Kalimat al-Mutafalsif

No, not a political essay, actually an interesting surge of visitors from other countries, mainly European. This interests me because I've also seen a surge of spam comments, about 300+ a week. Now, I can't really trace any of said spam comments back to those IPs, nor am I speculating that Europeans are the cause of spam. I'd be very interested to learn I have an international reader base, so feel free to comment to that regard if its true.

However, my theory goes like this. Recently there's been a huge surge in email spam. This is quite a well run operation out of Russia that uses gorgeous virii to send the spam. Why do I call them gorgeous? Because they all act in a Peer to Peer fasion, and have the ability to get around spam filters quite nicely. They do this by including random text (not so hard, but they don't pull from any one bank of words, so it breaks some heuristics) as well as including text in images that can be randomly tweaked, and each are completely different. Now that's cool. Plus it also has a built in virus scanner.
Read More »

I'll start by saying i had an awesome Thanksgiving break. I had been hoping to find something about it to post about (mainly because the drive is 10-12 hours to where I went, and I had tons of time to think) and... wow... got all I hoped for and more. To summarize: Food (Grandma cooking), no computers (relaxation), meeting new relatives (interesting), and getting to know my inner child (just plain fun). Also some other junk I'll throw in. No, this isn't an emo post about my life either, there were some interesting things that arose.

Read More »

Well, in case you can't guess from the title, it's been exactly a year since I started this blog. To be more specific, it was November 20th of last year that I registered the domain. This post also (totally not planned, I swear) happens to be my 100th. Again, to be more specific it's my 100th page... pages include things such as my warhammer picture pages and the others you find under "Pages" on the right. So, this'll be a fun past, five days in the making, about all kinds of things dealing with the past year. ((Published a second time, I apologize))

Some History
The domain was registered while taking one of my patented Long Thanksgiving Breaks. That was ThanksGaming 2005, and I grabbed the domain one night while talking to that coder I always mention, Malaprop of Cambrian House. Malaprop kindly put the domain on his site, installed WordPress, and away I went. My first actual post (I believe) was on the 20th of 2005, but it was accidentally deleted, so the first surviving post is from the 21st.
Read More »

So... I've spent a hellish week working on a paper, among other projects. Left my room once this past weekend, had a few 5-6 hour stints working on the paper. The other projects are Abysmal programming Languages stuff... brutal So like any good CS student, this led me to drinking... Mountain Dew, of course.

I started collecting the cans I drank last week sometime, and stacking them. First just a nice small pyramid, then bigger and bigger. Finally reached level 6 today. For those not so good at math, that's 56 cans. Don't believe me? Check out this picture:

I apologize for the resolution, this was with my phone, the only camera available to me.

More fun math:
Height: 2.25 feet
Width: 1.1 feet
Liquid: 672 fluid oz.
Sugar: 2,688 grams
Calories: 9,520

This is an open call to help me defeat the power of terrorism! Ok, not really, just wanted to get your attention.

To preface: Who remembers Seti@Home? Anyone? Very good Jimmy, it was a distributed computing project to utilize spare cycles on many computers to solve problems that any one computer couldn't solve. In their case it was analyzing data from telescopes, hoping to find something, anything alien. Kinda dumb, right? Because if you find anything it'll either be thousands of lightyears away (and hence can't be dealt with in our lifetime) or of some format we can't deal with. Pointless, I think... but it did get the ball rolling for public attention of distributed computing.

I run the BOINC client to do Rosetta@Home. This project does protein folding in hopes of finding something that may help some human disease. Might be just as helpless as Seti@Home, but at least if this ever turns something up it'll be directly helpful to mankind in a significantly shorter amount of time.

I run this for the Indiana University team (come on, if you've seriously not figured out where I'm a student yet, you're either 1) an idiot, or 2) just don't care to guess. Most fall under don't care, and anyone actually trying to hunt me that couldn't falls into the idiot category. I don't mean to say anyone who doesn't know is dumb, merely anyone who tried to figure it out and couldn't. Look back, the clues are there (do the basic steps of recon on any site, and you'll get me on the first one). My plea is you help me keep my standing of second place (as of this writing). I irked the people who used to hold second and third place, I've noticed a spike in their output since I've passed them. So, how can you help? If you setup the BOINC client, I can give you my username and password to register it to my account. This was I can outsource my productivity to many more people, and have a shot at taking the first place. Yea, is greedy, but I'm a competitive person. It could be great fun, too!

So, if you're interested, get ahold of me. If I think I can trust you, you get my login info (which is throwaway anyways, so if you screw me over I'll just start a new account). Sound good? Go!

Its been a long 7 days. This time last week a security researcher was being raided by the FBI for pointing out a flaw in the airline system I've been pointing out for a long time now. The difference? He did it in a way the government couldn't ignore.

My thoughts on the "increased security" in airports aside, the worst thing you can do is convince people they're safe, when they're not. I lie, the worst thing you can do is put well meaning citizens in jail for trying to help. Now Chris hasn't seen jail yet, and I pray he never will, however this is the mentality in the US nowadays. From the government and from corporations. If you find a flaw, you better not tell anyone. If you tell people, the public better not find out. So long as its contained, nobody has to fix it. THIS IS WRONG! THIS LEADS TO SECURITY HOLES.

The absolute BEST systems in the world are vetted by many, many Smart People who Know Their Stuff and once they finally say it'll take too long to subvert the system (rather, it'll take longer to subvert the system than makes subversion worthwhile) the system is published so Everyone Else can have their crack at it. Don't believe me? Go read up on RSA, to name one. It's patented, and a de facto standard right now. It is published, so you, yes you, can go implement it yourself. This means every citizen out there can go implement it and have "secure comms". Of course, they may not implement it correctly, they'd probably hire some professional to check. This is how good systems work.

If you want a better example for those that don't speak crypto (I sure can't) check out Linux versus Microsoft. Microsoft hides their source code, and as such has bugs pop up in the wild. Granted, Liux is not perfect, and the first worm targetted it, but it does a lot better. WIth ALL the source code OPEN TO THE PUBLIC, it has a patch time way shorter than microsoft's, less security holes, and the ability for users to find bugs without having to be the target of an exploit first.

I've avoided publishing on this topic so far because I've been too close to the action, and quite frankly this could have been me. -------------------------------------------------------------------------------------------- I'd love to think that in this country of freedom I could speak my mind and not be worried. But this past week probably scared me more than Chris for some odd reason. Though he's the one that got screwed, I'm now seconded guessing everything I'll put in public. This post was censored as I wrote it, because I don't want to misspeak. This doesn't mean I'm at all involved with the case, I know Chris through research, its merely the thought that posting a security hole would have this reaction.

I'm in a foul mood, I'll leave you with this question. Is this the freedom you want? Or would you rather see an environment that fosters questions of security to makes itself better?

I'm not advocating overthrowing the government, subverting any of their systems, or supporting terrorism. Nor am I in any way saying I have ever done anything illegal, nor comtemplated it.

Those of you that know me know I'm not the type to hurt innocent people, nor put that ability in anyone's hands. I only point things out so they may be fixed and our kids will grow up in a better world than we did.