Author Archives: Joe Wein

About Joe Wein

Software developer and anti-spam activist

Google Groups spam – abuse reporting broken

Posted on by
12

You can tell that an anti-spam tool is becoming too effective when spammers start trying to work around it.

Such is the case with Spam URL Blacklists (SURBLs), which list domains advertised via spam. Spamfilters will intercept emails that mention blacklisted domains used in clickable links. The spammers can use fake sender addresses and send email from cracked hosts and cracked third party mail accounts, but they still get caught as soon as they mention their websites. This hurts spammers because they only make money when people go to their websites and hand over their credit card details to order fake Rolexes, pills, porn, etc.

To get around this, spammers have been using pages created at free webhosting services and other third party sites where content can be uploaded. The links only mention the free hosting site, which then redirects to the final spam site.

One service abused for this is Google Groups. Other services recently seen used are Google Docs, Microsoft Spaces Live and Geocities. In the case of Google Groups the spammers create mailing lists and upload a spam link to the home page of the new group. They never use the groups for their intended purpose, i.e. mailing lists. This effectively makes it impossible to report the abuse via Google’s abuse handling procedures: Any archived posting or uploaded document on the Google Groups service has an abuse reporting link, but the home page of the group itself does not! Obviously, Google never envisaged that spammers would create groups only to have one page of web content that can be advertised via spam.

Here is an example of a spam:

Received: from host34.net215.omkc.ru (HELO host34.net215.omkc.ru) [217.25.215.34]
by mymailhost (mx077) with SMTP; 21 Jan 2009 04:21:47 +0100
Message-ID: <47940FC9.1016287@verizon.net>
Date: Mon, 21 Jan 2008 03:21:45 GMT
From: arturo <arturo.matthews1@verizon.net>
User-Agent: Thunderbird 2.0.0.19 (Windows/20081209)
MIME-Version: 1.0
To: mymailbox
Subject: Brighten Your Day
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

After trying out tooth whitening system AT NO COST TO YOU you’ll realize that your smile is irresistably contagious! 😉

http://groups.google.com/group/fkvrqzzzjckhj

(Add S+H)

The page advertises “Click Here – Free Credit Score & Debt Help” which is a spam link using the domain white-teeth2009.com hosted on IP address 220.164.144.205 in China. It is listed on four sub-lists of SURBL (WS, OB, AB and JP). Its name servers are ns1.dckfdc.com and ns2.dckfdc.com. Other domains by the same spammers are whiten-your-smile2009.com and smile-really-great.com.

At the very least Google should add an abuse reporting link to its Google Group pages. It would be even better if they were to check uploaded Google Group content and checked any URLs in it against spam blacklists such as SURBL. This would stop the spammers in their tracks.

What’s that “Yanga WorldSearch Bot v1.1/beta”?

Posted on by
6

A few days ago I received email alerts notifying me of abnormally high web server traffic. Naturally my first thought was that this might be a Denial of Service attack (DoS): My sites have been attacked before, including by botnets consisting of several thousand rogue computers. This time, during a one hour period, traffic exceeded the same period one week earlier by 800 MB, which works out as 20 GB per day if sustained.

A search of the server logs showed numerous requests like the following, requesting up to 50-60 documents per second:

91.205.124.4 – – [09/Jan/2009:19:20:39 +0000]
“GET /emails/2008-06/30/00209262.117.htm HTTP/1.1” 200 12928 “-”
“Yanga WorldSearch Bot v1.1/beta (http://www.yanga.co.uk/)”

All originated from the same IP address in Russia (91.205.124.4) owned by Gigabase Ltd in Moscow. I found it very odd that this search bot listed the URL of a commercial UK website as its reference, but the company that operates the service does so from Russia. A visit to yanga.co.uk yielded little information – the UK website turned out to be little more than a placeholder page, with no UK street address and only a non-geographic phone number. I grew very suspicious at this stage.

A Google search found a thread on Webmasterworld.com in which “Alexey”, who introduced himself as the CEO of Yanga, responded to criticism. He didn’t give his last name, but perhaps he is Alexey Tarasov who is listed in the Gigabase Ltd WHOIS record.

While it is good to see that Yanga WorldSearch / Gigabase are concerned enough about their reputation to respond to public criticism, they would do well to take steps to raise fewer suspicions in the first place. They could definitely be more open about their identity and their purpose, as well as trying be a good citizen when visiting other people’s websites (e.g. complying with robots.txt, sticking to reasonable traffic levels). Trust is social capital that is hard to earn but quick to burn. No business can succeed on the web without it.

USB turntables: Sony PS-LX300USB

Posted on by
14

This week I bought myself a late Christmas present, a Sony PS-LX300USB turntable and there is a story behind that. I have a fairly large LP collection which I acquired mostly in the 1980s, mainly reggae and African music. Most of the about 450 LPs I found in record stores in the UK, others were bought in Harare, Zimbabwe or in Germany.

My friends in Zimbabwe used to joke that I had more Zimbabwean music than was available locally. It was half true: When I went record-shopping in Harare back in 1988/89, I found that the predominant type of music available was Country & Western, because that’s what sold best amongst white Rhodesians who had the money.

Paul Simon’s Graceland album brought Southern African music to a wider audience, but when most consumers in rich countries switched from LPs to CDs in the late 1980s and 1990s, African artists and their music were left behind again. Much of what I bought then never made it onto CD and is unavailable today.

One of my long term projects therefore was to archive my vinyl collection onto hard disk, to keep it from disappearing altogether. Recently, I wanted to continue with that after a pause of about two years, but my trusty old Dual CS-503-1 which I had bought around 1987 had stopped working due to a broken drive belt. Even after I installed a mail-ordered replacement belt it didn’t sound right.

Then I started thinking about USB-enabled LP players. There are models that will record directly onto a USB thumbdrive, but I was more interested in USB turntables that can be connected to a PC using a USB cable because they offer much more control over the recording process. The host operating system sees them as a line input on a sound card. You can record 44.1 KHz 16-bit stereo samples just right for burning a CD, or you can compress to MP3 after whatever editing and digital cleanup you fancy.

I can say that I am quite happy with the sound quality of the PS-LX300USB. There are other USB turntables that are cheaper, but I did not want to get the cheapest player that does the job. I won’t have the time to digitize my large collection twice. Having said that, my old Dual probably was a better player than the Sony. It has an adjustable anti-skating weight on its tone arm and its wow and signal-to-noise values look better on the spec sheet. On the other hand the Sony has start and stop buttons (the Dual’s mechanical controls are more basic), but more importantly the A/D-converter is built into the turntable (along with a pre-amplifier). With the analog Dual I had to use a sound card to digitize the analog line input coming from an amplifier hooked up to the phono output of the turntable. There is bound to be more interference inside a PC and most PC sound cards are cheaply made. Analog cables can pick up some noise too. That’s what makes USB turntables a worthy consideration, apart from the ease of use.

The mechanical setup wasn’t too difficult. I ignored the bundled Audio Studio LE and instead downloaded open-source Audacity off the net, which is working fine for me.

On the first evening after I unpacked the turntable and set it up, my 13-year old daughter looked at the spinning vinyl disk, which she had never seen in action. We listened to old favourites of my wife and me and it brought back many memories. Now I will be able to enjoy those tunes in the car or anywhere away from home, after I gradually record them one by one off a now largely obsolete medium.

Skype Auto-Recharge and currency changes

Posted on by
2

Checking my PayPal details today, I found that three of my most recent payments for Skype involved a dollar to euro conversion. This surprized me, since quite a while ago I had changed the currency of my Skype account from euros to dollars to match the currency of my PayPal account, in order to avoid conversion losses.

When I went to my Skype account I found that my currency indeed was set to dollars, however the recharge amount was set to €10. Auto-recharge is a convenient feature. With it turned on, whenever your account credit balance drops below $2, an automatic purchase using your credit card or PayPal account takes place to top it up again. As I use SkypeOut for all my international phone calls to landlines and mobile phones and also occasionally for call-forwarding from a SkypeIn number to my mobile phone (especially when I’m travelling), it helps me never to run out of Skype credit.

Evidently, changing your Skype currency does not change your account recharge currency (or amount). What’s more, the system would only let me pick a recharge amount of €10 or €25.

The only way to switch recharges from euros to dollars is to cancel auto-recharges and then re-enable them. However, the only way to enable recharging appears to be by topping up your balance – you’ll have to spend some money!

Thus if you have changed your Skype currency from euros to dollars and want to use auto-recharge in the new currency, you will first have to cancel the recharge and then buy another $10 worth of Skype credit, with the “enable auto-recharge” option checked.

Domain registration scam in China

Posted on by
554

Various companies in China are trying to scare domain owners in other countries into registering Chinese variants of their domain names by claiming some other party was trying to register these variants. Examples of this scam have been reported widely throughout 2008, involving the domains asiaton.cn, erimut.com, erimart.com, erimart-domains.com.cn, hknsc.hk, hongkongnet.org, hk-net.org.cn, hknetwork.hk.cn and others (erimut.com, erimart.com, erimart-domains.com.cn and hknsc.hk are linked by IP address).

Here is one that I received on 2008-12-08, originating from IP 58.38.209.249:

From: “andy” <andy@asiaton.cn>
To: “joewein” <joewein@pobox.com>
Sent: Monday, December 08, 2008 14:11
Subject: Urgent-Notification of intellectual property

Dear CEO,

We are Asiaton Network Service Co., Ltd, which is the Internet Trademark&domain name register center in China. I have something need to confirm with you. We have received an formal application. An international company named “ROB GmbH” wants to apply “joewein” for its own Internet Trademark and CN domain name on Dec 8, 2008 in china. We need to know your opinion because the Internet Trademark And CN domain name may relate to the copyright of your company name on internet. If your company do not intervene in it,we will formally consent their registration
because the registration principle is that “Every company or individual can register the domain name and Internet Trademark which is not registered,and who registers first who owns first.”
we would like to get the affirmation of your company. If you have any question,please contact us by telephone or email as soon as possible!

Best Regards !

Andy

Principal of Checking Department

Overseas Registration Organization

Tel:+(86)731-8187 729

Fax:+(86)731-8187 739

Mobile:+(86)731 6735 121

Skype:chinaregistry

E-mail:andy@asiaton.cn

web:www.asiaton.cn

2008-12-08

Such email solicitations are fraudulent, because you can safely assume that the same email, with other domains substituted for yours, has gone out to thousands of domain owners. I found an almost identical email (listing the same third party supposedly trying to register a domain) in another blog. Somebody obviously thinks being a registrar is a license to milk foreigners.

Don’t fall for this scam, they’re playing on fear.

If you own a .com, .net or national TLD (.co.uk, de., .fr, etc) domain but are not planning to set up a Chinese office or not even doing any business in China you have no reason to spend money on a domain registration with a Chinese registrar. Also, trademarks and domains are largely separate issues. You don’t become a trademark owner merely by registering a domain and vice versa.

The only domains that really count for your business are .com/.net/.org (depending on the nature of your organisation) and/or the country code top level domain (ccTLD, such as .co.uk or .jp) if you’re based outside the USA.

Below are other examples of domain registration spams / scams that I have received before. I am sure there are a lot more out there.

Received on 2008-03-18 from 221.221.167.121:

From: “Bruce.li” <Bruce.li@erimut.com>
To: “jwspamspy” <jwspamspy@pobox.com>
Sent: Tuesday, March 18, 2008 12:53
Subject: Jwspamspy Domain Name

Dear joewein.de LLC,

We are Beijing Erimut Network Information Technology Co., Ltd in China, which is the domain name registration centre here. A formal application from the company called ChengGuang Investment (China) Co.,Ltd is to register ” jwspamspy ” as their domain name and internet keyword on Mar 17th 2008. Since this involves your company name or trade mark, in no time do we inform you of this. Please contact us timely if a first registration is needed to protect the domain names and internet keywords.

Kind Regards
Bruce.Li

Tel: +86-10-62667420 ext.602
Fax: +86-10-62667460

Email: Bruce.li@erimut.com
Beijing Erimut Network Information Technology Co.,Ltd
Website: www.erimut.com

2008-03-18

Bruce.li

Received on 2008-7-30 from 123.127.123.173:

From: “thomas.zhang” <thomas.zhang@erimart-domains.com.cn>
To: “419” <419@419scam.org>
Sent: Wednesday, July 30, 2008 12:55
Subject: Joewein Domain name & Internet keyword

July 30, 2008

Joewein

Domain name & Internet keyword

Dear Sir/Madam,

We are Beijing Erimart Network Service Co., Ltd which is the domain name register center in China. We received a formal application from a company who is applying to register “joewein” as their domain name and Internet keyword on July 27, 2008.Since after our investigation we found that this word has been in use by your company, and this may involve your company name or trade mark, so we inform you in no time. If you consider these domain names and internet keyword are important to you and it is necessary to protect them by registering them first, contact us soon. Thanks for your co-operation and support.

Kind Regards,

Thomas.Zhang

Tel: +86-10-62961631-8017

Fax: +86-10-82780671

Email: thomas.zhang@erimart-domains.com.cn

Beijing Erimart Network Service Co, Ltd

http://www.erimart.com

2008-07-30

thomas.zhang

Received on 2008-11-07 from IP 58.38.209.249:

From: “jackey.zhuang” <jackey.zhuang@hongkongnet.org>
To: “419” <419@419scam.org>
Sent: Friday, November 07, 2008 18:10
Subject: 419scam Notice

Dear Sir/Madam,

We are Hong Kong Network service Company Limited, the an official domain name registration center.

On Nov 06, we received an application from another company for the domain names “419scam” , but later we found your company is their original owner and this may involve your company name or trade mark and this may cause confusion between your products and others’ , and bring about negtive effect on your company.

Therefore we decided to inform you of this and check out your attitude toward thismatter.That is, do you want to protect these domain names by registrering them ahead or not? We would appreciate if you can spare some precious time to settle this issue.

Thank you for your cooperation and looking forwards to your early reply.

Kind Regards,

Jackey.zhuang

Tel: +852-31757930 ext.8012

Fax:+852-31757932

Email:jackey.zhuang@hongkongnet.org

Hong Kong Network Service Co. Ltd

Website:www.hknsc.hk

Linux Eee Box now available, MS giving away XP?

Posted on by
5

Two months ago I commented on the non-availability of either of the two Linux versions of the Asus Eee Box 202 that had been announced months ago along with its XP-equipped sibling, which has been shipping for two months already.

It appears you can now also get Linux versions of this tiny energy saving desktop machine, but the pricing is most curious. Originally Asus announced an 80 GB Linux version for $269, $30 less than the similarly equipped XP version. This would presumably pay for the Windows XP license fee that Microsoft collects from every Windows OEM. Linux, which is free software licensed under GPL, comes without any such fees.

However, the actual pricing is now quite different. For example, Amazon.com sells the 1 GB RAM / 80 GB hard disk Windows XP Home version (in black) for $298 while the 1 GB RAM / 160 GB hard disk Linux version (in black) is available for $321 (prices may vary by the time you read this). The picture is similar at Newegg.com, which offers the 1 GB RAM / 80 GB hard Windows XP Home version for $299 and the 1 GB RAM / 160 GB hard disk Linux version for $319. That’s $20-$23 more for a bigger hard disk, but a cheaper operating system. Retail prices of the 80 and 160 GB Seagate Momentus 5400 RPM SATA drives used in the two versions differ by only $10 (about $50 vs. $60, at Egghead.com).

Adjusting for the hard drive cost, the Windows version is now $10 cheaper instead of $30 more expensive than the Linux version, money which we can assume came out of Microsoft’s revised OEM pricing. Asus is making at least $10 more per machine that ships with Linux than with Windows, even if Microsoft was giving away XP for free to Asus, which is probably not far from the truth.

Let’s put it this way: At this stage, Microsoft must have been pretty desperate to keep Linux off as many high volume, low end machines as possible. It had made a blunder by heavily betting on the success of Vista, which requires fairly high end hardware, but the market decided otherwise. To its surprize it found that customers wanted to stick with less resource-hungry XP. Then the boom in low end machines triggered by the One Laptop per Child initiative and the Asus Eee PC took Microsoft completely by surprize.

You see, Microsoft makes money on Windows by licensing it to OEMs like HP and Dell. In a mature market where almost everyone already owns a PC these OEMs were supposed to be able to sell more machines (and bundled Windows licenses) only if a new Windows version made the old machines obsolete. The actual needs of users played almost no role in this.

Microsoft had bet on selling ever more powerful machines, thinking that if old machines were not powerful enough to run Vista, owners of XP machines would dump their hardware and buy new machines from Microsoft’s OEM customers. Instead both retail and corporate customers revolted, as Vista offered them few real benefits but a number of potential problems. Instead of triggering a rush to Vista, Microsoft motivated customers to look at other alternatives such as Mac OS X, Ubuntu and other Unix or Linux flavours or simply to sit it out and stick with XP as long as possible.

This of course is a mortal threat to Microsoft’s business. Once millions of customers get used to no longer owning the latest and greatest Windows software or even start surfing the net, doing email, watching YouTube and running OpenOffice on non-Windows machines, where is that going to leave Microsoft in 2010, when Windows 7 and perhaps Office 2010 come out?

Right now Microsoft’s business model is still generating large cash flows from selling operating systems and application software to OEMs and retail customers. This is the classic model the microcomputer software industry has used since the 1970s, even before “microcomputers” where renamed to personal computers (yes, I was around then). It’s not how the mainframe business operated before and it’s not how new Internet businesses work now.

Witness successful companies such as Google and eBay, which are making money by acting as go-betweens between buyers and sellers (ads in the case of Google, merchandise in the case of eBay). Canonical and other Linux companies get their revenue from support contracts while giving away the software. Many new business models rely on advertising or shared sales revenue. Google makes billions of dollars and has hundreds of millions of daily users without in most cases selling directly to the people who use its services. The world as Microsoft knew it is changing and it will have to change with it. That will be extremely painful for them.

Microsoft is well aware of the need to move to a new net-centric business model. For evidence look no further than its recent desperate attempt to acquire Yahoo’s user base by buying out the whole company, after having spent years and pouring billions of dollars into largely unsuccessful efforts to match Yahoo with its own MSN/Hotmail/OfficeLive offerings. The problem is, Yahoo is only up for sale because it has not managed to compete terribly well against Google either. If Microsoft and Yahoo merge, it will be a case of the blind leading the blind.

Without a working alternative, Microsoft is finding it very difficult to move away from its classic business model, which depends on its ability to get customers to buy new copies of Windows and Office every couple of years at fairly hefty prices, whether users are keen on these new versions or not.

Microsoft is going to find this ever more challenging as new low-cost mobile devices come along, especially in the sub-$500 bracket. These new gadgets will bridge the gap between mobile phones, consumer devices and PCs, offering adequate performance and convenience at low prices. Think about it: How many people are still going to pay $499.95 for a copy of Microsoft Office Professional 2007 when the mini notebook or nettop they will be running it on only cost $300-$400? That pricing model only worked while Microsoft had a de-facto monopoly on desktop operating systems and office suite applications and especially when hardware was still expensive.

Microsoft’s pricing is really a relic of the 1980s, when a 6 MHz PC AT with half a MB of RAM and a 20 MB hard drive cost as much as $6,700. Then it still made sense to spend an extra 10-30% of that amount on software to make the machine useful, but today’s numbers look very different.

The recent announcement by Canonical to port Ubuntu to ARM-based low-power devices further illustrate the danger for Microsoft from the market moving to a low-cost, low-power, net-centric model. Most mobile phones use ARM-based chipsets. So do many consumer broadband routers. It’s the de-facto standard in those markets. Both the Apple iPhone and the Google Android-based G1 run variants of Unix or Linux on ARM CPUs. So do many $50-$150 broadband routers. Meanwhile Intel is working on integrating its Atom CPU core with the graphics chip in its upcoming “Pineview” chips, going head to head with ARM for low-cost “PC on a chip” designs. Competition in this segment will result in a plethora of interesting products available to consumers.

While there will always be a demand for high end PCs for gaming (where Microsoft competes with Sony’s PlayStation and other dedicated games machines), the low end mobile market will be the real growth market, especially in emerging markets such as Asia, Africa and Latin America.

What Microsoft is effectively doing in the netbook / nettop market today is giving away Windows XP just to keep a foot in the door for a remote chance of profits a few years from now. That’s only about as smart as selling mortgages to people who can’t really afford to buy a house. Sure, you get customers that way to keep the market growing, but what is going to happen a year or two later? As the sub-prime mortgage crisis has taught us, you can’t fudge revenue numbers forever. In the short term, giving away Windows may prop up market share numbers, but the result is no more than window dressing. The Vista debacle seriously damaged Microsoft’s value as a brand amongst consumers. Don’t count on their brand loyalty too much. Microsoft has lost its ability to steer the market that it used to control, just as big old IBM did before it.

Microsoft’s Windows and Office sales are the equivalent of a subprime crisis waiting to happen. Microsoft’s revenue model is being hollowed out. The software giant is now too big to quickly move to a model that will still fit the market a few years down the road.

When the big crunch comes, expect things to get nasty. Microsoft employs 4 1/2 times more people than Google which already makes more money than Microsoft does. This ratio is not going to stay that way.

UPDATE (2008-11-20):

I mentioned that the XP version went from initially being $30 more expensive to $10 cheaper than the Linux version and credited this to Microsoft deciding to essentially give XP away in order to hang on to market share.

A review of the Dell Inspiron mini 9 sub-notebook mentions that Dell charges $40 extra for XP compared to the Linux version. That’s exactly the margin by which the price of the Eee Box XP version dropped relative to its Linux sibling between the announcement and the start of shipments, so it would back up my reasoning.

Ubuntu on a VIA MM3500 – 2 Terabyte NAS RAID1 server for $350

Posted on by
7

Sometimes raw power is the enemy of efficiency. For example, many car buyers opt for powerful engines for their cars, only to get disappointing fuel economy around town, where that power is not needed. A smaller engine that might have to work harder when pushed but runs much closer to peak efficiency in everyday driving would be more suitable. Likewise, many computer buyers get machines with high end CPUs that when doing mundane tasks such as email and web browsing spend more then 90% of their time idle, but still burning 90 to 200 Watts. A less powerful CPU might get the same job done drawing less than 50 Watts. This easily adds up to hundreds of kilowatt hours (kWh) wasted during the computer’s lifespan.

Yes, sometimes less is more. I took this philosophy to heart when I bought a Toyota Prius, which has only a modest 1.5 litre engine, drawing on electric motors and a battery for peak loads. I also recently purchased a sub-$70 motherboard with a 1.5 GHz VIA CPU that typical desktop CPUs will run circles around when running under full load, but at a cost in electricity and money. This board will take over the workload of multiple, more energy-hungry machines that have been sitting mostly idle doing what they’re doing every day. It’s powerful enough and economical, drawing a maximum of about 20W. Typical desktop chips have a maximum power draw of 45 W, 65W or more.

MM3500 - VIA C7-D 1.5GHz, CN896 + VT8237A

(Click here to see a full set of pictures of the upgrade)

Five months ago the largest and most important hard disk on my LAN died after only 15 months. Even though I could still rescue the most crucial data off it before the drive finally went offline forever, it was a very close shave and I lost some data. I realized I needed to move my data to a RAID, a “Redundant Array of Inexpensive Drives”. It’s a system in which data is transparently written to multiple drives for reliability. If any one drive dies you can still read your data and recover gracefully from the failure after swapping the dead drive for a replacement drive. This is relatively easy to do in Linux, in fact the server that hosts this website uses RAID too.

Last weekend I set up a machine for about $350 in total as a network attached storage server (NAS) under Linux with adequate processing power for other tasks. I equipped it with 2 GB of RAM and twin 1 TB mirrored hard disk drives. The main expense were the two drives (WD10EADS “GreenPower”, 5400 rpm, $110 each), whose cost made up about 2/3 of the total investment. The other parts were the Micro-ATX VIA MM3500 motherboard ($70), two 1 GB DDR2 PC5300 memory modules ($25 each), SATA cables (one comes with the motherboard) and Molex to SATA power adapter cables, as my older ATX SFX power supply (PSU) did not have the right connectors yet. Also, the motherboard uses a 24-pin power connector while the PSU only had a 20-pin plug, but the four extra pins are not required for this board and the plug is keyed to only fit in the proper place.

The case that was to house these components used to be an eMachine 366i, a cheap minitower I had bought in 1999 for about $450 and which had served me well for many years. I once had to replace the power supply for $25 with a FSP180-50NIV-H (dead PSUs are the most common problem in eMachines) and otherwise only upgraded the hard disks, the last one being a 60 GB IBM DeskStar that failed in 2007. By now the 366i’s Celeron 366 MHz CPU was slow, it’s 256 MB (the maximum supported by the board) inadequate for modern operating systems and it neither supported SATA drives nor any drives greater than 128 GB. It also didn’t have any USB2 ports. Still, the replacement power supply was relatively recent and the case big enough for this project.

Since the RAID drives had to be online 24/7 for my spam processing I was looking for a motherboard that used as little power as possible while being adequate for running the file server and spam filter. After considering various Intel and AMD desktop boards (including the Intel Atom processor 230 Intel 945GC Mini ITX desktop board) I finally came across the VIA MM3500. As mentioned above, this board includes a VIA C7-D CPU running at 1.5 GHz.

While that VIA CPU is even slower than an Intel Atom (which is not exactly known for its speed) its price of under 7000 Japanese yen (less than US$70) was attractive and both the CPU and the chipset draw little power. While the CPU on the Intel Atom board only sips power, its chipset is fairly inefficient (which is why the cooling fan sits on the Northbridge heatsink, not the passively cooled Atom heatsink). Like the Atom board the MM3500 has two SATA ports, enough for handling RAID1. 8 USB2 ports provide plenty of expansion capabilities, as does a PCI-E slot for video cards (not available on the Atom). Two DDR2 slots will accept up to 4 GB of RAM, twice the limit of the Atom board which only has one slot and can only reach its maximum of 2 GB by using a 2 GB SIMM. Both boards offer one PCI slot.

The main complication with the VIA board turned out to be video driver support for the onboard graphics (CN986 Northbridge / Chrome9 HC IGP). As soon as Ubuntu switches into graphics mode, the screen becomes unreadable. I got around this only by plugging an old Jaton Video-198PCI-64 Twin video card into the PCI slot (any Ubuntu-supported PCI or PCI-E card will do). I am hoping to find a proper work-around to be able to remove this card again and minimize power usage [done, see UPDATE below!]. I could do away with it by running the server only in text mode (with ssh access) and never using its GUI. That wouldn’t matter for a file server.

I first tried installing Ubuntu 8.04 LTS (desktop edition), but after the video problems I switched to a torrent of the Ubuntu 8.10 beta. Ubuntu 8.10 (Intrepid Ibex) is due for release on October 30, 2008. The 8.10 beta includes a fix for booting off a RAID1 system with one dead drive, which I may need in the future. 8.04 doesn’t handle this yet.

After installing the PCI video card, the operating system installation (including configuring the two mirrored drives as RAID1 following these very helpful instructions) went very smoothly.

It is a pity VIA doesn’t provide better video driver support for up-to-date Linux versions, otherwise this would be a nice little board that I would find easy to recommend to people who want to build a low-power usage system on a small budget.

UPDATE (2008-10-14):

I now have the motherboard video working in VESA mode and it’s very usable.

Following some pointers in various forums, I tried adding the xforcevesa option to the kernel loader line in /boot/grub/menu.lst, but that didn’t seem to have any effect in Ubuntu 8.10 beta (Intrepid Ibex).

Then I renamed /etc/X11/xorg.conf to a backup and copied xorg.conf.failsafe to xorg.conf (in folder /etc/X11/). I shut down the machine, connected the monitor cable to the motherboard VGA and removed the add-on VGA from the PCI slot. When I powered up the machine again, it booted fine. I get a 1280×1024 screen, the maximum for the Dell 1905FP monitor I used.

I am still hoping that the Ubuntu developers will manage to get an updated Chrome9 HC IGP driver into the upcoming release, but for now I have a workable solution and am happy with this setup.

UPDATE (2008-11-10):

I got rid of the VESA driver and am using the default OpenChrome driver for the motherboard video after specifying two options to disable features on the driver that cause problems in the current build:

Section “Device”
Identifier “Configured Video Device”
# Driver “vesa”
Option “XaaNoImageWriteRect”
Option “SWCursor” “True”
EndSection

Also, a couple of days ago VIA uploaded a beta test version of their driver for Ubuntu 8.10 to their Linux support site (a month after 8.10 was released), but I haven’t tested it yet.

Beware of fake Kaspersky beta installer emails

Posted on by
Reply

Today I received a Trojan email that bears the same handwriting as the recent fake Google Chrome installer emails. Both emails are in German, offer an attached RAR file with what supposedly is an installer for a beta test version of new software from a well-established software company:

Sehr geehrter Nutzer,

heute möchten wir Sie zu unserem Aktuellen Betatest des neuen Kaspersky© 9.5.710 einladen.
Unser neues Produkt besticht durch seine überarbeitete Scanroutine sowie die schnelle und effektive
Aufspürung von Viren, Trojaner und anderer böswilliger Maleware.

Für ihren persönlichen Zugang haben wir ihnen ein Beta Account eingerichtet welchen Sie bei der
Installation angeben müssen, um den Webinstaller sowie das Programm an sich nutzen zu können.

Benutzername: kis_aX9535
Passwort: c3VF5gg8

Diese Daten werden bei der Installation abgefragt. Notieren Sie sich diese Daten bitte genau,
da diese auch für ihren Zugang auf unserer Seite erforderlich sind.

Zum Ende des Betatests bekommen Sie eine Volllizenz und können somit Kaspersky© ein
Jahr kostenlos für ihre Sicherheit nutzen.

Sollten Sie Fragen oder Probleme haben, so schreiben Sie und eine Mail an: beta-team@kaspersky.de

Wir wünschen Ihnen nun viel Spass mit unserem neuem Produkt und hoffen auf eine Positive Wertung
von ihnen auf unserer Website.

Mit freundlichen Grüßen
Ihr Kaspersky Beta Team

Copyright © 1997 – 2008 Kaspersky Lab

Industry Leading Antivirus Software

Message headers:

Received: from mo-p05-ob.rzone.de (mo-p05-ob.rzone.de [81.169.146.182])
by mail.joewein.net (Ogose Mail Daemon) with ESMTP id 818CC10DCC78
for <419@419scam.org>; Sun, 21 Sep 2008 21:43:45 +0000 (UTC)
X-RZG-CLASS-ID: mo05
X-RZG-AUTH: :L2MKYUGrb9+s7Ys+/C6cdNboKaxR22vZQHQdVrAeYnDdBsCFdpW1J0sdHw==
Received: from [77.21.44.13] ([62.159.230.93])
by post.webmailer.de (fruni mo40) (RZmta 17.4)
with ESMTP id L03273k8LKd8yb for <419@419scam.org>;
Sun, 21 Sep 2008 23:43:17 +0200 (MEST)
(envelope-from: )
Date: Sun, 21 Sep 2008 23:40:54 +0200
Mime-version: 1.0
Subject: [PR] Kaspersky Betatester Programm
From: Matthias Franken
To: <419@419scam.org>
Message-Id: <9212340.EDWNJLIN@kaspersky.de>
Original-recipient: rfc822;419@419scam.org
Content-Type: multipart/mixed; Boundary="--=BOUNDARY_9212340_SIIK_IDLO_OFNM_KSKB"

At the time of writing this blog posting, Kasperksy’s online malware scanner did not yet recognize the Trojan Kaspersky.9.5.7.1.exe in archive file Kaspersky.9.5.7.1.rar.

As I already stated in my posting about the fake Google Chrome installer, do not install software attached to or linked from emails you didn’t request.

The real Kaspersky software is highly regarded and trial versions are available on the Kasperky website.

Vacuum your PC

Posted on by
1

A friend of mine who has been selling PCs mostly to industrial customers for many years long ago told me that twice a year he opens his customers’ computers and gives them a good cleaning with a vacuum cleaner. It prevents many problems, mostly due to overheating when dust builds up on top of computer chips.

I remembered this piece of advice when my wife’s computer started to sound more and more like there was a hairdryer inside. The CPU fan kept running at full speed, even when it was just sitting there with the Windows desktop, not just running any CPU-hungry applications. It hadn’t always been so.

What is it about computer fans and dust? As processors got faster, they consumed more and more power and consequently, produced more heat. Thus the need for fans, which draw in not only air for cooling, but also the dust that comes with it and which tends to build up. As the dust obstructs the airflow, the fan keeps having to work harder and the less effectively cooled parts get hotter, which can shorten their lifespan.

My wife’s machine is a Dell Dimension 3100C, a low-budget machine based on the Intel Celeron D 330. This CPU is a low-end version of the Pentium 4, whose power-guzzling technology has since been abandoned by Intel in favour of the more energy-efficient Centrino / Core architecture that was derived from the older Pentium III.

Even the lowly Celeron D 330 has a Thermal Design Power (TDP) of 73 W. To cope with this heat output, it has a massive heat sink through which a fan blows air from outside the chassis. When I opened the box I found that the metal grill in front of the air intake of the CPU fan was clogged with a 5 millimeter layer of dusty fluff.

After undoing two screws that hold down the heatsink cover I could flip the hinged heatsink by 90 degrees and remove it, allowing me full access to the inside of the fan, so I could blow air against the dust with a plastic straw from inside. I vacuumed the entire motherboard and both sides of the fan air intake, while brushing and blowing the dust loose. An old toothbrush and a plastic straw or a can of compressed air for blowing away dust can be helpful. Also, put a narrow plastic tip on the vacuum cleaner, for use in tight corners.

When all was done and I put the heatsink back, closed the box, reconnected the power cord and switched the computer on again, it ran nicely quiet – almost like new!

I definitely recommend vacuuming your PC at least once a year, more if you live in a dusty environment or if the fan blows a lot because you like to use CPU-intensive applications such as games.

Eee Box B202 – What happened to Linux?

Posted on by
4

When ASUS announced its Eee Box B202 back in May, there were going to be three models:

  • the base model running Linux version with 1 GB of RAM and a 80 GB hard disk for $269,
  • a Windows XP Home version with the same 1 GB of RAM and 80 GB of disk for $299 and
  • a Linux version with 2 GB of RAM and 160 GB of disk for $299

Four months later only one of these three versions is available and it’s neither the cheapest nor the best equipped of the three anounced configurations: Only the Windows version hit the stores, at $50 more than previously announced (it’s around $350).

Meanwhile the Linux versions are nowhere to be be found, though rumour has it that they will become available later this year.

Considering that ASUS shipped it trailblazing Eee PC notebook with Linux first, before following it with a Windows version, this turn of events with their desktop is somewhat surprizing. Low prices are a major reason why their machines are attractive, but every Windows machine shipped means royalty payments to Microsoft, which is why the XP version was going to be $30 more expensive than the base model (Linux is royalty-free). By opting for only shipping XP, ASUS is also preventing its customers from buying a 160 GB version, as Microsoft refuses to let OEMs ship XP with machines with more than 80 GB of disk space.

To get a 160 GB Eee Box with 2 GB of RAM and Linux (the configuration I was interested in) you would have to buy an 80 GB model with 1 GB of RAM and XP, only to discard the 80 GB drive, the 1 GB SIMM and Windows XP (which you’ve all paid for) and then install a separately purchased 160 GB drive and 2 GB SIMM and a (free) copy of Linux.

When the Eee PC was launched, I was very excited by the prospect of low-energy, low cost computing, but wanted to wait for the desktop as I would use them mostly as unattended servers and had no need for an LCD screen. Like many other potential ASUS customers, I will keep on waiting now.

I currently use a set of four machines to process external spam feeds for the SURBL Multi JP blacklist. Since these machines are on 24 hours a day, seven days a week I would like to minimize power usage and Intel’s Atom processors with a TDP of less than 5W sounded like a very attractive upgrade path for me. I use some older machines with sub-1 GHz clock speeds that draw relatively little power, but these old motherboards have some drawbacks. First of all they are limited to a maximum of between 256 and 512 MB of RAM, while Atom boards support up to 2 GB. Secondly, their motherboards are 7 to 10 years old and they won’t work forever.

I had a look at Intel’s Atom 230-based Mini-ITX desktop board, which can be found for under $70 and fits existing ATX-based machines like my ancient eMachine eTowers. At first glance that looked attractive. However, even though the CPU is efficient, the Northbridge support chip of the Intel 945GC Express Chipset on that board burns about five times more power than the Atom CPU itself. The Eee Box sounds like a much better choice in the long term, as it uses an Atom 270 with the much more efficient Mobile Intel 945GSE Express Chipset. The catch is, you can’t currently buy an Eee Box without paying the “Microsoft tax”, i.e. a Windows XP license that you pay for whether you have a use for it or not.

The decision by ASUS to push back on the Linux version makes no sense to me. I suspect Microsoft made ASUS an offer they found hard to refuse, in order to establish the Eee Box as a Windows-only machine. It will cost ASUS sales and it won’t make Microsoft any more popular. It’s not good for the planet either if people buy power-hungry desktop hardware instead of one of the more economical computers available.