| |
"The future masters of technology will have to be lighthearted and intelligent. The machine easily masters the grim and the dumb." -- Marshall McLuhan, 1969 |
|
Onyx RSS PHP Class (was RE: LedNews -- Example RSS perl script) |
|
|
Topic: Technology |
7:10 pm EDT, Sep 18, 2003 |
Decius wrote: ] Someone asked me this morning how to parse the MemeStreams RSS ] feed. So I present this. This is a simple Perl script which ] uses XML::RSS to parse the headlines from a number of news ] sites, including MemeStreams, and post them to a Prolite LED ] sign. There is a lot more in that RSS object then a title, but ] hopefully you can use this as a starting point for your ] projects. Also worth noting.. Onyx RSS is a class for PHP which handles parsing of RSS objects. It also handles local cashing, so it is all you need to code content from RSS feeds into any webpage/application that supports PHP. Onyx RSS PHP Class (was RE: LedNews -- Example RSS perl script) |
|
VeriSign sticks with redirect service | CNET News.com |
|
|
Topic: Computer Networking |
6:59 pm EDT, Sep 18, 2003 |
] When asked why VeriSign did not inform the Internet's ] technical organizations of the change in advance, ] O'Shaughnessy replied: "There's not much I can add ] except to say that our testing and the resources ] we've applied toward this have been in accordance ] with prevailing industry standards for new products ] and services." "Because they would have said no." Ok, the ISC has patched BIND.. The AIB is against this, and has said they are now writing guidelines for running the NIC. No major anyone or anything has stood up and said this is "good". Well, aside from end-users who don't really understand that their browser should be doing what they see, not the damn heart of the DNS system. But VeriSign is going to stick to their guns though.. So this is going to be a very messy fight. I think in the end, this is really just going to be a big loss for VeriSign. All the browsers and the ISPs are going to take this out of their hands, very fast. They will be forced into making the NIC behave again. They must behave or be replaced. Personally, I don't think they should be running .com/.net, A, RS, anything. They cannot be trusted. VeriSign sticks with redirect service | CNET News.com |
|
Wired News: JetBlue Shared Passenger Data |
|
|
Topic: Civil Liberties |
6:34 pm EDT, Sep 18, 2003 |
] JetBlue Airways confirmed on Thursday that in September ] 2002, it provided 5 million passenger itineraries to a ] defense contractor for proof-of-concept testing of a ] Pentagon project unrelated to airline security -- with ] help from the Transportation Security Administration. 1. Jet Blue is so fucked. They violated their privacy policy. There are passenger social security numbers in the pdf file linked from this story. The law suits should start flying any minute now. 2. The PDF is worth checking out. Its a nice example of the things you can learn from trolling a database like this. 3. These consultants seem to recommend that if you don't own your home or you change residency too frequently, you ought to be given additional scrutiny at the airport. This is the future we are heading towards. We have total access to all your purchasing, credit, and other demographic information, and if we determine that you don't fit into a popular demographic group, or that you fit into a demographic group we often have trouble with, you can look forward to getting hassled endlessly. Remember that you live in the land of the free and the home of the brave, where we employ omnipotent surveillance to keep us safe from danger. Wired News: JetBlue Shared Passenger Data |
|
Congress starts to look critically at the DMCA |
|
|
Topic: Intellectual Property |
6:33 pm EDT, Sep 18, 2003 |
] The landscape has not changed so much that if you had a ] vote taken today, even with all the horror stories of ] RIAA subpoenas sent to grandmothers and honor students, ] the vote would come out in favor of seriously altering or ] removing" that section of the law, Godwin said. "I think ] what you are getting is some impulse, somewhat more ] strongly from the Republican side of the aisle, toward ] some slightly higher level of judicial review and some ] safeguards and remedies for misuse of process." The DMCA supeonas are a way of removing judicial oversight (and therefore the rule of law) from the information collection phase of intellectual property proceedings. Congress has shown a repeated interest in removing the rule of law from the equation when it benefits their friends in the media industry. Some Republicans are starting to point out that the DMCA supeonas can be used (and abused) by other people, some of whom Congress doesn't like. This is a good thing in general because this law needs to be tightened up. Fortunately its unconstituional for the goverment to give a specific interest group a special right, so they are going to have to lock this thing down across the board. The RIAA offers the same sort of non-technical, and therefore irrelevant response that you're seeing to questions about the security of voting machines. That means they are wrong, and are probably going to loose. This is progress. Congress starts to look critically at the DMCA |
|
PFIR Statement on VeriSign/NSI |
|
|
Topic: Technology |
11:37 pm EDT, Sep 16, 2003 |
] VeriSign/Network Solutions' recent actions to effectively ] "hijack" all unused domain names in the ".COM" and ".NET" ] TLDs (Top Level Domains) for their "Site Finder" service, ] unilaterally and without prior warning or consultation ] with the Internet technical or policy communities, ] represents an arrogant and dangerous abuse of their ] vested, dominant, special position, and have vast policy, ] legal, and technical implications. Lauren Weinstein, Peter Neumann, and Dave Farber rip Verisign a new asshole. 'Bout damn time someone did it. This is an undercovered story. PFIR Statement on VeriSign/NSI |
|
Perl script to count 'Snubby' SMTP servers behind sitefinder-idn.verisign.com |
|
|
Topic: Technology |
6:03 pm EDT, Sep 16, 2003 |
This is similar to my last script to count the number of servers operating the web clusters at sitefinder.verisign.com. It works the same way. The SMTP daemon gives its machine name in the banner. By keeping track of what servers it sees, this script determines how many there are. When it runs, "+" means it saw a new server, "." means it saw a server again, and SIGINT (ctrl-c) makes it stop and print its report. At the time of writing this script, I was seeing 3 servers on the West Coast and 4 on the East Coast. Their SMTP rejector is _so_ broken. This is really the most unclued RFC breaking peice of code I have ever seen put in such a place of importance. Here is an easy way to display how stupid this peice of code is: Telnet to the SMTP Rejector (telnet sitefinder-idn.verisign.com 25), after it connects and you see the banner, just hit enter five times.. [ Update: This script no longer works.. They have replaced that SMTP server. I have not taken a close look at the new one yet. ] Perl script to count 'Snubby' SMTP servers behind sitefinder-idn.verisign.com |
|
Global fight looms for Net management | CNET News.com |
|
|
Topic: Technology |
10:57 am EDT, Sep 16, 2003 |
] A battle is brewing over the role of governments in ] managing the Internet, as policymakers prepare for a ] United Nations-backed summit on the network's future. ] ] Mohamed Sharil Tarmizi of the Internet Corporation for ] Assigned Names and Numbers (ICANN) said two camps are ] forming over the wording of a key article to be adopted ] at the World Summit on the Information Society in ] December. ] ] "Some governments are arguing that the management of ] things like (Internet protocol) addressing, global ] domain names (and) privacy should be done by an ] intergovernmental organization because they feel the ] Internet is a public resource, and they have ] responsibility over public resources,'' said Mohamed ] Sharil, who is chairman of the government advisory ] committee for ICANN, the body that governs Internet ] domain names. ] ] "Then there are some governments who feel that the ] Internet should be managed by an international body," he ] added. "International by definition means everyone is ] involved, from governments to private sector and civil ] society. Whereas intergovernmental gives an indication ] that only governments are involved and not necessarily ] the people.'' Global fight looms for Net management | CNET News.com |
|
IAB to ICANN on VeriSign: 'the DNS is designed to provide authoritative answers to queries' |
|
|
Topic: Technology |
10:32 am EDT, Sep 16, 2003 |
] The IAB feels that the system VeriSign had deployed ] for .com and .net contains significant DNS protocol ] errors, risks the further development of secure DNS, ] and confuses the resolution mechanisms of the DNS ] with application-based search systems. The Internet Architecture Board gives SiteFinder the thumbs down. ] The IAB has begun the process of shepherding the ] creation of an Informational RFC on concerns with ] operational practices with the DNS. We anticipate ] discussing the issues raised in your notes in more ] detail as part of that document. Given the scope of ] the issue, and our desire to ensure that it will have ] adequate review by the (DNS) operational community, ] we will be enlisting the help of the broader IETF ] community through relevant IETF working groups. ] In advance of that document, we have outlined below ] the issues with the VeriSign system which led us to ] the conclusion above. They are going to come up a set of SOPs for the NIC, and find a way to force VeriSign to obey them. IAB to ICANN on VeriSign: 'the DNS is designed to provide authoritative answers to queries' |
|
Perl script to count number of servers behind sitefinder.verisign.com |
|
|
Topic: Technology |
7:36 am EDT, Sep 16, 2003 |
I was grilling over the source code to the SiteFinder webpage looking at the Omniture Javascript and noticed a comment containing the name of the server that handled the request. I wrote a little perl script to repeatedly hit the site, check the string for the server name, and track how many servers it sees. At the time I wrote this script, I was seeing 2 pools of 30 servers on the West Coast and 2 pools of 30 servers on the East Coast. So, 120 servers in the US. And thats just for sitefinder.verisign.com.. Might be a separate pool for the initial HTTP redirect engine (sitefinder-idn.verisign.com). Both of the IPs are in the same ASN, but different subnets. Here is the server counting script. When you run it "+" means it saw a new server, "." means it saw a server again, and SIGINT (ctrl-c) makes it stop and print out its report. When you start seeing mostly .'s, hit ctrl-c. Have a blast. [U: Oh yeah, if they change the string it checks, this will not work.. ] Perl script to count number of servers behind sitefinder.verisign.com |
|
Omniture - the leading provider of web analytics for large, complex sites |
|
|
Topic: Technology |
7:06 am EDT, Sep 16, 2003 |
Omniture is handling the statistics gathering for VeriSign's SiteFinder. These are the folks responsible for all those .2o7.net cookies you find in your browser. SiteFinder has a big wad of JavaScript that makes a request to a domain under .2o7.net, like verisignwildcard.112.2o7.net with information about things like what plug-ins you have installed and how big your screen is. It also sends cookies for any other site's you happen to have visited that Omniture is tracking. Omniture is now tracking hits to every nonexistent .com/.net domain thanks to Verisign. Omniture - the leading provider of web analytics for large, complex sites |
|