jose at
jose's new homepage.




labor day in northport
shopping cart races
usenix security
my july, 2002


useless hacks

scanssh + telnet, rsh



openbsd journal

going elsewhere


the past

march 2002
april 2002
may 2002
june 2002
july 2002


amazon wishlist


august 28, 2002

as an update, a new recipe:

spanish chicken

1 boneless skinless chicken breast
28 ounces canned, peeled tomatoes, not drained
1 medium onion, sliced into wedges
2 green peppers, sliced into wedges
3 cloves garlic, crushed and chopped
6 ounces capers, drained
2 tbsp olive oil
1 tbsp salt
1 tbsp freshly ground black pepper
1 tsp chopped oregano
1/4 tsp cayanne pepper
1.5 tbsp paprika
1 tbsp goya adobo
1 bay leaf

saute the chicken until browned in the olive oil over medium heat. add the chopped garlic, onions, and green peppers, remove the chicken. chop the chicken into chunks. add tomatoes, capers, seasonings, chicken. cook, covered, over medium heat for 20 minutes. serves four with a side of steamed rice.

got the recipe from a local organic deli and grocery. thanks, emv.

cool links: propolice, Improved stack-smashing attack detection. GCC extension for protecting applications from stack-smashing attacks. ibm does some cool stuff.

august 22, 2002

put up some new pics. the ann arbor shopping cart races are now a featured item here. props to the other people with pics, and mad psycho props to all who entered and raced. much disrespect to the meatheads who parked their police car across the start line ...

if you get bored play a puzzel. the rest of their site is worth reading, too.

august 20, 2002

more spam stuff. here is a Bayesian spam filter written in Tcl. i should process my spam with this ... i did a word frequency analysis on it but didn't dig around much in that vein. looks like i should. very similar to ifile, which i listed a few days ago.

i find myself increasingly frustrated by computers. here we are in 2002 and we can't even get various platforms to communicate reliably. this sucks. i should move to the scottish highlands and raise sheep or something.

august 19, 2002

finished dealers of lightning recently. this book, written by michael hiltzik, chronicles the history of Xerox PARC through first person accounts. focused on various projects, it keeps a backdrop of the politics of the corporate research center and the strong people behind it. very worthwhile reading.

currently reading linked by Albert-László Barabási. pretty cool ... reccomended if you liked gliek's chaos or singh's "the code book".

reviews soon, i hope, in noteworthy places.

august 17, 2002

marius always has some cool stuff going on, so i added him to the sidebar. check his site out. seeing my spam stuff he pointed me to ifile, an application of machine learning to spam. you can even make it work with procmail, which is cool. i will have to investigate.

august 14, 2002

despite the fact that i need to get my spam analysis finished and written up, i couldn't help but graph a pretty picture for you all. the internet as seen from AS1221 today. each dot is an autonomous system.

hopefully more stuff coming in the next few weeks and months, including that final spam report.

august 13, 2002

redid the spam undirected graphs. an off by one error in my processing dropped a lot of nodes. fixed ... same locations:

what's not visible yet is the connectedness of some nodes, like and such, which process more than their fair share of mail for me.

some people want to be able to rotate them in real time, so here you go. the two .h3 files to shove into the viewer (not mine) ...

  • cwru.h3
  • crimelabs.h3
  • h3, the viewer i used. i did this in windows, but you can also get a Linux or IRIX binary, too.
enjoy. lemme know what you come up with ...

because i can't let my spam sit around and do NOTHING, i put together some markov collages. i processed the spam using the markov perl script from "the practice is programming". i came up with ten HTML collages: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 (warning, some of this is REALLY OFFENSIVE due to porn spam).

august 12, 2002

i have been collecting my spam lately on all the mail servers i use. i then post process it to make graphs out of the paths it took to get to me. i have some of the results available here in jpeg format (poorly legible). however, what you can see is that the graph has mostly unique paths to me.

i originally started this spam project to identify lots of characterictics about the spam i get. the sources, the paths, etc ... and then use this information this information to better defend against spam. what i have found in this data analysis is that there are few servers which handle a noticable amount of spam, which is what i was looking for. secondly, out of over 425 spam mails i processed i found about 500 paths to me (some repeated, obviously). in short, i can't process my email based on the paths to me to find the spam.

again, i'm busy looking for better graphing programs. lambert pointed me to h3, which i will look at. maybe i will go back to that Windows tool that we used to graph the internet map i did recently.


well, despite being dissed twice in one day by two different people i was quite generous with knowledge to, i decided to further process my spam. i looked at the chain of servers reported in the spam and displayed it using h3 on XP (wouldn't run on my IRIX system) and generated two graphs: my cwru spam and my crimelabs spam. in each case you can see what mail servers i use. i post processed the data using a new Tcl script to generate H3 data sets. fun! and i hope you enjoy the prettier, and more legible, pictures.

august 11, 2002

back from usenix security, finally put up pics of scooter's wedding, my july, and usenix security. i will never fly ata again.

august 6, 2002

if you need me, i am in san fransisco at usenix security. photos soon. sooner, i hope, than i got other recent photos online (or not ... yet).

august 5, 2002

i have shut down the crimelabs bbs:

Monday, August 5th 2002 21:37:16, from Sysop: J053
Subject: shutting down

i'm going to shut down noname bbs. it's failed to materialize into what i was 
hoping it would wind up being: a community for people to discuss technology 
and what it means. we have had some moments, but nothing that has really 
i was really hoping it would fill a void left by the L0pht's BBS passing, but 
frankly, that's pretty impossible. no one really has the same clout as the 
L0pht (deservedly) does, especially not us. the community has changed. the 
bbs is dead for too many people.
its this second point that has just wiped me out, though. in recent weeks 
i've really seen the ugly, menacing head of the underground rise up. my 
friends are being hunted down like animals and attacked. i'm seeing people 
encourgaing the physical abuse of us. i'm seeing much of what i enjoyed going 
down the drain. and i'm starting to worry, given all of the exploits out 
there for sshd and related, that i can't keep up fast enough. this bbs is 
probably rooted ... 
oh well, it was fun. i may donate the textfiles somewhere (ie 
i have donated the code back to the community already, it was pretty trivial 
stuff but people asked for it (sshd hacks, telnetd hacks, shell hacks). if 
there is anything you want, lemme know ...
all the best, it was fun, and i thank you for your participation. see ya 

[Console] msg #26 (0 remaining) >

in the spirit of, i have uploaded a full dump of the bbs as it stood when i called it quits: noname-final.gz [1.1MB].

august 1, 2002

after the openssh fiasco i have done somethinking. i thank jamie for a really good conversation, by the way. as such, i have a small test and demo of my idea up at extract, a small shell script which transparently integrates gpg --verify with the key fetch which is often needed along with the extraction of a valid archive.

feedback is welcome. and no, i don't know why openbsd doesn't have an integrated gpg setup. and yes, it disappoints me, as well. and no, i didn't sign extract.