Last day in year 2008

Today is the last day in year 2008. What do I plan to do ?

I just want to send SMS to best friends saying that 2008 has been a very difficult year. I hope they can continue to stay strong and wish them a better 2009. More importantly, we should work hard and enjoy a better life. Do not speculate any more in the stock market.

Good luck, friends.


Microsoft did not provide md5sum for trial software

I downloaded trial version of Publisher 2007 in Chinese language. The file size was 403 MB. Too odd that Mircrosoft did not provide the md5sum of the provided file. The downloading took considerable time and if there was any error due to transmissions or other unexpected corruption, without the md5sum value, how could I ensure the integrity of the file when downloading was completed.

Microsoft should provide the md5sum of all trial software packages. This is a MUST basic rule for users to check the file integrity.


ICANN's charge for new Top Level Domains

ICANN proposed to create hundreds of new top level domains such as .microsoft or .ibm. For these TLDs to work, the one-off registration fee is US$185,000 while the annual recurrent cost is US $75,000 for a domain to stay in the DNS root nameservers.

Currently, ibm.com or microsoft.com is charged just around US$20 per year. The maintenance cost of US$75,000 is 3750 times higher. I wonder how could the cost be justified !


Javascript to protect email addresses against harvestor

This is a small javascript to separate a valid address into several strings and break "mailto" into "ma" and "ilto" to confuse email address harvestors.

It is useful for all webmasters.


Web Server Audit - please don't laugh after reading

This is part of the report by an external auditor after conducting security audit on a web server :

"In the vulnerability scan result, the Audit Team observed that some unused files exist in the web server www.abc.com. The files may disclose system information to the public. Although there are no sensitive information in the files, it is recommended to control access to files and information. The unnecessary files are :

1. www.abc.com/robots.txt
2. www.abc.com/favicon.ico "

Oh God ! If you want to laugh, I will not stop you.


Phishing activity in Thailand

I read a presentation file prepared by ThaiCERT on the general phishing activity in Thailand. According to ThaiCert, phishing has little impact in Thailand because :

a. Thai people ignore English e-mail.
b. Thai people don's trus security in e-transaction.
c. There are a lot of off-line banks,ATMs and branches which are convenient.

It seems to me that fraudsters should stop sending phishing emails to addresses with .th domains.


AS Trace

My colleagues asked if I could list out all the IP addresses allocated to a local ISP. I tried to use the "Looking Glass" service of HKIX but seemed I could not get the list though I knew the AS number.

I resorted to AS trace facility of fixedorbit.com. The results were satisfactory. I have to memorize the name of this web site since such service is rare in the Internet.



家住廣播道,自然會想到往侵會醫院注射流感預防針。聽當值護士說流感預防針費用是150元,但由於是醫生執行注射,醫生費約 300 – 400元,這真是超級昂貴呵。之後我去了一間診所,亦是由醫生注射,所費只是170元正,這事足以證明私家醫院的普通門診費是間天殺價。


How much is a single character domain name if it is globally unique ?

SGNIC is now inviting applications for single character domain name (SCDN) like a.sg. a.com.sg etc. The bottom price is S$20,000. If more than one application for a SCDN in the ccTLD domain categories (such as .com.sg, .net.sg), applicants will be asked to bid until a final winner emerges.

This triggers me to think about the market value of SCDN in the generic TLDs like a.com, b.net etc. If a country specific SCDN can be sold at S$20,000, the more attractive and globally unique SCDN in TLDs should be priced at 10 or even 100 times higher.

Has ICANN set a policy on this ? What does HKIRC plan to do with SCDN in the .hk levels ? I need to find the answers !!