(Limerick Practice)

It is a little bit relief to know that there is someone else in this
world who has no less erratic life than you do. You plod ahead
sometimes merely for your very own survival, while sprint for vanity
the other day. Unfortunately, for most of us, we can not dash all the
way. We would lose our steam at some point. So we feel grumpy and
grungy, and we trudge along. To make the rest of my journey less
boring, looks I have to learn to enjoy this merry-go-around.

Posted by HAx4 at 9:03 PM |  0 Comments

I have been using GMail for a while. At first, its invitation is as
precious as a hot concert ticket. There were even scalpers on the
Internet who sell these invitations. If you visited
http://www.gmailswap.com at that time, you would realize how desperate
people were for these invitations.

Admittedly, GMail is very slick and unique, whose search/index is
prompt and accurate. However, it will bounce the inbound message if
there are any executable files(.exe) in that message. Even worse, it
will also sniff zip files and bounce them if the zip files contain any
executable images.(which include but are not limited to ".sys .dll
.bat .cmd .reg " files)

Here is a quote from GMail's Q & A help:

"As a security measure to prevent potential viruses, Gmail does not
allow you to receive executable files (such as files ending in .exe)
that could contain damaging executable code.

Gmail does not accept these types of files, even if they are sent in a
zipped .zip, .tar, .tgz, .taz, .z, .gz) format. If someone tries to
send this type of message to your Gmail account, the message will be
bounced back to the sender. "

One way to circumvent this is to use other compressed file format,
such as .rar. However, the winRAR is not a free ware. It has a test
period of 40 days. After that, you have to register.

Speaking of which, the winzip is not free either, which has an
evaluation period of 21 days. However, the .zip format is public (The
major .zip players in the market are PKWare and Winzip. Although there
is some brawl of standard between these two, at least the basic format
for .zip is compatible). You can find .zip compatible, free Windows
.zip compressor/decompressor at

http://www.info-zip.org/WiZ.html

The .zip file compressed by Wiz can be recognized by Winzip.

Posted by HAx4 at 10:58 PM |  0 Comments

(Self Introduction)

HAHAHAHA is the ID I have at BBS of SJTU. I received my post-secondary education in SJTU back in China when I was still a callow student, brash but fresh, not like that dreary, wrinkled guy now I see in the mirror every morning. (Or maybe afternoon if it is weekend. I like to oversleep.) I used to be a host at the DSP board of BBS-SJTU (Under Academic/Science Group, although I am not much a science person). That's why I always get a fit of nostalgia when I crawl back onto bbs.sjtu.edu.cn. These halcyon days are long gone, like water under the bridge.

Life is not hunky-dory. Things ebb and flow. There are upsets, setbacks or even ordeal and privation along the way, which is hard to simply laugh off. A tad of optimism might help. That's why I still bear this ID, which I hope in not a misnomer.

Posted by HAx4 at 10:33 PM |  0 Comments

(Comments for Apprentice Season 2 finale)

Last Thursday was thrilling for Kelly, who stands out from a million
hoi polloi. Although he looks kind stiff due to his military
background, he proved himself with his track record of strong success.
He deserves the job. Jen, on the other hand, lacks integrity to some
extent. She stole Ivana's credit during the Levi task.

In the final four, Sandy and Kevin are two different ends of the spectrum,
undereducated and overeducated. Sure, they are smart, in different
ways. Interestingly, the final four stands for four different facet of
smartness: Street Smart (Sandy), Book Smart (Kevin), Vixen Smart (Jen)
and Straight Forward Smart (Kelly).

Maybe smart is an overused word for Donald. "Savvy" fits him better.

Posted by HAx4 at 7:09 AM |  0 Comments

Microsoft is well-know for its talented employees as much as Windows
is notorious for its vulnerability. Besides the routine house keeping,
such as applying security patches from time to time, here is what I
would do after a fresh installation of Windows XP/2000. I know these
actions are not good enough to keep your Windows safe by any means,
but I hope they would be better than nothing. Please leave a comment
if you have anything interesting to share regarding this topic.

1) Close your default system share (See Ref [1][2] for detail).

I was shocked when I heard about this at first. These shares could be
easy targets if you have a weak administrator password. Sometimes,
when you access your machine from other machines with your system
password, you paved way for further attack. I was once hit by a virus
called "Mofei.worm" in this way when I access my cubicle computer from
the lab.

2) Disable or Rename "Guest" account
3) Rename "administrator" if necessary
4) Keep a strong password
Some smart virus would guess your password if you have a weak one.
5) Tweak your local security policy. The following settings may be
worth noting(I guess there are corresponding registry settings for
them. But I don't know exactly what they are).

Interactive Logon: Do not display last user name
Network access: Let everyone permission apply to anonymous users
Network access: Remotely accessible registry paths (clear them if possible)
Network access: Do not allow to storage of credentials or .NET
Passports for network authentication
Devices: Restrict CD-ROM access to locally logged-on user only
Devices: Restrict floppy access to locally logged-on user only


6) Restrict Null Session,
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\restrictanonymous,
set to 2

Null session may cause headache in various ways. See Ref[3][4] for detail.

7) If you are really paranoid, you could use command syskey to add
an extra password for your Windows. (See Ref[5] for detail)

References:
[1] MS TechNet, How to create and delete hidden or administrative shares on client computers
[2] WindowsNetworking, Disable Windows NT/W2K/XP Hidden Administrative Shares
[3] MS Help and Support, How to enable null session shares on a Windows 2000-based computer
[4] WindowsITPro, How is information enumerated through NULL session access, Remote Procedure Calls and IPC$?
[5] MS Help and Support, How to use the SysKey utility to secure the Windows Security Accounts Manager database

Posted by HAx4 at 8:39 PM |  0 Comments

Yesterday was a sunny day, which deserves a trip to the wine country.
It was all pleasant until a car hit us from behind, so three of my
friends on the backseat ended up in the local hospital's ER. (Don't
worry about me. I was on the passenger side up front and I am still in
one piece, literally). While my friends were suffering in the ER, the
driver and I took a walk outside the hospital and we found the view
out there, tinged with the afternoon sunlight, was pretty absorbing,
which I guess we would never appreciate without this accident.

Turns out all three of them are ok, although a little bit dazed. We
didn't get a chance to taste wine in the vintage, but we had a
cheering celebration for our survival at dinner.

At the very beginning, I could be the driver for this trip. But my
friend took the wheel when we hit the road. Maybe my car would be hit
if that happened. Or we could all be fine because we would not be
ahead of the car that hit us. There is no time machine.

The accident was pretty frustrating, but the adventure in the ER and
God's mercy brought our mood back in the end. I guess that is God's
way to design life, capricious and unexpected. I do not mean this
accident only.

Posted by HAx4 at 11:21 PM |  0 Comments

The bad news is that Microsoft entered the blog foray by launching its own blog service - MSN Space(http://spaces.msn.com/) last week. The world of Internet has already become an arena of tech and capital, which Microsoft has both. No one could block a Juggernaut like this. Maybe this will be another telling example of Ref [1]. Or the last week is the start of the end of free-style blog?

The good news is that upon further reflection, the bad news may not be as bad as I thought in the first place. Since it is done by Microsoft, you would expect it to be fancy and user-friendly, or in other words, foolproof. However, just like the camera world, manual focus ones could always keep a foothold no matter what. Perhaps that explains why I am still a disciple of Blogger. For this blog, it may not be better, but it will be different. (I believe it is already.) And I know almost every line between the HTML tags here. That is what I like and that is what I am proud of.

References:

[1] Internet - the last new dream turned into an old reality, http://yicao.blog-city.com/, 11/29/2004

[2] MSN Spaces reviewed, http://www.blogherald.com/, 12/02/2004

Posted by HAx4 at 10:07 PM |  0 Comments

Intuitively, among the many cool features blog affords us, two of them
stand out and outdistance a blog from a plain homepage, the comment
and the trackback.

Comment is more like a donation. You leave something for something
great. Commenters do not get much promotion for themselves.

Trackback, on the other hand, is more capitalism-like, which involves
loan and interest. You borrow something from other bloggers to make
your own. The lender gets some credit through the trackback, the
commenter also receives a link back by doing this. The outcome is the
mutual-promotion for both sides. Deep down inside, the trackback may
be sparkled by self-interest, but the side effect is benign and
helpful. I guess that makes it one of the bedrocks in the blog world.

I am not immune to mundane life and I decide to give haloscan a shot
anyway. That pretty much explains the Haloscan logo you see on this
page.

Technically, the trackback URL is what you need when you want to send
out a ping. For some blogs, it is fairly easy. If you use haloscan,
you could just simply click the trackback link. It will pop up a
window with the trackback URL on it. Although I heard some guys are
not too happy about this 'cause it makes the automatic script program
a bit harder. For them, the blog-city may be a better choice. I can
see the trackback URL there by opening page source and searching for
"trackback:ping:", which makes programming a lot easier.

For blogchina.com, I still didn't figure it out.

The Haloscan also provides comment service, but I did not adopt it
simply because Blogger already has one, which provides a smooth path
to each post URL.

Posted by HAx4 at 3:25 AM |  0 Comments

It is Thursday, the "apprentice" time again.

It was no surprise to me when I saw Ivana got fired a few hours ago.
From the preview of this episode showed last week, I saw Ivana whore
herself out on the street. I asked myself "Is that job really worth
this much, even your integrity? Tactical, is it a good idea to trade
your integrity with just a job, let alone a sort of pie-in-the-sky
one?"

I was not in her shoes. I do not know for sure if I would do something
radical as well under the same setting. I can tell she need this win
desperately. However, if I have ever learned anything from the past
few decades of my life, it is to value your own integrity, which is as
fragile as your credit score. If you want to trade this valuable with
something else, it is very likely to be a one time deal. If by any
chance you/I have to do so, you/I better make sure we would not regret
the deal for the rest of your/my life.

Posted by HAx4 at 1:39 AM |  0 Comments

Linux Kernel is a fantastic hodgepodge. To gather all the parts and
build the final image, Linux Kernel uses its own kernel build language
(We call it KBL for the rest of this article) to define a unique
config menu, which is kind like HTML. When you type "make menuconfig"
or "make xconfig", different interpreter picks up the same kernel
build language (KBL) and pops out config menu the user.

The KBL is different from kernel 2.4 to kernel 2.6. The one in kernel
2.4 is rigid and obsolete, lacking the complicated feature for menu
manipulation. If you use "make xconfig" under kernel 2.4, you would
notice that the x-menu is shored up by a Tcl wish shell. And in that
Tcl script, the part for sound card configuration is actually hard
coded mostly by Tcl script itself. I guess that's why Linux kernel
group changed the KBL completely in kernel 2.6 to make it more
flexible.

The 2.6 KBL can be taken for your own project if you want to make your
Makefile looks like pro's work. A good example to emulate is the one
for Busybox, which can be found easily on the internet. For those who
telnet to a Linux server from Windows (That's the way I do my work)
and do the compiling there, its text mode menu is appealing. However,
sometimes you may need to tweak your telnet program to VT100, and set
your command prompt to code page 437 (For those whose default code
page is not US). What's more, to enjoy the full color spectrum, you
better use the telnet provided by Cygwin. You will see the difference
if you are not color blind.

Posted by HAx4 at 7:45 PM |  0 Comments

       *) Grand Opening
       *) Why HAHAHAHA
       *) Stay Foolish
       *) Rabbit Hole
       *) Blotter
       *) Notebook

       *) Blotter
       *) Notebook
       *) Rabbit Hole

       *) I Love Rei
       *) TEXT2PNG
       *) China Blog List

       *) Bertrand
       *) Bruin
       *) Bulldog
       *) Hua
       *) Mas
       *) Nimrod
       *) Philewar
       *) Rodent
       *) Samuel
       *) Tom