John's Tech Blog

Science Puts Enron E-Mail to Use: "Ryan Singel writes on Wired News: In March 2001, just a few months before Enron CEO Jeffrey Skilling resigned, an employee e-mailed him a joke about a policeman pulling over a speeding driver, whose wife subsequently rats him out to the cop for other offenses, including being drunk. Skilling and Enron chairman Ken Lay, whose federal trial on multiple felony fraud charges starts Monday, might not" [...]

Who's Reading your Mail?: "Since the dawn of the written word and throughout history, humans have been devising new and better ways to send messages to others who are far away. Ancient civilizations used couriers who traveled by foot or by horseback to deliver letters. The U.S. postal service was created in the early days of our country to transport our written communications. In the 1800s, those letters traveled by stagecoach, Pony Express, railroad and steamship.

In the early days, you had to take the letter to the post office to mail it and the recipient had to go to the post office to pick it up. Later (mid-1800s), the postal service delivered mail to residencies - first only in the cities, then to rural areas as motor vehicles became common. The twentieth century brought us air mail, as well as some innovative ideas that never quite panned out (such as the delivery of mail via guided missile, with which the Navy experimented in the 50s). (For more info on the history of U.S. Postal Service, click here.)

Today, there are many ways to get our messages through, whether we're sending them next door or all the way around the world. Many of us routinely circumvent the post office (and private delivery services) altogether by sending most of our written communications via email. It's a lot faster, a lot easier and a lot cheaper. What's not to like" [...]

Winamp 5.x Remote Code Execution via Playlists, (Mon, Jan 30th): "While we're ...(more)..."

Combine 3 Free Tools for a Complete Windows Registry Fix: "If your budget's already aching from the cost of Windows, you may be in no mood to shell out more for a registry cleaner. And maybe you shouldn't. Email Battles combined three free registry cleaning tools to get commercial quality results without the additional overhead."

Target Branches Out Into Police Work: "Sarah Bridges writes in The Washington Post: When arson investigators in Houston needed help restoring a damaged surveillance tape to identify suspects in a fatal fire, they turned first to local experts and then to NASA. With no luck there, investigators appealed to the owner of one of the most advanced crime labs in the country: Target Corp. Target experts fixed the tape and Houston"

NASA has released a huge number of high-resolution pictures of our planet earth at http://visibleearth.nasa.gov, which are, of course, free from copyright restriction of any kind, NASA being a government agency. Want a photo of our big blue marble planet? Check. Want to download infrared (IR) imagery of various parts of the earth? Check. Want to look at foliage, sea levels, or some other geological feature? Check.

Faulty Microsoft Driver Saps Intel Core Duo power: "Critical_ writes 'Tom's Hardware recently discovered a bug in Microsoft's ACPI driver implementation under Windows XP SP2 that causes a loss of more than one hour of battery time when connecting any USB 2.0 device to an Intel Core Duo based system. Apparently Microsoft, Intel and ODMs have known of this problem under a confidentiality agreement since July 12, 2005 via (a still private) Knowledge Base article KB899179. The bug lies in the asynchronous scheduler component inadvertently being left running causing Windows' internal task scheduler (ITS) to treat it as a running process involving the attached device. This in turn prevents the ITS from powering down the processor into one of the ACPI sleep states causing the system to use more battery power. At this time there seems to be no fix. Strangely, single-core systems and AMD systems are not affected. This leads one to wonder if it is truely a software problem or if there a much larger hardware problem that may affect Core Duo equipped Apple systems.'"

University of Texas Gets IBM 'Champion' Supercomputer: " Via The Austin Business Journal .

The Texas Advanced Computing Center at the University of Texas is the new owner of an IBM Corp. supercomputer able to handle 730 billion calculations per second.

The machine will be the most powerful computer of its type in Texas. The center has named it 'Champion' in honor of UT's recent national championship titles in football and baseball."

Samba 4 Technology Preview Released: "daria42 writes 'Samba creator Andrew Tridgell has officially released a technology preview of Samba 4 at the Linux.conf.au conference in New Zealand, ending a three-year wait for users. But wait before upgrading those servers. 'It may eat your cat,' says the Samba team in a statement, 'but is far more likely to choose to munch on your password database.'' From the article: ''Samba 4 supports the server-side of the Active Directory logon environment used by Windows 2000 and later, so we can do full domain join and domain logon operations with these clients,' the group said in a statement on its Web site, noting this feature was 'the main emphasis' for the new software.'"

Give yourself a URI: "Do you have a URI for yourself? If you are reading this blog and you have the ability to publish stuff on the web, then you can make a FOAF page, and you can give yourself a URI.

A lot of people have published data about themselves without using a URI for themselves. This means I can't refer to them in other data. So please take a minute to give yourself a URI. If you have a FOAF page, you may just have to add rdf:about='' and voila you have a URI http://example.com/Alan/foaf.rdf#ABC. (I suggest you use your initials for the last bit). Check it works in the Tabulator.

The URI will start with 'http' (so I can look it up using HTTP) and it will have # in it, so the URI of your foaf file is different from the URI for you.

Me, I make my foaf file in N3 and convert it to the foaf file in RDF. that's my choice.

The AWWW says that everything of importance deserves a URI. Go ahead and give yourself a URI. You deserve it!"

34 Design Flaws in 20 Days of Intel Core DuoPray_4_Mojo writes "Geek.com is reporting that Intel's errata (bug)documentation shows that the Intel Core Duo chip has 34 known issues found in the 20 days since the launch of the iMac Core Duo. (you canread the list) with only plans to fix one of them. While bugs in hardware is nothing new (the P4 has 64 known issues, at this timeIntel does not plan to fix a single one) this marks one of the first times that Intel released a processor with known bugs, and some of thebugs are of higher severity than in the past. Also alarming is the rate the flaws have been found, at one and half per day since thelaunch of the iMac Core Duo."...

How do developers use HTML?: "As part of our work with the WHAT working group, who are writing proposals for a new version of HTML, we have done some research into what aspects of HTML authors are using today. We took a sample of slightly over a billion documents, and looked at what elements were used on the most pages, what class names were used on the most pages, and so forth. The results are quite interesting! "

Google helps to fund an antispyware site: "According to an article by Ryan Naraine in eWeek, “Web search powerhouse Google has joined with Sun Microsystems to fund a new anti-spyware coalition that is on tap to launch on Jan. 24…”. It will be operated by the Berkman Center at Harvard and the Oxford Internet Institute at Oxford University.

Apparently, the site is going to be an information clearinghouse and help center for consumers. In an article in the Christian Science Monitor, the group’s co-director was quoted as saying “the coalition will act like a 'neighborhood watch' for the Internet, relying on citizens to report problems.”

The new site, “StopBadware.org” will be up tomorrow. The domain is owned by Google.

Very surprisingly, Harvard Ph.D candidate and antispyware superstar Ben Edelman is unfortunately not involved.

So when I wake up, it’s the first thing I’m going to check…

Alex Eckelberry"

California Man Pleads Guilty to Felony Hacking: "An AP newswire article by Dan Goodin, via Yahoo! News, reports that:

A 20-year-old man pleaded guilty Monday to surreptitiously seizing control of hundreds of thousands of Internet-connected computers and renting the zombie network to people who mounted attacks on Web sites, served up pop-up ads and sent out spam.

Jeanson James Ancheta, of Downey, Calif., pleaded guilty in U.S. District Court in Los Angeles to four felony charges for crimes, including infecting machines at two U.S. military sites, that earned him more than $61,000, Assistant U.S. Attorney James Aquilina said.

Under a plea agreement, which still must be approved by a judge, Ancheta will receive from 4 years to 6 years in prison, forfeit a 1993 BMW and more than $58,000 in profit and pay $19,000 in restitution to the federal government to compensate for infecting the military computers, according to documents filed in the case.

He is scheduled to be sentenced May 1."

Feebs: perfect (anti)social engineering?: "We saw first versions of Feebs worm couple of weeks ago. Feebs spreads itself in HTA (HTML application) scripts which it re-generates every time it sends them out. The actual script contains the worm binary file, or in some cases it can download the worm from other locations. This way Feebs can send highly variable HTA scripts that possibly download new Feeb variants from the web. While this is quite rare approach for a mass-mailing worm, in addition to its built-in SMTP engine, Feebs has another quite unusual e-mail spreading technique in its sleeve.

While we were checking the rootkit features of Feebs (yes, among other things, Feebs can also hide itself using rootkit techniques), we saw a weird hook in Windows socket library.

When application in infected system sends data to network, Feebs makes some extra checks. If it detects traffic to port 25 (SMTP default port) which looks like e-mail with a MIME attachment, it generates the HTA script and injects it in the e-mail as an extra attachment! This is not very efficient spreading mechanism measured in volume, but in some cases it might produce quite legitimate looking e-mails. Feebs doesn't have to use social engineering in messages, it just sits in memory, waits for the user to send messages and silently inserts itself in them.

First Draft of GPL Version 3 Released: "njan writes 'The first draft of version three of the GNU General Public License was released to the public this afternoon. Major improvements touted in version three include changes designed to mitigate the damage posed by new threats to free software such as software patents. One individual stated about the release: 'It is changes in law, not computer technology, that pose the principal challenges to the free software community. Chief among these changes has been the unwise and ill-considered application of patent law to software. Software patents threaten every free software project, just as they threaten proprietary software and custom software. Any program can be destroyed or crippled by a software patent belonging to someone who has no other connection to the program.''"