Friday, December 15, 2006


Just last night, I went to see the movie adaptation of Patrick Süskinds Das Parfum, named Perfume: The Story of a Murderer. Having read the book roughly ten years ago, I found that the movie was very true to the book. However, if you haven't read the book, some parts of the movie might not make much sense to you. I won't go into any of the details here (so no spoilers) but the gist of the story is about a boy named Jean-Baptiste Grenouille, who possesses an extraordinary sense of smell. After he discovers he has no smell of his own, he endeavors to create one, being the world's most perfect perfume. Throughout the book, he becomes more and more disgusted with mankind, isolating himself for years in a deserted cave before re-entering the world and learn about the technique that will enable him to create his perfect perfume.

I read this book when I was in highschool when I was about 16, and it impressed me in the same way that Spider-Man impresses me: he can do something that no one else can (except Tobey Maguire uses his skills for good). The story goes through different stages, and this makes for a very enthralling movie. Even moreso than the book.
However, when it was time for my book exams, surprise surprise, my German teacher did not just touch upon this book, he dived into it. And took me with him. Apparently, there was a deeper meaning to the story that I had not understood. That I had completely missed, even. Instead of focusing on the several books of Kafka (and reviews, and documentaries) that I had read like I expected, he completely teared me apart of some bullshit allegory that was hidden in the Perfume book. Supposedly the entire thing was somehow an allegory for a teen growing up in puberty, going through several stages of mental maturity, blah blah blah. I failed the book exam very, very thoroughly. (On the other hand, I completely aced the written national exams, balancing my grade out nicely.)

So as you can expect, I was very anxious to see if anyone else could see the hidden meaning of the story after it was made into a movie. Surely, the movie critics know a lot about the stories movies tell, and their deeper meaning? Those guys, who have seen hundreds of movies, will see the hidden meaning of Perfume within a minute? Right??


I have looked at every movie critic's review I could find. I have read all of them very thoroughly, skipping over the parts that praise Tom Tykwer for making a great costume drama with the budget he had, praising the beautiful close-ups of the murdered girls, and the performance of the lead characters, Ben Whiskaw and Alan Rickman. I even read the Wikipedia pages about the book and the movie, and the story's deeper meaning is mentioned NOWHERE. It's not there. I really doubt all the movie critics, as well as myself, can be wrong. It's not there.

So it is with absolute great pleasure that I can finally say, after ten years, to my old German teacher:


Tuesday, November 21, 2006

Ballmer: Linux is infringing on Microsoft's IP

Steve Ballmer, the man up top at Microsoft whom you all know (monkeyboy dance, developers, Google chair toss), says that Linux users infringe upon Microsoft's intellectual property and that the only Linux distribution that is legal in his eyes is SUSE Linux, owned by Novell, which has payed $40 million to Microsoft, in return for Microsoft's promise not to sue SUSE or Novell later on for patent infringement. Actually, Novell paid this only after Microsoft gave Novell $440 million for service coupons. Ballmer says Microsoft is willing to make the same $40 million deal with other Linux distributions.

What the hell? IP infringement? What the hell is that supposed to mean? Just because the graphical interface of Linux also has Windows, buttons and a taskbar does not mean it's stolen from Microsoft. Unix and even Xerox have had this for decades. Microsoft in no way holds the patent to a WIMP interface. If that is even the part(s) of Linux that Ballmer is talking about. It's nowhere to be found what parts actually constitute the patent infringements.

Not surprisingly, the Linux community has responded furiously.
RedHat asked Ballmer to reveal what parts of Linux are infringing, so that they may remove or workaround the patent infringement.

The Samba group asked Novell to reconsider and undo the settlement, citing obligations to the open source community. Samba also mentioned that this deal is a GPL violation.

Novell says that the $40 million deal has nothing to do with settlements for patent infringements.

Linux users themselves are just laughing about this.

This could be fun. I'd like to hear Ballmer get all worked up and blurt out that Linux is illegal, except for the ones that paid him off. This is like the SCO lawsuits all over again.

Monday, October 16, 2006

I feel old

I just read an article about FireFox 3.0 on Ars Technica that has the following quote:

"One interesting request appears near the end of the list: the wish for Firefox to be the "fastest browser on the market," even in low-memory configurations such as PCs with only 256 MB of RAM."

For me, a low-memory system has about 32 MB of RAM. I feel old.

Monday, October 02, 2006

The Internet is a scary place

Warning: do not show this video to someone who is computer illiterate. They might never dare use the computer again.

Computer being infected with metric fuckton of malware, set to opera music (YouTube)

Thanks to McAfee for giving me something to scare my mother with. >:)

More fun (or horrifying, depending on your POV) videos if you search for windows spyware on YouTube.

Sunday, September 17, 2006

Rule #1: Spammers are stupid

A post on the Sunbelt Blog caught my attention today: Spammer guy gets $11 mill judgement against Spamhaus, no one cares. That's more interesting than the title will make it seem - spammers rarely (if ever) win anything in court. So what made this one win? Intelligence? Legitimacy?

There are several unwritten rules about spammers, that most people in IT can tell you. The first one is the title of this blog post: Spammers are stupid. Face it: sending millions of people email messages they don't even want in the first place, selling stuff that doesn't work or doesn't even exist, hardly sounds like a good business model. I admit that there are spammer success stories on news sites sometimes, about a spammer who made millions, against all odds, while staying reasonably morally correct ('I never send adult-oriented bulk email. That's just wrong. What if children see it?'). What you don't read on those sites, are the thousands of stories of spammers who don't make a dime with their 'business'. Sure, there may be a handful of experienced spammers who make a few hundred bucks a month and can afford a second car, but even if they run a profit they'll stay under the radar, since spamming is becoming more and more illegal by virtue of some reasonably effective laws in a handful of states in America.

Yes, I know that I said 'few hundred bucks a month' while I mentioned success stories earlier about spammers making millions. I did this for a reason, which brings us to the second rule about spammers, as well as taking us back to the original story: Spammers lie.

The lawsuit mentioned at the beginning of this post is about a spammer called David Linhardt, who is particularly whiny and stupid. After Spamhaus blacklisted his spam-spewing domains a few times, he sued them under Illinois law - and he won $11 million by default judgment, since Spamhaus wasn't there to defend itself.

You want to know why? Because Spamhaus is located in the UK. Where US law does not apply. Linhardt may be happy about the ruling, but he won't be able to collect a dime from Spamhaus unless he files the same suit in UK court, and wins. The same goes for the removal of his domains from the ROKSO list (a blacklist with the 200 worst spammers in the world). All this is about as likely as the Earth reversing its rotation at this very moment. Because Linhardt is stupid, and lied to the judge in Illinios by saying that Spamhaus did business in Illinois and therefore fell within Illinois jurisdiction. Yep, he lied in US court. I told you spammers are stupid.

This is Darwinism at its finest. At one point this Linhardt douchebag will pick up a gun, load it, aim for his foot - and shoot himself in the nads.

Read all the articles for yourself:
CNet: Spam fighter hit with $11.7 million judgement.
Slashdot: Spamhaus Ignores $11.7M Judgement
Spamhaus: The offending ROKSO record on Linhardt (this includes several of the hilarious complaint emails Linhardt sent in response to his spam being blocked)
Spamhaus: Legal answer to David Linhardt

Oct 9 update: Uh oh. The e360insight wants the judge to order ICANN to take down the domain. And since ICANN is located in the US, this could get ugly.

Oct 12 update: Well, it could have. ICANN refuses to take down the domain, saying it can't - only the domain registrar can! Who that is? It's Tucows. And guess where they are located: Canada. Where US law doesn't apply. ZING!

Oct 20 update: Phew - it looked like the judge was going to pull the domain anyway since ICANN was responsible for it, but he did not want to 'impose a sanction that does not correspond to the gravity of the offending conduct'. Also, it seems SpamHaus now has wised up and is now represented by Jenner & Block.

Tuesday, September 12, 2006

Beginner's Guide to Miranda Instant Messager

This post is about the multi-IM client Miranda. This is a very light-weight instant messaging client that can connect to a multitude of networks, offering a lot of features by means of plugins (think FireFox and its Extensions). I've been using it for a few years now and I am very satisfied with it. The amount of different plugins can be overwhelming for a new user, so I've decided to put together a little guide on the essentials.

Default Miranda interface

First off, get the bare client straight off the download page. And when I say bare, I don't really mean that: it includes the Miranda client itself, and plugins to get online with AIM, ICQ, MSN, IRC, Jabber/GoogleTalk and Yahoo. (A note on GoogleTalk on Miranda.) It also has a plugin to import contacts and history from ICQ. It should look something like the screenshot to the right when you first run it (though probably with more contacts in less groups). Skip ahead to the bottom of this post to see what my contact list looked like after everything was installed and configured.

The Options dialog is very, very complete - especially when you enable 'Show expert options'. You'll want to start at the Networks section, to fill out your account details for all IM networks you have an account on. The 'Status' menu in the main window allows you to set the status for each IM protocol independently, or all at once.

Now I know you're going to ask yourself: 'Is this it? A completely boring contact list with some icons?' and I know it looks pretty bland like this. Luckily, we can fix that! There are plugins for nearly everything you're used to in the regular IM clients. Installing plugins is really easy: you just grab it off the Addons page, unzip it, drop the dll (or two) in the 'Plugins' folder and restart Miranda. It loads right away and if it has options, it'll add a section to the Options dialog. Occasionally a plugin has a separate dll for icons, a smiley pack or documentation, which you can drop in folders 'Icons', 'Smileys' and 'Docs', respectively. Usually the Readme file included in the zip is helpful as well.
If adding a new plugin causes Miranda to start crashing, look for a Unicode version of the plugin (Windows 9x/ME uses ANSI versions, Windows 2000/XP and newer use Unicode versions) or a newer version. If both fail, hop on the Miranda forums, find the discussion thread for the crashing plugin and start reading. Most likely someone has the same problem and posted a solution or a workaround.

Modern Contact List (aka clist_modern)

This is the most dramatic change to your contact list that you will see. Download the Modern Contact List plugin to enable skins on your contact list, user avatars and other fun things. The default skin is pretty snazzy, and you can get even prettier ones from the Miranda website. Customizing an installed skin isn't that hard (Options > Customize > Skin), though you'll probably screw up once or twice trying to figure out what everything does (like me), so make a backup of your database first.

Other plugins that go with clist_modern nicely:
  • Loadavatars and Fingerprint
    Avatar Service (aka Loadavatars)
    This is a general avatar service to complement Miranda's own, which can be used by other plugins. By itself, it makes sure all your contacts' avatars are current and displayed on your contact list.
  • Fingerprint
    This plugin detects what IM client your contacts are using, as well as the client's version. Very cool. This goes together very well with mToolTip, described below.
  • Icon Library Manager (aka icolib)
    Another 'core' plugin that allows you to customize icons for pretty much everything.



The standard layout for the sending and receiving messages module (SRMM) is probably what you are used to: one window for each conversation or contact. If you have a lot of conversations at the same time (or just keep them open, like me), this will produce a lot of windows and clutter things up. The Tabbed SRMM plugin groups all conversations in one window, using tabs (again, think FireFox). The keyboard shortcut 'Esc' to close a conversation tab is especially great.



This one is not available on the Miranda website itself, but it's great: it creates a bubble tooltip with useful information when you hover the mouse cursor over someone in your contact list. The plugin itself is just the engine, so it still needs settings to create the tooltip content. It's a bit complex, but well worth the effort: get a mToolTip template from the Miranda website, then get the Database Editor++ to load the .ini file from the template. Detailed instructions on doing this are in the Readme file for the mToolTip preset.

Popup Plus

Popup Plus

Miss the popups that MSN Messenger creates on events like receiving a new email, getting an IM, seeing someone come online? Well, no fear: the Popup Plus plugin is here to save you. It will even notify you of people typing their first message to you (before the conversation window has opened), which is useful as well as good fun ('hey, how'd you know I was going to ask you something?').
This also alerts of you of new email on the protocols that support it.
Popup Plus email notification



I bet you REALLY miss this in conversations, huh? Well, just get the SmileyAdd plugin and all smileys you type or receive in messages will be converted to pictures. You can select to have each protocol use its own smiley pack, or have all use the same basic one. The only drawback is that MSN Messenger's custom smileys are not supported. (The MSN plugin itself seems to support them from Miranda 0.6.6 and up.)
For the MSN protocol, I'm using a smiley pack with the exact same smileys that MSN Messenger has, but unfortunately it's no longer available from the Miranda website: here it is.


Since Miranda is an open source project, updates will happen often. Very often. The Updater plugin can keep track of this, and if you put it on the most sensitive setting, don't be surprised when you get updates to some plugins several times per day. Put back the 'Update on .. change' setting a notch and you should be fine. The only thing it won't alert you to is new versions of the Miranda core engine itself - so you'll have to check for this periodically. I subscribed to the Miranda blog myself to keep an eye on this.

History++ 2in1


To keep track of your messaging history, there is a default (embedded) plugin that logs all messages. This default is not very good, though - you can't see more than one message at a time and it's 'find' function can be a bit... dyslexic. The History++ plugin has a lot better features and gives you a much better overview. It tracks conversations as well.



Very useful if you want to know it the weather's going to be any good this week. It acts as a special protocol plugin, so you can add weather stations all over the world as contacts in your list, then group them together.



MSN Messenger has a frame at the top that shows your current avatar picture, your nick and your status. If you get the MyDetails plugin, Miranda can have this too! The plugin is still in developmental alpha stage, but it works very good. A bit of tweaking with the settings and you'll have it look very much like MSN Messenger. And this plugin works for all the other protocols as well! If they support avatars, you'll see them in the frame as well.

Final result

After I finished installing everything, tweaking my settings and got everything working, my contact list looks like the lower right picture. You can see the progress nicely when I install additional plugins.
Default layout
Default layout
Modern Contact List
Modern Contact List
Fingerprint + Loadavatars

UPDATE: Since the implementation of the MSNP11 protocol for MSN, developers are starting to add features from the new MSN clients to Miranda. Nudge and ListeningTo (alpha stage) are among these. If you have Miranda 0.6 PR 2 or newer, you can add the 'listening to' information to the mTooltip settings. (You won't need the ListeningTo plugin for this.)

Add this to your mTooltip.ini:

Then add this somewhere in the MSN mTooltip setting (Options > mToolTip > Advanced > MSN) to show the info, if it is set by a contact:
%%Media: <b>(8) %user_ListeningTo|%%%%|</b>

ANOTHER UPDATE: Miranda 0.6.6 (in rapid succession to 0.6.5 and 0.6.4) was just released, and if you upgrade from 0.6.3 or earlier you'll find that Miranda can't find your profile anymore. You need to move the profile.dat file, see this thread on the Miranda forums.

Wednesday, August 30, 2006

We have a crisis! The perpetuum mobile has been invented!

The title of this post refers to the crucial words of one of the members of the 'Topmost Ten' in a Oliver B. Bumble comic by Marten Toonder. These Topmost Ten people were the richest people in the world, owning everything. They lead a horrible life of paranoia since they can only lose their possessions and gain no more. The story details of Bumble acquiring a certain machine from a woodland friend, which he claims has a wheel that turns forever, powered by nothing.
Understandably, the Topmost Ten immediately declare defcon 1 because this perpetuum mobile, when made public, will instantly turn all other fuel resources useless and without value. The story is great.

So, what about it? It's just a story, the perpetuum mobile does not exist. Not only that, it's a physical impossibility that would destroy the world if invented. (Because every machine produces heat, and a machine that produces heat from nothing will eventually cook the world.)
Well, there is this company, you might have heard of it. They're located in Ireland and are called Steorn. The first time anyone heard of them was when they put forward a promotional video, which was posted on BoingBoing. While the video is riddled with marketspeak, vague claims and snakeoil, it also describes a technique they invented that providesd 'free energy'. In other words, it produced more energy than it required for operation. They claim to have reached fuel efficiencies of 285%. Yes, they claim to have invented the perpetuum mobile.

So how does it work? Well, they won't tell. The promotional video just babbles vaguely about meticulously arranged magnets. On their website, they're inviting people to sign up for a chance to test their technology for flaws, but a recent article in the UK Guardian says that scientists who signed up didn't receive squat because Steorn is so afraid to lose the intellectuel property rights to their revolutionary technology. The whole thing is being compared to two scientists (Pons and Fleischmann) who claimed to have cracked the mystery of cold fusion back in 1989: a lot of claims and promises to change the world, but no actual proof.

Could Steorn be serious? The physicist in me says 'no' without a moment's hesitation. The perpetuum mobile is physically impossible in this universe. On the other hand, Steorn put a lot of money into a full-page ad in the Economist. They openly challenge scientists to come and prove them wrong. But the sentimentalist in me can't convince the physicist.

Plus, Marten Toonder is right: a perpetuum mobile would wreck the world's economy.

Quick note rollup on Intel Centrino wireless vulnerability

(This post sponsored by the F-Secure blog :P)

Just a list of quick notes about the recent problems with Intel Centrino's wireless network card drivers:

  • Aug 2: Very very bad bugs were found in certain Intel-based systems with wireless network cards. Basically, if you have a laptop (any platform, even Mac) with an Intel Centrino wireless network card, it can be rooted removely by someone within range of the wireless network. F-Secure blog post. The post includes a link to a demonstration video.
  • Aug 2: Luckily, Intel was notified beforehand and released an update about the same time. F-Secure blog post. The 'update' was 130MB, which was a bit large for a driver update.
  • Aug 3: The update was buggy. Driver incompatibilities. The enormous size was because of bundling 32-bit and 64-bit drivers as wel as some Intel network tools in one package. F-Secure blog post.
  • Aug 14: Concerned by user feedback, Intel split the download into two packages, as well as a driver-only download. F-Secure has the scoop.
  • Aug 21: One of the programs in the update packgage is insanely buggy, eating up memory and CPU at alarming paces. Killing the process has no adverse effect if you let Windows XP handle the configuration. F-Secure.
  • Aug 24: Intel finally releases an updated version of the update package that fixes all the bugs. The End.

Did you patch if you were vulnerable?

Did you re-patch if you didn't have the latest version already?

Wednesday, August 23, 2006

Linux has almost passed puberty

Last week, someone recommended a Linux distribution to me. This was the Ubuntu live CD distro, that is bootable off a CD and is immediately ready for action. I decided to give it a try. This is a write-up of the past two days where I played with it.

Linux in the past

Now before I launch into the boxing match I had with this CD, let me explain my past experience with Linux. About six years ago, when all I had was a crummy Pentium I laptop, I tried to make Windows 98 dual-boot with Linux. I tried no less than five different distros and all of them messed up in one way or another. Redhat, 2 versions of Mandrake, SuSE, Slackware with X... no go on each one. Either it didn't recognize half my hardware, or it failed to boot, it failed to leave Windows alone, it failed to let itself be configured by a Linux newbie like me, or installing it was just too incomprehensible. I concluded that Linux was not ready for the desktop by a long shot and vowed to never try it again.

Years later, I decided that it was time to take it for another spin on my new desktop system, seeing that there was this thing called Knoppix Live, which allowed you to try Linux from a CD, without changing anything on your system, bla bla bla, the usual. While the CD booted nicely and recognized most of my hardware, the UI problem was still there - I gave up when I had to reboot in order to change the screen resolution, which is useless since the whole thing was on a read-only CD. I know you're going to shout at me for not knowing the keyboard shortcut for restarting X without rebooting the entire system, and I don't care. I'm a Linux newbie. If I can't work it, it's not ready for the desktop yet.

What I want from Linux

Now, another 3 years later, I hopefully burn the Ubuntu ISO to a CD, slam it into the CD-ROM tray of my brand new laptop and reboot the system. I'm mildly excited. I have several general goals and expectations of this Ubuntu thing in my head that I want to achieve and see:
  • I want Ubuntu to recognize all my hardware, including the Intel wireless network card and the plug-n-play wireless USB mouse I have.
  • I want to be able to access my NTFS Windows partition.
  • I want to find, install and be able to use the same (or similar) applications that I am using in Windows XP. These include:
    • A good browser. Opera is my primary choice, but FireFox will do.
    • A P2P program to connect to my DirectConnect hub. I know about Valknut and I'm going to try it.
    • An IRC client. I'm used to mIRC so I want one with a similar feature set.
    • An FTP client. Before I rebooted, I was uploading a few things to our home entertainment system computer. I want to resume those.
    • An multi-IM client. I'm used to Miranda. I know about GAIM so I'm going to try that.
    • A proper music player. I use Winamp almost continuously to listen to Shoutcast radios, as well as play MP3s. I heard about XMMS and seen it a few times. It looks a lot like Winamp so I'll try that.
    • A file manager. I'm used to Total Commander but I doubt something that advanced is available in Linux.
    • An easy-to-find command line. I know how Linux is centered around the command prompt more than Windows, so I want to use that.
  • I want to be able to achieve all of the above, without rebooting. (obviously)
All in all, these points are what I expect an average user would want to be able to do with Linux: getting things to work like they do in Windows, in a comparable amount of time.

The Linux Experience

[Hardware] The CD boots nicely, though the boot process is an ugly mess, with screens ranging from text scrolling past on a black screen right up to a GUI progress box with sound (ooh pretty), then back to text, back to the GUI, etc. But it works. I'm slightly more excited. The desktop looked like this, nice and clean.
First on the agenda is getting the Interweb to work. I'm baffled to see that just inputting the SSID and WEP key (bite me) works right off the bat. This is even better than Windows, where I need an installation CD, a migraine and three reboots to get the wireless network card working. Very nice.
[IM] Next up: GAIM. I've got a friend who uses it exclusively and it works very good. MSN is up and running in no time at all. No MSN avatars, but that's no disaster.
[P2P] Foolishly, I skip right to Valknut. This is where it gets ugly. The homepage for Valknut has no Ubuntu option, but after a bit of digging in the online Ubuntu help I learn that Ubuntu is based on Debian, so I pick that option instead. Unfortunately, the development page for Debian Valknut is dead. Hmm. Being the clever chap that I am (i.e. moron) I download the Valknut source and try that.
After a bit of reading I am greeted by an error message 'bash: 'make' command not found'. Uh. I thought that was the point of open source? Compiling things yourself? Apparently not. The Ubuntu folks probably didn't think someone who boots Linux off a live CD is going to compile things by himself. Curses.
This must be a nightmare to Gentoo users

By now it's near midnight and I need to get up early for work tomorrow, so I call it quits. I reboot and remove the CD.

End of day 1.

Next day, I decided to give it another whirl. Insert CD, reboot, start Ubuntu, setup wireless network, and on to the less obvious tasks. GAIM once again signed on perfectly to my MSN Messenger, ICQ, AIM and Yahoo accounts. GMail/Jabber did not.
[Music] The standard music player is Rhythmbox Music Player, which refuses to add my favorite Shoutcast station to its list of 'radio stations'. The Add/Remove Applications tool (which is very good) shows that XMMS can also be downloaded and installed, which I do. XMMS also won't let me add a Shoutcast station.
Well then, on to the music that is already on my drive. Since it wasn't auto-mounted (mounting is pretty hard for newbies like me) I searched the Ubuntu documentation for something that would. A script to mount all drives was quickly found, and surprisingly I was able to download and run it. A minute later I'm listening to the soundtrack of Pirates of the Caribbean. Nice!
[P2P] Now that I've got some music, I decide it's time to try Valknut again. Skipping the Valknut homepage, a Google search for 'debian valknut' has more success. One .deb package later and Valknut is running! No wait, it's not. It needs a few packages on which it depends. Easy enough to download and install them, but some of them require additional packages. Fortunately this doesn't devolve into a maze of dependencies and version conflicts and Valknut can be persuaded to run after four or five extra packages. Another goal achieved. Something to remark here that caught my attention: there seems to be no difference between a folder with execute rights, and an actual program.
The Valknut client itself seems pretty poor. I can't find tabs, accidentaly close it at least half a dozen times, it has no system log or visible system status, doesn't accept custom commands or user commands, etc. But it works. I can chat and I can download.
[IRC] Searching the software installation list yields something called 'X-Chat'. I heard of that so I install it and run it. The design is different from mIRC and it's a bit clunky. The usual networks I frequent are not in the list so I have to add them to the server list, instead of just being able to type /server like I'm used to. An incredible stroke of luck is stumbling upon a #linux help channel with some helpful people, which speeds up my progress.
[browser] Right about now I decide it's time to try Opera 9 for Linux. Firefox is great, but I really prefer Opera. There are 5 different Debian versions and 3 different Ubuntu versions of Opera, so I pick the latest Ubuntu one.
Stupid dependencies!
However, I run into something strange here: quirky dependencies. Opera requires some 'libqt' upgrade, but since the older, existing version is used by Valknut, it requires I uninstall Valknut?? It's almost like Ubuntu wants me to use Firefox. Fine then.
[File manager] I touched on this yesterday so I'll install it again: the Thunar File Manager. The file structure system of Linux is an absolute maze to a Windows user, and I keep forgetting where my mounted drives, my desktop and my home folder is. I need bookmarks. Thunar works pretty well though.
[Terminal] I'm making good progress here, even considering it's my second day on this. The Terminal is in the default application menu so no worries there. It seems I'm logged in automatically as some kind of limited user, and that the root account has no password. So anything I do in 'system settings' that needs root access only requires me to click 'Approve' and it works. Anything in the command prompt only requires 'sudo' in front of it. It's easy to work with, and I'm not working as root (which seems to be important in Linux).
[FTP] Last is the FTP client on my list. The application list recommends (i.e. lists as my only choice) gFTP so I get that. It works like a charm and resumes my uploads flawlessly.
It's almost midnight again so I sign off GAIM, set Valknut to away mode and close the lid. This was.. fun. :)


All in all this was the most successful I have been with Linux so far. Seeing how it boots from CD, I don't have to meddle with the installer, partitioning or dual-booting. Since both my hardware and the Ubuntu CD are new, everything is automatically detected. Desktop Linux has become way better, but it's not ready yet.

  • Hardware detection is excellent.
  • User support is great if you know where to look.
  • Everything is customizable. The default settings may not be the best, but most are very well thought-out.
  • No consistency. I installed about 8 programs, and 5 of them have differently-styled GUIs, ranging from extremely large-font and ugly (Valknut) to insanely small (XMMS). The WiMP styles vary wildly.
    Three different windowing styles

  • File and folder organization is very, very different from Windows. I keep losing my way.
  • When you don't know how to do something, there is hardly any guidance. When you do something wrong, there is hardly any explanation.
  • Performing basic tech tasks, such as determining the kernel version or memory usage are not as easy as they seem.
My answer to the question 'is Linux mature yet?' would be 'almost'. The user experience has improved vastly since the early years of Linux, and a lot of Microsoft Windows features have been mimicked (which is good). On the other hand, some things still need work, like consistency, standards and help.

It's clearly almost ready for the desktop, but not yet. Maybe I'll do another test drive in a few years and see if it's ready then. :)

Monday, August 21, 2006

The Jack is back

About ten months ago, I did a writeup of Jack Thompson's actions up to that point, which included throwing hissy fits over video games such as GTA, The Sims 2, and unsuccessfully bullying several online comics about video games. Well, there is some good news for people who, like me, love watching the first few rounds of Idols (American Idol in the US) just because it's so much fun to watch people crash and burn.

As most of you should know, Rockstar Games is close to releasing a game called Bully, where you play the role of a schoolyard bully, beating your fellow wimps, uh, students, ultimately taking over the school. It's like GTA for kids, by kids, with kids. Except that it's not for kids. With all the beating and stuff. The game will be released in October.

Anyway, Jack has taken it upon himself to make sure this game is a-ok to play for people. In early 2005 he supported a campaign to discourage Rockstar Games from releasing the game at all, calling it a 'Columbine Simulator' (though there are no guns in the game as far as I know). How did he do this you ask? Simple. On August 16, 2006 he filed a petition, demanding that Rockstar Games provides him with an early copy of 'Bully'.

Wait, what?

Yes. He wants it for himself and others, to analyze it "to determine whether it still poses a threat of copycat violence in our schools."

Not surprisingly, Rockstar ignored him. So, ever the resourceful fellow, on August 18 Jack Thompson sued Wal-Mart, Best Buy, Target, Circuit City, GameStop and Toys 'R' Us seeking an order to stop the release of the game in October.

This is great, I can't wait for the outcome of this, so much fun. I'll definitely be playing this here Bully game. Finally I can get revenge!

Oct 12 update: The judge actually ruled that a Take Two representative must play Bully for 100 hours while the judge watches, to determine if it's bad enough to be banned. Take Two seems to think this all publicity is good publicity for them, but this is starting to cross the line between 'funny' and 'what the hell'. Ars Technica has the full scoop.

Oct 13 update: The verdict is in! After only two hours of viewing, the judge decided that while he wouldn't want his children to play it, Bully will appear on store shelves normally. Jack Thompson states "I may be full of crap about this game, and I may be wrong, and that's fine." And I intentionally misquoted him on that. Source: Ars Technica.

Wednesday, June 21, 2006

Opera? More like, Opwnera, amirite?

It's official. Opera is now better than FireFox. And this not my opinion. No, my friends, it is FACT.

Yesterday, those great guys in Norway released version 9.0 of their Opera browser. It's great. It's bliss. I think I creamed my pants three times before even finishing reading the page that lists the new features. Back when Opera was at their 7.x series, I briefly deserted and used FireFox for a while, and the main plus for me was the AdBlocker plugin. I blogged earlier that there was a trick to make Opera block Flash embeds which efficiently also blocks 90% of the online ads, but it wasn't the best. But now that Opera added a Content Blocker, I will never again have to switch back to the sloth that is FireFox.

The major new features:

  • It has a god-damn content blocker. Goodbye, ads! Still take a bit of digging through the source to block embedded scripts, though.
  • It has a built-in BitTorrent client. I'm really not kidding. It's not µTorrent, but it's pretty awesome.
  • Tabs thumbnail preview. Pretty sweet. Hover your cursor over a tab and a mini-version of the page pops up along with some details.
  • Per-site preferences. You know all that sweet stuff you can setup for a browser to make it more secure and comfy? Like cookie settings, popup blocker settings, enable images, enable javascript, enable plugins, and like a TON more... you can now do that for each page separately (or have it use the default).
  • Widgets. I haven't tried any yet, but judging from the Opera Widget Guide it looks like they're essentially like FireFox's plugins. Or Vista's sidebar components. Or Windows's ActiveDesktop elements. Or Javascript widgets. With cream. Say aah.
  • Customizable search engines. Used to edit your search.ini yourself? Well, not anymore. Everything you could do in there, you can set from the Opera UI itself now, without restarting the browser. Even search forms that use POST data! (Which FireFox still can't do reliably or easily.)
  • opera:config. So FireFox stole a few (well, a FEW) features from Opera? That's cool, we'll steal back one or two. This looks like you can essentially edit the opera6.ini settings file from within Opera.
And don't forget: Opera is free!

So is there anything I don't like? Unfortunately, yes. It seems like each major version upgrade, keyboard shortcut keys change. Though I love the feature in itself very very much, it's not handy if each time I memorized all the keyboard shortcuts, they change in the next version again!
In the first few minutes of using Opera 9, I noticed that New tab, Paste and go, Close tab... three of the most-used shortcut keys I use, and all three keyboard shortcuts are different. Why?

[edit] Oh, nevermind. You can change keyboard shortcut assignments. Hooray! :)
[edit2] I can no longer login to Hotmail with Opera 9. Boo.
[edit3] Well, I can, but only if I allow normal and third party cookies from *, *, *, * and * Gotta love Microsoft for shoving you through 5 different domains (and at least 3 times as much servers) before logging you in to Hotmail.

Saturday, May 20, 2006

I am become Death, destroyer of rootkits

So... last friday, I was at work and witnessed the most amazing thing someone can see in the field of IT. I will tell my grandkids about this one day.

Before I tell you what it was, let me tell you some background story. I work at a small and successful IT company with a few friends from university and other great coworkers and bosses. Our server farm (database and webservers) is physically located several dozen miles away from us, but they all have RealVNC installed so we can access them remotely. RealVNC basically shows you the desktop of the remote server, so you can work on them as if you were sitting right behind them. Our servers even have some kind of 'panic' switch installed on a hardware level that allows us to remotely reboot the servers in case of a serious crash, by sending a text message to a certain cellphone number (which is, of course, the coolest thing ever).

Anyway, two weeks ago I read an article about a vulnerability in RealVNC 4.1.1 at work, but since the proof-of-concept code published by the same site required you to use the server with VNC installed to load their website, which would then check for the vulnerability and tell you, we figured it was a phishing scam and forgot about it. I mean, if somebody told you they could hack your system, but to prove it, you'd have to turn off your firewall and antivirus, and open this strange-looking file... would you do it?

Well, this week we thought, in retrospect, that we should at least have checked the version number on our VNC servers and checked if our servers were actually open to attack.

Because we got attacked. Live. While me and two of my friends were looking at the server's screen at work. We actually witnessed the hacker hacking our server. Hollywood has nothing on this.
We VNC'ed into one of the servers for some routine work, and a command window was open with loads and loads of shell commands scrolling past - adding users, changing registry keys, downloading files, setting attributes (mostly 'hidden' and 'system') in an endless stream of DOS commands that were scrolling by.
At first, we thought it was our sysadmin, doing some complex Win-fu far beyond our IT abilities. But this didn't seem like something he'd do - why would he merge something into the Registry called 'hide2.reg'? Then the stream of shell commands stopped, and to verify what we thought, I typed at the command prompt:
C:\>who is this?
To our surprise and immediate panic, someone typed:
C:\>who is this? I'm PeeWee.
..and quickly closed all the command windows and disconnected from the server.

So we immediately called our sysadmin to tell him what was going on and ask for help. Now, mind you, none of us three (it was early in the morning and only us three had witnessed the owning of one of our servers, a fourth coworker was in the next room) are laymen when it comes to computers. So even while we were talking to our sysadmin on the phone, the other two made plans to shut down RealVNC on all servers and use Terminal Services (Microsoft's own remote access program) to connect to the servers again and upgrade RealVNC to the new updated version that was released on May 20, two days after the earlier proof-of-concept page was published. After we finished talking to the sysadmin, we went to work. One of my friends started upgrading RealVNC on the servers. The other started calling our bosses and tell them what just happened.
They told me to go and clean up the servers, if possible. And I never had as much fun that day at work before. I'm serious.

The first server I checked was the one we witnessed 'PeeWee' working on. Not really knowing where to start, I downloaded a few power tools from and started snooping around. Mind you, I have written my own security programs, but they really don't compare to the ones you can get off the SysInternals website, all for free. Some even with source code included! They're awesome. And did I mention they started the whole Sony rootkit controversy?

Anyway, after a few hours of snooping around on our poor infected servers, I found the following:

  • 4 of our 20-ish servers had been hacked.

  • All four had been 'converted' into FXP Warez sites. FTP server, remote access, rootkit, hidden folders for the warez, it was all there.

  • The hacker was still working on the server we caught him on, so that one hadn't been fully converted. It's possible we would have never found out about this if we hadn't caught him in the act.

  • The hacker had most likely found used a portscan on the default RealVNC port, found all of our servers, and used the brand new exploit. The only reason not ALL of our servers had been owned, was because they are all setup to lock themselves after a few minutes of being idle. The four servers that are used most often were not locked, and those were the four that were hacked.

  • The hacker had used the same package of tools on all the servers, though configured slightly differently to have the FTP servers identify themselves as part of different FXP networks. In other words, our friend PeeWee was probably a scanner/hacker for multiple FXP boards.

  • After I was done fixing the servers (which took me all day, i.e. roughly 7 hours) I had 6 megabytes of crap in zipped folders from each of the four infected servers for our sysadmin to look at. I had already looked at most of it and found a lot of fun things like passwords, FXP board names and the tactics used by these kind of hackers to hide their stuff on a compromised server.

  • PeeWee's package of tools consisted mostly of a hacked version of the Serv-U FTP server, a few trojans and droppers, a command-line remote access tool, and Hacker Defender.

Now, not all of you might be familiar with Hacker Defender (aka 'Hxdef'), so take it from me: it's the absolute worst of all rootkits. If there is an entry in the dictionary for 'most perfect rootkit written by most unscrupulous person', there would be a picture of Hacker Defender next to it. The guy who wrote is actually started selling it at some point, in a variety of versions on his website (which doesn't exist anymore), ranging from standard (just the rootkit) to 'Gold' (the rootkit, with all possible antivirus-evading technology, a very strong encryption on the .exe and a unique signature) for prices ranging from $100 to $300 or so. The website also included a movie clip from a Windows machine being infected with it, followed by a few minutes of using over half a dozen anti-rootkit programs on the same system, none of which found Hacker Defender. It's that hard to remove. But it's not perfect. Especially not the version that had been installed on our servers.

Basically, all you have to do to remove the standard 'free' version of Hxdef, is run SysInternals' Rootkit Revealer to find the name of the Hxdef service, and stop that service. The rootkit will then remove all of its hooks from the system, and uninstall itself completely. So stopping the proper service will not only uncloak any hidden stuff, it will also disable and delete the associated service! It's great - like groping for the lightswitch in a dark room, finding it, flipping it, and then seeing a circle of monsters around you that have been frozen by the light.
After you stop the Hxdef service, you are left with three files: the rootkit itself (something .exe), the kernel-mode driver (something .sys) and the configuration file for the rootkit (something .ini). The only thing that's left to do is open the configuration file in Notepad, delete the obfuscating crap that has been put in there to evade antivirus detection, and you know what the Hxdef rootkit was hiding. And then you can delete that. In my case, this was mostly ftp server files, Registry keys for hidden services (like 'Logical Disk Manager client services', 'Microsoft Netlog' and more important-sounding crap), and the rootkit files itself. Since the four new FXP sites were not much older than one hour, there weren't even any warez on them yet!

So is removing Hacker Defender that easy?
And do you understand why?
Because the guys at SysInternals are the smartest bloody programmers I know. - Thank you, Mark Russinovich and Bryce Cogswell!