More Junkmail from Bob!Wednesday, December 24, 2003
Merry Christmas Eve!
From Russia, with Love
Suppose you are a creative young computer guy in Russia without much money, and you want to change that. (The money part, not the computer part.) How could you make money? Here's one way:
1. Write a program that will send data repeatedly to an IP address. The IP address and command to start sending data are communicated by sending a certain password to a certain port on the host machine. If you don't want to write a program like this, you can download one and modify it a bit to suit your needs. (An IP address is the unique address of a computer on the internet. It has four numbers from 1 (or 0?) to 255, separated by periods, and looks something like this: 188.8.131.52.)
2. The program, when it's installed on a remote computer, should send you a "message" consisting of a few bytes of data over a certain port identifying the IP address of the host machine, the computer it was installed on. This message should be sent to a few dozen IP addresses, including yours, to help hide the source of the program (you). The other computers will ignore the nonstandard message to a nonstandard port.
3. Get a few million email addresses. These are easy to find.
4. Make a creative email, maybe something like a greeting card, that gets people to click on an attachment and install your program. You could even incorporate a greeting card into your program.
5. Email your program to a few million people. Even if 999 out of 1000 won't click on the greeting card, you'll still have a few thousand people who install your program. You'll know by the messages sent to you from the computers that installed and ran your program.
6. Write an email to an online casino or other nefarious web site asking them for $50,000 or so for Christmas shopping money. Explain that you'll shut down their operation if they don't pay.
7. Either (a) go shopping, or (b) instruct the few thousand computers running your program to send repeated internet "messages" to the online casino's web site. This will cause millions of messages to inundate the online casino, effectively shutting them down. Almost everybody who tries to access the online casino will get a time-out error. Then go back to step 6.
You're probably asking yourself how I could come up with a scheme as stupid as this. I'm afraid I can't take credit for it. And it may be stupid, but it works. The programs are commonly called trojans. Online casinos and sex web sites are on the receiving end of this extortion racket primarily of Russian origin.
More and more home computer users have DSL or Cable internet. This makes it more efficient for someone to give you a free trojan, and it makes your computer much more effective when it participates in one of these "denial of service" attacks.
The method of distribution is not always email. Windows XP and 2000 listen in on "ports" whenever they are connected to the internet. This is not such a big deal, other than the fact that Microsoft has some buffer overflow bugs in Windows. Someone can send too much data to one of these ports. A "feature" of the Windows bugs is that the extra data can then be executed as a program "bootstrap," which can, in turn, load the trojan. As the computer user, you won't see a thing -- all at no extra charge!
The trojan program runs, scanning the internet for other vulnerable computers, and installs itself whenever it finds a copy of Windows that's not updated, with no firewall. How does it find other computers? It starts at one IP address and starts counting up or down.
This computer I'm using now is on a DSL. In the past hour, I've been "pinged" by other computers on the internet 168 times. I'd guess that most of these are from computers that have trojans looking for places propagate.
I had saved a link to this story on cNet, but it's "expired." That's really funny, in my warped mind, because you can go to the link and if you read REALLY fast, you can read the story. Then it jumps to a page saying it can't find the story that it just displayed for you.
I was kind of irritated about this, so after about 12 tries I managed to hit Ctrl-A, Ctrl-C fast enough to copy the article into an html editor. I noticed it was a Reuter's article, so I selected the first line of the article and searched for it on Google. I found a few copies of it lying around the internet in places like CNN and ZDNet. ZDNet must use the same software as cNet, because it did the same thing -- the article flashed up for less than a second, and then went to a not-found page. ComputerWorld seems to archive their articles forever, so I linked to that one above.
How can you keep from getting trojans, etc.? Use some virus protection such as Norton Antivirus, use the windows firewall or ZoneAlarm, and don't double click on email attachments unless you are 100% sure what they are. (Hint: 100% is much larger than 99%.)
Here's a free antivirus program:
If you are the proud owner of a virus or a trojan, sometimes you can go to http://securityresponse.symantec.com, figure out which one you have, and download a free removal tool. The last two computers I built acquired trojans via Windows XP before I could get the Windows Update finished. I guess I should install the firewall first.
Spyware and Gator
Some programs install spyware on your system. I don't see much difference between spyware and trojans, except that spyware is legal and trojans are not. Spyware sticks ads up on your computer and transmits data from your computer to the companies in charge of the spyware. Most of the time you don't even realize you've got the spyware.
PC Pitstop is an anti-spyware program, a little like AdAware, and it has some other features. On the PC Pitstop web site, they describe various spyware packages in not-too-flattering terms. One spyware company, Gator, sued PC Pitstop and forced PC Pitstop to stop calling Gator spyware.
So PC Pitstop put up a web page with lots of details about how Gator works, leaving out the term spyware. I thought that was funny. Gator sure looks like spyware to me.
Compact flash cards (and other flash cards) are really handy in cameras and computers, because you can treat them like little hard drives. Or big hard drives, if you consider half a billion a big number. You can plug in a compact flash card and read or write just like a hard drive. This is because it uses a standard format, the FAT or FAT32 format.
FAT stands for (or stood for once) File Access Table. It's a standard layout for a file directory and pointers to the files. Microsoft started using the FAT format for hard and floppy drives with MSDOS. It's a pretty simple format, with several similarities to CP/M and Unix formats.
Now Microsoft has decided they own FAT. They are going to start charging manufacturers about $0.25 for each compact flash card sold. Well, those that use the FAT file format, which amounts to almost every card being sold. Our PC12 uses a nonstandard compact flash card to record engine data. I guess that saved us 25 cents in the purchase of the airplane.
Some people are criticizing Microsoft. Hard to believe, huh? They say Microsoft waited until the world was using FAT in the compact flash memory before they started charging for it, calling it a "textbook submarine patent."
Microsoft boss Bill explained, "The real problem is the U.S. Government. With record budget deficits and runaway spending, we can no longer rely on the government for a substantial portion of our income. To resolve this problem, Microsoft has made the decision to tax the population of humans directly. The Compact Flash Tax is only the beginning. With the approval of our new patents, we will begin charging royalties for every CPU cycle on computers that use our patented technology, the 8-bit byte."
More Patents and etc.
The parity bit has been around since the Cretaceous period of computing (Bell Labs Model V, 1946). It is used to show whether there is an even number of bits on in a computer byte or word, for error checking. A cyclical redundancy check became popular shortly afterward. It performs a more complex computation on a larger number of bytes, coming up with an almost-unique number that usually can tell whether a set of data has been changed. Even more complex math functions can be used to come up with an even larger number to determine whether two files are likely to be identical.
For example, I could add every 4-byte word in the file together, ignoring overflow, and come up with a 4-byte number. It would be very unlikely for any other file to come up with the same 4-byte number. If I compared the file sizes, it would eliminate even more false positives. This is a simple method that is easy to circumvent, but by using more complex math formulas you can be almost 100% certain whether files are identical by comparing a relatively small number. This number can be saved with the file for identification, or separately.
The recording industry has hired some companies to hunt down big file swappers. They identify and track files using these computed identifying numbers, or hash codes. Altnet claims to own a patent on this, and wants the recording industry to stop that. Or, more likely, to pay Altnet.
The thing that made this situation stand out to me was this quote by Derek, the VP of Altnet: "If they're building business on the backs of the patent I worked hard to acquire, then they should talk to us."
Derek didn't even mention the work it took to develop the technology, only the hard work it took to acquire the patent, presumably from the developer. Or maybe they just copied the technique from a textbook and didn't even use a developer.
The recording industry used this file tracking technology to file lawsuits against dozens of people, including a 79-year-old man named Ernest who doesn't even own a computer. Ernest's wife, Dorothy, said, "There's a mistake in this case. We're innocent in all of this, but I don't know how we're going to prove it." And all along I thought you were innocent until proven guilty.
Last Friday, an appeals court said that the recording industry could no longer subpoena internet service providers without going through a judge. Maybe this will curb some of the foolishness.
Meanwhile, AT&T says nobody can use a "trusted intermediary" to handle online payments, and they are suing eBay to prove it.
Monsanto is still picking on Canadian farmers. A Canadian farmer named Percy is going to the Canada Supreme Court against Monsanto. He says you can't patent a higher life form.
The Canada Supreme Court ruled that way in a mouse lawsuit last year, contrary to U.S. courts:
Monsanto is also picking on a dairy in Maine. The Oakhurst Dairy labels its milk "Our farmers' pledge: no artificial growth hormones." Monsanto sued the dairy, saying that label implies that non-hormone milk is better than milk from cows that take Posilac, Monsanto's brand of rBST. I doubt if Oakhurst milk is any better, but I definitely believe they should be able to label their milk the way they want.
The Unisys GIF patent expired and I didn't even notice! It's gone as of last June, in the U.S. It will expire next year throughout the rest of the world, although most of the rest of the world doesn't honor the patent anyway. You can now try out the latest Photo Mud (test version) with GIF support here:
If you live outside the U.S. and use this, you should pay Unisys a lot of money.
The U.S. Patent and Trademark Office is moving. Their new facility in Alexandria, VA will be complete in a couple of years. Some of the 7,100 employees USPTO have already moved into the new $615,000,000 office complex, a bargain at only $86,000 per employee.
Want to make some quick money the easy way? Just answer a few questions. Eli Lilly has a web site called InnoCentive. Companies post biology and chemistry questions, and if you can come up with the answer, you get the prize.
For example, can you find a suitable catalyst system to catalyze a reaction that produces hexamethylene-1,6-diisocyanate? It's worth $10,000. Got a proposal for cost-efficient synthesis of gallic acid? $7,500. Do you know of an efficient and scalable method for the production of a porous carbohydrate-based resin? That will get you $40,000.
Welcome to America!
What happens when a 30-year old woman from Australia comes to the U.S. to interview Olivia Newton-John without an i-visa? Last month, she got handcuffs and almost 15 hours of interrogation. "
Separately, surface-to-air missiles were deployed around the Washington D.C. area in response to all the terrorists. That makes me feel very secure.
Canada has the right idea about airport security -- they've banned fruitcakes!
Ohio backed out of using electronic voting machines for the 2004 elections, because they weren't sure the machines are secure and reliable.
Separately, slot machines in Nevada are considered secure. Here's a checklist used by the Nevada Gaming Commission. Notice that they check the EPROM's to make sure they have no errors and haven't been messed with. With voting machines, you can only trust the manufacturer. I think that should change.
But Nevada is buying voting machines too, even though they have questions about security.
In May, 1953 Edmund Hillary and Tenzing Norgay made it to the top of Mount Everest, the first two people known to climb the mountain. Today, 1200 people and 50 years later, we can view the mountain in satellite photos from private companies. I've used the high-res photos in the links because they are really good quality and because James got us a couple more T1 lines. Get a copy of Photo Mud (test version) if you want to make them smaller.
Here it is at 4-meter resolution:
And at 1-meter resolution:
These pictures are from Space Imaging:
I ran MSN Messenger the other day, and it asked if it could update itself. I was happy with the version I had, and I said no. I figured it just wanted to put some ads on my computer, or something else to slow it down. Then MSN Messenger said it would not run any more until I downloaded the update! This is the first "forced update" I've seen on any software. Not only was I forced to "agree," they shut down my old version until I installed the new one.
Since it came from Microsoft, I'll probably see a lot more of it in the future.
Arthur C. Clarke
Here's a good interview of Arthur C. Clarke:
They're getting close! Mars Express will enter orbit around Mars on Christmas Day.
The Beagle II separated from Mars Express and is expect to land on Mars on Christmas Day.
Both these spacecraft are from the European Space Agency (ESA).
The Boeing X-50a is a helicopter with a short, wide rotor. After it takes off and gains airspeed, the rotor stops turning and acts as an airplane wing. The X-50a is a remote control prototype, 17.7 feet long and 1,460 lbs. It made its first flight earlier this month.
The Goodyear Blimp got away! It slipped the surly bonds of earth and crashed into a compost heap.
The "Spirit of America" is one of three Goodyear blimps. It had a hole torn in it, but will fly again.
IBM is planning to move between 4,000 and 5,000 programming jobs from the U.S. offshore to India, China, and elsewhere to save money. IBM currently has about 6,000 programmers in India.
The federal anti-spam bill is law!
However, someone must have forgotten to notify the spammers. Just to be helpful, I've been forwarding my spam to the justice department ever since the law was passed. It's my civic duty to turn in lawbreakers. You, too, can help -- just send your spam to:
Attorney General John may be too busy with his campaign finances to worry about prosecuting spammers. He was fined $37,000 for $112,000 in illegal contributions in 1999-2000. Does anybody besides me see something wrong with these numbers?
The scary part is that two of the Federal Election Commissioners said it was a garden-variety complaint that was blown out of proportion because it was the Attorney General at fault. It seems to me like $112,000 in illegal campaign contributions should be blown up pretty big, especially when it's the Attorney General. After all, isn't that the guy in charge of enforcing federal law?
Among the spam I get are a lot of offers to sell prescription drugs. Since I continue to get so many of them, I concluded that somebody out in the nether lands must be buying prescription medicine online.
I did a Google search for "online medicine" and found 66,000 matches. I went to the first site to see how hard it is to buy drugs online. I picked Prozac, because I hadn't heard of most of the others. I went through the ordering process and backed out just before the final step. You don't even have to have a prescription. You only have to fill out an online form. The "online pharmacy" has a doctor read over the questionnaire and issue a prescription without ever talking to you.
I'm usually in favor of shopping online, but this doesn't seem very safe to me. The FDA recommends that you don't buy prescription drugs without seeing a doctor, but they don't come right out and say that it's illegal.
Medieval Warming Period
Was there a warming between the year 1000 and 1400? Probably. There was a paper published in 1998 and 1999 by a guy named Mann that showed there was no warming trend during those years, as was previously thought. In January, Willie and Sallie at Harvard published a paper, more rigorous, showing there was almost certainly a big warming trend between 1000 and 1400.
Unfortunately, the climate of this paper does not fit well with the current political climate. Six editors recently resigned from the journal "Climate Research." Their crime? Publishing the paper by Willie and Sallie. It's like Galileo -- if you don't like the science, get rid of the scientists!
Here's a slightly biased article about it:
The White House has been known to do a little "cleanup work" on its web site, scientific and otherwise. The National Cancer Institute used to say there is no connection between abortion and breast cancer. Scientifically, that's still true. But the statement was removed from the web site.
After more trouble than they expected in Iraq, the White House edited the original headline on its web site of President Bush's May 1 speech, "President Bush Announces Combat Operations in Iraq Have Ended," and added the word "Major" before combat. Isn't that cheating?
There is another big "to-do" about the U.S. Agency for International Development claiming reconstruction in Iraq would not cost the U.S. more than $1.7 billion. They've finally removed all references to that, but they got caught lying about it.
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offence to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.
In all criminal prosecutions, the accused shall enjoy the right to a speedy and public trial, by an impartial jury of the State and district wherein the crime shall have been committed, which district shall have been previously ascertained by law, and to be informed of the nature and cause of the accusation; to be confronted with the witnesses against him; to have compulsory process for obtaining witnesses in his favor, and to have the Assistance of Counsel for his defence.
These minor details in the Constitution have lasted for 200 years, through much worse than a few terrorist attacks. I don't think we should throw them out just yet.
A New York Appeals Court said that U.S. citizen Jose Padilla cannot be held without charge. Bush said he's an enemy combatant and can be held indefinitely, but the appeals court said Bush is stretching things a bit.
An Appeals Court in San Francisco said that detainees at Guantanamo have legal rights. An Appeals Court in Washington earlier had said they don't. These cases are headed for the Supreme Court.
Here are excerpts from the rulings:
Spitzer Space Telescope
Last August the Spitzer Space Telescope was launched from Cape Canaveral, Florida. Actually, it was the Space Infrared Telescope Facility (SIRTF) when it was launched. Last week they named it the Spitzer Space Telescope in honor of Dr. Lyman Spitzer, Jr. (http://sirtf.caltech.edu/about/spitzer.shtml). Spitzer, who died in 1997, had a very impressive career.
Here's the Spitzer Space Telescope before and during launch on the Delta II rocket:
It is the largest infrared telescope in space. To avoid from earth's infrared radiation, the telescope is orbiting the sun, trailing behind the earth. Infrared radiation is essentially radiated heat, so the telescope is cooled to near absolute zero for less internal noise and distortion.
Here are some of the first images from the Spitzer Space Telescope.
The Elephant's Trunk Nebula is a dark globule within the emission nebula IC 1396, just about 2,450 light years to the southeast. Or maybe northeast.
Here is a visible light and a composite infrared view of nearby galaxy Messier 81, in the constellation Ursa Major. It's 12 million list-years away.
This site has details on these images, and more images.
Here are details on the Spitzer Space Telescope.
What a Break!
Some Chicago Panhandlers won a $99,000 judgement against the city of Chicago. $375,000 went to lawyers. Isn't there something wrong with these numbers?
Pictures of Today!
Here's a Landsat image of Waimea Canyon, 3,600 feet deep, on the Hawaiian island of Kaua'i.
Here are some dust storms in Texas, New Mexico, and Mexico last week. The picture was taken from the Aqua satellite (http://aqua.nasa.gov).
The Eskimo Nebula from the Hubble Space Telescope:
A little house on the Kansas prairie
... with running water.
Sundown in Kansas
Somewhere around Peaks 1 and 2, Tenmile Range, Colorado.
Beautiful Downtown Pryor
Unimportant Legal Notice
(@) 2003, no rights reserved. Copy the heck out of this thing!
To sign up for Junkmail or search the archives, go to
Go get off this list, please select one or more of the following easy-to-use options:
1. Go computerless.
2. Get a new email address. Tell no one.
3. Send me an email with "kangerlussuaq" as the subject.
I'm Bob Webster and I can be found at or near email@example.com
Have a nice day!