Posts

Posted on

XP SP2’s Data Execution Prevention and Performance Hits

Did you notice a severe performance decrease after having installed Windows XP SP2? You’re not alone. Unfortunately, I lack the time for an in-depth performance comparison of XP with and without SP2. So I just ran the demo benchmark of 3DMark2001, once with SP2’s new Data Execution Prevention (DEP) enabled, once disabled (I rebooted my box before running each test).

3DMark2001 results on my box (higher values are better; the absolute values don’t matter here unless you’re interested in the absolute 3DMark2001 performance of a Toshiba Portégé M200 with 768 MB of RAM):

XP SP2 with DEP disabled (AlwaysOff): 4601
XP SP2 with DEP enabled (OptOut OptIn, i.e. the default setting for SP2): 3299

Oh my! I did expect a performance decrease, but not such a big one! And it’s even a 3D benchmark (“normal” application benchmarks might even show worse results for DEP)! So, according to these measurements (don’t quote these measured results please; they’re statistically not significant as I haven’t measured a series of test-runs, only one run per test), enabling DEP (enabled by default after installing XP SP2) results in almost 30% lower 3DMark2001 performance! It’s your choice whether the improved security of your box is worth this huge performance hit. For a server it might be (it’s still alarming though), but for my M200 TabletPC, it definitely isn’t. If you like to disable it too, here’s how to do it:

1. disable write-protection of c:\boot.ini (see the properties dialog)
2. in c:\boot.ini, replace “/NoExecute=OptIn” by “/NoExecute=AlwaysOff” using a text editor (e.g. notepad)

Further details about how to enable/disable DEP on a per-application basis are explained on this page at microsoft.com.

PS. Note that a similar execution protection for Linux, Ingo Molnar’s exec-shield, affords a performance decrease of a few percents only. I really wonder how MS managed to burn that many clock cycles..

Posted on

312 clicks

this was the most massive blogspam attack i ever experienced: within the last two days, this site was hit by 87 blogspam comments! which equals 87 * 3 + (87 \ 5) * 2 = 312 clicks just to get rid of them again through moveabletype’s admin interface[1]. sheesh.

for spammers, blogspamming is even easier than e-mail spamming as so far, none of the currently available blog apps offers a convincing way to deal with this problem (and it’s more effective too – people trust google’s page ranking more than a filthy e-mail spam message).

* ip based blocking doesn’t work as ips are spoofed anyway (yes, i verified it)
* content-based blocking only works in few cases – the comments i had two delete were full of intentional misspellings to circumvent any blacklist-based filtering approach.
* disabling direct links: might work in the longterm, but at the moment, spammers obviously don’t care (my site doesn’t allow direct links and yet it was spammed. they don’t even seem to have checked the site prior to spamming). reason: so far, too few blogs use such a feature – and those few don’t count when mass-hammering thousands (or millions) of blogs.
* renaming comment-scripts. this site is proof enough that this approach is not effective either.
* requiring posters to decipher distorted signs/numbers/words. might work but can be circumvented as machine character recognition improves. use questions/phrases instead? mostly annoying for real humans, not computers.
* disabling anonymous comments or requiring users to register at a central registry. might work as long as there aren’t any spammer scripts to create fake accounts prior to spamming. a matter of time only. and a blog is supposed to encourage a spontaneous public discussion, right? a classical trade-off between free access and control (analogous to e-mail spamming).
* moderate all posts or those with more than # links. doesn’t really fit the idea of a low-barrier communication media (i smell censorship). takes too much time in general and particularly for things like filtering spam you don’t want to spend much time for. basically just a human spam-filter, not a wise approach. prevents any spontaneous discussion.
* distributed (almost) real-time blacklisting based on comment fingerprints/hashes. one measure that might work (unless they use randomly generated characters). it’s what works best against e-mail spam (based on my experiences as a user of spamassassin). note the word “distributed”. distributed problems tend to require distributed solutions as else one usually runs into scalability troubles pretty soon.

nevertheless i’m optimistic that sooner or later {e-mail|blog}spamming will be a thing of the past. it’s on everybody’s radar now :>

eventually i should give mt 3.01d or 3.1 a try. or migrate to wordpress which doesn’t seem to be a high-profile target atm..

anyway.. happy “1st of august” (swiss national holiday ;)

[1] instead, using sql queries through phpmyadmin or the mysql console is suggested. not feasible for joe average bloggers however.

Posted on

JBoss and JOnAS on Gentoo, Debian and SuSE

Gentoo 2004.1:

* emerge jboss. Note that the directory layout of JBoss on Gentoo differs from most other distros’ and JBoss’ official layout (you’ll thus need to adjust a couple of ant variables to make the examples work).
* There isn’t any ebuild for JOnAS yet. Install it manually or – better – write an ebuild.

SuSE 9.1 (Professional):

* There are rpm packages both for JBoss and JOnAS. Rpmseek: JBoss and JOnAS

Debian Unstable:

* apt-sources for JBoss
* There aren’t any apt-sources for JOnAS. Create your own deb of JOnAS and become a package maintainer.

Posted on

Virtual wanderlust

Currently my favorite radio livestream: Mountain Apple Company (home page). Add the web-cam of your choice, e.g. Maui Sheraton Resort, Ka’anapali, Maui Westin Resort, Ka’anapali, Charley Young Beach, Kihei, Napili Bay, Napili.. etc., mix a Blue Hawaii or a Pina Colada and enjoy a virtual sea breeze of holiday feeling on a rainy working day in Switzerland (or anywhere else as rainy as Switzerland).

Not the real thing, but better than nothing :/

Don’t like it? Just choose another virtual wanderlust destination..

Posted on

Hellas and Jimmy Jump

Greece defeats Portugal 1-0 in the Euro2004 finals and is the new football champion of Europe! Kudos, they really deserve it (although I strongly favor offensive instead of defensive football tactics)! Good team-play, excellent tactical discipline, very high efficiency, a strong will and yet very likeable modesty. And of course ‘König Otto’ Rehhagel, a clever and talented coach! What a nice “forward pass” for the upcoming Olympic games in Greece!

Embarrassing situation during the finals for the organizers of the Euro2004: A man known as Jimmy Jump managed to break the (obviously weak) security barrier and run onto the field. Imagine what could have happened if he wasn’t just out for harmless fifteen minutes of fame..

[Update 20040707: Those who came here searching for “Jimmy Jump”, “Jimmy Jump video” etc. etc.: See the comments below for some more information.. feel free to post other resources in the comments section too]

BTW I’d wish the Swiss football team had some lessons in Greece ;) For the future, particularly with regard to the World Cup 2006 in Germany and the Euro2008 in Switzerland and Austria, I hope the amateurish top-management of SFV will be forced to resign soon, and Christian Gross be nominated as the new coach to replace Köbi Kuhn (the first will eventually, the latter probably not happen – unfortunately). Roger Federer, who successfully defended last year’s victory in Wimbledon today, did a much better job than “unsere Nati” :)