Really Clever ASCII Spam

I use Gmail, which has an awesome spam filter, so I very rarely end up with real spam in my inbox. Spammers, of course, are always trying to come up with ways around spam filters, and today I ended up with what has to be the most clever spam I’ve ever seen. The subject was “Order:157-0585-035,” and even though I knew it was spam based on that and what I saw in the snippet that Gmail shows you, I opened it anyway, just out of curiosity. Here’s what I saw when I opened it

Click to enlarge

Click to enlarge

That looks pretty much like any other spam, right? But it isn’t. It’s actually ASCII art. In other words, the text of the email is only “readable” because of the patterns in the text. Here’s another screenshot, but this time the text is magnified to show you what it really looks like

Click to enlarge

Click to enlarge

Interesting, eh? Since this one is nothing but whitespace and numbers, a spam filter could actually filter this one out pretty easily, once it knew what to look for. If the spammers start interspersing letters with the numbers, it will get harder to spot. And if they can get whole words in there, too, it will be harder still. I hate spam as much as anyone, but I have to actually give these guys credit for trying.

My Google Apps Migration Is Complete

I mentioned [cref i-just-switched-to-google-apps-for-my-domain the other day] that I’d switched over to Google Apps, and had initiated a POP3 transfer of all my mail from my previous Gmail account to the new one. I’m happy to report that it finally finished. I started it POPing on Tuesday evening, 09/16/2008, and it finished some time this morning. It was pulling mail every twenty minutes or so for ten days. In case you’re interested, it pulled just under 30,000 emails over, which was just under 1 GB in size.

As I said the other day, I’d be happy to pay Google for a quick and easy migration tool. But, at least it finally finished.

When Does an HQL Typo *Not* Cause A Parse Error?

I found something interesting at work yesterday. One of our developers mentioned that when he called a certain method with various sets of parameters, he wasn’t getting back what he expected to get back, based on what he knew was in the database. I put on my sleuth hat and began my investigation.

We use Hibernate for our database layer, and we prefer to use the @NamedQuery annotation to store our queries with the entities they represent. This works out very well for us. But back to the problem. I quickly got to the appropriate .java file and inspected the query. (Obviously I’ve changed the class names, but this is essentially what I found in the file.)

select distinct f
from Foo f
left join fetch
left join fetch f.baz
lef join fetch f.plonk
where = :fooId

Now, do you notice the typo? Check out line five. It says “lef” instead of “left.” When I first saw this, I thought to myself, “How can this even get parsed by Hibernate into SQL, let alone return any results.” We all work in a large room together, so I mused out loud about this problem. One of our other Really Smart Guys™ came over to have a look. He saw the typo, thought for a second and said, “‘lef’ is being treated as an alias for f.baz on the previous line.” And sure enough, he was right. Just as on the second line where you see “from Foo f,” that ‘f’ is an alias for the entity called Foo. We could have put aliases on each “left join” line, at each line’s end, had we wanted or needed to. By misspelling “left” on line five as “lef,” we unintentionally slapped an alias on the join that is on line four. Even though the query is split across multiple lines here, the HQL parser would see it as one continuous string, and after passing by “fetch f.baz” the next token it would see would be “lef,” which it would interpret as an alias for “f.baz.”

So, as far as parsing the query and translating it into SQL goes, everything is just fine. But there is still a problem caused by the misspelling. Since the parser decided that “lef” was actually an alias, the next bit that it sees is “join fetch f.plonk” which results in a regular inner join, instead of the outer join we really wanted. What this means is that for records in the Foo table who can’t be joined to records in the Plonk table, either because the key is null, or there just isn’t a record in the Plonk table that matches, those records will be excluded from the result set. That’s the behavior our developer was seeing. Changing “lef” to “left” made the whole thing work and the developer got the results he needed.

I Just Switched To Google Apps For My Domain

I’ve been using Gmail for a few years now, just having it send mail as, and not using the actual address at all. Or so I thought. Most email clients displayed email from me the way I wanted, but Outlook showed it like this

From: (on behalf of

I knew about this back in 2006, but I thought it had been “fixed.” I put the word fixed in quotes, because spoofing headers isn’t really a correct thing to do. The thing was that most email clients showed the spoofed address, but Outlook showed the “correct” one. Anyway, it bugged me, knowing that people might be seeing my Gmail address instead of my proper address.

Enter Google Apps. I had heard about this before, but never really investigated it. I looked into it last week, and switched over on Tuesday. It’s free, and it means my Outlook problem is solved. For those who don’t know about Google Apps, you change your MX records on your DNS server to set a Google machine as your mail server. After making this change Gmail no longer need to spoof your domain in outgoing emails, since they effectively are your domain. (Don’t worry; they don’t become your web host, just your mail server.) I changed my MX records Tuesday night and then began migrating email from my old Gmail account to my new one.

Migration is one area where the experience is not so great, and I’d actually be willing to pay a bit for a better way to migrate. You’d think that migrating from one Gmail account to another would be a painless, quick and easy affair. And you would be wrong. The only way to get your mail moved is to have the new account make enough POP3 calls against your old account, pulling 200 messages at a time. I started POPing last Tuesday night (09/16/2008) and as of this moment, it’s still running. Granted, I had over 29,000 emails, which was about 900 MB of space, but still! Google ought to be able to come up with a better way to do this. Oh well, it will finish one of these days.

One thing I’d like to point out is that you need to add one more record to your DNS in order to make your Google mail SPF-compliant. I discovered this when I sent a test email from my new Gmail account to my work account. We have an Exchange server at work, and while the email did come through, the subject line had [spf] appended to it. After some checking, I saw in the headers that our mail gateway had marked it as failing an SPF check. I did some googling and found this article that explains how to set things up specifically for GoDaddy, but the general concepts should work for wherever your DNS lives. I setup the new TXT record, ran the test recommended in the article and things are good now. I just sent a test email to my work account, and the gateway must now be happy since there was no [spf] appended to the subject. There might have been a recommendation on the Google Apps setup screens about the SPF stuff, but I don’t remember seeing it.

Anyway, so far I’m happy with my choice to move to Google Apps. Besides the migration issue, the only other complaint I have is that I can’t use my id with Google Reader. I still have to use a “real” Gmail account for that. That’s essentially a minor annoyance, but it would still be nice to just jettison the old account altogether.

I’m Loving Grammar Girl

I may be a bit late in discovering her podcast, but last week I found out about Grammar Girl, and it’s been love ever since. For those of you who are later to the game than I, Grammar Girl is a semi-weekly podcast about English grammar. I am a self-styled Grammar Nazi, so when I found out about her podcast, I knew I had to listen. Over the course of two days this week, I listened to around 30 episodes. Each is around 5 minutes long, so you can listen to several of them during a normal commute. Her topics ranged from the correct use of hyphens, to when to use “who” and “whom,” and on to “You and I” vs. “You and Me,” plus many other topics. This stuff is fascinating, but more than that, it’s useful. She explains what the correct usage is, and then usually goes on to explain why it’s correct, which is why I think I like it so much. If you like learning things, you should definitely check her out.

I Am Full of Teh Happy

Yesterday was a good day for me on several fronts. Let me tell you them.

First, whilst searching for various things in the iTunes store, I saw that Metallica had released their new album, Death Magnetic. I had bought the first single, My Apocalypse, a couple of weeks ago when it came out, and I was excited that Metallica might be good again. I was a Metallica fan from way back in the 80’s. I loved, loved, loved every album up to and including …And Justice For All. I didn’t like “the black album” at all for several years, but then it grew on me. I thought everything after that, starting with Load, sucked out loud. I listened to the samples of the new album and immediately clicked the “Add to Cart” button. I’ve listened to the whole album about 5 times now, and it’s playing again as I write this. This album is full of awesome. It’s fast and heavy with glorious Kirk Hammett guitar solos throughout. If you liked “old” Metallica, you will love this album. Buy it. Memorize it. Love it. Standout songs include “My Apocalypse,” “Broken, Beaten & Scarred,” “The Judas Kiss” and “All Nightmare Long.” 

I was also happy to see that iTunes had finally added 0 + 2 = 1 by the very strange band NoMeansNo. I had this as a cassette, back when it was originally released, but I haven’t been able to find it in any format since. iTunes had one or two NoMeansNo records, but not this one. I have been checking periodically, but they never had it. Until yesterday. I’ve listened to it twice since buying it. It’s heavy and a bit odd, but very good. “0 + 2 = 1” and “The Valley Of the Blind” are the best songs on the record.

And if that weren’t enough musical goodness, Dar Williams’ new album, Promised Land, was also available. I think this is one of her best albums ever. I have her entire catalog, and this album has already moved to the top of the list for me. It has her signature lyrical twists, and it’s quite upbeat, with beautiful melodies. I’ve only listened to it twice since buying it, but it’s really good. My favorite songs, so far, are “It’s Alright,” “Buzzer” and “Troubled Times.”

Yes, I have eclectic musical tastes.

Next, as anyone with an iPhone knows, Apple released iPhone OS 2.1 yesterday. I was really looking forward to this update because OS 2.0.2 had lots (and lots) of problems and annoyances. The biggest problem I had was with how long it took to backup the phone. Every time I plugged it into my Mac, it would easily take over an hour to do a full sync. That’s absurd. I have less than 2 gigabytes of stuff on the iPhone and it took one-hour+. I have 60 gigabytes of stuff on my iPhone, and a sync never takes more than a few minutes. The other major annoyances were a terrible lag when using the onscreen keyboard, and the fact that when you updated an application, it didn’t stay where you put it, instead moving to the first available open spot. Not good. 

I’m very happy to report that iPhone OS 2.1 has fixed these problems, for me, anyway. A full sync is taking around five minutes, which is completely reasonable. The keyboard feels responsive, and after updating applications, they stay where I put them. Bravo, Apple. Keep the goodness coming, KTHX.

And finally, the first two discs of season 3 of Weeds arrived from Netflix. I watched the first three episodes last night, staying up far, far too late in the process. Damn, I love this show, even though I know I shouldn’t like it, if you know what I mean.

Problems With Latest Version of iTerm

I love iTerm as a replacement for, but this morning after letting iTerm upgrade itself to “Build”, all my settings, profiles and bookmarks were lost. I don’t know why, but that’s what happened. I pulled back the iTerm.plist from ~/Library/Preferences using Time Machine, but that didn’t seem to fix it. I also tried to restore using Time Machine, but there was something funky going on with TM, so I wasn’t able to.

In the end I just reset the preferences as best I could from memory and started recreating my bookmarks. You might want to wait to upgrade.

Microfortnights Make Me Giggle

A long time ago (15+ years) I worked on a VAX. If memory serves, it was a MicroVAX 3900. I don’t recall ever seeing this unit of measure mentioned in the docs, but I may have. It’s the “microfortnight” and reading about it always makes me laugh. From the Jargon file:

microfortnight n.

1/1000000 of the fundamental unit of time in the Furlong/Firkin/Fortnight system of measurement; 1.2096 sec. (A furlong is 1/8th of a mile; a firkin is 1/4th of a barrel; the mass unit of the system is taken to be a firkin of water). The VMS operating system has a lot of tuning parameters that you can set with the SYSGEN utility, and one of these is TIMEPROMPTWAIT, the time the system will wait for an operator to set the correct date and time at boot if it realizes that the current value is bogus. This time is specified in microfortnights!

Wikipedia’s article on microfortnights has a bit more info

The joke is in having a rather large unit (fortnight) combined with a fractional SI prefix (micro) to counteract that. The practical purpose is to discourage setting such parameters without some thought. The unit was selected because the time is only approximately one second, being established by some near-infinite loops rather than a real clock unit (which isn’t active at the time), and rather than field complaints about this being “not exactly a second”, the unit was invented.

Heck, I don’t even have to be reading it to laugh about it. Just thinking about it makes me laugh.

My First Impressions of iTunes 8 “Genius”

After Apple announced iTunes 8 yesterday, I downloaded and installed it, eager to see the new “Genius” feature. This feature had been rumored to be similar to Pandora, the wonderful service that finds you more music based on what you already like and don’t like. In actuality, Genius has two parts. The first is the “Genius Sidebar” which shows you songs from the iTunes store that “match” or in some way go with the songs currently selected in your library. The second part generates playlists based on a song selection. You select a song, click the Genius button, and it generates a playlist of songs from your music library.

Since I have such varied tastes in music, I decided to give the sidebar a whirl. I selected “Rock This Town” by Stray Cats and checked my results. Expecting to see other rockabilly bands, I was a bit surprised to see the top three results:

  1. The Romantics: What I Like About You
  2. Kiss: Strutter
  3. Mötley Crüe: Shout At the Devil

I guess they went with 80’s bands instead. The rest of the list included Billy Idol, Jane’s Addiction, Cheap Trick, and others whose heyday was in the 80’s.

I then selected “You and Me and Rainbows” by The Tear Garden. I was shocked to see the top recommendation was a song by Jessica Simpson, but then I saw the text at the top saying that they couldn’t find anything based on that song, but here’s the list of top songs at the iTunes store right now. Reassured that the Genius was not a moron, I carried on.

I then selected “Sixteen Tons” by Tennessee Ernie Ford. Genius did a good job with this one. 

  1. Jimmy Dean: Big Bad John
  2. Marty Robbins: El Paso
  3. Hank Williams: Your Cheatin’ Heart
  4. Roger Miller: Dang Me

In this case, not only did it match the generation, but it also matched the genre and feel of the song pretty well.

I then tried several Tom Waits songs. Most of the results involved Neil Young, Tom Petty and Nick Cave, none of whom I like. Based strictly on which songs I was picking, I don’t think the matches were very good. You could argue that the bands gained fame at roughly the same time, but Tom Waits’ style(s) don’t really match with the recommendations, in my opinion.

Pressing on, I selected “Steppin’ Out With My Baby” by Tony Bennett. The top recommendations were:

  1. Fred Astaire: Puttin’ On The Ritz
  2. Frank Sinatra: Nice ‘n’ Easy
  3. Bobby Darin: Call Me Irresponsible
  4. Ella Fitzgerald: Let’s Call the Whole Thing Off

Good selections. What I like most about the first one is that this Tony Bennett album was a collection of songs made famous by Fred Astaire. Thus, having an Astaire song as the first hit seems very genius-like.

Next, I selected “Quicksand” by Abdel Wright, a Jamaican singer who does mostly folksy, protesty songs. I don’t understand the results from Genius, which included Maia Sharp, North Mississippi Allstars and Kyle Riabko. The Duhks were also included with a cover of Sting’s “Love Is the Seventh Wave.” None of these songs/artists share a style with Wright, and I didn’t detect any degree of protest in the thirty second clips. Curious.

Finally, I tried two songs by Afro Celt Sound System: “Deep Channel” and “Lovers of Light.” The results for “Deep Channel” were mostly Indian-influenced groups, which don’t really fit, but weren’t awful. The results for “Lovers of Light” were much better, including a song by Baka Beyond, which was very similar musically. These results rather impressed me, as this band bends and blends styles.

So far it’s hit or miss with Genius. I haven’t used the playlist-generation feature much yet. At this moment I’m listening to a Genius-generated playlist based on “Deep Channel” and I’m not too sure about these results. 

Click to see larger image

Some of the results seem OK, but not all. I can only assume that as more people use Genius, the results will get better. For now, if you’re looking for recommendations, you should probably rely more on Pandora than Genius.

I’m Digging Java Again

I first started doing Java back in 1995. That’s quite a long time ago. Once I got going, I wrote Java code every single day, for thirteen years. I co-authored a Java book, gave talks on Java and was an all-around, Java Guy™. And sometime around 2006, I got bored with it. Completely and totally bored. I was a one-man shop at a small company, my code was running just-fine-thanks-very-much, and I didn’t feel like doing anything new with it, at all. I was more interested in Ruby and, to a lesser degree, Rails, so Java changes didn’t really interest me. And thus, I failed to notice some really cool stuff that was going on in Java-land.

In June of this year I joined a new company that is doing some rather advanced Java work. I had to get current, tout de suite, and in so doing, I’ve really gotten interested and engaged again. Spring and Hibernate have really changed from the older versions I was using, and so has JUnit. All for the better, from what I can tell.

And with this renewed interest, I’ve bought my first new Java books in over 3 years. I bought Effective Java (2nd Edition) to replace my first edition and Java Concurrency in Practice, because I heard good things about it. So far, I’ve read about 2/3 of  Effective Java. I used to buy Java books all the time. I have tons of them. But when I got bored, I stopped shelling out the cash on the Java books.

Java-land is still a very nice place to play. Sometimes you have to get an outside perspective to realize that.