domingo, octubre 31, 2004

Gatos Hipoalergenicos

From BoingBoing:

La Empresa ALLERCA producira los primeros gatos hipoalergenicos del mundo, y esperan que los primeros gatos especiales nazcan a comienzos del 2007.

El alergenico del gato es una potente proteina secretada por la piel de los gatos y las glandulas salivales. Esta empresa modifica a los gatitos para quitarles el alergenico, para que personas como yo mejores nuestra calidad de vida.

Vero ya sabes, para el 2007 junta 3500 U$S y cambia a Martin por un gato de Allerca.

viernes, octubre 29, 2004

Un experto de la NASA dice que bush uso un "dispositivo" durante los debates

From salon.com | BoingBoing

shirt
29 Oct. 2004

George W. Bush dijo "No se lo que es eso", cuando el miercoles en "Buenos Dias America" se le pregunto al respecto de la singular protuberancia que tenia debajo de su saco durante los debates presidenciales. Bush dijo "es una camisa mal abrochada".

El Dr. Robert M. Nelson, sin embargo, sabe que el presidente miente. Nelson es un cientifico investigador para la NASA y para el laboratorio de propulsion a chorro de Caltech, ademas de ser una autoridad internacional en el analisis de imagenes. Actualmente se encuentra dedicado al analisis de las fotos digitales de Titan la luna de Saturno, determinando sus capas e identificando si contiene crateres o Cañónes

Nelson uso filtros de Photoshop para contornear el bulto que se vio en la espalda del presidente bush durante el primer debate, y concluyo que el presidente tenia algun tipo de dispositivo en su espalda.

Era imposible que una persona tan inculta y bruta pudiera responder de la forma en la que estaba respondiendo. Ahora, podrian haber usado algo un poco mas discreto no?

Nosotros, que supimos estar en el primer mundo, fuimos pioneros en estas practicas. Gracias Zulemita, por tu destreza rindiendo finales.

miércoles, octubre 27, 2004

BSD success stories

Dru Lavigne has published BSD Success Stories

Bush Campaign Web Site Rejects Non-US Visitors

From NetCraft:

The official campaign web site for U.S. President George W. Bush appears to be rejecting visitors from most points outside the United States, while allowing access from U.S. locations.

Netcraft monitors web site response times from seven locations, including four within the United States and three in other countries. Since Monday morning, requests to GeorgeWBush.com from stations in London, Amsterdam and Sydney, Australia have failed, while the four U.S. monitoring stations show no performance problems. Web users in Canada report they are able to visit the site.

On Oct. 21, GeorgeWBush.com began using the Akamai content distribution network to manage traffic to the site, which is hosted at SmarTech Corporation. The shift followed a six hour outage on Oct. 19, which also affected RNC.org, the official web site of the Republican National Committee. Domain name system (DNS) inquiries show requests to GeorgeWBush.com from outside the U.S. being dropped. A request from the U.K. returns a "403 forbidden" response from the server and a web page saying "Access denied: You don't have permission to access http://georgewbush.com on this server."

Akamai's EdgeScape service allows web sites to customize content - or exclude visitors - according to geography. Criteria for geography-based content are set by the customer, and implemented by Akamai's network.

Excluding non-U.S. requests could be denying access to the Bush campaign site to some registered voters, including American residents who are living overseas but eligible to vote by absentee ballot. Overseas ballots became an issue in the 2000 election, when backers of Bush and Democratic candidate Al Gore fought for every vote amid legal wrangling over recounts in Florida.

At least 340,000 U.S. military personnel stationed outside the U.S. have requested absentee ballots, according to the Pentagon. Most U.S. soldiers and seamen with Internet access would presumably access the Internet through the .mil domain reserved for the U.S. military, which would allow those requests to be handled differently than other non-US traffic.

Last week's simultaneous outages for GeorgeWBush.com and RNC.org prompted speculation that an electronic attack may have ocurred, as the two sites are hosted on separate web servers. The Bush campaign told media the outage was "no big deal" and offered no specific explanation for the outage.

CDNs can be effective in blunting the impact of distributed denial of service (DDoS) attacks, which seek to overwhelm web sites with traffic, leaving them unavailable. Microsoft used a CDN service from Akamai to keep its web site online in August 2003, when the Blaster worm programmed machines to launch a DDoS on the Windows Update site.

Akamai itself came under a DDoS attack in August, when an attack by a large "botnet" of compromised computers controlled by hackers.

Akamai declined comment on the traffic management of GeorgeWBush.com.

sábado, octubre 23, 2004

Google fix second phishing vulnerability

From Netcraft:

Google have fixed a phishing vulnerability that was discovered by Netcraft on Wednesday. Google notified Netcraft that they had closed the vulnerability today at 06:30 BST, making this lhttp://www.blogger.com/img/gl.link.gifess-than-two-days response much faster than the two years reported by Jim Ley when he discovered a separate but similar bug.

Both problems would have allowed fraudsters to inject their own content onto Google’s web site, making the content appear to be published by Google. This is a very effective form of phishing, as people are more likely to trust content if it appears to be hosted on a familiar domain.

The vulnerability was in the application used to search Google’s own web site, which was on the host googlesite.google.com, which now appears to be unreachable. Searches now appear to run from the parent google.com site instead.

Interestingly, while confirming the fix, Netcraft discovered another application error, which this time revealed fragments of the source code, file structures and application logic that powers the mysterious search behemoth, which we have in turn reported back to Google. At a glance, it is not clear whether the web application stack trace would be useful to an attacker, however, it does confirm the widely held belief that Google are users of the Python programming language.

Related:


viernes, octubre 22, 2004

Delicias de un Sysadmin

Que lindo es quedarse trabajando hasta las 24 de un viernes y saber que todo lo que se hizo tiene que volverse atras por un puto DNS que no puedo modificar.

Como diria mi gran amigo Javi:

Please Kill Me

Almuerzo en la laguna de los tempanos, no esta nada mal despues de haber caminado 5 horas por la turba. (Maldita Turba)

Parque Nacional Tierra del Fuego

Stephanie for OpenBSD 3.6

Stephanie is an OpenBSD hardening package; Viagra for the blowfish, if you will. It adds several security features not present in OpenBSD that many admins and users would like on their systems. Stephanie contains features both for compromise prevention and post-compromise damage reduce; or, last line of defense.

Stephanie for OpenBSD 3.6 has the following features:

  • Trusted users. Stephanie allows you to dynamically set a group as the 'currently trusted group.' This means you can maintain trust simply by adding or removing users from a group.
  • Vexec. Integrity verification of executed programs, memory mapped objects, and opened files. Completely revamped from earlier versions, now using hash tables. Supports MD5, SHA1, SHA256, SHA384, SHA512, and RMD160.
  • TPE; Trusted Path Execution. Prevent execution of files located in paths defined as 'untrusted.' (not owned and writable by root only)
  • Process privacy. Prevent processes from obtaining information about other processes, where the owner differs. (affects output of programs using sysctl's KERN_PROC) Also plugs into procfs.
  • Userland privacy. Plugs to various programs, preventing users from obtaining information such as online users, login/logout times, filtered netstat output...

martes, octubre 19, 2004

en linea

Tengo un ejemplar de la revista "en linea" que publica Telefonica. Como tira la plata esta gente, que calidad.