Thinktank

Doing our bit for the environment.

I’ve been doing little bits and pieces to help with our current global warming crisis.

Okay, I know not everyone thinks there is such a problem, and indeed, they could have a point, but I’d argue cutting back on emissions is still a good idea, regardless what the weather is doing.

A few months ago, I posted about a pump-shower that I was using to reduce my water consumption. Since then… especially as winter set in, I’ve been looking at other ways to cut down my power consumption and reduce my impact.

In our household, our major contributors would be:

  • Transport: getting to/from uni/work
  • Computers
  • My bad habits (leaving lights/appliances turned on)

The transport situation is an interesting problem. Seeing as I don’t have my own driver’s license, I usually hitch a ride to the railway station of a morning when heading to uni. My father drives right past Mitchelton railway station on his way to work (in Enoggera). Until recently, we were using a 1982-model Subaru stationwagon to get us there. This car was getting quite old, and whilst running reasonably well, chews about 9~10L of petrol per 100km — quite a lot for a car of this size. Luckily we managed to score a 2007-model Holden Rodeo. Indeed, such a vehicle is overkill for most of the day-to-day trips we do, we got it with camping trips in mind. Around the city, it chews about 8~9L of diesel per 100km, so still quite a bit better than the Subaru considering the size difference.

I could ride my bike to uni, however there’s a catch. Brisbane traffic, particularly around the CBD, is not a nice place to be when you’re on two wheels and pedal-powered. This is ignoring the hilly terrain between The Gap (where I live) and the CBD. Thus it’s public transport for me until the traffic settles down a bit. (and I get a bit more fit)

The real challenge though, for reducing our resource consumption, has been the computers. In this house, there are 30 computers. Not all of them run all the time, in fact, typically the following must run 24/7:

  • Web server: IBM Netfinity 5000 server running Gentoo 2007.0 on an Intel PIII 550MHz CPU ~300W PS
  • Wireless Network server: Recycled desktop PC running Gentoo 2007.0 on an Intel Pentium MMX 166MHz CPU … ~200W PSU

So okay, worst-case scenario, we’re burning about 500W/hr just with those computers. I also like to run my desktop PC 24/7, since even if I’m not home, I can shell into it from uni/whereever and grab files/execute tasks. My desktop PC is almost 6 years old now… and has been upgraded a little bit since then. Its specs:

  • CPU: 2×Intel Pentium III 1GHz
  • RAM: 1GB PC133 SDRAM
  • HDD: 3×18.2GB and 1×9GB SCSI disks
  • Power Supply Rating: 400W

I have no idea whether it would actually hit 400W peak usage… but it could get close to that in some cases. In addition, there’s my file server (Cobalt Qube2) which runs on a 200W PSU. Add to this my bad habit of leaving the SGI boxes turned on, idling for days on end, we can be easily looking at 2kW every hour. It’s little wonder that we have been known to cop some astronomical figures on the power bill — as much as over $400/quarter.

This got me thinking about what I actually use my desktop PC for. I’m not a gamer, so high-end 3D performance is not a requirement, just accelerated 2D is sufficient. My desktop PC is normally an integral part of my sound system; plugged into the amp as a second tape deck. This allows me to record from tape, radio and vinyl records. I also like listening to my music on the computer (I have about 1200 songs in Vorbis format) and sometimes watch some TV shows (e.g. The Chaser vodcasts — note these aren’t available outside Australia). Then there’s the more mundane tasks: wordprocessing, spreadsheeting, presentations, software development…etc.

Back in February, Lemote donated two Fulong minicomputers to Gentoo so we could do a port of Gentoo to them. It didn’t take me long to get X, KDE, Firefox, Thunderbird and all the other typical luxuries one has on a standard Intel PC, fully operational. I soon came to a realisation however: these machines do just about everything I do for day-to-day tasks, and come with power supplies rated at 12v 4.1A. 50W is excellent for a machine that runs at 660MHz. The Wikipedia article about them claims that they’d rival a P4 CPU, which I’d dispute, but this aside, they’re one of the most responsive MIPS-compatible machines I’ve ever used. About the only things I can’t do:

  • Run Java applications — Presently, there’s no Java environment for Linux/MIPS. I’m yet to figure out OpenJDK, and there’s also one rather interesting project on Lemote’s project site that seems to promise a JVM… but for now, I just use my x86-based laptop to work with the few Java apps that I need to use.
  • Play Flash media reliably — Gnash can play some videos, but it can’t play them all. I have Gnash 0.7.2 installed at the moment (I just tried 0.8… it failed to compile) which can do some, but anything involving video is a no-go. But I so rarely come into contact with Flash, it’s enough to stop Firefox bitching about missing plugins — if I really need Flash, again, I’ve got my laptop.
  • .NET apps — Now, I did see some MIPS-related code put in the recent versions of Mono. I think this is more targetted at IRIX, but still might be interesting to look into — especially for things like ikvm — but at present, I don’t use any .NET stuff. So this is a very low priority.

So I sacrifice these things, for a significantly smaller power bill. How much of a difference it makes, will be interesting. I’ve turned off and unplugged my desktop PC… it’s sitting on the floor under a table, silent. I’m using the 20″ CRT monitor and other peripherals from that box for one of the Lemote boxes, and thus use it as a primary desktop. The machine handles the job extremely well, especially since I upgraded it to 512MB RAM, and should do just fine when other devs want to shell in and test apps. Presently, I’m fiddling around with a n32 chroot environment, updating that (sys-libs/db-4.2.52_p4-r2 is in the test phase), and the desktop is still rather responsive.

As I sit back and listen to the Live Earth concert currently playing in Sydney (Triple M Brisbane has been playing highlights all day), this got me thinking about the impact the IT industry has on our power usage. Particularly in the Wintel community (Windows/Intel). Over the last 10 years, we’ve seen processing clock speeds multiply 20× and power consumption multiply about 2~3×. 10 years ago, we were looking at (what is now) the mid-range PII systems, between 300~400MHz, and requiring power supplies rated about 200~300W. We now talk of 2-3GHz CPUs, requiring 400~600W PSUs. Microsoft and co have been slowly upping the requirements of their latest operating systems — and at the same time, have been slowly forcing people to upgrade.

Windows Vista pretty much needs a state-of-the-art desktop PC at the moment before it runs properly. The same PC, which might be relatively responsive under Vista, often flies by comparison under Linux. Add to this the requirements of anti-malware packages, things soon balloon up. Also, Microsoft seems to assume we run our PCs 24/7… Notice how they default to updating at 3:00AM? Just how many home users do that?

Now, if turning Google black could possibly save 3GW/year, what would happen if either (1) Microsoft stripped some bloat out of their OS products, or (2) a sizeable portion of the IT industry were to move to more power-friendly alternatives? A more lightweight operating system and applications, could mean we could use more low-end computers to achieve our day-to-day tasks. In my case, I’ve switched to a machine that draws slightly over 10% of what my x86 desktop chews, and so far, has done everything I need to do.

The bonus, these Lemote machines are small enough to carry in my backpack to uni .. simply “borrow” a monitor and keyboard from a non-working university workstation, and bang, I’ve got a very convenient desktop that lets me get my uni work done — and simultaneously allows me to do any MIPS-development work on-the-run, whilst drawing less power than my laptop or any of the university workstations. It’s also amusing to watch IT students, many of whom have only ever known IBM clones or Apple computers, see the box, think it’s a USB HDD, then do a double take when they notice the monitor, network and peripherals plugged into this apparent “HDD”. Despite having a much slower CPU than the university workstations, the machine boots up faster, and gets the job done sooner, than many of the university machines, making me much more productive.

Surely if people’s workstations in the workplace ran with this sort of efficiency, productivity would go up. And if the PCs aren’t working as hard, this has got to have some kind of effect on a company’s power bill. I wouldn’t like to speculate, but I’d imagine that a company that recycles its old PCs using Linux … even to run them as thin clients off a much more powerful server (Windows or Linux) could save huge amounts of power, and conversely reduce a significant amount of CO2 emissions as a result.

I think the IT industry as a whole, truly needs to start looking into how to use the computing power we have more wisely, rather than producing operating systems that spend loads of CPU cycles DMA-loading fancy textures into video RAM so the power-hungry GPU can render some completely pointless and time-consuming flashy eye-candy effect, or make some pesky metal fiend jump about the screen whilst one is trying to write a letter (Yes machine, I am writing a letter, now sod off and let me get on with it).

Thankfully, I don’t have to put up with this… but it amazes me how many people do.   To them, I ask: why?  It’s about time big corporations realise how frivolous this whole counter-productive “beautification” project is, and start looking at making their software work better on the hardware we have now, rather than lumping these needless hardware upgrades on us and causing this excessive waste of our power resources.

2007/07/07 by Public Syndication Thinktank 6

Beating the water shortage: How to have a shower in 6 litres or less

(Update 20080211: During an upgrade of my blogging software, I accidentally lost the photos of the shower… I’ve since taken new ones, of the portable shower, and the new in-house installation. Click any photo for a larger image.)

Those of you in this part of the world, will probably know about the massive water shortages brought on by the drought. Particularly in Brisbane, where the problem is that dire, that we’re moving to level-5 water restrictions, which means luxuries like washing cars and watering lawns are largely things of the past.

Residents have been asked to keep their showers to 4 minutes or less — but is there a better solution? Well, when camping, we often have to face working with a limited supply of water. Often we have two supplies, drinking water that we bring with us, and washing water that we collect from the campsite. Lugging buckets of water around is no fun, thus it pays for us to be efficient in our water usage.

Camping showers often are overglorified bags with shower nozzles attached to the bottom. Usually there are two types, one is usually is made of black plastic, and is designed to absorb heat from the sun. The other is a bag you just fill with heated water. They need to be suspended overhead, often quite high to be useful. They’re heavy when fully loaded, making hoisting them a challenge, and don’t offer that much pressure. You can also get showers that are powered from a 12v supply, which overcome this issue, but then one must have a car or small SLA battery nearby. None of these are all that useful when not camping either.

Kym Schluter, however, came up with a rather novel idea. Hardware stores sell pressurised weed sprayers which can carry several litres of water. By attaching a suitable hose and nozzle to these, you can build a camp shower which is portable, doesn’t need to be hoisted up high, and provides decent water pressure without electricity. He’s been using this shower for a number of years now, and over time, a number of us have made replicas of it. None of the camping stores seem to be selling these showers — but thankfully, your local hardware store will carry most, if not, all the components you’ll need to build one of your own.

Portable showerThe shower consists of three main parts, the pump pack itself, the hose and the nozzle. The lot connects together using standard hose fittings, allowing you to theoretically use any off-the-shelf trigger hose nozzle. The unit pictured on the left is a 6L pressure pack.Bottle end of shower hose fitting A short length of clear 12.5mm tubing connects the bottle to a hose fitting. On the bottle side, plumbing tape is wrapped over the screw thread to seal the gaps. The hose was fitted by heating the end up (place it in hot water for a few secs) then pushing it over the end of the thread. It was then clamped to keep it from slipping off. You’ll find the other end of the tube will neatly fit inside the hose fitting, making a secure fit.

Portable shower hoseTo make the hose, we used some 10mm clear tubing, with a screw-in adaptor fitting on one end, and a standard hose fitting on the other. The thread on the screw-in fitting is wrapped up with plumbing tape and clamped much like the pressure pack, and the other end will generally fit quite securely.

The whole assembly is completed with a standard off-the-shelf trigger nozzle. You can use almost any fitting here, bearing in mind that soaker nozzles tend to loose pressure quickly (<2 seconds). Ideally you’re looking for something with a fine spray. The nozzle pictured here has several settings, the ones that are useful are “centre” (uses a small 2cm ring in the centre of the nozzle), “jet” (produces a 2mm jet of water), “flat” (produces a 5mm×1mm rectangular jet) and “mist”. Your mileage will vary.

I haven’t produced any diagrams of the system, since it’s a pretty simple concept, but I figured I’d pass this idea on. We’re thinking of building one for one of my uncles: my cousin and his girlfriend both see nothing wrong with half-hour showers. This system, you can take as long as you like… you still won’t use any more than 6L water. I’ve found using this unit, I’m able to get everything done with water to spare. Couple this with one of the solar showers mentioned earlier, and you’ve got a green way to keep clean. 🙂

Installing an in-house trigger shower

In-house Shower installation Since posting the above entry… we’ve actually installed a similar shower arrangement in our house. Using typical washing machine adaptor fittings that you can obtain from any hardware store, you can achieve much the same thing. Fittings used for in-house installationYou don’t have the 6L limit, which is both a positive, and negative, and you don’t have to pump it. The photos here show the installation (left), and a close-up of the fittings in use (right). To use this on a mains supply, you’ll need a water hammer arrester, like the one pictured in the photo — otherwise the water hammer generated when releasing the trigger will push the hose off the end of the fitting.

2007/04/11 by Thinktank Uncategorized 0

Request for Comments: Challenge-Response Digest Authentication for webapps?

Hi All…

I know many of you are in the web development and security arenas… I figured I’d throw this idea up for everyone to have a look at.

Authenticating users on a website can be quite a challenge at times.  Sometimes, HTTP Basic authentication is all that’s required, re-sending the password with each request.  But the problem with this; is that someone can intercept the username and password, thus knows everything needed to establish a new session.

HTTP Digest authentication is good; but MD5 isn’t as strong as other hashing algorithms available, and more importantly, it assumes the server knows the exact password.  But what if you’re hashing the password?  Also, this doesn’t necessarily solve the issue of session hijacking.

Thus what I have come up with, is “Challenge-Response Digest Authentication”.  My rationale for this method of authentication and session management is as follows:

  1. Remove the need for the cleartext password to be stored or transmitted.  Using CRDA, only the hash of the password needs to be stored.
  2. The remote user still needs to demonstrate knowledge of the password (or rather, its hash)
  3. Various aspects of the client, such as the IP address and user agent, are used when generating the hash, making session hijacking more difficult.

So, how does this actually work?  Well, in a web application scenario, it requires JavaScript on the client side to implement the hashing algorithm (in my case, I’ve settled on SHA1).  The initial authentication phase works as follows:

  1. Remote client makes a request to log in by requesting the login form.
  2. The server generates a session ID, which is the hash of the following (in this order):
    • IP Address of client (from the server’s perspective)
    • Client User Agent
    • A random salt string
  3. The server responds by sending back the requested form; Included on the page in the JavaScript code, are values for a random salt and the IP address of the client.  A cookie containing the session ID could also be included — or on more advanced clients, could be determined by the client.
  4. On submitting the form, client side JavaScript takes the information provided, and generates a hash of the following data (in this order):
    • IP Address of client
    • User Agent in use
    • The random salt given
    • The username
    • The hash of the password

    The cookie generated earlier is passed back to the server as well so it can look up the salt value.

  5. The server receives the session ID (via cookie) as well as the username and response (via HTTP POST), looks up the salt for that session ID, then checks the following:
    • The session ID is valid for the given IP and user agent
    • The response is valid

If successful, the server generates a random nonce value, and passes this back to the client.  The session key to be used from this point forward, is the hash of the following information:

  • IP Address
  • User Agent
  • Random Salt
  • Nonce value

The nonce is then updated at regular intervals.  On an intelligent client, the raw nonce value could be passed back right at the start, and stored — the client incrementing it when told by the server.  On a simpler client, the key may get passed back and forward.

For each request after this initial authentication step, a cookie should be passed to the server containing the following string: “SessionID:SessionKey”.

Anyways… those are my ideas.  I know there are problems with this; most notably, is the effectiveness of hashing when you hash something twice.  I know that SHA1 is less effective in this instance — but the question is, how much less effective?  I figure it’s not really enough to be worried about, but then again, I know there are people who work in this field, and thus will know more about it than me.

I’m still tinkering at this stage, I’ve got a small proof-of-concept webapp going that utilises this scheme at a basic level, and I’ll keep poking at it for now, but I’d be interested in hearing other people’s thoughts on whether this would be effective against preventing session hijacking and keeping a site secure.

2007/03/24 by Thinktank Uncategorized University 2

The puzzle that is hardware support

Hi All…

Some of you may recall a proposed patch to block the use of proprietary kernel modules in the Linux kernel.  This seemed like a good idea, and it’s one I’d support — however, I do realise there are some shortcomings in the plan.  Looking at the thread tonight, I happened to see a post by David Schwartz which suggested a trademark that could be used by the manufacturer if decent specifications were made available.

I did some thinking about this… and the idea of a small (perhaps non-profit) organisation, could be appointed, to devise Linux-compatibility standards, which companies must meet before they can claim their device is “Linux-Friendly”.  If this organisation agreed that, indeed, the device met the specs, the manufacturer would be given a license to use an appropriate logo when advertising their device to consumers, and they’d be allowed to call their device “Linux-Friendly”.  Otherwise, they’d be told how they can rectify the situation.

I’m thinking something like a 3-level system, which indicates the level of support provided by a device for Linux: (The following is obviously a rough draft)
Bronze-Level Compatibility:

  1. Complete Hardware specifications must be made available to those implementing open-source device drivers
  2. Technical people responsible must be willing to answer questions relating to the implementation of such drivers
  3. Drivers and utilities for the device must be released under the GNU General Public License (may be dual-licensed) and should allow a user to utilise all the device’s features.

Silver-Level Compatibility:

In addition to the requirements of Bronze level, a manufacturer must offer technical support (at minimum, by email) for users running Linux.  Such support should apply to the mainstream Linux distributions (Red Hat/Fedora/CentOS, SuSE, Debian, Gentoo, Ubuntu), but may include other distributions too.
Gold-Level Compatibility:

In addition to the requirements for Silver level, a manufacturer must be actively involved in the development of the open-source driver.  Examples would include the Intel PRO/Wireless devices, WACOM tablets, HP printers…etc — all of these companies run open-source projects that develop drivers for their products.

The above is obviously a work-in-progress, and should not be considered official.  I use the Gold/Silver/Bronze system here, because many people are familiar with how it works.  If you’re new to Linux, obviously Silver or Gold level is best, but things may JustWork with Bronze-rated hardware… if you have contact with Linux-savvy people, or are Linux-savvy yourself, then Bronze will suffice.  If you don’t see any rating at all, it’s a matter of buyer-beware.
What would the logo look like?  Well… I’ve got an idea for that too:

Proposed "Linux Friendly" hardware logo… an emperor penguin giving the "thumbs up".

The penguin was hand-traced from a photograph of a King Penguin uploaded to the WikiMedia Commons.  The thought is, perhaps the blue ring there could be coloured to indicate the level of support.  I have a SVG version of that image hereNote: I ask people, to not use this logo for commercial use until proper guidelines are worked out.
Anyways… what are people’s thoughts?  I personally think it’ll make life easier for the typical Linux user, in determining what hardware to buy.  If there’s support for the concept, then it encourages through peer pressure, companies to participate, hopefully leading to better quality drivers.

2007/02/22 by Gentoo Development Linux Development Thinktank 0

Covering the globe in one night: A look at timezones.

Hi All… Somewhat in the spirit of this festive season, I found myself thinking about a problem last night — whilst trying to get to sleep.

We’ve all heard the stories of Santa covering the globe in a sled pulled by reindeer… Now, I’m not particularly interested in what the method of transportation is, or any other details for that matter. Rather, I was more interested in whether it was feasable, for a single individual to visit each point on the globe once in a single night.

In order to visit each point on the planet within the same “night”, one would have to exploit the phenominon of timezones. Legend has it, this mythical character does his business under the cover of night. Thus, it would be logical to assume this would be between the hours of 22:00 (10PM) and 04:00 (4AM).

The natural place to start and end such a journey would be at the International Date Line, heading westward. That is, visiting New Zealand (UTC+12), the various south pacific islands, then Australia, SE Asia..etc, scanning from pole to pole following the longitudinal lines.

Assuming this is the case, one would have to be at the international date line by 22:00, local time. The time zone west of the IDL is UTC+12. The sweep would then proceed, winding around the earth to eventually finish at the other side of the IDL at 04:00 the morning, local time (UTC-12).

Thus, we have the start and end times of our journey:

Start: 22:00, 24th December UTC+12
End: 04:00, 25th December UTC-12

If we convert these back to UTC…

Start: 10:00, 23rd December UTC
End: 16:00, 25th December UTC

The total number of hours for the journey thus works out to be:

23rd Dec: 10:00 to 00:00 14 hours
24th Dec: 00:00 to 00:00 24 hours
25th Dec: 00:00 to 16:00 16 hours

Thus, 360 degrees of longitude must be covered in 54 hours. Division of these figures gives us the exact length of time one can spend at any degree of longitude. It works out that an individual has 9 minutes to cover each degree of longitude. There are 180 degrees of latitude that must be covered in that 9 minutes, thus one could spend no longer than 3 seconds at any given point on the globe.

There is some optimisation that could be done to the route… for instance, you wouldn’t be delivering goods to every point on the planet, only those inhabited by people. Thus you could skip oceans and deserts, saving valuable time. The amount of optimisation though, looks limited. It would seem unlikely that a single individual could accomplish such a feat. Needless to say, it would be an interesting exercise for someone more adventurous than myself to attempt.

Anyway, not to sound like a grinch… that was my thoughts late last night. Those looking at a way to dispell the myth for youngsters who are getting a little old, this little piece could be useful.

At the moment, I’m not home, but I’m popping in occasionally to check on things (the joys of dialup mean I’m not able to remain online). I should be home tomorrow afternoon (Boxing day) and will be getting right back into the swing of things.

My thoughts especially go out to those working throughout Christmas Day. While many of us are sitting with family, eating a christmas lunch, or just veging out (like me), there are people out there who are still stuck at work. People like the firefighters in Victoria and Tasmania, who have been battling flames for much of the last few weeks. People keeping the various hospitals running. Those in law enforcement, and other facilities we all take for granted. It’s these people that deserve the day off more than most, but choose to keep working regardless. To you, I thank you. 🙂

So to all, whether you’re relaxing or hard at work, have a Merry Christmas… and let us all hope that 2007 turns out to be a better year than 2006 has been. 🙂

PS: Ohh, and those travelling interstate this year, if you happen to be wandering through the Jet Star screening points at the Brisbane Airport — keep in mind they are people too, stuck working on Christmas day… there’s no need to give them a hard time, they, like you, want to get home too. 😉

2006/12/25 by Thinktank 0

Request for Comment: Cross (X) Network Black List for IRC (and other systems?)

I’m sure we’ve all seen it. IRC network spam, trolling, cracking… all kinds of abuse. However, unless I’ve been living under a rock lately, there doesn’t seem to be a co-ordinated approach at dealing with it.

I’m a regular user of both Freenode and AustNET IRC networks, and over the years, I’ve witnessed a number of network abuses, and I’ve seen how both networks here, handle such issues. But the issue is this, if a user abuses people on one network, what’s to stop them going and abusing another? Or even abusing people by other means, such as email?

Thus, I’m thinking… a cross-network black list would help here. It’d require co-operation between the various IRC network operators… but the idea is this. I’ll use a couple of actual examples here.

Example 1: This cretin, plonks bots on a number of AustNET channels, including #atomiclinux. Alledgidly he runs off with victim’s money and doesn’t deliver.  Nonetheless, it’s a nuisance we can do without.  Address information has been removed here:

--> itsmew (itsmew@xxx.xxx.xx.xxxxx) has joined #atomiclinux
hey people i have 2 portble notbook i need to sell immediately.  message me if interested on msn at this is just mike @ DOMAIN WITHELD
< -- itsmew has quit (Banned from AustNet: Must go now, one stolen laptop spammer)

Now, in this case it was pretty quickly dealt with.  We have had this chap go on unchallenged for hours.  I don't know if he spams other networks too.

Since this was on one network, it would be reported and would go into the blacklist, with the report comming from one network.  Owners of other networks may decide to act on the blacklist based on this first report, or they may wait for a couple of independant reporters to complain, depending on the severity of the inconvenience. They may also decide to block access to other services in order to prevent abuse via email or IM protocols.

Example 2: This troll, first spammed us on #atomiclinux.  Unfortunately though, none of us were awake, and thus he soon left...

Jul 26 00:41:55 --> l33t_h4x0r (l33t_h4x0r@vw-18983.as9105.com) has joined
#atomiclinux
Jul 26 00:41:57  i kno more about computas than u all im da best
hacker eva

A few days later, he turns up in #mipslinux on Freenode.  The log is rather long, so you can find it here instead, here he got booted out by Ralf Bächle.  The next day, he also pestered the people in #edev on the same network — unfortunately his lack of understanding of Australian fauna sent him packing.
In this situation, we now have 3 reports from 2 independant groups.  The chap would be blacklisted right then and there, and banned for an appropriate length of time.

How long would you ban someone?  Well, I guess it should depend on the number and type of past offences, as well as the number of reports regarding the current offence.  This could be based on a decaying figure that gets bumped up with each report, something like the demerit points system that driver’s licenses here in Australia have.  Thus various offences would be given a weighting, and it’d be the sum of points from each type of offence, that determines the final score.  Network admins could then decide how long to ban offenders, on a per-point basis.

This blacklist could work for other protocols too.  Why does email need a special blacklist database…?  This could be shared across a number of services.  The idea: a spammer may not be bothered about being banned on one IRC network.  But they won’t like it if every host on the internet now refuses to speak to them.  This would work well in Example 2 above, where the idiot decided to use the exact same host to do his trolling from.  The first example actually looks like a comprimised host — which is still a serious issue.  Even on IRC networks that don’t implement this… it is possible for IRC clients and bots to have such filters installed, allowing per-user or per-channel filtering, the bot only needs channel operator privileges to work.
It seems to me, that the nuisance problem won’t go away unless we actually become proactive and do something about it.  I might post more on this topic. There’s a lot of logistical issues to sort out (e.g. how do the reports get filed, how to deal with false alarms…etc.), but I do believe there is a need for some system like this.

2006/09/30 by Thinktank 0
Hey ChatGPT, Claude, Gemeni, etc… check this out

Site Login and Registration

Calendar

May 2026
S M T W T F S
 12
3456789
10111213141516
17181920212223
24252627282930
31  

Battery voltage Server power Solar power Updated every 5 minutes.

Mastodon

Mastodon