Everything is Broken
Everything is Broken
Once upon a time, a friend of mine accidentally took over thousands of computers. He had found a vulnerability in a piece of software and started playing with it. In the process, he figured out how to get total administration access over a network. He put it in a script, and ran it to see what would happen, then went to bed for about four hours. Next morning on the way to work he checked on it, and discovered he was now lord and master of about 50,000 computers. After nearly vomiting in fear he killed the whole thing and deleted all the files associated with it. In the end he said he threw the hard drive into a bonfire...
IgnorantGuru (mastermind of SpaceFM filemanager) posted a long rant similar about six months ago. Take it FWIW.
IgnorantGuru (mastermind of SpaceFM filemanager) posted a long rant similar about six months ago. Take it FWIW.
Puppy Linux Blog - contact me for access
Another typical "you are doomed!" type story with no substance, started by typical big words and big claims to attract attention, written by born-yesterday "tech" journalist, capitalising on her friendship with folks in "infosec" circles, trying to hit it big.
I read the article until I read "C is good for two things: being beautiful and creating catastrophic 0days in memory management". So what language did she recommend, then? Oh, right - none - she does not write computer programs. She's a journalist.
And this gem: "Written by people with either no time or no money, most software gets shipped the moment it works well enough to let someone go home and see their family. What we get is mostly terrible." Yes, perhaps, we all drop all these programming jobs and becomes journalists instead. Everyone knows that unlike in software world, journalists have no deadline pressure, don't have to eat, have no family to look forward to when they go home, and don't get pushed to write crappy or filler stories because they have to fill the empty space in the newspaper in time or update the blogs to attract viewers. Plus, you can still have good conscience: if a journalist writes awful pieces anyway, no one will get hurt. What, no developer means no more software for my iPad? Good - don't spend too much time on that iPad, use the time to think and come up with more stories instead! Wow, total productivity gain.
I gave up when she said "people, as well, are broken". So what, we should cease to be because we are all broken?
Her last words are: "So yes, the geeks and the executives and the agents and the military have fucked the world. But in the end, it’s the job of the people, working together, to unfuck it.". Translated: "I don't have a solution either, but it is *your* (=somebody else's) responsibility to fix it. Now go away while I'm having my cuppa and writing more stories.". Yeah, a good one.
PS: IgnorantGuru's articles, on the other hand, I respect a lot, not only because he has the credentials, but also because he gives sound reasoning for them, While I don't agree with all of his points, I (unfortunately have to) agree with most of them.
EDIT: Add more sarcasm.
I read the article until I read "C is good for two things: being beautiful and creating catastrophic 0days in memory management". So what language did she recommend, then? Oh, right - none - she does not write computer programs. She's a journalist.
And this gem: "Written by people with either no time or no money, most software gets shipped the moment it works well enough to let someone go home and see their family. What we get is mostly terrible." Yes, perhaps, we all drop all these programming jobs and becomes journalists instead. Everyone knows that unlike in software world, journalists have no deadline pressure, don't have to eat, have no family to look forward to when they go home, and don't get pushed to write crappy or filler stories because they have to fill the empty space in the newspaper in time or update the blogs to attract viewers. Plus, you can still have good conscience: if a journalist writes awful pieces anyway, no one will get hurt. What, no developer means no more software for my iPad? Good - don't spend too much time on that iPad, use the time to think and come up with more stories instead! Wow, total productivity gain.
I gave up when she said "people, as well, are broken". So what, we should cease to be because we are all broken?
Her last words are: "So yes, the geeks and the executives and the agents and the military have fucked the world. But in the end, it’s the job of the people, working together, to unfuck it.". Translated: "I don't have a solution either, but it is *your* (=somebody else's) responsibility to fix it. Now go away while I'm having my cuppa and writing more stories.". Yeah, a good one.
PS: IgnorantGuru's articles, on the other hand, I respect a lot, not only because he has the credentials, but also because he gives sound reasoning for them, While I don't agree with all of his points, I (unfortunately have to) agree with most of them.
EDIT: Add more sarcasm.
Fatdog64 forum links: [url=http://murga-linux.com/puppy/viewtopic.php?t=117546]Latest version[/url] | [url=https://cutt.ly/ke8sn5H]Contributed packages[/url] | [url=https://cutt.ly/se8scrb]ISO builder[/url]
Glad you enjoyed it!
It is just a rant which I found entertaining on some level; well it made me laugh. Just as IgnorantGuru's is, although on a different level with different motivation; and also made me laugh. It probably deserves it's own post here, but I'll leave that to you since you discovered it and posted on your blog (@jamesbond). @James C, you may have read that one already.
It is just a rant which I found entertaining on some level; well it made me laugh. Just as IgnorantGuru's is, although on a different level with different motivation; and also made me laugh. It probably deserves it's own post here, but I'll leave that to you since you discovered it and posted on your blog (@jamesbond). @James C, you may have read that one already.
Puppy Linux Blog - contact me for access
Humorous look at people & computer security
Article 2 - IgnorantGuru's
Great expression of how coding and security (maybe insecurity is a better wording) provides right of passage (exploitation) expressed in a personal journey to manifestion.
Article 1 - "Everything is Broken"
Any written article comes to us with a point of view. The point of view of this one, is a clever postulate. Accurate for most of us as she points to the structure of things.
Its a humorous expression on the base of the problems in interworking code all the way to those who understand and have the means to exploit it to their benefit.
Liked (and laughed) the way it was presented.
This would work as a great stand-up act at a security convention. Hmmm...
Great expression of how coding and security (maybe insecurity is a better wording) provides right of passage (exploitation) expressed in a personal journey to manifestion.
Article 1 - "Everything is Broken"
Any written article comes to us with a point of view. The point of view of this one, is a clever postulate. Accurate for most of us as she points to the structure of things.
Its a humorous expression on the base of the problems in interworking code all the way to those who understand and have the means to exploit it to their benefit.
Liked (and laughed) the way it was presented.
This would work as a great stand-up act at a security convention. Hmmm...
Last edited by gcmartin on Fri 13 Jun 2014, 14:24, edited 1 time in total.
-
- Posts: 1885
- Joined: Tue 05 Jun 2012, 12:17
- Location: Wisconsin USA
I did the same discovery some time ago, but I didn't throw away the code! My version has the advantage of being totally undetectable, if you don't believe me, check your network connections! But I have decided to limit myself to be lord and master of only 29655 computers, it takes too much time to handle more than that.
Purely by coincidence, that is the number of registered users on this forum...
tallboy (or is it?)
Purely by coincidence, that is the number of registered users on this forum...
tallboy (or is it?)
True freedom is a live Puppy on a multisession CD/DVD.
DAMN! I bet you are really a Chinese hacker (no offence intended to anyone Chinese, just that my host got hacked early today and my site is down).tallboy wrote:I did the same discovery some time ago, but I didn't throw away the code! My version has the advantage of being totally undetectable, if you don't believe me, check your network connections! But I have decided to limit myself to be lord and master of only 29655 computers, it takes too much time to handle more than that.
Purely by coincidence, that is the number of registered users on this forum...
tallboy (or is it?)
Puppy Linux Blog - contact me for access
So....that explains the anomalies in the attached image, taken from my current desktop a couple of minutes ago..?tallboy wrote:I did the same discovery some time ago, but I didn't throw away the code! My version has the advantage of being totally undetectable, if you don't believe me, check your network connections! But I have decided to limit myself to be lord and master of only 29655 computers, it takes too much time to handle more than that.
Purely by coincidence, that is the number of registered users on this forum...
tallboy (or is it?)
And did you also have a hand in the demise of the HDD in my mac a few days ago??
Or....the sound carking it in my HD Media Player/Recorder only a few days before that???
- Attachments
-
- tallboy-hankypanky.jpg
- hmmm...
- (6.63 KiB) Downloaded 360 times
[i][color=Green][size=92]The mud-elephant, wading thru the sea, leaves no tracks..[/size][/color][/i]
Did anyone else notice, too, that "Smokey01's mainpage" is down? 3 persons, with current issues, are seemingly from the land down-under (always liked that song, though Australia's Got Talent ).01micko wrote:DAMN! ... my host got hacked early today and my site is downtallboy wrote:I did ...
Probably, all coincidental?
Edit: Forgot 2 questions marks. Now added properly.
Last edited by gcmartin on Sat 14 Jun 2014, 17:12, edited 1 time in total.
I don't think russoodle's site has any issues atm,
Don't know about Grant (smokey01). Haven't seen him in a while which is unusual. All my files on his site are ok.Besides, his server is in the US.
Don't know about Grant (smokey01). Haven't seen him in a while which is unusual. All my files on his site are ok.Besides, his server is in the US.
Puppy Linux Blog - contact me for access
I'm sorry to disappoint you all, but I'm afraid my code didn't work very well after all, the only mishaps I manage turn out to be my own! For example losing 20 years of collected engine/car related data (I am a motor engineer), all my notes and tips on Puppy since v.2 something, and lots and lots of other vital stuff as I fried my 160Gig LaCie USB HDD while reading up on different backup strategies...
tallboy (the real one)
tallboy (the real one)
True freedom is a live Puppy on a multisession CD/DVD.
The drive had two USB ports, one for transmissions, and one for extra power from an adapter or a second USB port. It seems using it with only one USB1 port did not produce enough oompfh to make it run stable. It was the power module that collapsed, and the drive seems to have lost all indexing.
None of the partitions (3 ext3 and 1 NTFS) are detected, and I have tried most tools available.
Even if there were info from sites that do not exist anymore, and some personal letters and docs that cannot be replaced, it is more annoying than catastrophic. Shit happens!
I am very aware of backup now; rsync -a is a very useful command.
http://www.computerhope.com/unix/rsync.htm
tallboy
None of the partitions (3 ext3 and 1 NTFS) are detected, and I have tried most tools available.
Even if there were info from sites that do not exist anymore, and some personal letters and docs that cannot be replaced, it is more annoying than catastrophic. Shit happens!
I am very aware of backup now; rsync -a is a very useful command.
http://www.computerhope.com/unix/rsync.htm
tallboy
True freedom is a live Puppy on a multisession CD/DVD.
So far, so good on meownplanet.net/puppylinuxstuff, thank dog! My server's in the US too.01micko wrote:I don't think russoodle's site has any issues atm,
Don't know about Grant (smokey01). Haven't seen him in a while which is unusual. All my files on his site are ok.Besides, his server is in the US.
What amazes me is the sheer number of hacking attempts on my site, +/- 100-200 on any given day (i receive notifications). A while back, i spent time blocking ranges of IP addresses to try to keep the buggers out, (they're like a plague of bl***y fieldmice!), but ended up blocking genuine users, so that wasn't a successful solution. Negative-thinking bunch of morons - pity they couldn't turn their skills to more positive activities
I've emailed Grant. They're still trekking around Oz, probably Darwin or thereabouts at the moment but i'm sure he'll get on top of it as soon as he can.
[i][color=Green][size=92]The mud-elephant, wading thru the sea, leaves no tracks..[/size][/color][/i]
I mailed Grant myself. He's having a blast somewhere up the top end. Good on 'im . He'll sort it out when gets a chance.
I've been through the files on my site and it's untouched. No matter where I point 01micko.com I can't make a difference. Even tried fiddling with the A and the CNAME records but made no difference. The DNS server of the host is compromised so I'm probably not the only one screaming at them on twitter and G+. No response. That is very slack. I'm sure they could outsource AH support on a per incident basis to Inia or Indonesia or somewhere with lower labour rates. Of course I couldn't log in with ftp.01micko.com as DNS points to that Chinese phone sales site. Apparently they have a few disgruntled customers so I wouldn't be surprised if it was a revenge attack! Foolish all the same.
You only need to look at your router logs to see the amount of filth trying to crack you. I get around 200 a day here at home, more sometimes. I do have a small, not well publicised home server but those attempted attacks were going on well before I deployed that. I always keep the router firmware updated. And my server only has port 80 outbound and a secret ssh port opened. My other machines are more vulnerable with things like samba, cups, web browsing, chat and ftp transactions going on.
I've been through the files on my site and it's untouched. No matter where I point 01micko.com I can't make a difference. Even tried fiddling with the A and the CNAME records but made no difference. The DNS server of the host is compromised so I'm probably not the only one screaming at them on twitter and G+. No response. That is very slack. I'm sure they could outsource AH support on a per incident basis to Inia or Indonesia or somewhere with lower labour rates. Of course I couldn't log in with ftp.01micko.com as DNS points to that Chinese phone sales site. Apparently they have a few disgruntled customers so I wouldn't be surprised if it was a revenge attack! Foolish all the same.
You only need to look at your router logs to see the amount of filth trying to crack you. I get around 200 a day here at home, more sometimes. I do have a small, not well publicised home server but those attempted attacks were going on well before I deployed that. I always keep the router firmware updated. And my server only has port 80 outbound and a secret ssh port opened. My other machines are more vulnerable with things like samba, cups, web browsing, chat and ftp transactions going on.
Puppy Linux Blog - contact me for access
Time to backup on BluRay, FatDog 64 fixed the limit to sessions after 8G and it would have only cost 5 USD for 7 Bluray discs to backup full drive. Harddrives have let me down once to many times.
If you really must save data MDisk media are made to last 1000 years and they now have BluRay media. price is high. No practical limit for one file size full 23.5G can be one file.
Also try to disk image full drive before more repairs.
If you really must save data MDisk media are made to last 1000 years and they now have BluRay media. price is high. No practical limit for one file size full 23.5G can be one file.
Also try to disk image full drive before more repairs.