imchris.org

Summer 2006 was a good summer, definitely a good time, good job, and fun place. I worked in Berkeley, CA and lived right down the street from ICIR where I worked. Berkeley pretty much had everything I wanted and if its wasn’t downtown Berkeley, then its just a short subway (BART) ride to get there. There was a lot of things going on, and lots of crazy people wandering around (like me) at all times of the day.

As for my job, I worked with Vern Paxson on creating anonymization policy for application layer protocols. In my first couple weeks, I ported anonymizers for DNS and HTTP. After I did that I was familiar with the Bro IDS code and BINPAC, and was able to implement a parser for the SMB/CIFS protocol (as well as Netbios, MS Browse, and some RPC/named pipe functionality). The end result is a detailed parser for CIFS that can also rewrite packets in an anonymized form. This is the protocol that does most of the things in Network Neighborhood and allows users to mount network drives and do network file system operations. Its a complicated protocol, with many things going on that make it hard to parse (an anonymize).

The spring semester is over, and I’ve learned some new things. What I learned in privacy class was that privacy enhancing technologies are complicated, and often can’t offer any official assurance. In advanced coding theory class I learned a whole new set of analysis techniques, and understand better what makes up the modern coding schemes.

• Aimstalker (privacy project) – data-mining the aim network
• Coding Theory and Sudoku (coding theory project) – modifying the Sudoku puzzle problem to create LDPC codes, and constructing Sudoku puzzles with random checks.

Finally, I’ll be in Berkeley, CA all summer working at ICIR.

CRHC uses some functionality from spamhaus.org, which in turn pulls from CBL or the Composite Blocking List (http://cbl.abuseat.org/). Blocking spam is great and all, but I really think that:

1. I am not a spammer, and my IP has never been used for spam while I owned it.
2. You need more than HELO strings to determine if someone is a spammer
3. If you claim I’m a spammer, you should be at least able provide areason.
4. If I tell you to remove me from your list, REMOVE ME and don’t just add me back in a couple hours.

IP blacklisting for spam might work, but at the cost of blacklisting tons of people who aren’t spammers. Seems to me like another broken attempt to solve the “spam problem”.

UPDATE: Spamhaus was successfully sued in the U.S. for incorrectly blocking an email from an entire company. Quote: “A federal judge on Wednesday ordered the Spamhaus Project, an international anti-spam organization, to pay $11.7 million in damages to Wheeling-based e360 Insight LLC for blacklisting the company.” Spamhaus wont pay up either. Google for spamhaus litigation for the rest of the story.

ECE 559 – Advanced Coding Theory and ECE 598 – Privacy Enhancing Techniques. Both courses have good professors (Ralf Koetter and Nikita Borisov). Also enrolled in the Security Reading Seminar, which is pretty much the same as the fall one, although this semester we have to read other people’s qualifying exam papers and focus on “dependability”.

Also continuing to do research, and be part of SIGMIL.