Got to Kyoto yesterday all right. Got only a couple of hours sleep the night before, dragged myself out of bed at 5:20am and headed to Taipei CKS International Airport. Found out they opened the new D wing of Terminal 2 when I got the boarding pass. I’ve started flying EVA instead of United Airlines since on UA you have to connect through Tokyo Narita to go anywhere. I’m not even silver in EVA’s membership yet, but my Diners Club card gets me into their lounge free, so not a big deal. Anyways, the flight was uneventful, though the immigration line at Kansai Airport was about 40 minutes. When going through customs the inspector was surprised I came from Taiwan not the US. Public transportation is great here, so it was only a few minutes between exiting customs and departing by train to Kyoto. Then in Kyoto transferred to the subway and was at the hotel shortly after.

The area around the hotel is very scenic and nice, though there’s not much out here besides the convention center, hotel, and a bunch of parks. So there’s not much to speak of in the way of dining or shopping options here. But the subway gets you to most of the city pretty easily. Weather here is pretty chilly at just above 0 celsius, so adequate clothing is necessary.

Last night hserus had plans to meet up with his friend shradha who has lived in Japan for several years. He invited me and his friend thaths to come along. Turns out that thaths used to work with my friend jam1esp1ark back at Netscape. Small world. After many adventures we finally ended up along Shijo Street in downtown Kyoto and shradha took us to a nice Japanese restaurant with a wide variety of different foods. We had stuff like edamame, agedashi tofu, radish salad, takoyaki, marinated beef, sashimi, etc. To wash things down we had a wheat sake and later moved on to Suntory Beer. Anyways, it was a fun time.


There’s been a lot of talk about Kyoto this week, which is kind of confusing. I’m actually going to the city of Kyoto next week. So it’s annoying that people are going around using Kyoto as some kind of shorthand for the cure to global warming. I’m sure it’s an honor and all to name such an important agreement after an historic Japanese city. But that city still exists. So please, at least call it the Kyoto Protocol, Kyoto Treaty, or Kyoto Accord. Or at least something other than just plain Kyoto. Thank you.

Cold over, dislocated thumb?

Today I woke up with no more congestion, no more itchy throat, no more cough. Yay, so that’s pretty much over with.

However, my left thumb has been acting up lately. For the past four days I will wake up with my thumb sore and when I try to move it, it makes a strong popping noise, kinda like when you crack your fingers. Is it possible I’ve dislocated it? Pulling on the thumb a few times makes the popping go away, and the soreness goes away after about an hour after waking. Weird.

Newma Newma

For those who haven’t clawed their eyes out after watching the previous Numa Numa video, there’s an updated version of Numa Numa Dance at Newgrounds or if you don’t like tons of flashing crud in the browser, click on the direct link to the flash.

For those who actually like the song, it’s real name is Dragostera Din Tei by Haiducii/O-Zone. If you’re really addicted to it, there’s several versions up in the iTunes Music Store, including some really horrid English versions.

Delousing a windows box

Maggie’s coworker’s son got his Windows XP box 0wn3d quite well recently and they asked me to come take a look at it and fix it up. He had been running XP SP1 and had only a couple of additional patches installed, so it was pretty ripe for the picking. He didn’t want to upgrade to SP2 because he was worried it would make his computer too slow. He *was* running an Norton anti-virus, but still got loaded up with spyware, adware, clickbots, trojans and ratware. Why anti-virus stuff refuses to handle anything except viruses remains a mystery to me. Anti-virus stuff should block ANY malicious software. He was probably being used to send spam too, because his first-hop ping round trip was 2 seconds almost immediately on bringing up the net connection.

Usually to clean up a box I’d run McAfee Stinger, AVG Free Edition, Ad-Aware SE, and Spybot Search & Destroy and that’d take care of things. Not in this case.

I ran McAfee Stinger which was able to find a couple of copies of Korgo in the cache, but they didn’t look like they were active infections. Ad-Aware and Spybot both found tons of malware and AVG found a few, but a lot of it kept re-appearing after being removed. I found that a program called Golden Retriever Cash Back was reinstalling new malware each time. I was able to find registry entries to disable it, and then it was easier to make progress. Ad-Aware and Spybot were able to clean up many of the rest but there were still a few things that they and AVG still didn’t find. So then I went through Task Manager to look at each process name in google and see whether it was friend or foe. The bad stuff I’d kill and then search for their files and registry entries and manually remove it.

The real break-through was finding out about a program called Hijack This. It’s not for the novice, but it was able to find out how some of the stuff I couldn’t find with search were getting invoked and was able to disable them. The ones they couldn’t find were running as winx69.exe, ryhpka.exe, winagent.exe, mcafee32.exe and navprotect.exe. Some of the other malware running that I removed included clfmon.exe, Sygate.exe, elitevcy32.exe, pwn.exe, mssce.exe, msfwel.exe, gamma.exe, jah.exe, mssw32.exe, istsvc[1].exe. And that’s just the stuff that they could find but couldn’t remove automatically.

All in all this took most of the afternoon and evening on New Years Day (Feb 9). At the end, updated all security patches through present including SP2, and he had a well machine and good network performance again.

I dunno how regular people are able to get rid of this crap when they get infected this badly. The easy to use “click here” software was easily fooled, and several of the infestations were able to elude me for a while. And on top of that, five of them weren’t caught at all by anything except me manually going through Task Manager and cleaning up startup programs.

For those of you who aren’t being careful, here’s some advice:

1) Run good anti-virus software that updates *at*least* once a day. Make sure your mail server uses anti-virus software as well. (I use the pay version of AVG7 and have it set to update every 6 hours. My mail server runs ClamAV and clamassassin and updates every hour.)

2) Have a hardware firewall, or at least a software firewall. (I use a unix box as a firewall, but a USD30 broadband router is usually pretty good as a hardware firewall.) XP SP2’s firewall is getting better, but there’s still better options.

3) Don’t use Internet Explorer. Mozilla Firefox has had much less frequent and less serious security bugs than Internet Explorer. There’s a reason IE has the nickname Internet Exploiter. Whatever you do, make sure popups are disabled and ActiveX is highly restricted.

4) Don’t use Outlook Express. Also avoid Outlook, or at least make sure it is Outlook 2003 and is patched to latest update. The Outlook mail readers make it way too easy for malware to get through. If you insist on using these programs, you must disable the preview pane, and don’t click on any attachments you didn’t expect to come. Even if you get something from someone you know, if you weren’t expecting it, don’t open the attachments until you’ve confirmed that the sender actually sent it.

5) If you get a message from your bank, auction web site, personal payments site, or any other sensitive service saying you need to do something, don’t click on any links in the email. Instead, manually go to their website and see if there’s something there you really need to do. If in doubt, call them up and ask before you do anything.

6) Don’t respond to, or click on any links in any spam messages — messages you did not request from companies you don’t have a business relationship with. Just don’t. They are either gonna rip you off or infect you.

7) Run Ad-Aware SE and Spybot Search & Destroy regularly. Make sure Spybot immunizes your system each time. If you are technical enough, run Hijack This as well.

8) Run Windows Update frequently and always keep up to date with all critical patches. Better yet, set Windows Update to run automatically. (However, be aware that it will automatically reboot your system after being patched, so you don’t want to do this if you run things continuously.)

9) If you have any part of Office/Word/Excel/Powerpoint/Outlook installed, you’ll need to keep it updated separately at http://office.microsoft.com/officeupdate/

10) Be careful about pirated software, p2p downloads and porn. Some of it includes malware.

Oh, and more cookies too…

Maggie wanted me to make some cookies to take to Germany with her for her sister, so I made today:

2 dozen green tea shortbread
2 dozen oatmeal pecan chocolate chip

Seems like a lot of effort to carry cookies all the way to Germany, but I’m getting to be a very lean traveller. I hardly take anything not strictly necessary. On the other hand my wife, daughter and mother in law had 3 big suitcases and 2 medium suitcases plus a few carry-ons for this trip. Now I do tend to bring a fair bit of stuff back to Taiwan with me when I go to US, but otherwise I don’t bring much. And even coming back to Taiwan I set a strict limit of 2 bags, and if it doesn’t fit it gets left behind.

Maggie just called that her plane is boarding soon. She said one of the bags was too heavy so she had to move some stuff to carry ons. 🙁


Maggie, Emily and my mother in law are off to Germany tonight to visit Maggie’s sister there. They’ll be there through Feb 28 and then returning. I’m not going because I’ve got plenty of traveling of my own to do coming up.

First I’m going to Japan Feb 20-25. I’ll be going to Kyoto to the APRICOT2005 conference to talk about spam issues as part of my chair of APCAUCE duties. While I’m there I’ll take the Shinkansen over to Nagoya for a Dreams Come True concert on Feb 23. Then there’s the LONGEST TRAVEL DAY EVER on Feb 25 where I will start from the hotel in Kyoto in the morning, take the subway and train to Kansai International Airport (Osaka), fly to Taipei, go home and repack, clean up and grab a bite, then back to the airport that night to fly to San Francisco, getting there in the evening (still the same day but much later), drive down to Santa Clara and in all likelihood collapse into a puddle for a couple of days. The next week I’m off to Kansas for classes Mar 1-4, back to Santa Clara, followed by a drive down to Santa Barbara after that and return back to Taipei on March 13 (really it’s late night on March 12, but since it is just past midnight departure, it says March 13 on the ticket), arriving on March 14 early morning.

I’m getting tired just thinking about all that. Whew.