» Wi-Fi hacking, with a handheld PDA - I hope that soon the WiFi hacking tools will be ported and running on the Maemo platform, so that you can get something like this for less than 3500 US$. I already have the hardware ...
sysadmin - 22.9.2006 - 8.2.2007
Linux-Vserver on Debian Testing (Etch), the easy way - almost too easy ...
Life Is Complicated - Tim Bray on the OOXML vs. ODF discussion regarding Wikipedia. And he draws a nice comparison to the XML Working Group and how Microsoft reacted to him: "Netscape hired me to represent their interests, and when I announced this, controversy ensued. Which is a nice way of saying that Microsoft went berserk; tried unsuccessfully to get me fired as co-editor, and then launched a vicious, deeply personal extended attack in which they tried to destroy my career and took lethal action against a small struggling company because my wife worked there.".
Regular Expression Matching Can Be Simple And Fast - why grep and awk match faster than Perl or Python.
The Text Editor sam - interesting historical document. Some ideas are still brilliant today - the integration of text commands and mouse operation is much better than in many other editors.
News -Anfängerfehler in Mac OS X - I think it's good that the Month-of-Apple-Bugs is running and Mac OS X is being looked at more closely. Because a company that develops its software outside of external control will always make mistakes like the one linked.
macfuse - FUSE for OS X. Useful - sshfs or gmailfs, anyone?
StudiVZ: "Gegendarstellung" per Defacement [Update] - cool action! Give the manager-babble and the Web 2.0 bubbles a good pinch.
Two programming positions for the "Bundestrojaner" - the absurdity continues. Our government couldn't care less about civil rights or the constitution. Long strides into the police state. 1984 is so yesterday.
GeeXboX uShare UPnP A/V Media Server HomePage - simple, small uPNP server for Linux. Could be interesting for me to access my collected MP3s at home via the Nokia tablet (I already have a firewall running, which can also be a media server).
chaostables - Ideas for firewalling - how to outsmart, block, and confuse various scanning methods. Perfect for long winter evenings at the firewall (cancelled due to global warming).
Ophcrack - Crack NTLM password hashes using rainbow tables. Comes with a ready-made Linux live CD including the software and the tables.
Pegasus fliegt nicht mehr - oops. Somehow a piece of history, Pegasus Mail. I still remember my wild hacks with the DOS version in Novell networks. Guerilla mail system at the company.
MySQL Quietly Drops Support for Most Linux Distributions - for example, Debian. Another reason why all the crybabies who always insisted on pointing out the lack of manufacturer support for PostgreSQL can now bite their asses. But of course, it fits that, among others, Suse - the Microsoft-infested Linux - is supported ...
Real-World Passwords - Bruce Schneier analyzes user data from a phishing attack and reports on password distributions, lengths, frequencies, etc. Very interesting, "password1" is the new "password".
Map of the Internet - interesting projection of IP address allocation onto a two-dimensional map.
Schäuble: Internet is "distance learning university and training camp" for terrorists - especially for state-sponsored terrorists and hate preachers, who then create viruses and trojans to spy on the hard drives of innocent citizens due to their own paranoia. What kind of banana republic do we actually live in ...
Crossroads - a TCP load balancer and failover proxy under GPL.
Swivel Aims To Become The Internet Archive For Data - how many people will upload company-internal or research-internal data without thinking about data protection? Nobody thinks about asking the people whose faces are on the picture if they should be published at least when it comes to videos and images ...
Database test: dual Intel Xeon 5160 (6/6) - could all MySQL advocates now please take a look at the graphics and finally shut up? MySQL is a hyped flash-in-the-pan with mediocre performance (which you have to buy with self-destructing indexes) and inadequate features. Period.
Sofanet starts neighborhood Wi-Fi - with this name, it won't work. Way too uncool.
Microsoft's Zune DRM cracked - cute. Just rename the files and Microsoft DRM on the Zune no longer works ...
3D-Atlas Gaia no longer available - one would actually expect Google to understand things like open protocols. But the Google cheerleaders will surely be able to justify why such actions by Google are completely correct, but by Microsoft are evil ...
Overzealous spam blacklist blocks Server4You addresses - SORBS again. Still incompetent, that place.
SAP Network use - Port numbers of the horror ERP system ...
Coccinella | Jabber client with integrated whiteboard - multiplatform, apparently in TCL (at least extendable in TCL).
Cracked it! - and what did they crack? The British RFID passport.
Stopping spam with the Anti-Spam-SMTP-Proxy (ASSP) - hmm. Transparent SMTP proxy. Unfortunately in Perl - my experiences in that direction were rather negative so far.
JumpBox - not such a bad idea: virtual machines with pre-installed software, not just for testing, but directly as a productive environment.
Ballmer Invites Patent Talks with Competing Linux Vendors - well, now it seems Microsoft is trying to crack the Linux market. They will look pretty stupid if they only reach the commercial distributions and the free distributions just give them the middle finger ...
With Microscope and Tweezers: Chronology - 18 years ago yesterday, the first Internet worm struck.
Alice and Bob - Eve is not the attacker.
Miss Congeniality - data mining at it's best.
Oracle Linux uncovered - shows how Oracle wants to attack market leader Red Hat: with Red Hat Linux, where all the red hats have simply been removed ...
Analysis of SpamThru - nice trojan that has everything modern software needs: antivirus protection (against the competition, of course), P2P protocol for communication (for redundancy when the control server changes), strong encryption (in its own communication), template-based spam (text and graphics) ...
Mac OS X "Leopard" with extended access control - MAC for Mac OS X. Nice.
Would you like fries with your spyware? - funny. Our most hated fry factory (hey, their working conditions are at UPS level and their customers - who go to the factory next door - are too stupid to pay attention to traffic lights) distributes SpyWare.
Vista Licenses Limit OS Transfers, Ban VM Use - Elsewhere in the license, Microsoft forbids users from installing Vista Home Basic and Vista Home Premium in a virtual machine. "You may not use the software installed on the licensed device within a virtual (or otherwise emulated) hardware system," the legal language reads. Vista Ultimate and Vista Business, however, can be installed within a VM.
World’s worst use of a jpeg - security by stupidity?
Power outage at Hetzner hosting took thousands of servers offline - ouch. Good thing my server is in one of the older data centers ...
Google code search - funny games with the code search.
Security vulnerability in Python 2.3 and above - definitely not just Ubuntu, but also Debian. Ubuntu is only linked because there is no security advisory from Debian yet. Is someone sleeping?
Novell will SCO an die Kriegskasse - and wants to relieve SCO of 25 million from license sales. Nice move by Novell ...
ATI-Graphics Chips Fold Proteins Faster - of course. Just a matter of time until the GPUs become more powerful than the CPUs.
Vmware how to - OSx86 - a guide on how to run Mac OS X under VMWare on a regular PC.
The GPL is not a compromise - a point that is missing in the current discussion about GPLv3: the GPL is a community license. It's not about the rights of the producer, the central core is the right of the user. The excitement of Linus and some others is therefore quite amusing: because Linus is a producer here. Producers have always been upset about the GPL. The question is: do users need protection against DRM? Yes, otherwise the GPL will only be waste paper in the DRM-infested future that threatens us.
SpamCop as incompetent as SORBS
In my popular series about idiotic blocklists, this time a particularly brilliant stupid idea from SpamCop.net. They now list a server if it routes emails to downstream systems and then routes error messages back out. Short, our company scenario: our customers are served via our central mail server, but usually have their own mail systems (Exchange or Linux systems). For this reason, we have to accept emails for some of the customers, regardless of what the local part is - we have no control over who is all configured in the Exchange. Furthermore, these systems are dynamically connected, which is why a live check is also out of the question. Of course, the mail systems generate bounces for these incorrect addresses - and of course, bounces also occur on virus spam. However, our customers have a legitimate interest in these bounces, as only then do their partners find out about typos in addresses.
Spamcop, on the other hand, now believes that bounces should not be forwarded, that one must absolutely check at the SMTP level at the very front. Or one must route bounces via a separate IP, which is then blocked by Spamcop, which would be no problem (huh? but the legitimate bounces do not reach the recipient if they are behind someone who uses this incompetently administered list).
Technically, this means that Spamcop arrogates to itself the decision that a mail server may not forward bounces if it has accepted a mail. According to Spamcop's opinion, bounces may only pass as a rejection at the SMTP level, the classic bounce mails are in their opinion a reason to enter someone in a blocklist. They even go so far as to say that any form of autoresponders is forbidden and leads to an entry in their blocklist.
A blocklist, by the way, whose alleged goal is to reject spam. Which is clearly refuted here once again - SpamCop has just as much of its own agenda as any other blocklist operator, and as usual (see SORBS with the entries as a hacked server, for example, if FTP is running on an unusual port) it shines through incompetence.
By the way, we have activated Sender-Verify on our mail servers, which means that only emails get through whose technical sender is certified as valid by their own MX. Therefore, we only bounce on addresses that are at least considered valid by their own MX. These are no "misdirected bounces" on invalid addresses, unless the MX of these addresses lies (then it is their own problem).
Mail operators who use such blocklists to reject mail server connections are acting irresponsibly. One of them is at Microsoft ...