Emoji in URLs are probably a bad idea…

On the dns-operations mailing list there were already discussions about parties who bought domains like ♀.com (xn--e5h.com), but the following is also an interesting development.

When will we find pages with “special” Web Open Fonts and that become active when you press Ctrl-Shift?

Blocking the piratebay

In a previous post it became clear that censorship in The Netherlands has started. Due to the nature of the Internet and how it has been implemented in most lands, it means there is no central point of control to stop all to an IP-address. This means every network owner needs to take action, but how do they do it?

In the case of thepiratebay.org it looks like it has been done by manipulating DNS-answers. The first attempt is just using the DNS-resolver from the internet access provider and the second is an attempt using Google public resolvers.

$ dig thepiratebay.org
; < <>> DiG 9.8.1 < <>> thepiratebay.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER< <- opcode: QUERY, status: NOERROR, id: 6811
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;thepiratebay.org.		IN	A
thepiratebay.org.	10	IN	A
thepiratebay.org.	10	IN	TXT	"Forged by XS4ALL for Stichting B.R.E.I.N."
;; Query time: 19 msec
;; WHEN: Sat Feb  4 08:15:35 2012
;; MSG SIZE  rcvd: 104
$ dig thepiratebay.org @
; <<>> DiG 9.8.1 < <>> thepiratebay.org @
;; global options: +cmd
;; Got answer:
;; ->>HEADER< <- opcode: QUERY, status: NOERROR, id: 4847
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;thepiratebay.org.		IN	A
thepiratebay.org.	2596	IN	A
;; Query time: 26 msec
;; WHEN: Sat Feb  4 08:16:16 2012
;; MSG SIZE  rcvd: 50

By just changing DNS resolvers on the client or internet router the censorship can be bypassed for now. The question remaining is how long this is going to stand when the first article is published by a big computer magazine on how to bypass it. Or when sites also get an .onion to bypass DNS completely.

Debian Wheezy and GNOME 3.2

The migration of GNOME toward version 3.0 in Debian earlier this year wasn’t very successful in the beginning, but a lot of bugs where solved during the summer. GNOME 3.0 made it into Wheezy during the release of 3.2 and maybe for the better. Now only a few months after the release of GNOME 3.2 almost all packages have been uploaded to experimental or unstable, and most of them even already migrated to testing.

But what brings GNOME 3.2? A lot of people are unhappy and some of these points are valid and need to be fixed. Others can be discussed if they are true. One thing that changed in 3.2 is how GNOME interacts with your address book and your instant messaging accounts. Connections to instant messaging networks are automatically being started when you log in. This also reflects in the search screen when you type in a friends name and you direct see his connection status.

GNOME Online Accounts is another example of making things simpler for the user. Currently it only works for Google, but I really hope current proposals with querying the right SRV-records in DNS are also going to be part of GNOME in a future release. For now GNOME Online Accounts setups up multiple Google services up like Mail, Calendar, Chat, Documents and Contacts with a single authentication token. Different services don’t have to maintain and store the credentials in GNOME Keyring or in still in there own way. Hopefully there will come a solution for Liferea which still stores te users password plain-text in the configuration file.

Other third-party applications like Simple Scan, Shotwell and Deja-Dup are slowly making there way into becoming part of GNOME. I can’t wait to see what is going to happen with the GNOME 3.4 release as both Epiphany and Evolution are going to have some major work done to them. A switch to Webkit 2 and ending the usage of GtkHTML in Evolution. Hopefully after this Epiphany can replace Firefox completely on my desktop.

It is good to see the progress GNOME is making into becoming an interface for cloud services by simplifying the configuration for users, but also separating data from applications more and more. I can’t wait to see how GNOME Document is going to evolve, but two other things still open is a good solution for RSS-feeds and chat-logs as Empathy is still storing them on disk and isn’t able to use logs stored by Google for example.

In the end I’m happy with GNOME 3.2 in Debian Testing right now and Debian on my workstation is back to it’s weekly testing upgrade schedule as most parts are working. I even think that I will continue to do this during the 3.4 release as most of the GNOME dust has settled. Maybe I make an exception for both AbiWord and Gnumeric when they switch to GTK3 and hopefully also better OpenDocument support.

When do other banks start to publish SPF records?

In the past a lot of phishing was going towards customers of the Dutch bank Postbank. It continued for years and when the bank finally merged with ING the phishing attacks adopted the new name quickly. In both cases the bank was publishing closed SPF resource records in DNS so third party systems could determine of an e-mail really came from Postbank or ING. And with a few rules for SpamAssassin for example most of the phishing can be stopped.

The last months phishing attacks for both Rabobank and ABN Amro increased a lot. Most phishing e-mails from Rabobank are being caught by the bayesian filter for now, but for ABN Amro aren’t always detected. This makes me wonder why those banks don’t publish SPF resource records in DNS? Is it really that difficult? Or is the cost for fraude smaller, then for a denied e-mail?