Tuesday, January 30, 2007
Sunday, January 28, 2007
The end result of all this was that I had to teach all last Thursday night. The topic for the evening was RF theory. While I did have enough slides to cover three hours (and I did speak for that time), towards the end I realized that the topic is best taken in small chunks. Going from "this is a sine wave" to explaining the advantages of combining phase shift keying and amplitude modulation obviously was quite painful.
The good news is that we're now through that. The bad news is that it becomes quite important (later) when we start talking about 802.16.
Oh! Why do I feel like I burned myself out. Answer: Because I have the typical symptoms: a strong aversion to sitting at a keyboard, wanting to sleep through Saturday, and coming up with excuses not to work on my wife's computer (crappy sound). I think the burnout was caused by putting in 6 hours for slide creation and then talking about them for 3 hours, all in the same day.
Monday, January 22, 2007
Customer service, at the hotel (or at their web host), is really screwing this one up.
Update: I've been told that this issue will be addressed shortly (I gotta stop jumping into the deep end...). The "SHMO" discount code actually works but is for call-ins only.
Sunday, January 21, 2007
Yeah, you can say that I'm a bit grumpy at this point.
Thursday, January 18, 2007
The Linux version is still considered OEM, which means the vendor won't help you install it but there's enough of a community that you can get it up and running with little or no trouble. (Heck, even I've dumped a bunch of notes into the wiki.) It's not to say that there aren't snags. The lastest update to V6 caused MP3s to not play via the Media MVP box. Luckily, I found this short thread which described how to fix the problem (turns out it was a missing library).
In any case, I will recommend getting SageTV to anyone who has more than a passing familiarity with Linux. If you can install the Hauppauge PVR-250 and the IVTV firmware, you'll love SageTV. Another notable thing about SageTV is that, unlike other similar commercial products, it's user modifiable. Heck, the $70 (or so) that I paid for it more than covers the amount of time (months!) that I would have spent pounding on MythTV to get it into the same shape. It doesn't hurt that SageTV now has a Mac client either. (One more reason I'm looking at getting a MBP once I can afford it.)(Sometime this year, I think.)
Tuesday, January 16, 2007
Expect to see a slight change in the "rules", like: actually treating your PSK like a password and periodically changing it (preferably the periodicity of change is less than theoretical amount of time it takes to generate the keyspace for that length of a key).
I may be on the wrong track but here's my thoughts:
- People who buy big pipes are expected to have large amounts of traffic (why else pay such a large chunk of money)
- However, the difference between a lot of people visiting a site and a site spamming a lot of blogs/wikis/guest books is the direction of the traffic.
- This difference in direction can be detected via the TCP handshake. In other words, the SYN, SYN/ACK, ACK sequence.
- Thousands (millions?) of SYN packets towards a web site (with unique IPs) means one of two things: lots of visitors or a possible botnet attack (which we're not discussing at the moment).
- Thousands (millions?) of SYN (no ACK) packets from a site, to hundreds or thousands of packets to other web sites)(unique IPs not requried) means that the ISP's customer is either Google or is doing something worth investigating further.
Detecting this sort of thing should be relatively easy. Has anyone tried this? Willing to try it?
Sunday, January 14, 2007
I periodically curse one Mr. Acosta for forcing me to learn it and there's at least two other people on the planet who curse me for forcing them. That's not to say that we don't use it constantly though. (heh)
Thursday, January 11, 2007
- Argue over whether it is pronounced oh es ex or oh es ten
- Argue over whether it is pronounced lienux or leenux
- Argue over whether it is pronounced gif or jif
- wonder if there's any other way to pronounce wusage
- wonder if anyone will get upset if you say voip or "v" "o" "i" "p"
- pick a fight about whether it's pronounced "s" "q" "l" or sequel
- Wonder if there's many people around that still call it "six" rather than "v" "i"
Come on. They're fsckin' tools. Most of us understand those terms either way. If you go to NYC and order a sub, grinder, or hero, most will places will put a large sandwich in front of you. It's only the assholes that get upset.
Disclaimer: this message brought to you by an caffeine-deficient grump who's reading DMiessler too early in the morning.
Wednesday, January 10, 2007
My advice: get a good general knowledge and then find a specialty that you find interesting. If you're "in it" for the money, you (and the money) won't last long. The IT field is self-correcting that way. It's why you can't swing a dead CAT-5 cable without hitting an MCSE nowadays. Those that are "in it" for the money often come in large mobs. High-paying jobs exist because there's a very small talent pool to draw from. The crowds see those high-paying jobs and jump in the pool, en masse. Next thing you know, you're laid off from your high paying job because there's a college graduate willing to do your work for half your pay.
When it comes to technology, there's a lot of uncharted area out there. The crowds stick to "what's known". You should stick to "what can I discover?" or "how far can I push this?". The whole point is that it should be something that you enjoy doing. You'll have fun, go further and you're likely to make good money doing it. If there's not much money in it, you're likely to, at least, enjoy your job. Ask around, a job that you love is rare and is often better than more money.
Saturday, January 6, 2007
Wednesday, January 3, 2007
Dear user of 757.org, Your account was used to send a huge amount of spam messages during this week. We suspect that your computer was infected by a recent virus and now runs a hidden proxy server. We recommend that you follow instructions in the attached file in order to keep your computer safe. Best wishes,
The 757.org support team.
Your account was used to send a huge amount of spam messages during this week. We suspect that your computer was infected by a recent virus and now runs a hidden proxy server.
We recommend that you follow instructions in the attached file in order to keep your computer safe.
(heh) The "owners" would never be that polite. Care to bet what the capabilities in the "message.zip" attachment does? A quick Google search of a couple of the strings from the .PIF file brings up only one site: nabble.com. Why am I not impressed/surprised?
The justification for such an action appears to be security-thru-obscurity, a practice that rarely works, especially in these times of deep-packet inspection. It's an ineffective measure in that the same data can be "discovered" via malformed or misaddressed email back to the source domain. Yes, it requires an additional step to "discover" the missing data, but the systems involved are configured to give it up in any case (i.e., delivery failure messages).
If you read the comment section of Terry Frazier's post, you'll see the usual RFC's-use-the-word-'should'-which-means-you-can-deviate-and-still-remain-compliant argument. In other words, the usual perversion of embrace-and-extend. Not that it matters that the rest of the world has to work around it (anyone else remember the method involved in MS's web accelerator?).
I still haven't found out if MS-generated message ID's are random or not, but the discovery of this bit of info wasn't exactly encouraging.
Keep in mind that, at one point, MS didn't comply with the "unique ID" guidance either. These are the sort of vaguaries that are valuable when you need to trace/discuss evidence as one side or the other, in a court case, will have an "expert" that claims that all message ID's are unique to the message in question.
Monday, January 1, 2007
New Year's resolution: stop messing with the libraries.
This year, when Beetle asks how the con can be improved, I'm willing to bet that there's a loud answer waiting for him.
I'm more than willing to pay the $99 for a tcicket, as I did for Shmoocon #1. However, I can't afford much more than that. $300 for a ticket, $300 for two nights in a used-to-be-5-star hotel, and $22/day parking (not to mention food/drink) is much more than I can afford.
Heidi, please knock Bruce's/Don's heads together for doing this.
Update: tickets went on sale a little after noon today. The hotel appears to have raised their discount rate ($169 this year). It may be worthwhile to check out their other vacation packages to see if they have anything cheaper or more attractive. Last year, Derez (I think) got a room under the Spy Museum package at the same rate as Shmoocon and also got a waiver for parking and a free ticket for the Museum.
Update II: Talk about being in the right place at the right time. I called a friend right after I'd bought a $75 ticket to remind him that they were on sale. He got in and there were no more $75 tickets left... Heidi posted the following on the site: 2007-01-01 17:11:55 The $75 tickets sold out in, oh, 3 minutes. Good luck guys. See you in March! - Heidi
The $75 tickets sold out in, oh, 3 minutes.
Good luck guys. See you in March!
Yikes! I'd been dozing in my chair all morning (stayed up late to try to get the tickets at midnight) and had only tried again (at roughly 12:06) after waking up for some unknown reason. I still don't like the new scheme.