Wednesday, October 27

Cut tire, Eclipse

How can people do such a thing? Today I found one tire in my care and one tire in neighbour's car are cut last night. It is hurt so bad that it's impossible to fix any more. Gees, how can people go to the parking lot and cut the tires without any reason?

Tonight, arount 12AM, I went out to the parking lot with the neighbour to make sure nothing happened, then we found something wrong with the moon. It's weird, I think. It's not the same as the last time I saw it. When did I saw it last time? It was 3 hours ago. Yes, It was a full moon, but now it is not!

So, this is the lunar eclipse. But I'm 2 hours late to see the total lunar eclipse.


(Photo: Total Lunar Eclipse, 2001, from Discovery)

Labels:

Studying 70-401 Exam guarantee your ultimate success in real Certification Exam. After using our Exam Training Products, you will enter the Examination Hall with confidence of attempting Certification Exam in first attempt.
We provide accurate Certification Preparation Material for your best result in Certification Exam. You can download Test King Cram Free Training Exam Materials anywhere anytime. We give you a bright career opportunity by providing Certification Preparation Products. Our Free Training Exam Products are beneficial in your Exam and Practical life. With our MCSE Training Tools, your ultimate success in Certification Exam is no more a dream.
Many candidates who have taken the exam already recognize that Microsoft 70-401 are not as easy as people think, but if you if you prepare the exams by the true material, it will not be difficult for you to attempt the questions in real exams.
Whether you are focusing on Networking, Internet Security, or Enterprise Infrastructure -certifications will get you to the place you need to be. Secure your job - or a better job with the personalized training solutions from Microsoft 70-401. What do our Exam resource and certification training have that other certification outlets can't offer? How about a 100 guarantee that you will pass your Exam after preparing for your test with our training tools!
Let us tell you that this is not the case. It is not so easy to prepare well for these Guaranteed Microsoft examinations. The vendors and companies keep changing the exam objectives and criterion and a slight mistake might lead you to failures. If you are preparing for an IT Certification exam and have access to internet, then you will find no doubt hundreds and thousands of websites claiming to provide you IT Certification Training Tools.
We provide you an efficient Online Interactive Engine for your best Certification Exam guidance. Our Interactive Engine, Free Training Exam Materials, Download Microsoft exam 70-401 Questions Answers Dumps and Certification Preparation Products are prepared under the supervision of Certified Professionals. You won't find any Testing Engine better then Interactive Engine, for you better Certification Preparation.

70-649 - Upgrading-Your-MCSE-on-Windows-Server-2003-to-Windows-Server-2008--Technology-Specialist
70-647 - Pro:Windows-Server-2008--Enterprise-Administrator
70-646 - Pro:Windows-Server-2008--Server-Administrator
70-640 - TS:-Windows-Server-2008-Active-Directory.-Configuring
70-236 - TS:-Exchange-Server-2007--Configuring
70-290 - Managing-and-Maintaining-a-Microsoft-Windows-Server-2003-Environment
70-291 - Implementing--Managing--and-Maintaining-a-Microsoft-Windows-Server™-2003-Network-Infrastructure

 

Sunday, October 24

Security!

In Nipissing University, Ontario, Canada, a spyware was found in a center computer. It is possible that all students' personal information is stolen.

Students are not worried: "I guess that the worst that could happen is that the hacker gets to pay my student loans for me, so I'm not exactly worried about it. "


But I'm worried about the security. The center computer should be running UNIX, so the hacker must have made a special spyware for this hacking action because those modern spyware are only in Windows. After the spyware was developed, she found out a way to sneak into the university's system, and run the program (maybe she has root privilege?).

Although in the news the university "insists the school followed all the standard security procedures and had firewalls and monitoring software in place to catch hackers.", but I wonder whether the hacker has delete some log info, if she has root privilege. If this is true, the only way left for the police is to trace where the infomation is going to. I hope the receiving server IS in North America.

Dr. Prakash in University of Michigan is working on WebTap, which is a good tool to monitor outbond activities to find out spyware. This tool is useful in this case, because it can quickly find out the "unusually high levels of traffic on the computer network" automatically, which was found manually 6 months after the spyware was installed.


Labels:

CSSA 风波


flammable:
论坛里有人对永力行为不满,开始讨论此问题.后来有人公开在论坛上对永力说粗口.侮辱性语言.随后有人拿打印下来的证据.去学校投诉.UWSA紧急关闭了CSSA网站,并冻结了CSSA.在CSSA主席的多次谈判下,才得已恢复.事后CSSA删除了一些发言过于激烈的朋友的帖子和ID.造成了很多朋友的不理解.于是发帖子质问CSSA.


UWindsor:
Posted: Wed Oct 20, 2004 3:34 pm Post subject: 封网?开玩笑吧!
本来我只是旁观者,并不在乎抵制或反抵制"永利"蔬菜店,这次争执升级为封网,这可就损害了所有在CSSA上活动的"CSSAER"了:? 对"永利"产生了反感.


Damon:
观点:1. 支持学生会;2. 这次的确软。
在“指责”学生会的成员工作不力的时候,诸位有没有想过,学生会的成员,大部分是学生。北美的学习(尤其是本科)是比较累人的。作为中国学生,要在学业上不落后,势必要花相当的时间在学习上。而且由于经济问题,一些学生也许还要打些工。在这样一种情况下,能够加入学生会,本身就是一种值得鼓励的行为。
说中国学生会“你们不会是被金钱收买了吧?”,实在是有诋毁在中国学生会义务工作的学生们。要知道,中国学生会是非盈利性、volunteer性质的这样一个组织。学生会成员所做的工作,都是在义务花费自己个人的时间、精力。如果大家在享受别人义务提供的服务的时候,不时有建设性的、友好鼓励的提出建议,而是在猜测、旁观,这会颇为打击那些volunteer的热情。如果每个中国学生都是这样猜测、旁观,那么,中国学生会早就完蛋了。好在总有那么一些学生,用他们的努力让学生会这样一个机构一直延续下去,不至于消亡。
不在于他们做得有多好,至少他们还在做。
如果你都没有想过为别人付出什么,那么你又有什么资格去指责那些可能正在为你付出时间/精力的人们?没有任何人愿意在为你义务提供服务的情况下还要忍受你的指责。如果你觉得人家做得不好,那你来做又会如何呢?至少人家学生会的人站出来在做了;而你呢,甚至都还没有站出来,却呆在家里指手划脚。大家只看到学生会做得有多不好,可是大家又是否知道即便如此,学生会的人们也已经花了不少精力在维持这个机构了。现实地来讲,在这样一个清水衙门,要做到你们所谓的好,有可能吗?
那些喜欢指手划脚的人们以为他们的宏图伟略只要去做就能实现,却不知道现实生活中限于各种因素哪怕是一些小的事情,可能都要颇费周折才能实现。既然如此,我们就应该体谅学生会的难处。
再说“orange2004”这个网友,本身永利这件事情就是从你个人刻意挑起来的,而且你一直在跟贴鼓动,结果导致网站被封。就算这件事情是学校糊涂,但是网站被封你也是有责任的。但是网站被封后呢,你承担什么责任了呢?什么责任你也没承担,而且现在你还在这里发表不付责任的言论。你对网站的被封负有部分责任,你对网站的恢复没有任何贡献,恰恰相反,网站恢复后你还在诋毁学生会。你的言论是不够负责任的。
声明:本人非学生会成员,但是本人对学生会还有一些了解。



yong:
软?
这段摘自UWSA电邮 We have had serious complaints and alegations about the content on this forum. Community members have come into the UWSA office to inform us that there are sladerous and racial slurs posted on it. ( 我认为这是事实 ,例如:日本?子, 日本?种 , 真的很他??蛋,傻 ? ) This is not only a violation of the Human Rights code of Canada, but also the Human rights Policy at the University of Windsor. This is a very serious allegation ... ( 我和大多数在温莎大学中国人一样,对加拿大法律,社会观念了解很少,个人认为 some of the posts is violation of the law 的定性是可信的 ) 一个人的违例行为不会因为不懂法而得到原谅的。 大家都时间宝贵,对什么帖子是不合适的,不同人会有不同看法,斑竹不可能花很多时间去权衡,不可能坐下来和有权封网的UWSA一个帖子一个帖子去讨论。我们应该体谅。其实,Flea Market is for buy and sell. 不把无关信息贴在这,是一种基本网络礼仪,是对他人阅读时间的尊重。

iamhere:

斑竹你也真调皮呀!大家都劝你别乱封ID,乱封ID是不对的。哎呀我话没说完你怎么又把人orange给封了?封ID是权利,乱用它是会影响论坛发展的,把大家都吓跑了怎么办?就算吓不到大家,影响人气也是不好的嘛!....
你想要大家文明发帖啊?你想要说清楚不就行了吗?你想要的话大家应该都会遵守的,大家讲道理嘛!现在我数三下,你要说清楚你要不要……


fish:
我的几点意见:
1,对CSSA的意见:
(1)以前不删帖,放任自流,一错
(2)从来不见哪个学生会的人在网站上跟网友交流,yong的id是昨天才临时注册。orange2004说以前网管也发帖支持,我想他可能记错了,我从来没看见有学生会的帖子参与这件事,在封站之前。
(3)被封网站之后也从来没有跟大家通告一下。听说过“危机公关”?起码,尊重一下1000多个用户,总是应该的吧?跟大家说一声,就这么难?
(4)恢复网站一个星期,只删帖不回复。要不是orange上蹿下跳,deminy多次发长帖,yong也不会出来。“学习紧张”这个借口就够了么?
(5)其实,只要解释一下,大家现在知道受到wingli的要挟,而且他们所打印的东西确实是我们的问题,大家也就能理解cssa的工作。
2,对大家的意见: 其实没什么意见,以后注意一些,不要说种族言论的话。不要搞人身攻击。我看orange2004最后的帖子也已经体谅到cssa的难处,大家互相理解一下,就好了。
3,对我的意见: 写这么长的帖子干吗?

4,对永利的意见: 什么?永利?永利是谁?我怎么没听说过?那个杂货店?啊,好久没去,都忘了

钟国仁:
有件事我觉的很奇怪. 为什么在大家声讨中学生会的主席也不出来说句话呢?说是不知道这回事?也太牵强了...说是一两个人点了他的名就吓的不敢露面...这更不象话. 总而言知,我们请求学生会的领导能出来解释解释,我们并不需要你们承担错误. 我觉得前面的同学说的好,网站被封了你们发不了信息告诉大家,网站也好了快一个星期,你们就在ANNOUNCEMENT前贴了几行所谓"不该对人身攻击,不该说这种话不该说那种话的......"许多人也根本不知道网站被封是和什么事情有关,连一些合理的解释也不给就把知情上来说话的网友给封了真是糊涂的莫名其妙. 对于很多不知情的人来说,我们在片面看到的当然是BBS的主席封ID在先不对.另外,有为叫YONG的出示一封UWSA的信,我看了当然表示理解,我也相信大多数学生都讲道理.如果这种信息一早公布的话还会弄成现在这样子?所以,对这个事情学生会领导班子的做法本人实在不敢苟同. 本人曾经跟老夏那届学生会合办过活动,深知道学生会不易.但希望你们能尽快把事情处理好,不要让前人辛辛苦苦办理的学生会蒙羞.

flammerble
...
4:请明确认识CSSA的性质,它是一个隶属学校的CLUB,任何一个U OF W的CLUB,都有一定的权利限制。CSSA亦是被管制的组织。CSSA作为一个具有一定规模的组织,更需要按规矩,而不是个人的意愿而办事。
5:投诉CSSA的人持有的证据,是任何一个人都无法反驳的,像那些脏话,相信有素质的个位留学生,也都明白,进行这种言辞,父母从小就告诫我们这是不对的。。“永力事件”如果只是涉及一些像“团结起来”进行一些活动的话,CSSA 的BBS不会进行干涉。可人家出示的是带有侮辱性语言的证据,投诉的名义是“带有种族歧视性语言”。
6:CSSA每年都会举行:中秋晚会,元旦晚会。交游等活动。(正在筹划举办更多的活动。)并在CLUB DAY的时候招收新会员。每一个活动,在有些人看来可能都不那么起眼,不那么优秀。我们所有的活动经费都是靠 赞助+少量拨款 而举办起来的。说实话,这次中秋晚会,我们收门票。都核对下来,CSSA还需要自己补贴钱进去。每个晚会都是如此。我们如此做的目的,就是想在异国他乡,再多给中国学生一些节日的氛围。怎么可以说没接受过义务服务,真正的义务,就是免费吗? Cssa下的每个人,都是没有任何回报的。我们是在学习期间挤出时间,来为大家做那些可能微不足道的服务。难免有不周之处,我们会发现并及时改正,但并不能保证CSSA的完美。

7:CSSA里有自己的章程,每次选举主席,也都是按CSSA的制度办。如果某些朋友对这些有置疑的话,相信是您对CSSA的了解还不够。如果有兴趣,有可能你还会加入进来,更多的了解学生会。BTW,如果有兴趣,可做深一步研究。请不要鲁莽的用“禅让”这种字眼来评估我们。
8:还想再强调一点,CSSA是一个CLUB,需要的是你热情的来参加我们的活动,而不是追着你参加我们的活动。想不想参与我们的活动,你拥有充分的自由。你没有把握时机参加,我们也没有可能单独为你们组织活动。


-------
这么多天来,也不见有人出来为1000多用户无法登陆两个星期的问题道歉。看到的是yong的“时间宝贵”的借口和flammerble的“难免有不周之处”的套话,同时带着“你爱来不来”的口气。
CSSA得到中国大使馆的赞助,这是无庸讳言的。所以它不仅仅是学校里普通一个club,同时也肩负着提高中国学生生活质量、联系乡土感情的责任。CSSA的名声也不是几个人打起来的,而是海外各地的中国学生会几十年来义务工作的结果。
所以希望现任CSSA委员们拿出一些敬业精神来做事。如果觉得干不过来,就辞职,没必要苛求自己。

Thursday, October 21

Magic Cube (魔方)

Have you ever played Magic Cube (魔方) before? I do like it. Actually, I'm pretty good at it though. I can make 6 surface perfectly. No, no, I'm not telling you how to play Magic Cube in this blog.

14 years ago, when I was in highschool, I went to "Olymipc Information Competition" Local Contest, and the question is to build a Magic Cube, and I didn't have any idea how to do it, until yesterday.

Yesterday I was reading papers about backtracking in CSP problem, then a lightning hit me: This is exactly what I should have use in that contest, to build a Magic Cube! Make the initial state, then try every steps. Depth-First Iterative Deeping will get the optimal solution for this problem efficiently! (Of course the solution is exponential, that's why the question was marked: only 3 steps to the solution. I can still remember that after 14 years.)

I've learned much, but I didn't know how to use it. Now I'm on the right track.


Labels: ,

Wednesday, October 20

灰姑娘的故事 (A Cinderella Story)

In China, we call "A Cinderella Story" "A gray girl's story", because Cinderella was hopeless living under somebody's control.

Trailer

I hate those "Cinderella Story" because in such storys girls are looking for handsome, wealthy guy, and that's all they are doing in their whole life.

Friday (22, Oct, 2004) evening, 8:30, CAW student center will play this movie.

Crazy: $349 = P4 2.8G, 256M

A friend called me this morning and told me Dell's big sale: DimensionTM 4600, P4 2.8G, 256M, 40G hard drive, (no monitor) only for $349. He will build a server and make fun of it.


Today is the last day of the sale.


He wants to know what's the difference between a "Server" and our pc. 5 years ago, a personal computer is not strong enough to support network application, and it's not stable enough either. So people have to spend 10 times the money to buy a special computer as a server. Now, things are different. A simple P4 2G is much faster than a duel Xeon 800 (This is the model I bought for a E-Commerce company 4 years ago). Also, Windows XP/2003, Linux are stable enough as a server operating system. The only problem is that whether the power supply and mother board is stable or not to run 24/7. But since the friend is not using the server for business, it doesn't matter if the server crashed :)


Yes, the computer is much faster then before. 7 years ago, 1997, I heard that 386 processor is faster than the computer which was used in NASA to push the Apolo to the Moon in 60s, then I knew I didn't need to buy a fansy computer anymore, what I need is to make software to make full use of the computer.


Yes, I'm still running a Pentium 100 at home.


(But it's better to have more Memory in that Dell computer. Let's say, 512M)

Tuesday, October 19

The Cuckoo's Egg

The Cuckoo’s Egg is written by a computer geek who was working in a science lab in Berkeley, California. He was an administrator of the computer network in the lab, and one day he found there's some minor unbalancing in the accounting system, that's how the story begins.


A hacker stole his computer time for 2 seconds to sneaked into his computer network. After he was sneaked into the system, he pretended as a normal user, and nobody would notice his existence. But Clifford, the computer geek, found something unusual from that 2-second unbalancing, so he kept looking for the source of the unbalancing, and found a big fish at last.


From the very beginning, Clifford thought he could verify that the accounting system had round-off error when dealing with small numbers. But two days later it turned out that the accounting system was pretty smart, and there's some unusual activities in one user's account. When he reported that to his manager, they agreed that it might be some student who stole the account and fooled around the network. So he had 2 weeks to find out the little naughty boy.


2 weeks later, by tracing the dial-up call, it seems that the hacker was from Virginia, but the telephone company won't give them the phone number without a court's order. Things showed that the hacker was really interested in anything related to the military computer system because using Clifford's computer as a jump-up, he kept knocking the military's computer system all the time. Sometimes the hacker was lucky to break into an military's computer system, he searched for some sensitive articles inside-out.


He called some bureaucrat, but no one listened to him. No one noticed that this was a serious problem. Everyone told him:"Fix the bug in your system, shut the door, then get away from the hacker!" Clifford knew that if he shut the door of his computer system, the hacker would find another jump-up and keep breaking-in more computer system. He called the administrators of those systems who were broken-in, but most of them would fixed their own bug and shut the hacker out, no one is interested in digging the hacker out. What should Clifford do?


To Be Continued...

Labels:

Monday, October 18

Spoof email trying to steal money

This email is pretty well constructed. It appreas like this:



and when you move your mouse over it, you can see it will direct you to

https://web.da-us.citibank.com/signin/scripts/login/confirm/user_data.jsp

Everything seems so normal. So you click it, and two browser windows open: One is http://www.citi.com/domain/index.htm, the official homepage of Citi Group, another is a form asking you to input your ATM card number, password, your personal information...

This is the form which will steal your money. When you see the official homepage of Citi Group, you might believe that the form is also created by Citi Group, then you might trust the form and input your personal information.

When you click that link, you're not visiting Citi's website. Actually, you are redirected to another address:

http://68.14.198.*:87/cit/index.htm

In this malicious webpage, the above form is pop up, and you're directed to Citi Group's website.


Tracing the email, I found the email is sent out from a client of Shaw, a famous ISP in Canada, and it's sent to a mail server in China, using a false email address as: Citibank <antifraud.ref.num276686715370@citibank.com> After all this, the server which is hosting the malicious webpages is a client of COX in New Orland, USA.


In such a crazy world, don't ever trust anything easily.

Labels:

you are smart in computer. work hard!
 

Sunday, October 17

My private Internet Radio

You can visit my Internet Radio by clicking the link. Usually it's on aire on weekend.

Today, I'll play some Brothers Four's songs, from 11AM to 11PM.

Suddenly, I deleted the radio.
 

Saturday, October 16

ACM Competition, CSSA server

Today in the ACM local programming competition, I solved 3 problems. Because my team is in the 2nd position in the competiion, I will go to Oakview for Regional competiion on 5, Nov. Wish me good luck!

Leon's team is still the best in competition. They are really good at that. Congratulations!

Finally, CSSA's server is back. But it's weired that in one night, someone posted a message talking about WingLi again, and 7 follows and 500 clicks! I don't understand why so many people are staying at night. :)


Labels:

Tuesday, October 12

First blog

Finally, I gave up writting my own simple blog program, because the sol and luna are not stable in these days.

I tried to install gaim in sol, but why the tar kept telling me "tar: directory checksum error"? I have to find another computer to extract the tar ball, then upload it to sol and compile/install it.