tag:blogger.com,1999:blog-81742212024-03-12T20:46:08.915-04:00Thought FlickrsPeter Dawson Home of ThoughtPeterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.comBlogger849125tag:blogger.com,1999:blog-8174221.post-64808953757008925102013-09-13T15:18:00.001-04:002013-09-13T15:18:25.527-04:00Re-testTrying to ensure I dont lose my property :)-Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com1tag:blogger.com,1999:blog-8174221.post-41763568552602703262009-05-11T10:00:00.001-04:002009-05-11T10:00:34.110-04:00find dup()Sub FindDups()'' NOTE: You must select the first cell in the column and' make sure that the column is sorted before running this macro'ScreenUpdating = FalseFirstItem = ActiveCell.ValueSecondItem = ActiveCell.Offset(1, 0).ValueOffsetcount = 1Do While ActiveCell <> ""If FirstItem = SecondItem ThenActiveCell.Offset(Offsetcount, 0).Interior.Color = RGB(255, 0, 0)Offsetcount = Offsetcount + 1SecondItem = ActiveCell.Offset(Offsetcount, 0).ValueElseActiveCell.Offset(Offsetcount, 0).SelectFirstItem = ActiveCell.ValueSecondItem = ActiveCell.Offset(1, 0).ValueOffsetcount = 1End IfLoopScreenUpdating = TrueEnd Sub<br />/* remove trailing and leading white spaces */<br />Sub WhiteSpacer()Dim cel As Range, rg As RangeSet rg = SelectionIf rg.Cells.Count = 1 Then Set rg = ActiveSheet.UsedRangeSet rg = rg.SpecialCells(xlCellTypeConstants)If rg Is Nothing Then Exit SubApplication.ScreenUpdating = TrueFor Each cel In rg.Cells 'Replace requires Excel 2000 or later. For Excel 97, use Application.Substitute instead cel = Trim(Replace(cel, Chr(160), Chr(32))) 'VBA Trim removes leading and trailing spaces only 'cel = Application.Trim(Replace(cel, Chr(160), Chr(32))) 'TRIM function removes leading and trailing spaces, and converts multiple spaces in succession into a single oneNextApplication.ScreenUpdating = TrueEnd SubPeterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com2tag:blogger.com,1999:blog-8174221.post-91176455456454373162009-04-18T12:06:00.001-04:002009-04-18T12:08:46.271-04:00Two Choices ONLY !!Two Choices<br /><br />What would you do?....you make the choice. Don't look for a punch line, there isn't one. Read it anyway. My question is: Would you have made the same choice?<br /><br /><br /><br />At a fundraising dinner for a school that serves children with learning disabilities, the father of one of the students delivered a speech that would never be forgotten by all who attended. After extolling the school and its dedicated staff, he offered a question:<br /><br />'When not interfered with by outside influences, everything nature does, is done with perfection.<br /><br />Yet my son, Shay, cannot learn things as other children do. He cannot understand things as other children do.<br /><br />Where is the natural order of things in my son?'<br /><br /><br /><br />The audience was stilled by the query.<br /><br /><br />The father continued. 'I believe that when a child like Shay, who was mentally and physically disabled comes into the world, an opportunity to realize true human nature presents itself, and it comes in the way other people treat that child.'<br /><br />Then he told the following story:<br /><br /><br />Shay and I had walked past a park where some boys Shay knew were playing baseball. Shay asked, 'Do you think they'll let me play?' I knew that most of the boys would not want someone like Shay on their team, but as a father I also understood that if my son were allowed to play, it would give him a much-needed sense of belonging and some confidence to be accepted by others in spite of his handicaps.<br /><br /><br /><br />I approached one of the boys on the field and asked (not expecting much) if Shay could play. The boy looked around for guidance and said, 'We're losing by six runs and the game is in the eighth inning. I guess he can be on our team and we'll try to put him in to bat in the ninth inning.'<br /><br /><br /><br />Shay struggled over to the team's bench and, with a broad smile, put on a team shirt. I watched with a small tear in my eye and warmth in my heart. The boys saw my joy at my son being accepted.<br /><br />In the bottom of the eighth inning, Shay's team scored a few runs but was still behind by three.<br /><br />In the top of the ninth inning, Shay put on a glove and played in the right field. Even though no hits came his way, he was obviously ecstatic just to be in the game and on the field, grinning from ear to ear as I wav ed to him from the stands.<br /><br />In the bottom of the ninth inning, Shay's team scored again.<br /><br />Now, with two outs and the bases loaded, the potential winning run was on base and Shay was scheduled to be next at bat.<br /><br /><br /><br />At this juncture, do they let Shay bat and give away their chance to win the game?<br /><br />Surprisingly, Shay was given the bat. Everyone knew that a hit was all but impossible because Shay didn't even know how to hold the bat properly, much less connect with the ball.<br /><br /><br /><br />However, as Shay stepped up to the<br /><br />plate, the pitcher, recognizing that the other team was putting winning aside for this moment in Shay's life, moved in a few steps to lob the ball in softly so Shay could at least make contact.<br /><br />The first pitch came and Shay swung clumsily and missed.<br /><br />The pitcher again took a few steps forward to toss the ball softly towards Shay.<br /><br />As the pitch came in, Shay swung at the ball and hit a slow ground ball right b ask to the pitcher.<br /><br /><br /><br />The game would now be over.<br /><br />The pitcher picked up the soft grounder and could have easily thrown the ball to the first baseman.<br /><br />Shay would have been out and that would have been the end of the game.<br /><br /><br /><br />Instead, the pitcher threw the ball right over the first baseman's head, out of reach of all team mates.<br /><br />Everyone from the stands and both teams started yelling, 'Shay, run to first!<br /><br />Run to first!'<br /><br />Never in his life had Shay ever run that far, but he made it to first base.<br /><br />He scampered down the baseline, wide-eyed and startled.<br /><br /><br /><br />Everyone yelled, 'Run to second, run to second!'<br /><br />Catching his breath, Shay awkwardly ran towards second, gleaming and struggling to make it to the base.<br /><br />B y the time Shay rounded towards second base, the right fielder had the ball .. the smallest guy on their team who now had his first chance to be the hero for his team.<br /><br />He could have thrown the ball to the second-baseman for the tag, but he understood the pitcher's intentions so he, too, intentionally threw the ball high and far over the third-baseman's head.<br /><br />Shay ran toward third base deliriously as the runners ahead of him circled the bases toward home.<br /><br /><br /><br />All were screaming, 'Shay, Shay, Shay, all the Way Shay'<br /><br /><br /><br />Shay reached third base because the opposing shortstop ran to help him by turning him in the direction of third base, and shouted, 'Run to third!<br /><br />Shay, run to third!'<br /><br /><br /><br />As Shay rounded third, the boys from both teams, and the spectators, were on their feet screaming, 'Shay, run home! Run home!'<br /><br />Shay ran to home, stepped on the plate, and was cheered as the hero who hit the grand slam and won the game for his team<br /><br /><br /><br />'That day', said the father softly with tears now rolling down his face, 'the boys from both teams helped bring a piece of true love and humanity into this world'.<br /><br /><br /><br />Shay didn't make it to another summer. He died that winter, having never forgotten being the hero and making me so happy, and coming home and seeing his Mother tearfully embrace her little hero of the day!<br /><br /><br /><br />AND NOW A LITTLE FOOT NOTE TO THIS STORY:<br /><br />We all send thousands of jokes through the e-mail without a second thought, but when it comes to sending messages about life choices, people hesitate.<br /><br />The crude, vulgar, and often obscene pass freely through cyberspace, but public discussion about decency is too often suppressed in our schools and workplaces.<br /><br />We all have thousands of opportunities every single day to help realize the 'natural order of things.'<br /><br />So many seemingly trivial interactions between two people present us with a choice:<br /><br />Do we pass along a little spark of love and humanity or do we pass up those opportunities and leave the world a little bit colder in the process?<br /><br /><br /><br />A wise man once said every society is judged by how it treats it's least fortunate amongst them.<br /><br /><br /><br />You now have two choices:<br /><br />1. Pass the Love around<br /><br />2. Ignore it and keep doing what you do<br /><br /><br />.. and regardless either choice.. May your day, be a Shay Day.Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-36576353312219941662009-04-17T15:33:00.001-04:002009-04-17T15:36:23.884-04:00Prophet and Loss<blockquote><blockquote><blockquote><p> </p><p>Brooksley Born warned that unchecked trading in the credit market could lead to disaster, but power brokers in Washington ignored her. Now we're all paying the price.</p><p>[..]</p><p>As chairperson of the CFTC, Born advocated reining in the huge and growing market for financial derivatives. Derivatives get their name because the value is derived from fluctuations in, for example, interest rates or foreign exchange. They started out as ways for big corporations and banks to manage their risk across a range of investments. One type of derivative—known as a credit-default swap—has been a key contributor to the economy’s recent unraveling. </p><p> </p><p><a href="http://www.stanfordalumni.org/news/magazine/2009/marapr/features/born.html?cmpid=kb0904">Link</a> </p></blockquote></blockquote></blockquote>Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-37790256260400852212008-10-27T12:20:00.004-04:002008-10-27T13:17:04.327-04:00A subprime PrimerHeres a nice SubPrime Primer for all to understand the brokerage business.<br /><br /><div style="width:425px;text-align:left" id="__ss_696840"><a style="font:14px Helvetica,Arial,Sans-serif;display:block;margin:12px 0 3px 0;text-decoration:underline;" href="http://www.slideshare.net/slashpd/subprime-primer-presentation-696840?type=powerpoint" title="Subprime Primer">Subprime Primer</a><object style="margin:0px" width="425" height="355"><param name="movie" value="http://static.slideshare.net/swf/ssplayer2.swf?doc=subprime-primer-1225124444172501-9&stripped_title=subprime-primer-presentation-696840" /><param name="allowFullScreen" value="true"/><param name="allowScriptAccess" value="always"/><embed src="http://static.slideshare.net/swf/ssplayer2.swf?doc=subprime-primer-1225124444172501-9&stripped_title=subprime-primer-presentation-696840" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="425" height="355"></embed></object><div style="font-size:11px;font-family:tahoma,arial;height:26px;padding-top:2px;">View SlideShare <a style="text-decoration:underline;" href="http://www.slideshare.net/slashpd/subprime-primer-presentation-696840?type=powerpoint" title="View Subprime Primer on SlideShare">presentation</a> or <a style="text-decoration:underline;" href="http://www.slideshare.net/upload?type=powerpoint">Upload</a> your own.</div></div>Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-31880495375253606032008-10-21T10:29:00.001-04:002008-10-21T10:29:45.003-04:00Conversational Blindness—Answering the Wrong Question the Right Way<blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">When faced with unwanted queries, question-dodgers sometimes exploit conversational blindness—a phenomenon whereby listeners fail to notice when speakers respond to a different question than the one they are asked—by responding with answers that seem to address the question asked, but which in fact address an entirely different question. [..] A successful dodge occurs when a speaker's answer to the wrong question is so compelling that the listener both forgets the right one, and rates the dodger positively. In some cases, speakers end up better off by answering the wrong question well rather than the right question poorly.</blockquote><br><br clear="all">This is an<a href="http://www.hbs.edu/research/pdf/09-048.pdf"> interesting paper</a> to read. It reminds me of the mother asking the child -" have you done your homework ?" and where the child responds "mom , you know what I did in school today ? I wrote the whole equation on the black board , when nobody in the class knew how to solve the problem" !<br> <br> Subject change - relevant to school , but not relevant to homework !<br><br> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com1tag:blogger.com,1999:blog-8174221.post-70973956266905870292008-10-21T10:16:00.001-04:002008-10-21T10:16:14.052-04:00Whose Value Statement ?Does anyone know which org's value statement this is ?<br><br><br><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">We lead by example | We work together | We respect the individual | We seek the facts and provide insight<br> We are open and honest in our communication | We are committed to our communities<br>Above all, we act with integrity<br></blockquote><br><br> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com1tag:blogger.com,1999:blog-8174221.post-59124546938223319422008-10-20T13:56:00.001-04:002008-10-20T13:56:37.996-04:00Due Dilgence prepardness checklistInvestor presentation prepared: Yes<br>OM/PPM prepared: No<br>Business plan prepared: Yes<br>Executive summary prepared: Yes<br>3 year projections prepared: Yes<br>3 year historical prepared: Yes<br>Financials externally reviewed: No<br>Financials externally audited: No<br>Financials prepared by: External CPA<br>Formal board in place: Yes<br>Willing to put in board if none: Yes<br>Option plan in place: No<br>Employee agreements: Yes<br>Board of directors agreements: No<br>Board of advisors agreements: No<br>Subscription agreements: No<br>Cap table shareholder list: No<br>Management directors: 2<br>Non-mgmt directors: 2<br>Non-mgmt non-shareholders: --Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-50177890212003081902008-10-02T13:08:00.001-04:002008-10-02T13:08:20.755-04:00statements which make you go hmmmmmmmmmmm !!<div dir="ltr"><div>This is a <a href="http://friendfeed.com/e/b94f267a-7be1-4c7f-a03e-ad1090fc5177/When-a-government-asks-99-of-the-population-who/">classic</a> statement by <a class="l_person" style="oldpaddingTop: ; oldborderTopWidth: ; oldpaddingBottom: ; oldborderBottomWidth: ; oldpaddingRight: ; oldborderRightWidth: ; oldpaddingLeft: ; oldborderLeftWidth: " href="http://friendfeed.com/shivanand">Shivanand Velmurugan</a> </div> <div> </div> <blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">"When a government asks 99% of the population who own less than half of the country's wealth to bail out the 1% of the population who own 51% of the wealth the population has to decide whether it wants bankruptcy before revolution or revolution before bankruptcy. It really is that simple.""</blockquote> </div> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com4tag:blogger.com,1999:blog-8174221.post-71367356206864420742008-08-28T22:09:00.001-04:002008-08-28T22:09:39.411-04:00FF beta comments boo boo<p class="mobile-photo"><a href="http://2.bp.blogspot.com/_AWQNj-wt7io/SLdaY_Vtn4I/AAAAAAAABmo/fo0xlGmWsSY/s1600-h/ff-comment-779413.PNG"><img src="http://2.bp.blogspot.com/_AWQNj-wt7io/SLdaY_Vtn4I/AAAAAAAABmo/fo0xlGmWsSY/s320/ff-comment-779413.PNG" border="0" alt="" id="BLOGGER_PHOTO_ID_5239756076834725762" /></a></p><div dir="ltr"><br> </div> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-44749803376159010202008-08-25T10:47:00.000-04:002008-08-25T10:54:23.776-04:00Bill Gates is Right on Creative Capitalism<div dir="ltr"><div> <blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid"> <div>"Bill Gates has it right. Business is the most powerful force for change in the world right now and gives the idea of creative capitalism real power"</div> <div>[..]</div> <div>The first is the issue of resources</div> <div>A second force affecting the speed and direction of global capitalism comes from the demand side.</div> <div>At the same time, the corporate form is changing very fast. New networks of companies and organizations are emerging, new ways of competing and collaborating are becoming more important. Old boundaries are withering.</div> <div>A fourth catalyst is transparency. Leaders and organizations of all kinds are increasingly operating in glasshouses. </div> <div>Finally, though less obviously, there is a palpable thirst among people around the world for leadership that is not for sale, for individuals and organizations that are not solely defined by the transactional rhythms and white-hot speed of the marketplace</div> </blockquote></div> <div> </div> <div><br clear="all"><br>source :<a href="http://hbswk.hbs.edu/item/5988.html">HBS</a> </div></div> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-31318707535038753282008-08-24T07:47:00.001-04:002008-08-24T07:47:20.186-04:00The New Frontiers !!<div dir="ltr"><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">"Now exfiltrators are beginning to make use of streaming data technologies like voice over Internet Protocol (VoIP). Disrupting or even detecting hidden transmissions inside real-time phone calls is the next hurdle for digital forensics companies" - <a href="http://spectrum.ieee.org/print/6593">Spy Vs Spy</a><br></blockquote><br>This is an interesting article for a Sunday Morning Read. Earlier we had "Man in the middle" concept. Now we will begin seeing a 'mole' in real time data streams. This seems to be another brain child of Ravi Sundaram<br><br><br><br></div> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-10338345517936560672008-08-22T11:09:00.001-04:002008-08-22T11:09:39.822-04:00Simple is Good !<div dir="ltr"><div><a href="http://www.foxbusiness.com/our-team/personalities/ashley-webster">ASHLEY:</a> </div> <div> </div> <div> <blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">Keeping it simple in business is vital. In business, as in life, it<br>seems to be human nature to make things more complicated than they have to<br> be. In business this can have disastrous consequences because without<br>simplicity the function of the business can be severely hampered. I often<br>meet people who agree but it seems big corporations are unable to make the<br> necessary changes because there are too many people on the totem pole to get<br>the changes enacted</blockquote></div> <div> </div> <div>Via :<a href="http://simplicityitk.blogspot.com/2008/08/friend-of-simplicity-ashley-webster.html"> simplictyblog</a></div></div> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-60072122914317981922008-08-21T12:40:00.001-04:002008-08-21T12:40:18.180-04:00HR & Talent Managment<p class="mobile-photo"><a href="http://2.bp.blogspot.com/_AWQNj-wt7io/SK2acmxkZ1I/AAAAAAAABf8/g5F5w2kIoMM/s1600-h/cf_nl_2008_08-718182.gif"><img src="http://2.bp.blogspot.com/_AWQNj-wt7io/SK2acmxkZ1I/AAAAAAAABf8/g5F5w2kIoMM/s320/cf_nl_2008_08-718182.gif" border="0" alt="" id="BLOGGER_PHOTO_ID_5237011757937223506" /></a></p><div dir="ltr"><div> McKinsey surveys show that business leaders around the world are deeply concerned about the intensifying competition for talent, few companies make it an integral part of a long-term business strategy.</div> <div> </div> <div>To find out more about how companies can bolster the HR function and successfully recruit and manage employees, read "<a href="http://e.mckinseyquarterly.com/W0RH01B4ED362D030650F2895B6A60">Making talent a strategic priority</a>" (January 2008). <br clear="all"> <br></div></div> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-61577739638362026902008-08-19T20:48:00.001-04:002008-08-19T20:48:45.419-04:00Researching the Value of Project Management,<div dir="ltr"><em>Researching the Value of Project Management</em>,<em> </em>will be released soon. Smartly, PMI released a preview PDF (<a href="http://pmi.imaginepub.com/Value%20of%20PM%20-%20Warsaw%20-%2020080714%20-%20Print.pdf" target="_blank">here</a>) and a 90 minute presentation by the lead authors Janice Thomas and Mark Mullaly, PMP (embedded <a href="http://www.pmi.org/Value/default.htm" target="_blank">here</a>). <p><a href="http://www.hybridvigor.net/author/mary/" target="_blank">Mary Adams</a> over at <a href="http://www.hybridvigor.net/" target="_blank">Hybrid Vigor</a> will be particularly interested in the attention paid to intangible benefits (Crossderry posts <a href="http://crossderry.wordpress.com/2008/04/16/dont-forget-about-the-intangibles/" target="_blank">here</a>, <a href="http://crossderry.wordpress.com/2008/04/30/more-on-intangible-benefits/" target="_blank">here</a>, and <a href="http://crossderry.wordpress.com/2008/05/15/intangible-systems-products-and-benefits/" target="_blank">here</a>) in the study, which Kelley Hunsberger highlighted (<a href="http://pmi.imaginepub.com/2008/07/the-benefit-of-the-intangible.html" target="_blank">here</a>).</p> <br> </div> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com2tag:blogger.com,1999:blog-8174221.post-55136343890242531702008-08-17T11:35:00.000-04:002008-08-17T12:10:10.782-04:00Friend Feed - Pvt Room UsageI am cleaning up my main life stream on FF. I am getting too much noise and echo of the same stuff that I have already consumed one way or another. However, I will continue to participate<a href="http://friendfeed.com/slashpd"> on my main page.</a> Here's a couple of my private rooms and its content ;<br />
<br />
My-News Room is for collating all the stuff from <a href="http://www.reuters.com/">Reuters: Top News</a>, <a href="http://english.aljazeera.net/">AL JAZEERA ENGLISH (AJE)</a>, <a href="http://news.google.com/">Google News,</a> <a href="http://news.yahoo.com/i/964">Yahoo! News: Most Popular</a> , <a href="http://www.livevideo.com/">APnews's videos on livevideo</a> , <a href="http://www.cnn.com/?eref=rss_topstories">CNN.com</a> , and a wire scrapper ;<a href="http://news1.worldnewshost.com/">World News Host.</a><br />
<br />
I get top line info from all these sites and am on the ball with whatver is happening around the globe. Just spending 5 minutes scanning the top line title header, gives me more then enough info to either dive deeper or not !<br />
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="http://4.bp.blogspot.com/_AWQNj-wt7io/SKhHb-RmqCI/AAAAAAAABfc/teTD6llctCA/s1600-h/ff_mynews.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/_AWQNj-wt7io/SKhHb-RmqCI/AAAAAAAABfc/382IqtsoFxo/s320-R/ff_mynews.PNG" /></a> </div><div class="separator" style="clear: both; text-align: left;"></div><div class="separator" style="clear: both; text-align: left;">Technially I have the worlds News Corps working the news and the news comes to me as soon as the story is cut ! :)-</div><div class="separator" style="clear: both; text-align: left;"></div><div class="separator" style="clear: both; text-align: left;">On that note, I then began leveraging off the wisdom of crowds. Why go searching for information, let it bubble up to the top and cull the meta set of pages. Content is variable and flavors of preference too, However, that interests me to. And, who has time to browse the net ? So I began crowd sourcing and leverage off the wisdom of others, I Created a <a href="http://friendfeed.com/rooms/peterdawson">Play Pen </a> </div><div class="separator" style="clear: both; text-align: left;"></div><div class="separator" style="clear: both; text-align: center;"></div><div class="separator" style="clear: both; text-align: center;"> <a href="http://4.bp.blogspot.com/_AWQNj-wt7io/SKhIScDM2oI/AAAAAAAABfk/QBFByREelL0/s1600-h/ff-myself.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/_AWQNj-wt7io/SKhIScDM2oI/AAAAAAAABfk/ZaUnyqnBvsw/s320-R/ff-myself.PNG" /></a> </div><div class="separator" style="clear: both; text-align: left;"></div><div class="separator" style="clear: both; text-align: left;"> Whatever hits <a href="http://del.icio.us/">Delicious hotlist</a> ; <a href="http://digg.com/">Digg</a> , <a href="http://www.techmeme.com/">Techmeme</a>, <a href="http://www.reddit.com/">reddit.com: what's new online</a> ; <a href="http://www.buzzfeed.com/">BuzzFeed - Latest</a> gets aggregated into this room. I maybe behind the curve while getting a good link. But remember, most of these items can only reach front page, only after many thousands of views and many votes etc. So if the main internet user base finds it interesting , then it will pop up here. So I guesstimate that about 1-2Million users actually use these sites and thereby I am 'feeding' off them like a parasite :)- </div><div class="separator" style="clear: both; text-align: left;"></div><div class="separator" style="clear: both; text-align: left;"></div><div class="separator" style="clear: both; text-align: left;">(if you have more suggestion to which sites I should add to this room, please let me know !)</div><div class="separator" style="clear: both; text-align: left;"></div><div class="separator" style="clear: both; text-align: left;"></div><div class="separator" style="clear: both; text-align: left;">After we had the S3 outage, I then figured out lets create a "cloud status board". I took all the Status board messages and plugged them into this room. What gives here? The Health of the Internet. I can see which services are down and when they went down or up. Think of it as a mini NOC Tool !! Heres a screen scrap. </div><div class="separator" style="clear: both; text-align: left;"></div><div style="text-align: center;"><a href="http://4.bp.blogspot.com/_AWQNj-wt7io/SKhJ1VpMu8I/AAAAAAAABfs/EKJVwzL8YtE/s1600-h/ff-cloudstatus.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/_AWQNj-wt7io/SKhJ1VpMu8I/AAAAAAAABfs/lt9_SY5gkHw/s320-R/ff-cloudstatus.PNG" /></a> </div><div class="separator" style="clear: both; text-align: left;"></div><div class="separator" style="clear: both; text-align: left;">As something that directly relates to my job and profession. Heres a monitoring room on CBSA and <a href="http://www.cbp.gov/xp/cgov/trade/">CBP.gov:</a>, <a href="http://cbsa-asfc.gc.ca/media/menu-eng.html">BSA Media </a> Rather then keep this keep this in my outlook. I mirrored the same into a separate room</div><div class="separator" style="clear: both; text-align: center;"></div><div style="text-align: center;"> <a href="http://1.bp.blogspot.com/_AWQNj-wt7io/SKhKZuPwsuI/AAAAAAAABf0/SyF6qsqD7Js/s1600-h/ff-cbsa.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/_AWQNj-wt7io/SKhKZuPwsuI/AAAAAAAABf0/6Rv-hlo7B84/s320-R/ff-cbsa.PNG" /></a></div><div class="separator" style="clear: both; text-align: left;"></div><div class="separator" style="clear: both; text-align: left;"></div><div class="separator" style="clear: both; text-align: left;">Why am I sharing this with you all ? </div><div class="separator" style="clear: both; text-align: left;">I want to know ;</div><div class="separator" style="clear: both; text-align: left;"></div><div class="separator" style="clear: both; text-align: left;">1) Is anyone else doing the same with thing - using FF as one big aggregator ?</div><div class="separator" style="clear: both; text-align: left;">2) What other Feeds should I be including ?</div><div class="separator" style="clear: both; text-align: left;">3) What happens if FF breaks, I have no way to port in and out all my likes, preferences and shares ? Thereby , losing my knowledge thread repository . </div><div class="separator" style="clear: both; text-align: left;"></div><div class="separator" style="clear: both; text-align: left;"> Note: this is only a thin slice of what I got setup :)-<br />
</div><div class="separator" style="clear: both; text-align: left;"></div><div class="separator" style="clear: both; text-align: left;"></div>Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-2795233330502601042008-08-14T23:04:00.001-04:002008-08-14T23:04:24.148-04:00Another Round of deep chatter<div dir="ltr"><font size="2">Many Moons ago, I wrote about the "<a href="http://peterdawson.typepad.com/blog/2006/02/weychopeeelectr.html">tapeworm</a>" and then I cut the chatter on current <a href="http://friendfeed.com/e/7c663b1d-fe11-41e7-a6f5-5c357325660a/CyberWar-RU-vs-Georgia/">cybergames. </a><br> <br>Its only today that I realize that the deep defense mechanisms of </font>"<a href="http://www.technovelgy.com/ct/Science-Fiction-News.asp?NewsNum=395">Waychopee and Electric Skillet</a>" is not in power with other governments. <br> <br>The Coalition is losing the war on this front.<br><br>'nuff said !!<br></div> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-71985242879490100862008-08-12T23:30:00.003-04:002008-08-12T23:36:39.225-04:00Why does a civil discourse become redundant ?<div dir="ltr"><div>It starts' with this <a href="http://friendfeed.com/e/fe3a1156-eebb-4061-ba87-2bc00e3ec1af/still-no-statement-from-SF-MOMA-re-Thomas-Hawk/">thread</a>..<br />where I note this comment ;<br /><br /></div><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">"<span class="content">Had it been a mainstream publication, the photographer would have acted like a professional photographer. - <a style="" href="http://friendfeed.com/fourlittlebees" class="friend l_popup">Cyndy</a>"</span><br /></blockquote><div><div style="margin-left: 40px;"><span class="content"></span></div><span class="content"><br />So I ask ;<br /><br /></span><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote"> <span class="content">Cyndy, can you distingush between the two,please. How does a professional photographer act vs a non professional photographer ?? in so much as they are both people and have human reactions. take time to reflect before you give an answer. I have collateral available (on hand) as rebuttal. - <a style="" href="http://friendfeed.com/slashpd" class="friend l_popup you">You</a></span><br /><span class="content"></span></blockquote><span class="content"><br />and to which I get this response<br /><br /></span><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote"><span class="content">Peter, show me where any photographer is supposed to BECOME a story instead of document one. We are discussing photography, not performance art, aren't we? Because if we are discussing photography AS performance art, then by all means, I'm sure you have collateral available. - <a href="http://friendfeed.com/fourlittlebees" class="friend l_popup">Cyndy</a></span><br /><span class="content"></span></blockquote><span class="content"><br />to which I reply ;<br /><br /></span><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote"> <span class="content">Cynd.. yes he (kevin) become the story.. as a professional blogger/ professional photographer after he he cut the Devils Dogs 301 letter. So for telling the truth he become the story. <<a href="http://hotzone.yahoo.com/b/hotzone/blogs995" rel="nofollow">http://hotzone.yahoo.com/b/hot...</a>> So lets see, what is the core traits that differentiate a professional photographer act vs a non professional photographer ? is it telling story the best way they can ? not telling the truth ? or what -- please quantify and 4get TH - <a style="" href="http://friendfeed.com/slashpd" class="friend l_popup you">You</a></span><br /><span class="content"></span></blockquote><span class="content"><br />and then I get this quoted back to me (as If I dont know the story in full !! )<br /><br /></span><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote"><span class="content">We are reading the same story, right? "But I have never in my career been a "gotcha" reporter hoping for people to commit wrongdoings so that I can catch them." and "Anyone who has seen my reporting on television or read my dispatches is aware of the lengths to which I've gone to play it straight down the middle" are right in the first two paragraphs. He was documenting a story and was shocked in people calling him out. He didn't create the story. He didn't put himself in the story. And he was shocked. - <a style="" href="http://friendfeed.com/fourlittlebees" class="friend l_popup">Cyndy</a></span><br /><span class="content"></span></blockquote><span class="content"><br />but my root question still need to be answered ..its like wtf.. (please keep to the topic on hand and answer my question !!)<br /><br /></span><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote"><span class="content">@cyndy, why are you side stepping my question ?? just tell me what is differentiator between a professional photographer act vs a non professional photographer act ? just keep it simple and in plain english. - <a style="" href="http://friendfeed.com/slashpd" class="friend l_popup you">You</a><span class="editcomment"></span></span><br /></blockquote><span class="content"><br /><br /></span><span class="content">And I am still awaiting an answer... Time well wasted ?? I dont think so, because I now have a more the a slight knowledge to what is fluff and what is wool !!<br /><br />I'll be the first one to take mea culpa if I am wrong.. but what the heck just answer the question. Tell me a Pro will have the current lens, a non pro will not know the correct lightening needed. OR whatever is the differentiator and that what really perks my interest.<br /><br />Bigger lesson- great people talk about ideas, good people talk about everyday things, the weather, the football games, golf etc. Mediocre people , just keeptalking about people !<br /><br /><br /></span><span class="content"><br /></span> </div></div>Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-12515098994359569892008-08-05T19:00:00.001-04:002008-08-05T19:00:15.508-04:00FF- Fail (Session Socket)<p class="mobile-photo"><a href="http://3.bp.blogspot.com/_AWQNj-wt7io/SJjbf501vbI/AAAAAAAABcw/ehTiLVdwn94/s1600-h/ff-fail-715541.PNG"><img src="http://3.bp.blogspot.com/_AWQNj-wt7io/SJjbf501vbI/AAAAAAAABcw/ehTiLVdwn94/s320/ff-fail-715541.PNG" border="0" alt="" id="BLOGGER_PHOTO_ID_5231172308335705522" /></a></p><div dir="ltr">I think this is a session failure. ITS not an FF Bug, rather my box tends to switch WiFi hotspots. So when on spot fails, it just picks whatever is in range. However the kernal can't pass the new socket onto FF (thats what I think !!) </div> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-15452925436534313242008-08-04T12:54:00.001-04:002008-08-04T12:54:34.429-04:00Wrike<div dir="ltr"><span class="content">"What is <a href="http://www.wrike.com/">Wrike</a>? Wrike is an integrated online project management solution that helps you manage projects, teams and businesses. By turning email overload into well-organized plans on the Web, Wrike makes your organization more efficient, transparent and agile. Wrike is collaborative, web-based, easy to use and inexpensive, so you can roll it out company-wide."</span><br><br>Me is not seeing anything about work flow controls and Reports on Budgets, REsource Loading and all that fun stuff that is really needed for PM works<br> </div> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com1tag:blogger.com,1999:blog-8174221.post-81725413339870712212008-07-27T17:09:00.001-04:002008-07-27T17:09:50.429-04:00on Marriage !!<p class="mobile-photo"><a href="http://4.bp.blogspot.com/_AWQNj-wt7io/SIzkHqkLlcI/AAAAAAAABZg/AzBTRWKv3kU/s1600-h/marriage-790431.jpg"><img src="http://4.bp.blogspot.com/_AWQNj-wt7io/SIzkHqkLlcI/AAAAAAAABZg/AzBTRWKv3kU/s320/marriage-790431.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5227804087806563778" /></a></p><div dir="ltr"><br> </div> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com1tag:blogger.com,1999:blog-8174221.post-8030424040057624232008-07-25T22:07:00.001-04:002008-07-25T22:07:12.915-04:00Time to take it out !!<p class="mobile-photo"><a href="http://3.bp.blogspot.com/_AWQNj-wt7io/SIqG0UwlWnI/AAAAAAAABXk/BGrKXUYg9yA/s1600-h/DSCF0605-732917.JPG"><img src="http://3.bp.blogspot.com/_AWQNj-wt7io/SIqG0UwlWnI/AAAAAAAABXk/BGrKXUYg9yA/s320/DSCF0605-732917.JPG" border="0" alt="" id="BLOGGER_PHOTO_ID_5227138551000685170" /></a></p><p class="mobile-photo"><a href="http://3.bp.blogspot.com/_AWQNj-wt7io/SIqG0tsg72I/AAAAAAAABXs/TOVs2qygUB4/s1600-h/DSCF0606-734074.JPG"><img src="http://3.bp.blogspot.com/_AWQNj-wt7io/SIqG0tsg72I/AAAAAAAABXs/TOVs2qygUB4/s320/DSCF0606-734074.JPG" border="0" alt="" id="BLOGGER_PHOTO_ID_5227138557694504802" /></a></p><div dir="ltr"><font size="4"><code><span class="boldcode"># for num in $(seq -w 200); do ssh n$num free -tm | grep Mem | awk '{print $2}';<br> done | sort | uniq</span></code></font><br><br><br>Just joshin..phun intended.. !<br> <br><br> </div> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-91412810450933427922008-07-22T19:48:00.001-04:002008-07-22T19:48:46.052-04:00BEST READ Evah !! The cat[DNS] is indeed out of the bag [INTERNET]<div dir="ltr"><br>HERES how it Works..minor edits to make it readable. <br><br>NOTE : I REALLY DON'T KNOW THE AUTHOR OF THIS FAB READ. THAT THE WAY IT HAPPENS IN THIS ZONE ..SO FAR ALL I KNOW ITS --YES, <a href="http://addxorrol.blogspot.com/">Halvar Flake </a><br> <br><div class="gmail_quote"><blockquote><br><u><b>Backgrounder</b></u><br><br>Pretend for the moment that you know only the basic function of DNS — that it translates <a href="http://WWW.VICTIM.COM" target="_blank">WWW.VICTIM.COM</a> into <a href="http://1.2.3.4" target="_blank">1.2.3.4</a>. The code that does this is called a resolver. Each time the resolver contacts the DNS to translate names to addresses, it creates a packet called a query. The exchange of packets is called a transaction. Since the number of packets flying about on the internet requires scientific notation to express, you can imagine there has to be some way of not mixing them up.<br> <br> Bob goes to to a deli, to get a sandwich. Bob walks up to the counter, takes a pointy ticket from a round red dispenser. The<br> ticket has a number on it. This will be Bob's unique identifier for his sandwich acquisition transaction. Note that the number will<br> probably be used twice — once when he is called to the counter to place his order and again when he's called back to get his sandwich. If you're wondering, Bob likes ham on rye with no onions.<br><br> If you've got this, you have the concept of transaction IDs, which are numbers assigned to keep different transactions in order. Conveniently, the first sixteen bits of a DNS packet is just such a unique identifier. It's called a query id (QID). And with the efficiency of the deli, the QID is used for multiple transactions.<br> <br><br><u><b>VEXT0R's and HEX's</b></u><br><br>Until very recently, there were two basic classes of DNS vulnerabilities. One of them involves mucking about with the QID in<br> DNS packets and the other requires you to know the Deep Magic. First, QIDs. Bob's a resolver and Alice is a content DNS server. Bob asks Alice for the address of <a href="http://WWW.VICTIM.COM" target="_blank">WWW.VICTIM.COM</a>. The answer is <a href="http://1.2.3.4" target="_blank">1.2.3.4</a>. Mallory would like the answer to be <a href="http://6.6.6.0" target="_blank">6.6.6.0</a>. <br> <br> It is a (now not) secret shame of mine that for a great deal of my career, creating and sending packets was, to me, Deep Magic. Then it became part of my job, and I learned that it is surprisingly trivial. So put aside the idea that forging IP packets is the hard part of poisoning DNS. If I'm Mallory and I'm attacking Bob, how can he distinguish my packets from Alice's? Because I can't see the QID in his request, and the QID in my response won't match. The QID is the only thing protecting the DNS from Mallory (me).<br> <br> QID attacks began in the olden days, when BIND simply incremented the QID with every query response. If you can remember 1995, here's a workable DNS attack. Think fast: 9372 + 1. Did you get 9372, or even miss and get 9373? You win, Alice loses. Mallory sends a constant stream of DNS responses for <a href="http://WWW.VICTIM.COM" target="_blank">WWW.VICTIM.COM</a>. All are quietly discarded —- until Mallory gets Bob to query for <a href="http://WWW.VICTIM.COM" target="_blank">WWW.VICTIM.COM</a>. If Mallory's response gets to your computer before the legitimate response arrives from your ISP's name server, you will be redirected where Mallory tells you you're going. <br> <br> Obvious fix: you want the QID be randomly generated. Now Alice and Mallory are in a race. Alice sees Bob's request and knows the QID. Mallory has to guess it. The first one to land a packet with the correct QID wins. Randomized QIDs give Alice a big advantage in this race. But there's a bunch more problems here:<br> <br><ol><li> If you convince Bob to ask Alice the same question 1000 times all at once, and Bob uses a different QID for each packet, you madethe race 1000 times easier for Mallory to win. </li><li> If Bob uses a crappy random number generator, Mallory can get Bob to ask for names she controls, like <a href="http://WWW.EVIL.COM" target="_blank">WWW.EVIL.COM</a>, and watch how the QIDs bounce around; eventually, she'll break the RNG and be able to predict its outputs.</li> </ol><br>16 bits just isn't big enough to provide real security at the traffic rates we deal with in 2008.<br><br> Your computer's resolver is probably a stub. Which means it won't really save the response. You don't want it to. The stub asks a real DNS server, probably run by your ISP. That server doesn't know everything. It can't, and shouldn't, because the whole idea of DNS is to compensate for the organic and shifting nature of internet naming and addressing. Frequently, that server has to go ask another, and so on. The cool kids call this "recursion". <br> <br>Responses carry another value, too, called a time to live (TTL). This number tells your name server how long to cache the answer. Why? Because they deal with zillions of queries. Whoever wins the race between Alice and Mallory, their answer gets cached. All subsequent responses will be dropped. All future requests for that same data, within the TTL, come from that answer. This is good for whoever wins the race. If Alice wins, it means Mallory can't poison the cache for that name. If Mallory wins, the next 10,000 or so people that ask that cache where <a href="http://WWW.VICTIM.COM" target="_blank">WWW.VICTIM.COM</a> is go to <a href="http://6.6.6.0" target="_blank">6.6.6.0</a>.<br> <br><u><b>YET ANOTHER VEXT0R !!</b></u><br><br> Then there's that other set of DNS vulnerabilities. These require you to pay attention in class. They haven't really been talked about since 1997. And they're hard to find, because you have to understand how DNS works. In other words, you have to be completely crazy. Lazlo Hollyfeld crazy. I'm speaking of course of RRset poisoning.<br> <br> DNS has a complicated architecture. Not only that, but not all name servers run the same code. So not all of them implement DNS in exactly the same way. And not only that, but not all name servers are configured properly.<br> <br> I just described a QID attack that poisons the name server's cache. This attack requires speed, agility and luck, because if the "real" answer happens to arrive before your spoofed one, you're locked out. Fortunately for those of you that have a time machine, some versions of DNS provide you with another way to poison the name server's cache anyway. To explain it, I will have to explain more about the format of a DNS packet.<br> <br> DNS packets are variable in length and consist of a header, some flags and resource records (RRs). RRs are where the goods ride around. There are up to three sets of RRs in a DNS packet, along with the original query. These are:<br> <br><ol><li>Answer RR's, which contain the answer to whatever question you asked (such as the A record that says <a href="http://WWW.VICTIM.COM" target="_blank">WWW.VICTIM.COM</a> is <a href="http://1.2.3.4" target="_blank">1.2.3.4</a>)</li> <li>Authority RR's, which tell resolvers which name servers to refer to to get the complete answer for a question</li><li>Additional RR's, sometimes called "glue", which contain any additional information needed to make the response effective.</li> </ol><br> A word about the Additional RR's. Think about an NS record, like the one that COM's name server uses to tell us that, to find out where <a href="http://WWW.VICTIM.COM" target="_blank">WWW.VICTIM.COM</a> is, you have to ask <a href="http://NS1.VICTIM.COM" target="_blank">NS1.VICTIM.COM</a>. That's good to know, but it's not going to help you unless you know where to find <a href="http://NS1.VICTIM.COM" target="_blank">NS1.VICTIM.COM</a>. Names are not addresses. This is a chicken and egg problem. The answer is, you provide both the NS record pointing <a href="http://VICTIM.COM" target="_blank">VICTIM.COM</a> to <a href="http://NS1.VICTIM.COM" target="_blank">NS1.VICTIM.COM</a>, and the A record pointing <a href="http://NS1.VICTIM.COM" target="_blank">NS1.VICTIM.COM</a> to <a href="http://1.2.3.1" target="_blank">1.2.3.1</a>.<br> <br><i><b> Now, let's party like it's 1995.</b></i><br><br> Download the source code for a DNS implementation and hack it up such that every time it sends out a response, it also sends out a little bit of evil — an extra Additional RR with bad information. Then let's set up an evil server with it, and register it as <a href="http://EVIL.COM" target="_blank">EVIL.COM</a>. Now get a bunch of web pages up with IMG tags pointing to names hosted at that server.<br> <br> Bob innocently loads up a page with the malicious tags which coerces his browser resolve that name. Bob asks Alice to resolve that name. Here comes recursion: eventually the query arrives at our evil server. Which sends back a response with an unexpected (evil) Additional RR.<br> <br> If Alice's cache honors the unexpected record, it's 1995 —- buy CSCO! —- and you just poisoned their cache. Worse, it will replace the "real" data already in the cache with the fake data. You asked where <a href="http://WWW.EVIL.COM" target="_blank">WWW.EVIL.COM</a> was (or rather, the image tags did). But Alice also "found out" where <a href="http://WWW.VICTIM.COM" target="_blank">WWW.VICTIM.COM</a> was: <a href="http://6.6.6.0" target="_blank">6.6.6.0</a>. Every resolver that points to that name server will now gladly forward you to the website of the beast.<br> <br><u><b>FIXES and PATCHES TILL @008 .</b></u><br><br> It's not 1995. It's 2008. There are fixes for the attacks I have described.<br><br>Fix 1: The QID race is fixed with random IDs, and by using a strong random number generator and being careful with the state you keep for queries. 16 bit query IDs are still too short, which fills us with dread. There are hacks to get around this. For instance, DJBDNS randomizes the source port on requests as well, and thus won't honor responses unless they come from someone who guesses the ~16bit source port. This brings us close to 32 bits, which is much harder to guess.<br> <br>Fix 2: The RR set poisoning attack is fixed by bailiwick checking, which is a quirky way of saying that resolvers simply remember that if they're asking where <a href="http://WWW.VICTIM.COM" target="_blank">WWW.VICTIM.COM</a> is, they're not interested in caching a new address for <a href="http://WWW.GOOGLE.COM" target="_blank">WWW.GOOGLE.COM</a> in the same transaction.<br> <br> Remember how these fixes work. They're very important.<br><br><u><b>PRESENT DAY</b></u>.<br><br> Let's try again to convince Bob that <a href="http://WWW.VICTIM.COM" target="_blank">WWW.VICTIM.COM</a> is <a href="http://6.6.6.0" target="_blank">6.6.6.0</a>.<br><br> This time though, instead of getting Bob to look up <a href="http://WWW.VICTIM.COM" target="_blank">WWW.VICTIM.COM </a>and then beating Alice in the race, or getting Bob to look up <a href="http://WWW.EVIL.COM" target="_blank">WWW.EVIL.COM</a> and slipping strychnine into his ham sandwich, we'regoing to be clever (sneaky).<br> <br> Get Bob to look up <a href="http://AAAAA.VICTIM.COM" target="_blank">AAAAA.VICTIM.COM</a>. Race Alice. Alice's answer is NXDOMAIN, because there's no such name as <a href="http://AAAAA.VICTIM.COM" target="_blank">AAAAA.VICTIM.COM</a>. Mallory has an answer. We'll come back to it. Alice has an advantage in the race, and so she likely beats Mallory. NXDOMAIN for <a href="http://AAAAA.VICTIM.COM" target="_blank">AAAAA.VICTIM.COM</a>.<br> <br> Alice's advantage is not insurmountable. Mallory repeats with <a href="http://AAAAB.VICTIM.COM" target="_blank">AAAAB.VICTIM.COM</a>. Then <a href="http://AAAAC.VICTIM.COM" target="_blank">AAAAC.VICTIM.COM</a>. And so on. Sometime, perhaps around <a href="http://CXOPQ.VICTIM.COM" target="_blank">CXOPQ.VICTIM.COM</a>, Mallory wins! Bob believes <a href="http://CXOPQ.VICTIM.COM" target="_blank">CXOPQ.VICTIM.COM</a> is <a href="http://6.6.6.0" target="_blank">6.6.6.0</a>!<br> <br> Poisoning <a href="http://CXOPQ.VICTIM.COM" target="_blank">CXOPQ.VICTIM.COM</a> is not super valuable to Mallory. But Mallory has another trick up her sleeve. Because her response didn't just say <a href="http://CXOPQ.VICTIM.COM" target="_blank">CXOPQ.VICTIM.COM</a> was <a href="http://6.6.6.0" target="_blank">6.6.6.0</a>. It also contained Additional RRs pointing <a href="http://WWW.VICTIM.COM" target="_blank">WWW.VICTIM.COM</a> to <a href="http://6.6.6.0" target="_blank">6.6.6.0</a>. Those records are in-bailiwick: Bob is in fact interested in <a href="http://VICTIM.COM" target="_blank">VICTIM.COM</a> for this query. Mallory has combined attack #1 with attack #2, defeating fix #1 and fix #2. Mallory can conduct this attack in less than 10 seconds on a fast Internet link.<br> </blockquote> <font color="#888888"><br></font></div></div> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-61889950526152420762008-07-19T06:22:00.001-04:002008-07-19T06:22:06.433-04:00Xbox vs Apple TV.<div dir="ltr">Had to capture <a href="http://friendfeed.com/e/c4902a68-f9bf-7986-c109-cc0f53cf34b3/why-does-it-take-like-an-hour-to-get-a-rental-on/">this</a>. Why ? the simplicty of the question and the answers open a whole dimension of thoughts , pros & cons etc. It goes like this..<br> <br><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">"why does it take like an hour to get a rental on xbox live while apple tv can get it already right away?" - <a style="" href="http://friendfeed.com/parislemon" class="friend l_popup nonf">MG Siegler</a><br> <span class="content">One is an Apple product, one is a Microsoft product. Any questions? - <a style="" href="http://friendfeed.com/louisgray" class="friend l_popup">Louis Gray</a></span><br><span class="content"></span></blockquote> <span class="content"><br><br></span> </div> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0tag:blogger.com,1999:blog-8174221.post-6212644030409459312008-07-17T19:27:00.001-04:002008-07-17T19:28:00.014-04:00Yahoo Agrees to SELL -at $33<div dir="ltr">"Just got the alert via <a href="https://twitter.com/MarcHustvedt">Marc Hustvedt</a>, co-founder of Tubefilter, on Twitter linking to <a href="http://www.searchenginejournal.com/yahoo-will-sell-to-microsoft-for-33-per-share/7315/">a Search Engine Journal story</a> reporting that Jerry Yang sent an e-mail out to shareholders that Yahoo is willing to sell to Microsoft at the price of $33 per share"<br><br><a href="http://friendfeed.com/e/ed051083-1ce1-b453-67de-6fb00a184c55/Yahoo-finally-agrees-to-sell-to/">Source </a><br></div> Peterhttp://www.blogger.com/profile/15518551787084170921noreply@blogger.com0