You know, I'd feel a little more sympathy about this if I forgot about that.

The BBC reports that World of Warcraft has developed a different kind of bug:

In the last week, [Blizzard] added the Zul'Gurub dungeon which gave players a chance to confront and kill the fearsome Hakkar - the god of Blood.

In his death throes Hakkar hits foes with a "corrupted blood" infection that can instantly kill weaker characters.

The infection was only supposed to affect those in the immediate vicinity of Hakkar's corpse but some players found a way to transfer it to other areas of the game by infecting an in-game virtual pet with it.

This pet was then unleashed in the orc capital city of Ogrimmar and proved hugely effective as the Corrupted Blood plague spread from player to player.

I found this somewhat amusing.

At the pro-Bush rally several miles away, there were some heated moments when two members of Protest Warrior, a group that frequently holds counter protests to anti-war rallies, walked in with a sign that read "Say No to War Unless a Democrat is President."

Many Bush supporters only saw the top of the sign and believed the men were war protesters, so they began shouting and chasing the pair out. One man tore up their signs.

-- from AP/ABC News

The actual sign, not seen here because I forgot where I originally read the story that had a picture of it, had "Say No to War" in large font and the rest was nearly unreadable in the picture. So the misunderstanding was understandable.

I'm afraid "Waving subtle comedic wit in a hostile crowd" has just been crossed off the list of occasions where it pays to be cleverer than your audience. For the next event might I suggest a Goatse print and an airhorn?

not another award i'm running out of room on my mantel lol

Notes: Thought I'd do this again to see what's changed since last month. Common inbound ports such as telnet, SMTP, pop3, and http are filtered out by my ISP to prevent giving me too much value for my money and therefore are not represented in this list. Ports receiving fewer than ten packets are not listed. "Attempts" are likely inflated because connections may be tried more than once by the same IP address at the same time (tool- or protocol-related retries). All descriptions are my best guess (forgot to mention this last time.)

Attempts, Protocol, Port
18726, UDP, 1026
15764, UDP, 1027
Windows messenger spam attempts.

1412, UDP, 68
bootpd/dhcpd. Expected and probably legit.

449, UDP, 1434
427, TCP, 1433
Microsoft SQL server exploit traffic.

360, TCP, 42
Microsoft networking scan (WINS) -- almost 26 times the traffic last month. The reason, I think, is a misconfiguration by a budding Windows administrator (well, the second if he's not properly blocking Windows traffic at his border firewall.)

223, UDP, 1028
216, UDP, 1029
More Windows messenger spam attempts?

193, UDP, 6970
RealPlayer/Quicktime trying and failing to use UDP as a network transport. Expected and probably legit.

136, TCP, 4899
radmin (a remote administration tool) listens here. I don't know if the interest is in exploit-related access or brute force access. I've heard some worms will install radmin, and others try to get in existing installations using weak passwords.

115, UDP, 33437
Traceroute, or routing optimization. Probably legit.

100, TCP, 22
SSH.

84, TCP, 10000
Veritas Backup Exec? Zabbix? Webmin?

51, TCP, 2100
Oracle 9i XDB FTP service exploit.

47, TCP, 3306
MySQL.

31, TCP, 57
More probes for an obscure Cisco service. Again, I'm thinking it'd be interesting to hook something up to this port to see what's what.

30, TCP, 9898
Scans for a FTP server the Sasser worm will run on an infected system.

28, TCP, 3127
Backdoor port installed by the MyDoom virus.

27, TCP, 1023
The Sasser.E worm drops an FTP server here.

27, TCP, 3128
Squid webproxy. Slashdot scans.

27, TCP, 5554
The Sasser worm drops an FTP server here.

23, TCP, 8000
Webproxy. Slashdot scans.

22, UDP, 33435
Routing optimization.

21, TCP, 444
Webproxy. Slashdot scans.

19, TCP, 81
Webproxy. Slashdot scans.

19, TCP, 3124
Webproxy. Slashdot scans.

18, TCP, 111
RPC portmapper for Unix/Linux/BSD/etc. type systems. Oldschool attack vector, but I don't know what they're looking for now.

17, TCP, 3389
Remote Desktop Protocol. Someone mentioned a potential exploit on SANS in mid-July, but traffic isn't up much from last month.

17, TCP, 22826
I don't know what this is about.

17, TCP, 6101
According to an entry at SANS, a scan for the Veritas Backup Exec exploit.

17, UDP, 6346
More Gnutella. I dumped the packets this time; they're validly-formed Gnutella PING packets containing extended data that looks like a nickname field. Looks like two people checking from four hosts. I thought Gnutella clients were TCP but gtk-gnutella at least has offered UDP connectivity since November last year. Still don't know why the same machines keep scanning mine but maybe they're building a host cache (which is used by Gnutella clients as a starting point to join the network.)

12, UDP, 33439
Routing optimization.

11, TCP, 3382
Webproxy. Slashdot scans.

11, TCP, 6129
Dameware remote management tool exploit.

11, TCP, 5900
VNC (remote desktop tool).

10, TCP, 7032
Webproxy. Slashdot scans.

10, TCP, 2578
Webproxy. Slashdot scans.

10, TCP, 8081
Webproxy. Slashdot scans.

10, TCP, 8090
Webproxy. Slashdot scans.

10, TCP, 1026
Webproxy. Slashdot scans.

10, TCP, 8002
Webproxy. Slashdot scans.

10, TCP, 6588
Webproxy. Slashdot scans.

Notes:
Common inbound ports such as telnet, SMTP, pop3, and http are filtered out by my ISP to prevent giving me too much value for my money and therefore are not represented in this list. Ports receiving fewer than ten packets are not listed. "Attempts" are likely inflated because connections may be tried more than once by the same IP address at the same time (tool- or protocol-related retries).

Attempts, Protocol, Port
12352, UDP, 1026
6377, UDP, 1027
Windows messenger spam attempts.

2344, UDP, 68
bootpd/dhcp. Background network config stuff usually seen on broadband connections or in corporate network environments. In my case this all looks legit.

1813, UDP, 6970
RealPlayer/Quicktime trying and failing to use UDP as a network transport. It transparently switches to TCP after failing a UDP connection, which seems to work just fine for BBC World Service.

442, TCP, 1433
324, UDP, 1434
Microsoft SQL server exploit traffic.

121, TCP, 4899
radmin (a remote administration tool) listens here. I don't know if the interest is in exploit-related access or brute force access. I've heard some worms will install radmin, and others try to get in existing installations using weak passwords.

119, UDP, 6346
Gnutella? I fired that up like two years ago and I'm still getting scans here. Someone needs to clear their cache.

110, TCP, 22
SSH. No doubt connected to the automated brute force dictionary attacks mentioned recently. This got scanned before that too, probably folks looking for an old exploitable version.

51, TCP, 10000
Supposedly there's been an increase in scans for this after the Veritas Backup Exec exploit came out. Two other programs that use this port are Zabbix (an open source network monitoring solution) and Webmin (a web-based system adminstration interface.)

42, TCP, 3306
MySQL. I doubt good intentions are behind this scan.

40, TCP, 9898
The Sasser worm will leave an FTP server open on this port. The Dabber worm will exploit a vulnerability in the server opened by the Sasser worm to spread.

35, UDP, 33437
Traceroute makes use of this port. All of these attempts came from two IP addresses belonging to the same company. Some websites are using a service where they distribute their content to different servers around the world and when you request content from them you are directed to the server with the lowest latency or something. I'm a bit curious how they figure this out with only one server pinging me though.

34, TCP, 2100
Oracle 9i XDB FTP service exploit.

33, TCP, 1023
The Sasser.E worm drops an FTP server here.

33, TCP, 5554
The Sasser worm drops an FTP server here.

33, UDP, 161
SNMP (Simple Network Management Protocol). Sometimes this will give interesting information.

31, UDP, 1381
Apple Network License Manager. I have no idea what the interest here is.

22, TCP, 57
A Google search was unclear on what this was about ("any private terminal access") but I note with interest that there is an obscure Cisco configuration item called "ip tcp async-mobility server" that will listen on this port. I'm thinking about hooking up a dummy TCP server that
completes the connection and logs everything to a file.

20, UDP, 1028
Might be more Windows Messenger spam, or an obscure trojan exploit attempt. The same IP address is scanning 1026-1029 UDP.

19, TCP, 6101
According to an entry at SANS, a scan for the Veritas Backup Exec exploit.

18, TCP, 3128
Squid webproxy. Some schlubs scanning for open proxies I imagine. One of the schlubs happens to be our very own slashdot.org.

16, TCP, 2745
Backdoor port installed by Bagle virus variants.

15, TCP, 3127
Backdoor port installed by the MyDoom virus.

14, TCP, 444
Webproxy address. Slashdot scanned this one too.

14, TCP, 42
Microsoft networking scan (WINS).

14, UDP, 1029
More people abusing Windows Messenger, probably.

13, TCP, 81
13, TCP, 8000
Webproxy addresses. Slashdot scans again.

12, TCP, 6129
Dameware remote management tool exploit.

12, UDP, 33439
This seems related to the 33437 scans above.

11, TCP, 1025
Microsoft RPC/LSA exploit attempts?

10, TCP, 4000
The Skydance trojan can run here, as well as a Diablo II Closed Game server (which was vulnerable to DoS years ago, though why people would scan for
games to ruin is beyond me.)

10, UDP, 123
Network Time Protocol. Neither IP address checking for this appears to be a known NTP server as far as Google goes.

Check this gem out and tell me it isn't time for Hollywood to drop everything they're working on at the moment and do for the A-Team what they did for Batman.

With our traditional movie heros MIA or turned into women to satisfy test audiences, nothing short of a high-powered A-Team remake will revive the action franchise.

But maybe stop after the first sequel.

Update: The A-Team is actually in production for 2006, and I think it's safe to say that your combined disappointment in Star Wars and the upcoming Willy Wonka movie will be completely made up for by this cinematic blockbuster.

I'm not a regular visitor to this site, but it looks like something real ominous just happened to the Internet while my back was turned.

What is going on?

UPDATE: Ah, this is what's going on. You know, I wish they'd worry a little less about the f*cking and a little more about the f*cking economy, veterans, health care, mad cow, prescription costs, voting machines, etc. But maybe that's just me.

It's looking like either tomorrow or Monday will bring a Supreme Court answer to whether P2P as we know it has a viable future in this country (04-480: MGM v. Grokster).

I took some time to read over the oral arguments and thought I'd list the highlights:

According to the Petitioners (MGM) the Ninth Circuit decided the case in favor of Grokster based on an expert study (submitted by the proponents) that showed 90% of the material available was or was likely to be infringing. They now argue that the Ninth Circuit improperly inferred that the other 10% was noninfringing material, and that not only is it a stretch to say there were 2.6 billion noninfringing uses but that the number of noninfringing uses is only so high because "the scale of the thing is mind-boggling". They assert that simply offering the possibility of noninfringing use is not enough to give a "perpetual free pass" to assistance of massive infringement.

This argument addresses the famous "Betamax" case (Sony Corp v. Universal City Studios) which in a 5-4 decision held that a substantial number of copyright holders would not object to having works licensed for free public broadcast timeshifted by private audiences, that this timeshifting would not substantially interfere with their sale of copyrighted works, and that the sale of copying equipment does not constitute contributory infringement "if the product is widely used for legitimate, unobjectionable purposes, or, indeed, is merely capable of substantial noninfringing uses."

They also assert that there is inducement of infringement -- that the network not only offers no resistance to infringement but actively encourages it. Based on the questioning, this looks like it could be a separate issue for the Court to decide than the one listed above.

When the counsel was asked whether he would have recommended, under his interpretation of Sony v. Universal, the invention of the Xerox, the VCR, the iPod and the printing press, he said yes. His assertion was (using the iPod as his example) "there were very significant lawful commercial uses for it". Justice Souter makes the point that this is never apparent to "the guy sitting in the garage figuring out whether to invent the iPod or not" and Justice Kennedy explains that "profit-motive-driven" inventors may very well be scared away from creating anything that could run afoul of copyright problems.

A supporting Petitioner (for United States as amicus curiae) suggests that the Sony standard could allow 50/50 infringement/noninfringement but that a greater amount of infringement with inducement to infringe could create liability under that standard. He also argues that this service was set up "from day one" to capitalize on the infringement started by the old Napster system.

The Respondents (Grokster) assert that prior acts that are alleged by the petitioners to constitute "inducement" are separate from the distribution of the product, and that only the latter issue is before this Court because of some technical deal with the appeal (as I understand it; I could be wrong.) The justices seemed to feel that if infringement played a part in getting the company to where it is today it's still relevant, and were a little confused about how the issues of prior acts and present acts were separated. So maybe they're all before the Court anyway; I don't know.

Justice Scalia says the Court won't decide this case on the basis of stare decisis. After looking that up, I'm thinking Sony v. Betamax alone won't be enough of a defense. There's also a dangerous bit where Justice Kennedy asks whether "unlawfully expropriated property can be used by the owner of the instrumentality as part of the startup capital for his product".

Justice Souter asks whether this might be a willful-ignorance case. Justice Scalia thinks decentralizing the network simply to avoid the fate of old Napster could run afoul of this. Take note, anonymity networks.

How is it all going to come out? Your guess is as good as mine. I get the feeling that there's a possibility they might not make a final judgement on this if there are technical issues surrounding the appeal that prevent them from addressing the inducement issue. I also suspect that if there's a final judgement the majority will find for MGM on the basis that the significant difference between the quality, cost of distribution and media durability in the 80s and the quality, cost of distribution and media durability at the center of this case that would increase the potential of infringing uses to harm copyright holders to a degree that puts this case outside the Sony v. Universal standard. The inducement and willful ignorance angles only cause me more concern.

Just to add a smidge more length to this entry, I think it's interesting that Sony got one side of this argument in the 80s and because they own MGM they've now got the other.

Two password reset attempts on my account within hours of each other, different user agent, different offshore proxies. Yay for you guys!!! I'd thought all the love was gone.

XOXOXO!
  -s.

ps hi fv

Date: Sat, 11 Jun 2005 09:49:32 +0000

In case you get multiple emails you didn't request, the requester's IP
was 203.217.85.219. Its user agent was
"Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.7.6) Gecko/20050"
(not that you should trust that value, but it might be interesting).

Date: Sat, 11 Jun 2005 11:38:43 +0000

In case you get multiple emails you didn't request, the requester's IP
was 132.40.121.33. Its user agent was
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
(not that you should trust that value, but it might be interesting).

link

Nothing to see here, move along.

Whether you went the way of Stephen King or not, man, if you can read this I want you to know I found the whole Two Towers petition thing to be unbelievably hilarious.

According to news.com.com, maybe. One guy on the FEC suggests bloggers might be fined. A couple of random people suggest it's a First Amendment thing. A judge overturned a 4-2 FEC decision to exclude the Internet from these silly laws in 2002.

The story here, I think, is that the future of political viability for the Internet will be decided over a medium dominated by angsty furries. Once again you can blame the MSM for cherrypicking their facts and keeping the public in the dark.

The other night I decided to try out the "Internet TV" feature of Winamp. It's apparently been implemented for a while, but this was the first time I noticed it: streaming low-quality video "channels" not unlike streaming low-quality audio "channels" I can pick up through Shoutcast, but full so I can't actually join them.

Unsurprisingly it is packed with porn, along with various episodes of Simpsons, Futurama, Family Guy, and what have you. Finally I found an open server showing the feature Meet Your Meat 2, which I soon discovered was a short pro-vegan documentary on the lives and deaths of various animals immediately before us in the food chain.

Disappointed, I nevertheless sat through the film to get an idea of their side of things. Now mind you, I had the opportunity to visit family farms many times growing up (and in anticipation of your eager questions, I never tipped or otherwise fiddled with the livestock -- although according to the local lore such things apparently went on more than a little bit over the years) so it was a bit of a shock to see how things go on industry farms. And it definitely made it harder to get the bacon cheeseburger with cheddar and mayo down the day after, but not impossible.

It got me thinking, though, that there is a future is in synthetic meat products. A lot of energy goes into producing meat. A lot of effort goes into keeping my meat relatively disease-free, sometimes by loading it with antibiotics. As a fan of mock duck dishes (particularly curried) I can say that the texture can be faked with some effectiveness, but as a fan of seared chicken parmesano with rigatoni al dente I can also say the current crop of meat substitutes leaves something to be desired. You simply cannot take a fungus, bread it with soy milk and flour and a ton of spice, fry and serve topped with soy cheese, no-egg macaroni, and tomato sauce without wanting to hurl by the first bite.

Consequently I, like you just now, took a short yet pointless journey to end up with the realization that I'm going to continue doing a horrible thing because the alternative tastes like shit. An interesting metaphor for the larger political picture, don't you think?