Last year we had a huge crop of raspberries. Large, juicy, tart raspberries by the bucketful. These are great berries and taste incredibly good with ice cream. The berry patch is all mature plants and they have produced volumes for years… except this year. This year we collected five, and I don’t mean buckets, I mean five berries.

So who is the raspberry thief and where did they take my delicious berries? That is a darned good question and one that is not easy to answer in a single sentence. The first indication of a problem went almost unnoticed when in the early spring we experienced a long stretch of unseasonably warm weather. The tall, thick raspberry bushes soaked in all the warmth and converted that sunshine in to new buds on the stalks within a few days. I was sure I was going to have a bumper harvest from the number of new buds I counted.

Then it turned cold again – real cold. What followed was 8 weeks of snow, hail, ice and -20C weather – none of which is good for freshly growing plants. When the weather finally warmed up again, the berry bushes had taken a beating and when I was able to get to the plants for the clean up, they had all but completely frozen at the roots. I was only able to save 4 of the plants and even then had to trim them down to 4″ stubs to clean out the dead wood. The patch has started to come back now and is prospering, but won’t produce a decent berry harvest for a couple of years.

it is somewhat common to have a warm period in the early spring followed by a cold snap, but this year’s warm period was unusually long and warm which resulted in the raspberry casualties. The cold snap was also unusually harsh this year. Both of these are indications of global warming, climate change, or whatever you want to call it. To me it does not matter if this pattern change is the result of a man made hole in the ozone or the natural climate shift as the poles move, or if the tectonic upheavals recently have altered weather patterns permanently. If these climate changes continue to alter crop heath, we will need to start being very careful about what we plant and where, not to mention when.

My raspberry thief was a disappointment but not life threatening, however that will not be the case when it affects the national wheat harvest or decimates an entire region’s corn feed crops. If you thought climate change was a political thing or not your problem, maybe this will give us all something more to consider.

In the summer of 1979, I was 12 years old, I had the rest of my life to look forward to, and I lived in constant fear of being vapourized. The SALT-II treaty was signed in Vienna that year in June and being the overly inquisitive child that I was, I tried to learn everything about this interesting news event. I remember feeling sorry that I did. I am actually shaking a bit writing this as I recall reading the numbers.

I was not your normal kid by any means even though I thought I was at the time, but how many 12 year olds do you know that have an explosives license and have already built and launched 3 or 4 home made rockets? How many 12 year olds do you know can quickly take a news report on Strategic Arms Limitation, do the math and calculate that between the US and the Soviet stockpiles, the two opposing forces had enough nuclear warheads to incinerate the planet surface 38 times.

Since that time, I have been very aware of world events as they pertain to global survival and nuclear destruction. There were several years during the Cold War where things actually looked stable in a Mexican standoff kinda way. Each of the two super-powers had enough intercontinental warheads to obliterate the other as well as most of the life on the planet, so neither one was willing to actually “push the button”. In a weird way, the extreme over-kill of the situation saved us from complete self extinction through the induced fear of the ultimate consequences.

When Reagan withdrew from the SALT-II treaty in 1986 sighting soviet violations of the treaty, all those fears came back. When the Soviet Union finally collapsed in 1991, it was the beginning of a new age of fear and uncertainty for me. With the fall of the once powerful Soviet Union, there was no oppressive government to prevent radical waring factions from using those weapons on each other. Even worse, the Soviet economic collapse meant the nuclear fuel made for a very valuable trading commodity that was guarded by very poorly paid soldiers. Quite honestly, I am surprised we have not seen a “suitcase nuke” set off in New York yet, or that LA gangs are not trading in Uranium and Plutonium on a regular basis.

The latest problems in Pakistan and North Korea have me thinking about 1979 again and I worry about the safety of my children. Unfortunately it is not 1979 and the Cold War is over. There are not just 2 super powers pointing weapons at each other that they never really intend to use. This is 2010 and a thermo-nuclear device capable of wiping out 50 city blocks can be packed into a brief case. There are terrorists all over the world with more money than brains and plenty of poorly paid guards who would gladly turn a blind eye for a few thousand US dollars.

There is a whole new generation running the world now, watching and creating the news. We live in a world of social networks and interconnections that were unheard of in 1979. This new generation is largely oblivious to the silent horror that many of us lived with when we were kids growing up in the seventies and eighties. This new generation needs to know the truth of that history.

On July 23rd, a new documentary “Countdown to Zero” will debut in select cities and will trace the history of atomic weapons from origin to present day. If you have an opportunity to see it, please take the time. If you can’t please do some research, contact your MP, congress person, or other government official and let them know that we have had enough. The need for nuclear weapons has long past and it is time for all nations to locate and dismantle all nuclear weapons. The time has come for all nations to come together to agree never to build these abominations ever again. The lives of our children depend on it.

Further reading….
http://www.takepart.com/zero
http://en.wikipedia.org/wiki/Cold_War
http://www.nucleartippingpoint.org/home.html

I recently had a discussion with a person who presumed that since I knew how to write code for computers, that I was a programmer. I guess this is true at a very high level, but I prefer the term hacker for what I do. So what’s the difference?

Programmers will use a $50 brand name crowbar and will postpone a job if they don’t have the right one. Hackers will use a left over piece of re-bar from the garage. A programmer speaks one or two languages fluently, while a hacker knows 10 or 20 languages at a functional level.

A programmer will write an elegant piece of code that is fully documented and takes most variations into consideration with error handling and pretty error messages. The code will be written to industry standards with strict variable scopes and attention to validation on inputs. There will be copious commenting as well as a fully documented usage guide. It will take two months to release a final version and even then, it will be called “beta” until several users have tried it without any problems. There will typically be an upgrade path that is well thought out in advance and patches will will be built for all possible operating systems.

A hacker will give you the same piece of code in three days and it will work exactly as you requested for the environment you want it to work in. It is unlikely to run without modification on any other operating system and all new versions will have to be hand coded. The comments will all be in-line with the code because only other hackers would want to look at it right? It is unlikely that you will see a manual or user guide, but you might get a one page README file explaining basic usage. You will most likely be handed version 0.01a and the concept of “beta” if foreign to hackers.

Programmers will introduce themselves as a “C programmer with a degree from Stanford” or a “.NET Programmer with a degree from UBC” and they will have experience with methodologies like “Agile”, “Scrum” and “Rational”. A hacker is unlikely to identify themselves at all and never had the time to bother with finishing a degree. You often have to “know someone who knows someone” in order to find a hacker, while programmers typically carry business cards touting their credentials. Programmers have rules and ethics and follow protocol. Hackers don’t think too much of rules, have flexible ethics and only follow protocol when they need to.

Crackers are hackers gone bad. These are the people who spend thier time writing mail worms and viral files and password decryptors. They often are brilliant one-time hackers who crossed over to the dark side and the allure of the pirate world. They get high on the thrill of seeing one of their code creations seep into millions of computers undetected. They sometimes are recruited by corporations for digital espionage or by organized crime for a multitude of nefarious reasons.

Hackers don’t like Crackers.

I definitely fall into the “hacker” category in everything I do. Whether it is software, hardware, robotics, AI, writing, or building a deck on the back of the house – I’ll always take the hacker approach. I have a number of friends who are professional programmers and I have immense respect for what they do. If I want a polished market ready application built, I would definitely have a programmer build it, but you can guarantee the first version would have been hacked into place.

Whether you call it “Fat Tuesday”, “Mardi Gras”, “Carnival”, or “Day before Ash Wednesday”, today is the last day before the fasting and penitential season of Lent. It is also Pancake Day!

The later may be more significant to many these days, but there was a time when the known universe operated in fear of, or under the rule of the Roman Empire that was fuelled primarily by the Catholic church, and no pancakes were served.

In any other measure, it is 47 days into the new year and the hours are ticking away. If you planned on making a difference this year, carpe diem and all that, it is time to start (if you have not already). In the days of the Roman Empire, when every day was critical to your survival, the 44 days of Lent had other important geo-political functions, and Fat Tuesday was a pretty significant day. Today, it is a good reminder that there are only 365 days in a year and this means we are well past the 10% point.

In the business world, it is critical to understand that this is also the point at which business gets back to business. The holidays are over, summer is on the distant horizon and there is a window of opportunity for the next few months to make your mark on the year. After three decades of working for a living, I’ve noticed these patterns emerge in every company I have worked for in every industry. There are always those people who don’t take advantage of this opportunity and find them selves scrambling in the fall to make up for lost time.

It is a fabulous time of year to be creative. Writers, painters, and sculptors find inspiration in this time of year and with good reason. Not only is it the beginning of a season of fasting, it is also a season of new growth, rebirth and the melting away of icy oppression. Any hungry creative person should take heed of the chance to teach, build, write and generally do whatever they can to mold the world around them.

The Chinese call this the year of the Tiger (4707 post Huangdi) and in the tradition of the tiger, I plan to stalk and pounce on every opportunity. I think I wave written more this year already than I did most of last year. Unfortunately I have less time for pancakes.

They are getting smarter, so you need to be even smarterer. You are probably used to seeing bogus emails and web pop-ups telling you that your computer is infected and you need to download and install an antivirus program. Conveniently they always have one attached that is perfect for your computer. If you are not already aware – these are all malware – virus infectected files, spyware, trojans, and generally bad stuff.

No anti-spam/virus software company will ever send you a file directly to your email address and ask you to install it. They just don’t. Even if you see a message pop up on your screen, the safest course of action is to open the security software you already have (you do have some right?) and manually run updates and scans from there.

What triggered this blog post was an email I received this morning from “Microsoft” essentially accusing me of spreading viral files. It occurred to me that many, many people may be convinced to open the attachment and infect them selves unwittingly just based on the fact that it appeared to have come from Microsoft. Here is the actual message:

Dear Microsoft Customer,

Starting 18/10/2009 the ‘Conficker’ worm began infecting Microsoft customers unusually rapidly. Microsoft has been advised by your Internet provider that your network is infected.

To counteract further spread we advise removing the infection using an antispyware program. We are supplying all effected Windows Users with a free system scan in order to clean any files infected by the virus.

Please install attached file to start the scan. The process takes under a minute and will prevent your files from being compromised. We appreciate your prompt cooperation.

Regards,
Microsoft Windows Agent #2 (Hollis)
Microsoft Windows Computer Safety Division

Of course it is completely bogus. Microsoft does not monitor viral activity, particularly not down to an individual PC level. Even if Microsoft did see a problem, they would distribute a patch through their “update” services. However, all you have to do is to actually read it because people at Microsoft would not have let this go out with grammar and spelling mistakes.

This is typical of the growing trend in social engineering used by malware distributors. There are two common ways to infect computers – send an infected file to someone, or trick them in to infecting themselves. Don’t be the later.

As a follow up to my last post on scripting firewall changes to drop spammer addresses…. here is a current list of all the IP addresses I have identified as spam sources. Feel free to use these in what ever way you like to block these evil bastards. All of the following addresses have been blocked from any access to my networks:

UPDATE!!!
I originally posted a list here but in the week after I wrote the script, the list grew to over 10,000 IP addresses – obviously too long a list to post in the blog. This list appears to be mostly “Zombies” so if you are having any difficulty accessing my website (mairs.ca or aasland.com) then it is very likely your IP has been blocked through this list and your PC may have been turned into a zombie mailer – and you may not even know it. If your public IP appears on this list, please let me know.

The current list is posted at http://www.mairs.ca/zombies.txt

I manage a network of servers that include mail servers, web services, and file sharing and I have been doing so for a number of years. One of the most prevalent maintenance issues for me has always been dealing with spammers. These guys have no respect for the general rules and will insist on sending their crap to you even if you are very specific about not wanting it. The thing with spam is that it is not just an email problem. When a spammer slams an email server with millions of bogus messages, often to bogus accounts, it takes a huge toll on the firewall, spam and antivirus processors, and can seriously degrade overall network performance. Simply sending back a “550 – no such mailbox” message only adds to the network traffic and encourages them to try a different mix of fake addresses.

So say goodbye to “Mr. Nice Guy”, I am taking the gloves off and delivering an uppercut right to the jaw. I recently wrote a chunk of batch script to identify the hard core spammers who waste all my system resources and just drop their connections cold. This way they will still hit my firewall for a while, but when they realize the server effectively no longer exists, they will take my IP off their list and I will be free of the annoyance.

How does it work? It’s really pretty simple. Here is an an example from a Sendmail server I am still using. When one of those annoying people connect to my server, one of the first things they do is check to see if I’ll relay mail so it can turn me into a zombie mailer… not gonna happen bud. What ends up happening is that my logs fill up with this garbage:
Sep 24 21:37:20 mairs sendmail[17608]: ruleset=check_relay, arg1=[114.238.85.247], arg2=114.238.85.247, relay=[114.238.85.247], reject=550 5.7.1 Fix reverse DNS for 114.238.85.247,or use your ISP server
Sep 24 21:37:37 mairs sendmail[17610]: ruleset=check_relay, arg1=[190.213.91.165], arg2=190.213.91.165, relay=[190.213.91.165], reject=550 5.7.1 Fix reverse DNS for 190.213.91.165,or use your ISP server
Sep 24 21:38:34 mairs sendmail[17612]: ruleset=check_relay, arg1=[123.17.228.211], arg2=123.17.228.211, relay=[123.17.228.211], reject=550 5.7.1 Fix reverse DNS for 123.17.228.211,or use your ISP server

The cool think about this is that regardless of what hostname they are trying to spoof, the originating IP address is right there for me to grab and use against them. So that is exactly what I did… I wrote a script to pass through my daily logs, pick out the IP addresses on these offending lines, and add them to my firewall rules with a silent “DROP”. They never get any feedback, not even a ping response, so to them, the server is dead – a non existent IP.

In the first day, it dropped my spam volume to about a quarter and now it is virtually non-existent. The 30 or 40 spam messages a day I get now are nothing compared to the hundreds of thousands that were filling my logs 2 weeks ago.

Here is the actual script in case you want to run it on your own server. This was built for a CentOS 5.3 i386 server – make the appropriate adjustments for your platform. This should be run on a cron daily just before the log rotation. Alternately you could run it just after log rotation and alter the script to read maillog.1.

The /etc/cron.d job:
45 23 * * * root /home/tmairs/spamkiller >/dev/null 2>&1

The script:
#!/bin/bash

# get list of spammer IP addresses and save to temporary file
exec cat /var/log/maillog | grep check_relay | awk ‘{ print $8 }’ | sort | uniq > /tmp/spammerlist
fname=/tmp/spammerlist

# read file sequentially
while read line
do
# pick off the first address
badaddr=${line/,/}
badaddr1=${badaddr/arg2=/}

# add a rule to drop them at the firewall
exec /sbin/iptables -A INPUT -s ${badaddr1} -j DROP | echo

# loop till it’s done.
done <$fname

# save the new IP tables config
exec /sbin/iptables-save

# kill the temp IP file
exec rm /tmp/spammerlist -f

# end

On December 7th 1972, I was only 6 years old, but I have a vivid memory in my head to this day of Apollo 17 heading to the Moon in what would be the last of our visits to the lunar surface. 37 years ago Eugene Cernan and Harrison Schmitt stepped off the lunar surface and came back to Earth and no human has set foot there since.

It’s time to go back.

I grew up dreaming of the prospect of living and working in space. I was one of the first public members of the Planetary Society founded by Carl Sagan, Bruce Murray, and Louis Friedman in 1980 and the expansion of the SETI program. I wasn’t one of those kids who just read about rockets, I actually built several …and I still dream of retiring in “Luna City” – we just need to build it first.

The great news for all those like minded people out there is that NASA is actually working on it. So are the Japanese, Canadians and British along with supported efforts from a number of associated countries. NASA’s “Moon and Mars” site describes a number of initiatives including the Lunar Reconnaissance Orbiter that will help us get there. With the expansion of the International Space Station comes growth opportunities and a chance for a pit stop between Earth and the Moon. The next Shuttle mission (STS 127) is scheduled to add yet more lab space to the station with the Kibo laboratory complex provided by the Japanese.

In November last year, NASA successfully extended the Internet into space and made improvements in the process. The new Disruption Tolerant Network currently only has 10 nodes, but that’s quite a few when you consider there aren’t a whole lot of humans out there yet. This and other efforts in space exploration centers around the globe point to a near future where many of us will live and work on the lunar surface and beyond.

I can hardly wait. I can have my bags packed and be ready to go in about 20 minutes, just give me the call! In 1972, you had to be a colonel in the US Air Force to even have a hope of stepping onto the lunar surface. In the next decade, I foresee science and commerce reaching out to build entire communities on the moon that will include a variety of professions. Where there is work, there must be play!

I have said to my wife many times – “Bury me in Mare Nubium!” I might actually get my wish.

* * * * * * * * * * * * * * * * * * * * * * *
Find out more at nava.gov, canadian space agency, Japan Space Exploration Kibo Project