Mrs. Mike says:

You mess with me, you get the cheese!

That is all.

VeriSign sues ICANN over Sitefinder

This is the stupidest thing I’ve seen in a while. When VeriSign put up Sitefinder before, the uproar over all the stuff it broke was huge. VeriSign is interfering with the basic operation of the internet addressing system. ICANN is in charge of maintaining order in that system. ICANN is doing exactly what they’re supposed to.

http://www.verisign.com/corporate/about/contact/index.html is VeriSign’s contact page. Get a hold of them and let them know how you feel. Use the toll-free phone numbers, as it’s harder for them to ignore phone calls than emails. Tell them that you’re unhappy that they’re breaking a great deal of the internet’s functionality so that they can do a bit more advertising on the World Wide Web (which is only a small part of the internet). ICANN is far from perfect, but at least they’re not mucking up huge portions of the internet for a few more bucks.

http://slashdot.org/article.pl?sid=04/02/26/235256 is the /. article with lots of great comments too. This one pretty much sums it up:

The Internet Corporation for Assigned Names and Numbers has no authority to prevent VeriSign from rolling out a search engine for users who mistype Internet addressees, VeriSign said, as well as another feature that allows users to sign up for a waiting list for desirable domain names.

Hey Verisign: We don’t care if you want to make a search engine for miss-spelled domains, nor do we care if you want to setup a domain name waiting list. In fact the only thing that bothers anyone is that you’re breaking DNS to force us to use them.

If this was really about setting up a search engine and nothing else they could just register vs-sitefinder.com and vs-domain-wait-list.com and be in business. Instead they insist on pissing on their responsibility to maintain a functional DNS system in order to achieve some sort of edge over the competition.

Is there some sort of contest for the most hated corporation going on between Microsoft, SCO, and Verisign?

I recently tried one of those sites where they give you something free, but you have to click through a bunch of ads (full of junk you’re supposed to sign up for). Luckily I have the ability to use aliases with my mail account, so all the junk that I’m getting that I didn’t sign up for is easily identified. I’ve tried unsubcribing from every email I’ve gotten, to no avail. I don’t care if that just confirms the address or signs me up for more junk, because it’s a throwaway alias. It’ll just make it easier to identify the spam. They should really watch who they pick on…

So anyway, they obviously have absolutely no regard for my wishes. I’m not trying to advocate doing anything illegal, but here’s the info if you want to let them know how you feel or something.

Yours to count on,
David Wroblicky
DnAenterprises@paychecksforlife.com
Casselberry, Fl
407-695-0235 (WhitePages.com Reverse Lookup)
407-463-7130
http://dnaenterprises.paychecksforlife.com/index.cfm

http://www.bbbonline.org/profile.asp?ID=103092511583635811 is the link to paychecksforlife.com’s BBB info page. It lists gary@pfladmin.com as the address of Gary Walker, Vice President, in case you need to contact him for anything.

I hope that was useful to someone.

FYI, the userintervention forums have moved to www.userintervention.com. The old URL will still take you to a forward page, but you may want to update your bookmarks or whatever. And because I’m allsum, there’s a nice link to it on the left over there. Yeehaw!

I’ve been visiting userintervention.com lately. Not a whole lot happening there yet, but keep an eye on it. The more people visit it, the better it will get.

On my remote Win2k Pro project, I’ve got a good start. I copied the stuff from Advanced Server to show Terminal Services in the Add/Remove Programs dialog. From there, I found the main TS .inf file, and modified it so that I could just right-click and Install it. A whole bunch of files later, I have Terminal Services installed as a service on Win2k Pro. However, it doesn’t actually start up, so now I’ve got to poke around to see what’s behind that.

I have a new project in mind. From all my research, nobody has done it yet, but many people would love to have it. I actually saw a post describing the method I plan to use, but I haven’t seen anyone attempt it yet.

I want to get RDP/Terminal Server working in Windows 2000 Pro. You can install the RDP client to connect to other servers, but that doesn’t help connections to that PC. You can install Terminal Services on Win2k Server, and WinXP Pro has its limited Remote Desktop server, but that doesn’t help in trying to connect to Win2k Pro. I have a few PCs at work that simply cannot be upgraded to WinXP. For some reason, NT4 drivers work on Win2k, but not XP. This device only has NT4 drivers. I found some Win2k drivers for the card (I think, it’s an obscure card to begin with), but they don’t work at all, even in Win2k. Dr. Watson said something about the driver creating an infinite loop. Neato! So anyway, I want to add the ability to RDP into Win2k Pro desktops one way or another…

Wow, here’s another neat little trick I found while wandering the net. Verify URL. That’s a link to javascript:alert(‘The real host of this site is: ‘ + location.protocol + ‘//’ + location.hostname + ‘/’); so you can drag it to your bookmarks or toolbar or anywhere else it’s handy. A bookmarklet is when you create a bookmark out of a Javascript function. The bookmark always performs some function upon the current page, whether it’s incrementing a number in the URL (to go from page001.html to page002.html) or something more complicated. Anyway, this bookmarklet simply takes the protocol and hostname and echo them in a dialog box. Keep this shortcut handy, and use it whenever you’re wondering if you’ve been taken to a spoofed site.

Though I guess it’s a little late now, since Microsoft removed the most common type of spoofing by totally eliminating the ability to send usernames directly in URLs…

And another toy from me. http://www.invisibill.net/url.php is a very simple script. As usual, you can see the source at url.php.txt. All the script does is take whatever you type in the text box and create a link out of it. It uses the input as both the linked text as well as the destination for the link. Try it – just enter a URL and hit Enter, and you’ll see how it works. It doesn’t do much, but it’s handy when you want to create a clickable link so you can right-click and Save As.

As you can see in my fancy new RSS feed, there’s a new version of Bagle going around. The SNP article has links to all the major AV companies’ reports on it, so I’m not going to bother linking to them from here. As with the original, I’ve got a removal script. unbagleb.inf will remove the registry stuff and the program file itself. As with all my other scripts, they can’t delete files if they’re in use. Either open up Task Manager with Ctrl+Alt+Delete and kill AU.EXE before running the script or run the script to get rid of the autorun stuff in the registry then reboot and run the script again to delete the files. Bagle.B is really only a minor tweak on Bagle as far as how it actually infects your system, so this removal script is basically just a few changed names as well.

You may have noticed that I added a news feed toward the bottom of the gray “nav” bar on the left. For now it’s mostly just an experiment, so it’s very subject to change.

Right now it’s pulling http://www.prognosisx.com/infosyssec/securitynewsportal.xml, formatting it, and dumping it over there. At first, I was using a script made of a few functions I found to format the XML. It had the URL of the feed right in the code. snpxml.php.txt is the code for that. I thought it would be much easier if I could send the feed’s URL as a parameter, instead of hardcoding it into the script. After a few minutes of searching, I found out that PHP will automatically make variables for anything it finds in the querystring. That made my conversion infinitely easier. Instead of setting up a bunch of junk to create a variable in the function that got the data from the querystring, I just had to remove the existing declaration for $feed and tack it on when I called the script. readnews.php.txt is the new script (with $feed removed at the beginning). Now I just have to call it with something like http://www.invisibill.net/readnews.php?feed=http://www.prognosisx.com/infosyssec/securitynewsportal.xml. Now PHP automatically converts the URL passed in the querystring to $feed, and I don’t need to change anything else for it to work. I also added in a bit of error correction so that it exits if you don’t pass it a value.