Shannon and I spent the day today running around Washington, DC, supporting a friend of ours in his 10th running of the Marine Corps Marathon. It was a beautiful day to be trekking around the monuments, and a great excuse to find ourselves at the foot of pretty much every notable monument in the District.

I put a bunch more pics up on Flickr, including another handful from the World War II Memorial.

My first miter saw cut!

For anyone interested in what I might be planning to do with the miter saw I got from Shannon for our anniversary, I just posted about the built-in desk we built this weekend over at Doing it Ourselves.

This morning, I took a look at my mail server logs to see if yesterday’s changes had caused any unexpected issues, and I’m happy to say that all appears well. I also took a few minutes to analyze the logs a little bit, and here’s what the past 20 hours has brought:

don't send email to these accounts; they don't exist!
  • In 1,202 minutes, 16,605 messages were attempted to be delivered to nonexistent accounts on my server, for a rate of one message every four and a half seconds.
  • Those 16,605 messages were addressed to 915 unique (and still nonexistent!) email addresses.
  • By far, the address bore the brunt of this, with 759 of the addresses living there; no other domain had more than 60 or 70 false attempts.
  • The most popular fake email address is one that’s never existed, and doesn’t make much sense at all; it received 461 attempts. (The top 10 list is in the graphic to the right.)
  • As you’d expect, generic “webmaster” email addresses are popular, accounting for 225 of the attempts across all the domains I host; “postmaster” and “mail” are a lot less popular than you’d think.

All in all, I’m glad to have made the configuration change, and my mail server seems to be operating under quite a bit less load as a result.

There’s really no debate that despite all efforts to combat it, spam email continues to grow and thrive on the internet. Since I host my own email server (providing accounts for myself, my family, and a few friends), I’ve watched as gargantuan volumes of unsolicited email stream in over the wire, and I’ve had to keep up to speed on the latest and greatest spamfighting techniques in order to keep our mailboxes reasonably free of the nuisance. That being said, the whole system has always felt like a fragile beast, and when my spam system fails for even a few minutes, my inbox can get buried. (For example, a component of my filters got overloaded this morning for just over six minutes, and over 50 spam emails slipped through in that period.) So, for the past year, I’ve been hunting for ways to optimize my mail setup in order to lessen the load on the spam filters, and one specific way has eluded me until this morning. Being that I’ve actively searched for this very solution for over a year and not had success until today, I figured I’d describe what I did in case anyone else is looking for the same fix.

(Really, I shouldn’t have to tell you this, but what follows is an extremely detailed, low-level description of my mail setup and the innards of a spam filtering system. It’s dorky, and you probably won’t want to read the rest unless you’ve imbibed a good deal of caffeine and know your way around sendmail.)

One little bit of advice: do yourself a favor and give Firefox 2.0 RC3 a try. Over the past month or two, a few people have told me how much faster the new version of Firefox is when compared with the current v1.5, but I didn’t believe them until I finally got around to installing it last night — it’s amazingly peppy, and it’s been rock stable on the few machines on which I’m now running it. I’ve always found the page rendering part of web browsing to be a bit lethargic on my Macs; Firefox 2 feels comparable to Windows browsing, which is mucho mejor. It’s good enough that I’m changing my default Mac browser back from Safari to Firefox.

(And since my biggest fear about the upgrade ended up not being a big deal at all, I’ll mention that all of the extensions I use regularly — the Google Toolbar, Firebug, Greasemonkey, the extension, the Web Developer Extension — have updates available which are compatible with the new Firefox. The only extension in my installation that didn’t have a Firefox 2-compatible version was Live HTTP Headers; it’s not one I use on a day-to-day basis, though, so I’m OK with leaving it out of my install until it comes up to speed.)

There are times when I think I’m finally reaching a reasonable level of coolness, and then there are times I see something like Sun’s datacenter in a shipping container, feel myself start to drool, and realize that I’m still the huge geek I’ve always been.

Waiting for a flight Thursday evening, I opened up my Powerbook to see if the Gods of Wireless Networking had yet talked some sense into the folks who run Washington’s National Airport. Alas, there weren’t any legit wifi signals available — I specify “legit”, though, because there were quite a few ad-hoc networks set up that looked to be trying to phish and scam their way into information from unsuspecting or naive flyers.

Lookie there at all those scammers!

If you look at that list, what you’ll notice is that all of those networks are running in “ad-hoc” (or peer-to-peer) mode, which almost certainly means that rather than them being bona-fide wireless access points serving up connections to the internet, someone’s computer is advertising its own wireless network as available for sharing, and that person is trying to get you to connect to it. That network named “tmobile” is very unlikely to be run by T-Mobile; that network named “Starbucks” is similarly illegitimate. Instead of T-Mobile providing access to the internet, some schmuck is probably trying to entice you to connect your laptop to his, which means that he can then listen in on all your network traffic (sniffing passwords and other data) with relative ease.

Almost without exception, all trustworthy wireless access points run in what’s called “infrastructure” mode. The list of networks in that screenshot is generated by an awesome Mac app named iStumbler, but the built-in networking stuff in any Windows or Mac computer similarly makes a distinction between ad-hoc and infrastructure networks — the Mac separates ad-hoc networks into their own list (“Computer-to-Computer networks”), and if I remember correctly, Windows shows ad-hoc networks with different icons than infrastructure ones. So if you find yourself looking to use wireless access in an airport, make sure you know how to tell the difference between reasonably legitimate networks and scammers; your credit cards, bank accounts, personal files, and email systems will thank you!

The U.S. government might be engaged in a heated debate over the definition of torture, but here in Casa Queso, it’s pretty clear that the term includes such things as having to take a weekend trip to Chicago the day after this box arrived as my anniversary present from Shannon:

Happiness is a new miter saw

Seriously, I cannot wait to get that bad boy set up!

Seen in NYC this past weekend:

Don't worry about that illegal parking, Mr. Police Officer...

Don’t worry about that whole no-parking-at-fire-hydrants thing, there, Mr. Police Officer…

Does anyone know what’s up with Amazon’s new “your item is in stock but it’ll take us nearly a week to process your order” feature?

We'll get it to you when we damn well feel like getting it to you!

(Note that this is specifically on an item that Amazon itself fulfills; it appeared on four or five such items on a few of my search result pages tonight.) I’ve been using Amazon enough over the past week or two to feel pretty secure that this is a newly-introduced thing from the past day or two, but I can’t really figure it out. If the item is in stock, and Amazon is the one handling the order from soup to nuts, why does it take so long for them to get it out the door?

Seriously, when will someone get enough of a backbone to challenge the idiotic continued usage of signing statements by our President? Yesterday, we had the top of the Executive Branch food chain explicitly state that he feels he has additional power to change Homeland Security’s privacy rule audits, and also that he can defy the rules Congress spelled out about the qualifications of any potential FEMA director. The arrogance is astounding — each statement says, “I know what the words of the law state, but even though I’ll sign my name to the law, I won’t abide by those words.”

The FEMA bit is plainly insane, because the text of the bill stated that any potential director of the agency had to have at least five years experience and a “demonstrated ability in and knowledge of emergency management and homeland security,” and Bush’s signing statement explicitly declares that he doesn’t intend to abide by those requirements. This is immensely galling, given FEMA’s performance during Katrina under Michael Brown, someone who clearly wasn’t qualified to have the job or manage an emergency. The text of the statement (emphasis mine):

Section 503(c) of the Homeland Security Act of 2002, as amended by section 611 of the Act, provides for the appointment and certain duties of the Administrator of the Federal Emergency Management Agency. Section 503(c)(2) vests in the President authority to appoint the Administrator, by and with the advice and consent of the Senate, but purports to limit the qualifications of the pool of persons from whom the President may select the appointee in a manner that rules out a large portion of those persons best qualified by experience and knowledge to fill the office. The executive branch shall construe section 503(c)(2) in a manner consistent with the Appointments Clause of the Constitution.

Here’s my big question: what’s the actual difference between these signing statements and line-item vetoes? And if there isn’t any, didn’t our Supreme Court rule that the Constitution doesn’t allow for line-item vetoes? Will it take Congress changing party hands in order to get the body to stand up for its Constitutionally-vested power to define the laws that go before our President for signature?

Knowing a few people with security clearances, I’ve heard a bit about the oft-proposed idea to allow folks holding such clearances to avoid the screening mess at domestic airports. It’s always sounded like a fine idea to me… that is, it sounded like a good idea until I read today’s column by Bruce Schneier on what a bad idea it would be. And the thing is, he’s totally right — in order to fulfill this goal, the government would have to:

  • create an easily-portable ID that identified people with formal, government-sponsored security clearances;
  • set up a centralized database with records of all these people (something which, for a variety of reasons, doesn’t already exist);
  • implement methods through which security screeners could check an ID to make sure that the clearance is both valid and current;
  • train TSA screeners on how to do handle the new system and procedures.

In Schneier’s own words:

This issue is no different than searching airplane pilots, something that regularly elicits howls of laughter among amateur security watchers. What they don’t realize is that the issue is not whether we should trust pilots, airplane maintenance technicians or people with clearances. The issue is whether we should trust people who are dressed as pilots, wear airplane-maintenance-tech IDs or claim to have clearances.

From Talking Points Memo today (or maybe Wonkette, I have no idea who had it first) comes a photo that really hammers home the current mess in Washington:

Brown, Bush, and Foley, the whiz kids of the U.S. Government
(image copyright Getty)

(Yep, that’s Michael Brown to Bush’s right, and Mark Foley to his left.) If there’s a more representative image of this presidency out there on the wires, I certainly haven’t seen it; I’d think that it’d have to involve Jack Abramoff engaging in some sort of sex act with Bill Frist while Frist performs telemedicine on Tom DeLay.

On our way back from dropping my parents off at Union Station, Shannon and I noticed that Independence Avenue was closed off by a police car about a block from our house, and there were a bunch more emergency vehicles a bit past the blockade. Being the nosy people we are, we parked our car and wandered over to take a look; when we got there, this is what we found:

accident on Independence Avenue

(Rather than a District police car, that car actually belongs to the U.S. Capitol Police, and is a K9 unit at that.) Chatting with one of the officers, we found out that the gold Camry drove through a stop sign, at which point its right side became intimately familiar with the front end of the Captiol Police car. They cut the top and doors off of the Camry because it was the only way to get the passenger, an elderly woman with pre-existing hip problems, safely out of the car.

The best part of the whole thing was that while we were standing there, a guy in a Mercedes drove up and actually honked at the police to tell them that he wanted to drive through the accident scene. The two officers we were chatting with told us that that happens pretty much every time they work a scene; they’ve even had people ask to drive through firetruck barricades at active fires. People are truly stupid.