Neil Schemenauer's Web Log


October 30, 2003

Spammers steal e-mail addresses from Orbitz

Seen on

Orbitz became aware Monday of the information leak, which so far has affected fewer than 50 customers.

So I'm one of 50 out of 18 million customers that had their email address stolen? Bullshit.

October 28, 2003


Seen on bugtraq:

Program:		mod_security (
Versions:		1.7RC1 to 1.7.1 (Apache 2 version)
Synopsis:		malloc based buffer overflow

October 27, 2003

Orbitz selling email addresses?

I just got an "eliminate evidence" spam sent to an email address that I used to sign up with Orbitz. I never used the address for anything else, did not publish it and it's very unlikely that a spammer guessed it. Hmmm.

October 14, 2003

Forbes on Linux's Hit Men

Forbes is running an article titled Linux's Hit Men. Initially I had a hard time telling if the author was being serious or sarcastic. Based on his previous writing I guess he is serious. I'm sure big companies like Cisco and Microsoft is very afraid of a foundation [that] has $750,000 in the bank and one lawyer who works for free, part time, when he's not teaching classes at Columbia University.

The rules of GPLed software are simple. If you don't want to follow them then don't use the code. Personally, I prefer licensing my code under more liberal terms like the MIT license. If people want to take my code and make millions, good for them. Other people don't want that and use the GPL. RMS uses the GPL to try to encourage people to make source code available.

Linksys knew or should have known what they were getting into. I have no pity for them.

October 09, 2003

SCO's Linux Lottery?

The Red Hat legal team is requesting from SCO "All documents concerning a Linux Lottery or the phrase the 'Linux Lottery'". I wonder if that's a shot in dark or if they have specific reasons for suspecting that SCO has such documents.


"You could wire up a dead rat to a DIMM socket and the PC BIOS memory test would pass it just fine." -- Ethan Benson

October 07, 2003

Sturgeon was an optimist

Looks like Al really is back:

And folks, let's be honest. Sturgeon was an optimist. Way more than 90% of code is crap. The only way around that is to have a bunch of creatively sadistic bastards go through said code and rip the authors a new one for every hole they find (and yes, that includes ripping new ones to each other).

Now, if only Erik would reappear. :-)


I've just been catching up on the linux-kernel list. Someone is trying tell Al Viro how Unix file permissions are supposed to work.

October 06, 2003

Half-Life 2 source stolen

So, the Half-Life 2 source code has been stolen. According to a recent story, the intruders got in using a hole in Outlook/Internet Explorer. Almost no one cares about browser holes. Why else would IE have such as huge market share?

Truth in spamming

From the spambayes-dev list:

OTOH, I got an identity-theft scam spam yesterday, pretending to be from eBay, that *would* have scored as ham if it weren't for this bizarre piece of text/plain:
     sure, we are the rusian scamers and this  for idiots only...
     if you read this ... sure you are not idiot... anyway sorry for
     disturbing is back

As you can see, is back. CIRA decided to suspend the domain because my registrar did not respond to their request for registrant information within 5 days. It took them more than a week to re-enable it. Jerks.