Slashdot Mirror
Slashback: Slammer, Frames, Pop-Ups
FedEx should take notes. nweaver writes "We have completed our preliminary analysis of the Sapphire/Slammer SQL worm. This worm required roughly 10 minutes to spread worldwide, scanning at a peak rate of over 55 million IP addresses per second, making it by far the fastest worm to date and nearly two orders of magnitude faster than Code Red. It infected at least 75,000 victims and possibly considerably more. The remarkable speed was due to the use of a bandwidth-limited scanner. There were also two bugs in the random number generator. Copies of our analysis are available from CAIDA, Silicon Defense, and UC Berkeley."
"Sir, this patent application needs to filled out in ink. Not Crayon." We recently posted that the company SBC was calling in the chips on patents it holds which the company claim cover certain types of navigation links found on many web pages. Dan Gillmor writes "Noticed the link to Cringley's piece. Well, I did ask readers for prior art and got quite a bit, some of which I've posted..."
Speaking of SBC, theodp writes "The SBC Intellectual Property folks are back in the news, this time for donating a $7.3 million virus screening patent to the University of Texas. While patent donations are one of the latest twists on corporate philanthropy, the practice has aroused the curiosity of the IRS as a possible tax avoidance scheme."
I wonder how much they'd feel justified in writing off if they donated their web patent portfolio to the FSF.
Can we call this an on-again, off-again relationship? Albanach writes "It seems the BBC who had pioneered Ogg Vorbis broadcasting on a serious scale have abandoned Ogg indefinitely. They say other work commitments make Ogg support no longer a priority. Their statement can be read here"
What, and let all my pigeons escape? FedeTXF writes "We already love pop-up blocking in Mozilla and some other related browsers, now Blogzilla is reporting a great trick to get rid of embedded ads (banners and iframes) using plain CCS and the always amazing Mozilla flexibility and openness. Go check this page if you are anxious to see how to set it up."
Did you have your video camera trained on Columbia? Finally, Child of Apollo writes ""For anyone who has recorded video or taken photos that they believe may be of aid in the investigation of the Space Shuttle Columbia accident, NASA has established a special location on the Web where Internet users may upload their media files to be reviewed by NASA." Although sad news all around, thanks to pleasant for the link."
Here's the late-breaker. fonixmunkee writes "looks like SDF will return soon. a message stating that they negotiated a new contract graced the single page in the "members area" of the temporary www.lonestar.org, but did not cite who specifically with. a few different ideas were tossed around for hosting, so only time will tell with who. i also just today got an e-mail from the Washington State Attorney General's Office that offered a small ray (read: none) of hope for assistance with SDF's run-in with NWLink. (NWLink breached SDF's contract.) hope all is well soon." This is good news, especially so soon after SDF got the rug yanked from under them.
Nope, it doesn't validate with the w3c's CSS validator. Do we get to start making up random syntax like MSIE now?
Well, personally I use IE, and thanks to a well-maintained boffo hosts file I've yet to see an ad in just about any commercial website, including those that use iframes (no page, no ad). That includes Slashdot.
The popunders or popups I don't really care about so long as I know no revenue is going to anyone for the page hit (since the browser window comes up with a 404 anyway).
99% effective, in my experience. No openness needed, just a little bit of common sense and some network know-how. Not that openness is not good and all.
Check out the detail the BBC provide about their servers and network.
john
It actually looks like valid CSS v.3 to me, but that would mean that yeah, it wouldn't validate yet.
I'm not expert on the v.3 spec, so don't quote me, but I believe Mozilla has partial support already. That would explain why it works in Moz and not IE/others. Bloody brilliant idea, though.
Yup, this sure is valid!
The bits in square-brackets are attribute-matching: 'SRC' and 'HREF' are valid attributes, and the way that these are loaded is it is using a partial-match, which is why this works.
Unfortunately, this does NOT save the bandwidth wasted by loading these sites: you are just telling 'zilla not to display them, but they are still downloaded and loaded, and any javascript (eg in the IFRAMEs) is still run, and so on.
Still, it tidys things up nicely =)
-Trav
I should really get around to creating a sig.... Nah - too lazy =)
The validator complains about using the *= combinator between selectors, but as far as I know, that's actually valid.
Similarly, the validator bitches about things like a:hover:visited, which is accepted in most browsers that support CSS.
The validator isn't all knowing, I guess.
--
the strongest word is still the word "free"
* And remember, it's spelled N-e-t-s-c-a-p-e, but it's pronounced "Mozilla."
last time Slashdot mentioned any browser stats, IE's dominance was very similar to it's position for websites generally - ie, IE was over 90%.
That was classic intercourse!
If you don't feel like maintaining a userContent.css file, check out Adblock over on mozdev. Bannerblind also kicked ass, but it seems abandoned.
In case you haven't seen it, here's a story running on the San Francisco Chronicle site about an amateur astronomer who photographed the shuttle during re-entry.
From the story:
'Photos show odd images near shuttle'
"The pictures, taken with a Nikon-880 digital camera on a tripod, reveal what appear to be bright electrical phenomena flashing around the track of the shuttle's passage, but the photographer, who asked not to be identified, will not make them public immediately.
"They clearly record an electrical discharge like a lightning bolt flashing past, and I was snapping the pictures almost exactly . . . when the Columbia may have begun breaking up during re-entry," he said..."
404 fscking bytes! No wonder it clogged the Internet!
One line blog. I hear that they're called Twitters now.
One scary though was the comment that most of the previous fast propagating worms are latency limited, since they have to wait for a response from each scan they attempt. They speed things up by spawning multiple threads, but that's inefficient. Sapphire/Slammer got around that by being small enough to fit into a single packet(!) so that it didn't have to wait for a return message, but that small size sharply limited its possible payload. I'm sort of worried about a worm using advanced techniques such as scanrand. As mentioned in a previous slashdot article, it was able to scan an entire class B network in just 4 seconds. With that kind of performance, you could have a similar speed of spread even with a large, sophisticated, and malicious worm.
There's no point in questioning authority if you aren't going to listen to the answers.
Be on your guard, penguin hordes.
The concept of CSS-based ad blocking has been previously covered here, and here. I've been using it to make my Slashdot ad-free for some time now.
I have a positive modifier on Troll. When I mod someone Troll their karma should go UP!
I can't say directly, but indirectly the people that come to my site *ahem*OnRoad a great place for Automotive Engineering discussion *ahem* from slashdot shows that only 20% of them use IE. Opera is only slightly less (15%), with links/linx getting 5%, Netscape getting 20% and Mozilla getting 30%, Pheonix and Galeon get 10%.
From other sites (like ezboards and Yahoo mailing lists) I get a high percentage of IE and AOL users (50%, 35% respectively) and most of the rest are netscape at 10%.
-----------------
OnRoad: It gets you there and back again.
I have begun broadcasting in the Ogg media format recently.. I am using it to replace the Real Media stream from my radio show. At its smallest setting, the sound quality is pretty good, and Win Amp has a plug in for Ogg, so it made it an easy bet to go Ogg instead of Real. Whose advertising methods with its free player drive me nuts, I have been looking for a replacement for Real for a while, and Ogg is it. Ogg joins Win Media as my two formats for the Show.
badger
I thought of the CSS trick before, since it's a pretty "nice" way of not showing ads.
The hit still gets counted, the ad still gets downloaded, but nobody views it.
Even made a small proxy program in PHP to test it, just going by my hosts file and adding style="display: none;" to the tags of the ads.
That way, it works with any browser.
Bloody ate my CPU, though. RegExp is a hog...
-- Tino Didriksen / ProjectJJ.dk
Not only is it not valid, it's not for mozilla either. the 'trick' only works on Netscape7... as mozilla doesn't use 'user' profiles. (there is only a default system profile, which doesn't read any local .css files, for security reasons)
.mozilla/*.slt/chrome
Wrong, wrong, wrong.
I've been using a UserContent.css file since M17 that displays links italicized with no underlines. Under Unices, the file goes in $HOME/.galeon/mozilla/galeon/chrome. In Mozilla, the file goes into
Maybe under Win9x, user profiles aren't used, in which case the file would just go into the default chrome directory. There may already be a UserContent.css file there; edit that.
Someday, you're going to die. Get over it.
The Internet is more than just the web and email. UDP does have it's uses. Some types of networking will just work better with it. How would you do multicasting with TCP? What about video games? I doubt they'd work as well with TCP. If you think games are useless, you are wrong. FPS are early generation virtual reality systems. I think the Internet will be a better place if the VR dream comes true.
This problem happened because Microsoft is made up of idiots. This port was open because of thier "easy to use" bullshit. There is no need to open a second fixed port you are unable to disable so that other systems can figure out which port the database server is on, and they had a buffer overflow in this code too! There is a reason there are both default ports and places you can specify ports in URLs and such. Why have a discovery service in the first place? Bad judgment.