Tuesday, July 27, 2010

Who In The World Isn't On Facebook

All too often CNN lacks real news to report, so they make stuff up. As a classic example, they ran a story entitled Who In The World Isn't On Facebook, the first line of which reads:
Seriously ... at this point, who's not on Facebook?
Seriously: That was the lead line.

Did you hear that? That was the sound of Edward R. Murrow coughing up a lung in disgust at the state of what is now called journalism. (And don't even get me started on Fox!)

The article reports that "Facebook CEO Mark Zuckerberg announced that the site hit a half-billion active users" which is a total lie. Did they not notice his pants on fire? Half a billion active users? NFW. Half a billion accounts, 30% of which haven't logged in a year, 20% of which are fake profiles used by thieves, and 10% of which are husbands claiming to be single. That leaves maybe 200 million, and that's being generous.

I though about my friends--
  technical people, hackers, nerds: not on Facebook
  professionals contacts: not on Facebook
  the six siblings I acknowledge: only one on Facebook
  mother or father: not on Facebook
  step-mother or step-father: he's on Facebook
    (he friended my brother, never used the account again)
  kids: on, one has four posts since 2009, the other six

So, in the end. Maybe 3% to 5% of all the people I know are on Facebook. As for CNN? I think they've just let the 995,554 people that like their page go to their head.

Saturday, July 24, 2010

Thanks for Visiting: Script Kiddy

Everybody knows that hackers fall into two categories: script kiddies and Chinese cyber warriors raised from birth to destroy the American power grid.

Well, I've got this little VM floating around the clouds of the internet. Nothing exciting. It hosts http://dougbunger.com, which is mostly 404 pages and dead links. But... its my little cloud VM, and I love it.

So all week long, somebody has been slamming my server, trying to hack in. Why? There's nothing of value. Not quite true: chances are, if they were to compromise my server, they would probably use it as a file drop for pirated media or pr0n. (And not the good kind... of either.)

I don't think its the Chinese: they are too busy hacking Google to read their dissident's email. No, its the Script Kiddies. How do I know? They are hitting the server with thousands of PHP and SQL exploits. Unfortunately, the server has neither. So, I implemented an Apache redirect:
AliasMatch ^$ /var/www/html/index.html
RedirectMatch (.*[pP]+[hH]+[pP]+.*) \
RedirectMatch (.*[sS]+[qQ]+[lL]+.*) \
I inserted two lines that evaluate the URL and redirect anyone that ask for anything containing PHP or SQL to another website. My regex was not sufficiently righteous, and redirected blank URI's, so the first line ensures you get an index page.

And where does something like http://vypress.bunger.us/sql.php redirect? Why to the Chinese Communist Party home page, of course. Their people are trained for this kind of thing. I'm sure they will appreciate the practice.

Wednesday, July 21, 2010

I'll Take One Electric Sikorsky, To Go

Yes, I do need my own electric helicopter to fly to the grocery store. If it can hold a 30 minute charge, I'm cashing out my IRAs.

(Assuming my IRAs ever get anymore valuable then a happy meal.)

Sunday, July 11, 2010

Moinet Prosecco

I decided to broaden me horizons on Prosecco by expanding me price range. I spent about $18 on this bottle of Moinet-- pronounced mwaanay. It was more effervescent than less expensive brands, and held its fizz over night in the refrigerator; but that's the trait of a good sparkling wine.

This would be good event wine, but is a little too bubbly for everyday use. On my scale, it gets a high 7, because of price. If price is no object, an 8 for sure.

Monday, July 05, 2010

Witness to a Moment of Innovation

Not of Earth shattering importance (like shattering the Earth would be a good thing... or even important, since we'd all be eradicated) but something happened on Saturday that could be an interesting trend. Remember back in the 90's when every few days, you got an AOL CD in the mail? Remember how they were all completely worthless? Well, Saturday, I got a DVD in the mail.

Again, not interesting, since I get Netflix (et al) DVD's in the mail a couple times a week. This was for a new TNT series called Rizzoli And Isles. As a promotional gimmick, TNT sent the pilot episode on DVD for preview of the July 12th debut.

Imagine if we started getting DVD's in the mail as often as we use to get AOL CD's. Unfortunately, once the trend catches on, most of the DVD's will be crap... Just like AOL.

Saturday, July 03, 2010

Browser Based SSH via Webshell

Lets say you need to SSH into your server, but you're not at your regular workstation. I've always recommended people carry a USB thumb drive with a toolkit of programs, such as Putty. But what if the machine you have doesn't have a USB port. No problem, you can download Putty. But what if the machine you have is a kiosk terminal that doesn't allow you to download...

Yeah, I'll admit it sound's pretty far fetched, but I have found an ultra cool package that could provide exactly such an emergency functionality: Webshell 0.9.6 It runs as a local python service and allows login via an AJAX enabled browser.

Behind the scenes, the browser client communicates with the python service, and the python service acts as an SSH client to access the local SSH service. On the surface, this could be a problem, as the browser to python connection would normally be unencrypted. This issue can be mitigated by install OpenSSL support for python. Unfortunately, the pOpenSSL package wasn't in my Fedora repo, so I had to grab it from Pbone.

I made a couple tweaks to my install. I changed the port from the default 8022:
sed -i "s/8022/???/g" webshell.py
And since we always change the SSH port of outside servers:
sed -i "s/in +' loc/in +' -p ???? loc/" webshell.py
And added some headspace to the top of the page:
sed -i "s/margin:0;/margin:25px 0px 0px 0px;/" \
And changed the font from 10 to 12:
sed -i "s/font:10/font:12/g" www/webshell.css

Once you change the font size, you'll need to change the default background or remove the JPG for solid black.

The documentation is a little unclear on the fact that the program, by default, only listens on, so you have to launch the script with -i to accept outside connections. Of course, you'll have to build your own SysV start script.

A side note, there are websites that run this program as a free service to let you web into their server, then hop over to yours. You probably don't want to use those free services. Sure, its SSL from you to them, and SSH from them to your server, but what's the protocol that encrypts the link between the SSL and SSH? can you say none?

Archiving Solaris... Forever!

I found a piece of paper with some Solaris notes. The paper is going into the trash, but the notes are going to the internet to be archived for the good of humanity. Some of these notes may be archived elsewhere on the blog.

To setup your user environment, add to ~/.profile
export PS1="\w #"
export PAGER=less
export TERM=ansi
alias vi='vi +"set showmode ignorecase" '
export EDITOR=vi
Man... I hope I never have to support Solaris again.