In the future, everyone will be featured on a magazine cover. And they complain about GMail. Geez.

When the 40,000 subscribers to Reason, the monthly libertarian magazine, receive a copy of the June issue, they will see on the cover a satellite photo of a neighborhood - their own neighborhood. And their house will be graphically circled.

On one level, the project, sort of the ultimate in customized publishing, is unsurprising: of course a magazine knows where its subscribers live. But it is still a remarkable demonstration of the growing number of ways databases can be harnessed. Apart from the cover image, several advertisements are customized to reflect the recipient's particulars.

Putting 40,000 Readers, One by One, on a Cover

T he Secret Source of Google's Power...

Much is being written about Gmail, Google's new free webmail system. There's something deeper to learn about Google from this product than the initial reaction to the product features, however. Ignore for a moment the observations about Google leapfrogging their competitors with more user value and a new feature or two. Or Google diversifying away from search into other applications; they've been doing that for a while. Or the privacy red herring.

No, the story is about seemingly incremental features that are actually massively expensive for others to match, and the platform that Google is building which makes it cheaper and easier for them to develop and run web-scale applications than anyone else.

The secret source of Google's power

And a related, important article that was linked on the above page: a fascinating description (from academia, no less) of Google's server- and file-system organization.

The Google File System

Now that Google's going into the email business, everyone's wondering: what will the interface will look like? How will it be different and improved from conventional mail? Will ads or related links get in the way?

Kevin Fox is a Google employee responsible (I think) for GMail's user interface. Here are some screen shots:

Fury

Turns out he wasn't really the widow of General Sani Abacha...

A Nigerian conman who tricked people into handing over money and personal data in expectation of receiving a huge windfall has been sentenced to 20 months in prison by a Welsh court.

Peter Okoeguale, 33, who was arrested in Wales while is the process of committing one such '419' scam, also faces deportation from the UK at the end of his sentence...

Nigerian '419' scammer sent to prison - silicon.com

Justice League of America unveils anti-terror reorganization
Superman: "We recognize a compelling need to change."

METROPOLIS (UPSI) -- Saying the terrorist attacks of September 11 "marked a turning point for the Justice League," acting director Superman unveiled a dramatic reorganization marking a change in the JLA's priorities from crime-fighting to preventing terrorism. The association of crime-fighting super-heroes, consisting of Batman, Superman, Wonderwoman, Green Lantern, Flash, Hawkman, Hawkgirl and Aquaman had been criticized sharply in recent months for failing to protect the American public from terrorist attacks.

After September 11, said Superman, "It had become clear that we had to fundamentally alter the way we do business." The super-hero outlined a series of steps designed to change the Justice League from its former crime-fighting stance to one aligned against terrorist groups. The head of the JLA also acknowledged that its earlier anti-terror efforts were flawed, bowing to strong criticism by the press.

"It's no secret that (former JLA counter-terror head) Aquaman had undergone counseling for a substance-abuse problem," Superman stated, "he did not meet our expectations for counter-terror leadership. And let's be clear about all of our activities prior to 9/11: Lex Luthor and the Joker are not the threats they once were... they live in retirement homes." Superman, who took over as acting head of the JLA only a week before the attacks, unveiled a list of Justice League priorities, the first of which read, "Protect the United States from terrorist attacks."

"When I replaced the Flash as acting head of the JLA," the man of steel stated, "the terrorist threat was not in our normal scope of operations. In fact, on 9/11, I myself was flying from New York to an undisclosed location for a class reunion.

[Story continued on page A12]

One of the soft drink companies -- that shall remain nameless -- is imprinting ten character alphanumeric codes on each bottle top. By entering the codes into a web site, you can collect points which are redeemable for prizes.

As an academic exercise, one could investigate how these codes might have been generated. Consider that you might use the alphabet (A through Z) and certain numerals (say: 3, 4, 6, 7, 8 and 9). Those numerals might have been chosen to prevent ambiguity during data entry (e.g., the number "1" might look too much like the letter "I"). Anyhow, that range of alphanumerics allows 32 discrete values or five-bit patterns (2 to the fifth power).

Imagine further that, embedded within each code there might reside a random, time-based key. Using the time-based key, one could decrypt the remaining five-bit "bytelets". It might even be possible that a check value would also be embedded within each code to ensure its integrity. For example, a checksum, a CRC or a truncated hash (such as an MD5 value) could be generated and encrypted as part of the code string.

If one could imagine how this was all accomplished then one could theoretically co-opt this "virtual currency". However: given the fact that publishing an algorithm of this sort might technically run afoul of any number of new-fangled laws like the DMCA... even if one were able to deduce the algorithm used for code string generation, it would be highly risky to employ it for evil purposes. So there... you're warned. :-)

BTW

Simon Singh's The Code Book is not just one of the best books on cryptology and "code-breaking" ever written... it might be one of the best historical, non-fiction books of any type ever written. It's startlingly good. Highest recommendation.

Week-long Hiatus

This blog, which has been regularly updated since November, will probably be going on a week-long hiatus starting tomorrow. Mr. T has promised to Tivo the Sopranos for me. My prediction: a Mr. Johnny Sac is going to be sleeping with the fishes quite soon....

PHP 5 and SimpleXML

Talk about simplicity. I was just reading over Andi Gutman's summary of new features in PHP 5. The Simple XML and SOAP examples struck me as indicative of PHP. Pure, unadulterated simplicity. No language on the planet (that I'm aware of, anyhow) reduces logic so dramatically.

From Andi's new book: Probably when looking back in a year or two it will be clear that SimpleXML has revolutionized the way PHP developers work with XML files. SimpleXML could really be called "XML for Dummies". Instead of having to deal with DOM or even worse SAX, SimpleXML represents your XML file as a native PHP object. You can read, write or iterate over your XML file with ease accessing elements and attributes.

Consider the following XML file:

<clients>
<client>
    <name>John Doe</name>
    <account_number>87234838</account_number>
</client>
<client>
    <name>Janet Smith/font></name>
    <account_number>72384329</account_number>
</client>
</clients>

The following piece of code prints each client’s name and account number:

$clients = simplexml_load_file('clients.xml');
foreach ($clients->client as $client) {
    print "$client->name has account number $client->account_number";
}

SOAP: ...the following calls SomeFunction() defined in a WSDL file:

$client = new SoapClient("some.wsdl");
$client->SomeFunction($a, $b, $c);

What's New in PHP 5

Whither the Television Commercial?

From MIT's Technology Review Blog: a brief missive on the 'death of the TV commercial'.

Mailblaster is an online newsletter targeting those who do business with or have an active interest in what’s happening on Madison Avenue. More and more, the newsletter is focusing on alternatives to the 30- or 60-second commercial. They are predicting an evolution from zapping (that is, changing the channel to avoid commercials) to skipping (that is, using your digital video recorder to skim past commercials) to “opt-out“ (that is, being willing to pay extra to watch the show without commercials)...

...One recent article identifies a broad range of alternatives to traditional advertising that are being tested in what many see as an experimental period for the future of branding and marketing. Most of these involve some further blurring of the line between commercials and content, including product placements, programs based on ad campaigns, short interstitial movies, pop up ads on the bottom of your television screen, even the prospect of a whole channel devoted to content generated by a particular sponsor (if this seems unlikely, see if your local cable company is getting the Hallmark Channel, which mostly programs the four or five decades of content generated by the Hallmark Hall of Fame)...

That was so 30 seconds ago

GoogleFight

I would like to suggest the following GoogleFight matchups (hint: use double quotes around each phrase to get a more accurate 'punch count'):

Chevrolet Vega vs. Ford Pinto
Robert Parrish vs. Kevin McHale
Deviled Eggs vs. Potato Salad

GoogleFight

A bit more on Richard Clarke

Holy Toledo! The Imus program had Laura Ingram or someone on (don't recall who offhand) who was livid over the fact that CBS didn't disclose their financial interest in Clarke's book! The chain she described was: CBS owns Viacom, which owns Simon & Schuster, which published Clarke (again, apologies if I'm mistaken - that's from memory). In any event, an egregious conflict-of-interest, especially if it wasn't disclosed on the program. Uhm, yeah, CBS, we can certainly take your reporting seriously now! CBS' bias was a joke before this. They're simply a historical footnote after this.

CBS News' "60 Minutes" has raised eyebrows in journalism circles for failing to disclose its corporate connection to an upcoming book by former White House terrorism official Richard Clarke that was the subject of a segment of Sunday's edition of the newsmagazine... Clarke's "Against All Enemies" is published by a unit of Viacom-owned Simon & Schuster..."

'60 Minutes' Book Segment Creates Stir

Feech, you Magnificent Bastard, I read your Book!

I have a new signature that I'll be using on all of my public postings from this point forward. Or at least until I come up with a better one.

Proud Graduate of the Feech LaMana School of Anger Management

Outstanding episode of the Sopranos this Sunday (the only television show I watch, other than the occasional NCAA basketball contest)... unfortunately, events are conspiring to take me out of pocket for the fourth episode. Apparently, one of the "main characters" is destined to get whacked. I've heard that either Silvio (unlikely, IMO) or Johnny Sac (much more likely) are on the chopping block.

NJ.com: 'Sopranos' Forum

Out of pocket... definitely out of pocket



Day Port - Arrival and Departure Times
0 Ft. Lauderdale, Florida - 5:00 pm
1 Half Moon Cay, Bahamas - 8:00 am 4:00 pm
2 At Sea
3 St. Thomas, U.S. V.I. - 8:00 am midnight
4 Road Town, Tortola - 7:00 am 6:00 pm
5 At Sea
6 Nassau, Bahamas - noon 7:00 pm
7 Ft. Lauderdale, Florida - 8:00 am

I find it quite an amazing coincidence that Richard Clarke's accusations (that the Bush Administration was hesitant to act against Al Qaeda) were delayed until his book was published. Seems as though the former counter-terror head wasn't concerned enough to raise a stink until he could make some money off of the deal. But leave it to CBS to position Clarke's book tour as "news".

Condoleezza Rice: "This retrospective rewriting of the history of the first several months of the administration is not helpful... to somehow suggest that the attack on 9/11 could have been prevented by a series of meetings -- I have to tell you that during the period of time we were at battle stations..."

...Rice pointed out that Clarke was in charge of counterterrorism efforts in 1998 when U.S. embassies in African were bombed and in 2000 when the USS Cole was bombed, as well as during "a period of the '90s when al Qaeda was strengthening and when the plots that ended up in September 11th were being hatched."

...Rice said the only time she recalls Clarke asking to brief the president was in June 2001 -- and it was on the issue of cybersecurity...

CNN: Rice rejects Clarke charges

Do you PHP?

Surprise! Oracle's Technology Network features an incisive interview with PHP founder Rasmus Lerdorf. So the Java community is finally waking up to the fact that the dominant application serving language on the planet is PHP (when Netcraft recently pinged 47,173,415 domains, it found that 15,205,474 had PHP installed). He has some beautiful comments for those who would demean PHP.

About the lack of enforced structure, all I can say is that I absolutely hate programming frameworks that lock me into a certain way of approaching a problem. That doesn't mean I don't believe in structure and frameworks, but I do believe in people having the power to come up with their own to match their environment...

...One of the big strengths of PHP over many other tools aimed at solving the Web problem is that other tools tend to associate such very specific targeted problem solving with the need to control how users approach the problem structurally. PHP doesn't impose any such structure, choosing instead to focus on making each individual functionality aspect of the problem as easy as possible to use... For example, PHP provides very targeted functions for communicating with a back-end database. These are specific to each database and do not sacrifice any performance to gain uniformity or consistency with other back-end databases. There is also no set way to structure a PHP application in terms of file layout and what goes where...

...Despite what the future may hold for PHP, one thing will remain constant. We will continue to fight the complexity to which so many people seem to be addicted. The most complex solution is rarely the right one. Our single-minded direct approach to solving the Web problem is what has set PHP apart from the start, and while other solutions around us seem to get bigger and more complex, we are striving to simplify and streamline PHP and its approach to solving the Web problem...

What it all boils down to is that PHP was never meant to win any beauty contests. It wasn't designed to introduce any new revolutionary programming paradigms. It was designed to solve a single problem: the Web problem.

Do You PHP? by Rasmus Lerdorf

Beyond MVC

It is important while we are studying and using MVC that we bear in mind the original purpose of the pattern: to reduce the complexity of user interfaces for a large and complex information system. It was designed for a specific purpose and evolved to meet a specific need.

Dr. Reenskaug's work in MVC has not been abandoned. Earlier this year, he began publishing material on his new MVC pattern language.

Nowhere, ever, in any of his papers was it suggested that the MVC pattern could be used to address the needs of n-tiered workflow processing infrastructures. But here we are, 24 years later, trying to pound in nails with a screwdriver. Despite the careful effort of scientists from Reenskaug's generation, it seems that we've not learned a thing...

Beyond MVC: A New Look at the Servlet Infrastructure

The World's Two Worst Variable Names

...sometimes you'll find variables where all vowels have been removed as a shortening technique, instead of simple truncation, so you have $cstmr instead of $cust. I sure hope you don't have to distinguish the customers from costumers!

There have also been intentionally bad variable names, where the writer was more interested in being funny than useful. I've seen $crap as a loop variable, and a colleague tells of overhauling old code with a function called THE_LONE_RANGER_RIDES_AGAIN(). That's not the type of bad variable name I mean.

Variable naming conventions can often turn into a religious war, but I'm entirely confident when I declare The World's Worst Variable Name to be:

$data

Of course it's data! That's what variables contain! That's all they ever can contain. It's like you're packing up your belongings to move to a new house, and on the side of the box you write, in big black marker, "matter."

O'Reilly Network: The world's two worst variable names [Mar. 07, 2004]

IBM DeveloperWorks: Bayesian Inference in PHP

One of the most useful, coolest technologies that has come down the pipe has been Bayesian calculation and filtering. New from IBM's DeveloperWorks this morning is a great piece covering it. Paul Meagher introduces Bayesian inference by discussing the basic mathematical concepts involved and demonstrating how to implement the underlying conditional probability calculations using PHP. In this article, the author discusses how Bayesian inference can be used to build an online PHP-based wizard that guides a user through the process making a medical diagnosis...

This three-part series features interesting applications designed to help you appreciate the power and potential of Bayesian inference concepts. It's good that he starts with some basics like conditional probability (the base of the bayesian functionality) and then quickly moves using this functionality to create a probability function. They roam through various formulas, showing you how each relates to the greater whole, and, in the end, help you create a 'medical diagnosis wizard' for your benefit..."

IBM DeveloperWorks: Bayesian Inference in PHP

Microsoft's first great developer might have been Charles Simonyi. The mission of his new company, Intentional Software, is to destroy the disconnect that exists between domain experts and software developers:

You are tackling the software development bottleneck problem. Can you elaborate on the problem and how you plan to solve it?

The goal is to do something about the bottleneck, to analyze the systemic problem and redeploy the resources in a way that helps resolve the problem. Tools have to be involved--that's the business proposition for our company--but they have to operate in a new relationship between subject matter experts and the programmers.

Currently, the key element to a killer app is what the application does for people. In health care, for example, helping doctors with patient care is a tremendous opportunity. You need subject matter experts, like doctors and health care administrators, who understand the issues of their domain. The biggest problem is that what a subject matter expert is trying to accomplish is not expressed in the code. The code is really the first truly precise description of the problem. The intent of the subject matter expert, however, is not apparent in the code."

Software to cut the digital fat

Hungarian Notation

In response to a request for a 'cheat-sheet' on Hungarian Notation, I wrote the following email to a couple of the younger developers with whom I work. The last paragraph is the 'inside joke' given the proclivity of modern academia to stress Java as the de rigeur  programming language.

> > RECOMMENDATIONS for HUNGARIAN NOTATION
> >
> > The following are some common recommended Hungarian Notation prefixes for variables defined in MFC projects:
> >
> > BOOL bFinished;
> > BYTE byteLastProcessed;
> > BYTE* pbyteLastProcessed;
> > CHAR cFirst;
> > CHAR[] (null-terminated) szCommandBuffer;
> > CHAR* (null-terminated) pszCommandBuffer;
> > CByteArray cbaExplodedValues;
> > CByteArray* pcbaExplodedValues;
> > CCriticalSection ccsArrayProtector;
> > CButton* pButton;
> > CDocument* pDoc;
> > CEdit m_edtLogWindow;
> > CEdit* pedtLogWindow;
> > CFile cfileLog;
> > CListCtrl m_lcDevices;
> > CListCtrl* plcDevices;
> > CMapStringToString mapCommandLookup;
> > CMapStringToString* pmapCommandLookup;
> > CPropertyPage m_pageConfigurationOptions;
> > CPropertySheet m_sheetSetup;
> > CString strPrefix;
> > CString* pstrPrefix;
> > CStringArray csaCommands;
> > CStringArray* pcsaCommands;
> > CWnd* pwndParent;
> > DWORD dwValueCount;
> > DWORD* pdwValueCount;
> > HANDLE hBitmap;
> > HDC hdc;
> > HICON hiconMaster;
> > HWND hwndParent;
> > INT nRangeBegin;
> > INT* pnRangeBegin;
> > LONG lTemp;
> > RECT rectClient;
> >
> > I hereby waive all royalties due me for use of these prefixes provided that users acknowledge that the one true hierarchy of programming languages is as follows: "C/C++, PHP, Assembler, Pascal, Perl, FORTRAN, Smalltalk, LISP, Java, Visual Basic, BASIC, ADA, PL/I, COBOL". Users will also acknowledge that C# was recently named "Rookie of the Year", but is - as yet - unranked.


More on C. Simonyi

JOS had a link to a wonderful interview with Mr. Simonyi. Some excellent quotes:

On the Beauty of a Program

I'll bet you that from ten feet away I can tell if a program is bad. I might not guarantee that it is good, but if it looks bad from ten feet, I can guarantee you that it wasn't written with care. And if it wasn't written with care, it's probably not beautiful in the logical sense.

On Hungarian Notation

So if you have a structure with certain properties, instead of giving it some arbitrary name and then having everybody learn the association between the name and the properties, you use the properties themselves as the name. This method has a lot of advantages. First, it's very easy to create a name--as you think of the properties, you write them down and immediately have the name. Second, it is very understandable, because as you read something you learn a lot about the properties from the name. As these properties get more and more numerous, it becomes difficult to describe them concisely. So "Hungarian" introduces some abbreviated notation to encode the properties in a short space. Of course this is a complete jumble to the uninitiated, and that's the joke.

Interview with Charles Simonyi

Scrum and Agile Development

Iinterested in agile development methodologies? Scrum is an increasingly popular process that is laser-focused on quality deliverables. Whether you're managing the IT function at a giant insurance company, developing firmware, or anything in between, you'd be well served checking out Scrum (and/or other Extreme-Programming related agile methods).

Scrum: an iterative, incremental process for developing software in chaotic environments. Scrum consists of a series of 30 day sprints, each sprint producing an executable. Between sprints, all interested parties evaluate progress and reevaluate technical and business requirements. Work is reestablished and the team enters into another sprint.

The pulse of Scrum is the key to its success … management determines what should be done prior to every sprint, their determination influenced by prior deliverables and requirements. During the sprint, the team is left alone and produces the best software possible : let in chaos, keep out chaos, let in chaos, keep out chaos, let in chaos, keep out chaos … etc....

Agile Alliance

Offshoring: The Root of the Problem

Excellent article and even better follow-up discussion regarding the ramifications of IT outsourcing.

I argued that outsourcing software posed other risks, because it essentially exports and helps nurture competition in the one area that is a key, strategic advantage for the U.S. and, to a lesser degree, Europe. Software IP is the key differentiator for our economies, a technology whose impact is pervasive. From the human genome project to Pixar's movies, software is the core technology that makes it work.

This drew baffled looks. "Programming is a commodity, grunt work," said the board member. "Software isn't different from the textile industry," the CEO said.

...Carol Bartz, long-time CEO of Autodesk, Inc. in San Rafel, Calif., defended her company's extensive offshoring of U.S. software jobs, chanting the same Corporate Darwinism dogma.

Then later in the interview, Bartz decried the lack of high-tech students at colleges. Even Homer Simpson would utter his trademark "Doh!" at that logical inconsistency. Bartz is cutting software jobs, is participating in the trend to cut pay for high-tech professionals, then wonders why enrollment in technical majors is declining. Only executives (and politicians) can be that hypocritical and self-serving with a straight face...

Original article and follow-up discussion

From Database Debunkings - quote of the week:

SQLite is 'typeless'. This means that you can store any kind of data you want in any column of any table, regardless of the declared datatype of that column. (See the one exception to this rule in section 2.0 below.) This behavior is a feature, not a bug. A database is supposed to store and retrieve data and it should not matter to the database what format that data is in. The strong typing system found in most other SQL engines and codified in the SQL language spec is a misfeature - it is an example of the implementation showing through into the interface. SQLite seeks to overcome this misfeature by allowing you to store any kind of data into any kind of column and by allowing flexibility in the specification of datatypes. Even though SQLite allows the datatype to be omitted, it is still a good idea to include it in your CREATE TABLE statements, since the data type often serves as a good hint to other programmers about what you intend to put in the column.

DATABASE DEBUNKINGS - SQLite

NBC: Clinton Ordered bin Laden Spared

I'm still waiting for Bill Clinton, Hillary Clinton, James Carville, John Kerry or any of the other members of the left who have an explanation for this stunning report from NBC. And I'm taking odds on when we'll hear from the shrill and un-funny Al Franken on this topic. The current betting line says never.

A secret CIA videotape shows that the Clinton administration had pinpointed the whereabouts of Osama bin Laden a year before the 9/11 attacks, but declined to kill him because of White House orders that he should be taken alive... The video, obtained and broadcast by NBC News, "illustrates an enormous opportunity the Clinton administration had to kill or capture bin Laden," the network reported Tuesday...

...Though President Clinton has boasted repeatedly that he issued orders to kill bin Laden, no action was taken when the White House finally got its chance... ...Gary Schroen, a former CIA station chief in Pakistan, told NBC that the White House had in fact ordered the CIA to do just the opposite - take bin Laden alive or not at all.

The directive effectively killed the plan and, along with it, the U.S.'s best chance to prevent the 9/11 attacks.

Clinton ordered bin Laden spared

Linux to Windows to Mac

I noticed that BadBlue is being used on an intranet to share files between Linux, Windows and a Mac. While BadBlue currently only supports Windows, browsers on any platform easily upload and download files from it. So users on Linux can easily transfer files back and forth from Windows... and the same for Mac users. It's way, way, way easier than configuring an FTP server or a Samba share.

BadBlue Personal Edition - Download

Washington Post... queries Kerry?

The Washington Post -- not exactly known as a mouthpiece of the right -- recently posted a stunning op-ed piece on John Kerry's two-faced voting record. The "junior senator from France" (props to the Don Imus show) has now skirted several of the central issues that he, himself, has raised: the "world leaders" who are rooting for him to beat the President in the general election; the linkage between Al Qaeda and Iraq now that the attack on Spain has exposed the truth; the Pakistani nuclear network that ran wild during the Clinton years; and, most importantly, the voting record that the Post terms "fuzzy" (as opposed to "lobbyist-driven", or "whichever agenda suits him politically at any given instant"):

The most important confusion surrounds Mr. Kerry's position on Iraq. In 1991 he voted against the first Persian Gulf War, saying more support was needed from Americans for a war that he believed would prove costly. In 1998, when President Clinton was considering military steps against Iraq, he strenuously argued for action, with or without allies. Four years later he voted for a resolution authorizing invasion but criticized Mr. Bush for not recruiting allies. Last fall he voted against funding for Iraqi reconstruction, but argued that the United States must support the establishment of a democratic government.

Mr. Kerry's attempts to weave a thread connecting and justifying all these positions are unconvincing. He would do better to offer a more honest accounting. His estimation of the cost of expelling Iraq from Kuwait in 1991 was simply wrong; and if President Bush was mistaken to think in 2003 that there was an urgent need to stop Saddam Hussein from stockpiling weapons of mass destruction, Mr. Kerry made the same error in 1998.

Time for Clarity

Good SecurityFocus column on the use of Google by blackhat-types. Bottom line: there's a lot of crap getting spidered out there... that shouldn't be anywhere near an extranet or DMZ. That's why the vast majority of companies need a Brooke Paul type as their CISO (i.e., someone familiar with the people, the processes and the technologies). But I guess there aren't a lot of those folks around.

...Let's try our search, but stick to the .edu top-level domain, so we're looking for "budget filetype:xls site:edu". 15,200 hits. Not bad. Things are starting to look very interesting...

The title of these directory listings almost always start with "Index of", so let's try a new query that I guarantee will generate results that should make you sit up and worry: "intitle:"index of" site:edu password". 2,940 results, and many, if not most, would be completely useless to a potential attacker. Many, however, would yield passwords in plain text, while others could be cracked using common tools like Crack and John the Ripper.

Googling Up Passwords and GoogleDorks (good amalgamation of various Google- and security-related hacks).

Win2K LDAP brute-forcer

A casual read-through of GoogleDorks yielded this egregious -- if true -- brute-force attack on Windows 2000's LDAP listener. I didn't check to see whether it's been patched or not, but it's worth noting in case you're running Win2K:

Title: Win2K LDAP authentication bruteforcer - ...I noticed when playing around with LDAP on Win2k that LDAP authentication requests came back with different response codes when using an existing username vs a non-existing one. Using this technique, you can enumerate usernames on the server. In addition, LDAP authentications don't seem to count as invalid logins as far as the 2k user is concerned. This means you can remotely determine usernames, and attempt passwords to your heart's content without bothering the set lockouts. Nice.

Internet Explorer ever suck up 100% of your CPU for no apparent reason? It could be Macromedia Flash ads -- it was for me on one of my slower machines -- and it was driving me crazy. I found this solution on Ozone Asylum (caution: you should be comfortable editing the registry to use this little hack):

Foolproof way to disable flash in win XP without any pop-up errors, messages, or prompts. Feels like Flash was never even invented. Click Start, Run, type regedit. Go to following dir:

HKEY_LOCAL_MACHINESOFTWARE/MicrosoftInternet Explorer/ActiveX Compatibility

Click Edit, New, Key. Name New Key: {D27CDB6E-AE6D-11CF-96B8-444553540000} (including the {})

Now create [a] new DWORD value inside this key. Rename this DWORD value to "Compatibility Flags". Set Value Data to 400 and Base to Hexadecimal. To enable flash simply delete the key.

Internet Explorer (IE): Disabling Flash

Rollin' Heat

The least likely folks might be the first in line to carry concealed weapons, according to this Ohio Beacon Journal article.

One is a fifth-grade teacher, another a stroke victim who walks with a cane. Not exactly the folks you would expect to be packing heat. But both recently took firearms training so they can become eligible to carry a concealed weapon come April.

That's when Ohio's new ``concealed carry'' law takes effect -- for those who qualify and are trained.

It's not surprising that some Ohioans want to carry guns. But it is surprising to shooting instructors just who some of those people are.

Some unlikely candidates are ready to carry firearms

Mobbed Up

This is one of the most active Sopranos discussion sites that you'll find. And I had a tough time locating it:

NJ.com: 'Sopranos' Forum

I just finished Jason Starr's Tough Luck and submitted this Amazon review.

A worthy successor to the Jim Thompson

The greats of noir fiction had a way of putting you inside the heads of the disenfranchised, the losers, even stone-cold, psychopathic killers. And the most skillful among them -- say, a Jim Thompson -- had the reader gradually empathasizing with these outcasts. Jason Starr can stand toe to toe with any of these authors. His _Tough Luck_ is an expertly written story.

Mickey Prada is a poor kid trying to make good. Working in a fish market while saving for college, he also takes care of his Alzheimer's-ridden Dad. Things are going pretty well for Mickey until a slick-looking mobster walks into the fish shop. Angelo Santoro starts talking football and betting with Mickey. Before long, Mickey's placing 'good faith' bets for Angelo. And Angelo keeps losing. Now Mickey's in the hole to his bookie and Angelo won't make good on his debt.

In order to get out of hock, his lifelong friend Chris proposes a burglary of a fancy home. It'll be easy money, what with the homeowners on vacation. And Mickey will surely be able to pay off the bookie and maybe pick up some nice trinkets for his new girlfriend. It all sounds so simple. But nothing goes quite as you might expect -- and none of the well-drawn characters will ever be the same after _this_ caper.

Starr writes with exquisite attention to detail. The jargon of the early eighties... the fashion... the culture... all are snapshots wrapped around the realistic foibles of each character. I'll definitely be picking up the rest of Starr's books. It's easily some of the best noir fiction going.

OCR

The Code Project has an interesting article on the implementation of a simplified neural network for OCR (optical character recognition).

The concept behind a neural network is tantalizing: construct a series of simulated neurons -- actually, virtual circuits -- connected to one another in patterns that mimic a very simplified "brain". Then, train the network by feeding it input and judging its output. Reward correct results by changing the weights that are used to feed connection signals.

Creating Optical Character Recognition (OCR) applications using Neural Networks

More on Neural Nets: Back Propagation

A proof of the Back Propagation Weight Update Rule exists here.

Prematurely Dead

Plastic has an interesting article and cogent discussion on Pro Wrestling's plethora of deaths. I've heard that about 65 current and former pro wrestlers have died in recent years. Abuse of steroids, HGH, pain-killers and other drugs would appear to be the primary culprit.

Every other week, it seems that another pro wrestler has dropped dead at a young age. Mike Lockwood, known professionally as Mad Mikey and Crash Holly, is the latest casualty, but there's a long list of premature deaths which include Road Warrior Hawk, Ravishing Rick Rude, "Mr. Perfect" Curt Hennig, Davey Boy Smith, Brian Pillman, Yokozuna, Terry Gordy, Rocco Rock, Louie Spicoli, Miss Elizabeth, Eddie Gilbert, Art Barr, and Kerry Von Erich. Sadly, this list is far from complete," a somber KJames199 writes. "While Owen Hart died in the ring when a stunt went wrong and the Junkyard Dog perished in an auto accident, quite a few of the deaths can be tied to drug use. Many wrestlers use steroids and/or Human Growth Hormone (HGH) to look like they do, then follow it up with painkillers to let them handle a life where bumps, bruises, and broken bones are a part of the job, and where you often don't get paid if you don't (or can't) work. The cost of this drug use is now being seen with young wrestlers dying at an alarming rate. If NFL football players were passing away at the same rate, it would be an enormous scandal. However, the media (with a few exceptions) seems to turn a blind eye to these deaths, possibly not willing or able to cover fake wrestling in a serious manner...

Last Man Standing — Pro Wrestlers Dying Young and a gallery of deceased wrestling figures can be found at The Dead Wrestler Tribute.