New articles - OurBigBook.com

The Gateless Barrier by

Ciro Santilli 40 Updated 2025-07-16

Libertarianism FAQ / What about defamation? by

Mahabharata by

Ciro Santilli 40 Updated 2025-07-16

What about pollution? by

Libertarianism FAQ 0

If your pollution damages the property of others, that would violate the NAP, and a minarchy would be justified in collecting penalties for the same and distributing them to the people affected. This should incentivize the company to try and prevent or clean up its pollution as much as possible. We need to decide the extent of such penalties, and whether penalties other than monetary ones would be even more effective at preventing pollution.

Libertarianism FAQ / What if an essential resource is limited in time? For example, food or medical supplies? by

Libertarianism FAQ / What about creations that cannot be copied as above, eg., a process for making something, which can be kept a secret? by

Libertarianism FAQ / What about speed limits, drunk driving, licenses, etc.? by

Libertarianism FAQ / What about price-fixing? by

Web 0

Libertarianism FAQ / What about guns? by

Libertarianism FAQ / What about wildlife conservation? by

Libertarianism FAQ / But governments compete too! by

Web 0

Electronic warfare by

Ciro Santilli 40 Updated 2025-07-16

Spycraft by

Ciro Santilli 40 Updated 2025-07-16

Telescope by

Ciro Santilli 40 Updated 2025-07-16

CIA 2010 covert communication websites / JS CDX scanning by

Ciro Santilli 40 Updated 2025-07-16

JAR, SWF and CGI-bin scanning by path only is fine, since there are relatively few of those. But .js scanning by path only is too broad.

One option would be to filter out by size, an information that is contained on the CDX. Let's check typical ones:

grep -f <(jq -r '.[]|select(select(.comms)|.comms|test("\\.js"))|.host' ../media/cia-2010-covert-communication-websites/hits.json) out | out.jshits.cdx
sort -n -k7 out.jshits.cdx

Ignoring some obvious unrelated non-comms files visually we get a range of about 2732 to 3632:

net,hollywoodscreen)/current.js 20110106082232 http://hollywoodscreen.net/current.js text/javascript 200 XY5NHVW7UMFS3WSKPXLOQ5DJA34POXMV 2732
com,amishkanews)/amishkanewss.js 20110208032713 http://amishkanews.com/amishkanewss.js text/javascript 200 S5ZWJ53JFSLUSJVXBBA3NBJXNYLNCI4E 3632

This ignores the obviously atypical JavaScript with SHAs from iranfootballsource, and the particularly small old menu.js from cutabovenews.com, which we embed into ../cia-2010-covert-communication-websites/cdx-post-js.sh.

The size helps a bit, but it's not insanely good unfortunately, only about 3x, these are some common JS sizes right there!

Gérard Bricogne by

Wikipedia Bot 0

Gérard Bricogne is a prominent French scientist known for his contributions to the field of X-ray crystallography. He is particularly recognized for his work in the development of software and methodologies for the analysis of crystal structures. Bricogne has been involved in creating tools that aid researchers in obtaining and interpreting crystallographic data, which is essential for understanding the molecular structures of a wide range of substances, including biological macromolecules such as proteins and nucleic acids.

Libertarianism FAQ / What if the ones who own land (maybe even the airspace) surrounding you don't let you leave or enter via roads? by

Libertarianism FAQ / What about nature? by

CIA 2010 covert communication websites / Expired domain trackers by

Ciro Santilli 40 Updated 2025-07-16

When you Google most of the hit domains, many of them show up on "expired domain trackers", and above all Chinese expired domain trackers for some reason, notably e.g.:

hupo.com: e.g. static.hupo.com/expdomain_myadmin/2012-03-06（国际域名）.txt. Heavily IP throttled. Tor hindered more than helped.
First known working day: 2011-07-29.
Scraping script: ../cia-2010-covert-communication-websites/hupo.sh. Scraping does about 1 day every 5 minutes relatively reliably, so about 36 hours / year. Not bad.
Results are stored under tmp/humo/<day>.
Check for hit overlap:
```
grep -Fx -f <( jq -r '.[].host' ../media/cia-2010-covert-communication-websites/hits.json ) cia-2010-covert-communication-websites/tmp/hupo/*
```
The hits are very well distributed amongst days and months, at least they did a good job hiding these potential timing fingerprints. This feels very deliberately designed.
There are lots of hits. The data set is very inclusive. Also we understand that it must have been obtains through means other than Web crawling, since it contains so many of the hits.
Nice output format for scraping as the HTML is very minimal
They randomly changed their URL format to remove the space before the .com after 2012-02-03:
- static.hupo.com/expdomain_myadmin/2012-01-01（国际域名）%20.txt
- static.hupo.com/expdomain_myadmin/2013-01-01（国际域名）.txt
Some of their files are simply missing however unfortunately, e.g. neither of the following exist:
- static.hupo.com/expdomain_myadmin/2012-07-01（国际域名）%20.txt
- static.hupo.com/expdomain_myadmin/2012-07-01（国际域名）.txt
webmasterhome.cn did contain that one however: domain.webmasterhome.cn/com/2012-07-01.asp. Hmm. we might have better luck over there then?
2018-11-19 is corrupt in a new and wonderful way, with a bunch of trailing zeros:
```
wget -O hupo-2018-11-19 'http://static.hupo.com/expdomain_myadmin/2018-11-19%EF%BC%88%E5%9B%BD%E9%99%85%E5%9F%9F%E5%90%8D%EF%BC%89.txt
hd hupo-2018-11-19
```
ends in:
```
000ffff0 74 75 64 69 65 73 2e 63 6f 6d 0d 0a 70 31 63 6f |tudies.com..p1co|
00100000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
0018a5e0 00 00 00 00 00 00 00 00 00 |.........|
```
More generally, several files contain invalid domain names with non-ASCII characters, e.g. 2013-01-02 contains 365<D3>л<FA><C2><CC>.com. Domain names can only contain ASCII charters: stackoverflow.com/questions/1133424/what-are-the-valid-characters-that-can-show-up-in-a-url-host Maybe we should get rid of any such lines as noise.
Some files around 2011-09-06 start with an empty line. 2014-01-15 starts with about twenty empty lines. Oh and that last one also has some trash bytes the end <B7><B5><BB><D8>. Beauty.
webmasterhome.cn: e.g. domain.webmasterhome.cn/com/2012-03-06.asp. Appears to contain the exact same data as "static.hupo.com"
First known working day: 2011-08-18.
Also heavily IP throttled, and a bit more than hupo apparently.
Scraper ../cia-2010-covert-communication-websites/webmastercn.sh.
Also has some randomly missing dates like hupo.com, though different missing ones from hupo, so they complement each other nicely.
Some of the URLs are broken and don't inform that with HTTP status code, they just replace the results with some Chinese text 无法找到该页 (The requested page could not be found):
Several URLs just return length 0 content, e.g.:
```
curl -vvv http://domain.webmasterhome.cn/com/2015-10-31.asp
* Trying 125.90.93.11:80...
* Connected to domain.webmasterhome.cn (125.90.93.11) port 80 (#0)
> GET /com/2015-10-31.asp HTTP/1.1
> Host: domain.webmasterhome.cn
> User-Agent: curl/7.88.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Sat, 21 Oct 2023 15:12:23 GMT
< Server: Microsoft-IIS/6.0
< X-Powered-By: ASP.NET
< Content-Length: 0
< Content-Type: text/html
< Set-Cookie: ASPSESSIONIDCSTTTBAD=BGGPAONBOFKMMFIPMOGGHLMJ; path=/
< Cache-control: private
<
* Connection #0 to host domain.webmasterhome.cn left intact
```
It is not fully clear if this is a throttling mechanism, or if the data is just missing entirely.
Starting around 2018, the IP limiting became very intense, 30 mins / 1 hour per URL, so we just gave up. Therefore, data from 2018 onwards does not contain webmasterhome.cn data.
Starting from 2013-05-10 the format changes randomly. This also shows us that they just have all the HTML pages as static files on their server. E.g. with:
```
grep -a '<pre' * | s
```
we see:
```
2013-05-09:<pre style='font-family:Verdana, Arial, Helvetica, sans-serif; '>2013<C4><EA>05<D4><C2>09<C8>յ<BD><C6>ڹ<FA><BC><CA><D3><F2><C3><FB> 0-3y.com
2013-05-10:<pre>2013<C4><EA>05<D4><C2>10<C8>յ<BD><C6>ڹ<FA><BC><CA><D3><F2><C3><FB>
```
justdropped.com: e.g. www.justdropped.com/drops/010112com.html. First known working day: 2006-01-01. Unthrottled.
yoid.com: e.g.: yoid.com/bydate.php?d=2016-06-03&a=a. First known workding day: 2016-06-01.

This suggests that scraping these lists might be a good starting point to obtaining "all expired domains ever".

Data comparison:

2012-01-01
Looking only at the .com:
- webmastercn has just about ten extra ones than justdropped, the rest is exactly the same
- justdropped has some extra and some missing from hupo
The lists are quite similar however.
Considering toplevels:
- hupo has several toplevels that webmastercn does not have, e.g. .org and many others
- justdropped only covers exactly 6 tlds: .us, .org, .net, .info, .com and .biz. The .com lists are very similar to hupo + webmastercn. But it has a lot more non-.com domains apparently.

We've made the following pipelines for hupo.com + webmasterhome.cn merging:

./hupo.sh &
./webmastercn.sh &
./justdropped.sh &
wait
./justdropped-post.sh
./hupo-merge.sh
# Export as small Google indexable files in a Git repository.
./hupo-repo.sh
# Export as per year zips for Internet Archive.
./hupo-zip.sh
# Obtain count statistics:
./hupo-wc.sh

Count unique domains in the repos:

( echo */*/*/* | xargs cat ) | sort -u | wc

The extracted data is present at:

Soon after uploading, these repos started getting some interesting traffic, presumably started by security trackers going "bling bling" on certain malicious domain names in their databases:

GitHub trackers:
- admin-monitor.shiyue.com
- anquan.didichuxing.com
- app.cloudsek.com
- app.flare.io
- app.rainforest.tech
- app.shadowmap.com
- bo.serenety.xmco.fr 8 1
- bts.linecorp.com
- burn2give.vercel.app
- cbs.ctm360.com 17 2
- code6.d1m.cn
- code6-ops.juzifenqi.com
- codefend.devops.cndatacom.com
- dlp-code.airudder.com
- easm.atrust.sangfor.com
- ec2-34-248-93-242.eu-west-1.compute.amazonaws.com
- ecall.beygoo.me 2 1
- eos.vip.vip.com 1 1
- foradar.baimaohui.net 2 1
- fty.beygoo.me
- hive.telefonica.com.br 2 1
- hulrud.tistory.com
- kartos.enthec.com
- soc.futuoa.com
- lullar-com-3.appspot.com
- penetration.houtai.io 2 1
- platform.sec.corp.qihoo.net
- plus.k8s.onemt.co 4 1
- pmp.beygoo.me 2 1
- portal.protectorg.com
- qa-boss.amh-group.com
- saicmotor.saas.cubesec.cn
- scan.huoban.com
- sec.welab-inc.com
- security.ctrip.com 10 3
- siem-gs.int.black-unique.com 2 1
- soc-github.daojia-inc.com
- spigotmc.org 2 1
- tcallzgroup.blueliv.com
- tcthreatcompass05.blueliv.com 4 1
- tix.testsite.woa.com 2 1
- toucan.belcy.com 1 1
- turbo.gwmdevops.com 18 2
- urlscan.watcherlab.com
- zelenka.guru. Looks like a Russian hacker forum.
LinkedIn profile views:
- "Information Security Specialist at Forcepoint"

Check for overlap of the merge:

grep -Fx -f <( jq -r '.[].host' ../media/cia-2010-covert-communication-websites/hits.json ) cia-2010-covert-communication-websites/tmp/merge/*

Next, we can start searching by keyword with Wayback Machine CDX scanning with Tor parallelization with out helper ../cia-2010-covert-communication-websites/hupo-cdx-tor.sh, e.g. to check domains that contain the term "news":

./hupo-cdx-tor.sh mydir 'news|global' 2011 2019

produces per-year results for the regex term news|global between the years under:

tmp/hupo-cdx-tor/mydir/2011
tmp/hupo-cdx-tor/mydir/2012

OK lets:

./hupo-cdx-tor.sh out 'news|headline|internationali|mondo|mundo|mondi|iran|today'

Other searches that are not dense enough for our patience:

world|global|[^.]info

OMG news search might be producing some golden, golden new hits!!! Going full into this. Hits:

thepyramidnews.com
echessnews.com
tickettonews.com
airuafricanews.com
vuvuzelanews.com
dayenews.com
newsupdatesite.com
arabicnewsonline.com
arabicnewsunfiltered.com
newsandsportscentral.com
networkofnews.com
trekkingtoday.com
financial-crisis-news.com

and a few more. It's amazing.