I Can See My House From Here

Posted on by

To celebrate the new year, we took off and hiked to the top of Mount Tamalpais, the highest peak in Marin County.? There is a lot of UP involved: we started under 1000 feet at the Mountain Home Inn, and ended up on the East Peak at 2751 feet. There were quite a few people on the trail, on foot and on mountain bikes. Very lean and fit-looking people. Some were wearing “Happy New Year” party hats. On the peak, La took this awesome panorama:

[QUICKTIME http://www.temme.net/sander/Mount_Tamorama.mov http://www.temme.net/sander/Mount_Tamorama_Poster.mov 600 400]
QuickTime required. Click to load the full panorama (3.1Mb).

And yes, one can theoretically actually see the house from here. I just checked in the Sun Porch, and the East Peak of Mt. Tam is clearly visible now that the Japanese Maple is leafless.

We found this hike on a page of the Mount Tamalpais Interpretive Association. Awesome way to start the year.

Be Sociable, Share!

The Fight Against Zombie PCs

Posted on by

SpamAssassin’s Justin Mason comments on a talk by one Joe St. Sauver about the Spam Zombie Problem. Joe has some good points, but I’m afraid his proposed solution?a government-issued, free cleanup disk to be applied to infected PCs?won’t cut it.

Joe even contradicts himself in his slide show: first he assesses that the average owner of an 0wned PC does not have the motivation, or wherewithal, to clean up their infection, they are unwilling to pay to have this done and ISPs can’t be expected to help out their users since it’d take hours to properly clean up a zombie PC. However, a cleanup CD to me seems not only a hard sell to the general public, but it also looks like something easily obtained by the bad guys, who can then code around it. Malware can be updated in minutes through its natural distribution medium; good luck updating a stock of CDs sitting at every post office and library.

Nevertheless, Joe makes some interesting points such as:

  • The vast majority of SPAM e-mail is now delivered through virus-infected PCs (zombies) owned by the general public
  • Said general public has no compelling interest in cleaning up their machines
  • The zombie PC problem is out of control
  • This is a world-wide issue
  • Something needs to be done

However, what can we do about this? I agree with Joe that rate-limiting e-mail from consumer PCs and cutting off their direct-to-MX SMTP path is not enough. I don’t use AOL, but I’m sure their widely advertised move to make antivirus software available to their customers for free is in their own best interest. The $250 tax credit Joe proposes seems to me merely a shot in the arm for Dell and Microsoft… especially the latter would love to see the masses upgrade to Vista forthwith. Speaking of which, what exactly does Vista bring to the table in this regard?

Be Sociable, Share!

Mail Flipping Back to Unread

Posted on by

Rich Bowen remarks that he sees Apple Mail flip recently read messages randomly back to unread status. I am seeing this too and it bugs me.

I searched Apple’s support discussion forums and turned up a discussion on this very topic. It seems the Apple engineers blame the issue on ambiguities in the protocol standard, but one would expect that at least between Apple’s own .Mac mail the client-side and server-side interpretations of the standard would lean the same way.

Another interesting data point is the closing post of the thread, blaming the GPG plugin. I, too, have that installed. I may pull it and see if the problem goes away. I think Apple should support PGP directly in Mail.app anyway, right alongside S/MIME.

Be Sociable, Share!

Onion Rings and Peanut Butter Pie

Posted on by

The Apache Community Site shows information on Apache committers, the projects on which they work and their approximate geographical location. When I entered my info, I didn’t want to point to my house for privacy reasons. I initially used my office in downtown San Francisco, but when that job went away and I started working from my home office, I needed a new location. And what would be a better place than the back deck of Sam’s Anchor Cafe?

So, that’s where you go when you call up my location and zoom all the way in. We happened to be there today for lunch and had a great time. Great weather (we took the convertible), great company (the Garrous, who have lived in town for a year now), great food. On a whim, I ordered the onion ring appetizer and they were delicious. How often do onion rings turn out to be soggy, over-fried, a general disappointment? Not these. They were sweet, crispy, with a crust that did not even taste of deep frying fat and a delicious blue cheese dressing for dipping. Yum.

Be Sociable, Share!

Honeynet Founder Lance Spitzner: ?Hackers not afraid of being caught?

Posted on by

The Hack Report has an interview with Honeynet Founder Lance Spitzner where he gets to re-hash what we know about the bad guys: yes they are after your computer, they are in it for the money now and no, there’s nothing law enforcement can do.

And, of course, someone in the comments speaks up and denounces the use of the word ?Hacker? for the bad guys, since ?Hacker? really means ?One who is proficient at using or programming a computer? etc. etc. Of course I agree with this, but it’s too late to shut the barn door.

Give it up. The linguistic battle has been lost: in the eyes of the general public and the industry, ?Hacker? means you’re breaking stuff. End of story. Instead of mincing over words, let’s concentrate on actually fighting the bad guys. What we need is a new moniker for the ethical, the good guy hacker. Let’s rally under a new banner! From now on, the good guys should consider themselves ?CyberPonies?.

Be Sociable, Share!

Open Source Java and mod_ftp Activity

Posted on by

I have been trying to say something useful about the Java Open Source announcement from Sun, but I keep running into the fact that I’d actually have to read the announcements before opening my mouth, and that simply has not happened.

So, let me simply say that I hope this eventually leads to having the JDK available in the FreeBSD package/ports collection, so one may install it from a package without having to download the source from one place and the patches from another and then spend the better part of a full day compiling your own JDK. Of course there are the Diablo JDK builds at the FreeBSD Foundation, but do those satisfy the dependencies of Java-based apps in the ports collection?

On another note, I have recently found some time to work on the documentation for the mod_ftp module. I’m transforming the documentation donated by Covalent into the format and layout used by the httpd documentation.

Be Sociable, Share!

IEWatch Redux

Posted on by

Several folks chimed in on my post about IEWatch last week. I also submitted IEWatch a sales support request asking for a Firefox version, and they said that there are no current plans, but “We might consider writing a compatible version if we receive enough customer requests.”

One of the compelling aspects about IEWatch is that it puts the connection information right into your browser window. At the cost of serious screen real estate, but we all have large monitors now, don’t we? None of the alternatives presented in the comments do this: even the Live HTTP Headers plugin for Firefox opens a separate window. In that window it dumps all the request and response headers in a fairly disorganized fashion, giving the user both too much information and too little. IEWatch neatly organizes the request and response headers, content, cookies etc. in the tabs across the bottom of the browser window.

Be Sociable, Share!

Compelling Internet Explorer Add-in

Posted on by

If I were running Windows, this would actually make me use Internet Explorer more. The IEWatch gadget gives you an ?underwater screen? that shows every HTTP transaction made when loading your pages. Great for troubleshooting and debugging, and you don’t have to run tcpdump or sift through mounds of traffic to piece together your web transaction flow. It almost makes up for IE’s atrocious error reporting, and because it shows every 404 or Redirect response that occurred has helped me tremendously in troubleshooting some weird edge case issues at customer installations.

Screenshot of IEWatch

So, dear Lazyweb, does anything like this exist for Firefox? Having this for Safari would be even better, but an IEWatch-like add-in would have the power to make me switch browsers on my Powerbook.

Be Sociable, Share!