There is a continuum of legality for copyright.  Somewhere along the continuum is the ability to use something in a work that you make.  For instance, a 30 second youtube video with a baby dancing to a Prince song.  Somewhere along the line is outright copyright infringement.  For instance, posting an entire Prince song on Youtube, with original video.

 Somewhere in the middle lies Youtube content.  I don’t know which way this whole thing will go.  I just hope that we don’t lose more freedoms than we already have.  I can’t tell you how many older people than I have told me how many freedoms we no longer have compared to them. 

 I think the digital revolution could be the best thing yet for democracy.  It allows people to communicate directly without having to incur a large cost.  This democratization is happening all over digital media.  From blogs, where you can post a news story within seconds of it happening, and within minutes it can be linked to and copied all over the world.  To the democratization of digital video.  This allowed me recently to film, direct, edit and produce my own Documentary Pawtucket Rising.   As I get closer to the release, I will post more about my documentary.  But, this is such a great time to be alive.  So much is changing so fast.  It must be what it felt like to live in the 60s. 

 Based on other information we’ve seen about spam recently, I wonder how much money he was making on spam.  I wonder if the IRS will be looking into his finances.  It seems low to only charge him 180k for his crimes.  What about all the money he must have made on this scheme?  Unless  he wasn’t very good I guess.

Recently some of the top names of the industry have come together to work on fixing a bug in DNS.  A bug that has apparently been there for a very long time.  It affects many dns systems across many platforms.  Translation:  It is huge.  The amazing part is that it was found quietly by a security researcher.  All of the biggest names in DNS including Microsoft, Cisco, Nominum, Neustar and OpenDNS got together to simultaneously release a bug fix for their platforms.  There is now a patch for all the major dns systems.  If you are using Bind8 upgrade, otherwise get to patching your systems asap.  It doesn’t appear to be only isolated to the dns servers, they want everyone to patch their pc’s as well.

Basically what the vulnerability will do is allow what is called DNS Cache poisoning, but on a grander scale than which we are accustomed.  It will allow an attacker to change the location you go to when you type in a domain name.  So for instance if you type in blog.logicalorderofchaos.com you will be sent to somewhere the hacker (known as a Phisher) sends you.  This has been used to trick unsuspecting users into giving up their credit card information, and social security numbers.  Imagine if it weren’t some tech guy’s blog, but instead was bankofAmerica.com.  You can see where this could be a problem. 

Phishing happens all the time, but usually newer browsers can tell if it is a trick or not based on the way the url is formed or domain or IP reputation, and can stop you from going there without warning.  However, this will actually allow the attacker to change the location you actually go to, when navigating to a trusted domain.  This is bad because many sites use multiple IPs for one domain Even if they have a static IP it isn’t easy to find out what it is supposed to be once the dns is poisoned.

 The short of this is, patch your system.  Patch your system now, today, before the end of the month.  You have to do it, because this could be potentially really really bad.  End of the world kind of bad, so bad in fact that…

Ok there, I was alarmist.  But for good reason.  So get to it, now!

There is a voluntary ban on speculation as to what exactly the issue is, since they don’t want the bad guys to figure it out before the good guys get to patching their systems.  I will follow up on this in a month or two when we have more information.

For now though, So long, and thanks for all the bugs…

“Our research has revealed a smoking gun that shows that Storm and other botnet spam generates commissionable orders, which are then fulfilled by the supply chains, generating revenue in excess of $150 million per year.”

 That’s Million.  With an M.  It is a lot of money, and that is why you get spam. 

This report links canadian drug sales, or probably placebos, with the Storm virus.  These groups capture large amounts of computers running on desktops all over the country, and use them as BotNets.  This allows them to send out emails from several different locations at once, or at different times.  So, blocking specific IP addresses is useless. 

 One would have thought this would have been fixed with XP SP2.  However, it appears botnets will be with us for a while.  As long as you make it lucrative for someone to send spam, you will get spam. 

Vista would freeze when I was in the middle of anything intensive.  XP IE7 was freezing whenever I tried to type something into the address bar.  It would intermittently freeze when I was switching between windows.  Someone had me look at their PC and whenever he was using a particular component it would close his IE browser window when he moved his mouse.

 These issues have been plaguing me for a while.  What gives?  Ok, addmittedly, I installed some of them testing things out.  But some of them like Skype add-on, I didn’t want.  I wasn’t even aware that when I installed Skype it was adding this component to IE7.  IE7 has add-ons.  It seems they pretty much add these add-ons whenever you go to a site, or install a program on your computer.  I finally decided to go in and disable all add-ons to see if that was the culprit.  This fixed both the IE7 on mouse moves problem, and my address bar and intermittent freezes.  Right now, I only have Flash installed, because you really can’t get away without that on the web.  IE7 runs as smoothly as the day I installed it.  Whatever that means.  But it did clear up my issues, and it runs great now.

 Disable IE7 Add-Ons:

Open IE7
Tools->Manage Add-Ons->Enable or Disable Add-Ons

Make sure you have Add-ons currently loaded in Internet Explorer selected

Then start disabling each of them individually.  You can turn them on as you find you need them for the work you do.  Otherwise, you should probably run as little as necessary to get your job done.  I find this is what causes most computer problems.  Too much junk running that you don’t need.  I guess Multi-Tasking has its downsides too.

As for the Vista freezing issue.  This one was much more annoying to me.  I was trying to work on video editing, and every time I would move the position the whole computer would freeze up.  Everything.  Then it would get jerky for a bit, then freeze up.  Sometimes I had to reboot using the power button.   Not a good way to run your computer.   Finally, what I did was break the problem down.  I ran msconfig and turned off all of the garbage running in the startup.  There is a lot of junk that gets loaded onto your system as you go.  Same as the Add-Ons, there is a lot you probably don’t even want.  After doing this, I found that nVidia drivers were the culprit.  They were causing this whole issue for me.  I turned those off, and anything else I didn’t want, and my Vista was running happy as it was intended to be.

 Shut off startup programs:

Start->Command  (or Start->run-> cmd (ok))
msconfig

Go to the startup tab, and disable everything.  You can boot your machine nice and clean without this garbage in there.  But, make sure you take the time to look through to ensure that you don’t need any of it at boot time. 

In conclusion, I’m getting a bit tired of all the cleanup activities I need to do in order to run my computer.  Your computer should do what you want, when you want.  It should not be running tasks that you don’t need.  It is a difficult question as to what should and shouldn’t be running.  However, I think every company that makes a program thinks they are important enough to run in the background.  I’d rather have a few seconds longer to start up, than have 100 quickstarts running.  But that’s just me. 

Yeah.. that’s about right…

Cross claimed it is a myth that users just turn UAC off, saying that Microsoft had collected opt-in information from users that showed that 88 percent were running UAC. Cross said it was also a myth that users blindly accept prompts without reading them.

“It’s a myth that users click ‘yes,’ ‘yes,’ ‘yes,’ ‘yes,’” said Cross. “Seven percent of all prompts are canceled. Users are not just saying ‘yes.’”

I have to admit, I mostly just say yes.  Usually, it is when I am trying to do something that it pops up anyhow.  If I come back to my computer in the morning, and something asked me to allow it to do something…  Chances are, it isn’t something I want.  So I tell it no.  Though, I think that is just some update service running in the middle of the night.  But still, I don’t kno what it is, so I kill it.

 From what I understand, the UAC makes it so that you really cannot hit that button unless you are an allowed user.  That’s a good thing.  You have to be sitting there logged in to do it, and it is difficult, if not impossible to get around.

 I think the anecdotal evidence is in by now.  Vista is probably the most secure Operating System Microsoft has produced.  However, it isn’t very useful.  For business anyhow.  I love it at home, but it runs into enough problems that it probably isn’t worth it for business just yet.

 I’ve often thought that people should be careful when they rely on technology during emergencies.  This goes to prove the point that you need to ensure that the system is fail-safe before using it for any emergency.  Schools are starting to try to use technology to disseminate information to parents via cell phones.  This is a great idea for things that are important, but not life or death.  Colleges have started to use these systems to help avoid another tragedy like the Virginia Tech shootings.  The thought is that if they could have closed down the classes faster and more efficiently after the first shooting, they could have saved further lives of students that were in classes later that day.  This is a great idea, but it should be taken with some caution.  This may have various problems during larger emergencies.  If there were a large scale emergency it could knock out some of the communications.  It could also cause a logjam on the servers that will block the message from being recieved like in this article. 

 A secondary issue is that, perhaps terrorists could send out floods to servers and cause them to go offline in a Denile of Service (DoS) attack.  They could do this in a coordinated effort with say bombing a site with a large number of people.  This could have devastating effect.

 I wonder if cell phone technology should have some form of secondary high priority circuit that will get emergency data through quicker. 

Personally I think we need to go back to the WWII air raid sirens.  I don’t trust any technology to work right every time, all the time.  Maybe I’m biased because of my years working with personal computers.  Servers can be built to work on a fail-safe, but there is always a point of failure, the question is just ‘how bad does it have to be to fail?’

Just a thought… I know it would be incredibly hard to get this passed, as well as technically difficult…   We would need to have an argument as to what should and shouldn’t be allowed.  But I think we need to protect ourselves from certain threats…

Total Sites Across All Domains August 1995 - November 2007 

There are two lines here.  In blue you have the number of domain names registered.  This is the total number of domains people are snapping up.  In red you see the number of active domains.  These are the ones that are actually doing something with the domains.  It is a much smaller number. 

The blue line, or the domain registration curve clearly follows an exponential curve, and is doubling all the time.  Can this continue?  You might think that this trend has to top out at some point, won’t we run out of usable domains?  The answer is, not for a very long time.  Every year new extensions come online which starts another gold rush each time.  Companies are always trying to tie up new domain names. 

Some of the domain name purchases are simply tying up their brands on each new extension.  Some of this traffic comes from domain cyber squatters.  This in itself is an interesting topic.  There is a type of domain purchase that is being used right now, that are technically legal, but a bit questionable.  Domain Kiting is a technique that works within the domain registrar rules to try a domain before they buy it.  Kiting allows the buyer to float a domain and never reall own it.  This can be used to purchase the domain for longer periods of time to test it for free.  They simply keep registering and dropping domains within the 5 day grace period.  This allows them to see if the domain is good or not without actually ever purchasing the domain.  Domain Tasting is the generic term for when someone buys a domain and sees how much traffic is generated.  If the domain doesn’t generate enough traffic within the first 5 days, the domain is dropped and a new domain is purchased to test.  It is not evident from the report how much of this domain tasting is causing the exponential curve.

 The red line here indicates the number of active domains.  These are domains that are actually up and running.  This excludes parked sites, so that means it is only sites that are actually running content.  It is not clear, based on where the curve sits at this point, if the active sites curve will follow the same exponential growth as the domain registration curve, or if it will follow the flatter, cubic curve.  I will go out on a limb and predict cubic growth.  The reason for this prediction is simple.  Companies tend to lock up as many domains as they can, but only use a small portion of domains they actually own.  I think in a years time this curve will show the pattern it is moving towards.

 The next graph on the page is very interesting.  I noticed this a while back.  I thought I commented on  it, but cannot find the post. 

Market Share for Top Servers Across All Domains August 1995 - November 2007

The blue line here is the market share for Apache web servers, and the red line is the market share for Microsoft web servers.  It is difficult to tell what is exactly causing this, however I think it shows a clear trend.  Apache is falling in popularity, as Microsoft IIS is gaining.  The biggest gains for IIS are companies like Myspace that are using Microsoft technology.  The gains from Myspace are some of the biggest gains in this report.

I think there are a number of factors here.  The biggest factor is that in 2003 Microsoft released a new, more stable Server OS, with a far more stable version of IIS.  IIS6 was the most stable and well thought out version of IIS yet.  A few features, like the low attack footprint in the default settings makes IIS6 the most secure version of IIS.  Out of the box you have far less open and available services.  What this means to the administrator is, by default very few services work, and must be turned on explicitly.  This is good news because, many attacks have been perpetrated over services that are open which the administrator doesn’t even need open.  One big example of this was port 445 or the Universal Plug-n-Play port.  This port was open and active by default on 2000, but closed on 2003.  2000 server computers were attacked by a virus a few years back that wreaked havoc on 2000 servers that were not protected by firewall.  As usual it takes years for a new OS to be adopted fully by business.  You can see here where this may have been the cause of the increase once server admins realized that this was a more stable, and easier server to use.  The change in direction happened in about February 2006. 

Another factor that probably helped in the adoption of Microsoft servers is their SPLA agreement.  The SPLA agreement is designed for web hosters in mind.  You don’t actually have to buy the licenses for the servers you have, you simply pay a monthly fee to license the ones you need.  This allows you to expand and contract much easier with demand for servers, and your company grows.  I think this is a factor that allows businesses to use Microsoft technology for hosting much more cost effectively.

So why then did Apache drop so much in popularity?  This is a bit of a mystery to me.  Apache certainly didn’t get any less secure as a platform.  It also probably has gotten a bit easier to use, and more well documented.  Apache is also still free for anyone to install and run.  The only uncertainty for Open Source software that might cause a decline for businesses, is legal threats.  There are a few legal challenges to some of the open source technologies.  But, I don’t see this as much of a threat, so I don’t believe it would cause this much of a drop. 

The one to watch

Google is on the rise.  In fact, according to this graph Google’s service came online somehwhere during this summer.  This seems to coincide directly with Google Apps launch.  The gains are also directly related to the increase in Blogger accounts.  Blogging is taking off, anyone can blog, and anyone can gain an audience doing it.  This is appealing to many people who have something to say.  Bloggers are anywhere from someone like myself who does very technical blogging, to Grandmothers who blog about their gardens.  Google Apps website creater is very crude.  But, as with anything Google does, the first version is usually very rough, then it becomes much better and more mainstream.  Don’t be surprised if you see a really clean feature filled version of Google website creater in the near future.  When this happens, expect Google to shoot up in the market share.

The most amazing part of this, is that the industry is still rather young.  Most of the possibilities haven’t even been touched upon.  I see this industry increasing much more before it eventually levels off.  This will be a fun one to watch.