General

One way to defeat spammers

Dave Farquhar General , , , , ,

Ever since Brightmail closed up their free filtering service, I’ve been thinking a lot more about spam because I’ve been getting a lot more. I know where these losers are getting my e-mail address. It’s right here on my Web page. But I need to post that so people can contact me. Fortunately, I found a trick. Look at this:
dfarq@swbell.net

That’s just an e-mail link, right? It works just like any other, right? Well, here’s the HTML code for that:

mailto:dfarq@swbell.net

See what I did? I obscured the @ sign with an ASCII code (64), along with the dot (46) and a couple of other characters like the colon. Most automated e-mail address harvesters don’t decode the HTML, so their search routines, which look for things like @ signs and dot-somethings will blow right past that.

So if you run a site, obscure your e-mail address. If you don’t remember your ASCII codes, hopefully you’ve still got QBasic on one of your machines. In QBasic, the command PRINT ASC(“A”) will give you the ASCII code for the letter A. Substitute any letter you like. Or you can remember that A is 65 and lowercase a is 97. A is 65, B is 66, and so on.

When a Web site asks you for an e-mail address, you can see if it’ll let you obscure parts of it. Unfortunately, my forums flag illegal characters, but I may be able to modify that. Some Web sites aren’t that smart.

Obviously this trick won’t work in e-mail, unless you always send your mail in HTML format, which I (along with about half the world) really wish you wouldn’t–it’s annoying. And even if you obscure the mail you send, if I copy and paste your mail to my site, it’ll go up there unobscured. So this advice is mostly for webmasters.

Anyway… On to other things.

We’ve moved, if you haven’t noticed. These pages should be at least a little bit faster. The forums will be several times faster. And the forums are goofy. I haven’t figured out exactly why, but posts are missing and user files are acting up. If you’re having problems (Steve DeLassus just told me he can’t post because it tells him his .dat file can’t be accessed), go ahead and re-register. If you want your post count raised to its previous level, just let me know. I can change that. (Hmm, I wonder if Gatermann would notice if I set his post count to a negative number…?) I’d have preferred to move everything intact, of course.

Anyway. Go play in the forums. See what breaks. If I don’t know it’s broke, I sure can’t fix it. (I may not be able to if I do know, but hey, I can give it my best shot.)

Update: It’s 5:45 in the p.m., and you’re watching… Wait. That’s something else. The forums seem to be working properly now. Lack of uniformity between Linux distributions bites me again… It wasn’t the location of the files YaBB was objecting to, nor was it permissions. It was ownership. Under Mandrake, Apache runs as a user named “apache” and thus files created by CGI scripts like YaBB are owned by “apache.” Under TurboLinux, Apache runs as user “nobody,” and thus files created by CGIs are owned by “nobody.” And when you just tar up your Web site and move it to a new box like I did, those files remain owned by their old owners. Since Linux assumes you know what you’re doing, it happily handed those files over to a non-existant user. So when YaBB came knocking, Unix security kicked in and said, “Hey, nobody, you don’t own these files,” hence those error 103s everyone was getting.

The new server is live.

Dave Farquhar General

The new server is live. And much faster, I might add. We had a dead day in the forums, so I figure this was probably as good a time as any.
So, anyway, I hope everyone enjoys the improved speed that a faster CPU and mod_gzip provide. I know I can definitely get used to this. I notice the difference here.

I’ve extracted the text of the old forums here. At the moment I can’t get a search engine working on it. Sorry. I’ll work on it tomorrow.

I want to go live with the new server…

Dave Farquhar General ,

And for a few minutes last night I had it cranking. It was fast and wonderful until I got into the forums. Everything was there, but when I tried to read the messages, I got error messages. I’ve had that problem all along. At first I figured the problem was due to the files being stored somewhere else under TurboLinux, so I reconfigured Apache to store everything in /var/www like it does under Mandrake. Then I figured the :8080 in the URL was throwing it off. So I flip-flopped the two servers, so as far as YaBB knows, it hasn’t moved. All the permissions are the same on everything. But it still can’t find the files if I move it.
I’m really sick of this P-120’s speed, or lack of it, especially since I’ve got a Celeron-366 sitting under my desk in a case that once housed a Pentium-75 (how’s that for irony?) that’s fast and lovely and chomping at the bit to go.

We’ve got 149 messages on the forums at the moment. A couple of the topics are active. Nothing’s stopping me from grabbing the text of the messages and dumping them somewhere on the site where the search engine can still find them and the wisdom (or lack thereof) they contain.

Anyone have any thoughts? If there aren’t any big objections to it, I’ll make the move tomorrow night.

In the meantime, I’m not feeling so great. So I think I’ll just rev up the Farquhar Time Machine, make my server think it’s Tuesday, post, forget that there are such things as e-mail and telephones, and call it a night.

What the press doesn’t want to tell you about Kaycee

Dave Farquhar General , , , , ,

Dan Bowman forwarded me a string of e-mail yesterday that raised a number of questions about the press. Apparently there is at least one reporter trying to find out how many people gave gifts to “Kaycee,” and that’s raising some concerns. Why? And why does the reporter want names and phone numbers? And how do you know if the guy’s legit or if he’s making some kind of sucker list?
Being a former reporter myself, Dan solicited my opinion. Maybe he figured a former reporter would recognize one of his own. And I do.

One concern was the reporter’s apparent use of a free e-mail address. This doesn’t cause me any great concern. Not all newspapers have a mail server because not every newspaper can afford to pay a mail administrator–or maybe they’re just not willing to justify keeping a full-time IT guy on hand who’d make more than the editor in chief. Plus there’s the portability issue–use a free, Web-based mail service, and you can read your mail from anywhere with Web access. No need to mess with VPNs or direct dialins or any of that nastiness.

Another concern is why does the reporter want a phone number. Practicality is one issue; a five-minute phone conversation can glean far more information than a mail conversation that takes all day. And the reporter probably wants to hear your voice; the sound of your voice tells a lot. The reporter can’t print that information, usually, but that gut feeling provides valuable guidance. Plus the reporter needs to verify that you really exist, which is something that anyone who had any contact with “Kaycee” will understand.

But if the reporter were any good, he’d be able to track you down, right? You bet he could. But that’s ruder than establishing contact via e-mail. You want the source to be as comfortable as possible. Plus it takes time to do that. In something like this, you’ll cast a wide net as painlessly as possible. If I were writing this story, my very first step would be to go to Weblogs.com, do a search on “Kaycee,” and when I find sites that mention her name a lot, I’d read the posts to get an idea of whether there was any relationship, and if I find any indication, e-mail that person. I may e-mail 100 people. But it only takes three sources to make a story.

Will the reporter honor your wishes, like not printing your full name, or your real name? Quite possibly. I know MSNBC’s Bob Sullivan knew Julie Fullbright’s identity. (Bob taught one of my journalism classes way back when, back when he was a grad student at the University of Missouri. I e-mailed him after his story hit the Web.) He didn’t publish her name–he said her identity couldn’t be confirmed at press time. A white lie? Kind of. But I know Bob didn’t knock on Julie’s door and confirm it. I don’t know whether he called her on the phone and asked if the pictures were her yet still chose to say her identity was unconfirmed. Bob said he wanted to protect her privacy, and knowing Bob, I take him at his word on that. If this was going to turn into a three-ring circus in the press, Bob didn’t want to be the ringmaster. Once her identity became common knowledge, you started seeing her mentioned by name in the news too, and not just on the Weblogging sites.

Chances are very good that the reporter(s) will talk to dozens of people and probably run the best quotes he gets from some of them. For example, I found a nugget in one of Dan Bowman’s messages: “Shelley would really like to know who ate her cookies.” Yes, on one level that’s funny. But baking cookies for someone is a fairly universal act of love, and just about all of us–even baking-challenged superbachelors–can understand the feeling of betrayal when you bake up a batch of cookies and send them to someone, then find out they never got to that person. And if that person didn’t exist at all, it hurts even more.

If you feel like you should give the reporter a piece of information but don’t want to be quoted, use the phrase “off the record.” Most reporters honor that. If you can give them someone else who’ll corroborate what you say, the reporter is even more likely to honor it. Even if that someone else wants to remain anonymous, once three people say something, a reporter can pretty much count it as fact. And since there is some danger of retribution, a reporter will honor that. Most reporters have a soft spot in their hearts for people in danger.

I know you’re nervous about talking about this with a reporter, because I was a crime reporter. Being taken for money is one thing. People don’t like to talk about that because they don’t like to think of themselves as suckers. I know that. Any reporter you’re likely to talk to knows that. But being taken for love is entirely different. People are far less likely to talk about that. Any reporter you’re likely to talk to knows that too. All too well. He or she isn’t likely to do anything to hack you off when good sources are hard to find.

Why is the press taking this angle? Well, the root word of the word “news” is “new.” This is a very old story by news standards. This is the only angle left to take, and the national media has probably stopped caring. If it turns out that more than $1,000,000 worth of gifts were sent to Kaycee, then it’ll become a national story again. If a few hundred people sent postcards and cookies and trinkets, I doubt you’ll hear about it anywhere but in Kansas and Oklahoma newspapers. But in rural Kansas and Oklahoma, anything new that comes about in this case is news.

Why can’t the reporter just read your Weblog? There’s a decent chance s/he already has. But the reporter will want to know how you feel about this now. (That “new” thing again.) And no one wants to print exactly the same quote some other paper did. If you interview the person yourself, your chances of having verbatim quotes lessen.

Is the reporter in cahoots with the FBI or local law enforcement agencies? Probably not. That would be a conflict of interest. It crosses the boundary between reporting news and creating news.

And how can you tell if a reporter is legit? Do a Web search on the reporter’s name. Chances are it’ll show up somewhere. I did a Google search on the reporter’s name in this case, and the first hit had his name, his employer’s name, his editor’s name, and his newspaper’s phone number. If worse came to worse, I could call that number and ask for him. If he’s not there, you can ask whoever answers the phone if the reporter is working on a story along those lines. There’s no guarantee that person will know, but reporters do talk to one another, and future stories do come up in newsroom meetings.

Hopefully that helps people see this thing from a reporter’s perspective. And I suspect that’s probably the last I’ll talk about Kaycee here–the story seems to be losing momentum and people seem to be moving on. And that’s a good thing.

SPAM from Macromedia regarding Flash; Neatgear NICs; Crash course

Dave Farquhar General , , , , , , , , , , , ,

MAILBAG:
From: “bsprowl”
Subject: Spam ?? from Macromedia regarding Flash

I keep getting offers to down load Macromedia’s Flash. These aren’t e-mail type spam; a window pops up and asks if you want to download it.

I have find it very annoying to get these regularly. I have searched on it and find it will cost $399.00 plus tax and shipping for this web authoring tool after the trail period runs out.

Well duh, that’s expensive and I don’t want to write using it; I use Arachnophia (sp?) which is freeware, saving over $400 for the small bit of web development that I do.

There are also some security issues that I don’t want to deal with (although how a glorified text editor can cause security problems seems insane, the FAQs lead me to believe that it can happen.)

But why do I keep getting offers to download it from so many sites. The latest is weather.com, who you would think would not have ads of this type. And the ad pops up several times as I open the radar map and every time I refresh the map it pops up two or three more times.

I have tried to see if this spam is somehow tied to my computer and have used some of Steve Gibson’s tools ( grc.com ) and updated my virus definitions, etc., to eliminate or reduce it if it is hidden or my system. I found nothing.

Any suggestions?

Bob
~~~~~
I know exactly what’s going on. (My site isn’t bugging you about that, is it? If it is, Vinny and Guido will be knocking on a couple of people’s doors because off the top of my head I can’t think of anything I hate more than Flash and my site’s not *supposed* to be using it….) There’s nothing wrong with your computer. You’re getting that question because so many sites use Flash; and most sites, if they detect you don’t have the free Flash plug-in, offer to let you download it. You’d be downloading the free unlimited-use plug-in rather than some trial version of the $399 package.

But Flash animations are annoying (and mostly used by really blinky and obnoxious ads) so I don’t like installing it. I also don’t like the stupid dialog boxes (or sites that install it without asking permission, as some do). When a site offers to install Flash, I add it to the Restricted Sites zone (Tools, Internet Options, Security, then click Restricted Sites, then click Sites, then add, say, www.weather.com to the list). That shuts ’em up, unless they also use ActiveX, in which case IE will pop up a dialog box saying the page may not render properly. But at least they’ll quit bugging you about Flash.
~~~~~~~~~~
From: “Bob”
Subject: Re[2]: Spam ?? from Macromedia regarding Flash

Hello Dave,

Oh. Now I feel stupid for bothering you.

I never noticed Flash or Macromedia before this. I don’t really want to install it but I would like the weather maps to update automatically and also to show the past several hours.

I guess I’ll do a backup to CDW and then install it. I don’t have a lot on my system, the C: drive only has about 590 MB so it will fit on a single CD. Then if it’s a problem I can just go back to the original system.

I really am wasting that drive but then none of mine are full. I don’t download music, that’s why I have my stereo; I don’t even have a speaker plugged into my computer.

I don’t play DVDs; that’s what the VCR is for (although I haven’t used it more than once since I brought it; I don’t even know were the nearest video rental place is located.)

A year or two ago I tried to install the latest release of the Asteroids game which I though might be fun but after downloading half a dozen files from several sites (I need something called Direct X) it won’t run and neither would anything else. I tried it on several of my systems from an old 486 with DOS 6 and Window 3.11 to a system with a PII 450 and Windows 2K. I’ve never gotten a game more complex that Mahjongg to run on anything besides my old Atari, so it must be me.

I spend a lot of time reading and I like paperbacks so I don’t download books either. I do have a database of all of the books I’ve read in the last five plus years. And that is linked to my Palm so I no longer buy a book I have already read.

I find your sight to be most useful concerning computer technology and read it everyday. While most of the other daynoter’s are interesting, they are not nearly as useful. I really don’t care what they ate, etc.

Thanks again,

Bob
~~~~~
No problem, I’m sure you aren’t the first to have that question, and I’m sure others are asking, “How do I keep this #&%$ website from telling me to download Flash?” If not today, someday someone will want the answer to that question.

Most recent games do require DirectX, which you can download from here. If the DirectX version is too old, games will complain. The safest way to get a game running, if you’re willing to invest the time, is to build up a system, install Windows clean, then install the current version of DirectX, then install the game. That may be more trouble than you’re willing to go to.

I chuckled as I read the rest of your mail. About two years ago, a box of stuff showed up in my boss’s cube. Nobody knows where it came from. There was some ancient computer stuff, and there was some REALLY ancient computer stuff. One of them was a CompuServe manual, and I could tell from the logo and the hairstyles and tie widths that this thing was from 1984 at the very latest. I flipped through it and chuckled at the words that suggested 1200 baud was something new, and when my boss walked in, I held it up and said, “Now this is a relic from a time when computers were computers, and not washing machines and stereos and VCRs and TVs and fax machines and toasters.”

“You sound bitter.”

“No, just practical.”

I remember my Amiga’s simple elegance. Yes, it invented multimedia, but it knew what it was, and that was a computer, and it did a good job of being one. And I miss that.

And thanks for your compliments of the site. I try to be useful, and entertaining, and compelling. I don’t always succeed, but enough people come back that I guess I succeed often enough. I know Pournelle’s a better writer than I am, and both he and Thompson have a much deeper depth of knowledge than I do (they’ve also had more time to accumulate it). So I do the best I can, and try to make it as easy as possible here for people to find the stuff they do like.

Thanks for writing.
~~~~~~~~~~
From: “Steve DeLassus”
Subject: Neatgear NICs

OK, what’s the difference betwen a Netgear FA310 and an FA311? At the price mwave is hawking them, I am ready to pick up 3…
~~~~~
The FA310 uses the classic DEC Tulip chipset near and dear to all Linux
distros’ hearts. The FA311 uses a NatSemi chipset that only very recent
distros know what to do with. The FA311 should be fine with Windows boxes,
and it’s supposed to be fine with Mandrake 8.
~~~~~~~~~~
From: “Gordon Pullar”
Subject: Re Crash Course

Hi, I have just read your article in this months “Computer shopper” I am having trouble re-formatting my hard drive (which previously had WIN98SE on it and worked well!) I used FDISK( Got from WIN98 then WIN98SE.) to create a Primary DOS partition,using the whole disk,6.4 Gig. After that I reformated it, it now freezes at writing the FAT table,that’s if I get that far,4 times out of 5 using a boot disk,(I have tried several from differnet PC’s) It gets as far as “verifying pool data” and then freezes.I have checked the HDD drive out with Seagates own diagnostic software and all is OK.(Funny it always boots OK with the seagate software “Seatools”) Changed the IDE cable to the hard drive.I have flashed the BIOS with the latest version.

Is there anything else I could be missing??

Giga-byte GA 5AX motherboard
AMD K6 2 500 Mhz CPU
256 Mb pc100 Ram
Seagate 6.4 Gig ST36451A
HDD Generic video card

Regards

Gordon Pullar
~~~~~
First thing I’d do would be to try to get it to boot off a floppy, then type FDISK /MBR. Both of the problems you’re describing sound like a corrupted MBR, and I don’t think partitioning the drive will zero that out for you. If that doesn’t work, try zeroing out the entire MBR with the MBRwork utility (www.terabyteunlimited.com).

Failing that, I’d try using SeaTools to either low-level format or zero out the drive. Usually after doing that, a finicky drive will work just fine.

Bringing the Duron forward

Dave Farquhar General , ,

And my Duron is alive. Right now it’s an all-SCSI system, with a Plextor UltraPlex 40max and a 4.3 GB Seagate Medalist SCSI HD. It smokes. Any time I can turn on Show Window Contents While Dragging and play back full-motion video in Media Player while violently moving the window around the screen and the playback remains smooth, I’m impressed.
The floppy drives don’t work right because I somehow managed to mangle the cable, but I’ll replace it. One of these days. I’ve got a few spare floppy cables hanging around somewhere.

It’s running Windows 2000. I wanted a fast, reliable office suite, so I installed Office 95. Yes, five. It’s nice, stays out of my way, loads really fast, doesn’t crash much, and has some semblence of an idea of distinction between an OS and an application.

I dual-booted it with Mandrake 7.2 (I haven’t downloaded 8 yet). It’s nice. It’s quick. I made this post from Konqueror under Mandrake 7.2.

Look out City, Suburban Boy’s coming to visit!

Dave Farquhar General ,

St. Louis makes a huge distinction between St. Louis City and St. Louis County, much like most cities I’ve visited. One thing I’ll say for the City: Being older, it has a whole lot more character. The St. Louis suburbs are, well, for the most part pre-fab, cookie-cutter, chain-infested boroughs. An outsider would have a hard time telling the difference between Mehlville and Oakville. It takes some looking to find a building more than 50 or 60 years old, and chances are few of the buildings you do find will still be standing in 60 years. I live in the county because I work in the county, and the City taxes you if you live in the City but work in the county–the intent of that law is to punish executives who work in the City but live in ritzy suburbs like Clayton or Ladue or Town & Country, but young professionals like me who live in the city because we like it but who happen to be employed in the county take a tax hit. Really, that kind of living should be encouraged–we’re bringing suburban money into the city, and during rush hour we’re driving against traffic, lessening congestion. And young professionals tend to eat out a lot and spend lots of money. If anything, there should be a slight tax incentive to live in the city and work in the county. But, once again, there are obviously issues involved here that are beyond the capacity of my little brain.
So I now live in the suburbs. But I prefer the City because I like character, and St. Louis is an old enough city to have some character (Europeans will scoff at that, but consider our standards–and really, you can develop some character in 150-200 years).

I’m meeting two friends for lunch later today. Both of them live in the City. One asked where to meet and where to go. I didn’t suggest Burger King in Oakville. But, typical of males, none of us could decide where to go, so I piped in. “Well, aren’t we just the bastions of decisiveness. Look, I’m Suburban Boy. There are great places in both of your neighborhoods, but I don’t know what they are. I’ll defer to your better judgment.”

Well, there’s a deli within a mile or two of where one of them lives that’s supposed to be out of this world. So that’s where we’re going. I know, in this day and age Subway has totally homogenized our idea of a deli, so a good local deli, when you can find one, is a delight. Two local chains used to have locations near where I work. There was Ruma’s, in Concord Village, which was good, and there was Amighetti’s in Crestwood, which was to die for. Both locations are now a Quizno’s. Quizno’s isn’t bad but you can’t get a giant pickle there like you could at Ruma’s, and there’s nothing on Earth that compares to Amighetti’s bread–you could cook yourself up a big ol’ hunk o’ tire and put it on Amighetti’s bread and it’d taste good, if not fabulous. And it didn’t hurt that the girls who worked there were all drop-dead gorgeous. Man, I miss that place. St. Louis has a great Italian heritage, and we’re willing to sell it all out to Subway and Quizno’s.

So.. A neighborhood deli where I can eat outside and converse with two really cool people… Sounds great to me.

No, this is still the old server.

Dave Farquhar General , ,

The new server works, but I got sidetracked last night. I had to take care of a weird work problem, and I ran out to a bookstore where the girls who work there seem to have this competition to see who can be the nicest, and then I came back home and had a long phone conversation with an old friend I hadn’t talked to in a couple of years. Between all that and trying to make some sense of Steve Gibson’s latest discoveries and trying to figure out what he wants and whether I agree with him, my server just kept chugging along.
I need to make my homebrew spam filter too. I’m thinking I’ll press a 486 into that duty, at least initially. I’m out of good PCs to experiment on. Once I get it working, if it’s slow, I’ll get some parts and build something better to block the onslaught of spam.

Oh, speaking of spam, for those of you who have Web pages… If you obscure certain characters in your e-mail address–sub in the raw ASCII code for the at sign and the period and one or two letters–most spam bots can’t harvest it. I need to do that for my pages. I’ve also found some cool-sounding traps for spam bots, including one that tries to dynamically figure out the spambot’s IP address, then feeds it accounts like abuse@owner.com and postmaster@owner.com. If they work, I’ll most certainly toss them your way.

We can’t give hackers anything else to work with

Dave Farquhar General , , , , , , , , , , , ,

Thanks to David Huff for pointing this link out to me (the good Dr. Keyboard also passed it along). Steve Gibson was hacked last month, and he wasn’t very happy about it. So he set out to learn everything he could about l337 h4x0rs (elite hacker wannabes–script kiddies). What he found out bothers me a lot.
Kids these days. Let me tell you…

In my day, 13-year-old truants (those who had computers and modems) used their modems to dial 800 numbers over and over again long into the night, looking for internal-use-only numbers. Armed with a list, they then dialed every possible keycode combination looking for PINs. Then they’d use that information to call long-distance on the telco’s dime. They’d call BBSs, where they’d swap the previous night’s findings for more codez, cardz (credit card numbers), warez (pirated software), or porn.

I never did those things but I knew a lot of people who did. They’d drop off the face of the earth on a moment’s notice, and rumors would go around about FBI busts, computer equipment being confiscated, kids being hauled off to juvenile detention center… And some of them never came back. Some of them cleaned up. Others, who knows? I heard a rumor about one of them running away to Las Vegas after he got out. And some just got hold of their old contacts and went right back to business. One of my friends cleaned up–the huge phone bill he got was enough of a reality check that he stopped. Whether it was a moral reason or just fear of getting caught again, I don’t know. I knew another who got busted repeatedly, and he’d call me up and brag about how his line was tapped, throwing in the occasional snide remark to whoever else might have been listening. I remember our last conversation. He sent me some code (all of the guys I knew were at least semi-competent 6502 assembly language programmers) and we talked music. I’d been fascinated by that subculture, though I never did anything myself–I just talked to these guys (partly out of fear of getting caught, partly because I did want to have some semblence of a life, partly because I didn’t want to kiss up to a bunch of losers until I’d managed to prove I was elite enough), but at that point I was 16, I’d published once, and I realized as the conversation ended that my fascination with it was ending also. It was 1991. The scene was dying. No, it was dead and pathetic. These “elites” had become the butt of jokes–they were risking arrest so they could call Finland for free and pirate Grover’s Magic Numbers, for Pete’s sake! I guess I was growing up. And I never talked to him again. (I don’t even remember this guy’s real first name anymore–only his handle.)

I guess if I’m going to be totally honest, the only thing that’s really changed are the stakes. I want to say my generation wasn’t that bad… But I don’t know.

Essentially, some guy going by “Wicked” had zombies running on 474 Windows PCs. Some of “Wicked’s” buddies took issue with Gibson talking about script kiddies–they thought he was talking about them–so they told “Wicked” to take him down. And he did. And he bragged about it.


"we will just keep comin at you, u cant stop us 'script kiddies' because we are
better than you, plain and simple."

Now, when someone annoys me, I find out what I can about the guy. At 26, I do it to try to get some understanding. At 13 I didn’t necessarily have that motivation, but I did at least have some basic respect. And anyone claiming to be better than Steve Gibson… Gimme a break! That’s like walking up to Michael Jordan and saying you’re better on the basketball court, or walking up to Mark McGwire and saying you can hit a baseball further, or walking up to Colin Powell and telling him you can beat him in a war. And anyone who’s ever written a line of assembly language code and read any of Steve Gibson’s stuff knows it. And it’s not like the guy’s exactly living in obscurity.

Well, Gibson was diplomatic with this punk. And his reasoning and his respect softened him. He called the attacks off. Then they suddenly started again, and Gibson got this message:


is there another way i can reach you that is secure, (i just ddosed you, i aint stupid, im betting first chance ud tracert me and call fbi) you seem like an interesting person to talk to

Say what? You want to talk to someone, so you blow away every other line of communication and ask if you can talk? Now I can just picture this punk once he gets up the nerve to go talk to a girl. He knocks on the door, and the first words out of his mouth are, “I just tesla coiled your phone line so you couldn’t call the cops, but…” Then he’d toss some Kmart pickup line every girl’s heard a million times her way, and hopefully she’d smack him and run to the neighbors’ and call the cops.

For some reason people get hacked off when you do something malicious to them.

Well, Gibson reverse-engineered some Windows zombies and followed them into a l33t IRC channel where he had another interesting conversation. I won’t spoil the rest of it.

Now, I admit when I was 13, I was a mess. I was insecure, and I had trouble adjusting. My voice was cracking, my skin was oily, and I was clumsy and gawky. And I didn’t like anyone I knew when I was 13, because I was the class punching bag. Part of it was probably because I was an outsider. This was a small town, and I wasn’t born there, which was a strike against me. If you got all your schooling there you were still OK. I came in the third grade, so strike two. And I didn’t want to be a hick, so strike three. I liked computers, and in 1987 that was anything but cool, especially in a small town. And everyone thought I was gay, because I didn’t hit on girls and I didn’t have a huge porn collection–and there aren’t many worse things to be in southern Missouri, because it’s still a really bigoted place (and since girls made me stammer, it’s not like I could have proven I was straight anyway). And I had goals in life besides getting the two or three prettiest girls in the class in bed. (Yes, this was 7th grade.) So I guess I was oh-for-two with two big strikeouts. And since I was five feet tall and about 90 pounds, if that (I’m 5’9″, 140 now, and I was scrawnier then than I am now) I couldn’t exactly defend myself either. So I was an easy target with nothing to like about me.

I guess “Wicked” sees Steve Gibson as a five-foot, 90-pound outsider with a really big mouth, so he’s gonna go pick on him. Then he’s gonna go hit on the 13-year-old girl who looks 18, and he thinks taking down grc.com is going to make her swoon and tell him to take her to bed and lose her forever. But since she has a life, she doesn’t give a rat’s ass about whether grc.com is up or down, so hopefully she’ll smack him but I doubt it.

Yeah, I want to say the solution is to make things like they were in 1987 but bullies are bullies, whether it’s 2001 or 1987 or 1967. AD or BC, for that matter.

I want to say that accountability to a higher being will solve everything and make kids behave, but I know it won’t. That grade-school experience I just described to you, with 13-year-olds making South Park look tame and trying to get in girls’ pants? You know where that happened? A Lutheran grade school. Introducing the kids to God won’t fix it. Establishing a theocracy won’t fix it. In college I wrote a half-serious editorial, after a pair of 6-year-olds in Chicago murdered a four-year-old by dropping him out of a 20th-story window after he refused to steal candy for them, where I advocated the death penalty for all ages–maybe then parents would keep an eye on their kids, I reasoned. But I know that won’t fix anything either.

Steve Gibson doesn’t offer any answers. He’s not a social engineer. He’s a programmer–probably the best and most socially responsible programmer alive right now. And what Gibson wants is for Microsoft to cripple the TCP/IP code in Windows XP, so the zombies these script kiddies use don’t gain the ability to spoof come October.

Frankly, I wish such a castrated TCP/IP stack, with raw sockets capability removed, were available for Linux. My Linux boxes are a minimal threat, being behind a firewall and only having a single port exposed, but I’d cripple them just to limit their usefulness to a script kiddie just in case.

Why? Screw standards compliance. The standard for mail servers used to be to allow them to be wide open so anyone could use one, just in case their mail server was down. It was all about being a good neighbor. Then spammers trampled that good faith, so open relays are now the exception, not the rule.

Maybe there’s some legitimate use for raw sockets. I don’t know. But I know nothing I use needs them. So why can’t I run a stripped-down TCP/IP on all my boxes, so that in the event that I do get compromised, my PCs’ usefulness is limited?

If software companies want to provide a full, standards-compliant, exploitable TCP/IP stack for esotetic purposes that need them, fine. Do it. But don’t install it by default. Make it a conscious decision on the part of the systems administrator.

Let’s just get one myth out of the way. The Internet isn’t going to change the world. So when the world does stupid things, the Internet’s just going to have to change instead.

More TurboLinux

Dave Farquhar General

Server update: I broke it. That’s the way you learn. I’m thinking I’ll go live with it June 1 anyway.
I found a really cool feature though. TurboPkg is an RPM utility that comes with TurboLinux that queries an FTP server, compares the packages there with the packages you have installed, and highlights the packages that have been updated. Run it after installation (kind of like running Windows Update on W2K), then run it periodically to make sure you’re up to date. I thought Mandrake had something similar but I’m not positive–I have to admit I have Mandrake dual-booting with Windows on a couple of machines, but I don’t use Linux as a workstation much, and when I do use it I don’t pay much attention to the GUI–I open a console and execute just about everything from there because it’s a lot faster to just type an app’s name than it is to dig for its stupid icon. I love it as a server OS but for day-to-day work I use Windows, mostly because that’s what I make money writing about.