The Latest from the LHC: Towards the big chill

With 6 sectors out of 8 at nominal cryogenic temperature (1.9 K= about -271 °C), the commissioning at the LHC is progressing well. According to the present schedule, the whole machine will be cold in about one week. As soon as a sector reaches the nominal cryogenic temperature, teams can start powering the magnets. At present, the current is flowing in the magnets of three sectors, while the remaining three will be powered in the coming two weeks. I'm eager to see what happens this time.

From the SOFH, with love

Every time in a while, when some spam message hits one of my inboxes and it's one of those tracking messages (images or links meant to confirm your e-mail address appears to be valid) I take the time to draft some (usually oneliner) script that would send them back some garbage to fullfill their databases with junk so their spamming boxes spend some time figuring out why those "confirmed" email addies ain't working (a somewhat time exhausting task).

Usually I'd have some dictionary text files at hand to iterate over them and get some words to use, but here I'll depict just the basic concept with randomly generated gibberish, the wise SOFH in you will figure out ways to make it better in no time:

#!/bin/bash
url='http://cawaseswokofmum.com/support.php?name='
opts=-U "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)"
for i in $(seq 1 1000)
     do
        ad=$(makepasswd --chars=10)
        dom='@hotmail.com'
        wget $url$ad$dom -O /dev/null $opts >&/dev/null
     done

Simple sample just to not make it look overly complex, major aspects I tried to spot are:

1) Some good source of random crap to feed the spam bot with. Here I used some simple source, I could have dd'ed /dev/urandom or something else, yet results would be debatable unless my target script were blindfully accepting new addresses. For confirmation gathering scripts it's better to get some names or words dictionary and salt it with random numbers, for example mary1999, mary2000, mary2001, etc. Something similar can be used for domains too, here I left all of the shitload on the Hotmail shoulders.

2) wget is a really powerful toy, you can command him to get cookies and authentication stuff from anywhere, or as I did here you may need to use a different User Agent string. (these guys were aware of the wget playing already, so I pretend to be IE8)

3) wget URL arguments: in this case it was pretty straightforward. But in general all you need to do is some quoting here and there, so "special" symbols such as question and ampersand marks don't get incorrectly interpreted by the command line shell. Some other times verification arguments are tokens obtained by base64 or slt. You'll need to think a bit 'til you find out the way it works. Here some python snippet I used some time ago for base64 encoding:

#!/usr/bin/python
import binascii
import sys
print binascii.b2a_base64(sys.argv[1]),

When this is fed with 666,666,diefuckingspambot@gmail.com

you get

NjY2LDY2NixkaWVmdWNraW5nc3BhbWJvdEBnbWFpbC5jb20=

Ready to deceive some spam making mother fucker that likes verification in such a format.

The more places you can bomb these hosts from, the more annoying it can be, only your imagination will find a limit: use proxies, anonymize your request, introduce random waits, random user agents, if you don't manage a big bunch of servers you can convince some friends to join your journey against spammers =)

Also including anti-gathering tools such as this one in your web content can help to delude these mofos.

Damn, I'm actually moving

With my 3x3x3 time in 1.12 and my kyudokan practices already started, it's kinda strange to see myself moving that fast towards my wish list. Should it be renamed to my first quarter todo list?

My primary FLOSS project needs some redefinition, technical, design and community/team organization aspects need a review. As final note, my "evil core" concept has a place in my paper notebook. A bunch of requirements is shaping what its start should be.

Uh, and happy Debian 5.0 "Lenny" to everyone.

Good bye time eating job, enter my cubic epoch

And all this time without a note here, all because of having a lot of job. My list of things to do for 2009 included:

• Leave at least two jobs (done)
• Improve my timing with my 3x3x3 Rubik's cube (I just did 1:30' yesterday, pretty good IMO).
• Do some work for my FLOSS project (I'm on it, at the propaganda dept. ftm).
• Do some physical activity, lightweight to mid. (on schedule)
  
• Do something with my cube related game ideas. (on hold)

For this last point, I'm still confident that an impact similar to the one Tetris (R) had in the '80s, can be made nowadays; that this decade is still expecting a game like no other, coming to stay for more than two summers.

All hail Mersenne primes 45 & 46

For second time in the history, two Mersenne prime numbers were discovered out of order. With 12kk and 11kk digits, the discovery qualify for a U$S 100K EFF award.

Next award is 150K bucks, for a 100 million digits prime.

I still remember our first findings in L2J about the Mersenne Twister pseudo random numbers generation. Damn those were exciting times. Java's standard PRNG were exhibiting a very poor behavior on the long run, getting stuck in a region of the range thus never allowing certain item drops to happen.

My next contact with the prime generation internals, out of the regular teaching stuff, could probably be have some of the GIMPS proggies running in a couple of servers :P

World should be lost already: LHC

I eventually know how a Higgs boson feels like. Couple of days ago, when I first heard of some tards on the FUD hype behind a couple of counterstream scientists (Wagner & some other) trying to convince a Hawaiian court that the guys at CERN should pose a risk on the planet by starting with the Large Hadron Collider gigatoy, laughed at the way they eventually got the attention of the masses with a third party work.

As days passed, I and my scientific spirit were all the way along with the LHC guys.. go go turn it on! "Break and learn" was always my moto. Very exciting times should be around the corner if we (as in human kind) could get our hands in such an ubber stuff.

Some days after ignition a huge magnet gets fscked up, there are mass helium leaks all over the place and the fixing process should mean at least a 2 months delay in the schedule.. Okay, shit happens. These accelerator things are way too sensitive and complex, blah blah. My heart still goes with the men that handle all these things armed just with their bare hands, their super trained brains and their slide rules. Wait, slide rules are just in my childhood image of what a physicist do use, lol.


Then... Oh dear! What the hell is this?? Some greek script kiddies defaced a part of the CERN's website. Who the heck are these CERN guys paying for their web stuff maintenance? Hm... Oh, I know. They maybe preferred to save a part of their budget and decided to set it up on their own rather than hiring some body with knowledge, and they're physicists after all.. you can't blame them for not knowing about XSS or SQL injections if the TI-30 didn't allow such a thing to exist. On the other hand, I'm pretty sure this web serving box were miles away of the real thing. The pr0 network of comps doing the incredibly complex sensor and measure work had to be just throwing some CSV reads out to the world thru some read-only tunn or something like that..


Then I keep reading, to I find out that the hacking event had the dear mad-doctors totally desperate, AND the script kidz were just a step away from the real computing/controlling beasts! I can imagine some Transformers movie alike scene with yelling-and-running peeps waving their arms in their white suites . Gee, now THAT was pathetic. Honestly, if we had such an expensive and powerful facility built and handled by a band of not-so professional 'Homer Simpsons', and -which is probably worse- such operators were relying on end-user level tailored software, with bunchs of seamlessly complex (read bug-prone) abstraction layers and wizards and web 2.0 candy bars then yes, we DO deserve a doomsday. One that hurts a lot, preferably.

The persistence of the beauty: Nude

There's a retro things lover in me. My C64 and my rotary phone are little proofs of it. I also mention low level programming basics to my pupils, this might be a pathological proof for some people.

On a different topic, I like a couple of Radiohead songs, it's not my favourite tho; I rather prefer Rivotril. ;P

Now, this video is one among the most beautiful combinations of my likings:

MS-Office: Microsoft takes a spoon of its own soup.

On may 21, MS announced they won't widely implement their own OOXML thing 'til Office 14 (whatever they plan to call it), while the ODF support would be added by Office 12 SP2, upon their own words.

Would they admit that the 'standard' (?) they pushed so hard and in so dirty ways towards the Industry Standards Organization (aka ISO, formerly International Standards Organization) were just a huge pile of crap even its inventors can't handle?

Despite the fact that ISO29500 have cost both to MS and ISO a big amount of their reputations upon millions of observing eyes (if not all of what were left of it), they now declare they will investigate the ODF and -that's a scary part- they will 'be an active participant of the future evolution of the ODF, Open XML, XPS and PDF formats'. For some people this sounds like good news, MS would accept their wrong and join the open standards real thing; and it would be good (?).

Rather I'd think of what could be 'their' vision of the standards, later becoming a pile of junky extensions in the kind of -let's imagine some- "MS-ODF, because ODF weren't enough for our ubberness". And how about "Download you 200Mb MS-PDF reader today!, fully compatible with the ancient PDF format and more! (requires .NET framework 5 plus extensions)". Then again they'd probably stuff commitees and grant their wacky whims a place in the industry scene. Calling me optimistic? Sure, I always am.

Yet another touchy Linux Ad :)

Whoa! I've been so offline during the last days. This one have been YouTube'd like a month ago or so. Yet I wanted to share it here, because it's the kind of media we all love to share and broadcast during those those preaching acts, be it classes, fests, etc. Enjoy.

Rest in Peace: ISO. Enter, ECMA-376/ISO 29500

It's not news, and that's the worst part. Microsoft made it again and got their buggy 'standard' 'proposal' approved. Oh, wait.. the worst part is so many people doesn't even know, or if they know they don't care. Most people here have read of 'ISO' in some "ISO 9001" advertisement and that's about it. And those who knew more and had the power to be heard, blantantly shut their mouths to keep the money flowing!

My country's standards organization (that was invited as an O member, just in case they needed some stupid to raise an extra hand) had nothing better to observe than: duh, we don't actually understand what's all this fuse about but.. yeah, we're interested. We'll abstain just in case, but you tell us whatever you decide.

I guess I should feel happy with the fact IRAM abstained instead of dealing for a bunch of dollars, provided their name stands for words starting with different letters XD. But I'm too frustrated to expect any appeal or a chance of reverting, or investigations, or something.

There's one thing I know for certain, if my pupils ever hear me say ISO, it will be standing for Industry Standards Organization. International my pants.

As a final consideration, IMAO they should take a part of the money and buy www.iso.com, because .org is just.. argh.. who cares about RFCs and ICANN anyway?