.comment-link {margin-left:.6em;}

Monday, September 27, 2004


GDI+ JPEG viruses now in the wild

This is what you've all been waiting for, folks. There is now a virus that spreads inside JPEG files targetted towards vulnerable Microsoft implementations. Yet another file format down the drain at email gateways across the world.

Everyone, please, go to Windows Update if you are using a Microsoft operating system, browser, or email software.

I'm really not looking forward to seeing this used in spam.

This virus was noticed on some newsgroup servers: SecurityFocus BUGTRAQ Mailing List: BugTraq

More technical information here: http://www.easynews.com/virus.txt

Thursday, September 23, 2004


Internet Task Force Shuts Down MARID Anti-Spam Working Group

Internet Task Force Shuts Down MARID Anti-Spam Working Group

Yikes :( I don't have alot to say about this. Personally, I think it is bad news.


Click here to become infected

Click here to become infected

It looks like spammers and virus writers are up to it again. We all know, of course, never to click on unsubscribe links. Well, here's one more reason not to. Some spammers are now seeding unsubscribe links with code designed to exploit unpatched vulnerabilities in Internet Explorer.

So, unless you want to risk your computer becoming part of the network of compromised hosts some spammers are using these days, do not EVER click on unsubscribe links.

Wednesday, September 22, 2004


Thunderbird Extension for Sender Policy Framework (SPF)

Joshua Tauberer has released a plugin for Mozilla Thunderbird to perform SPF checking on received emails. Nice.

Thunderbird Extension for Sender Policy Framework (SPF)

Something like this could be really useful if IMAP or POP3 had a method for reliably reproducing the SMTP envelope information on received email. It's too bad end-user applications end up having to muck around inside the RFC-822 Received: headers.

Friday, September 17, 2004


I quit my job on Tuesday

Yeah, for a personal note (I'm not big on those, you might have noticed).

I gave my 2 weeks notice on Tuesday. I was working at Stardust, a local roller-skating arena. I won't be working there anymore, and I hope I find another job soon.

So if anyone knows of any jobs available in the Vancouver area, let me know.

Thursday, September 16, 2004


Geek.com Geek News - Drop the mouse, use your nose

Geek.com Geek News - Drop the mouse, use your nose

UI navigation using a webcam based on head-tracking. It follows your nose. Wink with your right eye to right-click, left eye to left-click.

It looks interesting, particularly for people with various impairments.

Saturday, September 11, 2004


running XMMS instead of KsCD using magicdev

I don't have an analog audio cable attaching both of my CD drives to my sound card. I think I have one connected directly, but I'm not completely sure. When I drop a CD into a drive, it is hit-or-miss whether KsCD and other analog input CD players can output music.

XMMS, on the other hand, can perform digital extraction from uncabled CD drives. That, and it is a nicely unified player that I use for other audio formats anyways.

Mandrake 10.0, unfortunately, is configured to use KsCD by default when a new CD is put into a drive. This is just extra irritation, when all I want to do is listen to some music.

It looks like there are alot of people out there wanting to run XMMS when they load up a CD, but nobody has a good answer. I now have one, no thanks to magicdev's utter lack of documentation.

To get magicdev to load the CD in XMMS you can't just run gnome-cd-properties (which is "the" way to configure magicdev) and change the command to run /usr/bin/xmms when a music CD is inserted. This would be the simplest configuration change.

The reason you can't just edit the settings in gnome-cd-properties (or heaven-forbid, browse for a program using a nice picker) is because there is UI and no documented way to manipulate the parameters magicdev passes to executed programs. magicdev does seem to provide a special expression-passing language. However, in gnome-cd-properties, the only example of this is "%d", which passes the device name (eg, /dev/hdc).

This parameter format works great for programs that expect it, but XMMS just gets a segfault if it is passed a device (/dev/hdc) instead of a directory (/mnt/cdrom) or a file it understands. So we need to translate /dev/hd* into the appropriate mounted directory. /etc/fstab has the necessary information, we just need to parse it and pass it to XMMS.

There are two places this can be done. One is a per-user setting, the other place you can edit will change CD behavior system-wide, and can only be done as root.

If you can only change your own settings, or want to make changes on a per-user basis, run gnome-cd-properties. Set the command for audio CD's to "/usr/bin/xmms `awk '$1=="'%d'" {print $2}' /etc/fstab`" and click Exit.

If you want to make a system-wide change, open a console, su to root, then use your favourite editor to change the "launch kscd" line in /etc/dynamic/user-scripts/audio_cd.script to "launch xmms `awk '$1=="'$DEV'" {print $2}' /etc/fstab`". Save, and exit.

To test your changes, put a CD into the drive. XMMS should open with the CD's tracks in the playlist, and begin playing.

I hope this helps someone.

Saturday, September 04, 2004


Microsoft still burdening anti-spam standards with licencing requirements

Well, it looks like Microsoft is up to it's old Caller-ID tricks with the child of Caller-ID and SPF. Sender ID was supposed to be the best of both standard proposals. It looks like Microsoft felt that a licence was "better" than no licence. I wonder what Meng Wong thinks of that.

Also, what is the IETF doing considering encumbered technologies for inclusion in any kind of "open" standard?

Sender ID loses supporters - ZDNet UK News

Thursday, September 02, 2004


wireless in philadelphia


A whole city going wireless? Cool!