Posted in Uncategorized | Leave a comment



stallmanYour JoeDog has blogged about cyber intrusions recently. (Yeah, we know, how about discussing something else?) In these discussions, he tends to avoid the terms “hacked” or “hackers.” While those words commonly refer to infiltrations and intruders, they are erroneously applied by the tech media. Hacking is an ethic to which hackers subscribe.

This ethic was popularized by Steven Levy in the book “Hackers.” To Levy, the last true hacker was Richard Stallman, founder of the Free Software movement.

In the early 1980s, software producers began putting restrictions on their products and stopped distributing their source code. This put a damper on the hacker community which was used to a free flow of information. Stallman was peeved that he couldn’t freely alter, copy and share licensed software with colleagues. It struck him as highly unethical. In “Hackers” he contrasted this ethic with his own:

“The hacker ethic refers to the feelings of right and wrong, to the ethical ideas this community of people had—that knowledge should be shared with other people who can benefit from it, and that important resources should be utilized rather than wasted.”

When it became apparent that he couldn’t fight City Hall, Stallman decided to build his own operating system. Its copyright would mandate code sharing. You could use the source however you liked as long as you published your changes and made the source available. Distributors could not restrict access to the code. This is the essence of the GNU Public License.

So the key points of hacker ethics were free access, freedom of information and the betterment of all. Yet somehow the term is now almost universally known for breaking-and-entering. Are these people hackers? Well, maybe.

Your JoeDog considers guys like Richard Stallman hackers. He considers himself a hacker as well. When dickheads were attacking his site, he published his method of thwarting them. That’s hacking. Breaking-and-entering guys? They’re just dicks.

Unfortunately, Your JoeDog doesn’t control the lexicon so the term is now applied to the world of cyber-security. And within that community, subcultures have formed. We now have white-hat, black-hat and grey-hat hackers. The first group is dedicated to finding, publishing and fixing security flaws. They are most assuredly hackers that Stallman would recognize.

Black-hats are dedicated to finding and exploiting computer vulnerabilities. Are they hackers? It’s a tricky question: they could be. There are many who publish and share their vulnerabilities. They may do that for LULZ instead of a desire to share for the betterment of the community but the result is the same. These guys often benefit the community but it’s a small community comprised of other black-hats. They tend to restrict information to the outside world.

Grey-hats are morally ambiguous types who fall in between the white and black communities. Your JoeDog considers them the least likeable of all the dark side. Grey-hats are the guys who will work within the white-hat community then sell a zero-day exploit on the black market. Fsck those guys.

As a general rule, if the tech media properly applies the term “hacker” then it probably pulled a Homer, i.e., properly applied the term despite the ignorance of the author.

 

Posted in Uncategorized | Leave a comment



No thanks.

Save To Job Cart Apply Online

Director of Vulnerability Management Engineering

Job Code: 4956568 Location: Washington, DC

 

Posted in Uncategorized | Leave a comment



Siege users will never get embarrassed like this….

[Techcrunch: Call The Geek Squad, Best Buy Crashes On Black Friday]

Posted in Uncategorized | Leave a comment



Here’s an interesting peek behind the scenes at Amazon Web Services:

Scale is perhaps the most important thing, and no one needs to teach an online retailer like Amazon anything about that. With Amazon, there is very little talk of public cloud, and that is because Amazon believes that, by its nature, cloud means it cannot be private. Over the long haul, Amazon believes the massive scale of the public cloud will mean that very few organizations will run their own datacenters.

Interesting throughout.  (H/T to Tim for bringing it to my attention)

[Enterprise Tech: A Rare Peek Into The Massive Scale of AWS]

 

Posted in Uncategorized | Leave a comment



A bug or a feature?

 

 

Posted in Uncategorized | Leave a comment



The things Your JoeDog will do for you….

A couple weeks ago he complained about Valgrind (and probably a whole bunch of other stuff but we’re talking about Valgrind now). His snippet was leaking memory and valgrind was unable to identify the leak. The leak was manually identified in this function:

ARRAY
array_destroy(ARRAY this) 
{
  int i;

  for (i = 0; i < this->length; i++) {
    xfree(this->data[i]);  
  } 
  xfree(this->data);
  this = NULL;
  return this; 
}

While we freed the elements of the array, we never freed the array itself. The leak is fixed like this:

ARRAY
array_destroy(ARRAY this) 
{
  int i;

  for (i = 0; i < this->length; i++) {
    xfree(this->data[i]);  
  } 
  xfree(this->data);
  xfree(this);
  this = NULL;
  return this; 
}

Today Your JoeDog was coding on the train again.  Before he boarded, he downloaded the above code onto his snazzy Linux laptop.  He was turning caffeine into code when wouldn’t you know it? Another stinkin’ memory leak. “What the hell,” he thought. “Let’s give valgrind another try.” Unfortunately it wasn’t installed on snazzy Linux laptop. For some reason, Amtrak’s proxy won’t allow downloads larger than 10MB. Stupid Amtrak.

That’s easy to bypass. Your JoeDog established an ssh tunnel from his laptop to this webserver and proxied to the Ubuntu repository.

 

--2014-10-25 10:15:13--http://us.archive.ubuntu.com/ubuntu/pool/main/v/valgrind/valgrind_3.10~20140411-0ubuntu1_amd64.deb
Resolving localhost (localhost)... 127.0.0.1
Connecting to localhost (localhost)|127.0.0.1|:11111... connected.
Proxy request sent, awaiting response... 200 OK
Length: 15078790 (14M) [application/x-debian-package]
Saving to: ‘valgrind_3.10~20140411-0ubuntu1_amd64.deb’
100%[=============================================>] 15,078,790 290KB/s in 73s
2014-10-25 10:16:26 (202 KB/s) - ‘valgrind_3.10~20140411-0ubuntu1_amd64.deb’ saved [15078790/15078790]
 Funny thing. That copy of valgrind found the leak. Guess where it was? Give up?
ARRAY
array_destroy(ARRAY this) 
{
  int i;

  for (i = 0; i < this->length; i++) {
    xfree(this->data[i]);  
  } 
  xfree(this->data);
  //xfree(this);
  this = NULL;
  return this; 
}

In order to illustrate his first post on valgrind, Your JoeDog commented out the fix he told you about. Well, this second copy of valgrind found it. So what gives?

1. Valgrind works and I’m sorry I busted on it.

2. RedHat’s version doesn’t seem to work but Ubuntu’s does.

 

Posted in Uncategorized | Leave a comment



There’s rumors on the Internets. “Oh, really? What do they say?” They claim your posting frequency affects Google’s crawling frequency. The more you update, the more often it crawls.

Your JoeDog wanted to scrutinize this hypothesis. He wanted to monitor his logs and compare Google’s crawl rate against his web site updates.

So he added this rule to fido.conf

/var/log/httpd/joedog-access_log {
 rules = Googlebot
 action = /home/jeff/bin/googler
}

With that config he produced this document: google.txt

“J!!!!!!!!” Funk shouted in IRC. “You need to verify Googlebot”

“You mean a lot people forge that User-agent?”

“I’ll bet forty percent is forged.”

“D’oh!”

Fido can’t validate an IP address, nor do I want it to. Still, it needs a new feature, namely the ability to interact with its action script. Your JoeDog will add support for regex capture to his rules. This will allow you to capture part of the match and send that text to your action script.

“I have no idea what you just said.”

Okay, let’s modify the rule above with its intended implementation:

/var/log/httpd/joedog-access_log {
 rules = ([0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+).*Googlebot
 action = /home/jeff/bin/googler
}

The parentheses are highlighted in red because they represent the proposed feature.

On a match, fido will capture everything inside the parentheses and send it as argument 1 to the googler script. In this case it will be an IP address which googler can then verify as one that belongs to Google. If you have multiple captures, fido will send them as space separated arguments, i.e.,  /home/jeff/bin/googler  173.240.11.11 GET /index.php

For a sh script, $1 = 173.240.11.11, $2 = GET and $3 = /index.php

If all I wanted to do was solve this problem, I’d just write a script that parses the logs. However, I think this will be a valuable feature that will allow fido more flexibility to solve all the world’s problems.

Posted in Uncategorized | Leave a comment



Your JoeDog hasn’t spent much time blogging about Bitcoin but it does interest him for two reasons: 1.) He studied economics in college and 2.) The rogue currency has a technology/Internets angle. From an economics perspective, a successful currency must provide a medium of exchange and serve as a reasonably stable store of value. Bitcoin certainly provided the former but the latter was always in doubt.

And doubt won. Since its peak, Bitcoin has lost two-thirds of its value. Its bust was obviously not without victims. From Izabella Kaminska, we hear the story of one of those victims. Redditor Whattodobtc appears to have impoverished himself with bad bets on Bitcoins.  Izabella claims, “Some extremely wealthy libertarians have a lot to answer for if these sorts of ppl lose all due to believing in them.” Your JoeDog is certainly no libertarian but he feels the burden of risks should be placed on those who take them.

Certainly there have been influential libertarians who’ve been pushing Bitcoin as a hedge against fiat money. And if people like Whattodobtc better understood currency, they’d be less inclined to go long on a Libertarian pipe dream. But is this any different than the hucksters who shilled gold as a hedge against non-existent hyper-inflation? If you believed Glenn Beck back in 2012 and sunk your savings in gold, you lost 36% of your investment. That’s not as depressing as Whattodobtc’s story but it’s equally devoid of a happy ending.

Whattodobtc posted to Reddit because he wanted advice. Should he sell or weather the storm? He should have posted a similar inquiry before he sunk his savings in Bitcoin. Personally, I’d sell now before all I had left were some worthless binary numbers.

Posted in Uncategorized | 1 Comment



Your JoeDog uses Ubuntu Linux on his laptop. A few years ago he was deep in siege development and he was caught without a working copy. “I wonder if … ” Your JoeDog thought, “I wonder if Ubuntu has it.” He ran ‘sudo apt-get install siege’ and there it was, ready for installation. The Big Boys were distributing his software and Your JoeDog was convinced that he was a Somebody.

If this happens to you, if a major vendor starts to distribute your software and you feel the need to tell people about it, take an opportunity to learn this lesson: nobody gives a shit. It’s a great feeling so you’ll probably ignore it. You’ll puff your chest and tell people, “Debian is distributing my software!” Instead of a pat on the back, you’ll hear “What’s Debian?” You’ll tell them and they’ll quickly change the subject. Trust the JoeDog on this one: nobody gives a shit. Your wife might give you a poorly acted, “That’s great, honey.” but at the end of the day, your software project excites people as much as your fantasy football team.

Now turn the clock up a few years. Yesterday Your JoeDog had an encounter with a with a compromised Mormon dating site. He wanted to see what software they were running so he ran ‘siege -g http://singlesaints.com/’ on his snazzy new System76 laptop. Turns out he didn’t have a copy. But wait a second: Ubuntu distributes siege, remember?

“What’s Ubuntu?” – See, I told you nobody cares.

When he went to run that command with Ubuntu’s siege he got this message: ‘siege: error while loading shared libraries: libssl.so.1.0.0: No such file or directory’

In recent days, our log aggregator has been telling us that many of you are googling ‘ubuntu siege libssl’ and it suddenly became clear why you were doing that. This nerdblogger decided to investigate the cause and document it here. As a diligent nerdblogger, he uninstalled siege in order to document the the problem from scratch. Funny thing. When he ran siege after the second install in order to capture the error message, there was no error message. Siege worked.

At this point all that is known is this:

  1. There appears to be a problem with siege on Ubuntu
  2. Here’s the error message: libssl.so.1.0.0: No such file of directory’
  3. libssl.so.1.0.0 was installed on the laptop in which this error was encountered
  4. After removing siege with ‘sudo apt-get remove siege’ and
  5. Reinstalling it with ‘sudo apt-get install siege’
  6. It worked.
  7. Your mileage will vary. If the problem persists you should post to the Ubuntu forums 

 

 

 

Posted in Uncategorized | Leave a comment



Recent Comments

  • CC: Many thks for your reply.
  • Jeff Fulmer: You mean your operating environment can only sustain more than 1000 connections for a few minutes....
  • CC: HI BUDDY I met this when the number of concurrent connections > 1000,siege can only sustained for a few mins....
  • Patrick: Hello- Have a simple 3 tier system and wanting to have multiple Siege testers run against multiple...
  • Oleg: Hello. Are the response time is the same as TTFB?