To Wild Homes

To wild homes we go,

To wild homes we return,

To wild homes we go.

"To Wild Homes", The New Pornographers

This morning was the keynote address by Cory Doctorow on "Hollywood's Secret War On Your NOC". Excellent stuff...lots of stuff I was already familiar with, but some specifics that were incredible and/or funny:

• "Nobody puts a rootkit on media you get over eMule. That only happens if you're dumb enough to go into the store and plunk down $15 for it." (Cute quote, but arguable.)
• "Small tip: If you want to improve your Star Wars: Episode 1 experience, switch the language to Italian and pretend it's opera."
• Comcast PVR: apparently, Comcast pushed a patch that deletes already-recorded material two weeks before the DVD is due to come out. Must track that down.
• "Nobody sets the security slider to less."
• Casting the DRM debate in terms of hardware that treats its user/owner as an attacker.
• EULAS: "agreements you've agreed to by moving through time or space" ("by entering this building, you agree...")
• "The WIPO has the same relationship to dump copyright laws that Sauron has to evil in Middle Earth." (The man knows his audience.)
• Turning down an engagement at Disney to speak to their execs about DRM. Why? Because at the last minute, he was given a EULA containing a clause that said "You agree to never use the word 'Disney' in print again." When he asked about this, he was told not to worry, as they'd almost certainly never use it.
• When he and a bunch of other NGO reps got access to WIPO meetings, they naturally published their notes twice a day on websites. This was in sharp contrast to the official WIPO minuts that a) took 6 months to come out, and b) had been vetted by everyone involved, giving them a chance to retract anything they didn't want to have on the record. Very shortly, various government reps started getting calls from their capitals saying, "You agreed to what?" When their replacements showed up, they had read the unofficial notes -- they were more timely, and more useful, than the official minutes.

Must Google:

• Owner-override model for DRM that makes it more user/owner-friendly.must Google.
• World of Warcraft -- URL/content trading in speech bubbles to get around the Great Firewall of China.

Whew! Met up with the Boston sysadmin again, and I pointed him to Windflower -- he's a small enough shop that it may actually be useful for him. Good stuff. Picked up a ribbon that said "Blogger", another that says "Newcomer", and a third that says "Usenix Baby" for Arlo.

After that came technical papers on spam. First up was a paper by Brent Kang et al. on Privilege Messaging (FIXME: Add link). Third-hand, but: allegedly, as of last year, phishing is making more money than drug smuggling. A cite would be really nice for that, but he didn't have one. He also mentioned a recent paper (again, need cite) showing that spam coming from Gmail accounts (not forged, but real accounts) had rised from 1% at the start to 10%...interesting to think of how that might indicate a failure of friend-of-a-friend. OTOH, maybe that's an indication of success of FOAF, since...

...the next paper, on the experience of an Italian research network, showed that their percentage of legit mail (not caught by the spam filters) had, over the last few months, gone as low as 8%. That's fucking incredible. However, he's having excellent results with Bayes and SpamAssassin, so maybe there's some hope.

After that was "A Forensic Analysis of a Distributed Two-Stage Web-Based Spam Attack" by Daniel Klein. Very interesting: showed how regular monitoring of his systems and looking at the graphs it produced let him notice -- the second time it happened -- a very subtle attack that let 5,000 messages go out the door because of a subtle, simple CGI bug. As at least some (and probably most) of the attacks were through web proxies, I asked him (knees knocking; I was very nervous) if he thought it would be worth looking for this sort of traffic, or this sort of traffic on certain pages. He pointed out that actually, this sort of traffic -- distributed, small requests, high in numbers -- was exactly what you wanted from a website, so it was extremely hard to analyze as it happened.

After that, I talked with Noah, a Debian security guy and senior sysadmin at MIT's Artificial Intelligence lab. ! We talked about spam, getting depressed about DRM (him) vs spammers (me), and moving the AI lab to a new building after 40 years (me. no, wait). Very interesting stuff, and a good guy.

The afternoon was taken up with data closet/centre setup training. Very, very good stuff once everyone got talking -- the slides were 'way thin, but my notes filled the rest of the book. Since I've learned what I know about this by making mistakes, it was good to think of maybe shaving a mistake or two off my list from the future.

And then...then the vendor exhibit. Beer (yay!), Budweiser (boo!), and a chance to pick up the cable modem hacking book from No Starch Press' table. I also got a chance to talk with the FSF folks, up/down from Boston, and pick up a t-shirt. No luck convincing a fellow attendee to join, but I'll keep working on him. Splunk had the best booth babes (or so I heard), but Google by far had the most people around their table. Interesting.

Now off to the BOFS. Quite looking forward to the one on life at small shops.