Author Archives: Joe Wein

About Joe Wein

Software developer and anti-spam activist

Domain registration scam in China

Posted on by
557

Various companies in China are trying to scare domain owners in other countries into registering Chinese variants of their domain names by claiming some other party was trying to register these variants. Examples of this scam have been reported widely throughout 2008, involving the domains asiaton.cn, erimut.com, erimart.com, erimart-domains.com.cn, hknsc.hk, hongkongnet.org, hk-net.org.cn, hknetwork.hk.cn and others (erimut.com, erimart.com, erimart-domains.com.cn and hknsc.hk are linked by IP address).

Here is one that I received on 2008-12-08, originating from IP 58.38.209.249:

From: “andy” <andy@asiaton.cn>
To: “joewein” <joewein@pobox.com>
Sent: Monday, December 08, 2008 14:11
Subject: Urgent-Notification of intellectual property

Dear CEO,

We are Asiaton Network Service Co., Ltd, which is the Internet Trademark&domain name register center in China. I have something need to confirm with you. We have received an formal application. An international company named “ROB GmbH” wants to apply “joewein” for its own Internet Trademark and CN domain name on Dec 8, 2008 in china. We need to know your opinion because the Internet Trademark And CN domain name may relate to the copyright of your company name on internet. If your company do not intervene in it,we will formally consent their registration
because the registration principle is that “Every company or individual can register the domain name and Internet Trademark which is not registered,and who registers first who owns first.”
we would like to get the affirmation of your company. If you have any question,please contact us by telephone or email as soon as possible!

Best Regards !

Andy

Principal of Checking Department

Overseas Registration Organization

Tel:+(86)731-8187 729

Fax:+(86)731-8187 739

Mobile:+(86)731 6735 121

Skype:chinaregistry

E-mail:andy@asiaton.cn

web:www.asiaton.cn

2008-12-08

Such email solicitations are fraudulent, because you can safely assume that the same email, with other domains substituted for yours, has gone out to thousands of domain owners. I found an almost identical email (listing the same third party supposedly trying to register a domain) in another blog. Somebody obviously thinks being a registrar is a license to milk foreigners.

Don’t fall for this scam, they’re playing on fear.

If you own a .com, .net or national TLD (.co.uk, de., .fr, etc) domain but are not planning to set up a Chinese office or not even doing any business in China you have no reason to spend money on a domain registration with a Chinese registrar. Also, trademarks and domains are largely separate issues. You don’t become a trademark owner merely by registering a domain and vice versa.

The only domains that really count for your business are .com/.net/.org (depending on the nature of your organisation) and/or the country code top level domain (ccTLD, such as .co.uk or .jp) if you’re based outside the USA.

Below are other examples of domain registration spams / scams that I have received before. I am sure there are a lot more out there.

Received on 2008-03-18 from 221.221.167.121:

From: “Bruce.li” <Bruce.li@erimut.com>
To: “jwspamspy” <jwspamspy@pobox.com>
Sent: Tuesday, March 18, 2008 12:53
Subject: Jwspamspy Domain Name

Dear joewein.de LLC,

We are Beijing Erimut Network Information Technology Co., Ltd in China, which is the domain name registration centre here. A formal application from the company called ChengGuang Investment (China) Co.,Ltd is to register ” jwspamspy ” as their domain name and internet keyword on Mar 17th 2008. Since this involves your company name or trade mark, in no time do we inform you of this. Please contact us timely if a first registration is needed to protect the domain names and internet keywords.

Kind Regards
Bruce.Li

Tel: +86-10-62667420 ext.602
Fax: +86-10-62667460

Email: Bruce.li@erimut.com
Beijing Erimut Network Information Technology Co.,Ltd
Website: www.erimut.com

2008-03-18

Bruce.li

Received on 2008-7-30 from 123.127.123.173:

From: “thomas.zhang” <thomas.zhang@erimart-domains.com.cn>
To: “419” <419@419scam.org>
Sent: Wednesday, July 30, 2008 12:55
Subject: Joewein Domain name & Internet keyword

July 30, 2008

Joewein

Domain name & Internet keyword

Dear Sir/Madam,

We are Beijing Erimart Network Service Co., Ltd which is the domain name register center in China. We received a formal application from a company who is applying to register “joewein” as their domain name and Internet keyword on July 27, 2008.Since after our investigation we found that this word has been in use by your company, and this may involve your company name or trade mark, so we inform you in no time. If you consider these domain names and internet keyword are important to you and it is necessary to protect them by registering them first, contact us soon. Thanks for your co-operation and support.

Kind Regards,

Thomas.Zhang

Tel: +86-10-62961631-8017

Fax: +86-10-82780671

Email: thomas.zhang@erimart-domains.com.cn

Beijing Erimart Network Service Co, Ltd

http://www.erimart.com

2008-07-30

thomas.zhang

Received on 2008-11-07 from IP 58.38.209.249:

From: “jackey.zhuang” <jackey.zhuang@hongkongnet.org>
To: “419” <419@419scam.org>
Sent: Friday, November 07, 2008 18:10
Subject: 419scam Notice

Dear Sir/Madam,

We are Hong Kong Network service Company Limited, the an official domain name registration center.

On Nov 06, we received an application from another company for the domain names “419scam” , but later we found your company is their original owner and this may involve your company name or trade mark and this may cause confusion between your products and others’ , and bring about negtive effect on your company.

Therefore we decided to inform you of this and check out your attitude toward thismatter.That is, do you want to protect these domain names by registrering them ahead or not? We would appreciate if you can spare some precious time to settle this issue.

Thank you for your cooperation and looking forwards to your early reply.

Kind Regards,

Jackey.zhuang

Tel: +852-31757930 ext.8012

Fax:+852-31757932

Email:jackey.zhuang@hongkongnet.org

Hong Kong Network Service Co. Ltd

Website:www.hknsc.hk

Linux Eee Box now available, MS giving away XP?

Posted on by
5

Two months ago I commented on the non-availability of either of the two Linux versions of the Asus Eee Box 202 that had been announced months ago along with its XP-equipped sibling, which has been shipping for two months already.

It appears you can now also get Linux versions of this tiny energy saving desktop machine, but the pricing is most curious. Originally Asus announced an 80 GB Linux version for $269, $30 less than the similarly equipped XP version. This would presumably pay for the Windows XP license fee that Microsoft collects from every Windows OEM. Linux, which is free software licensed under GPL, comes without any such fees.

However, the actual pricing is now quite different. For example, Amazon.com sells the 1 GB RAM / 80 GB hard disk Windows XP Home version (in black) for $298 while the 1 GB RAM / 160 GB hard disk Linux version (in black) is available for $321 (prices may vary by the time you read this). The picture is similar at Newegg.com, which offers the 1 GB RAM / 80 GB hard Windows XP Home version for $299 and the 1 GB RAM / 160 GB hard disk Linux version for $319. That’s $20-$23 more for a bigger hard disk, but a cheaper operating system. Retail prices of the 80 and 160 GB Seagate Momentus 5400 RPM SATA drives used in the two versions differ by only $10 (about $50 vs. $60, at Egghead.com).

Adjusting for the hard drive cost, the Windows version is now $10 cheaper instead of $30 more expensive than the Linux version, money which we can assume came out of Microsoft’s revised OEM pricing. Asus is making at least $10 more per machine that ships with Linux than with Windows, even if Microsoft was giving away XP for free to Asus, which is probably not far from the truth.

Let’s put it this way: At this stage, Microsoft must have been pretty desperate to keep Linux off as many high volume, low end machines as possible. It had made a blunder by heavily betting on the success of Vista, which requires fairly high end hardware, but the market decided otherwise. To its surprize it found that customers wanted to stick with less resource-hungry XP. Then the boom in low end machines triggered by the One Laptop per Child initiative and the Asus Eee PC took Microsoft completely by surprize.

You see, Microsoft makes money on Windows by licensing it to OEMs like HP and Dell. In a mature market where almost everyone already owns a PC these OEMs were supposed to be able to sell more machines (and bundled Windows licenses) only if a new Windows version made the old machines obsolete. The actual needs of users played almost no role in this.

Microsoft had bet on selling ever more powerful machines, thinking that if old machines were not powerful enough to run Vista, owners of XP machines would dump their hardware and buy new machines from Microsoft’s OEM customers. Instead both retail and corporate customers revolted, as Vista offered them few real benefits but a number of potential problems. Instead of triggering a rush to Vista, Microsoft motivated customers to look at other alternatives such as Mac OS X, Ubuntu and other Unix or Linux flavours or simply to sit it out and stick with XP as long as possible.

This of course is a mortal threat to Microsoft’s business. Once millions of customers get used to no longer owning the latest and greatest Windows software or even start surfing the net, doing email, watching YouTube and running OpenOffice on non-Windows machines, where is that going to leave Microsoft in 2010, when Windows 7 and perhaps Office 2010 come out?

Right now Microsoft’s business model is still generating large cash flows from selling operating systems and application software to OEMs and retail customers. This is the classic model the microcomputer software industry has used since the 1970s, even before “microcomputers” where renamed to personal computers (yes, I was around then). It’s not how the mainframe business operated before and it’s not how new Internet businesses work now.

Witness successful companies such as Google and eBay, which are making money by acting as go-betweens between buyers and sellers (ads in the case of Google, merchandise in the case of eBay). Canonical and other Linux companies get their revenue from support contracts while giving away the software. Many new business models rely on advertising or shared sales revenue. Google makes billions of dollars and has hundreds of millions of daily users without in most cases selling directly to the people who use its services. The world as Microsoft knew it is changing and it will have to change with it. That will be extremely painful for them.

Microsoft is well aware of the need to move to a new net-centric business model. For evidence look no further than its recent desperate attempt to acquire Yahoo’s user base by buying out the whole company, after having spent years and pouring billions of dollars into largely unsuccessful efforts to match Yahoo with its own MSN/Hotmail/OfficeLive offerings. The problem is, Yahoo is only up for sale because it has not managed to compete terribly well against Google either. If Microsoft and Yahoo merge, it will be a case of the blind leading the blind.

Without a working alternative, Microsoft is finding it very difficult to move away from its classic business model, which depends on its ability to get customers to buy new copies of Windows and Office every couple of years at fairly hefty prices, whether users are keen on these new versions or not.

Microsoft is going to find this ever more challenging as new low-cost mobile devices come along, especially in the sub-$500 bracket. These new gadgets will bridge the gap between mobile phones, consumer devices and PCs, offering adequate performance and convenience at low prices. Think about it: How many people are still going to pay $499.95 for a copy of Microsoft Office Professional 2007 when the mini notebook or nettop they will be running it on only cost $300-$400? That pricing model only worked while Microsoft had a de-facto monopoly on desktop operating systems and office suite applications and especially when hardware was still expensive.

Microsoft’s pricing is really a relic of the 1980s, when a 6 MHz PC AT with half a MB of RAM and a 20 MB hard drive cost as much as $6,700. Then it still made sense to spend an extra 10-30% of that amount on software to make the machine useful, but today’s numbers look very different.

The recent announcement by Canonical to port Ubuntu to ARM-based low-power devices further illustrate the danger for Microsoft from the market moving to a low-cost, low-power, net-centric model. Most mobile phones use ARM-based chipsets. So do many consumer broadband routers. It’s the de-facto standard in those markets. Both the Apple iPhone and the Google Android-based G1 run variants of Unix or Linux on ARM CPUs. So do many $50-$150 broadband routers. Meanwhile Intel is working on integrating its Atom CPU core with the graphics chip in its upcoming “Pineview” chips, going head to head with ARM for low-cost “PC on a chip” designs. Competition in this segment will result in a plethora of interesting products available to consumers.

While there will always be a demand for high end PCs for gaming (where Microsoft competes with Sony’s PlayStation and other dedicated games machines), the low end mobile market will be the real growth market, especially in emerging markets such as Asia, Africa and Latin America.

What Microsoft is effectively doing in the netbook / nettop market today is giving away Windows XP just to keep a foot in the door for a remote chance of profits a few years from now. That’s only about as smart as selling mortgages to people who can’t really afford to buy a house. Sure, you get customers that way to keep the market growing, but what is going to happen a year or two later? As the sub-prime mortgage crisis has taught us, you can’t fudge revenue numbers forever. In the short term, giving away Windows may prop up market share numbers, but the result is no more than window dressing. The Vista debacle seriously damaged Microsoft’s value as a brand amongst consumers. Don’t count on their brand loyalty too much. Microsoft has lost its ability to steer the market that it used to control, just as big old IBM did before it.

Microsoft’s Windows and Office sales are the equivalent of a subprime crisis waiting to happen. Microsoft’s revenue model is being hollowed out. The software giant is now too big to quickly move to a model that will still fit the market a few years down the road.

When the big crunch comes, expect things to get nasty. Microsoft employs 4 1/2 times more people than Google which already makes more money than Microsoft does. This ratio is not going to stay that way.

UPDATE (2008-11-20):

I mentioned that the XP version went from initially being $30 more expensive to $10 cheaper than the Linux version and credited this to Microsoft deciding to essentially give XP away in order to hang on to market share.

A review of the Dell Inspiron mini 9 sub-notebook mentions that Dell charges $40 extra for XP compared to the Linux version. That’s exactly the margin by which the price of the Eee Box XP version dropped relative to its Linux sibling between the announcement and the start of shipments, so it would back up my reasoning.

Ubuntu on a VIA MM3500 – 2 Terabyte NAS RAID1 server for $350

Posted on by
7

Sometimes raw power is the enemy of efficiency. For example, many car buyers opt for powerful engines for their cars, only to get disappointing fuel economy around town, where that power is not needed. A smaller engine that might have to work harder when pushed but runs much closer to peak efficiency in everyday driving would be more suitable. Likewise, many computer buyers get machines with high end CPUs that when doing mundane tasks such as email and web browsing spend more then 90% of their time idle, but still burning 90 to 200 Watts. A less powerful CPU might get the same job done drawing less than 50 Watts. This easily adds up to hundreds of kilowatt hours (kWh) wasted during the computer’s lifespan.

Yes, sometimes less is more. I took this philosophy to heart when I bought a Toyota Prius, which has only a modest 1.5 litre engine, drawing on electric motors and a battery for peak loads. I also recently purchased a sub-$70 motherboard with a 1.5 GHz VIA CPU that typical desktop CPUs will run circles around when running under full load, but at a cost in electricity and money. This board will take over the workload of multiple, more energy-hungry machines that have been sitting mostly idle doing what they’re doing every day. It’s powerful enough and economical, drawing a maximum of about 20W. Typical desktop chips have a maximum power draw of 45 W, 65W or more.

MM3500 - VIA C7-D 1.5GHz, CN896 + VT8237A

(Click here to see a full set of pictures of the upgrade)

Five months ago the largest and most important hard disk on my LAN died after only 15 months. Even though I could still rescue the most crucial data off it before the drive finally went offline forever, it was a very close shave and I lost some data. I realized I needed to move my data to a RAID, a “Redundant Array of Inexpensive Drives”. It’s a system in which data is transparently written to multiple drives for reliability. If any one drive dies you can still read your data and recover gracefully from the failure after swapping the dead drive for a replacement drive. This is relatively easy to do in Linux, in fact the server that hosts this website uses RAID too.

Last weekend I set up a machine for about $350 in total as a network attached storage server (NAS) under Linux with adequate processing power for other tasks. I equipped it with 2 GB of RAM and twin 1 TB mirrored hard disk drives. The main expense were the two drives (WD10EADS “GreenPower”, 5400 rpm, $110 each), whose cost made up about 2/3 of the total investment. The other parts were the Micro-ATX VIA MM3500 motherboard ($70), two 1 GB DDR2 PC5300 memory modules ($25 each), SATA cables (one comes with the motherboard) and Molex to SATA power adapter cables, as my older ATX SFX power supply (PSU) did not have the right connectors yet. Also, the motherboard uses a 24-pin power connector while the PSU only had a 20-pin plug, but the four extra pins are not required for this board and the plug is keyed to only fit in the proper place.

The case that was to house these components used to be an eMachine 366i, a cheap minitower I had bought in 1999 for about $450 and which had served me well for many years. I once had to replace the power supply for $25 with a FSP180-50NIV-H (dead PSUs are the most common problem in eMachines) and otherwise only upgraded the hard disks, the last one being a 60 GB IBM DeskStar that failed in 2007. By now the 366i’s Celeron 366 MHz CPU was slow, it’s 256 MB (the maximum supported by the board) inadequate for modern operating systems and it neither supported SATA drives nor any drives greater than 128 GB. It also didn’t have any USB2 ports. Still, the replacement power supply was relatively recent and the case big enough for this project.

Since the RAID drives had to be online 24/7 for my spam processing I was looking for a motherboard that used as little power as possible while being adequate for running the file server and spam filter. After considering various Intel and AMD desktop boards (including the Intel Atom processor 230 Intel 945GC Mini ITX desktop board) I finally came across the VIA MM3500. As mentioned above, this board includes a VIA C7-D CPU running at 1.5 GHz.

While that VIA CPU is even slower than an Intel Atom (which is not exactly known for its speed) its price of under 7000 Japanese yen (less than US$70) was attractive and both the CPU and the chipset draw little power. While the CPU on the Intel Atom board only sips power, its chipset is fairly inefficient (which is why the cooling fan sits on the Northbridge heatsink, not the passively cooled Atom heatsink). Like the Atom board the MM3500 has two SATA ports, enough for handling RAID1. 8 USB2 ports provide plenty of expansion capabilities, as does a PCI-E slot for video cards (not available on the Atom). Two DDR2 slots will accept up to 4 GB of RAM, twice the limit of the Atom board which only has one slot and can only reach its maximum of 2 GB by using a 2 GB SIMM. Both boards offer one PCI slot.

The main complication with the VIA board turned out to be video driver support for the onboard graphics (CN986 Northbridge / Chrome9 HC IGP). As soon as Ubuntu switches into graphics mode, the screen becomes unreadable. I got around this only by plugging an old Jaton Video-198PCI-64 Twin video card into the PCI slot (any Ubuntu-supported PCI or PCI-E card will do). I am hoping to find a proper work-around to be able to remove this card again and minimize power usage [done, see UPDATE below!]. I could do away with it by running the server only in text mode (with ssh access) and never using its GUI. That wouldn’t matter for a file server.

I first tried installing Ubuntu 8.04 LTS (desktop edition), but after the video problems I switched to a torrent of the Ubuntu 8.10 beta. Ubuntu 8.10 (Intrepid Ibex) is due for release on October 30, 2008. The 8.10 beta includes a fix for booting off a RAID1 system with one dead drive, which I may need in the future. 8.04 doesn’t handle this yet.

After installing the PCI video card, the operating system installation (including configuring the two mirrored drives as RAID1 following these very helpful instructions) went very smoothly.

It is a pity VIA doesn’t provide better video driver support for up-to-date Linux versions, otherwise this would be a nice little board that I would find easy to recommend to people who want to build a low-power usage system on a small budget.

UPDATE (2008-10-14):

I now have the motherboard video working in VESA mode and it’s very usable.

Following some pointers in various forums, I tried adding the xforcevesa option to the kernel loader line in /boot/grub/menu.lst, but that didn’t seem to have any effect in Ubuntu 8.10 beta (Intrepid Ibex).

Then I renamed /etc/X11/xorg.conf to a backup and copied xorg.conf.failsafe to xorg.conf (in folder /etc/X11/). I shut down the machine, connected the monitor cable to the motherboard VGA and removed the add-on VGA from the PCI slot. When I powered up the machine again, it booted fine. I get a 1280×1024 screen, the maximum for the Dell 1905FP monitor I used.

I am still hoping that the Ubuntu developers will manage to get an updated Chrome9 HC IGP driver into the upcoming release, but for now I have a workable solution and am happy with this setup.

UPDATE (2008-11-10):

I got rid of the VESA driver and am using the default OpenChrome driver for the motherboard video after specifying two options to disable features on the driver that cause problems in the current build:

Section “Device”
Identifier “Configured Video Device”
# Driver “vesa”
Option “XaaNoImageWriteRect”
Option “SWCursor” “True”
EndSection

Also, a couple of days ago VIA uploaded a beta test version of their driver for Ubuntu 8.10 to their Linux support site (a month after 8.10 was released), but I haven’t tested it yet.

Beware of fake Kaspersky beta installer emails

Posted on by
Reply

Today I received a Trojan email that bears the same handwriting as the recent fake Google Chrome installer emails. Both emails are in German, offer an attached RAR file with what supposedly is an installer for a beta test version of new software from a well-established software company:

Sehr geehrter Nutzer,

heute möchten wir Sie zu unserem Aktuellen Betatest des neuen Kaspersky© 9.5.710 einladen.
Unser neues Produkt besticht durch seine überarbeitete Scanroutine sowie die schnelle und effektive
Aufspürung von Viren, Trojaner und anderer böswilliger Maleware.

Für ihren persönlichen Zugang haben wir ihnen ein Beta Account eingerichtet welchen Sie bei der
Installation angeben müssen, um den Webinstaller sowie das Programm an sich nutzen zu können.

Benutzername: kis_aX9535
Passwort: c3VF5gg8

Diese Daten werden bei der Installation abgefragt. Notieren Sie sich diese Daten bitte genau,
da diese auch für ihren Zugang auf unserer Seite erforderlich sind.

Zum Ende des Betatests bekommen Sie eine Volllizenz und können somit Kaspersky© ein
Jahr kostenlos für ihre Sicherheit nutzen.

Sollten Sie Fragen oder Probleme haben, so schreiben Sie und eine Mail an: beta-team@kaspersky.de

Wir wünschen Ihnen nun viel Spass mit unserem neuem Produkt und hoffen auf eine Positive Wertung
von ihnen auf unserer Website.

Mit freundlichen Grüßen
Ihr Kaspersky Beta Team

Copyright © 1997 – 2008 Kaspersky Lab

Industry Leading Antivirus Software

Message headers:

Received: from mo-p05-ob.rzone.de (mo-p05-ob.rzone.de [81.169.146.182])
by mail.joewein.net (Ogose Mail Daemon) with ESMTP id 818CC10DCC78
for <419@419scam.org>; Sun, 21 Sep 2008 21:43:45 +0000 (UTC)
X-RZG-CLASS-ID: mo05
X-RZG-AUTH: :L2MKYUGrb9+s7Ys+/C6cdNboKaxR22vZQHQdVrAeYnDdBsCFdpW1J0sdHw==
Received: from [77.21.44.13] ([62.159.230.93])
by post.webmailer.de (fruni mo40) (RZmta 17.4)
with ESMTP id L03273k8LKd8yb for <419@419scam.org>;
Sun, 21 Sep 2008 23:43:17 +0200 (MEST)
(envelope-from: )
Date: Sun, 21 Sep 2008 23:40:54 +0200
Mime-version: 1.0
Subject: [PR] Kaspersky Betatester Programm
From: Matthias Franken
To: <419@419scam.org>
Message-Id: <9212340.EDWNJLIN@kaspersky.de>
Original-recipient: rfc822;419@419scam.org
Content-Type: multipart/mixed; Boundary="--=BOUNDARY_9212340_SIIK_IDLO_OFNM_KSKB"

At the time of writing this blog posting, Kasperksy’s online malware scanner did not yet recognize the Trojan Kaspersky.9.5.7.1.exe in archive file Kaspersky.9.5.7.1.rar.

As I already stated in my posting about the fake Google Chrome installer, do not install software attached to or linked from emails you didn’t request.

The real Kaspersky software is highly regarded and trial versions are available on the Kasperky website.

Vacuum your PC

Posted on by
1

A friend of mine who has been selling PCs mostly to industrial customers for many years long ago told me that twice a year he opens his customers’ computers and gives them a good cleaning with a vacuum cleaner. It prevents many problems, mostly due to overheating when dust builds up on top of computer chips.

I remembered this piece of advice when my wife’s computer started to sound more and more like there was a hairdryer inside. The CPU fan kept running at full speed, even when it was just sitting there with the Windows desktop, not just running any CPU-hungry applications. It hadn’t always been so.

What is it about computer fans and dust? As processors got faster, they consumed more and more power and consequently, produced more heat. Thus the need for fans, which draw in not only air for cooling, but also the dust that comes with it and which tends to build up. As the dust obstructs the airflow, the fan keeps having to work harder and the less effectively cooled parts get hotter, which can shorten their lifespan.

My wife’s machine is a Dell Dimension 3100C, a low-budget machine based on the Intel Celeron D 330. This CPU is a low-end version of the Pentium 4, whose power-guzzling technology has since been abandoned by Intel in favour of the more energy-efficient Centrino / Core architecture that was derived from the older Pentium III.

Even the lowly Celeron D 330 has a Thermal Design Power (TDP) of 73 W. To cope with this heat output, it has a massive heat sink through which a fan blows air from outside the chassis. When I opened the box I found that the metal grill in front of the air intake of the CPU fan was clogged with a 5 millimeter layer of dusty fluff.

After undoing two screws that hold down the heatsink cover I could flip the hinged heatsink by 90 degrees and remove it, allowing me full access to the inside of the fan, so I could blow air against the dust with a plastic straw from inside. I vacuumed the entire motherboard and both sides of the fan air intake, while brushing and blowing the dust loose. An old toothbrush and a plastic straw or a can of compressed air for blowing away dust can be helpful. Also, put a narrow plastic tip on the vacuum cleaner, for use in tight corners.

When all was done and I put the heatsink back, closed the box, reconnected the power cord and switched the computer on again, it ran nicely quiet – almost like new!

I definitely recommend vacuuming your PC at least once a year, more if you live in a dusty environment or if the fan blows a lot because you like to use CPU-intensive applications such as games.

Eee Box B202 – What happened to Linux?

Posted on by
4

When ASUS announced its Eee Box B202 back in May, there were going to be three models:

  • the base model running Linux version with 1 GB of RAM and a 80 GB hard disk for $269,
  • a Windows XP Home version with the same 1 GB of RAM and 80 GB of disk for $299 and
  • a Linux version with 2 GB of RAM and 160 GB of disk for $299

Four months later only one of these three versions is available and it’s neither the cheapest nor the best equipped of the three anounced configurations: Only the Windows version hit the stores, at $50 more than previously announced (it’s around $350).

Meanwhile the Linux versions are nowhere to be be found, though rumour has it that they will become available later this year.

Considering that ASUS shipped it trailblazing Eee PC notebook with Linux first, before following it with a Windows version, this turn of events with their desktop is somewhat surprizing. Low prices are a major reason why their machines are attractive, but every Windows machine shipped means royalty payments to Microsoft, which is why the XP version was going to be $30 more expensive than the base model (Linux is royalty-free). By opting for only shipping XP, ASUS is also preventing its customers from buying a 160 GB version, as Microsoft refuses to let OEMs ship XP with machines with more than 80 GB of disk space.

To get a 160 GB Eee Box with 2 GB of RAM and Linux (the configuration I was interested in) you would have to buy an 80 GB model with 1 GB of RAM and XP, only to discard the 80 GB drive, the 1 GB SIMM and Windows XP (which you’ve all paid for) and then install a separately purchased 160 GB drive and 2 GB SIMM and a (free) copy of Linux.

When the Eee PC was launched, I was very excited by the prospect of low-energy, low cost computing, but wanted to wait for the desktop as I would use them mostly as unattended servers and had no need for an LCD screen. Like many other potential ASUS customers, I will keep on waiting now.

I currently use a set of four machines to process external spam feeds for the SURBL Multi JP blacklist. Since these machines are on 24 hours a day, seven days a week I would like to minimize power usage and Intel’s Atom processors with a TDP of less than 5W sounded like a very attractive upgrade path for me. I use some older machines with sub-1 GHz clock speeds that draw relatively little power, but these old motherboards have some drawbacks. First of all they are limited to a maximum of between 256 and 512 MB of RAM, while Atom boards support up to 2 GB. Secondly, their motherboards are 7 to 10 years old and they won’t work forever.

I had a look at Intel’s Atom 230-based Mini-ITX desktop board, which can be found for under $70 and fits existing ATX-based machines like my ancient eMachine eTowers. At first glance that looked attractive. However, even though the CPU is efficient, the Northbridge support chip of the Intel 945GC Express Chipset on that board burns about five times more power than the Atom CPU itself. The Eee Box sounds like a much better choice in the long term, as it uses an Atom 270 with the much more efficient Mobile Intel 945GSE Express Chipset. The catch is, you can’t currently buy an Eee Box without paying the “Microsoft tax”, i.e. a Windows XP license that you pay for whether you have a use for it or not.

The decision by ASUS to push back on the Linux version makes no sense to me. I suspect Microsoft made ASUS an offer they found hard to refuse, in order to establish the Eee Box as a Windows-only machine. It will cost ASUS sales and it won’t make Microsoft any more popular. It’s not good for the planet either if people buy power-hungry desktop hardware instead of one of the more economical computers available.

Beware of fake Google Chrome installer emails

Posted on by
3

Barely had Google announced its new browser Chrome, that malware senders responded by sending out fake emails claiming to provide an installer for the new software. Here is a German message I received:

From: “Steffen Neukirch” <beta-team@google.de>
To: spamtrap-email-address
Sent: Friday, September 05, 2008 09:26
Subject: [PR] Neuter Webbrowser Chrome erhältlich

Sie benötigen einen JavaScript-fähigen Browser, um diese Software herunterzuladen. Klicken Sie hier, um Anleitungen zum Aktivieren von JavaScript in Ihrem Browser zu erhalten.

Google Chrome (BETA) für Windows
Google Chrome ist ein Browser, durch den die Nutzung des Internets beschleunigt, vereinfacht und sicherer gestaltet werden soll. Dabei bietet der Browser eine hohe Nutzerfreundlichkeit.

Für Windows Vista/XP

Ein Eingabefeld für alles
Bei Eingabe von Text in die Adressleiste erhalten Sie Vorschläge zu Such- und Webseiten.

Miniaturansichten Ihrer am häufigsten besuchten Websites
Rufen Sie Ihre Lieblingsseiten von jedem neuen Tab aus blitzschnell auf.

Verknüpfungen für Ihre Anwendungen
Starten Sie Ihre am häufigsten verwendeten Webanwendungen über Desktop-Verknüpfungen.

Zögern Sie nicht den neuen Webbrower zu testen, im Anhang finden Sie die neuste Version des Chrome
einfach installieren und sofort loslegen.

©2008 Google – Startseite – Über Google – Datenschutzbestimmungen – Hilfe

I checked the attached 705 KB ChromeSetup.rar file with Kasperky’s online virus scanner:

Scanned file: ChromeSetup.rar – Infected
ChromeSetup.rar/ChromeSetup.exe – infected by Trojan-Dropper.Win32.VB.efh

Do not install software attached to or linked from emails you didn’t request. The real Google Chrome (Beta) browser is available at http://www.google.com/chrome

DD-WRT on Buffalo WHR-HP-G54

Posted on by
9

Today I installed the open source router firmware DD-WRT on a newly purchased Buffalo WHR-HP-G54 broadband router. I’m very impressed with its rich feature set and ease of installation.

Months ago a friend had recommended OpenWRT, another open source solution for low cost broadband routers, but following the old “don’t try to fix it if it ain’t broken” mantra, I had stuck with my standard NEC Aterm WR6650S WarpStar router (firmware revision 8.72) .

A few weeks ago I started having random problems connecting to the internet. When I clicked on links in the browser, either it was very slow or it returned an error or timed out on me. When I investigated I noticed that the internal log of the NEC WarpStar was full of error messages like these:

2008/08/24 18:09:29 NAT TX-ERROR List Create Error : UDP 192.168.1.102 : 31320 > 201.29.227.157 : 7701 (IP-PORT=1)
2008/08/24 18:09:29 NAT TX-ERROR List Create Error : UDP 192.168.1.102 : 31320 > 99.227.142.5 : 9205 (IP-PORT=1)

A router reset (briefly pulling the power cord) would cure it for a few hours to two days at most, but then the problem always came back. The router firmware obviously had trouble tracking which entries in its Network Address Translation (NAT) table could be discarded and the table would overflow, making connections to the outside world hit and miss, as NAT entries are essential for replies to requests sent to servers out there to get back into the LAN.

Of the 8 PCs and Macs in my home and office that are sharing a cable internet connection, at least four are on all the time, crunching spam data received from around the world day and night. So you can imagine that whatever router I’m using is always getting a good workout. I can’t afford it to be unreliable.

So I started doing a bit of research on OpenWRT and its cousin DD-WRT and what sort of routers that are compatible with them I could get locally here in Yokohama, Japan.

The Linksys WRT54G was the first router fitted with open source firmware, but Yamada Denki, the biggest electronics store in my part of town, does not sell any Linksys products. They were selling mostly NEC and Buffalo, but none of the models I found on the shelves appeared on the list of supported hardware.

I searched Google for the WHR-HP-G54, a supported Buffalo router, for pages in Japanese and found it on kakaku.com, a price search website. It was available for 6,500 yen from Mr. Direct, a company based in Hiroshima. Less than 48 hours later the router arrived at my doorstep by takkyubin (parcel service), for about $70 including tax and shipping.

Installing DD-WRT on the router turned out to be so easy, it actually took less time to do it than to get my Windows Vista notebook working with the new wireless security keys afterwards!

Here’s what I did:

  1. First I downloaded the firmware (v24-sp1 / Consumer / Buffalo / WHR-HP-G54 / dd-wrt.v24_mini_generic.bin) and saved it on my local hard disk. Update 2009-05-25: Do not use any DD-WRT V24-sp1 builds dated in between 030309 and 051809, these builds have known problem that didn’t exist in the March 3, 2009 version and was fixed in the May 18 2009 version.
  2. Next I verified the router was working with its default firmware. I hooked my notbook to one of the LAN ports by ethernet cable and accessed 192.168.11.1 with the browser. The Japanese factory firmware came up (user: root, blank password).
  3. I added the tftp program in the Windows Vista control panel (Programs and Features / Turn Windows features on or off)
  4. I opened two command prompt windows. In the first I executed
    ping -t 192.168.11.1

  5. In the second command prompt window I went into the folder where I had saved the downloaded DD-WRT firmware and then typed the following, without hitting Enter:
    tftp -i 192.168.11.1 PUT dd-wrt.v24_mini_generic.bin

  6. Unplug the power cable from the back of the router, then reconnect it.
  7. As soon as you see the router responding to the PING command in the first window, hit enter on the second window (tftp command). The diag LED will flash for a number of seconds and tftp will report that the file was transferred.
  8. When the LEDs on the router are quiet, the update will have finished. Renew your IP (or reboot your PC), because the router will now be at 192.168.1.1. Access it with the browser and you’re ready to configure your new DD-WRT router!

Malware: “Por favor veja isso!!!”

Posted on by
Reply

Today I received a couple of near identical emails in Portuguese that differed only by the (forged) sender address:

From: “Fernanda” <fernandinha@globo.com.br>
To: <joewein@pobox.com>
Sent: Thursday, September 04, 2008 06:29
Subject: Por favor veja isso!!!

Você acredita que essas coisas ainda acontecem no Brasil?

Eu não posso acreditar…

Se você quiser, assine e repassse!

Tratamentos Desumanos.wmv (153,0 KB)

Google translation:

Subject: Please see that!!!

Do you believe that these things still happen in Brazil?

I can not believe …

If you want to, sign and pass on!

Inhumane Treatment.wmv (153.0 KB)

The link to what looks like a Windows movie file will try to run a malware installer.

The link in one of the emails goes to http://ceubba.org.ar/chat/data/web/~/anexo/video.wmv, which is actually a directory created by the malware senders on a hacked website. For any directory, the browser resends the request with index.html, index.htm and a few other typical default document names. The criminals named their Windows malwale index.html and placed it into that folder. Because the file starts with an executable program header, Windows will try to run it, rather than using the Windows media player to play it as a video.

Be very careful when clicking on links or attachments in unexpected mail sent to you. Use common sense or a good anti-malware program, ideally both!

Gmail “Never send it to spam” and IE 6

Posted on by
6

Earlier this summer a friend told me about a way to keep emails out of the Gmail spam filter, which unlike that of Yahoo! Mail can not be disabled. By setting up a filter rule (say, the email contains certain words) and specifying the “Never send it to spam” action for messages that match the rule, these emails will never get caught in the spam folder.

I collect a lot of spam for building my spam blacklists and would have liked to use my Gmail accounts for that, so this sounded useful. By using a filter rule I could ensure that the spam emails I wanted to analyze would either end up in the Inbox, from where my spamfilter can extract them via POP, or would be forwarded to another email address for retrieval.

However when I tried it, the new option wasn’t there. I found many blogs talking about the feature, but none of the Gmails accounts I tried gave me that option. What was I missing?

The mystery seems to be related to the browser I use: When I use Internet Explorer 7 on a Vista machine, the new option was indeed available. However, with Internet Explorer 6.0 on two XP machines it wasn’t there. When I installed and ran FireFox 3 in parallel on one of those XP machines, the option appeared too.

Therefore, if like me you use IE 6 and don’t want to switch browsers just yet, set up the Gmail filter from another machine running IE 7 or install FireFox as an additional browser (not the default) on your IE 6 machine. Unlike IE 7, FireFox will coexist happily with IE 6 and upgrading to it is not a one way street as it is with IE 7.