“This will be dynamically handled, possibly correctly, in 4.1.”

— Dan Davison on streams configuration in SunOS 4.0

WPA needs strong passwords


Wi-Fi Networking News reports that Wi-Fi Protected Access (WPA) is vulnerable to dictionary attacks. This means you gain nothing by turning it on unless you choose a strong WPA key.

The best source I've found for creating strong keys is Arnold Reinhold's Diceware page. There's a wealth of information here, including a number of alternatives to the main Diceware system, such as creating a strong password using only coins and your keyboard.

A few additional tables are only listed on the original ASCII version of the Diceware article. I particularly like the random syllable table, since you can print it out and carry it in a small container with a set of dice.

 123456
1bcdfgh 1a
2jklmnp 2e
3qurstvw 3i
4xzchcrfrnd 4o
5ngnkntphprrd 5u
6shslspstthtr 6y

There are a lot of online stores that sell casino dice, but if you ever get to Las Vegas, many of the big hotels sell their used casino dice in the gift shop. The Luxor even sells theirs online for $2 a pair. You can get their playing cards, too.

Today’s I’m-not-a-telemarketer call


“You realize I’m on the do-not call list?”

“We’re not trying to sell you anything, we’re just offering you a low interest rate.”

The Lending Company. Typical mortgage broker, apparently operating out of Scottsdale, AZ. They did not supply any caller-id.

Super screen


I want one of these. Screw putting it into a PDA, though. A 300dpi LCD display? I want it on my 15” PowerBook!

Of course, it would probably cost more than my Lexus, but I can dream, can’t I?

Halloween tally


I live in a suburb densely populated with families, most of which have children of trick-or-treating age. As an old campaigner myself, I feel a natural sympathy for the kids, and so I pass out double handfuls of candy that weigh, on average, half a pound.

Unfortunately, despite the ever-increasing safety of our streets, it looks like post-9/11 fears are driving the celebrations indoors, to shopping malls and community centers. I don’t know what it’s like at those events, because I stay home and pass out candy. I hope the kids are getting a good haul.

2001 was my first Halloween at the new house, and I was pleasantly surprised at how many kids turned up. I got maybe half as much traffic last year, and had enough leftover candy to feed the office for months.

This year, I cheaped out and only bought about 25 pounds of candy, so the 42 kids I’ve seen so far have made a serious dent in it. If I get a late rush, my fallback plan is to start passing out dollar bills; I’ve got thirty of them, which should satisfy another 15 little monsters.

Unfortunately, my cul-de-sac doesn’t look terribly inviting. More than half of the houses are dark, so I’ve gone out of my way to make it obvious that I’m in the game. The normally-garaged car is in the driveway, all the lights are on, the door is partially open, and the new teaser trailer from Alien vs Predator is blasting out of an upstairs window in a continuous loop. Seems to be working.

Oh, and the pizza driver was deeply confused about the $10 tip. Guess most people don’t think of Halloween as a major tipping holiday.

Latest variation on the Nigerian email scam


This actually made it past my spam filters. Once.

Needless to say, I won’t be helping this innocent victim of political persecution, wrongly jailed for “suspected genocide”. Nor will I keep his message a secret “for the sake of humanity”. In fact, I’d be delighted if it served as evidence against him. The person sending the spam, that is, not the fictional character in the message.

(the email address used was scraped from the blog Making Light; I’ve never used it anywhere else, and now that my filters trap about ten spams a day sent to it, I never will)

more...

Halloween Porn


As my contribution to Bush’s newly-declared Protection From Pornography Week (no, seriously), I hereby commit to visiting J-List and purchasing issues of Bejean, Urecco, and Japanese Penthouse, as well as at least one lesbian-schoolgirl DVD, a hentai game, and a Hello Kitty “Shoulder Massager” (for a friend). That should keep them out of the hands of children.

No bukkake videos, though; ick.

I’ll do something more elaborate next year. Probably involving pictures of Jenna.

MT plugin: breaklinks


My contribution to warding off comment spam: reduce its value to the spammers by breaking their URLs. The blog owner (and trusted friends) can keep their URLs intact by adding a password to their comments.

This doesn’t stop someone from flooding your blog with spam; it’s just a lightweight filter to eliminate the benefit. pornospam.com won’t get hits or page-rank from a URL that’s been rewritten to pornospam-DOT-com.

.vg/.biz


Very little email spam actually gets through to me any more. OS X’s Mail.app weeds out about 40 a day based on content, leaving about three a day that consist entirely of inline JPG images. Which Mail.app doesn’t load.

The subject lines make it clear that they’re obvious spam, so my latest trick is to view the raw source, look for the link to the picture, and add that domain to a custom rule. For the past few weeks, virtually all of these have been links to sites in the .VG top-level domain. From the host names involved, it’s clear that the registrar is in on the scam, so I’ve junked all messages containing “.vg/”. Works like a charm.

Today, a few got through with .BIZ domains, and I realized that I’ve never seen a legitimate business that had a .BIZ domain. So I added “.biz/” to the list as well.

The rule also junks messages containing “http://1" through “http://9"; I think that one still catches about ten spams a day.