The WASC Threat Classification is an effort to classify the weaknesses and attacks that can lead to the compromise of a website, its data and or its users. The primary goal is to offer a central guide for common attacks and weaknesses. You can find the document online at http://projects.webappsec.org/Threat-Classification

I had  bought a Toshiba T1800 laptop for $20 sometime ago and and totally forgot about it….

Hardware Specs

• 20 MHz Intel 386 SX, coprocessor socket;
  
• 2 MB standard RAM, expandable to 10 MB;
  
• LIM-EMS 4.0 support; 40 or 60 MB hard disk;
• 9.5″ STN monochrome screen with 64 grey scales

More info can be found here: http://www.toshiba-europe.com/computers/products/notebooks/t1800/product.shtm

The laptop is in relatively good condition with the exception that the battery doesn’t hold a charge for very long…only about 15-20 mintues.

Here are some pics when I picked it up

The above shot makes me think the whole Y2k thing was abit overblown

I’ve recently been getting some spam from a couple contacts on my MSN list…doing a quick google search on the links revealed that this is probably MSN phishing…basically the contacts have had their account cracked… this allows an attacker to now send fake messages to the contacts associated with the account in hopes of tricking more people into entering their account information on a fake site…since they are automated using bots/scripts the contact may even appear to be offline when you receive the message.

A couple examples of the messages I’ve received are (I like that in the first one ‘hope’ is mispelled…tricky tricky):

• hey ope this link its really cool www.youvegotvirus.com wink wink
• http://<youralias>.picslists.com

So a heads up if you get links such as this DON’T go click on them and enter your credentials….and maybe it’s a good time to change your password =)

The freecycle community is a non-profit member driven community aimed at basically giving away your old stuff. Yeah that’s right and giving it away *for free*. The idea is to allow people give away vs throwing out their old things (the old one person’s trash is another person’s treasure). And by treasure…I mean *free* treasure, not pirate treasure. Although in theory someone could give away their pirate treasure…for free…

Anyways…when you start your spring cleaning this year…instead of throwing out those old odds and ends join your local freecycle group and create a few posts. I’m sure they’ll even come get it so technically it’s even easier than throwing it out…as you don’t have to remember to take it out on garbage day and then actually take it out on garbage day… ;)

To find a group near you check out the Freecycle group finder.

Well it looks like ma bell has reported that is traffic shaping P2P traffic during peak hours. This wouldn’t totally surprise me since it is…well Bell…and my own experience with them has been less then ‘awesome’…but what’s interesting is that they are also targeting ISPs who use Bell as their upstream provider. So if you were a disgruntled customer and switched to another provider for your DSL, well your up the creek =)

Michael Geist has a write up about the issue, along with CBC and dslreports. And it looks like users are reporting that not only is P2P traffic being throttled but other encrypted traffic and protocols (IMAP, SSH, RDP, VOIP,VPN connections etc…)

There is also a Google Map that is being used to chart locations of where they are experiencing an impact.

So Bell has a few options:

1. Lower the posted rates
2. Upgrade the network
3. Yell louder than anyone else…(seems to work for politics) =)

Dropbox is an app/webapp that allows you to share files across multiple desktops. The flash demo on the site uses a Windows desktop and a Mac Desktop for the demo (No mention of support for *nix boxes). From the demo it looks like you can ‘publish’ a directory and then have other systems you use subscribe to these published directories. You can also allow other users access to your published files. All of this seems to be controlled from a web interface on the site.

A couple of cool points that I liked were the ability to undelete files from the web interface and revert back to a previous version of a file and only sending the delta of the change between hosts (thus saving bandwidth)…

Anyways…worth a look if your like me and constantly send files here there and everywhere =)

Apparently Novell takes it’s hold music seriously and has a dedicated ‘radio station‘ playing the hold music. This even includes ‘traffic reports’ every ten minutes (which tells you how many people are in the ques and the longest wait times) and you can even make requests for songs you would like to hear).

Now what would make this even better is that after waiting on hold for 45 minutes listening to such hits as Bohemian Polka is if they didn’t pick up the phone and then hang up on you….

And if you really want to you can tune in online by downloading their flash player…

After searching around for a bit for a ‘green’ web host, I decided to make a short list of what I found.

• aiso.net – 100% powered by solar panels, this includes the data centre and offices. They even have a webcam of the panels that you can peek in on.
• hostpapa.ca – The company’s energy consumption is audited yearly at which point they purchase back the energy from companies who generate wind power. This power is then pumped back into the grid.
• thinkhost.com – By purchasing green energy certificates (RECs), 100% of the power is offset by renewable energy (90% Wind/10% Solar).
• ecosky.com – ecoSky generates their own power using solar panels. Since they are also connected to the grid they can feed back excess energy that can be used by others. During times when they are required to use energy from the grid, which is offset by supporting wind power.
• dreamhost.com – Dream Host is carbon neutral. After calculating impact of the company they purchase Emission Reduction Credits to offset their footprint.

Well there you have it…solar, wind, offsets, trees….it looks like companies are starting to see the value in being ‘green’. Which one is best you ask…well it really depends on the services you need, but they are all making an effort to leave less of a foot print, so they are all good in my books.

What are Renewable Energy Certificates (RECs)

A ‘REC‘ or ‘Green Tag‘ is basically a certificate that the owner of can claim that they have purchased renewable energy. One REC represents 1 (MWh) of electricity produced by a green energy provider. These certificates can then be sold or traded on the open market and unlike carbon trading programs that increase the cost of emitting carbon, RECs act as an incentive & subsidy to produce more green energy.

For a list of Energy Certificate prodcuts available in the US please see: US Dept Of Energy

For a list of Green Power sources in Canada please see: pollutionprobe.org or davidsuzuki.org

Some of this information was referenced from the following websites:

• www.davidsuzuki.org
• www.pollutionprobe.org
• www.green-e.org
• US Dept Of Energy
• www.greentagsusa.org
• wikipedia.org

I checked Google Finance today and after scrolling down to the days ‘top movers’ I saw the stock I should have invested in…. Tele Norte Celular Participacoes seemed to have jumped 1524804.25%….WOW….

Now this must be a bug….but I can imagine some of the people that had invested in them. Waking up this morning, drinking their coffee…checking the price…crapping their pants!!!

3D graphics are all the rage these days with games….so when someone makes Pac-Man a text based adventure called Pac-Txt you have to take notice… Now if they updated it so that other users could be the ghosts…we’d have a full scale Pac-MUD going on!

I can’t help but wonder what other arcade based games can be reworked into this some would say lost genre of text games.