Interestingly enough, someone decided to blog spam me again. This is interesting, because, as I’ve noted before, I have no traffic, which makes it pointless. However, what it did show me is that blog spamming technology is constantly evolving.

Who did the attack? It’s not really important, but here’s the cursory information on the domains spammed:

e-leave
Yukkii (yukkikunikkennen@yahoo.com)
3 Connell Dr.
Berkeley Heights
NY,07922
US
Tel. +1.9082342243

Inna Fridman (FHPAY) gazelhofman@yahoo.com
SilverStar
bolshaya nikitskaya 23
Moscow, RU 52333
Russian Federation
Phone: (095)2917979 x

Was it actually these people who did the spamming? It’s unclear. It might be random spam, or then again, it might be a “screw you” for my previous comments.

What’s interesting is the evolution of attacks. Previously, attacks had been simple: someone would post about their product, and that was that. Easy to track down.

What’s happening now is that random phrases are being used for message comments. Why is this different? It’s not as easily perceived to be a spam message, and it boost relevance ratings in Google. It *appears* to be a valid post, and hence, it seems to have additional credence.

Also, while before posts came from one IP, this one came from at least 28 different IPs. Not all of them reverse-mapped, but the following did:

psalliote.ens.fr
atlantis.eece.unm.edu
nmr500.unl.edu
debian.lhi.is
btcpx8.che.uni-bayreuth.de
trshare.triumf.ca
templa.lnk.telstra.net
194-106-154-19.customer.eircom.net
haruka.tail.gr.jp
mail.tcp-bv.nl
h.orsn-servers.net
www.pfungstadt.de
ns1.ruffdogs.com
h-67-102-112-87.snvacaid.covad.net
cpe.atm0-0-0-1761165.0×50a4c7da.boanxx4.customer.tele.dk
s005.nl.envida.net

A quick look at the countries of these IPs shows they came from Australia, Canada, Switzerland, Germany, Denmark, France, Indonesia, Ireland, Iceland, Italy, Japan, Malaysia, Netherlands, Russian Federation, Taiwan, and the United States. Since the attack seems to be from one perpetrator, but came from several different IPs spread across several different countries, I figure either a) they set up a coordinated attack as a group with others; b) they’re doing some rather broadband and impressive IP spoofing; or more likely, c) these computers have been hacked. The IPs listed above appear to be in many cases (if not all cases) UNIX machines. (If you’re the administrator of one of the above, you might want to do a security audit!)

So now, not only are hacked machines used to send spam. Now they’re used to post to web pages. Strange.

The attack on my blog was very minor. It left a lot of room for improvement, but I can see how it’s only a matter of time before that gets locked down. Interesting times. Considering how ineffective the war on spam has been, can the war on blog spam be any more successful? How long before blog spam is even considered an issue? Only time will tell, but considering the ineffectiveness of the war on spam, I’m not optimistic.

We are now down to the wire, so if you have any sway on people’s votes, now is the time! I have no sway, so I post some random possibly political links for your enjoyment, ranging from liberal to just plain silly.

Proof that Bush is the antichrist.

Scott Paulsen’s take on at whom recent negative campaigning is aimed.

Listen to the libs free online at Air America — listen while you work, and it’s almost like leftist subliminal propaganda!

FactCheck.org — a non-partisan look at what politicians say….at least, I hope it’s non-partisan.

Was Bush a veteran? C’mon, it’s funny.

Republican Phone Porn? It’s what we picture conservatives doing, anyway.

Hunter S. Thompson of Fear and Loathing In Las Vegas fame on Bush.

If you haven’t heard of Jon Stewart’s heated exchange with Crossfire, you’re missing out. Stewart even spun it a little on his show, though Crossfire eventually had the need to fire back.

Why do I hear the Star Wars Imperial March theme every time I hear the name Karl Rove? Maybe it’s because Karl Rove is the puppeteer. This guy really is a political player. Rove is a guy who can and will fight dirty. Yet, he remains a little weird.

How do you get people to register for the Republican Party these days? Tell them you’re petitioning to legalize marijuana.

Finally, if you haven’t heard Triumph take on Spin Alley, you’re really missing out.

I can’t wait for this election to be over so I can get back to watching stupid, meaningless flash animations. Enough with the politics already!

We’re standing on the brink of a new email revolution. As Google begins signing email with DomainKeys, we may be seeing the first steps of the first major overhaul of email technology in twenty years.

Techies have been following this news pretty closely. Direct marketers have been following the news very closely. Spammers have been following the news even closer. The question is, what is going to happen to email? I remember getting my first email account at college and thinking that it was just a strange electronic oddity to save the cost of postage. Nowadays, it’s quite difficult to find somebody without an email address. Everyone in my sphere of contact, even my mom, has an email address. That’s what makes this revolution so important.

Here is what the techies know that the common folk do not:

- Email is insecure. I mean, really insecure. The great majority of people send unencrypted email over unencrypted channels, sometimes with their passwords in plaintext for authentication. If you think email is private, you’re a fool.

- There is no identity validation. I can forge a message from anyone in the world, with nothing more than an email client. Hell, give me access to a telnet client and I can forge a message from anyone without a client. There is no user validation or trust that the person who sent you a message is actually the person who they say they are.

- Spam is an exponentially growing problem. Email inboxes are being assailed with spam in volume unlike any other point in email history. The signal to noise ratio is growing, and email is becoming an increasingly difficult way to get in contact with people.

- Countermeasures are sometimes inaccurate. The best filtering is only so good, and nothing is 100% accurate. We’ve built up an impressive set of technologies to help filter spam, but that technology has been flagging legitimate mail. ISPs have been blocking mail from dynamic IPs, at the expense of legitimate mail coming from them. Imagine if you were waiting for your college acceptance notice to arrive by email. Would you trust your filters not to lose that message?

- Technology is too confusing for the masses. We make strides every day, but the fact remains: if technology isn’t braindead simple to use, then it will be misused.

As such, there is a movement to refine email technology to address one or more of the above concerns. In terms of mail server validation, there are several different initiatives on the table. SPF is a first step, requiring mailers to have custom DNS records. DomainKeys is a “standard” created by Yahoo!, who curiously own the patent on the system. Sender ID is Microsoft’s answer, carrying with it Microsoft’s own flavor of DRM.

While the above three systems are the primary leaders in the field, they also illustrate the current problem: there is no clear winner here yet. Google’s support of DomainKeys notwithstanding, Yahoo! itself still has not implemented DK. Most companies shy away from Sender ID due to Microsoft’s influence and the fear of them embracing and extending right over their profit margins. As to SPF, though it costs basically nothing to implement, it’s not foolproof — perhaps a sixth of junk email may use SPF, which means that just because you support it doesn’t mean you’ll strip out spam. (It does help with accountability, though.) In all cases, whatever gets broad distribution is what will win in the end, as a hodgepodge of different standards will be too fragmented.

It’s also not as if other methods that don’t mess with standards haven’t been attempted in the past. GnuPG and PGP have been around for years providing email encryption and signed messages, but people in general have not been quick to adopt it. I remember creating a PGP key before, though I don’t remember ever sending it to anyone, nor getting anyone to actually set up PGP and use it.

Perhaps it’s as Meng Wong, lead SPF developer, says: “It’s true that changing standards is not easy. But not changing is even worse. There’s a war on — a war against spammers. We have to be quicker to react and quicker to adapt if we want to win it. If things go on, how many years until people just stop using email altogether? They’re not going to give us another twenty.”

We are probably on the brink of a complete email system redesign, in an effort to make email useful again. It should be interesting to see what things will make the cut, and how email will work in the future. One things for sure: if I can get less of those ink toner, diploma, cialis, and viagra messages, I’ll be quite happy.

I never thought I’d be saying this, but we need more left wing links published. I tend to be slightly left of center most days, but it’s actually quite amazing how tightly media is controlled. Since 9/11, it’s been impossible to say anything anti-administration, and have it generate waves. When Valerie Plame was outed by a reporter, no waves were to be had. Such a thing would never have happened under a Democratic administration, because the right would have jumped all over it. Same with misstatements or outright lying by Bush and Cheney. The same is true with media stories. Though lots of quite interesting news breaks through, we tend to be shielded from most of it. Does the right control media? I don’t know, but it’s getting hard to get a fair, balanced account, so if you’ve got left wingish links, publish them! Even if they’re biased, something has to fight off the tide of neo-conservatism that is crippling free speech and freedom of the press.

Nucliear material disappearing from Iraq: “The UN’s nuclear watchdog says it’s worried the US led war aimed at disarming Iraq may have unleashed a proliferation crisis if looters have sold equipment that can be used to make atomic weapons.”

WSJ journalist writes a rather sobering view of the situation in Iraq, which runs counter to the administration’s presentation of the situation. We’re less safe? Iraq is less well off? Oil prices have increased and not stabilized? Scary.

Baghdad Burning Blog

Democratic voter registrations in Las Vegas were trashed

CNN’s undecided voter was a GOP operative. (Note: the
Democrats aren’t exactly free and clear on this one, either.)

There are so many more (and more on the Democratic front too, mind you), but these were the ones I saw today. I don’t think that people should just go out and post the articles that talk negatively about the party you oppose. That’s ludicrous. I do, however, want to make sure that we keep in check the right-wing angles, as they keep some stories out of the limelight, while pushing other stories into the limelight. Remember, folks, just because they say something doesn’t mean it’s true. Also remember that if they don’t say anything, then they aren’t lying, but it’s nearly as bad. That’s it for my rant; just make sure you think for yourself.

A professor commuted from Tokyo to Nanin’s temple in Kamakura many Sunday mornings to learn Zen. One morning Nanin served him tea. He poured the professor’s cup full - and kept on pouring. The professor watched until he could restrain himself no longer. “Sensei!” he protested, “it is overflowing!” Then Master Nanin said, “Like this cup, you are so full of opinions and speculations that there is no room for anything further.

When learning something new, it’s hard not to fall back on old ideas. Newer ideas might be better, but we may be reluctant to give up the ones we have. We tend towards that which we know, and shy away from the unknown. This is not a bad thing; it’s just the way we work.

Like in the zen koan above, we must empty ourselves of preconceived notions, in order to fully grasp new ones. Otherwise, we will meet with resistance, and be unable to absorb as much as we possibly could. It will take us longer to grasp an idea, if we do not allow the idea to flourish on its own.

Empty yourself of preconceived notions, and learn things with a fresh mind, and you will be amazed at how quickly you can learn. Fail at this, and you will be dismayed at how slowly you learn.