102.
That's the number of brute force attempts on Cedar since November. It is depressing to think that so many people have tried enough to set the alarm off. There are, of course, many more that tried only a few times. Like e-mail spam and blog spam, all of this seems to be done by bots; if the number of bots continues to increase at its alarming rate, it seems inevitable that the house of cards will fall… it is just a matter of when.
Hmm... Can Napster Last?
Someone with too much time on their hands, decided to figure out exactly how much music they could get off Napster's new Napster to Go service, convert to WAV files and burn to CD's within the free trial period. Their calculations allow for the creation of 250+ CD's during that 14 day period. Of course, Napster To Go isn't suppose to allow burning, but the folks planning this simply did the same thing I did when I wanted to record a live audio stream a few years back — capture the audio stream and save it as WAV files.
Obviously, for those who'll abuse this service, this makes Napster To Go a much better value than iTunes Music Store, since you can't steal 250 CD's worth of music from iTMS. In the long run, however, I suspect that this might spell the end of Napster. If word about this gets around, the service will be abused and the record labels will get quite angry about people downloading thousands of songs and keeping them forever with an investment worth about one CD ($14.95).
I'm actually glad about this in a way, though. This means Microsoft PlayForSure Janus subscriber technology may be defeated before it becomes popular. Anything that keeps RIAA from making it so people don't even have a permanent copy of the music they pay for is a good thing for everyone else.
(Not that I advocate signing up for Napster to steal music off of it, I simply like the idea that maybe this will throw a wrench in a bad idea whose time has not come.)
Oligopoly Versus Monopoly for the Future
For the moment, neither Apple nor Microsoft are in any position to exercise anti-competitive behavior (the only part of being a monopoly that is illegal), simply because digital music is still a minute chunk of the market. But, both companies are behaving the way they usually do, so we can pretty much guess what things will be like once digital downloads become the dominate form of distribution by analyzing the two companies' track records.
Apple is a vertical kind of company. They create as much as possible in house so that it works in a simple and elegant fashion. You'll pay a bit more and you shouldn't wait for compatible clones, they ain't happing. That isn't the Apple way. This is the same as many other segments of the industry — for instance, the electronic gaming industry, where you would never expect a Nintendo Gamecube to be able to run Sony PlayStation 2 software. You could probably expect a lawsuit to occur if Nintendo even tried, just as Sony sued Connectix in the late nineties for making a Virtual PlayStation. And that's perfectly reasonable and legal.
Microsoft has a very different approach, partially because Microsoft is only a software company (normally, at least), unlike Apple, who has always been mostly a hardware company. Microsoft has always sought to open the hardware portion of the business up, because they aren't in that business. Yet, Microsoft is the company that has violated the Sherman Anti-Trust Act, quite likely for a reason that is lost on no one: they do not make the hardware, but by establishing a firm software monopoly, they have essentially taken all but a facade of control away from individual hardware makers. HP, Dell, Gateway and others who are beholden to Microsoft cannot afford to make Microsoft mad, lest they be cut out of volume discounts and development partnerships. This is true, even in the post-DOJ v. Microsoft world.
How does this factor into music? It factors in perfectly. Apple has chosen to keep FairPlay close to home, licensing it only to a fellow member of the PowerPC AIM trio (Apple/IBM/Motorola). Apple did, apparently, also approach Sony last year, only to be turned down, but essentially, Apple doesn't license stuff. The closest you'll likely see, I believe, would be more HP-like deals where Apple will co-brand iPods like PalmOne did in the past with Palm PDA's. Apple never tries to hide this. Microsoft, on the other hand, is on track to create the same kind of abusive monopoly in media players that they have in computers — all they have to do is topple the Apple iPod phenomenon. Think about it. Try to name one major media player, other than the iPod, that doesn't use Microsoft technology. You won't think of one, save for the dismal failure that is the Sony MP3 player.
That's right. Part of your purchase price for a Creative NuVo, Rio, Dell DJ, RCA Lyra, iRiver, etc. goes back to Redmond as licensing for Windows Media support, now known as PlayForSure. Likewise, think of online stores and try to name just one that uses something other than Windows Media, save for iTMS and Sony's store. This is very important. Microsoft has essentially secured control of both sides of the equation just like Apple has done with the iPod/iTMS, only there remains a facade of competition that will become increasingly hollow, presuming Microsoft manages to secure a majority share of the market.
Given that Apple seeks only to control its own platform, and not everyone else's, we can be confident, I believe, that even if the iPod remains the dominate player, Apple will never secure a real monopoly, simply because the iPod will not be the best player for every single person. However, Microsoft's plan allows for a very real ability to create another abusive monopoly, since Microsoft seeks to play the role of puppet master rather than actor on the stage of multimedia.
The media player war is only the beginning. Both Apple and Microsoft are trying hard to get their competing formats accepted as part of the next generation DVD standard. Whomever holds this will likely be given easy passage to dominance in the majority of multimedia on TV, the computer and elsewhere. While a win for Microsoft will usher in an era of the proprietary Windows Media Format, Apple's entry is only partially proprietary. It is true that the PlayFair DRM is proprietary, but AAC, the format of iTMS, is based on the open standard MPEG-4. In fact, the parts of QuickTime that Apple is advocating for DVD playing are also components of MPEG-4. What Apple has done with media formats is much like what it has done with Mac OS X. It has a proprietary element, but Apple has also willingly used an open foundation in both cases (MPEG-4 and the now FSF-approved APSL-licensed Darwin, respectively).
So, which is worse? An oligopoly where Apple controls its portion of the market, but is never dominate and even uses open standards as its foundation, or a competitively facaded monopoly dominated by Microsoft (and the companies beholden to the same) as one prong in its Trusted Computing Initiative?
Macmini Co-location
Yeah, you want one… you know you want a co-located Mac mini server for only $22.95 a month (plus the cost of the system). And as I noted when this was posted to a list I'm on, that is the only reason you'd actually sign up for this service: because you'd like to say you have a co-lo Mac mini.
Don't get me wrong, it is a neat idea — and you saw it first on asisaid — but with a paltry 20 GB bandwidth allowance, that skyrockets in cost if you up it to enough to keep a dedicated server busy, and 24×7 onsite monitoring only available after you give up an additional twenty greenbacks, you'll quickly end up in budget dedicated territory minus all the perks of budget dedicated machines.
Still, it's a neat idea if you want to play around with having your own server, but can't justify the price of something a bit more expensive. I actually like the idea, I just hope someone doesn't think they are getting a bargain when they end up having to add all the upgrades later on.
Personally, I think rather than sending a new Mac mini to this place, I'd keep it at home and make it a media PC. Or a file server. Or a kitchen PC. What would you do with a Mac mini?
About Fantastico
Eduardo upgraded to WordPress 1.2.2 the other day, and when he did, I asked him if he had used Fantastico to perform the upgrade. Ed followed my advice to Eduardo and that killed his blog. Well, not really, but it made it look like it had choked. As it turned out, Fantastico did not run the upgrade.php script included in WordPress, and thus the database was not arranged properly.
I checked around Fantastico and could not find a way to fix it directly from there. But, running the aforementioned script did the trick just fine. I thought I'd share this in case anyone else tried to follow my advice.
The Five Gifts of Christmas
Looking for a gift that will make your recipient say “Wow this is a really inside cheke and cimble gift”? Well, I reviewed 5 different gifts under $50 for the technically inclined among us (one — the “eyelighter” — is something almost anyone would appreciate). Take a look at OfB.biz.
Tried any of them? Have a better idea? Play the pundit. Write about your own inside cheke and cimble gift ideas below.
Spam Update
Here is a snapshot of my spam blocking statistics for the past two days (approximately). This is prior to re-enabling DUL blocking, something I did about a half hour ago. I'll let you know how it goes now that DUL is back on.
Total Spam Count = 17784 Total Success Count = 4914Spam detected and blacklisted, by blacklist, since last refresh of exim log (2004-12-12 04:02:09.000000000 -0500).
Note: checks against blacklists stop after first positive match, therefore lower numbers from blacklists lower down should be expected and do not indicate performance of a given list.
sbl-xbl.spamhaus.org = 15306
LAST UPDATED: Monday, 13-Dec-2004 22:05:03 EST
zombie.dnsbl.sorbs.net = 0
cbl.abuseat.org = 120
opm.blitzed.org = 0
dul.dnsbl.sorbs.net [disabled 2004.12.05 00:15 due to overactive blocking] = 0
relays.ordb.org = 3
spam.dnsrbl.net = 0
dnsbl.njabl.org = 1215
blackhole.securitysage.com = 0
hil.habeas.com = 1
list.dsbl.org = 1080
manual =0
verify fail= 290
No Relay = 158
Clarification
Here are some clarifications concerning my re-implementation of DUL blocking.
Will I still be able to send mail to ServerForest addresses?
Yes. Just to be clear, when I re-enable the dynamic users list (DUL), it will not block users from e-mailing me or anyone else on ServerForest, even if they have a dynamic address, so long as you send your messages through a normal SMTP server, such as the one from your ISP, web host, etc. The only people who will have problems are people who run their own SMTP server on their own computer that is connected to the Internet dynamically. If you don't know what that means, I can virtually assure you that you aren't doing it and this won't impact you at all.
Who runs an SMTP server from a dynamic address?
Almost all SMTP traffic coming from dynamic addresses is SMTP traffic caused by worms and similar malicious programs. Typically, this means they are either sending copies of themselves or working as zombies to send spam. Because it is likely that virtually no legitimate traffic will be sent this way, many hosts block DUL SMTP servers traffic, quite likely, yours already does (unless you are using my services, and then yours will shortly).
Checkout Those Stats!
I've blocked over 40,000 spam messages since the beginning of the week, as you can see here. I'm thinking about re-enabling the DUL (dynamic users list) to block servers on dynamic IPs from sending e-mail to ServerForest — after looking into it, I know of exactly one person legitimately doing so in thousands of messages I looked through. This won't block users with dynamic IP's on their desktops, only those trying to send through a server on a dynamic IP (which in 99.9% of the cases means the PC has been hijacked). I also think I will remove some of the non-effective lists (no sense wasting resources querying servers that never block anything), and move some of the more-effective ones up in the order of the effectiveness… thereby reducing the amount of queries my server must make.
Continuing the War on Spam
I implemented several spam blacklists today. Take a look at them (and the statistics of their filtering abilities thus far) over here on the main ServerForest site. The SPAM/Success ration is off at the moment since the successes include spam prior to the filter implementation today (the log goes back several days), but that will correct itself in the next few days. If this kind of thing interests you, check back, those stats are updated every hour, five minutes after the hour.
Also, if you have suggestions of other blacklists I should include, or a complaint about the accuracy of any I've already included, please let me know in the comments. Thanks!
As an aside, if you are presently a ServerForest customer, and you did not receive a notice with three important news items tonight, please let me know and I will send you a new copy.
