Posted on
by

Last week I started looking at ways to cut down on false positives in our spam filters. I’ve only seen two in my own mailbox this year, but of course everyone gets different kinds of email. I’ve been trolling the server logs for low-scoring “spam,” looking for anything that looks like it might be legit, particularly if the Bayes subsystem has already identified it correctly but isn’t enough to counteract the score assigned by other rules. (Unfortunately, it’s hard to tell when all you’ve got is the sender, subject, and list of spam rules.)

One item I noticed was a copy of the Microsoft Technet Flash newsletter. I thought this was odd, since I’d gotten a copy of the same newsletter and it hadn’t been labeled. In fact, it turned out that my copy only scored 0.3 points, and the other hit 6.4! (5 points indicates probable spam.) What could explain such a disparity?

Answer: two very small differences. Continue reading

Posted on
by

Great. Just great. Now there are ad networks using banners to install malware.

The article from Netcraft goes on to say that some phishing attacks are using banners to install keystroke loggers and other spyware. So now, just by using an insecure browser* to click on the link in a message claiming to be from your bank can make it possible for hackers to steal your passwords, credit card numbers, etc., even if you realize the site’s a scam and don’t fill in the form. Fun, fun, fun!

Time to look into those alternative browsers again…

* Yes, security holes have been found in Mozilla, Opera, etc. With the rise in popularity of Firefox, some attackers are starting to target Mozilla. But aside from looking at the sheer number of holes in IE compared to other browsers, just about everyone seems to have a better track record at fixing vulnerabilities than Microsoft does.

Posted on
by

Last week I started to notice Eudora’s musical you’ve-got-mail tones, very faint, at times that I got new mail. This was odd for two reasons: my sound was muted, and I’ve long since replaced the sound with the “Message for you, sir!” line from Monty Python and the Holy Grail. I assumed it was just coincidence, and the guy in the next cubicle had his email set to check on a similar schedule.

Well, it seems that mute doesn’t actually work on my Win2k box, at least not if it’s muted when I log in. The volume icon in the taskbar says it’s muted, the checkbox is checked, but it still sends sound to the speakers. Unchecking and re-checking the mute box solved it.

Now I need to figure out why it reset the sound clip. I did install a new version of Eudora recently, but it kept the rest of my settings intact. My best guess is that I moved the file a while back and forgot about it (since it’s been on mute for months), and Eudora, unable to find it, fell back to the default.

If I hadn’t turned the volume down so far, it would have been obvious. And I probably wouldn’t have bothered writing this.

Posted on
by

We went to see the director’s cut of Donnie Darko last night. (Somehow we had missed it the first time around.)

All I can say is, I walked out of there wishing The Philosophy of Time Travel was a real book. I’d love to get a copy of it.

Interestingly, when I checked Amazon to price the DVD, I discovered a companion book, The Donnie Darko Book, which features the script, interviews… and pages from the fictional book. Hmmm….

Update (August 2, 2006): It seems people aren’t reading through all the comments. Just to be clear, The Philosophy of Time Travel is not a real book. It would be a fun read if it was, but it isn’t.

Posted on
by

Screenshot of the PHP RSS news feed:

News Archive: December 31, 1969

Wow, when they said “archive,” they really meant it! 🙂

While SharpReader is the best aggregator I’ve tried for Windows, it does have problems with dates from time to time — sometimes articles will be stamped with the time they were downloaded instead of the time they were posted.

And I suspect in this case, it’s missing a date. (In UNIX, and as a result across most of the Internet, time is measured in seconds since GMT midnight January 1, 1970. If you somehow end up with a time of -1, this is what you get.)