Mara's weblog

Biggest Polish Torrent site (as hacking.pl website (in Polish) states) was closed by MPAA.

What is strange is that: a)Polish site is closed and the note is in English, b) it says "There are websites that provide legal downloads. This is not one of them." and they can't be sure that 100% of the content was illegal (if only one file was legal, the sentence in logicaly not true).

As Torrent's becoming a popular way to download latest Linux ISOs, I don't like the move. They simply can't block illegal content, right? Plus, as it was already written 100 times (or more) such actions don't stop P2Ps. Lower prices do.

There's also an reaction to the MPAA action - shutdownthis.com (offically a parody).

Update: it was a April 1 joke (released too early - check my entry from April 2).

New MySQL beta was released recently. MySQL 5 will have stroed procedures, triggers and views. Subqueries are available since somewhere in 4.1 series. I'm wondering how will this change performance... I guess I need to wait until final release.

There's an zdnet article about this. Changelog is available on MySQL site.

IT Conversation site (worth bookmarking, BTW) has John Smart's talk about changes, technology an future. The full title is: Simulation, Agents, and Accelerating Change: Personality Capture and the Linguistic User Interface.

The talk is long (65 minutes). What is interesting for me is that he referes to changes, not revolutions. He talks about new technology replacing the old one - using "less matter, less energy, and less space".

I don't agree with all, but it's definitelly worth listening. The abstract presented before you download the file (BTW: registration is optional) doesn't cover all main topics. Better summary can be found in Kaedrin Weblog

CRN has an article where Jimmy Kuo (the one who traced Melissa virus author in 1999) states that the number of malware transmitted by email had its peek last year.

Peak means that there should be less after that. I don't see it when looking at malware: popular mail software still has bugs, users don't configure their software correctly, botnets have agreat time. Maybe I don't see data showing the trend?

A recently published study stating that Windows configured as server is more secure than RedHat Linux was released in final form. And there's a suprise - it was founded by Microsoft (the authors didn't say that before).

A number of voices about the whole event is presented in an article in Seattle Post-Intelligencer. The whole raport is also available from the same site (PDF format).

Now it may be completely fair (I've browsed it and in the configurations they had they may be right - but the biggest customization was to choose package category during install) and no-one will believe them. Even when they say there's no bias.

Zdnet reports doubts about GPL licence in version 3 that will be released in one or two years. On the Debian discussion list one problem was pointed. Linux kernel is released under GPL2 with no standard option allowing to choose later GPL version instead.

I don't know how GPL 3 will look like (the project has not been released yet), so it's hard to say if there will be a think inside hat may make someone fork to use the new licence. For most project agreement of all contributors is not that hard to get, but sometimes (serveral hundred authors or more), it may be a problem.

The second thing is the note about later versions of GPL. Many projects have it (how many? I don't know). It requires trust in FSF.

The fact is that there may be a problem with contacting all the authors. Will it be a big one? We'll see. And we'll learn this way.

Yahoo has released search for content released under Creative Commons licences. You can search for content you can use commercially. Good idea, I'm waiting for a similar thing released by Google. I know it's useful, because I've spent much time searching for material with acceptable licences for this site :)

AOL has new terms of use for their instant messaging system AIM. Inside there's an interesting passage:

You or the owner of the Content retain ownership of all right, title and interest in Content that you post to public areas of any AIM Product. However, by submitting or posting Content to public areas of AIM Products (for example, posting a message on a message board or submitting your picture for the "Rate-A-Buddy" feature), you grant AOL, its parent, affiliates, subsidiaries, assigns, agents and licensees the irrevocable, perpetual, worldwide right to reproduce, display, perform, distribute, adapt and promote this Content in any medium. Once you submit or post Content to any public area on an AIM Product, AOL does not need to give you any further right to inspect or approve uses of such Content or to compensate you for any such uses. AOL owns all right, title and interest in any compilation, collective work or other derivative work created by AOL using or incorporating Content posted to public areas of AIM Products.

All bolds are mine.

It means that your work can be used without your agreement (you may prefer Creative Commons licence). The solution is stop using AIM if you still do it.

DRM is in the news again. This time it's a comment from BBC journallist, available also in his blog.

It's a good, balanced text. He shows why DRM can be useful, but points the dangers. The conclusion is that better solution is to change media companies attitude and make them understand that people will pay if the price is reasonable and the material is good. True, but I don't see it happenning in the near future.

My opinion doesn't change since I've read about DRM for the first time: a security solution (in general) won't work if user has control over the equipment. No matter how compilicated it is, it will fail. Especially when sold in milions of copies. There will be flaws. They are always found. DRM is not the answer...

Got spam today. Nothing special, but this one is interesting.

It looks like a message from eBay (my copy seems to be sent from Sweden — because of the message header). The title is "eBay Account Suspended". Everything looks correctly, it points to eBay site...well, seems to point. The HTML code probably says everything:

<b>To confirm your identity with us click here: </b><br> <a href="http://218.38.12.41/ebay/"> https://www.ebay.com/account/fraudverification/verification.asp?system=0x12

So it shows proper address, but really points to a different one. I'm not hidding the IP. There's a form on that site, looks like an eBay one, designed to get users' passwords.

Nice try, should work for many people. Only browser URL spoofing is missing.

Comments seem to work in both blog versions and with the right style.

I'm fighting with comments today. It seems that they're working, but there are still small issues (styles, default pages etc).

CGI Comment is not that easy, many values (filenames, directories, styles) are hardcoded and it requires much time to change all of them (and do it correctly).

I hope I'll manage to finish it in the weekend.

Cookies - small pieces of information collected when browsing the web have both good and bad sides. I have thorough that the second side is not known by the users. A study by Jupiter Research (not available to public, you need to be their client) reported by zdnet shows that I may be wrong.

It says that 58 percent of users have deleted cookies and 39 percent may do it monthly (I wonder what does may mean here). What's more, 38 percent think that cookies are bad for their security and privacy.

If the results are true (I don't know how many users were asked etc.), they make all cookie-based methods of user tracking much less valuable.

The easiest way to get rid of cookies is to block them. I use this method and have my browser set to always ask me when a new cookie comes. I usually click Reject. How many users have settings similar to mine? Polish site ranking.pl says that only 3 percent blocks cookies. But the site that collects the data is on the popular lists of filters for Adblock

I don't know what to think about the result, especially when comparing the two. I'm waiting for new surveys, maybe they'll be able to make things clearer.

An article about GCC version 4.0 which should be out soon was published on zdnet. Mark Mitchell, who's release manager for GCC 4 is cited a number of times. Most of it is about performance.GCC 4.0, according to him, should be faster than previous versions (generate faster code). As gcc is the compiler I use very often, it's a good news.

I wanted to know more, so I've found GCC Wiki entry about features in 4.0. And that's right - it's mostly about optimization. Most features don't tell me much, but I hope the result will be good.

There's also a long list of GCC 4.1 planned features. I wonder how many of them will be actually present in the final realease. The list is impressive.

When will be GCC 4 released so it can be tested? This year. The development plan says early 2005. It should be soon. We'll see...

Nero burning program is available fo Linux. From what I know, it's used to burn CDs and DVDs and quite popular among Windows users.

To download Linux version you need to be a registred Windows version user (but not demo and OEM). RedHat, Fedora, SuSE and Debian are officially supported distributions. What's interesting, Mandrake is not mentioned... Other sources say that the program is available in RPM and DEB format and should work also for other distributions (still, not Slackware). Not sure if it's true - I haven't tried it.

Will Nero for Linux become popular? Maybe, if it becomes free. K3b is a very good program and it's not that easy to move Linux users to another solution when the current one works well. I think that currently Nero is only interesting for people who already have Windows version (and not OEM version that came with their CD-burner).

I'm also thinking which library was used for user interface. The screenshots suggest GTK. I'm not sure, however, it may be also Qt (or a different library).

I got a paper recently entitled "Remote physical device fingerprinting". The main author is T. Kohno.

The thing is about beeing able to say that one machine we have a trace (a number of packets) from is the same that the one another trace comes from. Clock skew, and the way it changes TCP Timestamp option, is used.

The machines the authors observed had constant clock skew. It looks that there's a method to recognize them this way, but... It's easy to trick it: disable the option, use lower clock resolution or randomize a number of bits from the timestamp.

This work doesn't mean that privacy in the Net has ended (as the article on zdnet) suggests. The idea is interesting, but may be hard to use, especially to trace a very big number of machines. It's much more usable (at this time) to find out that the machine we're observing is a physical one, not emulated (using honeyd or similar software). It's because the emulator implementation is not perfect and its' timestamps don't work as ones from the real systems. But that's only a matter of time...

When we want to recognize the computer, we need more than this one method (OS fingerprinting uses a big number of tests).

I have found the differences in network stacks especially interesting. And the method to make Windows send timestamps (it doesn't by default in certain versions) is absolutely cool (read: the implementation is poor).

The paper (PDF format) can be downloaded from CAIDA or from author's site.

Warning: CAIDA wersion is 10MB (15 pages).

That's first entry in my blog. What will be it about? I plan to include my comments and opinions about things I've seen or read, usually those from the IT world.

I plan to have two versions of the blog: one in Polish and one in English.They won't be the same, but similar.

See you!