BREAKING: The FBI Makes A Claim

The FBI disagrees with Your JoeDog. As of a few minutes ago, the Times published an article in which the FBI accuses North Korea of organizing the cyber attack on Sony Pictures.

Okay, what do they got?

The bureau said that there were significant “similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks” to previous attacks by the North Koreans. It also said that there were classified elements of the evidence against the North that it could not reveal.

This is not unexpected. Cyber attackers around the world share code, tools and ideas. I wouldn’t be surprised if this toolkit contains signatures that match those used by the CIA, Iran, Israel or Anonymous.

What else do you got?

“The F.B.I. also observed significant overlap between the infrastructure used in this attack and other malicious cyberactivity the U.S. government has previously linked directly to North Korea,” the bureau said. “For example, the F.B.I. discovered that several Internet protocol addresses associated with known North Korean infrastructure communicated with I.P. addresses that were hardcoded into the data deletion malware used in this attack.”

The wording here is curious: “known North Korean infrastructure.” What does that mean? Are they in North Korea’s one known block of public IP addresses or are these Class C addresses the FBI has seen before? Kim Hak Uhr codes at a workstation with a 192.168.0.4 address so it must be North Korea!!1!1!

So we have a similarities of code, unknown IP addresses and evidence the FBI can’t reveal because s3cr37s! That’s pretty scant. I remain skeptical, very skeptical.

 

Posted in Security | Leave a comment



CTR Is Hard

Sproxy is a word Your JoeDog invented to describe his [S]iege [Proxy]. At the time of this writing, this site has the top three positions for ‘sproxy’ on Google. In the past week, nine hundred people typed ‘sproxy’ into the Google machine. Of those nine hundred, only 110 clicked a link to this site. That’s a 12.22% click-through rate for a made-up word that describes an esoteric piece of software that exists right on this very site. Let’s just say that falls a little below expectation….

 

 

 

Posted in Applications, Siege, Technology | Leave a comment



No, North Korea Is Not Responsible For The Sony Pictures Attack

Hacky Hack HackYour JoeDog is skeptical — very skeptical.

Unnamed US intelligence agents claim North Korea was “centrally involved” in the Sony Pictures cyber break-in. A leading “expert” is ninety percent certain North Korea was behind the attack. Well, Your JoeDog is one-hundred percent certain they weren’t.

Remember Stuxnet? It was a worm that infiltrated Iran’s nuclear facilities and attacked their centrifuges. It was certainly developed by a nation state. We still don’t know which one. Israel? They’re on the short list. The United States is, too.

That’s how nations roll when they commit cyber attacks. They don’t send emails which berate a target over its lax security. Nor do they send ransome requests. They certainly don’t give themselves nicknames like Guardians Of Peace. If North Korea would have infiltrated Sony they would have kept it on the downlow. Their message would have been implicit.

The initial interaction between the attackers and Sony was all about money. “Pay the damage,” they implored, “or Sony Pictures will be bombarded as a whole.” There was no mention of Seth Rogen’s film. There was nothing political in that message. The group that claimed responsibility was called “God’sApstls.” The “Guardians of Peace” surfaced later, after depictions of a splash screen on Sony computers surfaced on the Internets. It read, in part, “Hacked by #GOP”

In a December 1st email to CSO, a GOP representative claimed the group had no ties to North Korea:

“We are an international organization including famous figures in the politics and society from several nations such as United States, United Kingdom and France. We are not under direction of any state.

“Our aim is not at the film The Interview as Sony Pictures suggests. But it is widely reported as if our activity is related to The Interview. This shows how dangerous film The Interviewis. The Interview is very dangerous enough to cause a massive hack attack. Sony Pictures produced the film harming the regional peace and security and violating human rights for money.

“The news with The Interview fully acquaints us with the crimes of Sony Pictures. Like this, their activity is contrary to our philosophy. We struggle to fight against such greed of Sony Pictures.”

Distancing yourself from the country you represent is a funny way to promote its interests….

Personally, I wouldn’t be surprised if everybody and his sister has been inside Sony’s network. Compromising a system is only half the fun. Bragging about it is the other half. Could NK agents have caught wind of the break-in along with enough details to gain entry themselves? Sure. They may even exchanged Bitcoins for details. Maybe they were inside Sony but they didn’t orchestrate the attack and they certainly weren’t the ones who sent those emails.

 

Posted in Security | Leave a comment



Nerd Splaining Large Numbers

Holy shit — the Economist really outdid itself. What now? In this post, they explained why Gangnam Style will break YouTube’s view counter. They used 3726 characters and 612 words to explain that computer integers don’t go on forever. When the Gangnam Style counter reaches 2,147,483,647 it will stop counting. Why?

Integers are stored in a series of ones and zeroes. On a 32-bit platform, you can only store value in 32 consecutive ones or zeros. Go to this binary to decimal calculator and put 32 ones in the binary field. Press “Calculate” and you’ll get this answer: 4294967295.

But the Gangnam Style counter is maxed at half of that? How come? That’s because computers use positive and negative numbers. The range falls above and below zero, i.e., from -2,147,483,648 to 2,147,483,647. Gangnam Style is approaching the upper bound.

If YouTube switched to 64-bit architecture they could capture up to 9 quintilian views.

Remember kids, there are 10 kinds of people in this world. Those who understand binary numbers and those who don’t.

[Economist: Wordy Word Words on Computer Integers]

 

Posted in Programming, Tech Media, Technology | Leave a comment



Nobody Ever Typed ‘-1966631820′ Into The Internet

Your JoeDog was debugging C code. Not just any C code, but C code that was last updated in 2001 by a man who’s now retired. Or maybe he’s dead — the point is he can’t be consulted.

Well, sir, this code was inserting 4 billion and change into a field that expected 1 or 0. The insert was based on a result from a previous query. Your JoeDog debugged that variable and determined it was -1966631820. Hoping that number would shed light on his problem, he plugged it into the Internets.

As of 13:22:05 EST, no human has ever typed that into the Internets. Sensing an opportunity to monopolize a keyword, Your JoeDog typey-typed and added this: -1966631820

UPDATE: Couple things. 1.) A JoeDogger says that Google excludes from its results parameters that are prefaced with a minus sign. 2.) Your JoeDog removed the minus and tried again. A minute after publication, he had captured the number one spot on Google for the keyword ‘1966631820’

 

Posted in On The Job | Leave a comment



In Praise of Default Values

Your JoeDog likes options. He feels that if a program takes a variable value, that value should be configuarable. A programmer can spend a great deal of time selecting the perfect socket timeout, but unless the user works in the same environment it’s not necessarily perfect for them.

On the occasions when Your JoeDog uses Windows, he finds himself struggling to make the software do his bidding. It takes time to add another text field to a Windows GUI, so developers tend to limit the number of configurable options.

At the same time, he hates complicated software. You shouldn’t need a computer science PhD in order to configure scheduling software. Yet it’s impossible to use Tivoli’s workload scheduler and not feel completely overwhelmed. It can take days to set up.

These notions don’t have to be mutually exclusive. Software can be extremely flexible and simple to use. Your JoeDog achieves this notion in his own software with a novel concept known as the “default value.” If you don’t set a value, you get the default. If you require more precision, you can change those settings.

Generally speaking, software users don’t care about every configurable value. They have a subset of values they want to change. If everything has a default that doesn’t need to be set for the software to function, then the documentation becomes less overwhelming. If all you want to do is change one setting, then you can search the docs for just that configuration.

Your JoeDog does enough GUI programming that he can speak to the notion he mentioned above. It takes time to add labels and text fields to a program. Those GUI elements also take valuable screen real estate. As a result, many programmers limit the flexibility of their programs.

Here’s a thought: why not make the program configurable with a combination of a GUI and a configuration file? You can place the frequently changed stuff inside the GUI and the more obscure features inside the file. Trust me, the users who really want to change something will discover how to do that if you let them.

Keep it simple but make it flexible and your users will be appreciative … until you blog about it.

 

 

Posted in Programming | Leave a comment



Fido 1.1.5 SIGHUP and Reload

Good morning, JoeDoggers. Let’s bask in the glow of Your Fido this morning; he’s all grown up and ready for love. What does that mean? Well, it means it now behaves like a contemporary modern daemon. Starting with version 1.1.5, if you send it SIGHUP, it will reload its configuration file.

Really? It’s been out since 2011 and you’re only adding that feature now?

Hey, what do you want from me? It’s free, isn’t it?

Here’s how it works: if you change fido’s configuration file, you can send it SIGHUP to reload its key = value pairs. There’s just one thing it won’t reload: its filenames.

Remember, a fido configuration file is divided into two parts; it contains global settings and file settings. The file settings are distinguished by a filename followed by two brackets like this: {}. Here’s an example:

/usr/local/var/my.log {
 # key = value pairs go here.
}

So if you change /usr/local/var/my.log to anything else, you’ll have to restart fido. If you change any other values, then you can just send it SIGHUP.

So how do I send it SIGHUP?

There’s several ways of doing this.

1.) You can look for the process ID (PID) with the ps command and send it SIGHUP (which is signal number 1):

# ps -aef | grep fido
root 31952 1 0 09:21 ? 00:00:00 /usr/sbin/fido -f /etc/fido/fido.conf
# kill -1 31952

2.) Check your system documentation. Some kill commands support name values such as this:

# ps -aef | grep fido
root 31952 1 0 09:21 ? 00:00:00 /usr/sbin/fido -f /etc/fido/fido.conf
Pom # kill -HUP 31952

3.) We can eliminate the ps command by using fido’s pid file like this:

# kill -1 $(cat /var/run/fido.pid)

You can verify a successful config reload by looking at /var/log/messages.

 [Download: Fido]

 

Posted in Applications, Fido, Release | Leave a comment



A Cyber Pearl Harbor

Earlier this year, Home Depot fell victim to one of the worst known cyber attacks. Its systems were infiltrated and attackers stole personal information from millions of customers. The company suffered little from the attack; its stock is now at an all-time high. In the past year alone, there have been many high profile cyber attacks that have been met with little more than a shrug.

Leon Panetta, a former US Secretary of Defense, once claimed it would take a cyber “Pearl Harbor” before Americans were willing to do what was necessary to fix their computer infrastructure vulnerabilities. We haven’t faced such a catastrophe but, as the New York Times discovers, people are starting to realize that more attention must be paid to these sorts of threats. Your JoeDog has seen this new attitude first hand. His company now has more security analysts than systems analysts.

[NY Times: Hacked vs. Hackers]

Posted in Security | Leave a comment



Why You Should Test Your Site Under Load

Siege users will never get embarrassed like this….

[Techcrunch: Call The Geek Squad, Best Buy Crashes On Black Friday]

Posted in Uncategorized | Leave a comment



No, A Website Doesn’t Write Cookies To Your Hard Drive

Remember Netscape Navigator? Some of you might have called it Nutscrape Irritator. Ha Ha. It’s funny because it’s true.

Well back in the day, Netscape was the shizzle. All of a sudden this stupid gopher thing was filled with images and colors. We were all happily browsing in a 3D colorful world when the lamestream media “discovered” Netscape. They poked around and saw the names of sites they had visited. The names were associated with weird strings they didn’t understand.

“Hmmm, what’s this?” an intrepid cub reporter asked?

“Oh, those? They’re called cookies.”

“How did they get here?”

Now Your JoeDog doesn’t know the how that question was answered back in 1995 but fsck that guy. Since the moment some wanna-be tech writer discovered cookies, we’ve been dealing with cookie hysteria. Someone is writing things to our hard drive! Yeah, you know who’s doing that? You are.

Here’s the problem: Hypertext transfer protocol (HTTP) is stateless. You send a request to a server and it sends something back. The server doesn’t hear from you until you make another request. There’s nothing in each ensuing request to positively identify you as the person who made that last request. To get around this problem, Netscape invented the magic cookie.

How does it work? We’ll nerdsplain after the jump….

Continue reading “No, A Website Doesn’t Write Cookies To Your Hard Drive” »

Posted in HTTP, Protocols | Leave a comment



Recent Comments

  • Jeff Fulmer: Ten isn’t a large number of concurrent users so you’re probably not opening more connections...
  • Snooops: Hey Guys, im running siege 3.0.9 with: siege -c10 -r once -f urls2.txt -b i get a lot of: [alert] socket:...
  • Oleg: Hm, i have the same problem as “Gokul Muralidharan says: July 27, 2012 at 1:00 pm” He says “I...
  • Jeff: Oleg, Because you told it to run just one repetition: -r1 I think what you’re looking for is...
  • Oleg: I think, i have found one bug. The command siege -d10 -r1 -c25 -f url.txt hits ONLY FIRST url. Why?