XML and software
XML, web and software in general, with notes on Radio Userland resources

Ken Novak's Weblog


daily link  Friday, November 11, 2005


History's Worst Software Bugs: Cool story of software bugs with bad effects.  First, why "bug"?  In 1945, "engineers found a moth in Panel F, Relay #70 of the Harvard Mark II system. The computer was running a test of its multiplier and adder when the engineers noticed something was wrong. The moth was trapped, removed and taped into the computer's logbook with the words: "first actual case of a bug being found."

My favorite story was an intentional bug placed by the CIA in 1982.  The background refs are worth reading.  "Operatives working for the Central Intelligence Agency allegedly (.pdf) plant a bug in a Canadian computer system purchased to control the trans-Siberian gas pipeline. The Soviets had obtained the system as part of a wide-ranging effort to covertly purchase or steal sensitive U.S. technology. The CIA reportedly found out about the program and decided to make it backfire with equipment that would pass Soviet inspection and then fail once in operation. The resulting event is reportedly the largest non-nuclear explosion in the planet's history."

  11:19:26 PM  permalink  

Discover Music - Pandora: Neat service that generates a radio station by picking music that resemble a single artist or song.  Way cool.  An outgrowth of the Music Genome Project: "Over the past 5 years, we've carefully listened to the songs of over 10,000 different artists - ranging from popular to obscure - and analyzed the musical qualities of each song one attribute at a time. This work continues each and every day as we endeavor to include all the great new stuff coming out of studios, clubs and garages around the world."  [Thanks, Scott]  10:57:13 PM  permalink  

cosign: web single sign-on: Open source solution from the University of Michigan.  License resembles BSD.   2:13:04 PM  permalink  

verydodgy.com: Silly fun site, with some useful google hacks (like remote-control webcams), and a perceptive article in FT about it.  11:13:57 AM  permalink  

Anapod Explorer vs. iTunes: 3d party iTunes replacement, supporting alternative file formats, file and playlist management systems, PDA functions, and web and streaming access to iPod contents.  $20-30.  10:59:12 AM  permalink  

NearlyFreeSpeech.NET Web Hosting: Hosting with "long tail" pricing. "no contracts and no commitments .. If you'd like to talk to one of our sales reps to get a quote, you're out of luck. We don't have any. We also don't have any commissions, referral payments, or kickbacks. With NearlyFreeSpeech.NET, your money goes straight to the services you actually use"

  • Data Transfers (Bandwidth):   $1.00 per gigabyte
  • Disk Space (Storage):   $0.01 per megabyte-month
  • DNS at $0.02 per registered domain per day, no matter how active your domain gets.
  • Domain registration at $7.45 for a one-year .com and $7.68 for .net or .org.
  10:47:04 AM  permalink  


daily link  Wednesday, November 09, 2005


Desktop Integration Bounty Hunt: Great idea.  Corporations (primarily Novell and Google now) announce bounties for open source code that integrates open source desktop software in the Linux environment.  "The goal of this contest is to improve the quality and functionality of the Linux desktop. .. Each task listed below has a bounty associated with it. Your job is simple: choose a task, do the work, fill out the claim form, and collect the bounty. "

  4:36:16 PM  permalink  


daily link  Tuesday, November 08, 2005


New Worm Plupii Targets Linux Web Service Holes: "The three vulnerabilities it attacks through are the XML-RPC for PHP Remote Code Injection vulnerability; the AWStats Rawlog Plugin Logfile Parameter Input Validation Vulnerability; and the Darryl Burgdorf Webhints Remote Command Execution Vulnerability.

When Plupii is successful in infecting a server, it then sends a notification message to an attacker at a remote IP address via UDP port 7222 or 7111.  .. Next, it opens a back door through one or the other of these ports. This enables an attacker to gain unauthorized access to the compromised system. Once in place, Plupii generates a variety of URLs .. in an attempt to find and infect other vulnerable systems.

The worm itself is easy to destroy. One need only delete the file: /tmp/lupii. The more significant problem is what the attacker may have downloaded to the server while it was active.  Indeed, Symantec's Deepsight Alert Services recommends that, "Due to the ability of the remote user to perform so many different actions on the server computer, including installation of applications, it is highly recommended that compromised computers be completely reinstalled." "

  8:11:15 PM  permalink  


daily link  Wednesday, November 02, 2005


Sony, Rootkits and Digital Rights Management Gone Too Far:  Detailed detective work showing how Sony's DRM "solution" resembles the worst of malware, embedding and cloaking itself in Windows.  There's potential legal liability for Sony in the process.  Makes me want to avoid Sony and other proprietary DRM hacks.  10:33:09 PM  permalink  

Copyright 2005 © Ken Novak.
Last update: 11/25/2005; 12:09:39 AM.
0 page reads.