Archive for February, 2006

Why SiteAdvisor must test with Internet Exploit

Saturday, February 11th, 2006

A Crawler-based Study of Spyware on the Web goes a long way toward explaining why must test sites with IE. Cited by Asa Dotzler:

“1.5% of the URLs we crawled in May exploited IE security flaws to install spyware without prompting the user. While this may seem like a small percentage, consider that 1 in 67 Web pages that we examined contained malicious content targeting browser flaws,” while for Firefox “only 0.08% of examined URLs performed a drive-by download installation, but all of these required user consent in order to succeed. We found no drive-by attacks that exploited vulnerabilities in Firefox.”

Amazingly still owns 87% of web users (or rather IE-hijacking malware does!)

SiteAdvisor presented yesterday at .

CodeCon Friday

Saturday, February 11th, 2006

This year Gordon Mohr had the devious idea to do preemtive reviews of CodeCon presentations. I’ll probably link to his entries and have less to say here than last year.

Daylight Fraud Prevention. I missed most of this presentation but it seems they have a set of non-open source Apache modules each of which could make phishers and malware creators work slightly harder.

SiteAdvisor. Tests a website’s evilness by downloading and running software offered by the site and filling out forms requesting an email address on the site. If virtual Windows machine running downloaded software becomes infected or email address set up for test is inundated with spam the site is considered evil. This testing is mostly automated and expensive (many Windows licenses). Great idea, surprising it is new (to me). I wonder how accurate evil readings one could obtain at much lower cost by calculating a “SpamRank” for sites based on links found in email classified as spam and links found on pages linked to in spams? (A paper has already taken the name SpamRank, though at a five second glance it looks to propose tweaks to make PageRank more spam-resistant rather than trying to measure evil.) Fortunately SiteAdvisor says that both and are safe to use. SiteAdvisor’s data is available for use under the most restrictive Creative Commons license — Attribution-NonCommercial-NoDerivs 2.5.

VidTorrent/Peers. Streaming joke. Peers, described as a “toolkit for P2P programming with continuation passing style” I gather works syntactically as a Python code preprocessor, could be interesting. I wish they had compared Peers to other P2P toolkits, e.g., .

Localhost. A global directory shared with a modified version of the BitTorrent client. I tried about a month ago. Performance was somewhere between abysmal and nonexistent. BitTorrent is fantastic for large popular files. I’ll be surprised if localhost’s performance, which depends on transferring small XML files, ever reaches mediocrity. They’re definitely going away from BitTorrent’s strengths by uploading websites into the global directory as lots of small files (I gather). The idea of a global directory is interesting, though tags seem a more fruitful navigation method than localhost’s hierarchy.

Truman. A “sandnet” for investigating suspected malware in. Faux services (e.g., DNS, websites) can be scripted to elicit the suspected malware’s behavior, and more.

The Law of Below Averages

Friday, February 10th, 2006

I probably only noticed Alex Tabarrok’s post in my feed reader this morning because of the title similarity to Nathan’s the law of averages blog. The former has some amusing stories in comments of student cheaters foiled by their own stupidity. The gist of the post and comments is that it it isn’t worthwhile for a professor to try hard to catch and punish cheaters as cheaters tend to do poorly anyway and being perceived as a hardass obtains lower student evaluations.

I wonder how this applies to the world outside school, where compulsive excuse makers don’t receive grades every several months, aren’t working toward graduation, and negatively impact others — a student cheater at worst has a marginal impact on the grading curve, if a curve is being used — students are striving for individual reward — while a bad worker can damage an entire organization.

What means do people use to allow bad workers to “fail out” in environments where being a hardass is counterproductive or firing is nearly impossible? This applies particularly to government jobs (my only experience is second-hand), but also to a surprising extent in for-profit organizations. For a long time I thought managers were simply afraid or ashamed to wield the axe. Now, I think it is a little more complicated than that — managers have many different fears that prevent them from firing counterproductive workers.

Addendum: Last year I saw in a university bookstore a large banner hung behind the cashiers featuring a screed on the evils of cheating, a pledge to never cheat, and supposedly the signatures of the entire freshman class. Struck me as Orwellian. My guess is the message did not have its intended effect on certain students — those who had some sense that high school was prison-like and harbored some hope that college might be substantially different.


Friday, February 10th, 2006

That’s the Net Prophet, a new four-character, blasphemous emoticon invented by Sandy Sandfort:

Please note the turban and matted beard. Net Prophet is suitable for e-mail, websites and graffiti. And I think it’s a lot btter symbol for free speech than some stupid ribbon.

Not to mention better than flying the flag of a jurisdiction. The beauty of the Net Prophet is that it is not merely a symbol for free speech, it is free speech (where “free speech” is communication that someone wants to forcefully suppress).

Why “support” free speech when you can engage in it? There may be no other issue where direct action is so easy, so do it!

Muhammad with camel

Monday, February 6th, 2006

The first thing to note about the is their timidity.

The timidity of the selection turns out to have been pure genius (mine would have aimed for maximum depravity) as it highlights just how bizarre the reaction has been.

Many have expressed disappointment in the tepid support for free speech from many western governments. I am completely unsurprised. The U.S. government and its allies have taken on around as constituents. The government of Denmark has more freedom to do the Wright thing.

As I am on a very minor photo remix kick, here is my contribution to the universe of images of Mohammed:

muhammad licking camel asshole
licking a camel’s asshole under orders from .
Original photo by Saffanna licensed under cc-by-2.0.

I believe this image complies with putative , though some may claim they see him in the camel’s face. (Yes, this is a remix with zero diff.)

How do I know Muhammad and not Jesus is with the lucky camel? Because a camel couldn’t feel an imaginary person‘s licks.