tunneling over ICMP - I've only had DNS so far when I had a hotspot WLAN in front of me, but icmptunnel is also one of the nice tools to get on the network.
sysadmin - 23.7.2007 - 28.1.2008
Mac OS X and DTrace - the great dtrace (and some other debugging techniques) are explicitly prevented by Apple for e.g. iTunes. Probably to avoid getting to unencrypted DRM content. Nevertheless - how pathetic is that? Explicitly crippling system diagnostic tools?
German Bundestag advocates for regional top-level domains - yes, no, of course. Because something.bayern is so much easier than something.bayern.de - which has been possible for a long time but hasn't been done because all the states basically dropped the ball and some of the idiots sold their domain to some shops. Sorry, but all the whining about "we just want our own pathetic and completely useless top-level domain" is really getting on my nerves. The people from the very last row in the Bundestag can finally act like big politicians because there's nothing more important than the fox tail for the DSL modem ...
FireGPG - use GPG easily in Firefox ! - I don't know if I already had this, but still linking it here as a reminder for myself.
DreamHost Blog "Um, Whoops." - locked and fluffy blog posts don't come across so well when the "whoops" consists of accidentally charging 7.5 million US$ via credit cards and some of the customers are probably now struggling with overdrafts and the resulting problems ... Blöd 2.0?
At a Loss for Words - fascinating. Microsoft just removes support for old file formats from Office 2003 - with a service pack. Great idea. Have fun those who have archived their documents in Word or Excel format ... there are hardly better reasons to switch to open programs like OpenOffice, or?
Backscatterer.org, another antisocial and technically stupid blocklist - idiots at work. Once again, an antisocial and stupid wannabe expert tries to redefine the Internet according to his opinion. This time it's against sender callouts - a technique that helps quite well against spam because addresses can be checked for validity with it. And all with minimal effort for the mail servers - a small sequence of HELO, MAIL FROM and RCPT TO (which would come later in any case with every bounce) and then directly a QUIT - so no mail in the queue, but only a check based on SMTP. The argument that he has to deal with the verifiers in addition to the bounces is nonsense - because if the verify does not come, the bounces come from these failed mails, because not only the senders are in a much larger part garbage, also the recipients (of the mail traffic that we push, only the smallest part is actually valid in terms of emails). Turning off the verification only leads to a greater occurrence of bounces - and they are expensive, because they go into the mail queue, while the verifies do not go there. The argument about loops is also stupid - correct callbacks happen with an empty envelope-from, so the other server knows immediately that it does not need to perform verification (in principle, a bounce delivery is simulated, and loops are also prevented by the empty envelope-from). The purpose of the verification is to answer the question of whether you could send a bounce to the technical sender in case of doubt. If you can't do that, you can't accept a mail if you can't directly guarantee to check all the factors up front. This is a completely legitimate procedure and absolutely conformant with the RFCs. The operators of this list are only surpassed in stupidity by the mail administrators who enter such a list into their server as a blocklist. How stupid do you have to be for that? I know how stupid, because since today I know the first server that does this ...
Adobe products communicate via dubious web address - Adobe is just a pigsty. This already started with the forced registration of the Creative Suite.
GrabFS: The Screenshot File System - brilliant idea, simply a virtual file system for running applications and a file that represents the current window content. Copy the file and you have a snapshot. Ideal for scripted webcasts, for example.
Gmail Filesystem - since FUSE now also works with OSX, I should take a look at this again. 6 Gigabytes of external storage might not be such a bad idea after all.
Varnish - programmable reverse-Proxy for HTTP. Could be interesting for some projects - although I usually use Apache with ProxyPass to have a uniform layer (with optional caching) to the outside.
More on widgets: When one e-mail is enough to break a system. - JavaScript widgets (e.g. Mac Dashboard, or Google Desktop or Yahoo Widgets) have the same security issues as regular websites. And presumably, people pay even less attention to programming with widgets than with websites. We are probably heading towards a new wave of exploits ...
Samba Team Receives Microsoft Protocol Docs - well, it works.
Surfing for 61.98 euros per hour - ouch. What some people come up with to relieve others of their money is really awful.
Microsoft and OLPC - "Moreover, it is difficult for employees of commercial companies like Microsoft to gain direct access to the OLPC project, as most of the technology has been developed under open-source licenses." - what a load of bullshit. Typical Microsoft.
Moonlight/Silverlight Unfug - "Novell's intention is not to compete with Flash, we only want to support Silverlight with Moonlight so that Linux users do not become 'second-class citizens' if Microsoft's technology is successful," emphasized Icaza. - the blabbermouth should think about the fact that he is doing nothing more than holding the ladder for Microsoft. After all, it is not yet clear whether the MS stuff will even catch on. Wouldn't be the first technology that MS messed up (their PDF alternative has been an absolute blockbuster so far). Why open-source programmers should pant and copy MS stuff before it is even relevant - a real mystery to me. False prestige? Too thin air in Novell's development department?
Solar + Tiny PC + Linux = Sweeeet - Mini-PC with solar power. Cool.
IRSeeking trouble... - "If our happy little channel is having this much of a visceral reaction, I can't imagine what some of the other channels and servers are going to do when they find out... and honestly, I wouldn't want to be on the other end of whatever technical shitstorm IRSeek is getting itself into. I mean, pissing off millions of highly technical IRC geeks en-masse? They're nuts."
Network - xkcd is still by far the best webcomic.
Encrypted E-Mail Company Hushmail Spills to Feds - too bad, and this from a company that has awarded itself the corresponding advance laurels.
Encryption standard under backdoor suspicion - hmm. Would actually only be consistent if, in the current paranoia situation of intelligence agencies, the infiltration of algorithms from cryptography were addressed.
Dirvish - another disk image backup based on rsync and hardlinks.
Upside-Down-Ternet - cool. Split WLAN and send unauthorized users through a proxy that turns every image upside down. Awesome.
Zypries accuses critics of data retention of lacking expertise - reading such statements from the federal incompetence (some insist on calling her the Federal Minister of Justice) is quite amusing. If we talk about lack of expertise here, then this first and foremost applies to our politicians, who are completely ignorant of facts and realities. When she then makes such an accusation, among other things, to the Federal Data Protection Commissioner, it only becomes ridiculous.
Doing the Leopard Moan - I think I'll wait a bit with the update ... (until the manufacturers of the many little helper tools have converted the first quirks of the system and Apple's new ideas into usable tools that help you get over them). Am I actually a Mac heretic if I say that I would prefer to have this stupid Dock completely unplugged? I mean even the one from older versions, not just the one from Leopard.
TidBITS Macs & Mac OS X: Getting to Know Time Machine - sorry, but after all the features that Apple apparently left out of the release (AirPort Disc for backups, controlled archiving of old files, etc.), Time Machine sounds anything but impressive.
heise online -Softwarepatent-Gegner beklagen Deal der EU-Kommission mit Microsoft - "The Commission does not understand how Open Source works," Benjamin Henrion, the Brussels representative of the FFII, also shakes his head at the negotiated agreement. The authority has naively accepted the promises of the Redmonders that they will now abide by the rules. Meanwhile, Microsoft has been planning for years to control the Open Source economy through commercial property rights on computer programs. This plan has now advanced considerably. "Kroes has ensured that software patents of the EPA, which the EU rejected in 2005, now strengthen the monopolist's grip for years to come."
OOXML Payback Time as Global Standards Work in SC 34 "Grinds to a Halt" - hopefully ISO draws its conclusions from this and renovates its structure at that point. And kicks the buy votes out again.
Berlin court bans storing of personal data - ouch. On the one hand, of course commendable when the amount of data is reduced that is left behind everywhere. Detailed log files from web servers that in the standard settings of many installations sometimes run for a year or longer - that is already bad in terms of data protection. On the other hand, a flank for warnings will certainly be opened again: anyone who has their web statistics publicly accessible documents their IP address collection via log file. It will be interesting to see what comes out of it.
Slides with S5 - Cognitiones Publicae - that's really a nice little toy. S5 and Wiki integrated - and it looks like it's also quite good. Maybe I should set up a PHP environment (i.e. an isolated padded cell in the high-security wing) again.
Bounce ban for federal mail servers - what I think of the various anti-spam list operators is generally known if you've been reading along here. Why administrators still use these pathetic lists, even though it's clear that each of these lists will eventually become an absurd farce through silly power games, I'll probably never understand.
Buy two OLPC notebooks, donate one - hey, why should the second device go to a child of the buyer? If the buyer wants one for themselves?
IE pwns SecondLife - bah. I've always had something against fancy URL handlers that also inherit parameters from the calls. The problem is - why should an application trust a URL? If a call is made via a URL, the program should always classify this as untrusted and never initiate an activity that could potentially be dangerous without informing the user. The culprit here is -autologin in SecondLife - it shouldn't work in this situation at all. The browsers should of course also check the data (and Mozilla's reaction is correct, that Firefox was fixed accordingly when the problem also appeared there), but the real problem lies with the Second Life client.
Anonymity network Tor "phished" - Encryption and network security is still difficult to understand for many. TOR secures the transport within its own network against manipulation and spying. Not the protocols that are used.
Microsoft Allegedly Bullies and Bribes to Make Office an International Standard - about Microsoft's nice business practices.
Court Rules: Novell owns the UNIX and UnixWare copyrights! Novell has right to waive! - "That's Aaaaall, Folks! The court also ruled that "SCO is obligated to recognize Novell's waiver of SCO's claims against IBM and Sequent". That's the ball game. There are a couple of loose ends, but the big picture is, SCO lost. Oh, and it owes Novell a lot of money from the Microsoft and Sun licenses."
New FCC rules may impact Linux-based devices - the FCC thinks that Security-by-Obscurity is a great idea for radio technologies. And undermines both Open Source projects and the security of wireless solutions. Idiots.
m-e-c AS2 ::: Open source AS2 software - EDI transmitted over the Internet. RFC 4130.
Virtualization Rootkit Blue Pill available - here comes the fun.
Scan This Guy's E-Passport and Watch Your System Crash - e-Passport. A complete disaster.
Results of the largest "hacker" test for US voting machines are available - the politicians will surely argue everything nicely after corresponding payments from the industry ...
The undead don't live longer: No Amiga Center in Kent - Zombies of computer history.
WGET 1.10.2 for Windows (win32) - you always need this from time to time.
Antique engines inspire nano chip - nano-computer inspired by Babbage's Differential Engine.
The Real Problem With Alexa - taking a closer look at Alexa's number nonsense.
What Linspire Agreed To - "It's worse than Novell's, actually. It's worse than Tivo, in my book. I know some say that Tivo doesn't interfere with you modifying, as long as you give up using the modified software on Tivo hardware. To me, that is a penalty not contemplated by GPLv2, because if you buy a Tivo, it's because you wanted to use the software with the Tivo hardware, but with Linspire's agreement, you have to give up pretty much all your GPL freedoms, as far as I can make out, and more. And what do you get in return for giving up everything? True Type fonts, Windows Media 10, DVD playback, patent coverage..."