March 29, 2008 | Comments: (0)
My friend Desmond recently got an invoice from Dell for two DLP projectors. He hadn't ordered any DLP projectors. They weren't shipped to his house, either. Instead, they went to Roosevelt Island, NY (NB: Roosevelt Island? Really?). Obviously he was perplexed and called Dell. Well, he tried anyway. While American Express handled this with aplomb, Dell, well, didn't. In fact, they didn't seem to care.
What makes this more interesting is that Desmond is the IT Director for a sizable technology company that has done significant business with Dell for many years. As he notes "When I order something from Dell for my business, they will not ship to any address than the addresses on my credit card. Why did Dell do it for this order?"
Suffice it to say, this is a very poor example of how to deal with a very troubling issue. Here's the full post.
Posted by Paul Venezia on March 29, 2008 11:08 AM
March 27, 2008 | Comments: (0)
My previous post on domain squatting got plenty of attention, and plenty of comments, both positive and negative. Interestingly, the majority of commenters (public and private) who didn't like what I had to say admitted that they were in the business of domain squatting/parking. Huh.
Yesterday, I finally got a response that I'd been waiting for. Just below an argument that domain squatting apparently provides sustenance for needy families, Gary commented:
I'm putting $7,000 a year into the internet for renewal fees. Am I helping out the internet and helping to create jobs. Yes. Am I hurting the internet. No. We can create new extensions and billions of new names if we wanted to, with money that people like I am pouring into the internet with renewals. If you don't get a .com, there are hundreds of other extensions and hundreds more planned for.
Hundreds of TLDs? If you count country TLDs, perhaps, but universally available TLDs? Hardly. For the vast majority of people out there, there's only one: .com
This is ICANNs fault, of course. Rather than act on approving new TLDs in the nineties -- before .com because synonymous with the Internet -- they waited, and waited, and waited. This made .com the only "real" TLD out there. Even .org and .net are marginalized under the public perception of .com. The other relatively new TLDs, like .info, .biz, and so forth are certainly available, but to many people they're suspect. I've had many non-technical people ask me if a .biz or .info site was a malware or virus-laden website simply because it wasn't under .com. They just don't understand that there's more than .com out there.
Even sites like craigslist.org have craigslist.com registered and redirected. When given a domain name (even if it's shown with .org, .net, .info, whatever) most people will append .com.
Let's face it -- .com is it if you want a marketable domain. It shouldn't be that way, but it is.
Posted by Paul Venezia on March 27, 2008 11:13 AM
March 27, 2008 | Comments: (0)
The 45nm Xeon 5400 series in the lab
Yesterday, Intel announced the newest incarnation of their quad-core Xeon CPUs. The 5400 series is a low-voltage chip designed for tight spaces such as blades and 1U servers. On the very day of the announcement, I was finally firing up a test box running a pair of 5420s. These are 2.5Ghz quad-core CPUs with 12MB cache built on the 45nm die, and I'm running them in an Intel server chassis on the S5000PSL mainboard. These chips aren't designed to be speed demons -- rather, they're designed to be lighter on the power budget while still offering decent performance.
I haven't had a lot of time for testing and benchmarking yet, but I do have some results from basic tests. Some of these tests are threaded and make use of the eight total cores in the box, but others are single-threaded and highlight the performance expected from that type of application. Additionally, most of these tests also reflect disk I/O performance. Essentially, these are real-world tests, not just CPU tests.
All tests were run on my test system, which has 4GB in two 2GB FB-DIMMs, two quad-core Xeon 5420LV chips at 2.5Ghz per core, two Seagate SATA II drives in a hardware RAID1 array built with the Intel embedded RAID controller (which is an LSI chipset) on the S5000PSL mainboard. The OS was a fully-updated CentOS 5 build.
MySQL
I ran all tests in the sql-bench suite against the local host using sockets. All tests completed in 1435 seconds (23.9 minutes).
LAME
I used LAME to encode an 838MB WAV file to MP3 at a 256k bitrate, VBR 2. This is a single-threaded task, and completed in 404 seconds (6m 44s)
MD5 Sums
Another single-threaded task, but a common one. Calculating the MD5 sum of the same 838MB WAV file took 2.6 seconds.
Compression
I ran bzip2 on the same 838MB WAV file. The times were 182s (3m2s) to compress, and 77s (1m17s) to decompress.
Posted by Paul Venezia on March 27, 2008 10:49 AM
March 21, 2008 | Comments: (0)
Domain squatting for fun and profit
I just got off the phone with MarkMonitor, a company that according to the fellow I spoke with is hired by multi-national corporations to register and squat on domain names in the interest of brand security. I was calling them to inquire about a specific domain name that they had registered -- a domain that was simply an ad page. I was hoping to use that domain for a little project, but I was told that in order to even inquire about the potential availability of the domain, I would have to have my attorney contact them directly, and then go through a process that might take a few months before finding out if I might have the privilege to buy the domain on their terms. I asked him if he saw any problem with this, and he went on a brief tirade about protecting brand identity, and then roughly slammed the phone down, hanging up on me. Great sales tactic, no?
In some cases, the practice of registering domains that aren't intended for use is legitimate -- someone registering dell.org, delll.com, and putting anti-Dell information there -- or worse, a copy of Dell's website -- could be potentially damaging to Dell, and they have a right to protect themselves in those instances. They are also protecting against someone registering a domain that's close to theirs and essentially blackmailing them into buying it for lots of money. This is what MarkMonitor.com supposedly does, but since I was yelled at and hung up on by their own sales staff, I never got the full details.
The domain that I was inquiring about had no relation to any ad campaigns, corporations, or otherwise. It didn't redirect to a legitimate site, or offer anything useful -- it's simply parked on an ad page. It was being squatted on by a company in the hopes that someone would come along and buy it for some ridiculous price -- essentially exactly what companies like MarkMonitor.com claim to protect against. Variations on the name using hyphens and other small changes produced similar parking pages, but squatted by different companies.
Thus, instead of a domain that could be used to host useful tools or interesting information, it holds nothing of value to anyone. It doesn't infringe on any trademarks, it's essentially been relegated to the trash bin -- of no use to anyone. This isn't brand protection, it's glorified ticket scalping.
I do find it rather amusing that the company running the parking page has a website that hits a Drupal "Database Error" page as of this writing (www.firstlook.com).
Although ICANN has backed plans to reduce domain tasting or the practice of registering hundreds of domains, then returning all but the few that get the most hits (hits to parked ad pages), it's still a big problem. Network Solutions has been under fire for this, but in a more insidious way -- if you use their site to query about the availability of a domain name that isn't registered, they would instantly register it, and then offer to sell it back to you. If you didn't pay for it, they would release it and not pay any fees. The evidence suggests that Network Solutions is the crooked grocer of the digital age, but they have a bigger thumb on the scale, and it's automated.
All of this comes down to right and wrong for me. Is it right that a company can register domain names that are directly related to their own brand in order to protect themselves? Yes. Is it right that a company can register thousands and thousands of domain names that they will never use for anything other than parking pages, simply to be able to bilk someone out of more money when they actually want to use the name? Not in my book.
The more time that passes since the Web was born, the further and further it drifts from the core ideals that formed its foundation. That's an allegory if I ever saw one.
UPDATE:
In response to some of the comments:
I understand the domain industry. I registered my first domain almost fifteen years ago. I understand the economics, and the shady nature of domain squatters. I reject the argument that it's like buying land, subdividing it, and selling it. To me, this practice is more in line with someone standing at the entrance to a parking lot, misrepresenting themselves as the owner, and charging five times the actual price for a parking spot -- essentially engaging in extortion by misdirection. There are nuances here, like domain tasting, but the simple fact remains that domain squatting is a parasitic practice.
Yes, we pay for goods and services, but this is like having someone walk around the supermarket right in front of you, scooping up everything you want to buy and then offering to sell back it to you at an inflated price.
I reject the "that's America" argument, because the Internet isn't limited to America. Neither, unfortunately, is this problem.
A domain name might be "an appreciable marketing asset" but only after the content or function has proven worthy or has a real-world reference like vodka.com. If Google wasn't Google, google.com would probably be parked on an ad page. These ad pages are only marketable in that they generate revenue by misdirection -- typos and the like. Any way you cut it, it's distasteful.
UPDATE:
This was too good not to post. I'm still looking for a domain name that's even tangentially related to the content of the site I want to build. I'm hitting parking pages everywhere... including one with this obviously automatically generated tagline:
"For resources and information on Done swimwear and Colonoscopy Done"
Priceless.
Posted by Paul Venezia on March 21, 2008 06:07 PM
March 19, 2008 | Comments: (0)
I was perusing the Presidential candidates websites today. Interestingly, they all look roughly the same, though Barack Obama's site is better designed than the others in my humble opinion. What was even more interesting was the OS choices, though perhaps these should come as no surprise:
| John McCain: | Windows Server 2003 |
| Barack Obama: | Linux (with a touch of FreeBSD) |
| Hillary Clinton: | Unknown |
Source: Netcraft.com
Posted by Paul Venezia on March 19, 2008 12:18 AM
March 17, 2008 | Comments: (0)
Full circle: How Microsoft is trying to eradicate email
After all this time, all these spams, all the complaints from all over the globe, I can only come to one conclusion: Microsoft is trying to kill email.
Let's take a look at some facts. Spam levels are as high or higher than they've ever been. From my own personal experience, I can say without a shadow of a doubt that 99.9 percent of all email coming to my mail server is spam. That's tragic all by itself, but it's been that way for quite some time now. I have written and documented the severe steps that I've taken to reduce the problem, but the fact remains that hundreds of thousands of connections are made to my mailserver every day, trying to sell me v1@gr@!, inform me of my incredible good fortune in some foreign lottery, or tell me that really need to buy stock in some company nobody's ever heard of.
Hundreds of thousands of connections, coming from thousands of hosts. What are those hosts anyway? The vast majority of those hosts are exploited Windows systems. They're zombies run by botnet operators. Their owners are probably completely clueless to the maelstrom that has engulfed their little Dell desktop. It's just "slow".
There are millions of these systems out there, according to an article from USA Today. Millions.
The mainstream media consistently use the term "computers" when they make forays into this realm. Yes, they are computers, but they're not just any computer -- they are all running Windows. All of them. Let's not mince words here: Botnets are comprised of compromised Windows systems. Thus, Microsoft's massive security failures are at the very core of the spam problem.
Yes, there are still spammers out there that use specific servers and subnets to send their trash, but they're relatively easy to identify and stop, either by the ISP, or through filtering at the client side. Connections from millions of unique systems from all over the globe are much harder to stop. Some of the ways that spam filters try to stem this tide is by identifying subnets assigned to residential cable and DSL providers, and blocking those IP ranges. That's like bringing a sledgehammer into surgery, but it can be effective -- so effective that it blocks legitimate communications from people running their own servers, and hundreds of companies using cable and DSL connections for their business. The subnet allocations caught up in these traps aren't necessarily accurate, and they can cause email to simply disappear at worst, or consistently be marked as spam at best.
Speaking of email simply disappearing, this brings me to my next point about Microsoft's apparent attempt to kill email: Hotmail.
I've had a Hotmail/MSN/Live.com email account for awhile now, and it's been relatively spam-free. Of course, that address is not published anywhere, and I hardly ever use it, so I would expect that to some degree. However, some tests I ran over the weekend shed some light on some of the ways that Hotmail/MSN/Live.com handle spam: They apparently are simply deleting inbound email with no bounce messages, no flags, no notification -- nothing.
I can replicate this at will. When I send an email from my mailserver (located on a commercial circuit) to my gmail.com account, live.com account, and other personal accounts, they all arrive -- except to my live.com/Hotmail account. It simply never appears, and no bounce message is ever seen. If I send myself an email from my live.com account, it arrives speedily, and my reply is delivered back to the live.com account almost instantly. But if I then write a new message to the live.com account, it never appears, even though it came from an address that I just emailed.
Thus, Microsoft is simply deleting legitimate emails. Why would I bother using such a service? It's like buying a car that will only start once in awhile, or a refrigerator that keeps the soda cold, but lets the milk go bad. It's useless.
I'm not alone here, either. This thread at MozillaZine goes back to 2006, and describes these exact problems in excruciating detail, among others. Ian Gregory has also been cataloguing this problem for a few years now.
The temerity of Microsoft to simply never deliver these emails is shocking to me, but taken in concert with my original point that Microsoft software forms the very core of the spam problem to begin with, and the only conclusion I can make is that they are waging a war -- not against spammers, but against email.
Perhaps they're going to unleash some hidden features in Exchange 2008 that will ensure that email sent from one Exchange server to another is always passed through (and always reaches hotmail.com, msn.com, and live.com addresses), leaving everybody else out in the cold -- a Frankenstein thought if there ever was one.
Their motive may be unclear, but their actions are transparent -- they are complicit in the generation and distribution of spam, and are summarily deleting emails addressed to their users under the guise of fighting spam.
Until they remedy this egregious activity, I've instructed my mailservers to discard any inbound email from hotmail.com, msn.com, or live.com.
In a few days, I probably won't be able to reply to them anyway.
Posted by Paul Venezia on March 17, 2008 03:56 PM
March 12, 2008 | Comments: (0)
It's been just over a month since I first unboxed my MacBook Air. I wrote a review for InfoWorld that garnered some attention, and a sidebar that far too many people seemed to think was the actual review -- a statement on their own preconceived notions and lack of reading comprehension more than anything else, perhaps.
In any event, I've subjected my MacBook Air to daily use, dropped it once, had it sat upon by a careless individual not once, but twice, and have travelled with it via plane, train, and automobile. I've used it for email, Web browsing, and Linux, Windows, and FreeBSD server administration. I've written thousands of lines of code and thousands of words on it. I've used it on a plane, on a desk, in a chair -- and I still dig my Air.
I've used it on WiFi hotspots, with 802.11b, g, and n networks. I've used it with my Nokia N95 acting as a Bluetooth modem. I've plugged into a wired Ethernet network using the USB adapter. I've done photo editing and some audio processing with the Air, watched movies and listened to music. I've used it with a USB serial adaptor to configure Cisco switches. I've done everything that I normally do on any computer, laptop or not, except use CDs or DVDs -- I haven't needed that function even once. I only used the Remote CD function to install XCode from the Leopard CD the first day. I used Apple's Migration Assistant to move over all my settings, email, and applications from my MacBook Pro (running Tiger at the time) and haven't had any issues with those apps either, except for having to reinstall Microsoft Office.
As with any piece of technology, your mileage may vary, but the miles I've put on my MacBook Air have been straight and true so far. I've only rebooted it once in that month, after installing some drivers, yet I use it every day. That's the key to usability for me. I loathe waiting for laptops or workstations to boot or dealing with OS issues. I have work to do. Open it up, log in, and launch another xterm, all within five seconds.
To be honest, I've grown somewhat disillusioned with the attention it receives in public settings. I can't take it to a coffee shop without at least two or three people interrupting me to talk about it. But if that's the biggest problem I have with the Air, I'm in good shape.
Posted by Paul Venezia on March 12, 2008 03:33 PM
March 08, 2008 | Comments: (0)
/etc/hosts.deny, hackers, and automation run amok
3AM. It's always 3AM when these things happen.
Last night, my cellphone started beeping, and after it finally woke me up, I cracked open an eye and checked the screen. Text messages from Nagios, telling me that my main FreeBSD mail/Web server was incommunicado. Lovely.
I crawled out of bed and logged into my MacBook Pro. I had an open SSH session to that box, but it was all but unusable, echoing back a character every few seconds. An eventual 'uptime' showed the 5-minute load at over 300. Three hundred processes in the run queue basically means the box is thrashing wildly... but why?
The Nagios client had respawned a hundred or so times, sshd, snmpd, and inetd were all running 60-70% CPU utilization, completely consuming both CPUs. Everything had come to a standstill. I killed the offending processes from the console (hooray for Raritan KVM-over-IP!) and the box settled back down.
I first started sshd back up, and didn't see the load rise, but as soon as I attempted to SSH back into the box, it spiked to 100% utilization. I killed it, and rebuilt openssh-portable from ports, wondering if I'd been hacked, or the sshd binary had somehow become corrupt. I ran the newly-built sshd manually in debug mode, and watched the same problems occur. Obviously, this wasn't good. Checks of dmesg and /var/log/messages showed literally no problems whatsoever. The I/O subsystem seemed fine, as did all normal server operations -- I could SSH out, Apache, MySQL and sendmail were working, but there was obviously something very wrong.
The uptime on this server was 525 days. Generally speaking, I refrain from rebooting a box unless absolutely necessary, but in this case, I felt that I had to start with a clean slate. For the first time since September of 2006, I rebooted my main workhorse server.
It came back up without issue, other than the same sshd, snmpd, and inetd problems. The reboot was ultimately unnecessary. But what could be causing this problem? As I was making a cup of coffee, I thought that I might try removing hosts.deny to see if that made a difference. That did the trick -- all was well without it. But what caused that?
Awhile ago, I wrote a quick script to scan /var/log/auth.log for spurious brute-force SSH login attempts, and to add the offending IP address to /etc/hosts.deny for sshd. This worked extremely well, reducing the potential effectiveness of these attacks to all but zero. The problem, as it turned out, was that the script eventually wrote over 140 IPs to /etc/hosts.deny, which either triggered a bug, or exceeded a line-length limit that I'm unaware of. Removing that line caused all previously-misbehaving services to return to normal, and after some time to settle down, the server was back to handling a few hundred thousand emails a day, alongside Web and DNS services. I rewrote the brute-force detection script to add IPs to a pf table instead of /etc/hosts.deny, and parsed the previous hosts.deny list into the table to retain that information. Of course, this is how I should have done it to begin with. It took two cups of coffee, but I was out of the woods.
This was a decidedly non-obvious solution to a decidedly bizarre problem. I'd still like to know if I hit a bug in the BSD stack, or what the hosts.deny line-lengths limits are. Anyone? Bueller?
Posted by Paul Venezia on March 8, 2008 02:14 PM
TOP STORIES
Top 10 stories of the weekA new place to hide rootkits
Sun exec on OpenSolaris, Linux
AT&T: No free iPhone Wi-Fi info
MS to appeal E.U. fine
XP SP3 causes endless reboots
Vista as insecure as Win 2000
Google grilled on human rights
Java ubiquity an edge in RIA battle
The InfoWorld news quiz
ADDITIONAL RESOURCES
- Virtualization: A Step by Step Approach to Success
- Dialing up Agility with Business Transformation
- 5 Things You Need to Know About Storage Virtualization
- Virtual Test Lab Automation: Manage development infrastructure
- Improve Resource Utilization and Lower Operating Costs
- Protect Your Data with SSL
