman. Each is an aide to a four-star Army general, but the two generals (Shillingsworth, somewhat of a plodder and the Army Chief of Staff, and Ames, a conniving, charismatic, and amoral rival) have very, very different views on the necessity of following the orders of their political leadership. After a debacle in which US troops needlessly die on a pointless mission, the stage is set for the central plot to unfold. Ames directs the actions of a shadowy group known as the Sons of Liberty; their actions skate right along the border between free speech (protected) and violating military orders (illegal)… until they cross that line.
The key to this book for me was that Ames’ portrayal was semi-sympathetic. He doesn’t want to be the President, but he feels an obligation to ensure that the political leadership is not wasting the lives of US troops. I find this attitude to be exactly what one would expect in a senior military leader, but it is unfortunately absent in some notable cases (where is William Westmoreland when you need him? Oh, that’s right; he’s in Hell.) On the other hand, military officers take an oath to uphold the Constitution, and that’s the pivotal question here: do members of the military lose their right to political dissent? What separates legal dissent from illegal failure to obey orders, and what obligation do military members have to follow orders that are not clearly illegal but nonetheless immoral? It’s a thought-provoking question; it doesn’t have an easy answer, and Ricks doesn’t pretend so. There are certainly signs of this being a freshman novel, but they’re relatively minor. Recommended.

Comments Off on A Soldier’s Duty (Ricks)

Filed under Reviews

2003-08-15 · 19:54

Thomas, diplomat

Tonight we had my brother Tim and two of my aunts from South Louisiana, Norma and Debby. Thomas has been on an age kick lately and frequently asks people how old they are. Transcript:

Thomas: Who’s the oldest at the table?
Norma: I am, and I’m not afraid to admit it.
Thomas: But Aunt Debby has many more wrinkles. She must be older.

Comments Off on Thomas, diplomat

Filed under Friends & Family