Bush’s Foreign Friends

There’s a new googlebomb out, abusing the way that the popular Google search engine works. To see it in action, go to Google and enter “Bush’s foreign friends” (including the speechmarks) as the search term, and hit the “I’m Feeling Lucky” button.

On The Importance Of A Firewall

This is a graph showing the average amount of time between port scans against Windows boxen, and it’s change from last year to this year. It’s down from 40 minutes to 20 minutes over the last year.

If we take this and assume a few things:

(a) There will always be Windows security vulnerabilities – not an unreasonable assumption in a large piece of software like Windows, or any similarly large program.

(b) Windows security vulnerabilities will always be discovered and exploited long before they are patched by Microsoft – based on past experience, this is a fair statement.

(c) All of the script kiddies doing this port scans are knowledgeable in the most recent exploits against Microsoft Windows – a little pessimistic, perhaps, but with a several-month-long window (ahem) in which to exploit them before they get patched, acceptable.

Therefore, it can be assumed that a new Windows XP PC needs only to be online for 20 minutes before it becomes infected with a ‘push’ virus, contaminated with a trojan, or enslaved as a zombie. On a slow dial-up modem connection, that probably isn’t quite long enough to download a copy of ZoneAlarm

Jeez. Thank Dog for SP2.

One Thousand, Two Thousand, Three Thousand… Check Canopy!

Wow: a most memorable weekend. As you’ll remember, I spent the last weekend on a crash-course in parachuting in Lancashire. Having spent plenty of time in light aircraft or coasting around in a paraglider, I thought I had it sized: but it turned out to be even more spectacular (and scary) than I could have possibly predicted.

Saturday consisted of an exhausting seven hours or so of training: standing around in a field, doing such activities as demonstrating that we can arch our backs into the “stable position” and shouting “One thousand, two thousand, three thousand… check canopy!”, only to have some instructor shout “Malfunction!” and therefore have to go through our emergency process (“Look, locate, peel, pull, punch, arch!”) for the seventy-somethingth time… or lying on our bellies on overgrown skateboards, wiggling our bodies into strange contortions in order to simulate airflow (somewhat reminiscent of the idea of learning to swim by lying on a bench and practising strokes – little real value)… or clambering into a mock-up wooden aircraft (imagination required), climbing out onto the wing, and preparing to jump… or hanging in suspended harnesses, fumbling with the controls of make-believe parachutes…

I made my first jump on Saturday, early in the evening. Despite having been cool as a cucumber for the entire training process, I was very apprehensive by now. But this apprehension drifted gently away to be replaced with blind panic the moment we’d spiralled up to 3500 feet and the instructor opened the door, filling our faces with a 50mph wind. The plane was a small four-seater single-screw affair, with all but the pilot’s seat surgically removed so as to squeeze five parachutists (four students and an instructor, in this case) at a time into it, kneeling down and getting pins and needles in their feet. The instructor tapped the pilot on the shoulder: “Cut,” he shouted, and the pilot obliged, cutting engine power to a fraction and causing the plane to lurch downwards in a stomach-gulping manner. Before I knew it, it was my turn to jump.

“Feet out!” shouted the instructor, unsympathetically, slapping my on the shoulder and making a last check of my static line (the device that automatically deploys your parachute – essentially a long nylon strap attaching your ripcord to the pilot’s seat). I knew the drill by heart, having practised it to death on the ground: I grasped each side of the aeroplane’s door and put my right foot out onto the step. Then, that secure (considering the head wind), I reached out with my left hand and held the wing support beam. Then my right hand. Then, finally, I moved my left foot out and precariously swapped it with my right, leaving my right dangling above a 3500 foot hole. I couldn’t help but look down, and see fields stretching out, little cars moving along the roads, and occasional stray clouds meandering by. I looked back into the plane to signify my readiness…

“Go!” shouted the instructor. I let go.

At that moment, I forgot everything that I had spent so long learning. For some time to come, I was unable to remember the four seconds that followed. I was later to learn (and, later still, to remember) that I let go gracefully, but then – instead of forming the stable ‘arch’ position (important, as it keeps your back facing ‘up’, allowing your parachute to deploy correctly) – I put my hands by my sides, causing me to fall head-first until my ‘chute deployed. I remembered hanging onto the wing, and I remembered my parachute opening, but the rest was completely missing for the next half-hour.

During the three further jumps I performed on Sunday, there was no trace of the fear that had gripped me during the initial phases of my first: and, in fact, I was able to get the hang of assuming the correct position and landing without crippling myself… moreover, I’m now qualified to a level at which I’m permitted to begin DRCP (Dummy Rip-Cord Pull) jumps, in which I would leap from a plane and pull what is effectively a glorified handkerchief from the back of my backpack, symbolising the correct pulling of a rip-cord. Doing this will eventually allow me to do a free-fall, and is a progressive stage towards certification as a skydiver. Which is nice.

I loved it. Everybody in a fit state should do this sometime. Wonderful.

1000… 2000… 3000… Check Canopy! (Claire’s take)

This article is a repost promoting content originally published elsewhere. See more things Dan's reposted.

This repost was published in hindsight, on 11 March 2019.

Claire wrote:

Yesterday I spent about 8 hours watching Dan and his Dad learn how to parachute. They did their first jump at about 6pm. It was a very comprehensive course, and I think that I could probably have jumped out with them, had I the money. They are jumping more today, I am joining them for lunch with the rest of his family and if they are good they will both get to do free fall (previously they did static line – the plane pulls out your parachute as you fall).

I didn’t realise quite how many safety procedures went into a parachute. Not only is there a reserve chute, but it can be released by
a) you cutting away the main chute (pull the red thing)
b) you pulling the reserve rip cord
c) your altimeter reaching a set height above a certain speed

So, even if you are unconscious, and your main parachute hasn’t opened, you will float gently to an area within 100m of the dropzone (They drop you such that if you use reserve you would land in the right place without even steering.)

With that in mind I am going to sign myself up for the university’s skydiving club in September. Dan seemed to enjoy it and thinks I would too.

This Weekend : Parachuting For Dummies

Parachuting For Dummies

The good news is that the weather looks fantastic for my parachuting trip this weekend. I can’t think of a better thing to be travelling for on a Friday 13th.

The downside is I haven’t spent more than a few consecutive minutes off the phone this morning talking my work colleagues through the code I’ve left behind for them to carry on with. At current rates, I should expect to be answering my mobile during a free-fall.

Executable Stenography… With A Difference

Somebody’s come up with a program that hides secret messages in executable programs. Well… that’s not so impressive – we’ve all hidden secret messages in JPEG files before by using programs to ‘flip’ certain pixels (example). This works by changing the image in subtle ways that the human eye won’t detect, but that the descrambling application will. But here’s the clever bit…

Typically, when encoding a ‘hidden message’ in an executable, one ‘pads’ the file, making it bigger. The technique used when encoding messages in graphics files can’t be used with executables, because ‘flipping’ bits of the file would stop the program from working (or at least, working as it should), which may arouse suspicion. But this new tool works by exploiting redundancy in the i386 instruction set, swapping instructions or blocks of instructions for other ones which are functionally identical. As a result, the original filesize remains the same, and the program maintains full functionality. It would take an eavesdropper to fully compare the executable with a known original executable in order to determine that there was even a message hidden within it, and (thanks to Blowfish cryptography) yet more effort to decode that message.

Marvellous.

Thrashing

Thrashing is a computer science term referring to an undesirable occurrence in multiprocessing systems.

When a processor is given multiple jobs to do, it services them a little each in a round-robin fashion (assuming that no priority system is in effect), until each is done. This is, of course, actually significantly less efficient than doing each job one at a time, but doing a little of each job, a little at a time is more productive when dealing with humans, who like – for example – their web page to download at the same time as they write a Word document.

Unfortunately, optimizations to this system can cause it to go wrong. By giving the processor more and more jobs to do, it eventually passes a critical point at which it is spending more time performing administrative tasks and managing it’s ’round robin’ scheme than it is actually performing the tasks you want it to. You’ve probably seen a system doing this. The solution, of course, is to either stop giving the system jobs to do until it can finish some of those it already has, or, better still, to kill some of the running processes to enable the processor to catch up on it’s workload. The solution is not to click irritably on the buttons, or repeatedly demand more and more of the processor.

Today, I feel like a thrashed processor.

How To Keep Up With The Latest Happings On Scatmania (or What Are All Those Pretty Buttons?)

If you’re looking for a way to keep up-do-date with the latest Scatmania happenings, it’s now really really easy. I’ve enhanced my weblog with a heap of useful syndication tools that make keeping track of my latest activities a doddle, even for those of you who are unenlightened and can still be caught using an awful choice of web browser.

You may have noticed that at the bottom of the Scatmania menu there’s a series of button. Most of these buttons (the top five) relate to subscribing to Scatmania, like this:

RSS RSS is a popular format for syndicating news and views on the internet, supported by most weblog communities and applications, as well as by many news sites. To view RSS content, you will need an RSS Aggregator such as Pluck (a plug-in for Internet Explorer), RSSOwl (for most operating systems) or the attractive NewsMac for MacOS. The Opera web browser now supports RSS feeds, too, and it looks likely that other browsers will soon follow suit.
  • The RSS : Journal feed from Scatmania provides you with the latest blog entries, as they happen.
  • The RSS : Comments feed collates the newest comments and replies to my weblog entries.

RSS is a great way to keep up with your friends weblogs and your favourite news sites.

Atom ATOM, like RSS, is a simple way to keep up-to-date with your favourite sites. Just download an ATOM-enabled newsreader (some, like BottomFeeder, can read RSS feeds as well) and point it at the sites you want to watch. Scatmania publishes an ATOM feed of the latest blog entries.
ESF ESF is a small, fast, and simple new way to publish content like weblogs. There aren’t really any programs for reading it right now. Why not consider writing one (see how simple the data format is).
CDF CDF, developed my Microsoft as part of Internet Explorer 4, was supposed to be the future of the way we used the web and subscribed to the services of web sites… but it never took off. However, Internet Explorer to this day provides the means to subscribe to ‘active channels’, and for Internet Explorer users, this may be the easiest way to keep up with Scatmanian events. Just click the button in Internet Explorer and Scatmania will be added to your Favourites list as a submenu, automatically adding new items (and removing old ones) as new entries are added to the blog. Thanks to Aquarionics for suggesting this reincarnation of Internet Explorer ‘active channels’.

So, now you’ve got no excuse for not being up-to-date with my blog… or anybody elses!

The other buttons are mostly just me showing off because I can write standards-compliant code – click on them and see for yourself.

1984 Revisited: What If Apple Took The ‘Microsoft Route’

Daring Fireball has an article about “Apple vs. Microsoft” with a difference. Contrary to many, he argues that if Apple had taken the ‘Microsoft route’ in 1984, with their hardware and software (significantly superior to IBM-PC platforms running Microsoft software), by licensing the platform, they wouldn’t necessarily be the market leader today. It’s a well-written and compelling article, and if you’ve any interest in OS politics or parallel universes, it’s worth a look.

SURGEON GENERAL’S WARNING: Competing Directly Against Microsoft May Be Hazardous to Your Company