- Reality Bytes — We make things because that’s how we understand. We make things because that’s how we pass them on, and because everything we have was passed on to us as a made object. We make things in digital humanities because that’s how we interpret and conserve our inheritance. Because that’s how we can make it all anew. Librarians, preservation, digital humanities, and the relationship between digital and physical. Existential threats don’t scare us. We’re librarians.
- Kickstarter Stats — as Andy Baio said, it’s the one Kickstarter feature that competitors won’t be rushing to emulate. Clever way to emphasize their early lead.
- ICANN is Wrong (Dave Winer) — Dave is right to ask why nobody’s questioning the lack of public registration in the new domains. You can understand why, say, the Australia-New Zealand bank wouldn’t let Joe Random register in .anz, but Amazon are proposing to keep domains like .shop, .music, .app for their own products. See all the bidders for the new gTLDs on the ICANN web site.
- The Art of GPS (Daily Mail) — beautiful visualizations of uncommon things, such as the flights that dead bodies make when they’re being repatriated to their home states. Personally, I think they tend too much to the “pretty” and insufficient to the “informative” or “revealing”, but then I’m notorious for being too revealing and insufficiently informative.
"DNS" entries
Managed DNS considered harmful
Outsourcing your DNS is not a magic bullet.
There is frequently a tendency toward letting one’s guard down when it comes to threats to your IT systems. Absent an immediate “hair-on-fire” situation, we may relax and assume all is well. Yet malicious activity such as hacking, phishing, malware, and DDoS attacks never stop accelerating in terms of frequency and intensity.
So it’s important to have a “Plan B” DNS solution in place and ready before a crisis hits. That way, even if you’re taken off guard, you still have a backup plan and can respond appropriately.
DNS is one of those things nobody really thinks about, until it stops working. The first time easyDNS went off the air on April 15, 2003, it induced a type of existential crisis in me. That summer, after meditating intensely on the situation, I came away with the conclusion that the centralized managed DNS model, as we understood it then, was doomed.
My response at the time was a proposal to pivot to a DNS appliance with decentralized deployments, but centralized monitoring and management. That concept was promptly shot down my co-founders and we’ve kept on with the centralized, hosted DNS model to this day.
The core problem is this: there are many reasons to elect to outsource your DNS to a managed DNS provider. Those reasons include:
Easily invoke common protocols with Twisted
Spin up Python-friendly services with 0 lines of code
Twisted is a framework for writing, testing, and deploying event-driven clients and servers in Python. In my previous Twisted blog post, we explored an architectural overview of Twisted and examples of simple TCP, UDP, SSL, and HTTP echo servers.
While Twisted makes it easy to build servers in just a few lines of Python, you can actually use Twisted to spin up servers with 0 lines of code!
We can accomplish this with twistd (pronounced twist-dee), a command line utility that ships with Twisted for deploying your Twisted applications. In addition to providing a standardized deployment interface for common production features like daemonization, logging, and authentication, twistd can use Twisted’s plugin architecture to run flexible servers for a variety of protocols. Here are some examples:
twistd web --port 8000 --path .
Run an HTTP server on port 8000, serving both static and dynamic content out of
the current working directory. Visit http://localhost:8000 to see the directory listing:
Twisted Python: The engine of your Internet
Learn to build event-driven client and server applications
I want to build a web server, a mail server, a BitTorrent client, a DNS server, or an IRC bot—clients and servers for a custom protocol in Python. And I want them to be cross-platform, RFC-compliant, testable, and deployable in a standardized fashion. What library should I use?
Use Twisted
Twisted is a “batteries included” networking engine for writing, testing, and deploying event-driven clients and servers in Python. It comes with off-the-shelf support for popular networking protocols like HTTP, IMAP, IRC, SMTP, POP3, IMAP, DNS, FTP, and more.
To see just how easy it is to write networking services using Twisted, let’s run and discuss a simple Twisted TCP echo server:
from twisted.internet import protocol, reactor
class Echo(protocol.Protocol):
def dataReceived(self, data):
self.transport.write(data)
class EchoFactory(protocol.Factory):
def buildProtocol(self, addr):
return Echo()
reactor.listenTCP(8000, EchoFactory())
reactor.run()
With Twisted installed, if we save this code to echoserver.py and run it with python echoserver.py, clients can now connect to the service on port 8000, send it data, and get back their echoed results. Read more…
Four short links: 22 June 2012
Why We Make, Kickstarter Stats, Dodgy Domains, and Pretty Pretty Pictures
The stories behind a few O'Reilly "classics"
A look back at "Unix Power Tools," "DNS and Bind," and other O'Reilly titles.
Tim O'Reilly: "It's amazing to me how books I first published more than 20 years ago are still creating value for readers."
Four short links: 3 October 2011
Mozilla Security Guidelines, Javascript Scroller, Botnet Techniques, and Password Humour
- Mozilla’s Secure Coding Guidelines — the Mozilla recommendations for web application security. See also OWASP, Google’s Browser Security Handbook and Google’s course.
- Scroller — MIT-licensed Javascript library for accelerated panning and zooming, from Zynga. (via Hacker News)
- How Fast-Flux Service Networks Operate — explanation of a technique used by botnets and other malware hordes to make it hard to figure out on which machines the services are actually running. For an example, see The Inside Story of the Kelihos Botnet Takedown.
- Log In — clever humour built out of password dialog boxes.
Four short links: 6 July 2011
China Snaffling Facebook Stock, DNS Douchebaggery, Corporate Whores, and Comic Relief
- China Wants to Buy Facebook (Forbes) — Beijing approached a fund that buys stock from former Facebook employees to see if it could assemble a stake large enough “to matter.” This has implications for Facebook entering China. Chief Operating Officer Sheryl Sandberg is reportedly “wary about the compromises Facebook would have to make to do business there.” If she loses her argument with Zuckerberg and Facebook enters China, the company will eventually be subject to demands to censor its sites, those both inside and outside China. That’s apparently why the Chinese want to own a big stake in Facebook. They are, in short, looking for control in the long run. No other explanation is consistent with the Party’s other media and “educational” initiatives. Again the world’s most desirable emerging market is fraught for those who would enter it.
- Cisco Helping China Build Surveillance (WSJ, subscription probably needed) — Western companies including Cisco Systems Inc. are poised to help build an ambitious new surveillance project in China—a citywide network of as many as 500,000 cameras that officials say will prevent crime but that human-rights advocates warn could target political dissent. Check out the mealy-mouthed weasel from HP: “We take them at their word as to the usage.” He added, “It’s not my job to really understand what they’re going to use it for. Our job is to respond to the bid that they’ve made.” (a) buyers don’t bid, vendors bid; (b) you’re a piss-poor vendor if you don’t understand what the client hopes to achieve; (c) really, maintaining plausible denial is the best way to preserve your brand’s integrity? Hewlett and Packard are turning in their graves, the heat given off from which could be detected by sensors, routed through Cisco boxes and displayed on HP terminals.
- US Claims .net and .com In Their Jurisdiction — The US Immigration and Customs Enforcement agency (ICE) wants to take down web sites that use the .com and .net top level domains (TLD) regardless of whether their servers are based in the US. Not only do DNS interventions like this not stop the copying, they’re the thin end of the political wedge into yet another piece of critical Internet infrastructure. Who woke up this morning and thought, “I want a copyright rentacop to decide which websites I can see”? The generative power of the Internet is eroded with every misguided meddling such as this.
- SVK Launches — BERG London finally launch their excellent comic. “Comic?” you ask. Noted science future awesome Warren Ellis wrote it, and it features some clever augmented reality hardware. I have one, and I am happy. You can be too, for only ten pounds plus shipping.
Four short links: 24 December 2010
Carbon Offsets, Good IDN, People Don't Suck, and Passive Lifeblogging
- Holiday Carbon Offsets — buy carbon offsets against Santa’s trip, a stockingful of coal, or this year’s Reindeer Games. (via Val Aurora on Twitter)
- Sad Story of the Snowman — the best use of Internationalized Domain Names yet.
- Katie, Starwars Geek (CNN) — best use of the Internet this year.
- Everything The Internet Knows About Me Because I Asked It To (WSJ) — passive lifeblogging. (via Keith on Twitter)
Four short links: 2 August 2010
Search Tips, Web Parsing, DNS Blacklists, Complex Machines
- Hidden Features of Google (StackExchange) — rather than Google’s list of search features, here are the features that real (sophisticated) users find useful. My new favourite: the ~ operator for approximate searching. (via Hacker News)
- Natural Language Parsing for the Web — JSON API to the Stanford Natural Language Parser. I wonder why the API to the library isn’t an open source library, given the Stanford parser is GPLv2. It’d be super-cool to have this as an EC2 instance, Ubuntu package, or Chef recipe so it’s trivial to add to an existing hosted project.
- Taking Back the DNS (Paul Vixie) — defining a spec whereby you can subscribe to blacklists for DNS, as Most new domain names are malicious.
- Building Complex Machines with Lego — I saw the (Lego) Antikythera Mechanism at Sci Foo. It’s as amazing as it looks.
Four short links: 5 October 2009
Bozo Cloud Talk, Annotation Fail(ish), Python MySQL Slash, and Infinite Books
- Brown Cloud Marketing — advertorial “interviewing” GM of a company offering “DNS in the cloud”. This might be a worthwhile service, but the way he markets it (by saying open source is “freeware” and the market leader is “legacy”) reveals a rich vein of bozo. Freeware legacy DNS is the internet’s dirty little secret (actually, it’s the reason we have a functioning DNS), Nominum software was written 100 percent from the ground up, and by having software with source code that is not open for everybody to look at, it is inherently more secure. (security through obscurity is equating clothing with being naked yet blind). The Internet kindly did the poor man’s homework: screenshot of a cross-site scripting vulnerability in their customer portal, a Nominum security advisory from 2008, and the Nominum web server is running Linux, Apache, and PHP (all legacy freeware yet apparently not the Internet’s dirty little secret). (via Bert Hubert and Securosis)
- Public Annotations on Healthcare Bill — using technology from SharedBook, Congressman Culberson hoped to get citizens marking up the healthcare bill. They’re using the software but many are just commenting on page 1–turning the hosted annotation platform into a forum with an odd user interface. It’s a UI challenge: designing a way to let focused people comment on specific things, while also permitting impatient unfocused people to comment on the general topic. It’s like asking for a SmartCar that seats 80. See also OpenCongress and their annotation system which also has hundreds of comments on the first few lines of the bill (including 39 on the one line “111th Congress”–apparently more contentious than you’d think!).
- MyConnPy — pure-Python MySQL client library, useful because it requires no C compilation to install (and thus can work on systems without C compilers installed, e.g. mobile). (via Simon Willison)
- The Infinite Book — design concept for an ebook reader (not a product you can buy yet). Sexy. (via Gizmodo)
