I thought Brazil was founded by Portugal, but that site looks like Spanish (of course, I have no idea what Portugeuse looks like, so...)
The default seems to be portuguese. there is a link over on the right to switch between spanish and portuguese. go click and you'll see what the differences between the languages are. I think of Portuguese as being the best parts of Spanish, French and Italian. But if you don't know anything about those languages, that doesn't help. Portuguese has more funny looking letters and accent marks than spanish does.
This sounds like something i read in either Disappearing Cryptography or The Data Compression Book (was a while ago, can't remember which one - either way, both decent reads), which i didn't fully understand at the time but kind of related to RAID-5, where you need less disks to rebuild a filesystem generally composed of a greater number of disks.
using phpsessions/cookies, javascript (onload() and onunload()), webbugs (hidden images), apache logs files, a webspider, and my e-mail i try to discover as much as i can about my website visitors and develop nice ways to view it all.
granted, i don't get that many (2-3,000 a month) and a substantial amount are people i know, but it sure is fun to do.
Setting a cookie will let you pinpoint that a given instance of netscape is viewing your site. with lack of cookies you can tell that a given ip is viewing your site, but then proxies will get you in trouble and may get you some nice email (that one deals with those pesky nipr.mil people).
Using ip, timestamps and useragent can get you a more accurate pinpointing, but still not exact.
I like to set an invisible image at the bottom of my website with a special id on it. This image gets changed at onunload which, for those who use javascript and unload the page, will tell me how long they viewed any given page. (some of this info is also presented at the bottom of every page).
If you really wanted to and could afford a fully dynamic site you could have every single link called with a ?sessionid at the end of it (like http://www.example.com/?1234) and have this reset if the referer wasnt from your site (this could cover people copying and pasting that link to someone else) and then parse through your logs afterwards. but that could get annoying.
as far as thelogs go, a friend of mine has apache log directly to mysql which facilitates his parsing. as another poster mentioned, sniffing traffic can help alleviate strain on your webserver - a nice openbsd bridging firewall will do the trick. (checking your firewall logs is handy in other ways - i have some hidden "easter eggs" on my site which appear to be exploits on my box - i check who gets to those pages and then who tries to connect to port XX and see what ip's match up - nice little stats)
One time i wondered what would happen if i matched the ips from my mail headers to the ips from my weblogs. It turns out that around %1 of the unique ips in my mail headers also appeared in the weblogs, which means that with pretty fair certainty i knew who was browsing my site. But this mainly works due to the personal natureof my site.
On the other hand, if you've access to lastlogs, query logs, and weblogs you can really start identifying local users of your website. i work at a local college and can learn a lot about a particular viewer by seeing if the same ip is logged in to a given server, or by looking at the query log and seeing what else they've done dns lookups for. Add in a messaging system and you can freak people out. (i also use this to freak out people who search images.google.com for 'breast' and get to my site (i'm a photographer too)).
one other thing i find useful is to keep track of who searches for robots.txt. this can be an indication that someone is a robot or proxy. It also helps me present special information to search engines, allowing them to know of (and thus index) a new page the next time they get to my site (i put a couple special links if you access robots.txt)
a friend of mine runs a journal/bbs website and was wondering about tracking his users when they create different accounts. We are thinking about implementing something similar to my spam identification to identify similar writing styles and possibly the same people in different accounts.
Once you've gathered up some data you'll want to look at it in a nice way. you could use excel or you could create some really nice webmaps (that site also has links to similar mapping projects).
finally a word of advice, if you put up a page of your refer logs, include that as disallowed in your robots.txt or you will get a lot of strangely referred people.
oh, and keep in mind no one method will be %100 accurate, but a combination of methods can get you close.
and there was an article not too long ago about MIT (i think) doing studies into howpeople view webpages - that is, if mouse is over to side of screen then person is most likely reading page, if mouse in middle of page then probably not, etc).
maybe forcing every viewer into a frameset and then tracking changes in the subframes is a viable option. associate a frame change to a hidden image change with an encoded identifier.
In 1998 Hurricane Mitch pushed rivers 100's of feet up mountains, created brand new rivers, caused landslides which changed the shapes of mountains and covered entired cities, and left parts of the land covered in water over a year later. (if you're in Nicaragua look for the "Las Casitas" memorial - the distant mountain which caused the landslide shows obvious changes in its shape). http://www.osei.noaa.gov/mitch.html http://www.acerca.org/ejd1_results1.html
Volcanic eruptions can be so great as to cause the birth of islands. There was a well-studied one in the Pacific in 2000, i believe. Also in Nicaragua is an interesting series of small islands caused by a nearby volcano loosing its top - large pieces of land were blown miles away and landed in a lake creating these islands. I dont remember the name of the lake or volcano, though i have some photos at/home. http://news.bbc.co.uk/hi/english/sci/tech/newsid_7 62000/762047.stm
Natural Disasters are called "disasters" for a reason. 6000 years seems plenty for the earth to move a small bit of land a couple hundred metres.
do we really want the people who brought us the long lines at the post office, the long lines at the DMV/DOT ect. anywhere nere anything of import?
I was second in line when i went to get my license renewed; i waited in line about 3 minutes.
The last few times i've been to the post office, i've been either 3rd or 4th in line, and have had to wait an average of 5 minutes.
In comparison, there are usually 5-6 people in front of me when i go to the grocery store and the wait is usually about 10 minutes, at least.
At the video store there are 5-6 people in line ahead of me and the wait is 6-8 minutes.
But at the bar i can usually shove my way to the front and get a pint within a minute, or, depending on who's working, they start pouring my pint the second i walk in the door.
In conclusion, the people who run grocery stores should not be anywhere near anything of import, while the people who run bars should be running everything.
everytime spam gets mentioned on slashdot, someone says this, and everytime i respond with the work i've been doing- pattern matching spam
uses word counts and phrase counts from known spam and known good mail to match against incoming mail. requires a certain amount of known spam/not spam, but otherwise it has a good rate of matching spam/not spam and doesn't require the incoming mail to at all known beforehand.
once the nokia Netbsd port is done, we'll be able to protect our phones using ipf (or maybe even a pf port, if the ipf license still isn't to your liking) and should be fine.
Multiple copies of both inodes and data blocks are stored on disk, so that if one or more copies are destroyed then
hopefully others will remain intact.
(emphasis mine)
Hopefully! this is my data, not my lottery ticket! i need a bit more reliability than a "hopefully".
i haven't used StegFS, though, so perhaps this hopefully works out to be more theoretical than it sounds, but i'd still like a guarantee that my data will be there unless i choose to delete it. Yeah i know that's tough given the whole deniability thing, but still, i'd like that guarantee.
Why not just use OpenBSD, which has filesystem encryption by default
It has the code for it, but it isn't enabled by default.
Enabling swap encryption is easiest, you just modify you/etc/sysctl.conf (it's labelled well in that file) and/or use the sysctl command.
i use swap encryption on my 1.2 athlon, but not on my 486's running openbsd.
Enabling filesystem encryption requires a kernel build (you need to add "option TCFS" to your config) and some commands to be compiled and run. i found this article to be helpful.
i just did this to see what it'd be like. the documentation is rather minimal but it is workable. You have the option of using 3DES, RC5 and Blowfish. Check out that link for more info.
argh! i've been americanized! thanks for the correction. a little more google searching turns up this timeline which tell of Alexander the Great in a proto-sub back in 356 BC, and Cornelis Van Drebbel building a wodden boat capable of maneuvering underwater in 1620.
more than that- what about all the cultures around the world with legends/drawings of visitors resembling astronauts, objects resembling flying saucers and landing strips? check out the Nazca lines in Peru, various works of art depicting saucers and more.
nuclear submarines ... submarines as early as the US civil war.
but they weren't exactly nuclear powered!
was Verne's submarine really nuclear powered?
either way, the first submarine was the Turtle, which was built in 1775 and saw action in 1776. Jules Verne wrote 20k... in 1870, quite a while after the first submarine had been built and tested.
why wouldn't it be "60 Kelvin is 10 kelvins more than 50 Kelvin." since 50 Kelvin is a specific point on the temperature range as well?
what's the difference between lower and upper case - kelvin and Kelvin?
Re:Art from Recycled Computer Parts
on
Geek Gift Ideas 2001
·
· Score: 4, Interesting
I've been cutting up circuit boards and making gifts out of them for a while. I just finished a vase for my friend's birthday present.
Handmade presents are the best, and handmade presents with a geek theme are great for geeks.
Why not give your s.o./parents a portrait of yourself made out of your code, like using the Text-Image plug-in for the GIMP, or my own image to text. Get a nice hi-res image of yourself and your best perl script/r00t sploit, combine the two and print it out on some photo quality paper, mat and frame it.
use the case of an old monitor as the pot for a large plant.
make a custom keyboard which only has the letters of your s.o.'s name.
get out the dremel, epoxy, spare parts, creativity and go at it.
does anyone else keep reading this as "Master Chef" ? Maybe it's just the influence of certain Steven Segal movies or South Park, or the lack of caffeine in my breakfast.
It's possible to create reasonably convincing color with only two components: red and cyan.
wait a minute, aren't red green blue primary colours, cyan yellow magenta secondary colours, with cyan falling right between blue and green, thus being made up of green and blue. So using only 2 colours, red and cyan, is like using 3 primary colours, red blue and green, but guaranteeing that blue and green will exist in equal quantities.
but i've always been a it confused about emitted vs. reflected colours, and with light vs. paint, so if anyone can confirm and/or explain more, please do.
ten more minutes of searching and i found the site i was thinking of: Gameboy Camera Parallel Port Interface
website features colour photographs taken using the gameboy camera, though since it didn;t use an ir filter the images appear washed out. Also has a lot of other info about hacking the gameboy camera.
seriously though, i remember seeing a webpage about a guy using his gameboy as a webcam (the aforementioned website, http://www.lunacy8m.com/, does this as well) and he also had colour photos taken with 3 filters. That was at least a few months ago and definitely before October 2001, so it would have been the first. can't seem to find the site anymore, though.
If that was the case then it wouldn't be possible to so fully exploit these networks.
walk around town with laptop in backpack then go somewhere to see what's been found - like an internet cafe, which is also useful for probing the network in question (like probing their network from the outside to find what router to spoof - determine this based off the ips in the tcpdumps from the walk) - here's what i've found
most of the unencrypted networks found will have nice tcpdumps chock full of arp requests, novell and nt broadcast messages. can tell you a lot about the network in question.
if you can find a discrete location close to the building in question then you have your entry point. of course cops dont really know what you're doing anyways (though they give some real wierd stares at 3am) so you might be safe. spoofing the router is generally wasy, gaining external access should be fine, sometimes they're real kind and leave a dhcp server accessible for you. but either all these places have taken the time to setup some real nice honeypost or they're real.
i'm giving a talk about this at rubi-con, plus my webstie has more info, not that i've done anything like this, of course.
Slashdot Mirror
PS2:
28 days
962000 units
34357.1428571429 units / day
X-Box:
24 days
934000 units
38916.6666666667 units / day
Gamecube:
21 days
602000 units
28666.6666666667 units / day
Units per day summary:
38917 - X-Box
34357 - PS2
28667 - Gamecube
of course, the original numbers are
which reminds me that my brother's girlfriend's sister's best friend says she was abducted by UFOs so UFOs must exist.Oh, and of the rounded units/day number, only the PS2's is a prime number so i'm declaring the PS2 to be the Grand Winner.
The default seems to be portuguese. there is a link over on the right to switch between spanish and portuguese. go click and you'll see what the differences between the languages are. I think of Portuguese as being the best parts of Spanish, French and Italian. But if you don't know anything about those languages, that doesn't help. Portuguese has more funny looking letters and accent marks than spanish does.
This sounds like something i read in either Disappearing Cryptography or The Data Compression Book (was a while ago, can't remember which one - either way, both decent reads), which i didn't fully understand at the time but kind of related to RAID-5, where you need less disks to rebuild a filesystem generally composed of a greater number of disks.
interestingly, all for the GameBoy Advance.
granted, i don't get that many (2-3,000 a month) and a substantial amount are people i know, but it sure is fun to do.
Setting a cookie will let you pinpoint that a given instance of netscape is viewing your site. with lack of cookies you can tell that a given ip is viewing your site, but then proxies will get you in trouble and may get you some nice email (that one deals with those pesky nipr.mil people). Using ip, timestamps and useragent can get you a more accurate pinpointing, but still not exact.
I like to set an invisible image at the bottom of my website with a special id on it. This image gets changed at onunload which, for those who use javascript and unload the page, will tell me how long they viewed any given page. (some of this info is also presented at the bottom of every page).
If you really wanted to and could afford a fully dynamic site you could have every single link called with a ?sessionid at the end of it (like http://www.example.com/?1234) and have this reset if the referer wasnt from your site (this could cover people copying and pasting that link to someone else) and then parse through your logs afterwards. but that could get annoying.
as far as thelogs go, a friend of mine has apache log directly to mysql which facilitates his parsing. as another poster mentioned, sniffing traffic can help alleviate strain on your webserver - a nice openbsd bridging firewall will do the trick. (checking your firewall logs is handy in other ways - i have some hidden "easter eggs" on my site which appear to be exploits on my box - i check who gets to those pages and then who tries to connect to port XX and see what ip's match up - nice little stats)
One time i wondered what would happen if i matched the ips from my mail headers to the ips from my weblogs. It turns out that around %1 of the unique ips in my mail headers also appeared in the weblogs, which means that with pretty fair certainty i knew who was browsing my site. But this mainly works due to the personal natureof my site.
On the other hand, if you've access to lastlogs, query logs, and weblogs you can really start identifying local users of your website. i work at a local college and can learn a lot about a particular viewer by seeing if the same ip is logged in to a given server, or by looking at the query log and seeing what else they've done dns lookups for. Add in a messaging system and you can freak people out. (i also use this to freak out people who search images.google.com for 'breast' and get to my site (i'm a photographer too)).
one other thing i find useful is to keep track of who searches for robots.txt. this can be an indication that someone is a robot or proxy. It also helps me present special information to search engines, allowing them to know of (and thus index) a new page the next time they get to my site (i put a couple special links if you access robots.txt)
a friend of mine runs a journal/bbs website and was wondering about tracking his users when they create different accounts. We are thinking about implementing something similar to my spam identification to identify similar writing styles and possibly the same people in different accounts.
Once you've gathered up some data you'll want to look at it in a nice way. you could use excel or you could create some really nice webmaps (that site also has links to similar mapping projects).
finally a word of advice, if you put up a page of your refer logs, include that as disallowed in your robots.txt or you will get a lot of strangely referred people.
oh, and keep in mind no one method will be %100 accurate, but a combination of methods can get you close.
and there was an article not too long ago about MIT (i think) doing studies into howpeople view webpages - that is, if mouse is over to side of screen then person is most likely reading page, if mouse in middle of page then probably not, etc).
maybe forcing every viewer into a frameset and then tracking changes in the subframes is a viable option. associate a frame change to a hidden image change with an encoded identifier.
ok, thats it for now.
In 1960 the most powerful earthquake of the 20th century moved the Chilean coast 60 feet in 5 minutes.h tm
http://www.extremescience.com/GreatestEarthquake.
http://www.usc.edu/dept/tsunamis/chile/
In 1998 Hurricane Mitch pushed rivers 100's of feet up mountains, created brand new rivers, caused landslides which changed the shapes of mountains and covered entired cities, and left parts of the land covered in water over a year later. (if you're in Nicaragua look for the "Las Casitas" memorial - the distant mountain which caused the landslide shows obvious changes in its shape).
http://www.osei.noaa.gov/mitch.html
http://www.acerca.org/ejd1_results1.html
Volcanic eruptions can be so great as to cause the birth of islands. There was a well-studied one in the Pacific in 2000, i believe. Also in Nicaragua is an interesting series of small islands caused by a nearby volcano loosing its top - large pieces of land were blown miles away and landed in a lake creating these islands. I dont remember the name of the lake or volcano, though i have some photos at /home.7 62000/762047.stm
http://news.bbc.co.uk/hi/english/sci/tech/newsid_
Natural Disasters are called "disasters" for a reason. 6000 years seems plenty for the earth to move a small bit of land a couple hundred metres.
I was second in line when i went to get my license renewed; i waited in line about 3 minutes.
The last few times i've been to the post office, i've been either 3rd or 4th in line, and have had to wait an average of 5 minutes.
In comparison, there are usually 5-6 people in front of me when i go to the grocery store and the wait is usually about 10 minutes, at least.
At the video store there are 5-6 people in line ahead of me and the wait is 6-8 minutes.
But at the bar i can usually shove my way to the front and get a pint within a minute, or, depending on who's working, they start pouring my pint the second i walk in the door.
In conclusion, the people who run grocery stores should not be anywhere near anything of import, while the people who run bars should be running everything.
everytime spam gets mentioned on slashdot, someone says this, and everytime i respond with the work i've been doing-
pattern matching spam
uses word counts and phrase counts from known spam and known good mail to match against incoming mail. requires a certain amount of known spam/not spam, but otherwise it has a good rate of matching spam/not spam and doesn't require the incoming mail to at all known beforehand.
once the nokia Netbsd port is done, we'll be able to protect our phones using ipf (or maybe even a pf port, if the ipf license still isn't to your liking) and should be fine.
Hopefully! this is my data, not my lottery ticket! i need a bit more reliability than a "hopefully".
i haven't used StegFS, though, so perhaps this hopefully works out to be more theoretical than it sounds, but i'd still like a guarantee that my data will be there unless i choose to delete it. Yeah i know that's tough given the whole deniability thing, but still, i'd like that guarantee.
use OutGuess and store your data across your porn jpegs! I've been collecting porn over the past 8 years for just this purpose!!!
the judge is *most* likely to believe:
"Your Honour, all those files are of naked men and women getting it on. i have 40+ gigs of it for variety!"
like you said...
Steganography only works when the carrier files have utility beyond that of the hypothetical encrypted information.
It has the code for it, but it isn't enabled by default.
Enabling swap encryption is easiest, you just modify you /etc/sysctl.conf (it's labelled well in that file) and/or use the sysctl command.
i use swap encryption on my 1.2 athlon, but not on my 486's running openbsd.
Enabling filesystem encryption requires a kernel build (you need to add "option TCFS" to your config) and some commands to be compiled and run. i found this article to be helpful.
i just did this to see what it'd be like. the documentation is rather minimal but it is workable. You have the option of using 3DES, RC5 and Blowfish. Check out that link for more info.
argh! i've been americanized!
thanks for the correction. a little more google searching turns up this timeline which tell of Alexander the Great in a proto-sub back in 356 BC, and Cornelis Van Drebbel building a wodden boat capable of maneuvering underwater in 1620.
more than that- what about all the cultures around the world with legends/drawings of visitors resembling astronauts, objects resembling flying saucers and landing strips? check out the Nazca lines in Peru, various works of art depicting saucers and more.
nuclear submarines
...
submarines as early as the US civil war.
but they weren't exactly nuclear powered!
was Verne's submarine really nuclear powered?
either way, the first submarine was the Turtle, which was built in 1775 and saw action in 1776. Jules Verne wrote 20k... in 1870, quite a while after the first submarine had been built and tested.
Spam spam spam!
term comes from Monty Python's Flying Circus skit.
the jargon file has other notes of etymological interest.
why wouldn't it be "60 Kelvin is 10 kelvins more than 50 Kelvin." since 50 Kelvin is a specific point on the temperature range as well?
what's the difference between lower and upper case - kelvin and Kelvin?
Handmade presents are the best, and handmade presents with a geek theme are great for geeks.
Why not give your s.o./parents a portrait of yourself made out of your code, like using the Text-Image plug-in for the GIMP, or my own image to text. Get a nice hi-res image of yourself and your best perl script/r00t sploit, combine the two and print it out on some photo quality paper, mat and frame it.
use the case of an old monitor as the pot for a large plant.
make a custom keyboard which only has the letters of your s.o.'s name.
get out the dremel, epoxy, spare parts, creativity and go at it.
Cave Drawings - Pong
Simplistic linear representation of real objects.
Medieval - Frogger, 80's games
flat drawings, non-proportional
Rennaisance - Street Fighter and the like
proportional (for god-like proportions), realistic drawings, 3-dimensional, but not baroque
Baroque - Doom & other fps
all the qualities of Rennaisance but also immersive. as baroque sought to surround the viewer in the work, so does the fps.
What would an impressionist game look like? how about a cubist? dada computer game? abstract?
does anyone else keep reading this as "Master Chef" ? Maybe it's just the influence of certain Steven Segal movies or South Park, or the lack of caffeine in my breakfast.
wait a minute, aren't red green blue primary colours, cyan yellow magenta secondary colours, with cyan falling right between blue and green, thus being made up of green and blue. So using only 2 colours, red and cyan, is like using 3 primary colours, red blue and green, but guaranteeing that blue and green will exist in equal quantities.
but i've always been a it confused about emitted vs. reflected colours, and with light vs. paint, so if anyone can confirm and/or explain more, please do.
ten more minutes of searching and i found the site i was thinking of:
Gameboy Camera Parallel Port Interface
website features colour photographs taken using the gameboy camera, though since it didn;t use an ir filter the images appear washed out. Also has a lot of other info about hacking the gameboy camera.
seriously though, i remember seeing a webpage about a guy using his gameboy as a webcam (the aforementioned website, http://www.lunacy8m.com/, does this as well) and he also had colour photos taken with 3 filters. That was at least a few months ago and definitely before October 2001, so it would have been the first. can't seem to find the site anymore, though.
walk around town with laptop in backpack then go somewhere to see what's been found - like an internet cafe, which is also useful for probing the network in question (like probing their network from the outside to find what router to spoof - determine this based off the ips in the tcpdumps from the walk) - here's what i've found
most of the unencrypted networks found will have nice tcpdumps chock full of arp requests, novell and nt broadcast messages. can tell you a lot about the network in question.
if you can find a discrete location close to the building in question then you have your entry point. of course cops dont really know what you're doing anyways (though they give some real wierd stares at 3am) so you might be safe. spoofing the router is generally wasy, gaining external access should be fine, sometimes they're real kind and leave a dhcp server accessible for you. but either all these places have taken the time to setup some real nice honeypost or they're real.
i'm giving a talk about this at rubi-con, plus my webstie has more info, not that i've done anything like this, of course.