Monday, March 29, 2004

Langa Letter: Cool and Quiet, Summary of advice on quieting a PC

Langa Letter: Cool and Quiet, Part III

Zone Labs: ZoneAlarm

Zone Labs:
I think I might need to add this to my PCs. Grrrh.

Open source approach to spam prevention by "postage" -- looks very promising (MIT Technology review)

A Better Way To Squelch Spam?
... The idea of fighting spam on an economic basis using some form of postage has been discussed since 1992. This technique is known as sender-pays because it forces the sender to incur some cost before sending a message. Sender-pays systems can employ one of two different types of postage: money stamps, such as what Gates has proposed, or proof-of-work stamps.

Money stamps are a kind of electronic micropayment. Since the dawn of the Internet era, dozens of micropayment schemes have been proposed. Building the centralized infrastructure required for a worldwide micropayment system is a daunting challenge, however. Not surprisingly, none of these systems has taken off. And there is no reason to believe that value-bearing e-postage would fare any better than its predecessors.

Money stamps raise other significant issues: Who redeems the stamp? Who has taxing authority on the income? Who bears legal liability for erroneous or absent stamp validation? Who controls access to your mailbox and for how big a stamp? These questions make it clear why we and many others distrust money stamps as a solution to spam.

A proof-of-work stamp—or “work stamp”—is a mathematical puzzle that is hard to solve and has a solution that is easy to verify. Another important property of this puzzle is that it has no cheats—that is, there is no way to solve the puzzle by a shortcut.

The major impediment to adoption of any form of sender-pays has been the apparent requirement for wholesale changes to the e-mail system. The Camram (Campaign for real mail) open-source project has developed a hybrid system that solves the problems of classical sender-pays and provides a clear path to incremental adoption. Avoiding problematic money stamps and using proof-of-work stamps, Camram deters spam while maintaining decentralized operation.

The cheat-proof puzzle used by the Camram project is called “hashcash." The details of hashcash are complex, but here's a quick explanation. Hashcash uses a seed value consisting of date, e-mail address, and a random number. This seed is fed to a mathematical function called a "hash." The function performs a calculation based on the input. If the first N bits of the returned number are 0, then the input value is the stamp. Otherwise the input value is incremented by one and the process is repeated until the result is a valid stamp (0 bits in the first N places)....

...The Camram project has learned that the most effective anti-spam cocktail contains at minimum three filters: a stamp filter, a smart "white list," and a content filter. The white list is a roster of those with whom you exchange e-mail; it is used to let this friendly mail in unchallenged. The content filter looks at the content of the message and makes a probabilistic assessment as to whether the message is spam. Taken together, these three measures implement the principle of “strangers pay, friends fly free.” In other words, strangers who stamp their mail, and friends with whom you regularly communicate, have easy access to your inbox. All others go through the content filter.

Sounds great, what I like best though is the cocktail approach. When I espoused that 2 years ago (with sending service authentication) no-one seemed to "get it" (except Jon Udell, who understood immediately). Glad to see that becoming common wisdom!

Great Macintouch notes on recovering an initialized OS X drive.

Mac OS X Panther (10.3.3)

"Recovering an Initialized Drive

Peter J. Creath
Michael Bradley did exactly the right thing in disconnecting his drive and not touching it.

The best off-the-shelf (read: affordable) utility I have found for recovering Mac files is Data Rescue X. Unlike Norton, which progressively patches the drive it's trying to recover, Data Rescue X doesn't modify the drive to recover. It scans the entire drive looking for lost files and presents you with a list of files found. You can then recover those files to another drive. This does require another target drive, but it's by far the safest way for end-users to recover data from a zapped drive.

To be clear, even connecting your newly-initialized drive will modify it slightly (since the new volume will be automatically mounted), but those changes _should_ have minimal impact on your ability to recover your lost files. The ideal recovery process would be to make a forensic block-level copy of the zapped drive and do the recovery work on the copy.

Antonio Tejada
Michael Bradley needs to get Prosoft's Data Rescue X. It takes forever and then some to run and do its thing, but is highly effective.

There is a demo available that will do the full scan (the part that takes hours and hours, even days sometimes) and show you what it found, but the demo will only recover 1 small file.

Caleb Clauset
Having just gone through something similar with a client, I know exactly how Michael Bradley must be feeling. The good news is it is very much possible to recover the data in a situation like this.

The first thing to try is Prosoft Engineering's Data Rescue X software. It's quite capable of recovering data in this situation and is non-destructive (you have to have a second volume mounted which is capable of receiving any recovered data).

The other option (which is what we did) was send the drive to the guys at SoftRAID to have the partition map reconstructed by hand. It's not their normal line of business, but they were extremely gracious and able to restore everything for a fraction of the cost of a recovery at DriveSavers. They also offered to hand-deliver it to DriveSavers if they weren't able to restore everything. So don't lose hope."
There's more at the site. Wonderful discussion.

iPod tip of the year: any AAC file can be made "bookmarkable"

Doug's AppleScripts for iTunes - Managing Files
Make Bookmarkable
written by Doug Adams
posted: Mar 1, 2004
This script will change the 4-character file type of the selected AAC tracks to 'M4B ', thus making them bookmarkable. (That is, the track will resume playing wherever you left off the last time you played it.) Works on protected and non-protected AACs.

Since Mark posted this on 3/1/04, it's amazing it's taken a month for this to make the wires. This makes putting my medical lectures on iPods far more useful. It was a major "feature" for audible.com so they may be unhappy about it leaking out. I wonder if Apple will change the behavior in an iTunes update. The script makes it easy to do vs. doing the file type change by hand.

Special google commands - filtering out hits on prices

Google Help: Numrange Searches
Numrange can be used to specify that results contain numbers in a range you set. You can conduct a numrange search by specifying two numbers, separated by two periods, with no spaces. Be sure to specify a unit of measure or some other indicator of what the number range represents.

For example, you might conduct a search for DVD player $250..300 or 3..5 megapixel digital camera. Numrange can be used to set a range for everything from dates (Willie Mays 1950..1960) to weights (5000..10000 kg truck).

Or you could negate the string to filter OUT results that include prices. Good way to find reviews on a topic?

Google Search: define: glycoprotein

Google Search: define: glycoprotein
Nice new "hidden" google feature. Definitions are surprisingly good.