point Index, February 2005



PGTS Journal
February 2005
 Click here for: PGTS Journal Main Page
Click here for: Prev Blog Month
Click here for: Next Blog Month
Last Updated: 21-Feb-2005 10:54 GMT

PGTS Blog: February 2005

If you have a question regarding any of the articles in this journal, or some comments please send them in. If there are any general questions about Unix or Database Administration, I will attempt to answer them.

Blog Entries:

How Wrong Can You Be?

Date: Sun, 20 Feb 2005 03:43:50 -0500

The Sunday edition of the New York Times featured an interview with George F. Colony, chief executive of Forrester Research, written by Laura Rich.

The interview is titled "As I.T. Goes, So Goes Forrester?"

Those of you with a New York Times online subscription can read the article here .

One of the questions that Laura asked was as follows:

Q. Let's talk about Google. You came out against it to some degree last year, citing competition from Microsoft, Yahoo and AOL. But Google has done well. Were you wrong?

A. This is how I saw it: that Google has three major challenges in front of it.

It was a rather soft interview. Because, he was not only wrong! He was wrong, wrong, wrong!

Interesting that he quotes those above "challenges" as the reason that Google will fail. In February 2003, I wrote an article which cited his so-called problems as the reasons why Google had succeeded, was succeeding and would continue to succeed!

If any of Forrester's customers actually paid for that analysis, and are reading this, I would like you to know I am also available to do analysis ...

Back To Index

Good Day To Me ... From 65.54.233.98?

Date: Sun, 20 Feb 2005 12:49:16 +1100

I received a rather strange e-mail today.

At first I thought it must be spam. But the headers appeared almost genuine. Then I checked the IP address, and I was surprised to discover that it was owned by Microsoft. The IP address 65.54.233.98 had a DNS lookup of bay21-f9.bay21.hotmail.com.

Surely Microsoft wouldn't allow one of their hosts to be hijacked by spammers?

The content of the message seems very spammy ... You can check the details here.

I tried looking for other evidence of spam from this IP address. There is one positive in the OpenRBL. An Aussie list (AUDNSBL/dnsbl.net.au - Multiple Spam Traps Block List formerly bl.reynolds.net.au).

The Google Groups abuse listing also returned three positives.

Blars has listed them. He returns 127.1.8.48 which translates to the following (alleged) misdemeanors:

What is happening here?

Back To Index

We'll Keep The Red Flag Flying Here!

Date: Fri, 18 Feb 2005 03:48:47 +1100
The people's flag is deepest red,
It shrouded oft our martyred dead,
And ere their limbs grew stiff and cold,
Their hearts blood dyed its every fold.

Then raise the scarlet standard high.
Within its shade we'll live and die,
Though cowards flinch and traitors sneer,
We'll keep the red flag flying here.

-- (Trad) Sing it to the tune of "Oh Christmas Tree".

Ahh Comrades, I'll just take my hands away from the piano keyboard now and turn instead to the computer keyboard ...

Yes, the computer keyboard ... Still nothing like a rousing verse and chorus of "The Red Flag" to set the mood. And let me assure you that we will keep the red flag flying here at PGTS ...

Oh you didn't know? You didn't realise that we are all communists ... Here in the Surrey Hills chapter of the Melbourne Communist Party?

But we are! I can assure you we are as RED as a glass of Aussie Shiraz! In fact, you should be aware that anyone who advocates the use of Open Standards is a communist! We are all in it together! Have been for years. We are a mindless swarm of fire-breathing, baby-eating communists! And if any of you should be so foolish as to use any open source software, that will be our foot in your door. After which, of course, we will kick down your door. And hordes of us will pour in ... over-whelm you and eat your babies!

I actually read Bill Gates comments on the topic of Intellectual Property over a month ago. It was a week before I started this blog. At the time I thought that these ludicrous remarks did not even deserve a comment. They were probably on a par with the comments that Steve Ballmer made four years ago about Linux being a cancer! ... And having just promised not to make a comment, I just thought I'd make the little observation that it is more than a little ironic for anyone from Microsoft to talk about software being like cancer! ... Whenever the topic of cancerous software comes up, there is one large carcinoma on the software landscape that springs into my mind. And that software blight is sourced from Redmond!

Ok, I said I intended not to comment on Bill Gates assertion that we are all communists. That was because I thought that there would be lots of response to that little bombshell, and there was. One of the better ones was from Richard Stallman, easily identified as a hippy and a communist, and I am pleased to hear that he is going to "Keep the Red Flag Flying" also.

But I just can't refrain any longer from a few more little comments ... Because while we are on the topic of communism, we see a disturbing Stalinist trend in Microsoft's software. It seems that the legislators in the US are considering a bill that will allow Microsoft to install spyware on your desktop! And thanks to the misleadingly titled FTA, no doubt Australian legislators will be moving quickly to bring our law into line with this extraordinary US law. It is worth quoting a little sentence from the Internet News article:

The bill permits computer software providers to interact with a user's computer without notice and consent to determine whether the user is authorized to use the software.

Talk about Big Brother watching! ... or should that be little Uncle Bill watching?

But should you be worried dear reader? Would Microsoft abuse that power? Surely it's OK to put a few benign little pieces of spyware on your desk top to search for unauthorised software? (like OpenOffice?) I mean after all, don't we have to make sure that the wheels of industry stay well greased with the crushed corpses of consumers and their children, recently pulled from the coal mines of capitalism? (Don't answer that last one, comrades - it was an attempt at irony).

And anyway, it seems as if all this finely-crafted software might be FREE! (as in beer not speech). I mean just look at the FREE anti-spyware Tool that Microsoft is going to supply with their FREE MSIE version 7.0 (to be shipped soon). Gosh! it would be just peachy when they supply us with a FREE browser! I mean ... I can hardly wait for a FREE browser ...

And when all of this fabulous software is installed on our desktops, we can just lie back, relax, think of the American Dream, and ... TRUST Microsoft! That is what Trustworthy Computing is really about ... OK? ... Ok??

After all, we can TRUST Microsoft, can't we? ... Umm, Hands up all of you who trust Microsoft?

Don't all rush me at once ...

As I said I wasn't going to mention this, but recent developments, like the "spin" in The Age, and the aggressive advertising and most especially the rise of the incredible little fox has caused a re-evaluation of the situation.

It seems that we are looking at a genuine, class-A boil-over!.

Microsoft is spending big bucks on a campaign of purely negative advertising. These advertisements say very little about the benefits of Microsoft ... Well, actually, the list of benefits of using Microsoftware would have to be one of the shortest lists in the world ... Instead the advertising campaign has focused exclusively on how bad Linux is!!

As to how effective a hundred percent negative campaign will be ... remains to be seen.

And now, with the announcement of the premature release of MSIE 7.0, I think we can say that we have a boil-over.

Ladies and Gentlemen, we have a boil-over!

And this article by business journalist Michael Malone also poses the same question ... The Microsoft tide may have finally peaked.

And if I could just indulge in a little self-promotion, I did say in a little article about three years ago, that Microsoft may have reached the zenith of their influence. (Drawing the obvious parallel with IBM).

Is it my imagination? Or do I detect the slightest trace of desperation ... perhaps even fear in the Microsoft rhetoric? Perhaps they can hear the faceless hordes of Open Source users, taking to streets and marching and singing ... singing ... ... Omigod! They're singing the Communist Internationale! Quick hide the babies!

Back To Index

The Amazing Little Fox Is In The Mainstream!

Date: Thu, 17 Feb 2005 03:05:41 +1100 (EST)

The extraordinary growth of FireFox continues unabated. When I noticed this a few months ago, I predicted it would eventually boil-over and spill into the mainstream.

Visitors to this site have always shown a bias towards open source software. But there is a remarkable trend in the FireFox figures. Putting it into a query: 

		select * from  (
			select w.os, sum(a.hit00) as hits
			from webagents w, agent_stats a
			where w.agent_id = a.agent_id
			and w.robot_ind = 0
			and w.name = 'Mozilla'
			and w.version like 'Firefox%'
			group by w.os ) as hit
		where hit.hits > 0
		order by hits desc;

		      os       | hits
		---------------+------
		 Windows XP    | 4787
		 Windows 2000  | 1308
		 Linux intel   | 1039
		 Mac OS X      |  266
		 Windows 98    |  167
		 Windows ME    |   33
		 -             |   21
		 FreeBSD intel |   14
		 Linux ppc     |    7
		 SunOS         |    5
		 NetBSD intel  |    2
		(11 rows)

Or as percentages: 

		      os       | %
		---------------+------
		 Windows XP    | 62.5
		 Windows 2000  | 17.1
		 Linux intel   | 13.5
		 Mac OS X      |  3.4
		 Windows 98    |  2.1
		 Windows ME    |   .4
		 Others        |  1.0

There is a large number of Windows users -- larger than the averages for this site overall (55.5% Windows XP and 18.1% Windows 2K). What these figures indicate is that a very large number of Windows XP users have adopted FireFox. And they are the users who are using Microsoft's flagship software.

In plain English, FireFox is cutting deep into the fat fleshy folds of Microsoft's premium market.

And now I read, in the New York Times, an article about the upcoming release of MSIE 7.0. And it is worth quoting John Markoff, who writes:

Mr. Gates did not mention the Firefox browser, which is freely available and has rapidly gained users since it was introduced by the open-source Mozilla Foundation late last year. But Firefox is apparently enough of a threat that Microsoft felt compelled to rush Internet Explorer 7.0 into the market, ahead of the Longhorn version of Windows, which is not due out until 2006.

If you have an NYT subscription you can see this article at: http://www.nytimes.com/2005/02/16/technology/16security.html?th.

Did I mention mainstream? ... our stream just don't get much more main than the New York Times!

Back To Index

Novell Brings Out The Hula Hoop

Date: Wed, 16 Feb 2005 08:50:54 +1100 (EST)

Recently I received news of a press release from Novell. In essence it says:

- Novell donates 200,000+ lines of source code and invites community development ...

BOSTON (LinuxWorld Conference & Expo 2005) * Feb. 15, 2005 * Novell announced the formation of Hula, a new community project to create an open source collaboration server. The server will provide calendar and mail functionality ... Hula will be based on code taken from Novell's NetMail collaboration server product ...

Novell has donated the core components of NetMail to provide a starting point for the Hula project. Hula today includes standards-based e-mail, calendaring and address book functionality that can scale to 250,000 registered users on a single PC with 50,000 simultaneously connected users ...

Note: I have removed most of the (unnecessary) superlatives that usually accompany such press releases.

For more info see hula-project.org.

Novell has gone into decline since the heyday of the Netware years. And this is another of many initiatives to revive their flagging fortunes. Novell seem to have decided to nail their colours to the Open Source mast.

So, it will be interesting to see if they succeed. This will be measured by their quarterly profit reports. Let's wait and see what happens ...

Back To Index

The Age brings us a message from their sponsors

Date: Tue, 15 Feb 2005 22:53:24 +1100 (EST)

Page 5 of the Next supplement of "The Age", had a story that was amateurish and shoddy. Or at least it seemed so ...

We should expect better from a paper that aspires to be a credible "broadsheet".

The story was titled "Queensland Studies opts for wall-to-wall Windows". It describes how the Queensland Studies Authority (QSA), created as a merger between three different departments, inherited a mixed environment of Linux, Sun and Windows. Inside this environment was samba and citrix thin clients.

It then went on to quote how an IT manager considered this mixed environment too complicated.

It is worth quoting some of that quote here:

Data was spread across multiple system partitions and anti-virus measures were ineffective. The old Exchange servers needed to be rebuilt. Email forwarding was complex. Wright says the answer was to standardise the environment, consolidate and introduce new systems to increase integration and efficiency.

In other words the IT manager, who couldn't "understand" how the "complex" (non-GUI) systems worked, used the excuse of "having to upgrade" the exchange servers to replace everything with Microsoft products.

After which (according to the same source) everything was so much simpler and easier to use. And all the maintenance could be carried out with a few clicks of a mouse!

Now all those virus scanners could be centralised (virus scanners are an essential component of Microsoft only networks).

There appears to have been only the one source for the story ... the manager who was instrumental in recommending and implementing the decision.

And the author states that this single source contributed considerable positive feedback about his own decisions and was able to justify the money spent on the upgrade.

My, My! What a surprise!

However, flipping back a couple of pages ...

Page 2 of the Next Supplement in "The Age" had a very large advertisement, sponsored by Microsoft which says:

For mid-sized and medium organisations, a significant Linux deployment will be neither free nor easily accomplished. In fact respondents at large organisations reported that a wholesale switch to Linux from Windows or Unix would significantly increase TCO for the foreseeable future

- Laura DiDio, The Yankee Group 2004

I could tell that this was an advertisement. Because it was done in nice sober, sombre pastel-colours. A brownish-khaki colour designed to impart an impression truthfulness. The type of colour that Tom Waits refers to as "monkey-shit brown". And of course, it had the Microsoft Windows Logo in the corner ... oh yes and an invitation to "Get The Facts".

Ahh Well, I am a great fan of "Getting The Facts" ... And one of the the facts I would like to fish out would be ... Is there any connection between the "articles" that "The Age" runs and their advertising copy?

Because the "article", misleadingly labeled as a "case study", does seem more like thinly disguised Microsoft spin. More akin to the type of FUD found on the Microsoft "Get The Facts" website. It has been written by Rob O'Neill, who is apparently a regular staff member with "The Age" Next supplement, and is presumably the same person who wrote an article entitled, without even a hint of irony, "Microsoft scores well on security analysis", (also published in The Next supplement on 12 October 2004).

C'mon guys ... if you want to pretend to be journalists in the Computer and Technology area, you will have to do better than that!

Well at least they didn't put this cobbled together bit of spin on the same page as the ad! That might have been a bit too obvious.

And today there was another 419 scammer. This one really did send his spam from Yahoo! The evidence is here.

Back To Index

Welcome to Australia, please turn your watches back to 1984!

Date: Mon, 14 Feb 2005 23:36:57 +1100 (EST)

Although, I did not see it, I have just heard on the radio, that there was a Four Corners Program on ABC-TV, which alleges that the Australian government knew that there were no WMD in Iraq, and that they also knew that prisoners such as Mamdouh Habib had been tortured and further alleges that Australians may have participated in interrogations that employed torture.

The interview went into considerable detail that showed that our government has been rather "loose with the truth". In particular Senator Robert Hill may have dissembled (to put it politely).

And while on the topic of Mamdouh Habib, Phillip Rudduck, our Attorney General, has previously stated that Habib will not benefit from any interviews (like the Sixty Minutes Interview).

Any payment he received could be confiscated under the "Proceeds from Crime"

Umm ... Minister ... He hasn't been convicted of any crime!

Nor is he likely to be convicted, since all the evidence was gathered under torture.

Not to worry, responds Mr Ruddock, unctiously, oozing his usual cryogenic charm from every pore, the laws of evidence are apparently not so strict for the proceeds of crime legislation.

And he should know! After all he is supposed to be our Attorney General!

Although he would make an excellent Minister of Truth,

Good to see that there is someone out there promoting the benefits of doublethink.

Nineteen Eighty-Four has finally arrived ... only twenty years late.

Our own prime minister is fluent in doublethink and newspeak. Certainly with able deputies like Mr Ruddock, we may soon be able to do away with inconveniences like British Common Law. We can just erect a large piece of granite outside the High Court and carve the famous Orwellian three points into its' surface:

Freedom is Slavery
War is Peace
Ignorance is Strength

Yes and Big Brother is Watching! So I'd better be careful here ... I don't want the thought police to pay me a visit at 4 am, kick down my door and drag me off to room 101, for being slightly critical about the Ministry of Truth.

So what kind of society is it that we are fighting to defend?

Looks like the Students for an Orwellian Society approve.

Of course the problem with that previous link is that it is mostly political satire. And satire is being overshadowed by current events ...

Which reminds me of last century (remember last century?) when Tom Lehrer, declared that "Irony was dead" after Henry Kissinger was awarded the Nobel Peace Prize. Lehrer then ceased doing Political Satire.

Poor old Tom Lehrer just couldn't match the satire of real life. When you are a making a living out of satire it's a bit hard to top a real life masterpiece like Kissinger being awarded the peace prize.

Well Tom, sometimes you just gotta laugh ...

Back To Index

FireFox Still On Fire!

Date: Sat, 12 Feb 2005 12:53:12 +1100 (EST)

I have now fixed the problem with the scripts that update my agent stats.

The problem was caused by a subroutine that parses the Apache logfile entry while analysing the behaviour of each agent, trying to work out whether the agent is a genuine browser or robot cloaking itself as a browser.

There was a junk line in the Apache log file that caused this routine to routine rubbish to the main procedure, which caused it to crash when the logging procedure tried to write it to the database. Older agent_strings (like MSIE 6.0) were being updated. The figures for MSIE 6.0 had been growing all month. However the figures for Firefox, and many other fairly recent agent strings had not been updated.

Had it not been for the fact that GoogleBot was also not being updated, I may not have picked this up till much later. I realised the figures were wrong when I saw that GoogleBot had a ridiculously low figure of 642 hits for the month. I knew that it would have to be at least five times that figure (it is actually eight times larger - see The Robot Information Page For GoogleBot)

I added the following line to the parse routine: 

	return() if ( $_[0] =~ m/[\x00-\x07]/);

In other words return an empty list (skip it) if the string contains bodgie characters.

I re-ran the scripts and ... order was restored! GoogleBot sits at the top of the robot hits table (see the current Summary List of Robots.

In the browser OS share, Linux now has its' usual 7.2% and Windows 2000 and 98 continue their steady decline (as they are replaced with XP).

And FireFox is burning up the chart!

The rate of increase is very impressive! Firefox is now at 28%, rapidly gaining on MSIE 6.0 at at 40% ...

(gasp!)

Back To Index

Zip/Unzip for Windows XP

Date: Fri, 11 Feb 2005 01:25:30 +1100 (EST)

I have never been a big fan of a GUI anything. Except, of course, when it is really needed. For example it is needed for CAD, drawing, 3-D modeling and other sophisticated graphics applications.

But the idea that we must dumb-down powerful command line utilities, in order to make them more "palatable", seems to me to be one of the dumber axioms of the GUI prevailing wisdom.

Oh well, who wants smart users?

Smart users are bad for business. If they get too smart they might decide to ditch the prevailing proprietary software.

Needless to say, I was rather underwhelmed by WinZip. The bright new dumbed-down technology that became so successful around the turn of the century. It was just a typical point and click GUI attached to an existing Open standard.

Although, I will admit that the WinZip package, formerly the most popular in the world, did include the WZZIP and WZUNZIP command line utilities. They were not promoted very enthusiastically by WinZip Computing Inc, and the working versions (i.e. without the "press Enter to continue ..." prompt) were only available if you paid for them. Nevertheless they were a concession to the fact that sometimes (for instance when writing a script), a command line utility is the best option.

And as I explore my borrowed dumbed-down XP PC, I discover that that Microsoft, the incredible blob of the Soft universe has moved to gobble up the small niche that WinZip managed to carve out of the software market.

That's because Windows XP includes built in support for zip files ...

Another case of Microsoft cutting off the little guy's oxygen!

I see that Winzip Computing Inc still claim to be the most popular compression utility for Windows. How long they can continue to make such a claim, as the uptake of XP continues, remains to be see.

If I was underwhelmed by WinZip, I am seriously unimpressed with Microsoft's efforts at supporting Zip files.

Typically, the XP support is GUI only. The interface is dramatically dumbed down. It attempts to disguise the fact that a .zip archive is a file. When looking at a zip file with Windows Explorer, the software tries to represent the file as a folder ...

Most amazing of all is the slow speed of operations on the archive. On one occasion I needed to copy seventeen hundred small files into an archive. This operation on a Unix machine, even a small under-nourished Intel box, would take a couple of seconds. On a Pentium 4 Windows XP machine it took almost half an hour! (It actually crashed half the way through, so the total elapsed time was more than half an hour).

True to form, lots of effort had been put in by the Redmond development team in order to make the pretty flying documents icon look nice and smooth!

Nevertheless despite the fact that little pictures showed documents flying around from one folder to another, they did nothing of the sort! In fact they crawled into the archive with all the vigour of terminally poisoned snails.

After a couple of more experiences like this, I decided I'd had enough. I went to the Info-Zip website and found where I could get the zip and unzip binaries. I don't like getting binaries for Windows machines. However, I believe that I can still trust bona fide Open Source sites like Info-Zip. (at least I can see the source code!).

And just out of curiosity I went back to the same folder that had taken such a long time to compress, and tried the zip utility doing the same task.

Actually there were 1,762 files ...

I typed the following command: 

	zip c:\tmp\test *.html

The little zip program, so fast on a Unix box, struggled a bit under Windows XP. It thought about the command for about 5 seconds (Ok, I guess that's why some people disparagingly refer to Windows as WinDoze).

Then having gathered its' wits, it set to work, and slurped up all 1,762 files in less than 15 seconds! Still almost ten times slower than a Unix box but orders of magnitude better than the Microsoft offering.

Now the question remains in my mind, if this little open source utility, using the same hardware, the same operating system, can do a job hundred times faster than the Microsoft built in program, which is actually part of the operating system (or so they tell us), and as such should benefit from all the efficiency savings such close integration entails .... Then ... what the hell is the Microsoft program doing?

I shudder to think of the possibilities ...

Maybe there is hope for WinZip ... The only real competition seems to be Info-Zip. Without the Microsoft logo, the offering from Microsoft would not be considered competitive.

Back To Index

The Empire Strikes Back

Date: Thu, 10 Feb 2005 10:49:58 +1100 (EST)

In the previous few months, I have observed a remarkable trend in the agent strings that were visiting this site. There was a sudden and dramatic increase in the number of hits from the Firefox browser.

Suddenly the remarkable growth ceased and there was a marked resurgence in the usage MSIE.

To my surprise I discovered that MSIE accounted for 70% of browsers visiting this site. Mozilla (including Firefox) has slumped to 18%, and Netscape and Opera were still clinging desperately to their small margins, each struggling desperately to keep their heads above the one percent threshold, as they have been for many months.

Most dramatic however, was the turnaround in OS stats. Various forms of Microsoft OS account for 90% of the visitors to the PGTS site, while Linux seemed to have slumped to a record low of 3%. Mac OS X was still a healthy 4% and looked steady.

Although the figures for the PGTS site show a bias, based on the type of visitors who come here, I have gone to considerable lengths to make them as accurate as possible. This is not always the case with the surveys of agent strings (due to the complex nature of agent strings and the lack of widely-accepted naming conventions)

I checked other sources, these trends seemed to have been confirmed by figures from elsewhere. But they were nowhere near as dramatic as the figures I was seeing. Most of these trends move in at a snail like pace (except FireFox which until this month really did seem to be on fire!)

Then I started to contemplate the trend ... it was so dramatic that I began to suspect that something might be amiss.

Then I looked at the figures for robots and I realised that something was definitely wrong!

GoogleBot was sitting in Fourth position! Then I knew that there was a problem with my update script (a perl/postgres script that updates the PGTS agent_string database).

I checked the log file for the update script. Sure enough it was crashing halfway through the run. All the more recent agent_ids (like FireFox and the new GoogleBot) were not being updated. It appears there may some junk information in the Apache log file which causes this.

I will have to fix this on the weekend!

Back To Index

wpa.dbl ... shmwpa.dbl

Date: Tue, 8 Feb 2005 17:20:42 +1100 (EST)

To their credit, many of the media outlets are not letting go of the Cornelia Rau story. The minister hinted that there will be a private inquiry held into the matter. This later became official.

Why private? The answer, apparently delivered, with a straight face is a remarkable tribute to many long years of practice in the art of bullshit artistry and spin doctoring ...

Apparently the government is concerned about protecting the poor lady's privacy! (I almost choked on my morning cup of tea when I heard it).

So terribly thoughtful of them really! Pity they weren't as diligent about protecting her civil rights ... oh yeah! I forgot we don't have any! (or not now it seems).

Anyway, must not go off on a political tangent. This blog was supposed to be about a small discovery I made, that is pretty well common knowledge. But being a Windows XP newbie, I only just discovered it ...

I have been engaged in a short-term contract for a corporate client for the last two months. During this time I have become acquainted with the Windows XP Operating System.

Overall, I cannot see much difference between the basic functionality of XP and 2000. The most annoying thing was the fact that all of the menu items had been changed around so that if you use the default configuration (I usually do), you have to re-learn everything. Well, that's why I still rely on the command line wherever possible.

However, one of the new things I noticed was that the file C:\WINDOWS\system32\wpa.dbl kept changing every time I rebooted the PC.

Searching for more information in Google, I discovered many references to http://www.extremetech.com/article2/0,1558,1151566,00.asp (An article called WPA.DBL--The Keeper of the Keys).

According to this article the wpa.dbl file holds the hardware configuration information and activation state of the current Windows XP installation. This encrypted file contains the expiration info of the installation, the confirmation of activation, the hardware configuration at activation time, and the current hardware configuration.

Apparently the wpa.dbl starts out about 2K in size and grows to be larger than 10K after activation. The boot process checks the hardware configuration and compares it with the key stored in the wpa.dbl file.

The following hardware is checked:

There are several annoying side effects to this process. The most obvious is that a change in the hardware might necessitate re-activation. This is true for formatting the hard disk and re-installing. And this is the course of action that Microsoft users often resort to, when their machine has become so clogged with malware that it is unusable.

So there are lots of articles describing how to backup the files wpa.dbl and wpa.bak.

That's one little task that I won't have to bother with ... back in my office, which is an XP free zone, and likely to remain so.

Back To Index

MS Access -- The tarpit DBMS

Date: Sun, 6 Feb 2005 23:51:01 +1100 (EST)

Tonight, I have been re-visiting some old MS Access code that I wrote more than seven years ago:

As I went back on the notes that I have on this project ... It struck me that it was an interesting slice of computing history. Taking in SCO, Microsoft, Linux etc, etc.

It all started in early 1998, when I was asked for some advice about an aging Job Ticketing and invoicing system running on a SCO Xenix box.

The owners of the business were in the process of upgrading their office computing to use Windows 98 clients and a Novell LAN. They wanted to know what to do with the SCO system. And as I had a reputation for being a Unix "expert", they asked me to make a recommendation about upgrading the system.

In the initial investigation, I discovered that the system used an RDBMS called UNIFY. I had never heard of UNIFY, or the Integrated Development System called ACCELL (which had been used to develop it). However, after a little time examining the system, I managed to find some (primitive) SQL extensions and was able to work out how to get data from the system with SQL queries.

I tried contacting the Sydney based Australian representative of the company but I did not get much help. I think they had decided to hunker down and just try to hang on to their existing customer base.

I quickly came to the conclusion that the best course of action would be replacement of the entire system.

I could imagine the following possibilities:

After evaluating these different choices, I decided that MS Access was the best option for the customer, because of the office environment (all Windows Clients using MS Office). This would fit in most easily with the existing applications.

There were a few things that worried me about MS Access. Like many Microsoft products it had a billion dollar presentation layer and programming layer that was very ordinary. The forms builder and the report writer were state of the art and as slick and easy to use as any I have encountered. The programming support for the backend was crap. But I surmised that if an organisation was willing to model itself on the fiction "Northwind" company, then it would be fairly easy to implement something.

After reading the MS help files (taking note of the part about separating database layers and application layers), I set up a pilot model of the system and stress tested it.

In order to get the data out of the SCO Xenix box, I installed Slackware Linux on a machine with a spare drive and connected it to the SCO Xenix server by a serial connection. I then ran a series of SQL queries to pull the data off the Xenix box to the Linux machine.

The UNIFY server was a 286 running the old 286 version of SCO Xenix -- not at all suited to data crunching. The Slackware Linux machine was a brand new Pentium, with the full suite of GNU utilities (including the mighty gawk) and some serious processing power under the hood. It sucked up the data and transformed it into tab-delimited text files for the MS access import. And it did it quicker than any compiled program could have done on a Microsoft machine.

Working mainly at night, and on the weekends, I got the pilot up to the stage of testing. Then developed a cutover plan. And we did preliminary migration and cutover on a single weekend.

There were several things I did not know about at the time:

Of course I am now older and wiser. Still I enjoyed working with the people in this particular small business, and I only wish I had many other customers like them. I now have to find a way out of the apparent dead-end that a working Access 97 database presents to someone contemplating upgrading their equipment.

It is still difficult to find documentation online that discusses how to use (the equivalent of) MS cursors or MS Access catalog (or data dictionary). Fortunately there seems to be many more programming examples around, then when I first started. I have placed one of my own in the PGTS Feedback column. The following links also give some information about MS Access:

Back To Index

Remember me? TraciLFU4775 from AIM

Date: Sat, 05 Feb 2005 06:27:04 -0700

It is bloody hard to keep up with all this spam. It could become a full time occupation ... Hey! anyone want to hire a spam investigator?

I just received one which was remarkably brief, purporting to be from TraciLFU4775 (from AIM). It basically consisted of a URL. (http://autoabstract.rxmedsifsite.com/?wid=3D209095 - Javascript only -- MSIE browsers beware!). The evidence is here.

This came from IP address 203.251.182.173, a Korean address. 203.251.182.128/23 has been given to KORNET-HOTLINE2003220208-KR. Blars has it listed (127.1.0.32) as a subnet that hosts spammer sites.

The address of the autoabstract.rxmedsifsite.com website is 219.146.55.178, which according to whois is a Chinese netblock.

The name TraciLFU4775, I leave to the reader's imagination. If the name is meant to belong to someone called Tracy then we are expected to believe that this person may (or may not) have been sending messages with AIM (AOL Instant Messenger). I don't know anything about AIM, but judging by their home page ( http://www.aim.com/get_aim/express/aim_expr.adp?aolp= ) I probably will not experience it unless I start browsing with MSIE or Netscape 7.1. (the only browsers that they say they support).

And it seems that if instant messenger (of the AOL or Microsoft variety) had been invented first, email would have seemed a marvelous invention!

Back To Index

Yahoo regrets to announce ... an outbreak of computer viruses!

Date: Sat, 5 Feb 2005 19:31:10 +1100 (EST)

A recent service announcement was sent out to Yahoo Groups and members with the following subject: 

    Subject:  Yahoo Service Announcement - outbreak of computer viruses
The text of the message was as follows: 
    Dear Yahoo! Groups Members,

    Due to a recent outbreak of computer viruses being transmitted via
    email messages on the Internet, Yahoo! Groups is experiencing
    delays in delivering group messages. Additionally, a recent virus
    is generating emails which appear to come from Yahoo! Groups.
    These messages state that "your email account has been temporarily
    disabled", or that "our main mailing server will be temporarily
    unavailable for the next two days" and more. These messages are
    not official notifications from Yahoo! but rather are generated by
    a virus on another person's computer.

    To improve performance, and to help reduce the spread of viruses
    to our users, Yahoo! Groups has had to temporarily reject some
    messages. Based on an advisory posted by a leading anti-virus
    company, Groups will temporarily reject messages with the
    following subject lines:

        test
        hi
        hello
        Mail Delivery System
        Mail Transaction Failed
        Server Report
        Status
        Error
        E-mail account disabling warning.
        E-mail account security warning.
        Email account utilization warning.
        Important notify about your e-mail account.
        Notify about using the e-mail account.
        Notify about your e-mail account utilization.
        Warning about your e-mail account.

    If you have received a message rejection notice with a link to
    this page, but did not attempt to post a message to your group,
    your computer may have been infected. If you are confident that
    your computer is not infected but your message was rejected,
    please try posting a new message with a subject line different
    than those listed above.

    We can assure you that this is only a temporary measure and hope
    to restore message delivery to normal as soon as possible.

... (etc, etc, etc) ...

Let's try and read the hidden meanings from this message.

In such a cautiously worded document, it is unlikely to find the one recommendation that really would make a difference to Yahoo and their customers ... Stop using Microsoftware to connect directly to the Internet!

Meanwhile it seems as if there were 75 visitors to this blog last month. So far this month there have been 44 visitors, so the hits are slowly building ...

Back To Index

Woman held for ten months in Immigration Fiasco

Date: Sat, 5 Feb 2005 13:24:53 +1100 (EST)

The story of a woman detained in an Immigration Detention centre has broken this morning. I read the article in this morning's "Age", with increasing amazement ...

Apparently Cornelia Rau absconded from the psychiatric unit of Manly Hospital, where she was undergoing treatment. And after being questioned by police for unusual or "suspicious" behaviour was handed over to Immigration Authorities and held in Baxter Detention Centre.

She has since been placed back in psychiatric care.

If last century someone had told me that an Australian citizen could be held for ten months without due process in her own country, I would not have believed it ...

Later on the radio, I heard that the minister for Immigration had defended her department's handling of the case:

Ms Vanstone says that Ms Rau received medical care during her detention, including psychiatric evaluations that showed she was not suffering a mental illness.

Umm, minister ... let's just note down the facts in this case:

  1. A woman is diagnosed as suffering from schizophrenia and treated in a psychiatric unit.
  2. She absconds from the psychiatric care and is eventually locked up with no due process.
  3. But (according to the minister) she nevertheless receives "medical care", including evaluation for psychiatric illness. And according to these evaluations is not suffering any mental illness. (my emphasis).
  4. After her sister springs her from the Baxter Concentration camp she is placed back into psychiatric care.

Sorry, but something does not compute here ... Can anyone else spot the obvious error in the above sequential statements?

If the mainstream media is as gutless as usual, I suppose this story will just fade away ... but it shouldn't

Back To Index

The Tempest (2)

Date: Fri, 04 Feb 2005 17:36:11 +1100

Well after I thought I had escaped the ravages of nature. I arose this morning and rushed the kids off to school. The school had now re-opened after the damage that was done by the storm.

I returned to my office and gazed in horror at a blank console!

After restarting everything the previous day I had noticed a faint burning smell ... But I put it down to the fact that maybe the power supply in the main server was a bit upset with the stress of the previous day.

And it was more than a little stressed ... The power supply threw in the towel at 0405 this morning. (According to the logfiles on my primary DNS that was when it died).

This was exactly the same time as the backups!

I went out and purchased a new power supply ... The server started up and went through the BIOS checks ... then it failed to fix the hard drives!.

I had to leave the office ... So I left fsck running ... and muttered a silent prayer to the almighty Google! (to whom we all pray, alleluia!)

When I returned eight hours later, I discovered that everything was Ok!

Can't believe that I managed to survive this one. I must do something about a UPS!

Back To Index

The Tempest

Date: Thu, 3 Feb 2005 23:01:03 +1100

This morning I awoke to a strangely silent room. Strange, because usually my radio is blaring out the news from ABC RN. This silence had alerted my wife to the fact that something was wrong and her exclamation a few seconds earlier had awakened me also.

If I had been able to hear it, the radio would have informed me that Melbourne had just experienced the most rainfall in 24 hours since records began.

But I couldn't hear it, because my house, like 120,000 others in the greater Melbourne region was without power!

I rushed into the office and switched off all the power points. If my hard disks had survived the initial crash, there was no point risking further damage if the power did not come back up cleanly.

From a battery operated radio, I learned that roads leading into the CBD were blocked and public transport was experiencing major blockages.

As it turned out, our local primary school had been flooded and was closed. In nearby streets, several giant trees had fallen crushing cars, power lines and blocking streets. I heard news reports about hail and snow! Even for Melbourne, that is a bit extreme (for February).

A client that I went to see that morning in a nearby suburb was sitting in his office, without lights, or computers. We discussed planned changes to his database with pen and paper only.

This remarkable day and the cold 12.9 degree change had arrived on the heels of a sweltering 36 degree day that on the previous day threatened to shut down the computing facilities where I was working, as the chillers connected to the air conditioning system went into a vicious feedback loop, struggling to keep up with the heat.

My own site was down for almost seven and a half hours. Thankfully I did not lose any data. I say thankfully because the outage occurred just prior to the scheduled backups. If I had been forced to restore, I would have lost an entire day's work.

Back To Index

Gold in them thar hills

Date: Wed, 2 Feb 2005 16:49:40 +1100 (EST)

At long last my dreaded BAS is completed. Now a brief respite before it comes around again in another 3 months.

Recently working behind a proxy server, I got the following message when I tried to look up a website called e-gold.com. 

IWSS Security Event (meliwss01)
Access to this URL is currently restricted due to a blocking rule.

URL: http://www.e-gold.com/e-gold.asp?cid=105347
Rule: Block URLs of type Known Phishing/fraud site

Access to this URL is currently restricted due to a blocking rule.

I tried looking up this site on the websense categories list: 

                   URL: http://www.e-gold.com
              Category: Financial Data and Services
      Database version: 92197
         Database date: 01 Feb 2005

Out of curiosity I thought I would try the "Fingerprint Remote Host" option on the RingOfSaturn tools menu. Here is what it reported: 

    Interesting ports on 63.240.230.10:
    (The 59 ports scanned but not shown below are in state: filtered)
    PORT   STATE SERVICE
    80/tcp open  http
    Device type: firewall|media device|general purpose
    Running (JUST GUESSING) : Checkpoint Windows NT/2K/XP (93%), Turtle
    Beach embedded (93%), Microsoft Windows 95/98/ME|NT/2K/XP (92%), Linux
    2.4.X (86%), OpenBSD 3.X (86%)
    Aggressive OS guesses: Checkpoint Firewall-1 on Windows NT 4.0 Server
    SP4-SP5 (93%), Turtle Beach AudioTron network MP3 player (93%),
    Microsoft Windows NT 3.51 SP5, NT 4.0 or 95/98/98SE (92%), Linux
    2.4.23-grsec w/o timestamps (86%), Microsoft Windows 98SE (86%), OpenBSD
    3.2 (x86) (86%)
    No exact OS matches for host (test conditions non-ideal).

And while I was about it I thought I would try my own site. Here is what came back: 

    Interesting ports on 203-213-17-10-vic.tpgi.com.au (203.213.17.10):
    (The 58 ports scanned but not shown below are in state: filtered)
    PORT   STATE SERVICE
    53/tcp open  domain
    80/tcp open  http
    Device type: general purpose
    Running: Linux 2.4.X|2.5.X
    OS details: Linux 2.4.0 - 2.5.20
    Uptime 63.923 days (since Tue Nov 30 01:23:00 2004)

Also found an interesting article about a new version of Netscape (version 8).

AOL will be setting up their own list of scam sites. This list of suspect URLs will be marked in red. Might be some competition for Websense?

Of course if Google and ODP ever went into the site categorisation business, I should think that it would be time for the competition to ... "be afraid, be very afraid" ... just a thought there ...

Note: Phishing will not work on my system (I use mutt and w3m).

Back To Index

Florida Spam Zombie advises to Fill Her Tunnel Tight

Date: Tue, 01 Feb 2005 11:03:00 +0100

Quite a bold spammer's site can be found at www.supermed123.com. They advertise the usual illegal drugs. By itself this should be enough to convince most investigators that this domain employs spammers. As a clincher, they even have an email harvesting form at: http://www.supermed123.com/rmv/

The evidence is here.

The address 68.54.75.181 is a Comcast Cable, originally a New Jersey address which may have been re-assigned to Naples, Florida. It is still a portable address, so it is could be another Microsoft zombie. It is now listed in most of the major lists.

The registration details of supermed123.com are: 

   Domain Name: SUPERMED123.COM
   Registrar: INTERCOSMOS MEDIA GROUP, INC. D/B/A DIRECTNIC.COM
   Whois Server: whois.directnic.com
   Referral URL: http://www.directnic.com
   Name Server: NS2.WDRHOSTING.COM
   Name Server: NS4.BIGHOSTSOLUTIONS.COM

   Registrant:
    Roger A-1 Media
    Hornsgatan 66b
    118 49
    Stockholm, Stockholm 118 49
    SE
    46   8 603 83 50 
 
   Domain Name: SUPERMED123.COM

   Administrative Contact (and technical contact): 
    Roger, thom tomrogerzzz@hotmail.com
    Hornsgatan 66b
    118 49
    Stockholm, Stockholm 118 49
    SE
    46   8 603 83 50 
 
   Domain servers in listed order:
	   NS4.BIGHOSTSOLUTIONS.COM	218.7.120.118
	   NS2.WDRHOSTING.COM	222.51.91.245

Good to see that it's business as usual in Florida ... Those microsoft zombies are proving very productive!

Back To Index