July 2008

The Archives

• Internet, Security, Technology

  Look, Ma! I’m on Security Now!

  July 14th, 2008 (4 years, 11 months ago) by Jeff | Permalink | 2 Core Dumps

  I hope to post more on this when there’s more data to post, but I thought I’d throw up a quick note stating that the latest episode of the Security Now! “netcast” features a question posed by yours truly. (The best part was listening to Leo Laporte stumble over my long-winded rambling. ) The high-quality version of the show can be found at the previous link; a low-bandwidth version as well as a text-only transcript can be found at the corresponding page at GRC.com. A search in the transcript for “Darlington” will take you to the beginning of my question; in the netcast, it starts around 38 minutes, 22 seconds in. (Of course, I encourage everyone to read/listen to the entire thing.)

  For the full effect, though, you’ll also need to listen to/read the previous two non-Q&A episodes of the show, #149 and #151. (Low-bandwidth and trascriptions can be found here and here.) The entire dialog concerns the recent trend of ISPs selling out their customers to allow third-party advertisers to come in and install hardware at the ISP to facilitate tracking the ISPs’ customers’ surfing habits across sites. While the ad companies in question claim to not be recording personally identifyable information about the ISPs’ customers, the capability is there and the possibilities for abuse are enormous. It brings back many shades of the DoubleClick controversies of the late 1990s-early 2000s, only much more ominous. I provided a unqiue standpoint to the discussion: that of a Web developer hosting a site and encountering similiar mysterious “first party” cookies set for my domain but not set by me.

  The full body my question is present, but I’m not completely satisfied with the answer. Let’s just say I think Steve Gibson made an assumption about the GPF site that’s not 100% true. I’ve replied to his response with additional information. I don’t necessarily expect another response (he does, after all, have his own agenda to follow on his show), and even if he does it will likely be in episode #154, the next scheduled Q&A episode. If anyone is interested, I’ll post updates if and when this occurs. If I don’t get a response, I’ll post my response here, especially since it contains some disturbing observations about “first party” cookies that have mildly paranoid folks like me nervous. (I’d hate to see what it does to really paranoid people.)

  

• Personal

  Maybe I should have persued a career in radio…

  July 7th, 2008 (4 years, 11 months ago) by Jeff | Permalink | 6 Core Dumps

  I’ve picked up an interesting new job function to add to my résumé: voice-over narrator. Nobody could be more surprised about this than I am.

  The primary project I work on at my day job is a series of interactive, computer-based training initiatives for the U.S. Navy Reserve. Until recently, my work has mostly been software development, building a Web-based learning management system through which reservists can take CBTs online and receive the appropriate credit. My time has since been split among several other projects, such as a custom content management system for our digital artists, but it’s largely been in the programming arena. That is, after all, what that fancy paper that hangs on the wall in my office says I’m good at.

  As hinted at above, we also have a full digital creative team filled with artists, animators, and specialists in instructional design. While my team builds the nuts-and-bolts front end to serve the training content and keep track of the results, our creative folks actually build the training content itself. This can range from the individual diagrams and 3D models used in illustrations to complex animation sequences and all the way up to the final Flash-based instructional GUI. We’ve got some incredibly talented folks who work here, and I’m pretty proud of some of the things I’ve seen each of them do.

  Lately, I’ve found myself crossing the line between coder and creative type. My managers took note with great interest during my initial interview that I’m both an artist and a programmer. My first year or so here, though, I’ve spent most of my time in front of Microsoft Visual Studio, bashing out C# code. Recently, however, I’ve found myself being pulled into more creative endeavors on our team, such as writing the storyboard for a promotional video that will be shown at a major defense contracting conference in December.

  The biggest surprise came several months ago when my boss pulled me into a meeting that I normally don’t attend. During that meeting—in which I spent most of my time doodling in a notebook because nothing seemed to apply to me—my ears perked up when it was announced that I would be doing the narration for our interactive security scenario builder demo to be released at that year’s conference. I was a bewildered to say the least.

  Later, my boss recounted how my name came up in a previous meeting between several people involved with that project. You see, one minor problem we tend to have here is that the overwhelming majority of us at this site are natives to the region. Well, that’s not exactly a problem from the “mining the local talent pool and supporting the local economy” standpoint. It is a problem when the vast majority of us have noticeable West Virginia “hillbilly” accents. As much as I hate stereotypes, this was is pretty darn close to true. Almost everyone here has a noticeable accent, some so far to the point that they sound like caricatures. It’s almost laughable, really.

  During this meeting, the team was musing over this problem. They didn’t exactly want a backwoods hick accent talking about how to report potential corporate security violations. It was then when my boss proffered: “Have you ever heard Jeff Darlington’s voice mail message?” I was apparently out of the office at the time because he called my desk and played my outgoing message over the speakerphone. The consensus was undoubtedly unanimous.

  And that’s where I am now. In addition to the aforementioned security scenario demo, I’ve recorded narrations for multiple training sessions surrounding shipboard computer administration within the Navy. I can’t really say much more about those lessons, largely because I don’t know how sensitive the material is. It’s not top secret by any means as I don’t have the necessary clearance. Still, it’s probably sensitive enough that I can’t share any samples. However, below you’ll find a link to an early draft of the security scenario builder demo. We’ve reworked it multiple times so the final outcome sounds much better than this one. Nonetheless, it allows you to hear my melodious tones. Enjoy.

  Sample Interactive Learning Narration (MP3, 277k, 23 seconds)

  I still find it bizarre to be doing this. It’s not something I’ve foreseen myself doing. I’ve been told that I don’t really have an accent, although I can hear it in my own voice especially when I’m tired or when I’m around others with more pronounced accents. My biggest concern right now is for our poor test team, who has to listen to my voice over and over again for hours while debugging the lessons.

  

• Internet, Technology, Webcomics

  ICANN get behind “gpf.comics”…

  July 1st, 2008 (4 years, 11 months ago) by Jeff | Permalink | Dump Core

  So ICANN, the organization that oversees the doling out of domain names on the Internet, has approved the relaxation of the rules for top-level domains (TLDs) to allow for arbitrary TLDs for whoever has the money and technical capability to grab it. If things go according to plan, by the middle of next year you may be able to just type into your browser something like http://search.google/ rather than http://www.google.com/, or perhaps you’d rather http://drink.coke/ or http://drive.ford/ or even http://have.crazy.monkey.sex/.

  To quote virtually ever character in the Star Wars universe, I have a bad feeling about this.

  I am so sitting on the fence on this one. My initial gut reaction is this can’t be a good thing. I know far too many non-techies who are confused by Internet addressing as it is, so let’s confuse them some more by adding even more things for them to figure out. JD Fraizer over at User Friendly hit the nail on the head; anyone who has ever used Usenet is probably rolling their eyes a lot more lately. The potential for cybersquatting and trademark dilution is enormous. ICANN insists that an “objection-based mechanism” will be in place to prevent such things, but how much red tape (and legal dollars) will someone have to go through to protect their brand? Every day that a squatter sits on a domain equates to valuable time, money, and reputation that can be lost, something big corporations may be able to wait out but little guys like me can’t afford. It’s been hard enough right now for me to keep up with all the variants of gpf-comics.something out there. And let’s not get into the discussion of what “offensive” TLDs creative individuals might come up with….

  Of course, it’s not like I’m going to be registering .gpf anytime soon anyway. I suppose that’s one thing ICANN did right: to create your own TLD, you’ll need a truck load of money first. The CBC is reporting an estimated $100,000 per TLD—I have no idea if that’s Canadian dollars or not—but ICANN only says for now that “fee information is not yet available”. Ordinary domain names are dirt cheap nowadays, which is a blessing to small-time operators like me but a curse in that squatters with cash to burn can snap up thousands at a time and hold them for ransom. At least starting a new TLD will take capital, making it a serious investment. It will also be quite a technical undertaking; owning a TLD also means you have to build the infrastructure support it. So if Google were to grab .google with their pocket change, they’ll also need to pony up the hardware and bandwidth to maintain the root server. Google may be a bad example (they’ve got servers to spare, I’m sure), but for organizations not used to maintaining that kind of “big iron” it will be a significant learning curve.

  But then it occurred to me… how awesome would it be if all your favorite comics or comic-related sites could found at “something dot comics”?

  Imagine if you will that some philanthropic comics creator/reader with a hundred grand in “mad money” under his bed were to snatch up .comics and register that with ICANN. Being philanthropic, this individual would charge a minimal fee to register a domain there, just enough to cover operational costs and maybe make a modest living in the process, aggregated out to anticipated demand (of which I’m sure there’d be plenty). There would be only one additional requirement for application beyond the current standard (ethical) process: the domain must be used for a site publishing, promoting, or discussing comics in some way, shape, or form. Consideration for approval would require proof of content, such as a preview development site, previously published work, portfolios, etc.—just enough to prove the site really will be used for something comic-related. Individual titles would be encouraged to register at the root level (dilbert.comics, gpf.comics, x-men.comics) while companies would register their names (dc.comics, marvel.comics, keenspot.comics) and potentially use sub-domains for their own titles (x-men.marvel.comics). Our hypothetical philanthropic registrar would also be fair and balanced as to not let big conglomerates dominate the little guys. Disputes over domains would come down to traditional copyright and trademark resolutions, requiring proof of prior art, etc.

  Wouldn’t that be just grand?

  Of course, what will really happen will be that some big company will come along and buy up .comics with far more misanthropic intentions (and we know such an obvious TLD wouldn’t sit dormant for long). They’d either squirrel it away selfishly for promoting their own works and no one else’s, or they’ll charge such an exorbitant “premium” price for registrations that only big publishing houses like DC, Marvel, etc. will be able to afford it, shutting out the little independents and webcomics. Even if they price it fairly and keep it open, I’d bet it would get so swamped with squatters that the novelty of the whole TLD would become as diluted .info is today. Maybe it’s just that I’m pessimistic… or that I’ve been annoyed for so long that some jerk had been holding gpf-comics.org hostage for years… but I just don’t see this turning into as promising a possibility as I think it could be.

  Oh, well. I’ve been waiting for gpf.com for nearly a decade now. I guess I can just add gpf.comics to the list. Wishful thinking….

  

About

Jeffrey T. Darlington is the creator of the popular online comic strip General Protection Fault. He is also the creator of a number of other inconsequential things, but seeing as they are inconsequential, he didn't think you should be bothered by mentioning them. More...

Search

Capitalism

Recent

• Weekly Twitter Updates for 2012-10-06
• Weekly Twitter Updates for 2012-09-29
• Weekly Twitter Updates for 2012-09-22
• Weekly Twitter Updates for 2012-09-15
• Weekly Twitter Updates for 2012-09-08

Tag Cloud

Twitter GPF Security Writing Technology Recycle Bin Software humor WinHasher TWiT .NET Webcomics Linux Star Wars server cookie podcast meta WordPress Microsoft Security Now Steve Gibson virtual machine Doctor Who C# mod_rewrite Fedora Wii schedule Apache Windows PHP HTTPS Star Trek blog iPod advertising To Thine Own Self hard drive comments DoubleClick authentication anniversary gifts Christmas