certainlynotyetregistered.com

SiteFinder is now also active in .com. Meanwhile I haven’t seen a single mailing list posting anywhere that would welcome this change — but a lot of furor across the board, and some thought on how this can be stopped: People are modifying name se…

SiteFinder is now also active in .com.Meanwhile I haven’t seen a single mailing list posting anywhere that would welcome this change — but a lot of furor across the board, and some thought on how this can be stopped: People are modifying name servers that serve as resolvers to replace Verisign’s sitefinder A records by the correct NXDOMAIN response.

More on Sitefinder.

Here’s an illustration of what I mean when I complain about corrupting error diagnostics: During the past 20 minutes or so (it’s now 1:38 a.m. GMT+0200), the address which is returned by the registry in response to queries for unregistered domain …

Here’s an illustration of what I mean when I complain about corrupting error diagnostics: During the past 20 minutes or so (it’s now 1:38 a.m. GMT+0200), the address which is returned by the registry in response to queries for unregistered domain names was unreachable. The result? Instead of a quick message that I’ve mistyped the domain name, I get a timeout after waiting for quite some time. That’s a highly misleading error diagnostic, and it’s making the user experience much worse. Which brings us to another problem with this: Verisign has been careful to put work-arounds in place that are supposed to mitigate the effects of the DNS change for individual protocols. These work-arounds depend on the availability of Verisign’s infrastructure in order to work, though. Once this infrastructure is unreachable, users have no possibility to discern a non-existing domain name from an unreachable host.

Media_httplogdoesnote_smlrw

Talking about user experience, I’m also sure that users of Asian localized software will very much appreciate getting English-language error messages from Verisign instead of localized and translated error messages from the software they are running.

Verisign calls it SiteFinder.

White papers on the mechanisms that Verisign apparently plans to implement for resolving unregistered domain names are available here. The service seems to have gone live now, at least for .net. Concerns here, here, and here. Discussion at ICANNWa…

White papers on the mechanisms that Verisign apparently plans to implement for resolving unregistered domain names are available here.The service seems to have gone live now, at least for .net. Concerns here, here, and here. Discussion at ICANNWatch.

Updated debbugs tools available.

Here’s an updated version of my debbugs tools. cli.pl is now able to interactively spamassassinate bug logs; also, there is a script named fix-utimes.pl that will adjust log files’ modification times according to the date of the last message recei…

Here’s an updated version of my debbugs tools. cli.pl is now able to interactively spamassassinate bug logs; also, there is a script named fix-utimes.pl that will adjust log files’ modification times according to the date of the last message received with respect to a specific bug report. (This is important to prevent done bugs from staying in the system forever just because of spam.)

Sobig.F is no more.

Sobig.F has recently deactivated itself. The impact on e-mail bandwidth is amazing — green for spam + virus bandwidth, blue for legitimate e-mail bandwidth.

Sobig.F has recently deactivated itself. The impact on e-mail bandwidth is amazing — green for spam + virus bandwidth, blue for legitimate e-mail bandwidth.

Media_httplogdoesnote_dfcmk

Linux NFS, quota, and a kernel bug.

We spent quite some time today tracking down an obscure Linux problem: With the commonly-used user space NFS daemon, quota doesn’t seem to propagate over NFS. In theory, quota is enforced on the server-side. We think we have found the bug; it’s in…

We spent quite some time today tracking down an obscure Linux problem: With the commonly-used user space NFS daemon, quota doesn’t seem to propagate over NFS. In theory, quota is enforced on the server-side.We think we have found the bug; it’s in the 2.4 kernel (but we couldn’t test that, yet): The user space NFS daemon runs as root, and protects system calls that affect the file system by calling setfsuid(2) in order to drop privileges. setfsuid(2) to a non-root user will clear all capability bits in CAP_FS_MASK. The CAP_SYS_RESOURCE bit (1

%d bloggers like this: