Esta writes about her last day in the office before starting her course of study at Union Theological Seminary. I want to offer my heartfelt congratulations to her for finding the courage to make a really, really big move, and doing it it with clear vision and optimism in spite of the uncertainty. Esta, you may be my little sister, but it’s a big step—probably bigger than mine—and I wish you all the best luck in the world, and God’s guidance.
Month: August 2003
New advisories at TechNet: SoBig, Welchia
The official advisories for SoBig and Welchia/Nachi have been posted on TechNet.
Missed the meetup
Jake has another good writeup for this month’s Seattle Blog Meetup. I had hoped to go, but other events (surprisingly, not work—yesterday was the last day of my in-laws’ visit with us) precluded my attendance.
More SoBig fallout: blacklists
In my mail this morning, along with the few SoBig messages that made it past my ISP’s mail virus filter and my junk mail filters (see this entry at MacOSXHints for a rule to filter the rest as junk manually), was a notice from Yahoo! Groups that my account had been paused because I had exceeded the maximum number of bounces to my email account. I clicked the provided link to reactivate my account, then looked at the bounce history. Interestingly, only one bounce happened during SoBig; the rest were ancient history. But the email that bounced yesterday was hard bounced by my ISP because the IP address that sent it had been blacklisted. Not by my ISP, by SpamCop.
Now think about the implications of that. Because of an email worm with its own mail engine, not just ISPs and spammers but innocent users could end up on blacklists run by third parties—with no warning. Maybe Dave and others are right about this being the end of email.
On finishing Dhalgren
Samuel R. Delany’s Dhalgren has been my “current reading” since the beginning of the summer; I was beginning to think it had taken up permanent residence in the lower left corner of my blog. I finally finished it in the airplane on the way to Pennsylvania last weekend. The book is, as Jonathan Lethem writes in a cover blurb, a labyrinth that swallows readers alive; it is also a profane bit of countercultural magic. Delany’s Kid explores his own broken mind, his sexuality, and the landscape around him even as he discovers the magic of the written word. The sudden shift to multiple simultaneous viewpoints in the last 150 pages of the novel kicks everything into overdrive.
At the same time, I think I know why I never read the book before—for one thing, it’s a sure bet to have been removed from my hometown library shelves at some point or another. But I also think even if I had found a copy I would have had a hard time getting through it. It’s one of the few “science fiction” books I know that is an easier read if you’ve finished Joyce’s Ulysses first.
SoBiggest
Lawrence points to a News.com story that sez Sobig is aptly named: the fastest spreading virus ever. Guesses as to what made it spread so quickly: a combination of good social engineering (randomly selected forged return addresses) and good spam-filter-busting capabilities (the rotating subject lines, the changing return addresses, the changing attachment name). No surprise: the BBC says that Sobig seems to have been written by a spammer who needed a way to get his messages past spam filters.
Frustrating point about this worm: it really has nothing to do with Outlook. It doesn’t exploit any Outlook vulnerabilities—except maybe the fact that it’s easy to click and execute an attachment in Outlook, and to read Outlook address books. The worm carries its own mail sending engine around with it. And because the worm is so self reliant, it isn’t easy to avoid it—there’s no “magic bullet” patch that will keep it from spreading. Except behavioral changes on the part of users, and maybe switching OSes.
Academic inquiry into blogs
I finally circled back to see what Clancy Ratliff was up to with her research on blogs and Creative Commons licenses. Turns out she will present the paper at the Association of Internet Researchers conference in Toronto in October. The rest of the program for the conference looks interesting, with several panels on blogging, a bunch of papers around the ethics of collecting data on line, and others.
More SoBig updates
Something I didn’t mention in my initial posts about SoBig: the worm can send mail by itself, since it contains its own SMTP server, and will forge return addresses based on entries in your Outlook address book or your Internet cache. So if you see email from me, no, I’m not infected with the virus, but someone else who knows me or has read my web page is.
Technical details of SoBig at the Berkman Geekroom. Reaction from Kevin Werbach: “either email is broken, Microsoft’s email software is broken, or those two statements are the same.” Rob McNair-Huff at MacNetJournal has been hit hard, as has Mark Frauenfelder at Boing-Boing.
…And another one: Squirm
On top of Blaster, SoBig, and Welchia, there is yet another email Trojan Horse loose: w32.squirm@mm. This is the best yet: it poses as an email from support@microsoft.com asking you to install a file that it attaches.
Word to the wise: Microsoft Support does not email files asking you to install them! Ever! Tell your friends!!!!
Sobig keeps getting bigger; Son of Blaster
I got something like 60 messages on my home email account between 10 pm last night and 7 am this morning, all carrying the Sobig virus. Dave Winer had about 650 infected messages. Who is opening these damned attachments??? The BBC has more information on Sobig.
Meanwhile, the worm designed to patch the Blaster vulnerability, known variously as Welchia and Nachi, is spreading in the wild and Slashdot reports it’s slowing emergency response networks in Canada.
Could we all just knock it off for a few minutes, please?
Another worm
Just got four separate email messages in the last hour that all look like the Sobig worm. Check the Symantec site for info on Sobig, which unlike Blaster only relies on people being willing to open email from strangers.
Double your pleasure
MacOSXHints points to a new firmware hack that claims to enable some hidden features of the Apple standard SuperDrive that ships in PowerBooks, including my 15″ 1 GHz model. Promised benefits: CD burning at 16x, DVD-R at 2x, and DVD-RW capability. It’s not really a “hack,” more a way to apply the OEM’s firmware upgrade to allow the drive to operate at its promised capacities.
I’m not sure I’m going to try it out. I kind of like my machine the way it is now and don’t have a burning need to double my media burning bandwidth. But I downloaded the upgrade (and the downgrade, just in case) anyway.
You wouldn’t guess…
…from looking at his blog today, but Craig just turned 30. Go wish him many happy returns.
Mothman: hosed down in Rutland
Jim Heaney, AKA Mothman, updated yesterday from Rutland, Vermont, where Chris Doyle has been apparently hosing him down. He notes that the Appalachian Trail was probably one of the few places in the Northeast that was completely unaffected by the power outage this past weekend. He also notes, “Strange to think ‘nearly over’ and ‘500 miles to go’ at the same time, isn’t it?”
Rough and Tumble Thresherman’s Reunion 2003
Esta has already written about our experience at Rough and Tumble 2003. I can only add a few impressions, and of course the linked photographs. For the most part the photos didn’t come out very well. Some of it was just the mud and the rain (though Esta is right—it was cleaner than I remembered it).
Probably the most disappointing aspect of the day was that between the mud, the rain, and the fact that it was the afternoon of the last day of the show, we didn’t see the crowds and carnival-like atmosphere that we saw in years past. But it was definitely steampunk.