It’s not news that Japan’s shrinking population is a big problem, but it was a surprise to me how quickly it’s being felt. A Washington Post article A baby bust empties out Japan’s schools gives some startling facts:

Japan’s disappearing schools are emblematic of the problem. More than 2,000 elementary, junior high and high schools nationwide have been forced to close over the past decade. The number of elementary and junior high students fell from 13.42 million in 1994 to 10.86 million last year. An estimated 63,000 teachers have lost their jobs. Even as the percentage of people over 65 steadily climbs, an estimated 300 more schools a year are scheduled to shut their doors over the next several years…

Which would explain exactly why there were so few kids at Fuji Safari Park today…

Hokusai I ain’t, but here’s a view of Mt. Fuji for you. I’m in Japan right now, and the iced coffee is just as good as I remember.

Fuji was “shy” yesterday, and I missed my shutta chansu – shutter chance, i.e. opportunity to take photo. Today’s been nothing but rain, so Fuji’s covered in clouds.

I did get a nice chance to hit the driving range the other day, though. Totally automated, stick your prepaid card in and the balls automatically feed from below as the tee slides up with a fresh ball for you.

Here’s an article many are talking about:

www.opinionjournal.com/columnists/pnoonan/?id=110006302

Dave Winer, who is kind of the godfather of blogging for a couple of reasons, said of the peice that it explains blogging better than I’ve ever seen it done. Savor every word. It’s a gem.

Andrew Newton introduces the idea of Distributed Blacklists for the Blogosphere, a method for creating spam blacklists which leverage a peer to peer web-of-trust as opposed to a centrally managed list, hopefully providing greater accuracy and understood accountability.

Complete details on a possible technical implementation of the concept are here.

This is a great concept for ‘power bloggers’ and hosted weblogging services; by sharing with each other what they know about blog spam it might be possible to more effectively protect blogs from spammers.

We’ll still need some forms of proactive methods for protecting your blog against previously unknown spammers, as I wrote about here. But by combining your own techniques for protecting against spam whatever they might be with blacklists of banned IP addresses created by individuals and groups you trust will certainly prove more effective than either technique used by itself.

Trackbacks – a form of remote notifications or reverse linking from one blog to another – are in jeopardy.

Spammers are increasingly using Trackbacks as a target for spam. Trackbacks are much less protected than other spam targets such as blog comments. Blog comments are often protected against automated attacks by password authentication such as is available on our BlogHarbor service via Blogware Reader Accounts, or through the use of CAPTCHAs as a means to detect automated processes. Trackbacks however do not require any standardized security procedures which means that they are very susceptible to abuse.

Trackbacks should be treated more conservatively than email. Trackbacks are not ‘mission critical’ in the way that email is; the loss of one trackback incorrectly tagged as a spam (a false positive) would not disrupt a business. It is not a public matter to receive a spam email; you click the delete button in your email client and move on. But a spam posted to your weblog is indeed a public matter, a defacement of your public persona. A liberal trackback implementation will lead to decreased utility of trackbacks on your site. If there’s a question that a trackback could be a spam, it should be deleted or queued for moderation.

The question is, how do we save Trackbacks? How can we tell if an incoming trackback is authentic? While there are many methods in use, they seem to rely on crude methods of content analysis (constantly updating lists of grep patterns is not something the average blogger is likely to do).

There is a better way: Analyze trackbacks as if they were email, using the same proven and available spam prevention tools available to email servers.

Using DNSBLs to Verify the Source of a Trackback

A common means by which mail servers are defended against spam is through the use of DNS blacklists or DNSBLs. A DNSBL is a list of IP addresses through which spam has been sent or are likely to be used by spammers. These IPs can include open proxies, dynamically assigned IPs, and compromised servers.

DNSBLs allow a mail server to determine in realtime if an incoming email is likely to be spam. By sending a query to DNSBL services such as Spamhaus, SORBS, SPEWS, or NJABL, a mail server can determine in milliseconds whether or not an incoming email is being sent from an IP address which is likely being used by a spammer.

Blogging services must immediately begin basing trackback security on existing DNSBL standards. Some users have begun implementing such checks already:

http://weblog.sinteur.com/index.php?p=7967

http://bradchoate.com/weblog/2004/11/05/mt-dsbl

The use of DNSBLs has already proven to be an excellent defense against the very same spammers which are now beginning to attack blog trackback systems.

Content Scanning with DNSBLs

In addition to checking whether or not an incoming trackback originates from an IP address listed on a DNSBL, the content of a Trackback should be scanned against one or more DNSBLs.

The following parameters are sent as part of the Trackback protocol:

• Title
• Excerpt
• URL
• Blog Name

While the URL and excerpt parameters are the most likely locations for spammers to place spam URLs, it is not inconceivable that the title or excerpt parameters might also contain spammers’ web addresses, therefore it would be prudent to implement trackback security procedures which scan the entire content of a Trackback for web addresses, resolve those hostnames to IPs, and check those IPs against one or more DNSBLs.

Dynamic IP Addresses

While using a standard DNSBL such as Spamhaus will help reduce spam by blocking Trackbacks originating from or containing from known spammer IP addresses, one of the single most effective ways to reduce trackback spam would be to check trackbacks against DNSBLs such as SORBS which list dynamic IP address space, and to deny Trackbacks originating from dynamic IP addresses.

Many if not most ISPs are already disallowing email which is sent from dynamic IP addresses and requiring outgoing email to be sent from the ISPs own mailserver. This helps to reduce not only deliberate email spamming from end users on dial up or broadband networks, but also “accidental spamming” when zombie computers are used to send spam without their owners knowledge.

It is not good practice going forward to allow trackbacks originating from end-user clients. Best practice should be that trackbacks originate from servers, not from clients.

Blog hosting providers should require trackbacks to be sent from address space that is not dynamically assigned. The Trackback protocol has no inherent security and as a result, allowing trackbacks from dynamically assigned IP space is irresponsible.

Comments on blogs can be secured in any number of ways, such as requiring authentication etc. but the trackback spec does not allow for such security measures. Therefore additional means must be introduced in order to keep Trackback viable.

Blog hosts should send Trackbacks, not blog clients. Trackbacks technically are from weblogs – hosts – so requiring the trackback ping to actually come from a host is not unreasonable.

It would be necessary to alter the behavior and Trackback implementation in some blog hosting and blogging client tools, but if this modification can save the Trackback that is a small sacrifice.

SpamAssassin

One of the most popular open sourced tools for protecting mail servers against spam is SpamAssassin. This tool parses incoming email for content, and assigns it a score based on a series of tests. A higher score means that the message is more likely to be spam. Mail server administrators can configure their server to reject mail above the threshold of their choosing.

SpamAssassin is now part of the Apache project and has a high level of support within the developer community and it is regularly updated with new tests to detect spam. Additionally, it can also check DNSBLs as part of its scanning process.

SpamAssassin’s protocol allows it to be integrated with other protocols, and some developers have already begun implementing SpamAssassin-based trackback protection.

Using SpamAssassin as an element of Trackback spam detection should provide a considerable level of protection.

Summary

By combining IP-based spam detection via DNSBLs with content scanning from tools such as SpamAssassin and requiring that Trackbacks originate from servers and not from dynamically assigned IP space, Trackbacks can be saved…

Continue reading →

Via Micro Persuasion: turn your blog into a book with BlogBinders:

Blogbinders.com helps you turn your blog into a bound book – great as a gift, an archive, or even to sell to your readers!

It is quick, easy, and affordable to turn your blog into a printed book. All it takes is a few easy steps:

* Provide information about your blog account

* Select styles, cover/back and customizations

* Review automatically generated proof

It’s that simple! In under a week, your book will arrive.

Don’t worry, the 2 guys who read this blog. I won’t try and sell you a bound version of it…

Via Slashdot: CNET reports on Fansubbers, fans of Japanese anime who get a copy of a title that has yet to be released in the US and add their own subtitles to the movie and of course release it online via BitTorrent or other P2P networks. Japanese studios, which had previously turned a blind eye to the practice presumably because it helped to build buzz for a release, are now sending cease and desist letters to some fansubbers. Sales of Japanese anime DVDs are flat:

…sales of DVDs–which amount to about 5.7 million copies a year, according to internal industry estimates–are holding steady or dropping. Companies worry that the easy prerelease availability of fansub versions means that the otaku class has already seen their products, and no longer need to buy anything but the must-haves.

The result has been growing anxiety in the industry, although little in the way of direct action. Anime distributors don’t have the financial resources for protracted copyright lawsuits, and for the most part, the fan communities are diligent about pulling down titles once they are licensed for distribution, leaving American companies diminished ground for legal action.

Why blogging matters to your business and your IT is an interesting article by ZDNet’s David Berlind. The article is based on an interview between the reporter and UserLand Software CEO Scott Young. They talk a lot about how much knowledge and value is lost in the corporation by an overemphasis on email:

How many of the e-mails you publish should be stuck in e-mail? How many times have you caught yourself deliberating over who should see it and who shouldn’t? Why should that be the burden of people who are creating valuable information? The burden to get a report done or to summarize a meeting, or to register your thoughts within a collaborative environment before the project moves on to the next milestone is absolutely the burden of the publisher. But when merged with the notion of subscribing, there’s no reason that the people can’t bear the burden of tuning in themselves. Call it good listening skills. Not only that, it creates an environment where people that you never envisioned tuning in start to tune in, which leads to more knowledge sharing and, hopefully, more informed decision-making.

A very good summary of the benefits to business of adding blogs to their workflows. There’s even a podcast – an MP3 of the actual interview, and the article itself gives the timecodes of the podcast so you can easily move to a section of interest. Very well done. (The subject of this post is from a quote in the article. Great line, wish I could take credit for it.)

I will ruin the ending of a fantastic piece by Sun’s Jonathan Schwartz:

The simplicity of blogs, the convenience of pervasive networks, and an explosion of new content sources – as a combined force, is radically underestimated. And not for its impact on the publishing industry, in specific, but on any industry that finds competitive advantage in the latency of information, or in complexity. From national security to the whole IT industry. Simplicity can be a sustainable competitive advantage. It’s becoming more obvious by the day.

It’s a must read article…

Via Slashdot:

Apparently a charity called Cops On Top is climbing Kilimanjaro as a memorial to the late Officer Isaac Espinoza of the SFPD. That in itself is pretty amazing, but the /. amazing thing is that they are AudioBlogging the whole thing via Satellite Phone by calling to an audioblogging site and having their MP3s automatically posted to their dasBlog (open source blogging system) at www.copsontop.com/climblog. Cool stuff. Their latest blog post is at 15,500 ft.

These guys are audio blogging using the very fine AudioBlog tool which we demonstrated on BlogHarbor here. Nice work, Audioblog.com!

Debbie Weil has made an interesting PDF available called Beginner’s Guide to Business Blogging. She’s going to make it free for 15 days only, so get it while it’s hot.

Pew Internet & American Life Project released a report called The state of blogging, where they note the following:

• 8 million American adults say they have created blogs
• blog readership jumped 58% in 2004 and now stands at 27% of internet users
• 5% of internet users say they use RSS aggregators or XML readers to get the news and other information delivered from blogs and content-rich Web sites as it is posted online
• 12% of internet users have posted comments or other material on blogs
• 62% of internet users do not know what a blog is.

Click here for their report, downloadable in PDF form.

Kathy Biehl ‘s Bloggers Beware: Debunking Eight Copyright Myths of the Online World:

• It’s okay to use anything that doesn’t have a copyright notice.
• It’s okay to use anything that’s online, because if it’s online, it’s in the public domain and up for grabs.
• It’s okay to use anything as long as I’m not making any money off it.
• It’s okay to use anything as long as I give credit.
• It’s okay to use anything as long as I include the creator’s copyright notice.
• It’s okay to use anything as long as I take it down when the copyright holder objects.
• It’s okay to use something if I can’t find the copyright holder.
• It’s okay to use something if I asked for permission and didn’t get a response.

All bloggers should read this article!

BusinessWeek writes in Let a Million Videos Bloom Online: Following in the footsteps of text blogs, video blogs are starting to take off on the Internet. This new form of grassroots digital media is being shepherded along by groups of film makers and video buffs who started pooling publishing tips and linking to each other in earnest this year. The results are astonishing, downright funny, and sometimes puzzling. However you describe it, the new video blogs, or what some call vlogs, are compelling in the creativity they’re unleashing and the changes they could bring to the media status quo.

Guess I shouldn’t be surprised; maybe suprised that we haven’t seen it sooner. From the iPodLinux Project:

So far, we have successfully ported a customized uClinux (http://www.uclinux.org) kernel to the iPod, and written a simple user interface for it dubbed podzilla. Many additional Applications have been written, adding many capabilities not found in Apple’s firmware.

Our bootloader allows for you to choose between either iPodLinux or Apple’s firmware each time you turn on your iPod. iPodLinux is currently safe to install on 1st, 2nd, and 3rd generation iPods. We are currently accepting Donations towards the purchase of a fourth generation iPod for us to test with. Fourth generation iPods including the click wheel, mini, U2, and Photo are NOT currently supported.

A dual boot Linux iPod… Now when your buddy starts showing off his iPod Photo, you can boot up your 2G iPod with Linux and say, Yeah, but yours doesn’t run Linux does it?