CERT Internet Pet Peeves

Da hat wer was falsch verstanden

Laut FuZo baut die Türkei ein Zentrum für IP-Verfolgung. Gut für sie.

Aber könnten die bitte statt Zensur für die eigene Bevölkerung was zum Schutz des restlichen Internets vor Spam und script-kiddies mit Testosteron-Überproduktion aus dem türkischen Internet tun?


Pet Peeves System Administration

Windows 7 Fail

Initially, Windows 7 looked nice. But the longer I worked with it, it’s starting to show the usual Windows cruft:

I already wrote about the empty lists within Windows Update. Yes, that still happens.

Hibernate does not work.

And now I tried to setup a backup, and ended up with:

Austria Pet Peeves

Otmar will’s wissen

Jetzt kommt ja demnächst diese super geniale Volksbefragung unserer roten Stadtoberen, die auch eine Frage zum Hundeführerschein für Kampfhunde enthält. IMnsHO ist die Frage falsch: sie sollte heissen, ob man solche Hunde überhaupt in der Stadt haben will. Aber man freut sich ja über kleine Fortschritte.

Dabei kam mir der Gedanke, wie schaut’s eigentlich mit einer vorgeschriebenen Haftpflicht für Hunde aus? Da könnte es ja durchaus finanzielle Anreize geben, sich lieber einen friedlichen Hund anzuschaffen, weil für den vielleicht doch weniger zu zahlen ist, als für eine Kampfmaschine. Kurzes Googlen zeigt mir, dass da schon andere auf die Idee kamen, und das ist für seit 1. 1. 2006 geborene Hunde in Wien wirklich vorgeschrieben.

Liebe Opposition im Rathaus: Wie wär’s mal mit einer Anfrage, ob das totes Recht ist, oder ob diese Vorschrift auch wirklich exekutiert und überprüft wird?

Pet Peeves

Dear UPS

Disks in two of our servers failed last week. One was covered by warranty, the other by a HP Care Pack (Next Business Day). In both cases, I reported the failure last Friday and replacement disks were promptly dispatched by the distributor and HP, respectively.

As of Wednesday evening, they have not arrived.

Yes, we’re in the last frenzy of the Christmas shopping rush, but what UPS is reporting on their tracking webpage is simply an outrage.

On monday morning, their tracking page reported the packet as

VIENNA, AT 	21.12.2009  	8:10  	IMPORTSCAN 

and “on track to delivery today”.

No delivery attempt was made on Monday.

Tuesday’s action reads

VIENNA, AT  	22/12/2009  	17:56  	THE RECEIVER IS ON A HOLIDAY. 

I was not on vacation. Co-workers were in the office until 18:30. No delivery attempts were noticed.

Wednesday’s UPS log shows:

VIENNA, AT  	23/12/2009  	17:08  	THE RECEIVER IS ON VACATION. 
	23/12/2009 	5:19 	OUT FOR DELIVERY
	23/12/2009 	2:00 	IMPORT SCAN  

Today I was on vacation, but dropped by at the office around 17:00 and there were three collegues present. No UPS delivery guy, though.

So, this looks like someone is simply making things up to cover up that they could not keep their SLA.

A disgrace.

At this point I have to add that our local Federal Post office has improved their customer service noticeably. Whereas I used to leave the Treustraße office angered by their slowness, the last three times they were actually helpful and tried to avoid unnecessary waiting times.


After a complaint by phone to UPS the disks finally made it to our office on December 30th.

The only working day where the office really wasn’t manned was December 24th. The rest of the entries were simply pulled out of the a** of an overloaded delivery guy.

Pet Peeves

Wie man Kunden das Musikkaufen austreibt

Ich komme per link auf die Seite zu einer CD:

Die angespielten Lieder klingen gut, der Preis passt, schauen wir mal, was wir dafür in der EU zahlen:

Ja, genau so motiviert man Kunden zum Kaufen.

Verarschen könnt ihr wen anderen.

Pet Peeves

Windows 7 Fail

The Windows XP installation on my laptop had suffered the usual Windows fate of accruing too much entropy over the last two years. The Lenovo tools alone are quite heavy-weight by themselves. Instead of re-installing XP, I opted for Windows 7. After all, we’re supposed to be familiar with what’s out there in the wild.

So far, Windows 7 has been quite ok, there are some issues with OpenVPN (and/or the Checkpoint VPN client) and other free software (what’s one of the reasons I’m not running the x64 version). But this one puzzles me:

I simply want to know what updates are available in “Windows Updates”. Whatever I do, the pane stays empty. WTF?

I’m not the only one.

Pet Peeves

Children’s books

Ok, it’s clear that books for children must take liberties in terms of realism. For example, we have these nice book about a small polar bear. That he befriends a small sled-dog is par for the course for such book. All fine and dandy and it makes nice reading. But this page made me go WTF:

Tarzan Polar Bear

A polar bear who likes to swing through the jungle. Sheesh.

For me, this is like science fiction: It’s ok to make some wild assumptions, but then please be consistent. Don’t have him run races over ice on one page, and swinging like Tarzan on the next.

Pet Peeves

Dear Microsoft, I have a simple request.

While messing around with X.509 certificates I not only encountered Umlauts, but Extended Validation Certificates as well. All nice and dandy, but these contain special OIDs in the subject field which openssl does not know the name.

Googling around I found a few references to their names, but no definitive source (especially for a short-name).

Anyway, the OIDs in question are under So who is responsible for that OID tree? First step IANA, where we find the OID registry, which tells us:

SMI Private Enterprise Codes: Prefix: ( See

which I do and where I find that enterprise-number 311 was assigned to Microsoft. They have a nice knowledge-base article which lists some Object IDs, but no information on the subtree ’60’.

So dear Redmond, what about an update to that page?

Pet Peeves

Scaremongering with graphs

Newspapers often enough publish graphs which give wrong impressions on what the numbers behind the diagram actually mean. The usual culprit is a y-axis which does not start with 0, thus visually inflating any trend/changes in the data.

This week I stumbled upon something else:

kleine zeitung diagram

The article was all about “Do we have to expect more extreme weather in the future thanks to global warming?”. The expert they interviewed kind of rejected the premise that we can deduce anything from one year’s weather. But they wanted to have a scary graph in the article, so they came up with this one.

So what’s wrong? If you compare the temperature and precipitation graphs of one year with the long-term averages, then it’s almost a given that the current year will look more extreme than the averages.

The comparison might make sense if you argue that 2009 is colder/warmer/wetter/dryer than the average year, but for comparing weather variance, this is completely worthless.

Internet Pet Peeves

Zeger reitet wieder

Um sein Geschäft mit X.509 Zertifikaten anzukurbeln, schreibt er eine Pressemeldung, die auch prompt von der Fuzo übernommen wird.

Es scheint um X.509 Zertifikate für SMTP/STARTTLS zu gehen, also die Verschlüsselung des Transportweges beim Mailversand.

Was ist da dran alles falsch?