As God as my witness, I thought turkeys could fly

Sunday, May 28, 2006

Wir Sind Helden

In my constant search to hear "something I haven’t heard before", which has led me into listening to a lot of music in languages I don’t understand, one of my recent faves has been German indie-pop band Wir Sind Helden (We Are Heroes). I discovered them in an odd way; I was listening to an experimental digital shortwave station from Erlangen, Germany a couple of years ago. The station is intended for local coverage, so they use low power and aren’t easy to hear here in the U.S., but I got lucky one day and heard them for about five minutes with lots of dropouts, not exactly an easy listening experience or anything, but enough to understand what was going on. One of the songs that was playing intrigued me, so I wrote the station asking what it was. They replied that it was Wir Sind Helden’s "Denkmal". So off I went to my favorite online German record shop with an English language interface and bought their first album, Die Reklamation, and some singles. Insanely catchy stuff; I particularly liked their song "Guten Tag". Some time later I also ordered their second album, Von Hier an Blind, which perhaps wasn’t as easy to get into, but one that I found I enjoyed just as much.

I was wandering around YouTube Saturday morning searching for bands I like who might have videos posted there (and finding a lot of them) when I stumbled across a Japanese language video of the title track from that second album. Japanese? Turns out they’ve recorded that song in Japanese, French, and English now, seemingly just as a goof. The video is a charming animated piece that works equally well in all the languages. You can see all of them on the MTV Deutschland web site.

I was also pleased to find that the band’s web site has been translated into English! Lots of great stuff up there, including all their videos (except for the polyglot videos on the MTV site). I think my favorite (today at least) is the video for "Nur ein Vort", which is probably the coolest, cleverest rip off of the famous Bob Dylan flipping cards thing I’ve ever seen. It’s subtle, but watch it once or twice and it becomes clear the amazing amount of thought and planning that went into the execution. Also check out the video for "Müssen nur Wollen" from the first album; I love that one.

And it appears I’m not their only English-speaking fan. One fan in the U.K. has set up a fan site for them in English, including an interview with singer/guitarist/lyricist Judith Holofernes. Sven-S Porst of Earthlingsoft is kind of a fan (maybe as a guilty pleasure?); he hosts a page on his blog containing translations of all their lyrics into English by one of his readers. I had heard that Holofernes’ lyrics were quite clever, and now I see that that’s true; the translations on the page have notes explaining some of the wordplay that doesn’t translate well. And there are a couple of interesting audio interviews with the band in English, one as they appeared to make an early foray out of Germany into Holland (they’ve since played the U.K. as well), hosted by Dutch music site Toazted. Interesting stuff.

Posted at 2:37 AM
Link to this entry || 6 comments

Wednesday, May 24, 2006

Clip job

Joe Mahoney, as part of a series of posts about how to make interesting radio programs, posts a very funny (and brief) interview with Hastings Kumuzu Banda with the BBC from 1957 (if I recall correctly). Banda later became President for Life of the African nation of Malawi, referred to in this interview by its colonial era name of Nyasaland. The White House press secretary could learn something from this guy. I’ve heard this clip a number of times; the BBC World Service used to have a request show that played any kind of sound recording, not just music, and this one would inevitably pop up at least once or twice a year. Absolutely classic, has to be heard to be believed.

Posted at 12:08 AM
Link to this entry || 3 comments

Saturday, May 20, 2006

My next cell phone

Earlier this week, we switched cell phone providers, meaning we got neat new whizzy phones (or at least as neat and whizzy as the cell phone company is willing to give away for free, which means no cameraphone). Sadly, at the time, I didn’t know about this phone, which would have jumped to the head of the line of prospective new cell phones.

Posted at 10:11 PM
Link to this entry

Sunday, May 14, 2006

Fighting comment spam

Comment spammers have been attacking There Is No Cat for the past three weeks or so. It’s been kind of fun doing battle with them, although I have to say, I’m getting kind of tired of it.

There Is No Cat runs a content management system of my own creation. One of the benefits of this is that it’s relatively immune to comment spam. I would occasionally get some manual drive-by spams, but nothing too bad. Almost nobody is going to bother to take the time to custom code a spam system to hit a single system run by a host with only fair-to-middling Google whuffie. Almost nobody.

The first run at my server three weeks ago was clearly a test run. I received 110 comments in the space of about three hours on a weekend with no links and nonsensical text. It was clear someone was preparing for something. That was what made me think some custom coding was required. I caught the spam a few hours after the initial attack ended. With so many spam comments, it was just easier for me to go into MySQL and manually nuke all the comments at once. Before I did that, I saved a copy of the database and loaded it on my computer at home so I could analyze the attack and where it came from at my leisure.

A few days later, the real comment spam started showing up. With each attack, I would block the class C network from which it came, which slowed things down. But I also started noting characteristics of the spam, such as a particular misspelled word, or a method of trying to include URLs. One advantage of having written my own system is that it was relatively simple for me to go into the code and add some filters for these characteristics.

The attacks started coming more often in the coming days, and with them some new characteristics. I added some more filtering, and added a logging capability that noted the IP address and which filter triggered the spam blocking code. At this point, I was catching about 98% of the spam. I could have caught 100%, but one of the phrases I would have had to filter on was one I thought had too high a probability of filtering out legitimate comments.

At this point, I looked at my server logs to see if I could discern any patterns over the previous few weeks. Inevitably, just before an attack on a particular page, that page would be accessed with a GET command from the IP address 72.232.92.142, which resolves to 142.92.232.72.reversedns.resolve.ru. I found one instance of this IP address being mentioned on a Polish bulletin board as a source of spam. Okay, so it looks like I’m dealing with a Russian spammer. Searching the ARIN Whois database, I discovered that the net block for this IP address belongs to a company in St. Petersburg:

CustName: Internet Technologies Ltd
Address: Rustavele 48/1 of. 42
Address: IP Management Department
City: Saint Petersburg
StateProv: Saint Petersburg
PostalCode: 199000
Country: RU

In fact, said company owns more than one segment of IP addresses.

I added the following lines to my .htaccess file to prevent them from accessing my site from their spam seeding host at any of their possible IP addresses:

Deny from 72.232.92 # Russian spammer
Deny from 72.232.93 # Russian spammer
Deny from 72.36.222 # Russian spammer
Deny from 72.36.223 # Russian spammer
Deny from 72.36.244 # Russian spammer
Deny from 72.36.245 # Russian spammer

This is actually a little broader than it needs to be; not all of the subnets this company owns are full Class C networks. But I didn’t feel like being charitable.

This stopped the spam seeding accesses, but the actual spam attacks still came (although my countermeasures were still catching 98% of them).

After three weeks of logging the attacks, I had about 800 accesses documented. I wasn’t sure if the spammer was spoofing IP addresses, in which case the IP addresses attacking me would likely be completely random, or if he was operating a bot net of compromised hosts, in which case the same limited number of IP addresses would likely show up over and over.

Well, they weren’t all that limited, but it appeared that most of the IP addresses were used multiple times. There were a few with only single accesses, but most had between three and ten attack instances logged by my filters. And it was clear that in most cases there were only one or two machines on a subnet attacking the site. Probably a bot net, then. In any case, a limited set of IP addresses was being used. So I picked out single lines for each machine and wound up adding 249 individual hosts to my .htaccess list of hosts denied access to the site. I did that about 24 hours ago. Since then, fingers crossed, no spam, and no additions to my log file of blocked attempts. You’re welcome to look at the list of hosts; if this same scumbag is attacking you, maybe you’ll find it useful.

I hope this is the end of this. Why someone would bother to attack a system with one host is beyond me. It would seem to me to be more worthwhile from the perspective of the spammer to attack systems like WordPress or Moveable Type. Of course, it possible they’re using a system that just parses any random comments form and attacks that way without having any special knowledge of how the system is set up by default, in which case my use of a unique CMS wouldn’t afford me any extra protection, but the test run made me think that maybe that wasn’t the case here. Fortunately, after almost 20 years of using computers online, I not only know my way around networks, but also have an in house network forensics expert to bounce ideas off of....

Posted at 10:25 PM
Link to this entry || 2 comments

Sunday, May 7, 2006

More fun in the modern world

I took the Diana-F out for another spin two Fridays ago. I’m just starting to understand the camera, so what I get isn’t always what I thought I was seeing. But it’s interesting to play with. It would be fun at some point to have access to a darkroom and see what I could do. I don’t think I’d ever be as good as this, but it could be fun trying.

I hit two locations. The first was Campbell’s Junction, a small cluster of shops and businesses that served as a trolley station decades ago. The trolleys are long gone, but the function lives on as many buses stop there now.

butcher shop

The butcher shop wants you to know what they sell, so they put it on the roof.

Sorry pumps closed

Getty stations are disappearing around here, mostly being rebadged after their new corporate parent, the Russian giant Lukoil. This Getty, on the other hand, just shut down, and only in the past couple of months. The light leak is well placed in this shot, doing something interesting to the trees.

More photos from Campbell’s Junction on my photos page.

After visiting The Junction, I decided to see if I could find anything to shoot in nearby Leonardo. I was looking for things with bright, saturated colors to see what would happen if I shot them with my color-shifting camera and Kodak Ultra Color film. Leonardo Beach provided what I was looking for.

Long shot of the beach entrance

The beach isn’t particularly prepossessing or anything.

Beaches are without guards today

The sign says that there are no guards on the beach today, but it looks like that’s the case pretty much every day.

Jungle Gym at the beach, close up

Lots of nice bright saturated colors.

More photos from Leonardo Beach on my photos page.

Posted at 2:55 PM
Link to this entry || 4 comments

Friday, May 5, 2006

Shhhhh....

Found on a fortune cookie:

Keep your plans secret for now

(Hence the paucity of blogging recently?...)

Posted at 7:51 AM
Link to this entry || 1 comment

This site is copyright © 2002-2024, Ralph Brand