Rik's Ramblings

Friday, July 30, 2004

Morning trip to the gym

I must say the early morning trips to the gym are working out pretty well!

Anyone who knows me can confirm that i'm really not a morning person, so it was with great reluctancy that I conceded morning would be the best time to get my work out.

Anyway, I'm now about three weeks into it and I'm feeling like a new man.

There's a slight problem with getting to work at the momebt, i.e., going to the gym makes me super late into the office and I then have to work till 8pm. But at least it's nice and quiet at that time of day:)

I'm expecting to have '6 pack abs' by August ...

c@lifestyle

Wednesday, July 28, 2004

The News

There's something wrong with the world ... or at least the country ... when Comedy Central is the channel you watch for decent news coverage.

The Daily Show


Tuesday, July 27, 2004

Super-size Me

Don't know if this is true, but I'll be watching out next time Ben wants to go to McDs!

    kevin rose dot com: "Here is a tip for you.

    Next time you are at McDonalds and want to buy a 6 piece chicken McNuggets, instead buy two 4 piece, its cheaper and you get more.

    -Andrew"


In a similar vain, I've always wondered why anyone buys a Large Soda in a restaurant when the restaurant has free refills! Why not save yourself a dollar by buying the small and refilling it more often?

Cryptic C Code ... I thought that was the point!

Someone had a problem with his strnicmp() as - seemingly - it's not portable (not ANSI).

I told him to make a macro like the following, he was only checking one character anyway:

#define TOUPPER(c) ( c & ~('a' ^ 'A') )


He said it was too cryptic! Too cryptic!! I thought that was the point of C!

Besides, that's not cryptic. I think people just don't know how to code these days.


c@software

Monday, July 26, 2004

Decking Design Dilemma

With the completion of the Sagarville drive-way (and very nice it looks too) we are moving onto the next little yard project - the deck or patio.

There was a patio at the back of the house, but the concrete was all lifted due to the big mulberry tree in the middle of it. So Andy (the builder who did the drive) took the concrete away - at our request.

We now have a big plot of dirt at the back of the house which we want to convert into a deck. However we have a couple of dilemma and Mrs Sagar and I can't agree how to 'design' it.

Mrs Sagar wants to just plonk a 20'x20' redwood deck there, with the mulberry sticking out of the middle. I on the other hand see that building around the tree is going to cause bags of problems with setting the level of the deck, clearing roots, digging out hundreds of cubic feet of dirt. And it's going to look aesthetically retarded.

unfortunately I don't have a good suggestion for what it does need to look like.

Time is running out, however, as Mrs Sagar is complaining that lucky-dog keeps digging in the patch of dirt and coming into the house with dirty paws.

Lucky Sleeping - 11:30pm, July 26



c@house c@dog

MyDoom variant slams mailboxes, search engines | CNET News.com

MyDoom variant slams mailboxes, search engines | CNET News.com:

    "...the virus searches for e-mail addresses ... by running queries on all four search engines"


Pheww! They've not infringed my IP :-o

Just another boring "let's see how many email addresses I can find" zombie.

c@malware

Could Scumbot-Channels already be real!?

worm uses search engines to find new victims:
    "SAN FRANCISCO (Reuters) - An Internet worm that uses Web search engines to find new victims spread widely on Monday, apparently causing problems for Google Inc. on the day it set the price range for its initial public offering, Internet security experts reported."


I need to investigate this more. I suspect it's unrelated to my idea.

c@malware

CRM News: Trends: Africa Can Seize Share of IT Outsourcing Market


Clearly, Nigeria has a thriving email industry (419 scams), but does that mean you should trust them with your outsourced IT tasks ...?! Not if it means your customers social security numbers are going to be exposed to prying Nigerian eyes ... they do have a bit of a tradition over there for being less than saintly! Yeah, I'm sure it's something to do with 100 years of oppression by the west (blah-blah).

c@software c@business

Friday, July 23, 2004

scumbot-channel staggers to life

Break out the champagne ! My bot'speriment was successful! My scumbot-channel has staggered from the primordial goop to prove that malware across the planet can reliably (if slowly) "phone home".

I managed to find the diveboy@hotmail.com signature. Alas, I had to modify the search a little! I had to prefix with a %20%3f, which was text I prefixed the email address with, for no reason other than giving it a certain random error look! I guess it's something to do with the way google tokenizes the keywords in their database.

Anyway, with a google search I found two guest books that were hosting my 'scumbot semaphore':
Chinmoy's Portal
and
Air of Authority - A History of the RAF Organization

Sure enough, I hit the link from google and I could search the retrieved guestbook page for my message. Ah, the joys of genious ... now all I need to do is take over the world.

So I think it took about a week for the guest-book entries to get into Googles database. Which isn't too bad. If you were planning to launch a DDoS you could reasonably expect to plan your attack a week ahead of any major world event.

Next Step
Obviously, the next step would be to automate a the whole thing:
  • Search Web Using Google to find "Sign Guest Book"
  • Randomly retrieve the HTML for 10-20 of the hits
  • Parse the HTML of the page into some kind of DOM
  • Traverse the page's DOM to find the

  • Create a HTTP response with the textarea full of scum-bot semaphore
To be honest posting the semaphore doesn't really need to be automated, as it's done as a one-off by the scumbot master. Could be done manually. On the other hand, the zombie/virus/worm/malware needs to be automated to do the following:
  • Search Google for %20%3fdiveboy@hotmail.com once per day
  • Retrieve all/any matching pages
  • Parse the HTML into some kind of DOM
  • Traverse the elements looking for the semaphore pre-amble (%20%3f&)
  • Extract the scumbot-semaphore
  • Decrypt/unpack the message
Anyway, someone else can do the donkey work. As we system architects say, the rest is just software...

Oh, I suppose I should call it something other than a scumbot channel, as Scummy has already developed his own little bot that he calls a scumbot. But in his case, it's not half as nafarious as mine, it's just a useful little IRC bot.


c@malware

Tuesday, July 20, 2004

Linda Ronstadt kicked out of Vegas for praising Fahrenheit 9/11

Daily Times - Site Edition

    Linda Ronstadt was booed and kicked out of a Las Vegas casino for praising Michael Moore and his film Fahrenheit 9/11 on stage.

    ...

    Aladdin president Bill Timmins said Ronstadt was escorted off the property and was not even allowed to return to her hotel suite. Ronstadt “spoiled a wonderful evening for our guests and we had to do something about it”, Mr Timmins said.


"Free speech", "free speech", don't talk to me about "free speech"!

Cross site scripting and script injection

ZapTheDingbat: "Cross site scripting and script injection"

    MasterCard ... seem to have missed some all too basic gaps in their own security.

    Along with ... an almost endless list of further high profile sites, MasterCard have still left chinks in the armour of their own site.

    The oversight of some basic security flaws allows hackers to send a user to the site while displaying any content and functionality of the hacker’s choice.


You see, the trouble is, no one's hand crafting HTML anymore! They're all using these wizzy tools to create webpages and they have no idea what all the JS (BS) is doing under the hood.

Rik's tips:

  • If you're providing log-in credentials in a page. Make sure you typed the URL in the browser yourself - not following a link.
  • Periodically check your hosts file to make sure it's not been hacked.
  • Use a reliable browser

Doggy Update

Lucky has his first trip to a dog park at the weekend.

The Sagars went on mass, along with Ben's friend, his family and their dog.

Things went well, Lucky didn't run away too much or attack anyone ... ah, well. He did get overly curious with one little rat like chuwowa dog. He almost crushed it with one of his mighty paws. He only went over (er, bounded over) for a sniff, but the little boy holding rat-dog got scared and let go of the leash ... I think rat-dog got scared too cos it tried to run away. Now, anyone'll tell you, if you run away from a boystrous lab that's like an open invite for it to come and play 'tag'.

Unfortunately rat-dogs break easy. There was some yelping and some upset children. Rat-dog and his family decided to leave the park in a huff. Sorry rat-dog! If it's any consollation Lucky felt really bad about spoiling your morning. He came and laid down on the grass for two minutes looking guilty.



Monday, July 19, 2004

From our offices in Bangalore

The following gem was received on the company-wide knowledge-board that my retarded multinational employer hosts.


Hmmm, it seems the fountain of all knowledge for our off-shore engineering team is a little website called How Stuff Works.

I just did a little search for n-tier web services infrastructure and I have to say, I don't think I could build any business class products with the information that came back. But I could probably draw a nice powerpoint slide that'd sufficiently convince a CEO that I knew something.

Friday, July 16, 2004

phish-tastic

This one's funny!

I got this phisher email today.



(Click here for fullsize image)

Rediculous! It's like someone typed the message in on an old Olivetti then scanned it with a fax machine. Presumably to
avoid the Basian SPAM filters.



But I ask you, how retarded would you
need to be to reply to this one!



Now, what's also very worrying is the open redirector that the phisher found at

http //citibank.com/domain/redirect/citi.com/global_nav/pands.htm







Rich Text Blogging in Blogger.com

Much respect to Chris Wetherell for the excellent DHTML/JavaScript powered WYSIWYG editor now present in Blogger!

Cartographica Extraordinaire: The Historical Map Transformed

I was watching The Screen Savers yesterday and they were inteviewing a guy called David Rumsey . He has a really cool website full of old maps. Hey, now you know I really am a geek!

Anyway, he's got a new book out: Cartographica Extraordinaire
Here's what they say on Amazon about it;

    Cartographica Extraordinaire alluringly presents the highlights of a remarkable collection of historical maps. What makes this book stand out from other published map archives, though, is its reflection of the generosity, energy, and intellectual curiosity of David Rumsey.
Not just yankie maps, found some really good old French ones. Incredible resolution!


This image of Cap d'Agde one ...


Is a zoom in of this picture of South West France ...



Incroyable n'est pas?

Wednesday, July 14, 2004

Mexico revs high-tech ambitions | CNET News.com

    Mexico revs high-tech ambitions | CNET News.com: "SAN FRANCISCO--Mexico in conjunction with a U.S. corporation is trying to woo high-tech companies south of the border with a new industrial park, fairly easy transportation and a massive tax break."


Oh Goodness Gracious Me. What does this hold in store for poor Sanjay and Sum (see previous post)!

Nuclear Software: Java Bot 2.0

Nuclear Software: Java Bot 2.0

Looks useful. Might use it for a project.

Bot'speriment

Scum Bots

So, I'm trying to refine my theory about what I will call 'scumbot-channel'.

I did a search on Google for "Sign Guest Book". I then picked, at random, some hits and traversed to their site.

If the landing page had a form on, I filled it with 'pseudo-garbage'. The garbage basically consists of three fields, depending on the type of field;




Field name contains 'name' or 'email'form element name plus
%20%3fdiveboy@hotmail.com
Field is a 'textarea'form element name plus
%20%3f&09f3228caf090ef4b98c1d44e03c6c03 *-
Otherwiseform element name plus
%20%3frandom digits


The textarea one is the important one. The text after the '&' is supposed to be a secret message from the 'scumbot master' to a scumbot running on a zombied machine somewhere out on the internet.

What next?
The idea is that I will, in a week or so, do a search of Google for diveboy@hotmail.com.

If I find it then I can extract, from the search result, the textarea field - identified by the magic prefix string %20%3f&.... The text after the '&' I consider my 'secret message'. [infact it's just a md5sum of This is random selection 1].

Why?
I consider the messages posted (fairly annonymously) in the third party guest books to be control messages from 'scumbot master' to scumbots. Scumbots can run scripts that use a XML interface to Google to obtain search results. The scumbots will get their instructions from the guestbook posts. A short message, possibly telling them to connect to a specific IP address at a specific time to receive their real payload. Let's call it the 'scumbot semaphore'.

The scumbot master will post the message to hundreds of guestbooks - I got 3million hits for "sign guest book" when I just did the google search. It should be easy to get the 'scumbot semaphore' to stick on a least a few of them. And because we know those guest books are also going to be indexed by Google (after all, the guest book was found through Google) then we can be fairly confident that a later search will be successful in locating the available 'scumbot semaphores'.

Why am I telling you this, doesn't it spoil the suprise?
So in the interest of full disclosure I'm publishing my intent here.

Stating that it's research in the name of internet security gives me a fighting chance in court of not being sent to Guantanamo bay ;-)

I'd like to write a real paper on this when it's proved try, then talk at some swanky conference where people will chear me and throw pettles...

Monday, July 12, 2004

Yeah right, and here are the keys to my fucking car too Sanjay..!

Couple of years back my retarded multinational employer set-up an information sharing service so that all employees world wide can disseminate information.

Kind of a cool idea, people are 'network' and 'empowered' (blah). If someone has something they want to share they can send out messages to other employees who list similar interests in their profile. Maybe other employees would like to 'pick-it-up-and-run-with-it'.

At the moment the retarded multinational I work for is busy, like all retarded multinationals, re-locating all its 'development resources' to Bangalore.

Someone told them that an engineer in Bangalore is just as good as an engineer in Silicon Valley, but 1/4 the price. Someone said that ... I think it was an India guy, anyway!

Remember that kewl information dissemination board I mentioned? Below is an example of the types of message that come-up on the list on a pretty regular basis these days;

    I have been assigned the task of developing a doo-hicky for Set-top Box. Does anybody has a prior experience in developing a doo-hicky for Consumer Electronics goods?

    Regards, Sanjay - Bangalore


Hmmm, let me think, ..., just a minute now ... I'm sure I've got that information. Oh wait a minute it's right here in my fucking head.

Needless Sanjay isn't his real name and he isn't really making a doo-hicky.

There were a couple of small typographical errors in the text, but I don't want to focus on those.

I am perplexed, my dear retarded multinational employer. I mean, assuming it's a good idea to have all these people in Bangalore saving you money. And assuming they're saving you lots of money. Wouldn't it be a good idea to train them to do the job you pay them to do (pay them $4/hour).

...

I'm having a little trouble formulating exactly what I want to say here.

Needless to say, the poor Bangalore employees (and they are poor) never seem to get their questions answered on the list. Not suprising. Presumably the person who used to do Doo-hicky design got laid-off about a week before Sanjay got his company push-bike.

I'm thinking there's some misconception by 'senior management' that just because two guys both have an engineering degree it makes them the same person. Funny a BMW and a Lada are both cars, yet no CEO ever drives a Lada. Both cars right, should be interchangable. Do you know you can get 4 Lada's for the price of a BMW.

Ah, I'm rambling.

It just takes a couple of retarded multinationals to say they're onto a good thing then every other retarded multinational jumps at the same idea. Regardless of whether the business situation for their company is identical to the other.

To be honest, it made no sense for my retarded multinational to move into silicon valley in the mid-90's. I'm glad they did, cos I got a cushy deal out of it. I know they did that just because everyone else was doing it and someone (an American I think) told them that Silicon Valley has creative people. Incidentally, my retarded multinational opened up it's office in silicon valley and staffed it with Expats. Yeah, I know, what was the point of that. Good holiday though for us expats.

So, back to Sanjay. I'm assuming that, in about 3 years, poor Sanjay will be writing a bitter blog entry like this. Complaining about some young guy called, ahem ... Sum Yeung Gai ... sorry couldn't resist :D who's now doing the job he used to do. But for $1/hour.

I don't see many expats scrambling to get postings to our Bangalore office.

p.s., I'm bitter, but no, that doesn't mean I got laid off incase you were wondering. But if my retarded multinational employer reads this things might change...

ONLamp.com: Stealing the Network: A Prequel

ONLamp.com: Stealing the Network: A Prequel

One of the authors of Stealing the Network has written a nice little teaser and put it on O'Reilly.

Police keelhaul world's thickest DVD pirate | The Register



It's extra funny because it starts "An Essex man ...". Or maybe it should start;
    Dis Essex man, right, walks into traidin' standard ...

    You godda larf aitcha!


God bless the comprehensive education system!



Bush Argues He Has Made America Safer

    Politics News Article | Reuters.com: "OAK RIDGE, Tenn. (Reuters) - Under fire for intelligence failures at home and abroad, President Bush tried on Monday to convince American voters he has made them safer since the Sept. 11, 2001, attacks ..."


Well of course he has! All the terrorist are too busy killing Americans (and Brits) in Iraq. They don't have time to blow things up over here.

yard

Got builders in this week. Need a new driveway.

I recon I'm in the wrong business. The builder's charging $14000 to concrete us a new drive. It'd take me weeks to earn that kind of dosh and I bet he'll be done by Thursday.

And he gets to drive 'round outside in a Bobcat all day catching some rays.

Ben's impressed by all the trucks. However he started to blub when the back patio got ripped out. He liked to drive his Jeep on there. It's going to be a swanky woodern deck soon.

Saturday, July 10, 2004

What's New on Rik Sagar's Eternally Under Construction Web Site

Well, remember the old days I used to have a "What's New" page as the homepage. Well now I'll just make the announcements through the blog - if that's alright with you!














Section What's New?
Boys Toys >>> This is updated. All the old stuff removed and new toys added! Well, not quite true, the iPod is still there, but that's still kewl. Ben's list is a little short at the moment.
Julia Sawalha >>> Yeah, I know, it's alittle passé, I wasn't going to bother, but there still appear to be a lot of people who want to find JS pictures, and I have a bit of an archive, so I'm putting it back online. Don't expect any updates!


c@new

Friday, July 09, 2004

Error 504 - Your MiniDisc Player Detected a Folk CD in your CD-ROM Drive

I swear it took me two hours this morning to get my minidisc player to 'rip' 2 CDs with 'simple burn'.

Never had the problem before. Then it suddernly dawned on me ... they were both folk albums. Gosh-darn it, is simple burn smart enough to know I shouldn't be listening to that folky shite. What else could it be.!?

Oh, I later found out, the battery was nearly flat on my minidisc player, so it was crapping out during the transfer. HEY, but I like the
X Error 504 - Your MiniDisc Player Detected Folk Music

explaination better.

Hey, that's not supposed to happen!!!

Mozilla users should know about the shell: protocol security issue

A security issue with Mozilla. No way dude.

I suppose we should take some comfort that it only affects Windows, ergo, it's still Microsoft's fault ;-)



Thursday, July 08, 2004

Lexar 1 GB Pro 40X USB CompactFlash

Is this for real? A 1Gig compact flash card, not HD based, but Solid State.

Saw it on Amazon today. It's a little pricy, but enough storage for a couple of hours MPEG movie - screw digital fotos! Use it to transfer movies around :-D

Microsoft, California deal gets final OK


    A judge granted final approval Wednesday in a $1.1 billion settlement between Microsoft and California consumers, who accused the software giant of violating state antitrust and unfair-competition laws.

    By Rachel Konrad / Associated Press


I read the full article in the San Jose Mercury this morning, but can't get to it now (sign-up required for the electronic copy, blah blah...)

Anyway, the important link is Microsoft-California Class Action Settlement. Go there and (if you live in Cal.) sign-up to get some vouchers for software.

Then go to Mozilla and give them the money!

Wednesday, July 07, 2004

New Blog Title

What d'you think?



Make $100/hour for doing nothing!!

Well, you need to turn off your firewall and virus scanner, but other than that just do nothing!

    "LONDON (Reuters) - Vast networks of home computers are being rented out without their owners' knowledge to spammers, fraudsters and digital saboteurs, security experts said on Wednesday.

    Yahoo! News - Home PCs Rented Out in Sabotage-For-Hire Racket

    The terminals have been infected by a computer virus, turning them into 'zombies' -- slaves to the commands of a malicious and unseen controller."


Hmmm, some kind of firewall product might be the answer.

Maybe - as part of the big chunk of change you pay to your ISP every month - they could provide some level of port scanning to their customers to see how wide open they are. They could probe for known bots and look for traffic signatures. Presumbly these bots all use some kind of p2p protocol to communicate back to their mother-bot.

Admittedly there'd be issues with SBC doing port scans every day on my machine. I mean, they might notice there's a webserver running on port xxxx of my machine, but that's not a 'bot, it's my server. I don't want constant emails warning me about my own webserver.

But most mugs don't intentionally run servers from home, or if they do, they should know which port it's on and could do a selective disable of the ISP scan on that port.

In the meantime, Shields-Up is a good free service that can be used to do a quick port scan of your machine - based on the IP address that it sees when you connect to their site. RUN IT NOW!

Monday, July 05, 2004

Camping Weekend - July 4

We got an 'early' start and drove into Monterey. We knew it'd be busy for the July 4 celebrations.

First stop was the bike shop, to buy a new tire. Got a 'Thorn resistant' to see if that's what I need to hold the extra pressure due to Ben's trailer-bike.

Went to the aquarium for a few hours. They have a new shark exhibit that we wanted to see. Turned out to be not as good as we expected - not enough sharks! It was more historic display of people's interaction and misconceptions of sharks; from ancient hawiian shark-god worship to Jaws. And not forgetting shark-fin soup - what a stupid idea that is.


Did some beach time after the aquarium.

Then went to The London Bridge, English pub. Three pints of Smithwick's. We had a great spot for the 4th of July fireworks, the fireworks were on a barge in the bay. Admittedly, there's something ironic about watching the Independance Day fireworks from inside and English pub, but there you go.

I have to say the fireworks were a somewhat disappointing. San Fran is much better.

Ben cried because the fireworks were too noisey. But didn't want to miss any of it.

Got back to the camp-site around midnight. Long day!

Camping Weekend - July 3

Nice relaxing day on the campsite.

Ben and I got up and went for a little explore - Ben on scooter, me on foot.

Debbie relaxed by the campfire with her book...

Explored the big river running through the campsiite.

Some hick redneck was letting his son shoot an air rifle into the river to 'catch fish'. Sure it's illegal. Anyway, there were no fish in the river ... but now there's lead.

I later found out that the river is a breeding ground for an endangered steelhead trout. So there you go, just adds a little extra red-ness to the rednecks neck. I knew the guy was a retard when he used the phrase "... let's wait 'till after we break camp.". I'm sorry, when you're on a three-day camping weekend with your kids I don't think 'putting the tent back in your truck' counts as 'breaking camp'. Maybe next-time your steering cows cross country with ol' Cherokee Bill and Tonto maybe "break camp" is an appropriate phrase to use. Anyway, I digress...

Checked out what looked like an old homesteader's house.

Ben made me do three puppet shows on the 'stage' before we could proceed. Basically consisted of me making a fool of myself doing 'Three Little Pigs' and other such stories at the side of a road as people walked passed and looked at me funny.

Went back to the campsite for 'full-English' breakfast.

Ben and I went down to the river for a swim. We arrived at the same time as about 100 Mexicans, so I thought we were going to get over-run and have nowhere to swim about, but luckily they were just there to baptise some of their clan. Most simply stood on the bank and clapped and sing as a few got dunked in the 60F river.

Water was exceptionally clear (dispite the recent addition of lead shot). Splashing about was great fun, even though it was damn cold. Ben wasn't having any of it. He sat at the side and ordered me to get cold and wet.

Meanwhile, back at the camp, Debbie relaxed by the campfire with her book...

After drying off, we made pop-corn on the campstove and fotogrphed some of the local wildlife (stella-jay's and squirrels).

Ben and I went for a bikeride around the campground in the afternoon ... while Debbie relaxed by the campfire with her book...

Went looking for crayfish. Saw some crazyass asian-guy trying to fish for crabs in the river (I'm sure that must be illegal too).

Stopped for ice-cream on the ride back (Ben had a Ben & Jerry's "Cherry Garcia").

Got another damn puncture. I'm beginning to think it's having the extra weight of the Traile-bike that keeps popping my back tire, that's two tires for three rides. Fortunately we were nearly back to camp, so it wasn't a great hardship to wheel him (and the broken bike) back.

Finishing up the day with a bottle of red (wine) by the camp fire. Nice Copolla Claret. Very impressed with Francis' reds. The Cabs, the Zin and this have all been good. Fast becoming my favourite vintner. Must pay a visit to his 'shop' in Napa next time we're up there.

Thursday, July 01, 2004

Confirms what I already knew really!

Zombie PCs spew out 80% of spam | The Register

    "Sandvine's analysis, ... shows most spam now originating from residential broadband networks."


Zombie See Full Article on The Register:

Followed a link to a really useful site from that article SenderBase. Let's you keep a track on which domains are sending the SPAM.

Incidentally, the article goes on to say that most (75%) of the URLs contained in the SPAMs point to servers in China. Another win for outsourcing I suppose.