I started programming assembly on the z80 circa 1984.
I dabbled with other processors at school, but mostly I was z80/x86. The fact that Zilog designers were ex-Intel was lost on me at the time, but I remember being pleased that the x86 processor wasn't too dissimilar to the z80 I'd started with.
I remember waiting minutes for X to start on my mediocre 586 machine (a cyrix clone, not a pentium).
Worse still was waiting 10 minutes for Netscape Navigator to launch - and the fear when you say "Loading Java.." in the status bar which meant your surfing was paused enough for you to go make a new cup of tea.
Even now I still find myself typing "netscape -no-java &" in rare moments, even though I'm running Iceweasel/Debian.
My first distro was RedHat 4.2 I think. I remember an upgrade to 5.0 which hosed the machine at least.
(Mind I remember doing some crazy things like "rm/etc/passwd" - and then reinstalling because I didn't know how to recover from such mistakes!)
(I will read your journal entries shortly, although I do have an interest in the topic I'm not too biased!)
I'm defining "American machines" soley on the basis of where they are hosted, and by whom.
Obviously I cannot be 100% sure, but when I see a machine with an IP in the range allocated to comcast I can be pretty certain that it is an American host. I'm not naive enough to think that.com == American, not lease because I'm in the UK and use several.coms myself!
On the whole the machines are probably zombies, and their owners aren't profiting as you say - indeed their owners are probably blissfully ignorant of the fact their machine is sending out spam.
American companies recommended in spam mails though? I think its fair to say they're profiting. (Or they would be if their spam was read, received, and followed by the recipients.)
As you say the spam might have been injected into a zombie host from Russian, France, Canada, or almost anywhere - but at the end of the day the mail hitting the MX machines for my users can, and does, come from American injection points. That means, as far as I'm concerned, the spam is of American source. (Certainly I cannot track it further back than that.)
Much of the spam I see today is both sent from American machines and advertising American companies.
Some of this spam is sent from shady hosters, and the rest from zombie machines (or at least I assume zombie machines I see lots of spam sent from home ISPs such as ".cpe.net.cable.rogers.com").
But it is unfair to pick on the USA, as local spam from home broadband in the UK is just as prolific. (e.g. *..craw.blueyonder.co.uk)
I think a lot of people have the mental split because of the way sites evolve - initially you might have a single server, and only later add redundancy.
Similarly people might spec out a backup machine and hope it is never used, so the processor/memory would be lower.
(That is less good, obviously, because if the primary fails then the backup might not have the oomph to cope with the traffic.)
Me? I handle spam filtering, and I get redundancy via round-robin MX records and haproxy.
I expect to have all MX machines up at all times, but if one or two drop offline it isn't a big deal and they're all treated equally.
You misunderstand me - I didn't mean to say I've created and released botnets into the wild.
I meant that with private networks I've created self-replicating code which actively scanned and infected new hosts and had a sophisticated control mechanism which allowed control, updates, and activities.
Still I've either convinced you that writing a bot, and by extension creating a botnet, is not exceptionally difficult - or I haven't.
Yes I've studied them, partly because i used to code exploits in the past, and partly out of curiosity.
I did say initially there are parts to them that require knowledge. The authentication steps to ensure the owner keeps control, and the rootkit components to hide them once installed would probably be the most challenging aspects of the net.
But none of the pieces are individually hard to code (I've written several of them myself) and while a junior/entry-level programmer might struggle I'm not convinced they are particularly difficult to construct from start to finish.
If anything I'm impressed that we see so few botnets!
A botnet starts off with one machine, scanning the world for more vulnerable hosts and exploiting them in turn. Sure you'd do better if you were to have a few hundred to start with - but building a botnet, assuming you can create an exploit is almost trivial.
I wasn't suggesting that computer programming is unskilled, merely that there are no real special skills required to exploit a security hole - which is what you were trying to imply.
(i.e. Botnet writers are not so amazingly skilled that they would be snapped up in a hurry, which was the point you were trying to make.)
As for unemployment, you could be right I'll not try to argue that either way really. My main point was that somebody capable of creating and controlling a botnet is not so very highly skilled that they're certain of a high paying job, which was your assertion.
That's not necessarily true - I mean the skills required to exploit a known security hole aren't terribly difficult.
If you're familiar with a small amount of low-level coding you can easily follow cookbook-style tutorials to getting shellcode executed. At that point you're done.
Sure you need to do some disguising, and you need to understand a bit of crypto to setup a key-verification for downloading updates.
But I'd expect there are literally millions of coders still kicking around from the 80s/90s who did assembly programming under MS-DOS who would be able to write that kind of code - and because it isn't really really skilled work the chances are high that a significant proportion of those developers are unemployed.
I've been running Debian's Lenny release upon my Eee PC for the past few months. Everything works, from the power buttons, sound, video, camera, wireless.
The only instructions I used were those on the wiki you link to.
Still this question is going to receive the obvious replies - everybody will suggest the distribution they know and like the best (the two are often the same).
I'd say "try a few, choose your favourite", but I suspect the better thing to do would just be to pick what you're using elsewhere, or whatever local people are using. Then if you have problems you'll have people to ask.
They should just re-route outgoing connections on port 80 to:
you're.a.spammer.verizon.net
Or similar. That way the customer knows what to do.
Of course that level of control would be easy for the ISP to avoid, but theres a tradeoff - do you block all outgoing:25 access, or only that belonging to known-bad/known-compromised users?
Me I'd block the spammers. But I guess it'd be easier to block all users.
That solution is quite interesting, because its the sort of thing that a lot of people were expecting to happen - virtual images being used as black-box applications.
I love the idea of being able to download a webserver in a box, or a caching HTTP proxy server. There are many other applications which would be nice to see provided like this. Of course in my case I would be hosting them on Linux, but I guess whatever host machine you use is irrelevant so long as you understand it and can support it.
Of course I'm a little biased when it comes to spam filtering, but I hope the idea of custom VM images catchs on more generally.
There are downsides such as the overhead of emulating a whole machine for a single service, but I'm sure the benefits outweigh them if you have spare host capacity (*2 for redundancy)
I'm curious though, did you configure the guest yourself, or find it as a pre-rolled virtual machine image?
Agreed. I find anti-Microsoft posts annoying, childish and a mere distraction. (But people who write "Micro$oft" are worse).
In my day to day life Windows, and Microsoft are simply irrelevant. I've got Linux on my machines here, Linux on my desktop at work, and Linux on the servers I manage.
Sure they hold a lot of sway, and they're certainly not an irrelevant company for most businesses and typical users - but me? If Microsoft and Linux remain in the same proportions for the next 20 years I'll not regard that as a failure.
So long as there are sufficient number of people writing, developing, and promoting free software so that we can keep using it in the future with advances in hardware then all is good.
I'd love to see a 50/50 split, but even if it is 80/20 I'm happy. These days Linux is on the radar of most people, and hardware support isn't a challenge.
Back in the late 90s I had a hellish time getting drivers for my Zip disk, my modem, or my webcam. These days? Its all good.
Slashdot Mirror
I used it a few times but mostly wrote my code using the A86 assembler - using a text editor which I think was called "ted".
Happy days - writing simple undelete programs which just tweaked the name of the file in the FAT.
I started programming assembly on the z80 circa 1984.
I dabbled with other processors at school, but mostly I was z80/x86. The fact that Zilog designers were ex-Intel was lost on me at the time, but I remember being pleased that the x86 processor wasn't too dissimilar to the z80 I'd started with.
I remember waiting minutes for X to start on my mediocre 586 machine (a cyrix clone, not a pentium).
Worse still was waiting 10 minutes for Netscape Navigator to launch - and the fear when you say "Loading Java.." in the status bar which meant your surfing was paused enough for you to go make a new cup of tea.
Even now I still find myself typing "netscape -no-java &" in rare moments, even though I'm running Iceweasel/Debian.
My first distro was RedHat 4.2 I think. I remember an upgrade to 5.0 which hosed the machine at least.
(Mind I remember doing some crazy things like "rm /etc/passwd" - and then reinstalling because I didn't know how to recover from such mistakes!)
(I will read your journal entries shortly, although I do have an interest in the topic I'm not too biased!)
I'm defining "American machines" soley on the basis of where they are hosted, and by whom.
Obviously I cannot be 100% sure, but when I see a machine with an IP in the range allocated to comcast I can be pretty certain that it is an American host. I'm not naive enough to think that .com == American, not lease because I'm in the UK and use several .coms myself!
On the whole the machines are probably zombies, and their owners aren't profiting as you say - indeed their owners are probably blissfully ignorant of the fact their machine is sending out spam.
American companies recommended in spam mails though? I think its fair to say they're profiting. (Or they would be if their spam was read, received, and followed by the recipients.)
As you say the spam might have been injected into a zombie host from Russian, France, Canada, or almost anywhere - but at the end of the day the mail hitting the MX machines for my users can, and does, come from American injection points. That means, as far as I'm concerned, the spam is of American source. (Certainly I cannot track it further back than that.)
(I fight spam commercially.)
Much of the spam I see today is both sent from American machines and advertising American companies.
Some of this spam is sent from shady hosters, and the rest from zombie machines (or at least I assume zombie machines I see lots of spam sent from home ISPs such as ".cpe.net.cable.rogers.com").
But it is unfair to pick on the USA, as local spam from home broadband in the UK is just as prolific. (e.g. *..craw.blueyonder.co.uk)
I think a lot of people have the mental split because of the way sites evolve - initially you might have a single server, and only later add redundancy.
Similarly people might spec out a backup machine and hope it is never used, so the processor/memory would be lower.
(That is less good, obviously, because if the primary fails then the backup might not have the oomph to cope with the traffic.)
Me? I handle spam filtering, and I get redundancy via round-robin MX records and haproxy.
I expect to have all MX machines up at all times, but if one or two drop offline it isn't a big deal and they're all treated equally.
I no what you mean.
Jurassic Bark?
Personally I thought the recent releases were OK, but not quite the same as the previous episodes.
But a lot of that has to do with the length, and the way I expected the series to both change and stay the same..
You misunderstand me - I didn't mean to say I've created and released botnets into the wild.
I meant that with private networks I've created self-replicating code which actively scanned and infected new hosts and had a sophisticated control mechanism which allowed control, updates, and activities.
Still I've either convinced you that writing a bot, and by extension creating a botnet, is not exceptionally difficult - or I haven't.
Yes I've studied them, partly because i used to code exploits in the past, and partly out of curiosity.
I did say initially there are parts to them that require knowledge. The authentication steps to ensure the owner keeps control, and the rootkit components to hide them once installed would probably be the most challenging aspects of the net.
But none of the pieces are individually hard to code (I've written several of them myself) and while a junior/entry-level programmer might struggle I'm not convinced they are particularly difficult to construct from start to finish.
If anything I'm impressed that we see so few botnets!
A botnet starts off with one machine, scanning the world for more vulnerable hosts and exploiting them in turn. Sure you'd do better if you were to have a few hundred to start with - but building a botnet, assuming you can create an exploit is almost trivial.
I wasn't suggesting that computer programming is unskilled, merely that there are no real special skills required to exploit a security hole - which is what you were trying to imply.
(i.e. Botnet writers are not so amazingly skilled that they would be snapped up in a hurry, which was the point you were trying to make.)
As for unemployment, you could be right I'll not try to argue that either way really. My main point was that somebody capable of creating and controlling a botnet is not so very highly skilled that they're certain of a high paying job, which was your assertion.
That's not necessarily true - I mean the skills required to exploit a known security hole aren't terribly difficult.
If you're familiar with a small amount of low-level coding you can easily follow cookbook-style tutorials to getting shellcode executed. At that point you're done.
Sure you need to do some disguising, and you need to understand a bit of crypto to setup a key-verification for downloading updates.
But I'd expect there are literally millions of coders still kicking around from the 80s/90s who did assembly programming under MS-DOS who would be able to write that kind of code - and because it isn't really really skilled work the chances are high that a significant proportion of those developers are unemployed.
Seconded.
I've been running Debian's Lenny release upon my Eee PC for the past few months. Everything works, from the power buttons, sound, video, camera, wireless.
The only instructions I used were those on the wiki you link to.
Still this question is going to receive the obvious replies - everybody will suggest the distribution they know and like the best (the two are often the same).
I'd say "try a few, choose your favourite", but I suspect the better thing to do would just be to pick what you're using elsewhere, or whatever local people are using. Then if you have problems you'll have people to ask.
They should just re-route outgoing connections on port 80 to :
Or similar. That way the customer knows what to do.
Of course that level of control would be easy for the ISP to avoid, but theres a tradeoff - do you block all outgoing :25 access, or only that belonging to known-bad/known-compromised users?
Me I'd block the spammers. But I guess it'd be easier to block all users.
Indeed.
But if you're the ISP you can just say "Hey customers outgoing port 25 is blocked - use authentication and port 587 to send mail".
In general I'm against ISP blocking services, but in the case of spam prevention its a good choice to make.
(The ideal would be to allow outgoing, but cut people off if they spam. That would punish only the guilty, but I guess they're not so keen on that).
Funnily enough I come in the top five results if you just search Google UK for my first name.
My full name I come top.
I think I'm feeling pretty smug right about now!
That solution is quite interesting, because its the sort of thing that a lot of people were expecting to happen - virtual images being used as black-box applications.
I love the idea of being able to download a webserver in a box, or a caching HTTP proxy server. There are many other applications which would be nice to see provided like this. Of course in my case I would be hosting them on Linux, but I guess whatever host machine you use is irrelevant so long as you understand it and can support it.
Of course I'm a little biased when it comes to spam filtering, but I hope the idea of custom VM images catchs on more generally.
There are downsides such as the overhead of emulating a whole machine for a single service, but I'm sure the benefits outweigh them if you have spare host capacity (*2 for redundancy)
I'm curious though, did you configure the guest yourself, or find it as a pre-rolled virtual machine image?
Me, but that's probably why I'm mostly a sysadmin only part-time programmer.
Without the presence of a good infrastructure you can't have nowhere for the flashy stuff to be developed/hosted/placed.
So you buy 2 x 2,000 mile long extension cables? Then join them together?
You are a genius, sir!
Well played, Estelle!
The downside is that the barracudas often contribute to back-scatter, and are not as thorough as some other solutions.
Still as a "service in a box" they're not bad for the money.
Indeed there are many companies like mine selling spam filtering which works via SMTP-proxies.
It is a neat architecture that allows you to off-load spam/virus/junk filtering from your mail server and scale horizontally.
Qmail has had security issues - but DJB just ignores them.
(In practise they're unlikely to bite, but Georgi Guninski has reported multiple real security issues with Qmail which DJB happily ignores.)
I had the same at my flat, with two other machines all wired up on a mini network with 10baseT networking.
Only downside was that of the three machines only one had a working soundcard!
Agreed. I find anti-Microsoft posts annoying, childish and a mere distraction. (But people who write "Micro$oft" are worse).
In my day to day life Windows, and Microsoft are simply irrelevant. I've got Linux on my machines here, Linux on my desktop at work, and Linux on the servers I manage.
Sure they hold a lot of sway, and they're certainly not an irrelevant company for most businesses and typical users - but me? If Microsoft and Linux remain in the same proportions for the next 20 years I'll not regard that as a failure.
So long as there are sufficient number of people writing, developing, and promoting free software so that we can keep using it in the future with advances in hardware then all is good.
I'd love to see a 50/50 split, but even if it is 80/20 I'm happy. These days Linux is on the radar of most people, and hardware support isn't a challenge.
Back in the late 90s I had a hellish time getting drivers for my Zip disk, my modem, or my webcam. These days? Its all good.