2007-04-29
What matters about object oriented operating systems
Many years ago, I went to a talk about a new object oriented operating system (a research project, obviously). The presenter made a big deal about how everything in, eg, their filesystem was an object, and so things were very general and you could put anything in the directory objects, and as they went on I noticed something disturbing: while you could put all those different things into directories, none of them seemed to have the same set of methods; in fact, the methods were often significantly different.
This talk led me to a conclusion: what matters in OS object orientation is not that things are objects, but what the common operations are.
If you have no common operations, it doesn't matter that everything is an object and you have theoretical generality. Your object orientation is getting you nothing in practice, because real programs have to know about the types of objects that they are dealing with so that they know what operations they can do with them.
Correspondingly, the genius of Unix is in the common operations. These make it look 'object oriented' from the outside perspective, regardless of how it is implemented internally, because almost every 'object' responds to a set of common operations.
(Current implementations of Unix kernels are almost certainly heavily object oriented internally, despite being written in C. I know that the Linux kernel is.)
I suspect that this generalizes to many object oriented programs, although I have limited experience in OO programming (especially in traditional OO languages like C++ or Java; all my OO work has been in Python). Certainly almost all of the times I've constructed object hierarchies and the like, whether in C or in Python, the driving reason has been to be able to write common operations in a generic, object type independent way.
(This is not to say that generic containers are unimportant, especially in a language.)
Weekly spam summary on April 28th, 2007
This week, we:
- got 11,321 messages from 292 different IP addresses.
- handled 18,443 sessions from 1,247 different IP addresses.
- received 176,017 connections from at least 61,753 different IP addresses.
- hit a highwater of 7 connections being checked at once.
This is slightly up from last week, especially the number of different IP addresses hitting us. The drop in email messages may be because we're towards the end of university exams, when things tend to get a bit quiet.
Day | Connections | different IPs |
Sunday | 26,858 | +9,992 |
Monday | 26,131 | +9,688 |
Tuesday | 30,224 | +10,405 |
Wednesday | 33,942 | +10,356 |
Thursday | 26,933 | +8,622 |
Friday | 18,944 | +7,395 |
Saturday | 12,985 | +5,295 |
The spammers seem to have jumped on us in the middle of the week, and then started to fall off later on. Probably this is not going to be a long-term trend.
Kernel level packet filtering top ten:
Host/Mask Packets Bytes 68.230.240.0/23 39449 1916K cox.net 68.168.78.0/24 19607 941K adelphia.net 213.29.7.0/24 15449 927K centrum.cz 213.4.149.12 13035 678K 205.152.59.0/24 12831 582K bellsouth.net 206.123.109.0/27 9250 508K 81.115.40.8 5319 284K 65.175.90.190 2877 158K 193.25.197.0/24 2619 157K 65.75.64.3 2619 126K
Volume is slightly down from last week, and has shuffled around quite a bit.
- 213.4.149.12 is terra.es, and returns from last week and many times before.
- 206.123.109.0/27 is a tendril of otcpicknews.com and returns from last week.
- 81.115.40.8 is a telecomitalia.it generic host, and returns from late Feburary and a number of times before then.
- 65.175.90.190 kept trying to send us stuff with an origin address that had tripped our spam traps. It's been doing this for some time, but this is the first week it's made our top ten.
- 193.25.197.0/24 is celeonet.fr; it also kept trying to send us stuff that had already tripped our spamtraps, but it was sending from so many IP addresses that I just blocked the entire /24.
- 65.75.64.3 kept trying with a bad
HELO
name.
Connection time rejection stats:
41556 total 22293 dynamic IP 13326 bad or no reverse DNS 4565 class bl-cbl 234 qsnews.net 222 class bl-njabl 105 acceleratebiz.com 110 class bl-dsbl 95 class bl-pbl 71 class bl-sdul 70 class bl-sbl
The highest source of SBL rejections this week is SBL49395 at 25 rejections, which is labeled as 'swishmail.com' and appears to be a dirty /24 used by a spammer and was listed 23 December 2006. Following it is SBL45324 with 17 rejections, a /24 ROKSO listing for Brian Kramer aka Expedite Media Group, listed 26 December 2006.
Three of the top 30 most rejected IP addresses were rejected 100 times
or more this week; 216.213.172.11 (156 times, qsnews.net), 200.62.58.67
(123 times, missing reverse DNS), and 87.51.151.182 (106 times, tele.dk
ADSL). Ten of the top 30 are currently in the CBL, none are currently
in bl.spamcop.net
(somewhat to my surprise), eight are in the PBL,
and a grand total of 14 are in zen.spamhaus.org.
(Locally, 13 were rejected for bad or missing reverse DNS, 9 as dynamic IPs, 3 as being from various places we don't want to talk to, 3 for being in the NJABL, and one each for being in the DSBL and the CBL.)
This week, Hotmail did:
- no messages accepted.
- no messages rejected because they came from non-Hotmail email addresses.
- 24 messages sent to our spamtraps.
- 16 messages refused because their sender addresses had already hit our spamtraps.
- 4 messages refused due to their origin IP address (two in the CBL, one in SBL48677, an advance fee fraud spam source listing from December 1st 2006, and one from the Cote d'Ivoire).
And the final numbers:
what | # this week | (distinct IPs) | # last week | (distinct IPs) |
Bad HELO s |
699 | 69 | 720 | 75 |
Bad bounces | 125 | 57 | 68 | 22 |
Bad bounces have almost doubled from last week, and the number of
sources has more than doubled. On the slightly bright side, at least the
bad HELO
count has dropped slightly. The leading bad HELO
source is
70.16.191.87 (72 tries), followed by 216.212.61.226 (67 tries).
Bad bounces were sent to 36 different bad usernames this week. The
leading target, with 84 attempts, was an old user. After that we
saw attempts to old users, the ever-popular noreply
, some random
jumbles like xgosk02
, and a variety of names like MyraRogers
.
This week the bounces seem to have come from all over; the leading
source is chello.at, followed by a Polish ISP and Earthlink. Various
places in Eastern Europe seem to be popular bounce sources in general.