Security Tools

There was this security announcement today: Another time a Symantec product does not what it’s supposed to and actually executes UPX-Packaged .EXE-Files to find out whether they conain malicious code or not.

This is certainly not the best way to accomplish that…

So this is anoter point why I’m no fan of security software in place of user education (and regular flaw-patching): Such software creates a false sense of security (“should I click here? Oh well.. I have my NAV running, so nothing’s going to happen”) and may even open bigger holes when itself is not secure.

As it stands now, a educated user without NAV that receives an email with a prepared UPX-packaged .exe will just delete the file and be happy.

An educated user with NAV will delete the file too, but before he can, NAV will have scanned the email and thus executed the malware. This is a case where the infection comes from the software supposed to be preventing it.

It’s just like with firewalls: Why installing a packet filter filtering unwanted packets to open ports when you can close the ports in the first place?

Security is (mostly) a social thing (not counting exploits which must/can be prevented by updating the affected software) that can be achieved best using social skills, not software-barriers (as software has flaws – education at least has the possibility of achieving its goals).

So I’m not bashing Symantec (for once), but security-software as such.

AWStats

For the last five years or so, I’ve been using ModLogAn for my/our web analyzing needs: The tool is fast and much more powerful than Webalizer which I was using before modlogan

Getting it to run was a bit difficult at first (requiring a hacked GD library and all that), but this gradually got better. Since then the tool does a wonderful job (except one broken release about three years ago).

With all this buzz about the phpBB.com incident which happened because of a hole in AWStats, I wanted to give said tool (in a fixed version – of course) a shot.

The gentoo ebuild is tightly integrated into webapp-config which I’ve not used before, so the installation was somewhat difficult for me, but some symlinks here and there soon brought me a working setup.

I must say that I’m impressed of the tools capabilities: It’s quite fast (not as fast as modlogan, but fast enough), its CGI user interface profits from its dynamical nature (filtering long lists in realtime for example), the plugins provided with it are very cool (geoip, whois,…) and as soon as one understands how it ticks, it’s really easy to configure and manage.

Useful for some people is its possibility to update the statistics in realtime by analyzing the current rotation of the logfile. Another thing, modlogan isn’t capable of.

And finally it’s the looks – as always. awstats looks much more pleasant than modlogan does (even when using the template-plugin which has the nicest look of all of them).

I’ve not deceided yet whether I should replace the currently well-working modlogan-setup or not, but I’ve certainly analyzed the whole backlog of gnegg.ch (link to the tool removed due to gnegg.ch redesign).

IRC Clients

When my favourite game movies site (written about it here and here) went offline last week, I ventured a look into its IRC channel to find out what’s going on.

Chatting with the guys there was so much fun that I deceided that it’s time to get into IRC after all (I never really used it before, so I did not really have a big insight into this part of the net)

Soon after this decision, I began learning the ins and outs of IRC and the first thing I did was setting up a bouncer (IRC-proxy – let’s you be logged into a channel despite your client machine being offline. Very useful for getting an overview on what happened while you were away). There are quite many available, but the only one that seems to be still maintained is ctrlproxy

If you plan on using mIRC with it, go and install the current pre-release 2.7pre2. Older versions don’t let you connect.

Next was the question which client to use.

While mIRC is nice it has two problems: a) it’s single-platform. As I’m constantly using all three of Win/Mac/Linux, a single program would be nice so I don’t have to relearn all the shortcuts for each platform. b) It does not look very polished and cannot be made to do so.

Klient looks much better, but is still single-platform and has problems recognizing the state when reconnecting to the ctrlproxy (it sometimes does not notice that you are already in a channel).

virc looks better than mirc, but worse than Klient. Plus, it seemed a bit unstable to me. And it was slow displaying the backlog. Very slow. It’s single-platform too (and written in Delphi it seems)

irssi is single-platform too, but I could work around that by running it on our webserver and using screen.

A program that warns with

17:43 -!- Irssi: Looks like this is the first time you've run irssi.
17:43 -!- Irssi: This is just a reminder that you really should go read
17:43 -!- Irssi: startup-HOWTO if you haven't already. You can find it
17:43 -!- Irssi: and more irssi beginner info at http://irssi.org/help/
17:43 -!- Irssi:
17:43 -!- Irssi: For the truly impatient people who don't like any automatic
17:43 -!- Irssi: window creation or closing, just type: /MANUAL-WINDOWS

before starting it and with no obvious way to exit it (Ctrl-C, quit, exit – neither did work) is something I’m afraid of (quite like vim, though I learnt to love that one). So: no-go

Finally I ended up with X-Chat. It looks good, has all features I need, a big userbase, is maintained and is multiplatform after all.

There was this fuss about the windows version becoming shareware, but I can live with that as the tool is very, very good. For supporting it’s author, I gladly payed those $20 (I see it as a packaging fee – just like with those linux distributions), though you can get a windows binary for free here.

So for me, it’s X-Chat. And much fun in #nesvideos

Why I love the command line

Today I had the task to join together quite some mp3-files.

I had about 100 radio plays, each devided in three to six files which I wanted to have joined to one file per play so I can better organize them on my iPod

There are tools out there doing exactly that. mp3surgeon being one of them. All these tools a) have a non-scriptable GUI (meaning lots and lots of clicks) and b) cost money

b) would not be a pronlem if those tools would work for me, but because of a) they do not.

Then I found mpgedit a command line tool capable of joining MP3’s (respecting VBR-headers, but without recoding the new file)

As it’s usable from the command line, I could write a small script doing exactly what I wanted:

<?

$dir = dir(".");
while (false !== ($entry = $dir->read())) {
	if (preg_match('/^.+$/', $entry)) continue;
	$path = '.\'.$entry;
	if (is_dir($path))
 	    doJoin($path);
}

function doJoin($dir){
	echo "Looking in $dirn";
	$of = escapeshellarg("..\".basename($dir).".mp3");
	chdir($dir);
	$files = array();
	$d = dir(".");
	while (false !== ($entry = $d->read())) {
	   if (!preg_match('/.mp3$/', $entry)) continue;
	   $files[] = $entry;
	}
	$d->close();
	sort($files);
	$files = array_map('escapeshellarg', $files);
	system("c:mp3mpgedit_nocurses.exe -o $of -e- ".implode(' ', $files));
	chdir("..");
}
?>

Note that it’s written in PHP as this is the language I currently do most of my work with. And note that it’s very customized to just my needs. None the less it works very well and saves me from about 200’000 clicks

Now this is exacltly why I love the command line.

Another day, another “head first” book

With pleasure I found out that Head First Design Patterns was in the bookstore I’m usually getting tech-books at (I like going to a store, buying the book and then immediately begin reading it – this is why I don’t order all books over the web). The book was hidden in the shelf full of UML-books where it should have been placed near the Java-books: It’s really Java-centric.

As I noted here, I really like the head first series and if you ask me, head first design patterns is the best so far which may be because the topic really, really interests me. Additionally, I so far found much less mistakes than in head first jsp (where there were quite some).

This new book of the series has something the others don’t: It has suspense. Always when one of the patterns is explained, I’m so much looking forward to learn what the next pattern will be and what the next example will be.

I’m not a theoretical guy, so it’s quite difficult to keep me reading when dry topics are to be explained. Not so with head first design patterns: They keep it interesting and they keep explaining by example (very good ones by the way). It’s really well done.

I’m now about in the middle of the book (the command pattern) and while I alreay knew some things, I was able to learn a good deal of new stuff (and the correct terminlogoy to use) and interestingly, it’s sticking in my brain. I can remember every single important thing (the rocket-powered rubber-duck, for example. Btw: Rubber-ducks do fly indeed: Just throw it out of the window and they fly – in one direction only, but they do fly. The fly()-method would have had to be overriden by many ducks anyways, but I agree, the strategy-pattern is the better solution).

Even if you are not interested in design-patterns: Go and get this book. Even during reading the very first chapter you’ll soon get interested and by the middle of the book you long for every second of free time to continue going on reading just to learn what the next pattern may be and what example may be used to explain it.

Incredibly great stuff.

Just one year to go…

… and I’m on this world for a quarter of a century.

Today is my 24th birthday.

Sometime I really would like to be much older than I’m now. I would so much have liked to get the whole IT revolution – as it stands now, the first real program I wrote (besides many complicated batchfiles) was for Windows 95, so I missed all the fun of segmented memory and assembler. Too bad.

Then again: There are those days where I just whish to be younger so I will be able to see even more new technologies rise and vanish before I die. It would be so nice to be still alive when we finally get fusion reactors, warp speed, matter-transporters and all this stuff.

I love technology. I really do.

A worm named pilif?

I just heard, that my nickname-ever-since has been “misused” by someone in his evil malware-schemes.

At least the second entry in google after searching for “pilif” points to this page

This is very unfortunate. I’m using the name “pilif” since long before the first mail virus (ILOVEYOU) has been written. Pilif has the benefit of being nearly unused in the web so far (very convinient when registering somewhere) and it somewhat contains my name (Philip -> Filip -> Pilif)

I can asssure you that I have nothing to do with this worm or any other worm for that matter.

Besides, if I really wrote a virus I would never be so stupid as to name it after my nickname ;-)

Serendipity

Last sunday I somehow came across Serendipity.

Besides being the only project where hitting Ctrl-V is simpler than actually spelling the name (let alone pronouncing it), this blogging engine shows much promise for me.

It has some obvious advantages over MT for me:

  • It’s OpenSource. Hacking it isn’t a crime.
  • It’s written in PHP, one of the languages I’m really fluent in.
  • It has some great anti-spam-features (though forcing the preview here did help greatly).
  • It uses dynamically generated pages instead of statically generating each an every page.
  • It has many more features than MT does.

My only problem: It does not have an importer for Movable Type. Well, actually, the current CVS HEAD does, but it does not work either. But because of the first two points above, I could do something about that.

Now, this evening, I will be working on the comments importer and tomorrow you will be able to have a look at how well my patches work (at least with this blogs data)

And sometime later this year, I will be using Serendipity as my blogging engine (hopefully with many more patches by myself). That’s for sure!