Yeraze's Domain 3.0

I got an email from my Dad the other day, asking me to take a look at my sister’s laptop. Evidently she had gotten a popup warning her that “Blackworm” (Also known as CME-24)was present on her computer, and she need to install WinFixer to remove it. My dad had her run Symantec’s BlackMal Removal tool but it didn’t detect anything. He did some more digging, and slowly started to realize what was really going on.

Anyone with experience with this kind of thing would have caught the real trick in the first paragraph. My sister already has Norton Antivirus on her machine, and there’s no way it would detect this and then point her to another program (WinFixer in this case) from a competing company to remove it. This was a web popup window disguised to look like the real thing. Evidently, WinFixer is an AdAware-style application that claims to detect spyware and malware and offer to remove it, but the free version seems to arbitrarily report huge numbers of exceptions just to scare people into buying it to remove them all (Reference from Symantec). When that evidently wasn’t getting them enough sales, then moved to even less honorable means of confusing the user into accidentally installing it (Reference from eTrust) and finally just using bugs in Internet Explorer to spread & install automatically (Reference from MacAfee). I’m guessing that one of the latter two is what happened to my sister, as she’s just become quite a Myspace junkie in the last few weeks, right when this all started. Anytime you start surfing around big community sites where they allow you to upload Flash & Movies into your comments, you kinda have to expect some scummy adware peddler to try and exploit it.

Read around the net on the WinFixer & Blackworm situation and you’ll see that it’s really a product called “Vundo” or “Virtumondo“. The exact details vary as the software is constantly evolving to stay one step ahead of AntiVirus and AntiMalware technology, but it’s basically just an adware package that seems to have taken a contract from the makers of WinFixer, and what better way to make the ads work than to claim imaginary infection of the latest internet worm & offer their product as a solution? Unfortunately, it’s pretty annoying to get rid of. It actively disables antivirus programs and spyware programs, making automatic removal difficult. In this case, Lavasoft’s AdAwareSE would always crash a few seconds into the scan. Luckily, alot of smart people have been working on this and there’s a nice tool named VundoFix from a group called Atribune that can remove the main part of the infection. On Karen’s computer it initially found about 10 files that it removed (after a reboot). After that, I was able to run AdAware to completion and it only found a few tracking cookies. I thought I was just about done, but just for safety I installed Spybot S&D and let it run. Much to my surprise it found not only the tracking cookies, but a full install of a product entitled NewDotNet. It easily removed it, after another reboot, and then I had the entire trifecta (AdAware, VundoFix, & Spybot) report back clean.

Then I finally bit the bullet and put her on the internet. She surfed for a bit and everything seemed fine. She said that IE was basically unusable before, but it ran just fine now. I checked her Windows Updates but none were left, she already had Automatic updates enabled and working. So how did this get on the system? I’ve heard about the latest IE “createTextRange” vulnerability, but that’s pretty new. After some research, it seems that (Reference to DSLReports) that it’s related to a bug in Sun’s Java 1.4.03, and sure enough that’s what Karen had on her laptop. I used the automatic update to upgrade to 1.5, which supposedly plugged the hole. Unfortunately, from what I’ve read today that may not be enough, and I may need to manually uninstalled the vulnerable 1.4 version which is still on the machine.

Hopefully the work I’ve already done, and Spybot’s Immunize feature, can keep her system clean for a while. If not, then I guess I’m in for another few hours of work. At least now I know how to get rid of it.
[tag:winfixer][tag:blackworm][tag:vundo][tag:virtumondo][tag:adware][tag:malware]

I’ve thought about building a MythTV unit for quite a while now. Back in Florida, I had friends with Tivo’s that swore by them. From what I’ve seen and heard they are a great gadget to have, although some recent changes in Tivo’s strategies have made them slightly less attractive. There were always a few things that kept me from building a MythTV, tho. Mainly it was the price, but there were also a few technical issues. As I use Time Warner and have digital cable, I have a set-top box that I have to use to access the higher channels and there didn’t seem to be a good way to connect it to a MythTV.

Yesterday a few guys in the office were talking about Tivo and asked me what I knew about it. I laid out what I knew, and they had the same reaction to the recent ad and DRM changes. I mentioned MythTV and that piqued everyone’s interest, and from looking around their website some more mine as well. To get it to talk to my set top box it seems the only real answer is with an IR Relay (You use a remote to talk to the MythTV, and it has an IR transmitter to talk to the set-top box). The price on the Hauppauge PVR-250 has come down a bit to around $130. Using that card’s hardware MPEG support, you can get pretty cheap on the processor and get something like a 2Ghz Celeron for just over $50 via NewEgg. Put the whole thing in a HTPC case like the Silversone Lascala or the Cavalier 4 and it would look just like a regular piece of AV equipment. Personally I would prefer a slimmer case, but given that it could replace my DVD Player, Set Top Box, and (to some extent, won’t play VHS but I really don’t care about that) VCR, I think I could live with the extra size.

Just running some preliminary numbers on the price:

• Processor: $60
• PVR-250 : $130
• Motherboard: about $50
• Memory: $50 – $100 (probably only need 512M, but 1Gig might help.. don’t really know)
• Hard Drive: $100
• DVD Burner: around $50

That comes to around $500, but there’s probably a bit more that needs to be added in there for the IR stuff, Network stuff, etc. I might be able to get the price down even a bit further by cannibalizing parts from some other machines I have. Is it worth $500? I’m not entirely sure, but there has to be some value in being able to consolidate 3 different remotes into 1 remote (TV + Cable + DVD), having some control over it’s features & functions, and being able to digitally record stuff on TV. Would also be nice for building a small catalog of some of Rhianna’s favorite stuff so we don’t have to keep switching out DVD’s or flipping channels.

So, I’m looking for some advice. Cases, specs, hardware, anything.   One other consideration was to simply buy a Mac Mini and configure it as a MythTV unit, but the price seems higher than building it myself.  Is there other considerations that make it more attractive?   The size alone makes it interesting to me, but I don’t think I can justify $800 for one.
[tag:mythtv][tag:pvr][tag:tivo]

Gotta thanks the folks at Anandtech’s Highly Technical forum for this find. Unless your electrically-talented or an electrical engineer, you probably won’t find this all that funny, but I got a good laugh out of it.
[tag:electronics][tag:joke][tag:prank]
Supposedly, back in the mid 70’s, a bunch of engineers working for Signetics thought it would be funny to include the specs for their new state-of-the-art “Write Only” memory chip in their company’s product catalog. Wikipedia has a good writeup of the gag under Write Only Memory, but basically they were fedup with the huge pile of approval & review paperwork that was required for publication.  The people reviewing the catalog prior to production, however, weren’t engineers and didn’t get the joke, so it went straight through to production. The company isn’t around anymore (Bought by Philips), but the joke lives on. Everyone knows that electrical engineer’s are packrats, so I’m sure there are alot of folks with this catalog laying around.

Page 1	Page 2

Some funny things to look for:

• The “non-hermetic sealing technique” which prevents harmful ions, but allows friendly ions
• Post-mortem memories for Weapon Systems
• Cooling requirements of a 6-foot fan 1/2 inch from the chip.
• The “Pins Remaining” vs “Number of Socket Insertions” graph
• Slip-on Latex Protectors

Saturday morning we woke up and went about our usual routine, when Laura noticed in a local magazine that this weekend was the “Zoo-lympics” at the Jackson City Zoo.  Rhianna has never been to a zoo before, so today seemed like the perfect time.

An hour later we were pulling into the zoo.  At first Rhi was rather indifferent, just seeming to be happy to be outside and away from the house for a change.  We were there pretty early, around 9:30, so the place was basically deserted.  We pitched in for “Friends of the Zoo” membership (Basically a year-long season pass) and headed on in. 

Soon as we got in the gate, I hoisted her up onto my shoulders and over to the right she saw her first new animal: the Giraffes.  She squealed and shrieked, and we went right over.  Most of the morning was that same joy & excitement over and over again, from one animal to the next.  From the Giraffe’s, to the tapirs (which she calls Cows), to the monkeys, through the entire zoo.

One rookie mistake was made when we were watching some of the chimpanzee’s.  Rhianna had kneeled down under one of the information panels to see through the fence, and when she stood up she hit her head.  Of course, she cried and Laura ran over to comfort her.  Evidently the animals thought Laura caused it and started congregating near the fence and hissing and squealing.  Needless to say we didn’t stay long with those.

We only wound up staying about 2 hours, but it was a fun 2 hours.  Rhianna got to see the elephants (ephenunts to her) which was a big deal to her.  Or maybe it was a big deal to us, but either way we all enjoyed it.  Because of the “Zoolympics” they also had some inflatable bounce houses that Rhianna insisted on enjoying.  Five minutes in there pretty well wore her out, so we didn’t get to stay as long as we had hoped.

The place was alot better than I remembered it being.  The last time I was at the Jackson Zoo was back in grade school, and all I remember was the overpowering odor of animal crap.  The place was pretty clean tho, and being so early in the morning and a bit chilly, nothing had gotten to “Bake in” while we were there.  We also beat all the crowds, parking right at the ticket booth & exploring line-free.  We did get the year-long passes, so we get back in for a full year for free which extends to pretty much any Zoo or Garden in the US.  It’s a good thing too, since evidently next month they’re opening an aquarium and reptile house, along with a few other areas that should be fun.  Add to that the visits from Dora the Explorer & Spongebob Squarepants during the summer, and I’m sure we’ll be back. 

After that, we all came home for a nap.  After that, Rhi said she was ready to “go see nanny”, so Laura & her loaded up for Meridian.  I got to stay home and cut the grass.  Well, I guess you can’t have fun all the time.
[tag:zoo][tag:family][tag:jackson]

I’m sure some of you have noticed problems trying to get to my website over the last few days. You probably thought the website was down, but oddly enough it’s been running just fine.

It seems there’s a huge DDOS Attack against the Joker Nameservers happening, and since Joker is my domain registrar that means my hostname ( yeraze.com ) won’t resolve to the proper IP. I assume this is a result of the newly discovered recursive DNS exploit, but I can’t be sure. Whatever it is, there’s not much I can do about it except wait for Joker to work arond it, or switch to another registrar. I’ve already paid for Joker, so I don’t want to switch. We’ll just have to wait and see.

If you’re desperate to keep my hostname resolving, irrespective of the DNS issues, then you can manually enter 216.76.4.76 in your hosts file to resolve to yeraze.com or www.yeraze.com . On Windows, you can follow these instructions from Microsoft.
[tag:joker][tag:dns][tag:ddos]

(Updated 3/27/05, See bottom)
Over the last few years I’ve had alot of friends switch over to Apple Fanboys. The lure of PowerBooks was too strong, and one by one they all left linux behind to join the Apple Masses. They then proceeded to tell tales of wonder and glee at how usable and beautiful the interface was, how it was simply a joy to use on a day-to-day basis, and how it was so great that every in the magic land of Apple “just worked”.

I wasn’t one of them. I’ve used Apple’s ever since the days of the Apple IIe, and while they were novel I just never found any reason to devote yourself to an uncustomizable hardware platform when PC’s were so easily “tweaked”. When the Macintosh’s first came on the scene, the new mantra become “Usability”. “Mac’s are so easy to use that PC’s will never compete” and blah blah blah. I used one a few times, but was never really impressed. Sure, everything was consistent and the same but it just didn’t seem “convenient” to me. OSX hit the scene a few years ago and the mantra reached an all-time-high as now not only was it “usable” but it was based on Linux (BSD to be exact) so it drew alot of *nix diehards.

This week our video editing guy was having trouble with his dual-proc G5 connecting it to our Windows File Server. Some security reins were tightened and he suddenly lost connectivity. I sat down to try and offer my help, since afterall I know samba pretty well and this was supposedly just *nix based right? I sat down to use it, my first time with OSX, and was flabbergasted at what some people consider “usable”. Read on for the list of problems I ran into.[tag:apple][tag:osx][tag:mac][tag:usability]

Well, I’m sure you’ve read by now the news that Dell officially announced they are buying Alienware. Rumors of this have been floating around for weeks, but nothing concrete has been uncovered.

What really annoys me about this so far is that the DOD Sales Reps for Dell were in the office last week to pitch their big rack-server solutions. I wasn’t there, but my boss was (I’m lucky enough to actually have a technogeek like myself for a boss). He reads The Register and had seen the rumors, and asked the rep during the Q&A “Is Dell buying Alienware?”. That started a 5 minute tirade that went something like “Dell has no need or interest in buying a gaming company”, “Dell believes in growing from within, not growing through acquisition”, “Dell is not buying Alienware”. After a spiel like that, we were convinced, albeit a bit disappointed. After yesterday’s announcement tho, we’re both happy & annoyed. The reps could have easily stated “We are not at liberty to discuss that” or just discussed it under NDA, but they simply lied about it.

On a good note, it seems Dell will now be offering AMD chips, albeit rather strangely. From the reports I’ve read, you won’t see Alienware PC’s on Dell’s website, and Alienware PC’s won’t carry Dell branding. So basically you’ll just have to buy your computer directly from Alienware, and Dell just gets an invisible cut of the money. I figure that in a few months to a year, they’ll probably just dissolve and absorb Alienware and start marketing them directly, and there’s a bit of information leaning towards that although it’s from rather unreliable sources.

Here at the office we’re still kinda wondering why Dell would do this. A few labs here have ditched Dell in favor of Alienware, because they prefer Opterons to Xeons, but not enough that Dell is losing millions. There is the AMD option, but Dell could have just as easily (and probably cheaper) just started their own Opteron PC line. Personally, I think that Dell is interested in some of Alienware’s hardware divisions. When Dell was here pitching their server equipment, the one thing notably missing was graphics abilities. Alienware has hardware for putting high-end NVidia cards in laptops, which seems to me would be fairly compatible with server blades. Could Dell be hoping to get their grubby hands on it?
[tag:dell][tag:alienware][tag:hardware]

I’ve become a frequent reader of the Proceedings of the Athanasius Kircher Society website, and today they had a neat link to some examples and descriptions of an optical illusion called the “Droste Effect”.  You can find alot of beautiful examples of it in this gallery.

In short, the effect gets it’s name from the old Droste Cocoa package which had a picture of a Nun holding a box of their product on a tray, and on the box was the same picture of the num with the tray, creating an infinite recursion.  It’s a pretty well known effect, but still amazing.  One thing, tho, I had never seen before was this incredible article on a Mathematical Implementation of an Image Warping routine to generate these effects.  They have plenty of examples of them taking ordinary images and creating some really stunning effects using this “logarithmic image transformation” algorithm. 

This would be a fun project to put together in Matlab, or even ITK.  A sweet Photoshop plugin would also be neat.
[tag:droste][tag:picture][tag:algorithm]

Here’s a thought that occured to me today during the drive home.

Everyone is familiar with credit cards.  Seems they’ve become an integral part of the American Dream, and one thing that all heavy credit-card users know about is “Rewards Cards”.  Typically in the form of frequent flyer miles, they simply give you money or rewards whenever you make a purchase (eg. Spend $10 and earn $0.10 or $0.1 back).  It’s a neat idea that sounds really good on paper, but usually doesn’t amount to anything significant for either party.

So what would happen if you got 2 rewards cards, and then continually shuffled the balance back and forth?  It would appear as though you were always making a big (say $2000) purchase and then paying it all off.  Could you cheat the system and rack up huge amounts of rewards for effectively no cost?  I’m sure you’ll have to wait at least a few days between shuffles, just to make sure the money actually appeared in all the right systems, but it seems pretty solid to me.

So, with an idea this simple… What am I missing?
[tag:scam][tag:credit][tag:reward]

Well, I’m a little bored at work today so I spent some time on my website. As you’ve probably noticed by now, I know have a Google Adsense bar on the right, along with a Google Search Box.

I’ve heard alot of stuff over the last few years about Google’s “price per click” strategy and how it’s turning some people into millionaires. More of an experiment than any real need, I thought I would drop it in here and see how it goes. It was surprisingly simple to get working, and it’s pretty customizable. Currently all I’m getting is “Public Service Announcements” but they say that will change when they crawl my site again. Supposedly I’ll get a few cents every time someone clicks on the advertisement, and I’ll also get a few cents when someone clicks on one of the search results from the search box (if it’s an advertiser).

I’ve done my best to make it as non-intrusive as possible, but I’m sure someone will find it annoying. If I make some cash, then so be it. Honestly, I expect I’ll fall into the <$50 a year group.

Update 11:35pm : Wow… less than a day and I’ve already earned 25 cents. 
[tag:adsense][tag:google][tag:homepage]