Blocking Outbrain and other clickbait ads for your entire network using the Barracuda NGFW

So I recently got tricked in to clicking on a Outbrain article clickbait scam ad.

Headline looked innocent enough, but when I clicked thru it quickly became apparent that it was one of those aweful “You won’t believe what happened next!  Click here to find out!” bullshit ads.

Ya, I could have just tweaked Adblock, but then I’d have to spend a bunch of time touching every PC and phone in the house.  Why do that when I can simply do a quick config change on the firewall and block the whole crap-ass domain.

You won’t believe what I did next!

  1. Start up NGAdmin and connect to your fw or the cc.
  2. Go to your virtual server – Firewall service – Forwarding Rules
  3. You should start in Access Rules, so go there in case you didn’t.
  4. Doublecheck that AppControl is enabled – We’ll be using Appcontrol, not the URL filter, so we’ll need that enabled.
  5. Ok, now the fun part.  Go to Application Rules now
  6. Right click in the main section, and click New-Rule
  7. Double click on the new rule’s number to open it up for editing.
  8. I named mine “BlockShit” but you can call it whatever you want.
  9. Set it to “Deny” obvs.
  10. In the Object Viewer, to the right of the rule settings, click on the “Applications” tab
  11. Right click in the Objects Viewer and select New – Custom Application
  12. Select “Web Application” from the popup and click OK
  13. Now the Custom Application window will open.  Make sure you set a category, risk, and Properties, too.
  14. Now click the little green plus sign above the “URL Host:” list and add the following starter URLs:  (I’m sure there are hundreds more, but this is a good start)
    • *
    • *
    • *
    • *
    • *
    • *.
    • and of course, *
  15. Now click Save, and drag the resulting object in to the “Application” section of your Edit Rule Window
  16. Click OK to close the Edit Rule window
  17. Ensure the new BlockShit rule is above the default rule
  18. Now send the changes, apply, and you’re golden!

You can now browse from any device on your network without worrying about clickbate!

Oracle V. Google

Supreme Court opted not to hear the case despite a huge swath of IT folks sending in amicus briefs encouring the SC to hear the case.  🙁

Well, I guess it’s far past time to stop using Java.

Oracle may have “won” but it’ll be a Pyrrhic victory when everyone and their dog stops using Java.

We’ve already started at my company. We’re phasing out products that rely on Java (notably Cisco ASA firewalls) and are going to either non-java-web-based products, or products whose admin tools don’t use Java in any form.

Not sure what’ll happen with Android’s ART/Dalvik, but I have to assume Google has something in the wings to throw in to place if they don’t win the fair-use trial. Or even if they do win, for that matter.

Though there may a loophole – since ART/Dalvik are already open sourced, perhaps they can use the GPL’d Java headers, and relicense ART/Dalvik under the GPL.

It’ll also be interesting to see how this affects the compatibility layers for Android that have started showing up in the newer Windows and OSX builds… Presumably, and sadly, they’ll be dropped in fear of being attacked by Oracle.

This may end up being a huge win for OSS, actually. If programmers stop trusting that they won’t get sued for being API compatible with a closed-source API then they may choose to use OpenSource APIs instead.

Still, fuck Oracle, and fuck copywrite maximalists. These companies that were built on innovation are now spending millions to stifle it. Fucking hypocrites.

Why does Internet Explorer suck?

So last night I was installing a brand new Exch 2013 server on Server 2012.

One of the prereqs for Exchange had to be manually downloaded (unified communication library, or something) from Microsoft.

No problem, thinks I, I’ll just open up IE, paste in the link and download.

Except no.  Can’t download.  No download button.

Ahah, I think – I just need to put the site in to Exploder’s “trusted site” list.  Which I promptly do.

Still no download button.

Set the security level for trusted sites to the lowest possible – Medium Low.

Still no download button.

Add “*://*” to trusted sites.

Still no download button.

Install Google Chrome, and voila.  Download button!


How much animosity must exist at MS between their website group, their OS group, and their Browser group for this to take place?!?!

WHY is the easiest way to download MICROSOFT PRODUCTS from a MICROSOFT’s WEBSITE on a MICROSOFT OS involve installing a competing browser?

Just one more reason to make installing Chrome the first thing you do on ANY Windows machine, server or workstation.

Everything is a remix

Here’s an amazing video about why the patent system is so badly broken, how it’s strangling the public domain, and radically stifling progress.  Well worth watching – trust me, you need to see this.

Everything is a Remix Part 4 from Kirby Ferguson on Vimeo.

Doublefine Kickstart, and Game Dev Royalties

First – So exciting!  Doublefine (Tim Schafer – the name behind a slew of great games including Monkey Island, Full Throttle, Psychonauts, Brutal Legend) has started a Kickstart fundraiser for a new game.  This is a great idea – bypassing publishers all together and putting the funding for the game in the hands of the audience.  I LOVE this idea – I just wish I had 10k to give in order to qualify for the lunch with Tim!

Next, this list underlines why a game developer would want to go the above route.  There are a number of incredible games on that list, many of which I have purchased from Steam or GOG.  Sadly, and unbeknownst to me at the time, none of the proceeds of my purchase actually help the developer in the slightest.  Many of them are out of business.  This is a huge problem in the gaming industry.  Publishers like EA (who haven’t actually developed a good game since the 90s!) pay a flat rate to the developers for the rights, and then pass nothing further on if the game actually does well.  And the big-name publishers wonder why people no longer buy their formulaic overpriced and overproduced piles of crap.  I basically read heading of that list as “You now have the right to pirate any of the following games.”  Which is not to say that I condone piracy – I do everything I can to support game devs, but that doesn’t include giving any of my limited budget to a greedy publisher just to fill their coffers while the folks that actually DID THE WORK have to find new jobs since their studio was closed down.  Grrrrr!  Ars Technica has a great article on the list that I highly suggest you read.

Hello (again) World

Lots of changes to the site:

  • I moved it from Godaddy to Amazon EC2.  For about the same price (and free for the first year!) I get a VM all to myself.
  • I’m flipping back to WordPress from Drupal.  Drupal 7.x’s bloggy XMLRPC interface just sucks too much ass.  Sad smile
    That means that all of the  remote management tools (e.g. to manage your site from Android) have failed to work since Drupal 6.x.  Windows Live Writer, Ecto, and all other offline blog editing software no longer worked either.  I’m giving up a bit of power in the site, but gaining a tonne of flexibility.
    It’s a pain in the ass to move back to WordPress – I had to manually copy-paste my posts from the old Drupal site.  Sorry to everyone, but the comments will be a casualty of the move.  Sad smile
  • I’m using a new theme – much cleaner.  I hope you enjoy!

Hope you all enjoy!  Smile


My wife and I got tired of living in an overpriced piece of crap apt, so we’ve moved to a better one. In the process we’ve cut our rent by 1/3 and gained a dishwasher and ensuite laundry! W00t!

We also switched over to Telus’ Optik internet and increased our intertube speed by 50% while cutting the price by $10/month! Sweet!

Oh! And! We get a free XBox360 for switching. W00t!

Anyone have any suggestions for 360 games? The package comes with Alan Wake and Forza3, and I’m planning on getting Shadow Complex and Limbo pdq… Anything else I should get?