by Joel Spolsky

2002/07/30

Picture of LondonI’m Back!

Spent a loverly 9 days in England, now back in sweltering NYC. If you catch me using Britishicisms please make me stop.

Remote Control Through Firewalls

Here’s the problem: we sell FogBUGZ, a server product that runs on NT. It comes with a SETUP program that works fine 95% of the time, but occasionally something goes wrong and we get a tech support call.

If we could somehow remote-control our customers’ computers, it would take us about 3 minutes to get FogBUGZ up and running. Instead we have to try to tell them what to do over the phone, without seeing what’s going on, which can take an hour or more. There are plenty of remote control programs (PC Anywhere, VNC, NT Terminal Services, etc.) but they all seem to have two problems:

  1. a complicated install for the server, often requiring the original NT CD and a reboot, and
  2. they act as traditional servers, listening on a port, which doesn’t work behind firewalls.

What I would love to have is a version of the VNC server that ran as an ActiveX control. Then I could tell my clients to go to a web page and allow the control to run. We would also need a reflector that lived outside their firewall.

Does anyone have a good solution to this problem?

Update: we’re going to try using TightVNC (a compressing version of VNC) in “listen” mode, which allows the server to connect to the client instead of vice-versa, thus solving the firewall problem. To run the TightVNC Server only requires two files so the setup is relatively painless.

Spam Escalation

When I first installed SpamAssassin a couple of months ago, it worked great, catching about 99% of spam with only the occasional false positive (usually an automated emails generated by ecommerce sites).

It was too good to last; today about 25% of the spam I receive is getting through again. It’s really obvious that spammers are working around the SpamAssassin rules.

SpamAssassin has one major design flaw: whenever it decides to flag a message as spam, it includes a detailed reason why, with exact scores. There’s even a web page which might as well be titled Evading SpamAssassin. It takes about 5 minutes for a spammer to figure out how to avoid the filters.

Update: Chris Thompson advises me to keep SpamAssassin up to date. I’m not sure what’s to stop spammers from keeping their versions of SpamAssassin up to date, though…

About the author.

In 2000 I co-founded Fog Creek Software, where we created lots of cool things like the FogBugz bug tracker, Trello, and Glitch. I also worked with Jeff Atwood to create Stack Overflow and served as CEO of Stack Overflow from 2010-2019. Today I serve as the chairman of the board for Stack Overflow, Glitch, and HASH.