Tech

Tech-focused ramblings. Computers, blogs, and whatever else fits.

Belkin routers hijacking websurfing

by

Belkin just lost any chance of getting business from me in the future.

It seems that with the latest firmware update to their routers, they have implemented a “feature” enabling unexpected, intrusive, unwanted advertising. Every eight hours, one http request (the information your browser sends when requesting a particular web page) is hijacked and redirected to an advertising page for a new parental control feature.

After the upgrade, on all our systems (wired or wireless), valid http requests are, for certain values of occasionally, redirected to a Belkin ad page!!!!

>

[…]

>

It seems the router now supports a parental control and the market droids at Belkin got the bright idea of equipping the router with intrusive nagware. Of course, I have this strange notion that routers should pass data unmolested by marketeers! There is a “No Thanks” link on the page. Now I have to opt-out from commercials from my router??!!

This behavior was later confirmed by Eric Deming, from Belkin.

Update: Eric Deming’s post has mysteriously disappeared from Google Groups. Damn, I knew I should have quoted from it as well.

Update 2: There is another post from Eric apologizing and claiming that there will be a patch soon. I’m still curious about the earlier post that suddenly went missing.

Update 3: Bingo. One of the posts in the /. thread about this contains the full text of Eric’s first message.

This is nasty. At best, it’s low-down, slimy, intrusive, annoying marketing. At worst, it could cause everything from difficulties with web-based systems (imagine having the redirect kick in in the middle of a transaction on your bank’s website) to possible security holes (such as hackers taking control of the redirect [through affecting the routers, Belkin’s server, or DNS servers in between] and including a trojan or virus in the new target page).

Bye-bye, Belkin.

(via The Register, via the usual suspects)

More on the unintended consequences of blogging

by

It seems I’m not the only person in the blogosphere who’s recently faced surprising consequences due to the content of their weblog. Shelley Powers, aka Burningbird, had a rather interesting conversation with the ~~IRS~~ [California franchise (tax) board]{.underline} this morning…

The person I talked today was compassionate, and extremely helpful — but she was also very thorough.

Before she responded to me by calling me, she mentioned that she gone out to my weblog, this weblog, and read the entries scattered about in it where I talked about my financial situation. She mentioned about reading that thanks to unemployment, I can at least keep my car; about the other things I put online that I didn’t think I would hear back from the mouth of a member of a representative of a governmental tax organization.

I’m not faulting her or shouting out cries of ‘government invasion of privacy’ just because she was thorough. What privacy? I put all this online for anyone to read. Am I going to blame the government, or my creditors, or anyone else for that matter because they read what I write?

She’s since gone back and deleted any posts dealing with her financial situation — and I don’t blame her one bit. It must have been quite a startling revelation when she heard that from the lady she was talking to.

More and more, we need to face the fact that barring password protection, there is no such thing as a “private” weblog. Once the information is there on the ‘net, and available to be read, you can bet that it will be, and not always by those you expect it to be. Some people might say that anonymous blogging is the answer, but I’m not convinced of that — for more on that, read the conclusion to my Fifteen Minutes of Fame post. Best to just accept the fact that anything you put out there can can be found, assume that it will be found, and post accordingly.

(via Scoble)

Fun with bandwidth

by

Since getting Slashdotted, my bandwidth has been going through the roof. On an account rated for 5Gb/month of data transfer, that on a normal month would use roughly half that amount, I hit about 90Gb of data in the last five days of October, and over the first four days of November have already hit about 40Gb of traffic. Crazy.

After realizing this, I did a bit of investigating, and realized that each of the posts that have been getting the most traffic (Even Microsoft wants G5s and Of Blogging and Unemployment) have picked up so many comments that they were up to ~300kb each! At that rate, each page would only need to be loaded three times to produce 1Mb of data transfer — and with the amount of traffic I’ve been getting, that number grows quickly.

In an attempt to try to slow things down a bit, then, I’ve had to both disable any new comments on those posts, and disable the display of the comments I’ve already received, which brought each of the two pages down to around 60k. Turning TrackBack pings off brought the page size down even more, to around 6k each — far better. If things die down, I hope to be able to re-enable at least the display of the TrackBack pings, if not the comments (some of them are pretty entertaining, if not rational) next month sometime. Until then, though (and quite possibly permanently), they’ll have to stay ping- and comment-free.

This just hasn't been my best week

by

Earlier this week, I discovered that my site design had been appropriated without acknowledgment or credit by a third party. Upset about this, I posted about it. Some of my readers were able to provide me with an e-mail for the likely party, and I e-mailed them. I also cc:’d an administrator at the school.

While this action resulted in the site being first removed and then redesigned, it has been pointed out to me in the comment thread to that post that I managed to do this person essentially just what had just been done to me — a mistake that could have easily been taken care of quickly and quietly became more public than had ever been expected or desired.

What can I say — they’re right. I shouldn’t have been so quick to take the actions that I did. Already overstressed and overwhelmed from the attention my site has been getting of late, I reacted too quickly and without enough thought.

The following is the latest in a series of e-mail messages I have been trading with the person in question, expressing my apologies to him.

Thank you very much for accepting my mistake, please notify me of the appropriate amount of money I should paypal to you in order to repay you for bandwidth my site took by using an image served from your server.

Don’t worry about that — chances are it wasn’t terribly much, and as I’ve been getting an insane amount of traffic lately due to my recent experiences with Microsoft, my bandwidth limits are so ridiculously shot at this point that any traffic you might have added would be just a drop in the bucket.

It has been pointed out in the comment thread for my post that I may have jumped the gun in cc:’ing your academy superiors in my initial e-mail without first seeing if you would remove the site on your own. In retrospect, I should have given you the chance to remove it on your own — the only defense that I can give is that as there was no current e-mail address listed when I found your site, I was not certain I was contacting the right person, and at the time I found your site, I was somewhat overwhelmed from the attention my site had been getting and was somewhat touchier than I usually strive to be.

In my experiences with Microsoft (detailed earlier on my website, though it’s entirely possible that that is how you found my site in the first place), I made a mistake, and was immediately given the most extreme punishment possible. I then turned around and essentially did the same to you. For that, I most certainly owe you an apology as well.

I do hope that this hasn’t caused any major problems for you at the Academy (and as such, will also be cc:’ing this apology to the same contact person at the Academy that I did my initial e-mail). We’ve each recently made mistakes that have become more public than we expected or would have wanted them to. Hopefully each of us can learn from this in the future.

Again, good luck to you, and best wishes.

Everybody makes mistakes. Of late, I’ve been making my mistakes loudly and publicly — not something I’d really recommend to anyone. ;) Hopefully I can stop this trend before it gets any worse!

People must like my design

by

One of the many things that I’ve enjoyed about the numerous comments I’ve received over the past few days is that I’ve gotten quite a few compliments on my site design. As I’m generally not much of a designer (trust me on this one — my previous attempts were not horrid, but certainly not great), that’s always a nice compliment to get.

However, there is a potential downside to this that I hadn’t foreseen — that being people ripping off your site design.

The top of the page

The bottom of the page

Even better (or worse, depending on how you look at it) is how I found out. Normally, things like this aren’t always easy to spot. I found out simply because as I was looking through my referrer logs, I noticed a link that I hadn’t seen before — not uncommon over the past couple days — only it didn’t seem to be pointing to one of my pages. Instead, it appeared to be pointing to itself. Odd.

So I bounced over to take a look. Imagine my surprise when I found my very own site design staring me in the face! I was not at all happy. Then I pulled up the source code for the site — and started laughing. Just to give you an idea:

  1. The title of the page is still ‘eclecticism’.
  2. The meta tags still hold all of my information: this site’s tagline, RSS feed, and FOAF file.
  3. The code has been mangled by Microsoft FrontPage 5.0 — always the hallmark of a top-notch site designer. ;)
  4. The trackback RDF data for my posts is still in the page.
  5. While the images in the “ad banner” at the bottom of the page have been replaced, the title arguments are still the same.
  6. It still has the TypePad statistics tracking code at the bottom of the page (which is why it showed up in my referrer logs).

The best part of all of those, though, was that he’d not altered the CSS stylesheet at all — so he was hotlinking the banner image of the Seattle skyline that I use (while it was displaying on his site, he was still pulling it off of my images directory here on TypePad)!

So, in an effort to be polite, I searched around the site for an e-mail contact link so that I could ask him to take my design down. Unfortunately, he hasn’t provided one. So I’ve been forced to resort to slightly more drastic means.

A quick recode of my stylesheet to replace my banner image here on this site with an identical one, so that it won’t be disturbed, and a little bit of quick and dirty Photoshop work on the image that he’s linking to, and instead of my skyline graphic, he now has a banner proudly displaying to the world that ~~his site design was stolen from me~~.

Imitation may be the sincerest form of flattery. But this — this was just clumsy, stupid, and poorly executed. I hope he finds another design soon. Just watch your referrer logs — his next design just might be yours!

(In addition to my screenshots, Phil has provided .pdf screencaptures on his site — thanks!)

'Big Mac' details

by

Dr. Srinidhi Varadarajan, the head of Virginia Tech‘s recent construction of a 1,100-node Power Mac G5-based supercomputer (currently tentatively ranked as the 3rd fastest supercomputer in the word) gave a presentation at the O’Reilly Mac OS X conference this week. Lots of interesting little technical tidbits in the article, detailing just how they were able to get the project up and running.

If you’ve ever sat with a TiBook in your lap, you understand that there is a further significant issue. As hot as a G4 runs, a G5 runs hotter. With a traditional air-conditioning setup, the calculations showed that instead of emptying out the air three times an hour as would be typical, they would need to empty the air three times per minute. Computers tend to each cool front to back. So the plan was to arrange the computers in rows back to back and pull the hot air out of the hot aisle. This would have required wind velocity under the floor of more than 60 miles per hour and still would have resulted in some hot spots. They decided instead to use a refrigerator-like system. Chillers cool water to 40 degrees to 50 degrees, which is then used to chill refrigerant, which is piped into a matrix of copper pipes. Effectively, you have a distributed refrigerator.

More E-voting issues

by

Wired has two articles worth reading on e-voting machines and the security issues (specifically, the frightening lack of any) involved with them.

E-Vote Protest Gains Momentum

Swarthmore College students embroiled in a legal battle against voting machine-maker Diebold Election Systems have received a ground swell of support from universities and colleges nationwide.

The memos suggest the company knew about security problems with its voting machines long before it sold the machines to various states, including California, Georgia and, most recently, Maryland. The memos have popped up on numerous websites since August, despite attempts by Diebold to force ISPs and webmasters to remove them from the Internet.

E-Vote Software Leaked Online

Software used by an electronic voting system manufactured by Sequoia Voting Systems has been left unprotected on a publicly available server, raising concerns about the possibility of vote tampering in future elections.

The security breach means that anyone with a minimal amount of technical knowledge could see how the code works and potentially exploit it. According to a computer programmer who discovered the unprotected server, the files also contain Visual Basic script and code for voting system databases that could allow someone to learn how to rig voting results. The programmer spoke on condition of anonymity.

Electronic voting can be more secure and accurate than the systems that we’ve had such trouble with over the past few years, but only if the companies can be trusted, the systems are verified secure by a third-party review, and if there’s an additional printed “receipt” that can be tallied in case of recounts. The security breaches and known vulnerabilities of the current E-voting systems make it clear that in their present state, they cannot be trusted — and I, for one, would greatly prefer it if I could be sure that my vote in 2004 goes to the candidate I intend it to.

Automatic defrag in Panther

by

I have no idea whether or not this is a standard feature in other Unix systems, but it appears that there’s a very handy little “under-the-radar” feature in Mac OS X 10.3/Panther — automatic file defragmentation.

Everytime an application opens a file for reading, HFS+ checks if the file is fragmented and is less than 20MB in size. If so, it copies the file’s contents to a continuous region on the disk and frees up the previously allocated blocks.

What a wonderfully convenient feature. Even nicer, when someone asked if there were any official confirmation from Apple about the feature, someone else posted the source code from the Darwin (command-line only open source) version of the core system.

(via MacSlash)

Panther goodies

by

Lots of interesting tips and tricks for Panther are showing up on the web now that it’s been out a few days. Some of the niftier ones I’ve run across so far:

  • The Exposé blob (an on-screen trigger for the Exposé effect).
  • SIPS (Scriptable Image Processing System — Panther-specific command line image processing similar to ImageMagick or NetPBM).
  • System-wide inline text autocompletion.
  • When you hit command-tab to bring up the application list, you can choose which application to switch to with the mouse as well as with the keyboard.
  • Exposè is usable during a drag (start to drag a file from a visible window, invoke Exposè to find the target window, then drop the file into the target window).
  • Easily find special characters (accents, math functions, currency symbols, etc.) by choosing Edit > Special Characters… in any application.
  • Choosing your desktop picture now ties directly into your iPhoto library.
  • Lots of high-powered upgrades to the text services engine, giving us professional level typography options by default.