The Shoes of the Fisherman's Wife Are Some Jive-Ass Slippers

Thu, 30 Oct 2003

Subversion tips

Checking out a repository:

svn co svn+ssh://ozlabs.org/home/mbp/svn/ipmimsg/trunk

svn propedit svn:ignore .

Thu, 23 Oct 2003

There are 6 critical updates for you to install

"A security issue has been identified that could allow an attacker to remotely compromise a computer running Microsoft® Windows® and gain complete control over it" is a registered trademark of Microsoft. posted at: 10:10 | path: /rants/microsoft | permanent link to this entry

Tue, 21 Oct 2003

Spam me plenty (update)

I tried another mailing list (the ethereal developers list) and a posting under a previously unused email address resulted in viruses delivered to that address. Unlike the Samba users' list, the first virus didn't arrive until a couple of days later. posted at: 13:04 | path: /internet/spam | permanent link to this entry

Mon, 20 Oct 2003

Crabapple

We have been doing some landscaping to our front garden over the last couple of weeks. The grandson of the last owners came around to collect a crabapple tree we saved. It was a gift to the grandparents when the grandson was little. He is going to replant it on his property in Murrambateman. I hope it survives. posted at: 11:04 | path: /garden | permanent link to this entry

Wed, 15 Oct 2003

Spam me plenty (update)

Another handful of virus laden emails have arrived at my honeypot address including this one:

Oct 15 06:32:45 dp postfix/cleanup[24928]: 915AB2C05F: discard: header
Content-type: application/x-msdownload; name=Q878311.exe from
mta08bw.bigpond.com[144.135.24.137];
from=<rosebery@XXXXXXXX.com.au> to=<asmithee@samba.org>
proto=ESMTP helo=<mta08bw.bigpond.com>

Spam me plenty

Recently a number of patrons of the Samba mailing list have been complaining that they have signed up and shortly afterwards been inundated with virus emails. It turns out that the person in question has actually posted to the list as well. Various stupid theories on why this is happening and how it is all the fault of the Samba Team have been proposed (including one threat of "we should be able to sue you for this").

While I now ignore the clueless rants of whingers who don't understand how mail works, this problem intruiges me. What seems to be happening is someone makes a post to the mailing list using a valid email address. The fraction of the membership of the mailing list that is currently infected with the latest Microsoft virus of the month receives the email and starts propagating itself to this new address.

Martin pointed out that this sort of email is much worse than spam. In general spammers aren't interested in sending you too many copies of advertisements for penis enlargement pills. I only receive a handful of duplicate spams, most of which have been sent to different addresses which are delivered to the same inbox. The current crop of viruses don't seem to have any self limiting property that prevents multiple emails being sent to the same address.

As an experiment, I made a post using a new email address to the Samba list. I will keep track of all replies to this address and see if there is one or many list subscribers that are sending virus emails to list posters. It may be possible to determine whether this is malicious or accidental.

As I have been writing this entry, there have already been three hits on the email address since the posting about 15 minutes ago:

Oct 15 03:32:18 2003 (25821) post to samba from asmithee@samba.org, size=2214,
message-id=<20031015032935.GA25510@proforma>, success

Oct 15 03:31:31 dp postfix/smtpd[3279]: B8F7A2C2C4: reject: RCPT from
mx10.kentrox.com[192.228.33.31]: 550 <asmithee@samba.org>: User unknown in
local recipient table; from=<XXXXXXXX@kentrox.com>
to=<asmithee@samba.org> proto=ESMTP helo=<mx10.kentrox.com>

Oct 15 03:45:38 dp postfix/cleanup[4584]: 51D5B2C07F: discard: header
Content-Type: application/x-msdownload; name="Install9.exe" from
smtp01.syd.iprimus.net.au[210.50.30.52]; from=<cwkd@iprimus.com.au>
to=<asmithee@samba.org> proto=ESMTP helo=<smtp01.syd.iprimus.net.au>

Oct 15 03:53:01 dp postfix/cleanup[5577]: 3E6272C018: reject: body <iframe
src=3D"cid:brrygfk" height=3D0 width=3D0></iframe> from
smtp02.syd.iprimus.net.au[210.50.76.52]; from=<cwkd@iprimus.com.au>
to=<asmithee@samba.org> proto=ESMTP
helo=<smtp02.syd.iprimus.net.au>: Message content rejected

Thu, 09 Oct 2003

Mailer Daemon Bounce du Jour

To: admin@samba.org
From: wrong_address@entran.com
Subject: YOUR EMAIL WAS REJECTED!

IMPORTANT NOTICE!!!  Your email to Entran was not received - the email 
address used is incorrect, please check it carefully.

Wed, 08 Oct 2003

Get out of your parent's basement!

From the Guardian Unlimited:

Aaron Caffrey, 19, is alleged to have brought computer systems to a halt at the Port of Houston, in Texas, from his bedroom in Shaftesbury, Dorset, in what police believe to be the first electronic attack to disable a critical part of a country's infrastructure.

Caffrey was arrested in January last year and told police he had used the nickname Aaron X. He denied targeting the port's system but admitted to knowing what a "denial of service" attack was and that they were "easy to perform".

Mon, 06 Oct 2003

Backups

The power went out just now followed half a second later by a huge clap of thunder. Obviously something was hit by lightening. Using the light from the laptop screen (heh) I fumbled around to find the box of candles and emergency stuff from under the bed only to find there was nothing to place the candles on! There's nothing like actually testing your emergency procedures to see whether they actually work. I'm surviving by reading cached pages in Mozilla by candlelight.

Fri, 03 Oct 2003

"Blame India for that jobless recovery"

From The Sydney Morning Herald:

...

The other side of this coin is the western corporate focus on headcount as a management tool. It's not just that companies contain costs through blunt headcount restrictions - although that's a big part of it. It is also the use of headcount to allocate overheads through the group.

I spoke to two Australian investment bankers this week - heads of Australian branches of big Wall Street firms - who are being driven mad by overhead allocation. Every time they hire someone, the person's salary is loaded up with a corporate head office allocation - including the cost of the corporate jets parked at La Guardia - which is often greater than the salary.

What's more, when you are at the end of the food chain - like Australia, say, or Des Moines, Iowa - you end up copping a disproportionate share of the head office overheads because those above you have kept their share to a minimum before passing the parcel.

Surely large and inappropriate on-costs aren't being used as an excuse to "offshore" (aargh - another perfectly good adjective converted to a verb) workers to countries with cheaper labour costs? It must cost a lot of money to run those Gulfstreams though.

The title of the article is a bit emotive though. How about "Blame inefficient accounting for that jobless recovery"? I don't think that would sell many newspapers though.

Another C/R Asshole

C/R: Fighting spam by creating more of it. I love the complaint of how he is receiving automated junk-emails in his automated junk email. You would also think that since he is paying money for this service (the address was one from Spamarrest) that they would not send out challenges to mailer daemon addresses.

From: Jonathan
To: mailer-daemon@samba.org
Subject: RE: Undelivered Mail Returned to Sender (verification)

Thanks for sending me an e-mail. I have to ask you to verify that
you're a real person, as I was getting 400+ automated junk e-mails a
day.  Do this once, and you'll get put on my real person list, and
your mail will come directly to me, without 399 pieces of junk around
it. Thanks for doing this.

     --Jonathan

Thu, 02 Oct 2003

Bye-bye Emusic

For the last 18 months I have been a happy subscriber to Emusic. It's a neat little operation where you pay a small monthly fee (less than the cost of one CD) and can download mp3's from large range of recording labels. The files you can download are not Top 40 or latest release stuff, but rather old back catalogs of less popular artists, 60's jazz, blues, weird electronica and much more.

About 3 months ago Emusic decided to change the method of downloading tunes to require a proprietary binary-only download manager. Previously, downloads occured either directly through the browser, or by using Zinf. As you can probably predict, the Linux version of the download manager was a complete disaster. Apart from the many cosmetic bugs, it had the annoying tendency to segfault whenever the C library was upgraded. The solution was to download an old version of glibc and use $LD_PRELOAD - not really something your average Linux user is expected to be able to do.

After a couple of months of procrastination and waiting to see if the bugs would be fixed, I contacted customer service. The helpdesk offered to release me from my contact and wouldn't be drawn into a discussion of the technical issues or provide any information on the status of the Linux download manager whatsoever. Basically, I was told if I didn't like it I could go away. )-: So I did.

I'm pretty sure all the things they want to do such as limiting the number of concurrent connections, the number of consecutive downloads, watermarking (what is that random junk that mpg123 complains about seeing at the start of the mp3 files?) can be done server-side. There's no apparent technical reason why this should require a proprietary piece of software running on the client. posted at: 14:58 | path: /internet | permanent link to this entry