Avian’s Blog

Number of comments submitted to posts on this blog has gone through the roof recently as you can see on the graph below. Of course, practically all of these are spam. Unfortunately moderating this flood of crappy advertisements and link baits is now starting to take more of my time than I am willing to spend on it. Since I want to keep my little corner of the web a clean and friendly place I'm closing the comment submission until I come across some viable solution. In the mean time if you have a question or want to contribute something to one of my posts, feel free to sent me an email.

While Akismet has been doing a pretty good job of automatically filtering comment spam for me, it's been letting a non-trivial amount of it through in the recent months. Considering the increase in volume, that might not even be due to decreased accuracy.

The kind of spam I'm seeing is kind of surprising. Spammer fetches the blog post that contains the comment submission form, submits a comment and fetches the post again to verify that his comment is visible. After these three HTTP requests the originating IP is never seen hitting my server again, making me think this is done via a botnet or some other distributed operation like that. There is no obvious sign of crawling so I don't know how they get the URLs to spam. They use realistic looking user agent headers and the only obvious difference to a real browser is that they don't fetch any of the resources (images, CSS, ...) referenced in the HTML document.

The content varies, but a lot of the comments I've been removing manually these days look like bug reports ("the sidebar is not rendering correctly on my browser", "search doesn't work" and such) that are only given away by the obvious keyword stuffing in the author name and the URL (or when they are complaining about bugs in features this website doesn't have). They target both new and old blog posts, so just shutting down comments on old posts doesn't seem to be a solution.

Recently I read Missile Gap by Charles Stross (first 9 chapters seem to be freely available on the web). It's a fascinating little hard-science fiction story that mixes Earth from the cold war era and a completely outrageous premise that the world has suddenly become a flat disc.

I can just imagine this started as a crazy idea in the form of "well, I wonder what would happen if the Earth was flat" and then brought to the logical conclusion, with the politics of the 70s thrown in to make for a more captivating story. I think Missile Gap shows in the best possible way how a science fiction story can start with a completely unbelievable event and then build a world and extrapolate a line of believable events around it that makes for an enjoyable read that doesn't force you to suspend the rational part of your mind. Many stories I come across these days have less outrageous plot devices, but then continue to break known laws of physics like crazy during their course.

What also kept me turning pages is the inclusion and logical continuation of quite real, but obscure research projects that both superpowers were working on at that time. For someone like me who has spent too many hours reading up on canceled concepts of nuclear powered airplanes and rockets this was like icing on a cake.

Anyway, the other day I needed something to occupy my mind and having the book handy on my Kindle and an idle Python interpreter on my laptop, I drew the visualization above. It shows Missile Gap's 17 chapters in three colors, to show three separate personal stories the book revolves around. The length of the boxes is proportional to the number of words while the accumulative number of words is shown on the scale on the right (click on the image for a larger version).

Last weekend Jure and I visited this year's iteration of the SIGINT conference in Köln, Germany. SIGINT is a conference organized by the Chaos Computer Club and like the Chaos Computer Congress has a bit of history. Previous years it felt more like a local event and I didn't consider visiting it. This year however I decided to give it a try since the announcement gave the impression that they were aiming for a more international audience, for instance with the preference for English talks in the Call for papers.

At the first impression, the event looked much like a summer version of the Congress. Instead of one big hall the conference was split between two buildings with three lecture rooms, two halls and an obligatory basement hack center with copious amounts of reasonably priced Club Mate. Beyond the Fairy dust you could see some usual suspects from past winter events in Hamburg and Berlin like the All Colors Are Beautiful blinking IKEA boxes installation, Rarity hacked Brother embroidery machine and Nick Farr in his trademark suit.

The talks were a mix of social and political topics, computer security and various other curiosities that I came to expect from hacker conferences like this. The society track was unsurprisingly dominated by the recent leaks about United States data collection. From these I can recommend watching the keynote by Meredith L. Patterson and the Politics of Surveillance by Rainey Reitman. On the computer security topic there were perhaps a few more talks by people that can read x86 assembly by heart than you could find at 29C3 (where I believe a lot of this crowd opted to go to BerlinSides instead). Embedded device security nightmares and Car immobilizer hacking rang close to home for me. Also worth watching once the video recordings are published is the Secure Exploit Payload Staging which gives a good impression of how little trace someone can leave after breaking into your server. From the retro-computing scene, I liked the The DRM of Pacman talk about vintage hardware copy protection schemes in game cabinets of old. And finally, I thoroughly enjoyed the Making music with a C compiler lecture, which made me think again about the complex synthesizer I implemented on VESNA. By the way, slides for my lightning talk on that topic are already on-line, although the original blog post is probably more informative.

In conclusion, it was a nice event with an appropriately lazy pace for an extended summer weekend. My only complaint would be that the crowd felt less open than what I'm used to at the Congresses. It was hard to strike an English conversation with someone and looking back I didn't really had any interesting chats at the event beyond me asking a few stupid questions regarding projects exhibited in the hallways. I couldn't help overhearing a few comments regarding how different the event was compared to previous years, so perhaps it's just a sign that most people there were still used to a more local audience. In any case that's a completely subjective feeling and it's perfectly possible that I wasn't in my most sociable mood either. I'm starting to fear that I might have slightly overbooked my travel plans for this summer.