Thursday, July 15, 2004


Rants, Parodies, Sitefinder and Dirt. A Value-Added Post!

Asshatted celebrity du jour, Richard Gere:
"A vicious terrorist is out there. It is not Osama bin Laden, it is AIDS," Hollywood actor Richard Gere told the conference. "The biggest threat to our livelihood, our happiness is AIDS."
'Scuse me, jerk. I feel sorry for people who've gotten AIDS through transfusions and the like, but let's face facts. Most people get it through behavior which they're supposedly at least nominally in control of. I didn't see Gere downtown on 9/11, so I don't think he has any right to say what a threat is. I was there pretty boy, and dammit, that was a threat. Along with several thousand other people, I was sweating bullets that I wouldn't see my wife and kids again, shoving down a staircase in the World Financial Center while we were all praying the WTC wouldn't come down on us, or worse, worrying that there was another plane on the way. And Gere has the goddamned nerve to say that just because some people just can't stop their promiscuity and aberrant behaviors that what they're getting is worse than Bin Laden? What did you do for the children of the firemen, cops, and tradespeople who died that day, shmuck? Go worry about Tibet. I hear they're opening a multiplex in Llhasa.

One thing that gets me very hot under the collar is moral relativism as practiced by the idiotic LLLs out there. Especially when it comes to things like terrorism.

Excellent read from John Derbyshire here. Very relevant when one sees the Hitler Jugend camps that the quote unquote Palestinians have set up to teach kids the art and science of massacre. And courtesy of some of the commenters on Little Green Footballs, the sound you now hear is Allan Sherman spinning in his grave (well, crypt to be precise)....

Hello mulla. Hello fatwa.
Here I am at Camp Intifada.
Camp is very entertaining.
And today we had some special sniper training.

I went hiking to Ramallah.
Arafat gave me half a dollah.
He said "be martyrs, don't be traitors..
"Or we'll hang you like we do collaborators."
Hello Mudda, Hello fadda,
Here I am in Camp Intifada
Camp is really very exciting
And we learned some tricky ways to do jew-fighting.

We went playing in the ocean,
In our wetsuits, poison potion,
Arafat gave us, to do his bidding,
Killing jews is really fun and that's not kidding!

Little Abduli, he's Yasser's darling,
At the jews, he's always snarling
But come sundown, Yasser summons,
To come over and don't forget a box of WetOnes
Incidentally, "Hello Muddah" is probably the least played Allan Sherman track in my collection. "Crazy Downtown", "Al and Yetta", "Shake Hands With Your Uncle Max" and "Sarah Jackman" get far more airplay. Damn, he was funny.

And for the propellerheads in the audience, we have the ICANN report on Verisign's Sitefinder fiasco. For a refresher, basically Sitefinder was a kludge on top of DNS where if a hostname was mistyped or in some other way munged (or for that matter uninstantiated), the DNS response returned would be one of Verisign's servers. Nothing earth-shattering, except that it would break other protocols besides HTTP which would expect a traditional DNS error. For example, imagine some low-level guy creates a VPN client configuration file and sends it to the corporate road warriors, and said config file has a mistype that Sitefinder redirects to their server. Awfully hard for the help desk to diagnose, eh? (The interesting corollary to this is that if you look at some Hijack This! logs of folks trying to clean browser hijacker infections is that the hijackers tend to point to IP addresses rather than hostnames, as those clods thrive on mistyped host names. They're rather notorious for putting up porn sites at common misspellings of fave raves, witness britneyspeers dot com and of course whitehouse dot com). It would be supremely impractical, but imagine for a moment if a name resolution function call could have a boolean parameter (HTTP-related, yes or no) associated with it, and if that parameter were true, a bit would be set in the reserved area of the HTTP-request indicating whether it was OK to respond with a Sitefinder-redirected response. From a coding perspective, it's trivial on both ends, but publicizing and getting acceptance of a new API function such as this would be a nightmare.

Just to serve up a tiny bit of corporate dirt, I can name (but really shouldn't in a public forum) a very large financial institution where internal DNS is still broken to the point where there are lots of hard-coded IP addresses not only in applications, but in things like file transfers and message queues. Host files will be kept around for a while, since the servers all have multiple names, and the AD guys are overwhelmed just fighting fires, much less being bothered to put in a simple gethostbyname() call. And interestingly enough, their QIP deployment is proceeding nicely.....


<< Home

This page is powered by Blogger. Isn't yours?

Technorati search