Month: February 2006

eBay and banks need to implement SPF and Domain Keys

eBay and banks really need implement SPF, Sender Policy Framework and DomainKeys. There I said it.

I see quite a few Phishing attacks every day. And just about all of them aren’t caught by SpamAssassin. Technically they aren’t spam, so that does make sense. But what bothers me is that this is easy mitigate for many potential victims. If eBay and banks supported SPF and DomainKeys, it would be much easier for a filter to tell if the message is legitimate or not. Check out this sample SpamAssassin header from a eBay phishing email I received:


X-Spam-Level: **
X-Spam-Status: No, score=3.0 required=5.0 tests=BAYES_50,HTML_IMAGE_ONLY_28,
	HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HEADER_CTYPE_ONLY,
	MIME_HTML_ONLY autolearn=no version=3.1.0

That’s really not much in this otherwise pretty bad email. The IP of origin isn’t even in North America (it’s Pacific Rim).

Perhaps it’s time to start a campaign to urge institutions subject to having their name used in these attacks to start using a method like SPF and DomainKeys. A mail provider could then throw out emails that don’t match. Anyone know why they still don’t implement one or both of these methods?

It seems to me they could easily take a giant step to solve the problem. I know Google’s Gmail knows about SPF, and Yahoo knows about DomainKeys. That’s two major email providers right there.

Tags domainkeys, ebay, spamassassin, spf

Internet Programming Web Development

Yahoo hosting PHP

Post date 2/27/2006
No Comments on Yahoo hosting PHP

Found this rather interesting:

Yahoo's PHP Mirror

It’s been known for a while Yahoo is a PHP user, but it’s interesting to see them giving back. Very cool.

Tags Open Source, php, yahoo

Google

Gbrowser Redux

Post date 2/23/2006
4 Comments on Gbrowser Redux

An interesting post on an allegedly new Googlebot. I’ve got no clue about the truth or accuracy of it, but the article thinks Googlebot is no longer a lynx like browser, but based on Mozilla. It would make sense, so Google can take better advantage of things like CSS, JavaScript. Perhaps it’s using <canvas/> to create screenshots for thumbnails?

Again, no clue regarding accuracy, but it’s an interesting read.

Tags css, gbrowser, google-browser, javascript

Security Software

Norton AntiVirus doesn’t like Windows Defender

I upgraded from MS AntiSpyware to Windows Defender. Seems Norton AntiVirus doesn’t exactly like it. In Norton’s Log Viewer are a ton of the following:

Event Details:
Time: 2/22/2006 8:02:17 PM
Actor: C:\Program Files\Windows Defender\MsMpEng.exe (PID=464)
Target: C:\Program Files\Common Files\Symantec Shared\ccLgView.exe
Action: Unauthorized access
Reaction: Unauthorized access stopped

www.symantec.com

Not nearly as bad as Kaspersky zapping Microsoft AntiVirus. Hopefully Symantec or Microsoft will get to it soon. Nothing about that in the release notes.

Other than that, no opinion formed quite yet.. It has a “new engine” supposedly. Not sure if it will prove any better or worse. I guess time will tell. Doesn’t seem to give as many alerts to the user as the old version did. Personally I liked them, let me know what’s going on. Perhaps I’ll revisit and review it a bit at a later date.

Tags antispyware, microsoft, norton-antivirus, symantec

Personal Programming

Really Busy

Post date 2/22/2006
No Comments on Really Busy

I’ve been really busy lately, hence posting is a bit light. I plan to pickup soon. I’ve been working on many things.

On a side note, switching programming languages (Visual Basic .NET, JavaScript, HTML, CSS, PHP, Perl) all in one day can be very confusing at times. I’ve been finding myself mixing up syntax quite a bit in the past few days. Yuck. For those wondering, Visual Basic is by far my least favorite.

Tags css, html, perl, php, Programming, school, VB.net

Google

Google Widget Licensing?

Post date 2/17/2006
No Comments on Google Widget Licensing?

Google’s Personal Homepages allow for some really neat widgets. Interestingly, there are quite a few by Google Inc, that even provide source code, so you can see exactly how they were made (super cool!). There is something that concerns me though. No mention on licensing, or how it would even work.

Say, someone wanted to create an open source framework of code for making widget creation easier (such as copy paste of great libraries such like prototype.js, or jslib among others). How would licensing be noted?

Say someone else wanted to create a project under an open source license, and collaborate to create a widget. Again, how would that be handled? Are you limited to purely a  comment to display the licensing block?

Some talented Google employees wrote some great widgets, but there’s no license on how they can be used. Ideally they would be under a very liberal license, so that their code could be included under virtually any circumstance to build derivative works.

Looks to me like the Module Preferences need to have a “license”.

I’d be curious to know Google’s intentions/position on this topic.

Tags Google, jslib, prototype, widget

Google Internet

True Hackers

Post date 2/16/2006
1 Comment on True Hackers

I’ve been saying for quite a while that true hackers, aren’t the stereotyped computer nerds. They are just observant people who know what to look for. That article is a little disturbing, but nothing strange. I remember a year or two ago when someone had a “Google Hack” to find those Axis cameras, many not even password protected.

Very interesting read.

Tags Google, hacker, Security

Funny Politics

Cheney’s Got A Gun

Post date 2/15/2006
3 Comments on Cheney’s Got A Gun

Best Aerosmith Parody ever:

Cheney’s Got A Gun

Absolutely brilliant.

You seriously have to question if the guy was suicidal to go out into the woods with Dick Cheney holding a gun. It’s like walking into a tiger pit with fillet mignon in your pockets.

[Hat tip: Digg]

Tags aerosmith, dick-cheney, rick-davis

Apple Mozilla

Intel Mac UserAgent

Post date 2/12/2006
1 Comment on Intel Mac UserAgent

To continue with my last post, I did some digging to see what the useragent on the new Intel Mac’s were. A while back, I was wondering what they would change it to. I now have the answer:

Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en) AppleWebKit/417.9 (KHTML, like Gecko) Safari/417.8

For Firefox, it’s not quite decided (bug 323657).

Tags Apple, intel, safari, user-agent, WebKit

Apple Hardware

Apple is still using 64-bit Processors

Post date 2/12/2006
1 Comment on Apple is still using 64-bit Processors

Several months ago I asked if Apple would continue to use widely advertised 64-bit processors after moving to Intel. Apple spent a lot of time/money telling people 64-bit was the future, and the G5 was perfect.

Even upon release of the first Intel Mac’s, it wasn’t clear if they were 64-bit or 32-bit. Supposedly they are 64-bit, but not very clear if they could ever run in 64-bit.

Regardless, very interesting.

Tags 64bit, intel, mac