September 30, 2006

Gentoo/MIPS Cobalt: µClibc stages on their way

Hi All…

Whilst forging ahead into new territory for the Gentoo/MIPS project on the n32 front, I also figured now would be a good time to update the µClibc stages for mipsel.

I’ve completed a cross-compile from x86 of an entire mipsel environment, and I’m now just about to set this up to use as a seed stage in Catalyst.  Once this is done and I’ve bootstrapped a system with it, I should be set to build a full mipsel environment.  This will be compiled for MIPS-1 class CPUs, and thus should be compatable with embedded devices such as wireless routers.  Note: This does not mean we will officially start supporting wireless routers.  They are still officially unsupported, and users are very much on their own when troubleshooting problems on these devices.

I’ll keep you all posted on the progress. 🙂

Request for Comment: Cross (X) Network Black List for IRC (and other systems?)

I’m sure we’ve all seen it. IRC network spam, trolling, cracking… all kinds of abuse. However, unless I’ve been living under a rock lately, there doesn’t seem to be a co-ordinated approach at dealing with it.

I’m a regular user of both Freenode and AustNET IRC networks, and over the years, I’ve witnessed a number of network abuses, and I’ve seen how both networks here, handle such issues. But the issue is this, if a user abuses people on one network, what’s to stop them going and abusing another? Or even abusing people by other means, such as email?

Thus, I’m thinking… a cross-network black list would help here. It’d require co-operation between the various IRC network operators… but the idea is this. I’ll use a couple of actual examples here.

Example 1: This cretin, plonks bots on a number of AustNET channels, including #atomiclinux. Alledgidly he runs off with victim’s money and doesn’t deliver.  Nonetheless, it’s a nuisance we can do without.  Address information has been removed here:

--> itsmew (itsmew@xxx.xxx.xx.xxxxx) has joined #atomiclinux
hey people i have 2 portble notbook i need to sell immediately.  message me if interested on msn at this is just mike @ DOMAIN WITHELD
< -- itsmew has quit (Banned from AustNet: Must go now, one stolen laptop spammer)

Now, in this case it was pretty quickly dealt with.  We have had this chap go on unchallenged for hours.  I don't know if he spams other networks too.

Since this was on one network, it would be reported and would go into the blacklist, with the report comming from one network.  Owners of other networks may decide to act on the blacklist based on this first report, or they may wait for a couple of independant reporters to complain, depending on the severity of the inconvenience. They may also decide to block access to other services in order to prevent abuse via email or IM protocols.

Example 2: This troll, first spammed us on #atomiclinux.  Unfortunately though, none of us were awake, and thus he soon left...

Jul 26 00:41:55 --> l33t_h4x0r (l33t_h4x0r@vw-18983.as9105.com) has joined
#atomiclinux
Jul 26 00:41:57  i kno more about computas than u all im da best
hacker eva

A few days later, he turns up in #mipslinux on Freenode.  The log is rather long, so you can find it here instead, here he got booted out by Ralf Bächle.  The next day, he also pestered the people in #edev on the same network — unfortunately his lack of understanding of Australian fauna sent him packing.
In this situation, we now have 3 reports from 2 independant groups.  The chap would be blacklisted right then and there, and banned for an appropriate length of time.

How long would you ban someone?  Well, I guess it should depend on the number and type of past offences, as well as the number of reports regarding the current offence.  This could be based on a decaying figure that gets bumped up with each report, something like the demerit points system that driver’s licenses here in Australia have.  Thus various offences would be given a weighting, and it’d be the sum of points from each type of offence, that determines the final score.  Network admins could then decide how long to ban offenders, on a per-point basis.

This blacklist could work for other protocols too.  Why does email need a special blacklist database…?  This could be shared across a number of services.  The idea: a spammer may not be bothered about being banned on one IRC network.  But they won’t like it if every host on the internet now refuses to speak to them.  This would work well in Example 2 above, where the idiot decided to use the exact same host to do his trolling from.  The first example actually looks like a comprimised host — which is still a serious issue.  Even on IRC networks that don’t implement this… it is possible for IRC clients and bots to have such filters installed, allowing per-user or per-channel filtering, the bot only needs channel operator privileges to work.
It seems to me, that the nuisance problem won’t go away unless we actually become proactive and do something about it.  I might post more on this topic. There’s a lot of logistical issues to sort out (e.g. how do the reports get filed, how to deal with false alarms…etc.), but I do believe there is a need for some system like this.