Tuesday, August 12, 2003


Ah, how I love that Microsoft sells such quality software. Around three weeks ago security researchers discovered a problem with the way Windows 2000 and Windows XP handle RPC (Remote Procedure Calls). Today the first virus to exploit this problem started to spread. You
can read about it at a number of places:

Information Week - Newly Discovered Worm Attacks Vulnerable Systems
BBC News - Worm Blasts Across the Web
The Register - Blaster Worm Spreading Rapidly
Security Focus - RPC DCOM Worm Hits the Net
Also useful is Black Viper's Blaster FAQ.

Cnet even has an analysis of the worm's structure: 'MSBlast' worm a piecemeal monster.

People are even starting to throw blame around: Worm Exploits Weak Link: PC Users (Of course they're going to blame the users, if they blamed the programmers, they might have to admit that programmers make mistakes).

Researchers found that the MSBlast.exe program contains the following text: billy gates why do you make this possible? Stop making money and fix your software!!.

Monday, August 11, 2003

Spam Filtering

Paul Graham, for those of you who don't know, was the gentleman who first proposed the Baysean spam filter in his article, A Plan for Spam.

He has recently written a new paper, Filters that Fight Back. He proposes in this paper that the next generation of spam filters should, on detecting a spam, follow the links in the body of that spam and download a few copies of the web pages that that they point to. If enough people were using filters that did this, it would have a number of positive effects. Firstly, spammers bandwidth usage would skyrocket, likely costing them lots of money. Secondly, this would probably be enough to crash (or at least slow down so much that they might as well have crashed) the spammer's website, denying people everywhere those extra three inches.

This is an interesting idea. The first thing I thought after reading it was: bandwidth. Depending on whose estimate you read, spam accounts for around 40-60% of all the email on the Internet. This is a huge chunk of bandwidth, and it's starting to choke the servers of some small to medium sized ISPs. Writing a fighting filter would only make this problem worse.

Yes, eventually this technique would probably make spam unprofitable. If spam did become unprofitable, spammers would start to go out of business and the bandwidth devoted to sending and fighting spam would tail off. From the ISP's point of view, relaying a web page from a
server to a customer is a much lower-overhead operation than relaying an email. So maybe my concern is unjustified. Mr. Graham does respond to this very issue in his FFB FAQ, but to me his response seems a bit flippant.

Bandwidth concerns or not, when such a filter becomes an option, I'll use it.

Friday, August 08, 2003


Apparently not very many people know what the BCC field is for on email. BCC stands for Blind Carbon Copy. Anyone you list on the BCC field will get a copy of your email, but will not be listed as a recipient.

BCC is the only polite way to send mass email, short of a mailing list. I understand that when you're moving, it's simpler to dash off a quick email to everyone in your address book than it is to deal with us all one at a time. However any mail where the To: field is nearly as long as the body of the message is inherently rude.

So please, people, be polite to the people you correspond with. If you're going to send mail to more than one or two people, just bcc us all, and leave the To: field blank.

Thursday, August 07, 2003


If I were curious, I would google to see just how many people are posting anger in the direction of SCO right now. For those of you not geeky enough to be following this corner of the news (how did you get here?), SCO is suing IBM claiming that IBM shared SCO's intellectual property inappropriately.

As always, there are miles and miles of details I could go into about this. However, I'm lazy. The short version is that SCO doesn't seem to have a case. Some people have expressed the opinion that SCO only began litigations to inflate their stock price.

Well, the other shoe has dropped on SCO. IBM has filed a countersuit. If this was an attempt to boost
SCO's stock price, it would seem to be failing.

Wednesday, August 06, 2003

SBC: Not so bad as I thought

Apparently most of the problem with SBC when I talked to them earlier didn't have much to do with their policy being strange. It had more to do with the rep I dealt with forgetting to mention a detail to me. The detail he failed to mention: if I pay for the one additional month of DSL service, regardless of if the DSL is connected, they won't charge me a termination fee.

This makes much more sense than what I was told before. I guess the moral of the story is that it's worth calling back when things just flat don't make sense.

Saturday, August 02, 2003


My five year high school reunion was tonight. I attended it, though I knew before I went that it would probably be bad. It lived up to all of my expectations and more. I got to see a lot of people, but most of them are the ones I kept in touch with anyway. With a few exceptions, most of the attendees were those who never got out of our little hometown.

The reunion was held at Marley's in the Dells. Now there's two bad ideas combined. Let's have a reunion at Marley's, and Let's have a reunion do it on a Saturday night.

About halfway through some friends and I decided that we were hungry and ducked out to get some food. That was probably the highlight of the evening. On the way to the restaurant, we decided that the planners probably decided on Marley's because there was going to be a
DJ there that we wouldn't have to pay anything for.

Oh well. It was a night out at least.

Friday, August 01, 2003

SBC Woes

I called today to schedule cancellation of my phone and DSL service for when I move on the 14 Aug. I thought I was being clever earlier in the year, when I purchased SBC DSL. You'll notice that there is a one-year contract required for that plan. Since I am on a one year lease, that seemed to be perfect. I found out today that they count that one year from the day they connect you.

There was some silliness about connecting my DSL last year. Apparently didn't think, based on their credit reporting company, that I would pay them. Because of this silliness, they didn't connect me until 19 September.

So, in short, they now want to charge me $200 in "termination fees ".