Tuesday, December 16, 2003

#1 on Shallow Jack's Christmas List

Shallow Jack here. Which means everything that follows is probably NOT SAFE FOR WORK.

I know these "items" have been discussed already on the Howard Stern show, but even though Shallow Jack wouldn't be the primary choice as a speaker at any women's group conventions (other than maybe the annual Porn Stars shindigs), I don't listen to Stern very often. After about 2 or 3 of Stern's shows, you've heard all the rest.

So I'm surfing my normal tech and pr0n sites, and come across a geek christmas list over on Slashdot. Yes, Slashdot, the site where Cybersnobbery gets it's first name.

One of the 'commenters' talks about wanting a "RealDoll" for Christmas.

WARNING: If you click on that link, you will find yourself on the pathway to credit debt hell and a very angry spouse should you order one. You might also find yourself escorted out of your place of employment.

But Shallow Jack says that shouldn't stop you.

"Dear Santa,

I know I've not been the best of boys this year. Surfing pr0n, and lusting after hip-hugger wearing, belly-shirt showing, pushup-bra under low-cut shirt donned women is not conducive to getting oneself moved from the permanent "Naughty" list to the "Nice" roll.

But I want one of these.

Think of it as headache/I'm tired/I don't feel like it/The kids might hear/etc." medicine for ol' Shallow Jack's wife. He'll be nice and leave her alone, having his new toy to play with.

And she's been a very good girl.

Too good if you ask Shallow Jack. But I digress.

Just to let you know Santa, if you're embarassed about delivering a 110-pound female body-3 type model to Jack's place, or it won't fit in the sleigh, a check for $5999 + $450 shipping would be just fine.

Yes, that is a lot of money, but its amazing how almost real they look. Much better than "Blow-up Betty" that most guys think of when it comes to these sort of things.

Don't worry about me breaking it, as it can "safely support 400 lbs of weight", and I've been a good boy and slimmed down on my low-carb diet. Also "REALDOLL's silicone skin is extremely flexible and will sustain almost any reasonable position.", though I really want to know what they mean by 'reasonable'.

Also Santa, if you think Shallow Jack's been a very good boy this year, you can add in some extra money for the options, like $3000.00 for the "articulated hands", or $500.00 for a custom wig. The geek in me wants the $1500.00 "Interactive sensory response system" so the real doll makes computer controlled noises while I'm playing with her, and oh yes, the beta "Hip Gyration system" unit sounds interesting, but since "The unit runs on 24 volts DC, and is UL Listed. The actuator itself has been able to lift up to 500 lbs and uses a state of the art control system which includes an automatic clutch system that will allow slippage if too much weight is present. This eliminates the possibility of damaging the actuator or the Realdoll." and it is only in testing at this time, I think I'll pass. Sounds like it could damage certain of Shallow Jack's own favorite body parts.

Shallow Jack likes his manhood in tact. What also bothers me is that the computer controlled system runs on Windows. So what happens when it crashes? I don't want to know.

Oh Santa, if you've got any ladies on your "Naughty but Nice" list, there's a Male Version of the doll as well.

Or you could just give them Shallow Jack's phone number.

Thanks for reading Santa!"

Tuesday, November 25, 2003

Hacking Voting Machines

I came across this article while perusing Security Focus' Website. It talks about how insecure the electronic voting machines that Diebold, an Ohio company, manufactures. Pretty interesting stuff, though there are links in the article to anti-war sites, and near the end the column takes on an all-too-often "Linux is great, everything else sucks" sort of tone when referring to electronic voting machines in Australia.

I was surprised to read that voting results were transmitted across the internet.

Pretty frightening to me.

Monday, November 24, 2003

The Hell of Blackouts

An interim report on the August 14th US-Canada blackout was recently released. The document is over 130 pages, and talks about several causes of the blackout, but the most interesting thing is that it seems that when it started no one knew what was happening due to computer malfunctions.

The report starts with an Executive-type review of the way the systems interact due to the difficulty of storing and transmitting electricity. One of the inaccuracies in the report state that electricity travels at the speed of light. I had myself been taught 250mph by one of my Ohio State University Physics Professors, but it appears that is wrong as you can read about here and here. It is interesting, but dry. I don't blame the report writers for not being so accurate about a scientific fact, due to their final target audience, but it makes one wonder what else they 'glossed over' in their 'interim' report.

The main computer system that monitors the electrical grid for FirstEnergy (FE) in Ohio (just a few hours north of where Jack lives, and the start of the blackout) is the GE Harris XA/21 EMS system. According to the documentation, it is a UNIX based system that uses the TCP/IP network protocols (the same ones you use everyday on the internet), ODBC (Open DataBase Connectivity) standards to a SQL (Standard Query Language) POSIX-compliant Database backend. The system is programmed in ANSI C and FORTRAN.

What this essentially means, and as in indicated in the brochure, is that it uses "Open Systems". Which is industry standard protocols and programming interfaces that allow any other types of systems to connect to it.

It's kind of how the Internet works.

Pretty much everything on the Internet uses "Open Standards", or you'd be downloading a new program everytime you visit a new website.

Now, for all of you Conspiracy Theorists, time to get out your foil hats. (I've been harping on the foil hats a lot lately).

James over a Hell In A Handbasket tends to "pooh-pooh" the possible threats of a cyberattack, but I think this is a case that proves it could do a lot of damage if launched against the right targets.

The shit really started to hit the fan at 12:15 PM ESDT, about 3 hours before the blackout.

Oh, did I mention that the FE's GE XA/21 systems' software hadn't been updated since 1998? Guess how many Unix-type operating system vulnerabilities have been released in that 5-year period? Lots. Who knows what other modules the system was running? But I digress.

Anyway, just after Noon, one of the monitoring systems quit working due to "inaccurate data" (buffer overflow anyone?). However, no one at the main control center knew it. This caused another large generation unit in Eastlake to shutdown around 1:30 PM, and around 2:15 PM the alarm and logging computer system (that darned XA/21) was completely dead and useless. At 3:05 the whole blackout started and quickly put millions of people into darkness.

We're lucky that more people didn't end up hurt during that outage.

Losing the Eastlake plant itself didn't cause the blackout, but because the computer system was FUBAR'd, no one knew what was going on. The report says that the fact that operators were unaware of what was going on due to the computer failure, and the lines falling into trees were the two main reasons for the blackout.

OK - It wasn't that no one knew what was happening, in fact one of the employees of FE called around to get some things reconfigured to support the high-load that was happening that day, but because of the monitoring system failure, he wasn't working with enough information. In fact, someone figured out that a monitoring device had failed, and turned the system off to correct the error, but then went to lunch, forgetting to turn the monitoring system back on. Even though the monitors run every 5 minutes, no one noticed it wasn't working right until an hour-and-a-half later.

So someone turned it back on.

But by now the data that was coming across was bad, and while a systems engineer identified the possible problem with the grid at about 2 PM and finally called the main operator an hour later, the main operator mistakenly saw that everything was running fine. It took another 20 minutes to get that straightened out, and then another 20 minutes to get the system reporting everything correctly.

That was 2 minutes before it all went to hell.

You see, about 2 hours before that, the alarm and logging system had went down.

At about 2:14, the system wasn't reporting anything of any use. In the next 30 minutes, FE lost the primary and backup server completely. Both systems died? The report doesn't say conclusively how they failed (though some theories are discussed later).

But guess what? No one monitoring the system noticed the servers had crashed for an hour.

Guess Homer had too many donuts that day.

AEP had even called FE to report problems, but of course since the system was down, FE reported no alarms to logged problems. DOH! The backup server had failed 13 minutes after the primary server, but still no one noticed.

Well, no one WORKING noticed.

The system did automatically page the IT staff.

Everyone who works at the building with IT staff knows that things can go wrong, but the IT staff doesn't tell anyone, other than "we've got a system down and we're working on it".

Don't want to look bad, ya know?

The report supposes that data "overflowed the process' input buffers" (see buffer overflow above) in the system, which caused the alarm system failure. This means that neither the server or the remote terminals spewed out any data about the grid problems. Oops.

Since the data overflow wasn't stopped, when the system transferred over to the backups, the backup servers failed as well under the data load.

This overflow, as it was happening, caused the refresh rate on the operator's screen to refresh only once every minute, as compared to every 1 to 3 seconds as normal. These screens are also "nested" underneath the top level screens that the operators view, thus slowing things down to a crawl.

By now the IT guys arrived, and "warm booted" (reboot without power off) the systems. The IT guys checked the servers and saw that all was good, but never verified with the control room operators that the alarm system was functioning again.

"Just reboot it, and we can go home guys, no one will notice that anything major was wrong".

What's interesting is that the operators hadn't noticed the real problem. They hadn't called about the alarm system problem until about an hour after the IT staff started working on things (and had 'fixed' it 30 minutes before).

The alarm system displays had "flat-lined" (didn't go to zero, but just stayed at where they had been at the point of failure, which would be unusual due to normal voltage changes in the grid) and no one seemed to notice or care.

Once they did figure out what was wrong, it was too late. The cascade had started, and the operators didn't want the IT staff to "cold-boot" (power off and restart) all the systems, because they were afraid that they wouldn't have any data after that, even though what they had was pretty useless.

The rest is history.

I don't know if these systems are connected in any way to the Internet, but I'd be surprised if they weren't. 100% isolation of a private network is difficult to maintain these days. Someone somewhere always hooks something up to help them get easier access to resources they need. If someone mounted a concerted effort against utility and power systems through these connections, it would be easy to see how it could get many people hurt or killed.

It's all the computers fault.


Monday, November 17, 2003

Now Jack's Heard Everything

It's getting harder and harder to keep computer systems patched with the latest updates and fixes. It's a real problem of resource management in many IT shops today.

So now we're told that we need to watch out forvirus writers from outer space.

I don't believe it. This guy watched Independance Day (ID4) too many times. You know, when Jeff Goldblum took his Mac iBook up to the mothership and introduced a virus in their system that caused havok.

Heck, we can't even get our own systems to integrate correctly. How's an alien species going to hack our operating systems without knowing anything about them.

You know Mr. Carrigan wears a tin foil hat to go along with his tin foil wallpaper.


Thursday, November 06, 2003

Matrix Revolutions (No Spoiler)

Just finished seeing it. What is nice about the series is that you can basically watch the first one, and the story is finished. The rest is just a wild acid trip. I've been drunk, but never stoned - though now I think I have an appreciation as to what it feels like.

As far as Matrix Revoltions go, I only have three letters to say about it:

(Explanation: First one is in "Matrix Code" Font, Second is in "Matrix Schedule" font.)

Tuesday, November 04, 2003

Cool Weaponry

I probably should have forwarded this on to Anna for comment, as in my perusing I was directed to an article about microwave weapons the military is developing.

It's really cool. Especially the part about how the directed beam versions have to be "pulsed", unless you want to create a bit of white-hot plasma.

Ahhhh, makes one think of one of my favorite Arnie scenes:

The Terminator: The .45 Long Slide, with laser sighting.
Alamo Guns Clerk: These are brand new; we just got these in. That's a good gun. Just touch the trigger, the beam comes on and you put the red dot where you want the bullet to go. You can't miss. Anything else?
The Terminator: Phased-plasma rifle in the forty watt range.
Alamo Guns Clerk: Hey, just what you see, pal.

Sounds like Plasma-rifles are just around the corner.

Hats, Caps, Stetsons, Fedoras = Linux

The big news in the Linux world is that RedHat is no longer going to support the current versions of its RedHat Linux (6.x, 7.x, 8.0, and 9.0) after this coming April. Some think this means the sky is falling.

Of course, as this reply to the Slashdot article says, its hardly that. In fact, as several of the linked articles state, RedHat is pushing people towards Fedora, which is basically the beta of the next version of RedHat. I'm looking forward to the changes, as Fedora is supposed to be more "bleeding edge" with updates, something 'normal' RedHat Linux was slow to adopt, because of the testing that goes into a product that a commercial company charges for.

If you read the Zone-H article, it would seem that its the end for "free software" ala Linux. It's time to move to some version of BSD or other 'free' distributions of Linux. Of course, there are literally hundreds of available distros for Linux. The author of the article even begins whining...well you read it:

"WhiteHat should be the 'good' hackers, while 'BlackHat' the bad ones (the bad guys). What does RED stands for ? If you hope it was meant for communism.... it looks dramaticaly just like the passage from Lenin to Stalin: from revolution, spirit of freedom and unity of people, to just another dictatorship. Thank you RedHat."

So Communism is good, Dictatorship is bad.

Actually, both are bad. Which is why Linux is going more commercial. Find something that is useful. Improve it, like RedHat (or any of the other distros compiled by commercial companies) did, and then charge for your efforts. It's the way commerce works.

But many of these Linux zealots seem like they are straight out of the 60's with communal farming = community programming.

It just doesn't work in the long run.

Since the core of Linux will always be free unless the GPL is revoked, anyone has the ability to roll your own. So quit whining, you want free stuff? Build it yourself. You want a nice packaged deal that does all the work for you? Pay the people who take the time to do it. Since the Fedora project takes input from the users and developers who get it for free, they are paying for the distro with the labor. It's still not free.

Monday, November 03, 2003

Trust No One!

That was the mantra of an old favorite Role Playing Game of mine, "Paranoia". (Before they ruined it with the 2nd edition)

So, back to the point.

I'm working on a client's computer this weekend. It has two problems, CPU Utilization in Windows XP is a constant 100%, and Microsoft Word would not open any files. So I start poking around with the obvious things. Spyware and Viruses.

The computer already has Norton Internet Security on it (up to date), and the user ran Adaware multiple times. With the CPU being at 100%, I didn't want to try to run anything on it. Besides, if it was compromised, it wouldn't have done any good. So off comes the cover, out comes the hard drive, and in it goes to my forensics workstation, which has several versions of different scanners of different types.

So I run Command Antivirus, Norton Antivirus, Trend Micro's Housecall Web-based Free Scanner, Spybot Search and Destroy, Adaware (again), McAfee's AntiVirus, Grisoft's AVG. Basically, the kitchen sink of scanners.


Didn't find a thing, and CPU was still at 100% when the Hard Drive was replaced.

OK - System process was using 80-90% of CPU time. That usually indicates a device driver using the wrong version (Say for Windows ME, which this machine originally had installed.)

Check all the drivers by hand. All are the Digitally Signed XP versions. Shoot. No dice.

Check the registry (where I should have started). Found buried in an obscure section a reference to 'server.exe' (Sub7 trojan program) and 'systray.exe' where it shouldn't have been (another Trojan). Removed those two files, reboot.

System works fine now.

The date on the Trojans were October 24th, 2003. I took the hard drive out of a system and scanned it in another, yet it never found those two programs (One in C:\ and the other in C:\Windows\System32) even though they were in non-hidden directories. The drive was even formatted in FAT32, so it didn't have anything to do with file permissions or ownership. The Anti-Virus program on the system had been there for 8 months and was kept up to date.

Still feel protected by your Anti-virus programs?

Think again.

Just be careful using your system.

Wednesday, October 29, 2003

Dumbass Disposable DVDs

A while ago, there were several articles about the idea of selling disposable DVDs. The idea was that the DVDs would be encased in an airtight package, and once opened and exposed to the air would begin to darken to the point that after 48 hours they would be unusable. This way you didn't have to return the DVDs to the rental store. No late fees, no hassle, you just throw them away.

Sure, a nightmare for the environmentalist wackos among us, but it could work.

Blockbuster rents DVDs for $4.29 around here, and with the ability to buy the latest releases at the local Walmart for $14-$16, it's just not worth renting anymore. I'd rather spend the extra few bucks and buy it straight out.

So I liked the idea of throwaway DVDs, almost no retail overhead for the manufacturers, so I thought it would be cheaper.

So along comes "EZ-D", the throwaways in test markets.

As you can see from the article, they aren't going over too well. At $7 a pop, I'm not surprised. What are they thinking? SEVEN dollars for two days of viewing? Again, when you can buy the non-disposable ones for just a little more why would you buy throw-aways for such a price? Sell them for $2-$3, and I'm in; otherwise forget it. Hopefully their test market data will tell them that.

Monday, October 27, 2003

In My (And Every Other Man's) Dreams

I am willing to make a bet that many of us men can get our wives/fiances/girlfriends to read this one, and not look at the URL.

I'm going to give it the old college try.

Jack's willing to volunteer for any women out there who want to see if this is indeed true. Just drop me an e-mail, I'm willing to travel.

Sunday, October 26, 2003

I Couldn't Believe My Ears

So I'm flipping channels on my Hauppauge WinTV device that allows me to watch TV on my computer. Yes, it's the ultimate in sensory overload; TV and the Internet.

Anyway, I flip over to Fox News, my preferred Cable News Channel (like that's a surprise), and there's Geraldo. Yes, Geraldo, who couldn't get a good gig anywhere (for good reason), and Fox has him because he's a left-leaner and they picked him up back when the Big 3 networks noticed that Fox was taking some of their viewers. Well, in their attempt to paint Fox as being the extreme right-wing news source, they caused the upper muckity-mucks at Fox to hire Geraldo for some 'balance', and now they're stuck with him.

Even if he did get kicked out of Iraq.

So, here he is on his show (which I didn't even know he had), talking about the Kobe Bryant case (which I could give a shit about), and in a straight face he's speaking about dried semen and pubic hair on the victim's underwear. He also has some Forensic Pathologist there, whom he's asking how accurate the science is for determining how old the crusty spooge is.

Please Fox, dump Geraldo and quit reprinting AP stories on your website.


I'll even pay for a subscription.

Saturday, October 25, 2003

Updated Redhat 9 Java Installtion for Mozilla 1.5

A while back I posted instructions to installing the Java plugin for Mozilla on RedHat 9 Linux. I've added a section for Mozilla 1.5 and the new J2re1.4.2_02 version of the Java Runtime Engine and Plugin.

If you're stuck, like I was (again), go there and check it out.

Oh, and I would suggest running Mozilla Firebird as a browser on Linux OR Windows. IE is no longer my default browser due to all of the recent security problems plaguing it. These vulnerabilities allow all of this damn spyware that innundates everyone's computers these days to be installed without the user's knowledge simply by visiting a website. Do yourself a favor and try it out. Save yourself some time and get the Windows Installer Version of Firebird 0.7 by clicking here. Otherwise you'll have to unzip it yourself, put it in the right places, and make registry changes.

Yup, the installer is easier.

Thursday, October 23, 2003

Poor Man's Drive Imaging and Backup

Most of you have probably heard of products like Norton Ghost, Powerquest Drive Image, or similar disk imaging software. If you need to create an exact duplicate of the data so that you can restore it quickly in the event of data loss or hardware failure these two products can fill your need. There's even partimage, that will make an image of a drive and compress it for restoration later.

However, Norton Ghost and Drive Image are rather pricey (close to US$1000) if you want to back-up a non desktop OS like Windows 2000 Server (Standard or Advanced) or Windows NT Server. The consumer level version of these products won't install on those OS's, and partimage only experimentally supports NTFS.

And what if you don't have the money to buy these products, especially if you need to backup 20 or so servers or workstations from time to time.

Along comes a neat little *nix (or *BSD) tool called dd. It is a very powerful (and dangerous) tool that takes input from any sort of partition (/mnt/path), device (/dev/hda), or even a network mounted (NFS, SAMBA, nc) sources and outputs it to the same myriad of destinations.

The simple way is to use dd to create an image of a hard disk and copy it to another disk. This will give you an exact duplicate of the original disk, free space and all. However, if you are only using 10GB of a 60GB hard drive, you waste a lot of space imaging the empty sections of your disk. On a server this could get to be quite a headache, as you can have many large drives to image, and would require the same sized disks to back them up on.

So, in the tradition of other articles such as "Poor Man's Ghost", I present to you instructions to take any source drive and back it up, all while compressing the image so it takes up quite a bit less space. For this set of instructions, all you need is a secondary hard drive to store the images on, and a bootable CD Linux distro such as Knoppix (or any of its variants).

In my example I used Knoppix 3.3 to backup a 60GB Hard Drive with Windows XP Professional installed. The disk image storage drive is 120GB, enough space to normally store two 60GB images.

I'm going to assume this is a brand new backup drive, so I'll walk through the steps of creating a partition and formatting it for use.

First boot the Knoppix CD, and at the prompt type:

knoppix 2

This will boot Knoppix into Console-only mode. You can optionally just press enter at the prompt and work with the full KDE interface, but its not really necessary.

So, in our computer we have two IDE hard drives (original and backup) and one CD-ROM drive. Usually (though not always), the Master drive on the primary IDE channel is hda, the Slave is hdb, on the secondary IDE channel you have hdc (Master) and hdd (Slave). In our case both hard drives are on the primary channel, so the original is hda and the backup drive is hdb. This isn't really a good idea, due to IDE signaling slowing down transfer rates on the same channel, though if you have SATA (Serial ATA) this is not a problem - but for this example it makes things less confusing.

If you aren't sure which disk is which (and even if you are I would recommend doing this), issue the following command:

root@tty1[/]#fdisk -lu

This will show you a list of all of your drives, their sizes, and partition types. In our example, one shows NTFS/HPFS (hda) and the other shows no valid partition (hdb).

Knoppix and most CD distros don't turn on 32-bit drive access and DMA by default, so we're going to do that here so that we can increase transfer rates by 400-500% over 16-bit PIO mode:

root@tty1[/]#hdparm -c 1 -d 1 -k 1 /dev/hda (If your hard disk supports 32-bit I/O "c" and DMA "d")
root@tty1[/]#hdparm -c 1 -d 1 -k 1 /dev/hdb (If your hard disk supports 32-bit I/O "c" and DMA "d")

Now we're going to prepare the new disk by creating a new primary ext2fs partition on hdb that uses the entire drive:

root@tty1[/]#fdisk /dev/hdb
Command (m for help): n (For a new partition)
Create primary partition #1 with size equal to entire disk('p', then '1', then 'return')
Command (m for help): w (to write the changes and quit)
root@tty1[/]#mke2fs -c /dev/hdb1 (Will use entire partition)

Now we're going to create a directory "dskimgs" to hold our image, and mount our new partition to that directory:

root@tty1[/]#mkdir /dskimgs
root@tty1[/]#mount -t auto /dev/hdb1 /dskimgs

We should be now all set to make an image of the original and compress it, storing the image into a file called 'diskimage.gz'. We use gzip and maximum compression "-9" here. You can use any compression agent you wish, its just that gzip is usually present in any distro by default.

root@tty1[/]#dd if=/dev/hda bs=1k | gzip -c9 > /dskimgs/diskimage.gz

In that line, we take dd's input and pipe it to gzip a 1024-byte size block at a time, which with the -c option sends the compressed image to standard out, which we redirect to a file. You can try larger bs= sizes if you have the memory for it, since the compression is done in memory. I've used 1024K blocksizes before.

This takes about 90 minutes to run with our original 60GB hard drive. After its done, we have a 14GB file which contains an exact duplicate of the original drive.

How do we restore our image from hdb to hda if we need? Easy, just do most of the same steps with a change in our last command:

Boot the Knoppix CD:

knoppix 2
root@tty1[/]#hdparm -c 1 -d 1 -k 1 /dev/hda (If your hard disk supports 32-bit I/O "c" and DMA "d")
root@tty1[/]#hdparm -c 1 -d 1 -k 1 /dev/hdb (If your hard disk supports 32-bit I/O "c" and DMA "d")
root@tty1[/]#mkdir /dskimgs
root@tty1[/]#mount -t auto /dev/hdb1 /dskimgs
root@tty1[/]#gzip -cd /dskimgs/diskimage.gz | dd of=/dev/hda

The last line uncompresses the drive image to standard out, which we pipe to dd's output which is the hda drive.

Now remove hdb and reboot, and your OS is back just like it was when you imaged it. (In our example, the restore took about 30 minutes to complete).

DISCLAIMER: Use this at your own risk, no guarantees or any other warranties are implied or transferred. This may or may not work for you.

Tuesday, October 21, 2003

I Had To Come Back To Comment

Yes, I know it's been almost 3 months since I've put anything here, but I had an experience today I have to share.

A local man, his name is Matt, returned from Iraq for his 15-day leave and arrived in Columbus to see his Mom and the rest of his family.

His Mom hadn't seen him in a year. His Aunt, an old neighbor of mine, moved about a mile away a few years ago but has stayed in touch. She was throwing a 'Welcome Home' party for Matt, and all of the Neighbors (new and old) were invited over to celebrate and show our support. Matt is with the 101st Airborne and is stationed in Northern Iraq, though he's seen action many places from what I was told. He's going back soon, but we all wanted to go over and say "thanks" for helping to protect our country and our livelihood.

I'm not sure who tipped them off, but the local media showed up and started interviewing everyone about what was going on in Iraq and what it meant to have Matt back for a short time.

I myself have little use for the media, and tried to stay out of the way. Thankfully no one from the TV stations or newspapers asked me for my comments. Though they would have been just like Matt's, which I'll speak to in a moment.

I heard two of the reporters whispering that they wanted to get camera shots of Matt's Mom's face when she first saw him after a year. Unluckily for them, I was the only one left on lookout outside when Matt arrived, and OOPS, I forgot to tell them that he had arrived and was outside until after his Mom had already greeted him. Heh.

Anyway, when the reporter approached him he pushed away the microphone and immediately began talking about how Iraq was nothing like the terrible place that we the American public were hearing about in the news, but instead that the Iraqi people had never had freedom, and now that they had a taste of it they wanted more, and how glad they (the Iraqis) were that we (the Americans) were around. He thanked the crowd and that was about all he said to the news media. He wanted little to do with them.

I had been bothered by the almost 100% negative coverage we had been getting from the media on the situation in Iraq, and was glad to hear that what I (and many others) suspected was true. I wholly believe there is both a conscious and unconscious effort on the part of the media to just make our President, George W. Bush, look bad no matter how good things are really going.

Made me feel proud, it did.

Tuesday, July 22, 2003

Is This Still Here?

Wow. I'm surprised Blogger hasn't killed this place due to lack of activity. Yes, its me - the busy guy running his business. You'd think I'd have a few minutes to write something here, but when I can manage to get a few free minutes, I don't know what do post about.

So maybe I can just make you laugh.

Until next time...

Monday, June 09, 2003

Hell Of Being Skinned Alive

That's where it's going to feel like you are after reading this post. Yes I've been slacking again, so this will be a long rambling article that will jump from subject to subject without any cohesiveness.

Actually, I had written this article once before, about 3 days ago. Spent an hour or so writing it, and it was witty, well written, humorous, and something everyone would want to read. Well, that's the story I am sticking to, and you can't go back and see what I typed up to prove differently, because its gone.

Long gone.

You see, I was doing the article on my laptop, like I am now, only I was running Linux. I was typing it in Blogger's interface and copying and pasting the article as I went along to Open Office Writer. Open Office is a free "Office" Suite that is very similar to Microsoft Office. It has Writer (Like Word), and also an Excel and Powerpoint Knockoff, as well as a few others. It comes in Linux and Windows versions. If you can't afford $400 for a Microsoft Office Professional License, and you aren't a student, give it a try. It will read Office formatted files, so you can still open Word, Excel, and Powerpoint documents you get mailed to you.

Anyway, you are probably thinking at this point that Blogger crashed and lost my article. Nope. It was Open Office's fault, I was using the spell-checker, and it spawned a runaway process. No, the machine didn't try to run away, but the process was so bad that I couldn't do anything but reboot, and I lost the whole document.

So here I am again, going to give it the old college try again. Only this time I am in Windows 2000, and using UltraEdit as the master copy, and will paste it into Blogger once I am done. Speaking of Blogger, James over at Hell In a Handbasket has moved off Blogger and onto a Hosting Service using Movable Type. Damn, now I have to update my blogroll. I understand the draw on moving off, and I was thinking about it myself, but I've been too busy/lazy.

Speaking of laziness, that leads me into something that pisses me off to no end. I recently bought a bike, and have been tooling around the neighborhood getting some lower-body exercise, and chasing the kids around too. There's a Super-Megastore about two-miles ride from my house (much closer as the crow flies, but longer taking the back roads), and I've been biking up there. Well one day the weather looked a little dark, and so I drove up, not wanting to ride back in the pouring rain. It was about 2:00 in the afternoon on a weekday, so the parking lot was pretty empty.

Other than the shopping carts.

Meijers, like many other stores, has those 'cart corrals' where you can place your shopping cart after you empty the contents into your vehicle. The corral keeps the lot clear of those kamikaze carts that seem to be pointed in just the right direction to get blown by a slight breeze and crash into the side of your or someone else's brand new car, putting quite a dent in it.

However, as I have noticed before, there are carts left out in the open, but within six feet of the nearest corral! [That's 2 meters for those not in the US]

Now Come-on People! I'm a reasonable guy, but I'm seeing a very unreasonable thing. I mean, we're not talking about pushing an empty cart that far. OK - I'm no skinny-mini (though I'm trying to get there), but dammit, you used your carb-bloated body to push the cart full of twinkies, bon-bons, potato chips, and other sugar-laden items to your car, at least you can have some consideration and waddle your cart over to the corral. You might burn off a half a bite of that melted Snicker's bar you have in your hand. I wouldn't have been so miffed if it was one or two carts, but it had to be at least 15-20. If you're an old Granny with a walker, get one of the Meijer's baggers to take your stuff out to the car. Dammit.

Speaking of Mega-stores, why do I shop at Walmart? The parking lot is full almost everyday, but there's more teeth in a toddler's head than there is in the whole store. Maybe its for the greasy hair and tattoo show? No, dammit, its the prices. My friends over at Chaos Theory call me the "Ferengi", and I suppose its somewhat true, and I can't argue with saving the money when stuff is considerably cheaper. We even have a "Super" Walmart with Groceries as well.

(Insert your favorite Redneck joke here)

Walmart is a cultural melting pot. I can get as much culture as I can possibly stand there, though not of the kind I'd like. Maybe I'm getting to elitist - oh well, so be it.

Speaking of Culture Shock, I received an emergency call through a Sales Dude at a large Telecom provider. Seems one of his clients had a major routing problem, and it had taken one of their manufacturing centers off-line. Those if you in manufacturing know that having a plant down is a bad thing, especially if its due to computer failure. You're losing money each minute the assembly line isn't running.

This however, was a new and strange experience for me.

The company headquarters is in the Far East, and the main facility in Ohio was where I was headed after speaking with the IT Manager there. It's about a 30-minute drive from my place.

Once I arrived, I could see that the plant was run just like it is over in that country in the Far East. It was strange, there were few "offices" as most everyone worked out in the open and wore a single-colored coverall with the with company name and their surname on it. Even the executives and managers wore them, so you really couldn't tell who was who in the pecking order. There seemed also to be two distinct "chains of command" and separation depending on what language was your native tongue.

It seemed to be quite a chore to get anyone to make a decision, in fact, there was argument about replacing some defective network equipment, which along with my charges were minimal compared to the money being lost due to the connection to one of the other plants being down. Once they decided to order the equipment, it was going to be a day before the stuff got there, so they sent me on a two-hour drive to the remote plant the next day to configure the router on that end.

I discovered the "Certified" Network Admin, who kept offering excuses why he didn't know how to work on the equipment, was pretty clueless, even in the stuff he "knew". The defective routers were a different brand than his certification, however I have discovered that a router is a router is a router (at the lower levels), the interface is just a little different. So I walked him over the phone getting his side configured as well. Everyone thanked me for the job well done, and I was on my way. I have a feeling the IT Manager will be calling me straight away next time there is a critical system down.

Speaking of people calling for business, I was at my eldest daughter's last day of school pool party. She's starting 2nd grade next school year, and one of the pools local to the school opened up just for the kids getting out that day. I was headed over to the concession stand, feeling like a dirty-old man (did the Senior girls look like THAT when I was in school? Wow.), when the owner of the pool walked up and said "Hey, aren't you that computer guy?"

I had no idea who he was or how he knew me.

Feigning familiarity, I nodded in the affirmative. He asked for my business card, which I retrieved from my car. He was muttering something about a crashed computer and a family member, and he'd need my help. It was neat, I had never had that happen before, and the wife was speechless as well. She couldn't believe it either.

Speaking of the computer business (I'm trying to tie these sections together, OK?), James sent me two articles. One was about FastTCP, which supposedly was going to speed TCP/IP connections up to 6,000 times. Problem is, the author of the article either misunderstood or fell victim to some tech-speak from some money-hungry researchers. Sure, TCP/IP has some overhead, but not nearly enough to account for that much of an increase. It takes bandwidth, not just fancy packet-mangling.

The other article was about a Professor of Video Gaming. This guy wants to start a curriculum that focuses in creating and programming video games. Now you might think this is a little bit of a stretch, but in reality, computer games are about the only software that pushes current systems anywhere near their capacity to perform. However, the guy in the picture looks too young and geeky to be taken seriously.

I have been interested in High-Speed Internet Access Over Power Lines. There was a company during the hey-day of the DotComs that was working on transmitting 4Mb/s (about 2x faster than the fastest common home high-speed connection) over the nation's power grid. This would have been perfect, and allowed those out in the boonies instant access to a much faster internet experience. However, the transformers along the way blocked the signal, and they were unable to work around it. Well, they've finally come up with a solution, but it is quite expensive.

Finally, I leave you with this. Click it if you dare.

"I like da moon...."

Saturday, May 31, 2003

It's Not Supposed To Be Funny...

Most of you have probably heard of Massive Multiplayer Online Roleplaying Games (MMORPG) like Everquest, Ultima Online, or others.

Well, it seems that one of these MMORPG's, Shadowbane was cracked by some players who turned it into a massive bloodfest.

Now, breaking into systems is against the law, and people put lots of time into these types of games. But I found myself laughing out loud as I read what the people who broke into the games' code did. It was interesting to read that some players in the game also found it funny, but I'm sure there were those (who live their lives in games like this) that were mortified.

(Via www.hackinthebox.org)

Friday, May 30, 2003

Look at this Cool T-Shirt

Many of you have asked "Who is Jack Burton?", and I have directed you over to The Wingkong Exchange, an awesome website run by Josh Horowitz. It's probably the best website around for Big Trouble In Little China - the movie of which Jack Burton in the main character.

Josh has gone and had the original shirt that Jack Burton wore in the movie recreated. So head over there and get one (or two, or more). You can also read all about the best movie ever made (In my not so humble opinion).

Tuesday, May 06, 2003

More on SARS and ARDS

A while back I posted about SARS and ARDS. I didn't quite understand ARDS and how it related to SARS. In fact, I wasn't sure if it was a disease or simply the results of another disease and/or injury.

Eileen Rubin Zacharias, President of the ARDS Foundation was kind enough to send me an e-mail explaining:

"Jack, unfortunately, ARDS can be caused by anything. Currently, there are approximately sixty known precipitating causes. And one of our doctors, in fact, one from Toronto, verified that SARS has indeed become yet another precipitating cause to ARDS; Every ARDS patient is ventilated mechanically, most put into a drug induced coma for days, weeks or months. Half of those who get ARDS die. No prevention and no cure for ARDS. No press, either.

Dick Schaap, sports commentator, died from ARDS about a year ago, last January, after knee replacement surgery. (article copied at the bottom of the email) Jim Henson died from ARDS, but that was five years before I got it, and I was ill in 1995;

Here are all of our SARS/ARDS posts:



And this is what ARDS patients look like in crisis: http://ardsusa.org/patientphotos.htm"

People, January 14, 2002

Copyright 2002 Time Inc.

January 14, 2002


LENGTH: 314 words

HEADLINE: Great Sport;
A gift for storytelling--and making friends--defined sportscaster Dick Schaap

Dick Schaap's last weeks were nothing like his vibrant life. The celebrated sportscaster checked into Manhattan's Lenox Hill Hospital Sept. 19 for what he thought would be routine hip replacement surgery. But acute respiratory distress syndrome, a rare complication of surgery, caused his lungs to fail, and the normally garrulous Schaap, 67, lay still and silent in intensive care for 13 weeks before he died on Dec. 21. "It's unbelievable," says his son Jeremy, 32, a fellow ESPN sportscaster. "He was perfectly healthy when he walked in, other than a sore hip. He couldn't have been busier." (Lenox Hill declined to comment.) Known for his quick wit and graceful writing style, Schaap will be most remembered for the passion he brought to his work. Born in Brooklyn, he was a columnist for the New York Herald Tribune before branching out to television in 1971 to report for NBC and later ABC. His poignant, intimate stories, such as one on AIDS-stricken decathlete Tom Waddell, were landmark features, and he would go on to win six Emmys. But Schaap also took on politics and pop culture, writing more than 30 books, including the seminal 1968 sports confessional Instant Replay with Green Bay Packer Jerry Kramer. "He was the smartest, funniest, quickest guy in the room," says Mike Lupica, his friendly sparring partner for the last 12 years on ESPN's The Sports Reporters. "You couldn't top him."

Yet the outgoing Schaap, who was married three times and fathered six children, took as much pride in his legion of friends as in his work. In his last days, though, only flashes of his lively, generous spirit remained. When Lupica came by the hospital, Schaap, by then unable to speak, slowly lifted his IV-strapped hand. "He gave me the finger," says Lupica with a laugh. "It was like he was saying, I'm not in great shape, but I'm still me. It was pure Schaap."

GRAPHIC: COLOR PHOTO: NEIL LEIFER, "I collect people," Schaap (with Muhammad Ali and Billy Crystal in '01) once said.; COLOR PHOTO: ADAM SCULL/RANGEFINDERS/GLOBE PHOTOS, "He had so much respect for those he covered," his son Jeremy says of Schapp (in '00).

LOAD-DATE: January 3, 2002

I suggest you head over to the ARDS Foundation Website and read about it. I don't see any links for donations, but if you are interested, drop a line to Eileen, and I'm sure she could arrange something.

Tuesday, April 22, 2003

Come-on, Give Me A Break

"Now this really pisses me off to no end!" - David Lo Pan, Big Trouble In Little China

Excuse me, but I am tired of the sycophantic, whiny, brain-dead morons who insist that because some money gets taken away from them due to their cavernous piehole spewing forth unintelligent political statements against the people who are giving them the money that their "rights" have been abridged.

What am I talking about?

Well, Jack's referring to Mr. Theo de Raadt (Is it pronounced "Rat"? It should be), the lead developer of OpenBSD, an allegedly secure Operating System (Based on Berkley's BSD Unix-like system). The Defense Advanced Research Projects Agency (DARPA) recently awarded a 2.3 million dollar grant to Mr. Raadt's group to increase security and do other research and development with the software system to make it even more secure, so the military may use it as well.

You would think that a person with a highly developed technical brain would figure out it was asinine to make disparaging statements about the organization giving him the money.

Let's see, someone hands you millions of dollars from another country to help you work on your project, and you say things like: "I actually am fairly uncomfortable about it, even if our firm stipulation was that they cannot tell us what to do. We are simply doing what we do anyways — securing software — and they have no say in the matter," Mr. de Raadt said in a recent e-mail exchange. "I try to convince myself that our grant means a half of a cruise missile doesn't get built." He also goes on to say: "We're not doing anything for them. They just fund us to do what we do," said Mr. de Raadt, a 35-year-old graduate of the University of Calgary's computer science program. Mr. de Raadt is no fan of the U.S. military at the moment. He calls the war in Iraq an oil grab. "It just sickens me."

Then, he has the gall to whine, bitch, moan, and complain when the military pulls funding for the project.

What the hell was he thinking? Obviously there's little in his brain other than 1s, 0s, and computer code. If he's going to shoot off his mouth, he has to understand there will be consequences. Then get this, somehow he relates the money-pull to somehow limiting his speech: "In the United States today, free speech is just a myth," de Raadt said.

WTF? I just don't get how these people's brains are wired. I always knew that programmers were a different sort. Though you have to be to sit in front of a little computer screen and type out excruciatingly tedious and meticulous instructions for your very stupid but very fast computer to follow. How in the hell is this limiting his free speech? I didn't see the military holding a gun to his head and forcing him to take the money. I don't think he's in jail or has been charged with any crime, other than gross stupidity.

However, the sugar daddy took the cookie jar away, and now he's whining and crying like a 3-year old.

This is US Taxpayer money Mr. Raadt, we've worked hard for it, don't slap us in the face with your emotional rants and then complain when we take it back.

If he didn't agree with the US Government (and especially the military), which he is welcome to do, he should have never taken the money in the first place. Of course, most of the time those researchers have no idea how to put that amount of money to good use. They were using some of the cash to foot the bill for a conference of some sort, and now they can't pay for it. Serves them right.

Sunday, April 20, 2003

Wow, I Found My Champions Stats

Champions is a role-playing game (Dungeons & Dragons is probably the most famous) where the participants create and play Super-Hero type characters.

You know: the Flash, Spiderman, Superman, Batman - those types of guys.

Seems that someone made up the Champions' Stats for Jack Burton. Even if you don't understand most of the article, it makes for an interesting read.

Check it out.

Monday, March 31, 2003

I Don't Usually Spam E-mail

But this was cute:

Subject: Snappy Answers to ........

Young Americans will die in battle.
-- Would you prefer they die in skyscrapers?

The United States is taking unilateral action against Iraq!
--So far, it's a 90-member worldwide "unilateral" coalition.

We are in a rush to war.
--A 12-year rush?

Tough inspections can disarm Saddam Hussein without invading Iraq.
--12 years of inspections have done wonders so far.

We should let the inspectors finish their job.
-- We did. They didn't. We will.

Why fight? The Iraqi military is weaker than in 1991.
-- But their biological weapons and chemical weapons are much more dangerous.

There's no proof of weapons.
-- We know they have 'em, we know they hide 'em, and we have tape recordings and photographs. What more is needed? An Iraqi rocket in Martin Sheen's shorts?

If we invade, Saddam Hussein might use those weapons of mass destruction against us.
-- I thought you said Iraq didn't have them?

But terrorists might attack if we invade Iraq.
--Oh, so if we don't attack Iraq, terrorists will never strike again?

We shouldn't go to war without a UN resolution.
-- ANOTHER resolution? What about the last 18 resolutions? Shall we use them as wallpaper? Or shall we use the same resolutions Bill Clinton used in Bosnia? (he didn't go to the UN on Bosnia)

We don't have a real declaration for war.
--It's called "Joint Congressional Resolution #114."

We are giving 20 billion dollars to Turkey. We could use that money at home.
--OK, we'll use that money to strengthen our Iraqi border with Wyoming.

If North Korea has nuclear weapons, why aren't we invading them first?
-- Uh...hello...isn't that the point?

European leaders are against the war.
-- The Reichstag wasn't attacked. The Grande Place wasn't attacked. The Kremlin wasn't attacked. And the Jerry Lewis Lifetime Achievement Museum wasn't attacked. America was attacked. And besides, except for the
tantrums of France, Belgium and Germany, only three European nations aren't willing to defend freedom. The entire rest of Europe is with America.

The French don't support the war.
-- Oh, did they surrender already?

Germany objects to this war.
-- Germany objected to Reagan's "attitude" towards the Soviet Union. Of course, they objected to our presence in 1943 as well.

Belgians are against the war.
-- I can live without waffles and ice cream.

Russia doesn't support the war.
-- They are still angry over Reagan's brilliant Cold War victory.

Polls show Europeans are against this war.
-- Polls show Europeans believe their freedom was achieved by endlessly debating in marvelous dining halls, conveniently forgetting their right to be pompous blowhards was granted with American blood, not fabulous wine
and brie.

We should build a coalition with our friends.
-- With friends like these, who needs enemies?

What happens if we can't build a United Nations coalition?
-- Who cares?

But the UN is the world's most respected governing body.
-- Not as respected as the US military.

America has always waited until enemies attacked.
--Now that oceans can't hold back enemies, pre-emptive war is forever a necessity.

War will cost billions!
-- So how much is YOUR city worth?

President Bush says he's willing to violate the 1976 executive order forbidding assassinations of foreign leaders.
-- As soon as the ink is dry on rescinding that idiotic order, will someone please pull the trigger? The line forms to the right.

Many Senators don't support Bush.
-- Are you speaking of the Senators from Bordeaux?

Tom Daschle says George Bush has a "credibility gap"
-- When was the last time we came to Tom Daschle for the truth???

These problems didn't happen under Clinton.
-- Actually, they happened. But Clinton ignored them. Now, Bush will clean up his mess.

But Clinton didn't start a war.
-- Unless his girlfriend was testifying before congress.

Bush senior should have taken out Hussein in '91.
-- That 1991 UN resolution forbade a march on Baghdad. Remember?

Millions of peace activists are demanding we stop the war.
--Millions of Iraqi's are begging for us to start the war.

Thousands of innocents will be killed or injured.
-- That's a lot less than Hussein is killing right now.

Protesters have genuine objections to war
-- Just like they did in WWII? Korea? Vietnam? Panama? The Gulf War? Somalia? Haiti? Bosnia? Afghanistan?

People are coming from all over the world to act as "human shields".
-- Quick...hurry up...before the bombs start dropping.
This is about American Imperialism.
-- So which country do we own? Name our colonies? What nation sends us their tax dollars? If America was imperialist, we'd already own the entire world. Who could stand in our way?

This is Blood for Oil
-- The only blood is the Iraqi people tortured, starved and killed while Hussein builds massive palaces to hide nuclear weapons...all financed with Iraqi oil.

This is a racist war.
-- America happily endorses a multi-cultural attitude towards anyone who dares to take away our freedom. Regardless of race, color, or creed; we will hunt them down and kill them.

A U.S.-led invasion of Iraq is a great recruiting tool for terrorists.
-- Have fun recruiting people into oppressive misery as they enjoy their first taste of freedom.

An attack on Iraq could seriously undermine and destabilize Arab nations.
-- Destabilize the region? What stability? The sooner we topple these oppressive 14th century terrorist regimes the better.

Are we prepared for a multi-billion dollar occupation?
-- Were we prepared to liberate Europe and Japan in 1945? South Korea in 1953? Grenada? El Salvador? Kuwait? The Eastern Bloc? Afghanistan? Nations always love Americans when we rescue them from tyranny. The price of freedom is never free.

Polls show Americans are more concerned about the threat from al Qaeda than from Iraq.
-- It's not a war against Al Qaeda. It's not a war against Iraq. It's a war against terrorism. Anywhere we find it. One nation at a time.

American opinion is against the war.
-- No, it's not. A majority of Americans want to fight now, not later.

According to a recent poll. . .
-- You know what? Screw those polls. We're in a war against terrorism. If you don't want to fight the ones who would murder you and your family in a heartbeat, get the hell out of the way. Go visit Paris. Or Antwerp. Or Berlin. Or Moscow. And stay there. Forever. But this time, don't call us when the heathens are at the gates.

Coming soon to an e-mail box near you...

Saturday, March 22, 2003

Source of Maps of the Middle East

People have been looking for more detailed maps of the Middle East on-line. Here's a few:

Baghdad (area)

Kuwait (Political)
Kuwait (Relief)




Turkey (4016K)

Saudi Arabia


Middle East

Hope you find these links useful.

Friday, March 21, 2003

I Guess I'm One of The Lucky Ones Too

"We are the lucky ones"

Yeah, OK, I can hear some of you now (those people who live in negativity-land) who will grouse that those days were full of hidden child and spousal abuse, alcoholism, and racism. Well, we could have fixed all those things without changing the good things, no?

Thursday, March 20, 2003

It's Getting Worse

As you can see from this article, the SARS situation is getting worse. It appears that this outbreak started with a doctor from China (the area where SARS is thought to have come from) that was visiting a hotel in Hong Kong.

Cases have now been seen in Switzerland and New York City. I think this is going to get much worse before it gets any better. Since we have no treatment for this particular virus family, it's quite chilling to think what could happen in the next few months.

Monday, March 17, 2003

Hopefully Medical Technology Can Stop This One

Today the World Heath Organization and the U.S. Center for Disease Control released warnings about a Severe Acute Respiratory Syndrome (SARS). You can read a FAQ about the little we know about the disease here.

Due to the mobility of our population, the disease seems to be spreading rapidly. It seems to me to have some of the same characteristics of the Spanish Flu Pandemic of 1918. The theory at this time is that it started somewhere in the Far East (China, Vietnam, etc). At this time, 9 of the 150 known persons with the syndrome have died, which is a 6% mortality rate. Pretty darned high. It's a little early to panic, but there seems to be a lot of genuine concern in the medical community about this one.

I did some searching, and came across something that looked similar, the Acute Respiratory Distress Syndrome (ARDS) which has been around a while. ARDS is not a disease in itself, its what happens to persons when they have some injury to the lungs or already have pneumonia. I found a treatment for ARDS, which may be what the medical community is using to treat this one. ARDS seems to be a direct consequence of SARS, though they seem almost the same.

The Spanish Flu Pandemic (so called due to the fact that reporting about it wasn't censored in neutral Spain) appeared and disappeared quite quickly. In fact, in 1999 this article asks if it could happen again. (The article is Part 1 or 2, but I couldn't find part 2). In 1997, a new strain of Influenza that is carried by birds was passed to humans in Hong Kong.

Both this Flu and the Spanish Flu died off quickly. Which seems very odd to me. In 1918 there was little ability to fight it. What caused it to go dormant?

Also, at the time draconian laws were passed to try to limit the spread of the disease. People are complaining about the Patriot Act now, imagine what will have to happen if this syndrome manifests itself in the same manner as the Spanish Flu did. We can communicate warnings much better now than in 1918, and medical researchers can share information, but we also travel more freely, and the disease may spread more quickly than anything before unless we do something about it.

This, along with West Nile Virus are a little disconcerting to me. Hopefully technology can nip this one before anything bad happens. At a 6% mortality rate, and with one-quarter of the US getting the Spanish Flu in 1918, we could see 4.2 million fatalities if the same rates of infection occur.

I hope history doesn't repeat itself.

Wednesday, March 12, 2003

This Is A Great Country

I'm sitting here, blogging and getting paid. Another Computer Forensics case, this time looking for porn. So I'm getting paid to look at porn. What a great country, no? Of course, having to wait for the computer to do keyword searches of a large hard drives entire contents can take a while, so I have to wait before I find the stuff.

I started the case this weekend, and while I was waiting for an md5sum to generate after a dd bit-copy of a forensic image to an analysis drive I turned on the TV. It takes a while on some of these drives for the copy and checksum to generate.

So I'm flipping channels, and I come across The Quick And The Dead. Yeah, so the plot is no different than a million other spaghetti westerns, except this one skips most of the hoopla and gets right into gunfight after gunfight. Way cool. To top it off, Gene Hackman is the bad guy, and Sharon Stone is the main character. So we have one of my favorite actors to watch, and one of my favorite actresses to look at, along with gratuitous violence and debauchery.

I don't know how personable Gene Hackman is in real life, but he is a great actor. I've enjoyed him in all the films I've seen him in, from Lex Luthor in the Superman movies, to the conspiracy theorist in Enemy of The State. In this one, he is the guy we all love to hate, and Sharon Stone is the one who is looking to take him out. For some reason (yeah, right!) they have Sharon Stone sleeping with no pants, but still wearing her boots. Oh well, its a fun movie to watch if you don't need a complex story-line. It's just good entertainment. Then again, my moniker comes from my favorite movie of all time, Big Trouble In Little China, so who I am to say what is bad?

Anyway, I see the DVD (yes, it's out on DVD) can be had for around $10, so I think I'm going to try to find a copy locally and pick it up.

Tuesday, January 28, 2003

A Little Young To Be A Designated Driver

Maybe Dad had been drinking? Hmmmm. My oldest is 7, I don't think she could see to drive the car.
Could Blogging Be Dangerous To Your Health?

You...yes....YOU! Get up off your arse and get moving. Don't spend all day reading blogs, chatting, or playing your favorite on-line games! According to the European Repiratory Journal you can die from sitting in front of your computer for too long. Check out some of the comments to the article as well, you might find a few of them interesting. One woman claims her husband died from it. Of course, she says 1995 was when he died, long before the Internet was a popular as it is today. Probably died from a heart attack. Another guy built a computer desk that makes him stand to use it. Wow, that would just be too uncomfortable for me.

Well, do Jack a favor and move around a bit, wouldn't want you to die of a blood clot because you were spending too much time reading my blog.

Saturday, January 25, 2003

New Worm Crippling the Internet

If you have noticed that many sites are off-line or hard to get to, it is due to a new worm that is affecting servers running Microsoft SQL. It's affecting the core Internet routers. Here's a picture of the state of the Internet as of 8:00AM GMT 1/25/2003:

The techy explanation (Thanks to HD Moore (sflist_at_digitaloffense.net and Worm Info) for this):

A worm which exploits a (new?) vulnerability in SQL Server is bringing the core routers to a grinding halt. The speed of the propagation can be attributed to the attack method and simplicity of the code. The worm sends a 376-byte UDP packet to port 1434 of each random target, each vulnerable system will immediately start propagating itself. Since UDP is connection-less, the worm is able to spread much more quickly than those using your standard TCP-based attack vectors (no connect timeouts).

And also from HD Moore:

While there were some intermittent network problems before, it wasn't until about 12:00 AM CST (01/25/03) that the worm started causing seriouis trauma to UUNET/Worldcom's backbone.

The worm appears to be abusing a stack overflow vulnerability reported a few months ago by David Litchfield, the original advisory can be found here:


There are still reports of the worm successfully exploiting patched systems as well, but I have not been able to verify that.

Disabling the worm is as easy as killing the sqlserver.exe process or just rebooting the box. Just make sure that you unplug the system from the network before it comes back up.

The patch: Q323875_SQL2000_SP2_en.EXE

More disassemblies:


I posted a local mirror to the Switch to....Linux post I made below because it was offline, and wondered what was going on. This explains it.

Friday, January 24, 2003

More "Switch" Hitters

I have many Canadian friends, and in keeping with the 'Switch To' thread, here's another interesting one:

Switch to.....Canada?

Not really funny (well it could be, depending on your political leanings) but the site is interesting. Please link all the psycho anti-war activists you know to it. Maybe we can jettison a few....

Do We Really Want This?

The Pentagon is deploying videophones to "public affairs officers" in order to "counter hostile propaganda". So now when some knob of a 'journalist' reports that the US military has bombed some civilian target near the front lines without verifying the information, the Pentagon can counter with video feed directly from the front lines.

Sounds all well and good, and might actually show some of the more empty-headed anti-war protesters that they shouldn't take every word that comes from a foreign (hostile) country's government as their gospel. But what happens if one of these public affairs officers (PAO) is in the midst of giving a 'report' and the enemy forces penetrate the area during a counter-attack? You could potentially have very graphic scenes of American soldiers (or the PAO) being killed or severely injured. They are also talking about putting one of these video phones with a B-2 bomber crew. What happens if the plane gets shot down (I know, very unlikely) or has a malfunction and crashes? I don't think that would have the desired effect that the Pentagon is hoping for by deploying this new technology.

Of course, the video feed is supposed to go to 'journalists' who would hopefully edit out such events, or choose to report them without the accompanying video. However, we all know that the broadcast news media will at one point just start streaming the information 'live' and without any editing, or choose to release the whole grizzly affair anyway, saying that the people have a 'right to know'.

The only thing that might save it from this fate is the rate of transfer. That videophones have a maximum bandwidth of 128 kilobits per second, just a little more than twice as fast as a dial-up modem connection, only since there is no analog to digital conversion, its the equivalent of a dual-channel ISDN line, which is sufficient for 30 frames per second video if the subject isn't making quick movements. I also don't think the cameras in the videophones have as high a resolution as standard television crews cameras, so you probably won't get the greatest details. It might make quick-moving battle scenes look quite garbled.

One can only hope.

Thursday, January 23, 2003

James Can Relate To This One

There was this guy who used to get arrested regularly around here, and he had the misfortune of having a smiley face in the center of one of his fingerprints. Wasn't even necessary to check his prints against the database, everyone knew who he was as soon as the prints were taken, yet he still tried to lie about who he was.

Oh well, criminals who try to change their identities aren't rocket scientists...

But a few of them might be hackers.


Talk about Expensive Cartridges

Go ahead, print yourself some organs.

Brings a whole new meaning to buying refills, and you thought ink carts were expensive before, ha!

Switch to....

You might have seen the Apple "Switch" commericals which try to convince you to switch from "PCs" to Macs. There's a couple of good parodies that can be found...

Switch to....Mac?

Switch to....Linux (Eeeevil Distro)

(25 Jan 03) UPDATE: Looks like she canna take it anymore Cap'n - www.ubergeek.tv where the Switch to....Linux parody is at must be overloaded. I have it mirrored here - Without permission of course, the site is down, I don't know who to ask permission of. So if someone from ubergeek wants me to take it down, just drop me a line and it will be gone.

Wednesday, January 22, 2003

Spam, Spam, and more Spam

When someone says 'Spam' do you think of the meat by-product canned loaf, or do you think of unsolicited commercial e-mail (UCE)?

If you read blogs regularly, or are a blogger yourself, you probably think of the latter.

So, what do you do about it? Its a question I get from clients all the time. In fact, the elimination of spam (UCE) is becoming a high-dollar industry. Companies buy e-mail filtering software all the time to protect from improper e-mails going to and coming from employees.

First is to try to avoid having your e-mail addressed published on any public web site or anywhere in the USENET Newsgroups. "Spammers", those who send out spam or the people who sell e-mail address lists, have programs that crawl the Internet's public areas looking for e-mail addresses to add to their lists. However, keeping your e-mail address private is very difficult. Most on-line order systems require it, and once you order something, they will sell your information when they get the chance. This is why many people have multiple addresses, one that they keep 'secret', and the other(s) that they use for online ordering and for public consumption. However, all it takes is someone who has your 'secret' e-mail address to send you one of those electronic greeting cards and its all over.

So what else to do? The politically active amongst us will try legislation. As you can see, most of the states have passed laws regulating spam. Some states even allow you to sue spammers for cash if you can prove in small claims court that it was unsolicited. If you read the different laws, you'll wonder why the spam in your state doesn't follow any of the regulations. That's because these laws are rarely enforced, as it is too easy for 'small-time' UCE spammers to operate. Law enforcement would be overwhelmed trying to deal with it all.

So now you're at home, the laws aren't being enforced, and spammers have figured ways around your e-mail program's rule set. There are even people who have written elaborate programs and statistical analysis theories about spam that still get some of it. I myself manage several domains, one of which gets a lot of spam, and I get all of the bleed-over from defunct accounts. Someone at Chaos Theory pointed me to a neat service that filters spam.

Cloudmark Spamnet is a Peer-to-Peer spam filtering service that I've been using for a few months. It works the same way as Kazaa and other file-sharing programs do, only you share 'spam' lists. If you get a piece of spam, you click on the "Block" button in the Cloudmark program which then generates a unique mathematical serial number for that spam. Then if anyone else who is running Spamnet gets that mail, it automatically gets flagged as spam and moved to the appropriate folder and/or deleted. Its kind of neat, you have everyone working together to identify spam, and everyone benefits from it. Of course there are two drawbacks: One is that is people classify spam differently - one persons' spam is another persons treasure; The second is that it only works with Outlook 2000 or XP (Not Outlook Express). However, it does work very well. I had a few false positives at first (mainly due to the fact that I am subscribed to several e-mail lists on Bugtraq), but its been near 100% accurate.

Earthlink and other ISPs now offer spam protection (its usually opt-in, that means you have to turn it on), as do many of the 'free' web-based e-mail services.

Maybe we should start tracking spammers down and sending them to North Korean Concentration Camps. Oh wait, I forgot - the North Korean's (along with the Iraqi's) situation is our fault. Oh well, what a better place to send them - well maybe they could join the human shields who are headed over to Iraq...

Tuesday, January 21, 2003

It's Battlefield 1942 Day

I am just about recovered from the LAN gaming party I attended with James over at Hell In A Handbasket. Took us two hours to get started, I swear I only get invited to these things for my Network Engineering skills. (I think I said that before). We played from 6:00PM to 3:00AM - and by the end of the evening, James did pretty well. He certainly was nice Sniper-fodder for me on the Omaha Beach level of Battlefield 1942. In fact, you can see James in action here. He's the Brit doing the head bobbing.

Actually, I have photos of the whole debacle (hold your mouse over the pic for the caption):

James (AKA 'Meat Puppet') and Company on the Wall

Jack's Setup - Server and Workstation

Some people were bad and had to play in the back room.

Takin' a break...

The main Snotzi's machine...

Friday, January 17, 2003

Bad Week for Jack's Technology

Murphy's Law was in full effect this week, taking out my 19" Optiquest monitor. Had it for just about 3 years, and it just went dark when I turned it on one morning. The hard drive has also been doing some strange things, and I am running diagnostics right now - hopefully it will be in better shape than the monitor. So I put the monitor on eBay (I've sold quite a few 'broken' items there), and started researching and looking for a new one. Good 19" monitors will run you at least $250+. Sure you can buy cheaper or generic ones, but you get what you pay for, and when it comes to looking at something everyday for probably another 3+ years, I prefer something this is pleasing on the eyes. Cheap monitors, mice, and keyboards should never be purchased if you use a computer frequently.

I decided that if I was going to spend at least $250, I might as well spend a little more and get a flat panel LCD monitor. Problem is, I do a lot of computer gaming, and up until recently the response rate on LCD monitors was not sufficiently fast enough to prevent blurring of objects in the game. I play a lot of first person shooters, and prefer the sniper-type weapons, so being able to see small object clearly is a must.

I found a Planar PV174 which met all the criteria I was looking for. A sub 30ms response rate so that there was no blurring during DVD playback or gaming; 17.4" screen - which was about the same size viewable as my 19" monitor; DVI and Analog inputs, so that when I upgrade my video card I can use the Digital Video Input connector for even a clearer screen; a built in USB hub; built in speakers (however, they are very weak); and light and small enough to haul around to LAN parties.

So I put it on my computer today, and it was immediately taken over by my oldest daughter, as you can see here:

With her and her friend playing Harry Potter and the Sorcerer's Stone every chance they get, I am relegated to my backup computer system, which I have geekified as much as possible:

Yes, it's supposed to be a portable notebook computer, but I have so much stuff plugged into it now, its a pain to move.

Thursday, January 16, 2003

I Make Mine with Soft-drinks or Beer

Seems a Foam Factory in St. Louis burned up. I don't know about you, but I don't need to order my foam, I get enough of it from Diet Caffiene Free Coke or in my Low-carb Lite Beers. Why would you need a factory to make it?

OK - I know its not that type of foam, but a neat headline would have been: "Fire department uses foam to put out fire at foam factory." As they often use Foam to put out fires involving certain types of materials.


One of the things I do for a lot of my customers is to take their current computer desktop systems (usually called 'obsolete' by the vendors pushing 2Ghz machines for the business office) and give them a 'tune-up'. Usually by 'cleaning-up' the operating system be removing all no longer needed programs and optimizing the settings of the software in use.

Let's be honest. For most SOHO (Small Office, Home Office) and medium sized business users, a 500Mhz computer is more than enough to run any word processor, spreadsheet program, e-mail client, web browser, accounting package, etc. They don't need a 2Ghz+ system with a 64MB 3D Video card that can get 200+ frames per second in Quake 3 or other graphically intensive games. Sure, those of you who do photo or video editing, heavy duty CAD, or mathematically heavy computational programs (<-That phrase probably breaks several rules of English grammar) can always use more memory and CPU horsepower. Most business computers rarely use anywhere near their total capacity. In fact, the amount of empty hard drive space out there in the business world is probably pretty staggering, but that's another discussion.

So I take these 500Mhz machines and remove the 50+ viruses I find, usually of the Klez variety. No exaggeration either, that's probably the average number I find. I had one client who had over 1,400 viruses on his system, no wonder it wouldn't boot anymore. After I clean the viruses off, the second thing I do is remove the Spyware.

What is spyware? Chances are everyone of you reading this article probably have 1 or more spyware programs on your system. Some are hiding, and some are quite obnoxious and are looking at you right now with their beady little eyes from your systray (That's the group of tiny little icons directly next to where the time is displayed in the lower right hand corner of your Windows desktop). One of the most obnoxious of these is Gator. Like those annoying pop-up ads that appear at every web page? If you do, then install Gator right now. It puts EXTRA ones into your surfing experience. Like other companies to know all of your internet use habits, or even use your computer's idle CPU time while you're not using it all without your permission? Then install Kazaa media desktop. Of course, you DID agree to install all this stuff in the "Terms of Agreement" that you click through without reading. 'B3D Projector' is one of the worst and most insidious pieces of software that installs with Kazaa.

I usually find 40-50 pieces of spyware on each system. Some are so agressive that they cause the machine to crash every time the system is turned on, because they rush to send their payloads of information off to their corporate masters, who have Socially Engineered you to install it on your system.

Removing viruses, spyware, and defragmenting the hard drive (in safe mode for those of you who still use Windows 95, 98, or Me) usually increases system performance dramatically.

How do you get rid of all this malware? I prefer Command Antivirus to kill Viruses, and Ad-Aware for removing Spyware (be sure to get the Refudpate before you run Ad-Aware). With Ad-aware, do a registry scan, deep registry scan, and scan all of your hard-drives (CD's and floppies probably don't need to be scanned)

Stop your system from doing things you don't want it to do, and get rid of spyware now. Use Kazaa-lite instead of Kazaa. Try to at least skim through the software terms of agreement before you install anything, and don't forget your aluminum foil helmet to keep the government mind-control rays out. (Italicized portion is only meant as a JOKE and is not meant to comment on the sanity of the author of this article. No government agents need to visit my home to verify. I am totally sane. Yes, I am.)

Saturday, January 11, 2003

DMCA vs. Sherman Act 

It is the old Razors and Razor Blades lesson. Shaving product companies sell Razors for low-low prices in order to make a large profit selling the replacement razor blades.

Some people might say it is not 'fair', or some might even say its not 'ethical', but there is nothing illegal about selling products this way - nor should there be.

No where is this paradigm more prevalent than in the computer printer market. Printers by Epson, Hewlett-Packard, Lexmark, and other companies have the ability to print photographic quality pictures from a home computer. These printers can be obtained for less than $100. If you want to shop around, you can probably find the printers even cheaper than buying direct from the manufacturer.

However, the printer toner cartridges is where the manufacturers make up the lost profits. Toner cartridge kits for these photo-quality printers can easily approach $50, half the price of the original printer.

So as the old cliché goes, "What does this have to do with the price of tea in China?" Or more accurately, what does razor blades and printers have to do with the topic of this article.

The Digital Millennium Copyright Act was passed in 1998. The main purpose behind the Act was to protect intellectual property rights in the digital world. At the time the bill was being considered, many organizations warned that the Act's language was such that it could easily be used to squash competition in the marketplace.

As this article at news.com reports, it is apparently going to be used just for that purpose.

Lexmark is suing a company that makes chips that allows other companies to produce "generic" replacement toner cartridges for a greatly reduced price. As an example, I bought black and color toner carts made by 'G&G' and 'Meritline' for my Epson C60 printer for about $7 each. If I had bought the Epson brand carts, it would have cost me $25-$30 each. Lexmark puts computer chips in the toner carts so that the printer can identify the cartridge type to be sure that it is the correct type. No chip, no printing. However, a company named 'Smartek' has created its own chip that sends the correct signal to the printer, thus allowing the use of 'generic' toner cartridges.

There are only two reasons I can see for having the computer chip in the toner carts in the first place. One is to be sure that the consumer doesn't accidentally damage their printer by inserting the wrong cart. The other is to be sure that the consumer can buy and/or use no other brand of toner carts other than the Original Equipment Manufacturer's (OEM) brand.

I'm guessing its more the second reason than the first. All the OEMs have to do is make the carts different sizes to assure that they aren't used in the wrong printer. Most of the carts that have the chip are already different sizes than carts used in other printers that are made by the same OEM. Therefore, a reasonable person would be led to believe that it was for no other purpose than to prevent competition. Maybe it does send information to the printer indicating ink levels, but that could be done with a sensor built into the printer just as well.

Lexmark is using the DMCA in their suit, but it seems to me that their actions themselves violate the Sherman Anti-Trust Act. They are attempting to stifle competition and create a monopoly of replacement parts for their printers. Lets go back to the razors and razor blades example. You can now buy replacement blades for your razor from another company other than the one who originally produced it. The DMCA covers 'digital' property, and was originally intended to stop Internet piracy, so why don't razor OEMs have the same protection under a different law? They don't and it would be silly for anyone to consider that they should. So why do technology companies get this protection from competition? If you follow the same logic, they shouldn't. If someone can produce a replacement supply part, then why shouldn't they be able to sell it? And the DMCA covers copyrighted material. Is toner or ink copyrightable?

Some may argue that it if you let someone copy a toner cartridge, then they could just as easily produce a copy of the entire printer just as easily. I may see someone coming to that conclusion, but it is already being done by the OEMs themselves. Could someone please explain to me how the common operation of any consumer level inkjet printer is different across the three OEMs I mentioned earlier? Epson, HP, and Lexmark inkjet printers all do the same things in almost the exact same way. They feed along a "U" or "J" shaped path, a printer head moved by belts and gears sprays toner onto the paper from similarly shaped toner carts, and then pushes the paper out of the front of the printer. If you took all of the brand marking off of the common inkjet printers and put them in front of a person who didn't know the styling of the plastic cases, I doubt any of them could tell you which printer was made by which manufacturer, and how they worked differently.

In Jack's opinion the DMCA is a bad piece of legislation that needs to be repealed and re-written. Technology companies need protection of their intellectual property, but in a more reasonable fashion.

But until then, the next time a lawyer from some tech company pins you up against the wall and asks you if you've paid your licensing fees under the DMCA, you tell him "the check is in the mail"...