Recursion Level 21 Exceeded

recursionYour JoeDog’s long national mail nightmare is over.

Here at JoeDog Industries we forward our mail to Gmail. Google de-spams them and places them snuggly into our mailboxes. When we send mail, Google masquerades as us, Your JoeDog. To play this game, they want secure authentication. It logs into our sendmail server which relays our precious messages.

Since our server was configured so that only authenticated users could relay and since Google was de-spamming our messages, Your JoeDog was all, “Why should we even bother with the bloated pig known as spam assassin?” So we shut it down and removed it from the system. Done and done, amirite?

Life was good! We were running a mail server on the public internets without paying a heavy price in terms of administration or computing costs.

Now Your JoeDog studied economics and one thing he learned was this: There’s so such thing as a free lunch. Well sum bitch if that ain’t true. A couple weeks ago, Gmail decided it would start bouncing obvious spam. Guess what happened?

They bounced the message and our mailer sent it back. So they bounced it again and we promptly sent it back. While this was going on, Amazon was all “Why are these fsckers crushing our infrastructure?” So they throttled our asses at the firewall. So then the mail queue started backing up.

At that point Your JoeDog was all, “UGH! We have to run spam assassin again.” The idea was this: We’ll catch spam before it gets to Google then they won’t bounce it back.”

Seems like a good idea, right? WRONG!

Google is better at this shit than Your Spam Assassin. Even though we caught a bunch of stuff, they found plenty more to bounce at us. With Amazon throttling us and Google bouncing us, JoeDog Industries became The United States of Suck.

The solution to this cluster bump turned out to be pretty simple. We’ll learn about that after the jump! Continue reading Recursion Level 21 Exceeded



Cyber Threats Against Surgical Robots

Robot Surgeon

Things that would suck for one thousand, please, Alex.

Imagine — and why the hell not? — that you need an emergency appendectomy. Yours is about to explode because why-do-we-even-have-those-things? You are rushed into the operating room and placed on a table beneath a curious apparatus. “Get me a nerd, stat!” Somebody shouts.

A man in surgical clothing greets you. “Relax,” he says. “I’ve done a million of these.” He pushes a button and mask drops and smothers your face. The man’s credentials don’t match what your parents expected from their emergency room staff. The “doctor” is a computer operator, a Microsoft Certified Surgeon from ITT Tech. Your procedure begins when he selects “Appendectomy” from a drop-down menu. It is performed by a robot that immediately goes to work, carving into your body in search of an inflamed appendix.

Suddenly the robot orders silicon. Unexpected noises fill the room as the augmentation unit fires up. “WTF?” the operator types into his IRC session. “This thing’s going haywire.” Everyone in the channel responds in a similar manner: “LOL!” they type back. “This is serious shit!!!1!1!”, he anger-types. “ROTFLMAO!” they reply.

The robotic knives withdraw from your abdomen. The apparatus glides on tracks as it works its way towards your chest. It starts to make cuts around your nipples. The operator is agog; his jaw drops and he’s unsure what to do. The augmentation unit descends and attaches to your chest. Silicon starts flowing. The operator starts smashing his keyboard. “Why does this shit always happen on a Friday afternoon??!!” he screams. “LOL!” the IRC channel says.

So what happened? The hospital didn’t keep its goddam software up-to-date. The surgical robot was hacked. And now you have lady tits because 4Chan was in need of some afternoon LOLz.

Sound far-fetched? A team of researchers at the University of Washington in Seattle just hijacked a teleoperated surgical robot and documented its security vulnerabilities in a new white paper. Great! As if surgery wasn’t stressing enough, here’s one more thing to think about.

At least the guys at 4Chan gave you big ones. (They’re a little obsessed with breasts over there…)



Internet Troll Hijacks A Sendmail Question

Your JoeDog wondered if he could throttle incoming email so he went to the google machines to search for an answer. Mike B had a similar thought. On Serverfault he asked, “How can I throttle incoming emails in SendMail for a specific recipient?”

Awesome! Let’s see what the internets has to say about this.

Andrzej A. Filip responded: Could you elaborate a little “WHY do you need it?”/”WHAT do you want to achieve?”?

Lookit Andrzej A. Filip drinking a tea with an extended pinkie finger. His time is so god damn important that he’s not answering shit unless he knows that’s person’s entire thought process.

Just consider his inflection. He loud-capped the first word. “WHY do you do need it?” That’s a question. Here’s another one: “WHY do you fscking care?”

Obviously Mike B has a goal he hopes to achieve or he wouldn’t have tossed that question to the internets so assholes like Andrzej A. Filip could hijack the thread with concerns about his underlying motivation.

It’s been a year and the question remains unresolved. Good job, Andrzej A. Filip. Good fscking job.



Now Go Find It

Your JoeDog caught this blurb on the Internets: “Audi, the German carmaker, said it would test a program in which packages are dropped off into the trunks of people’s cars solving the problem of no one being home.”

Um, …



Use Break Statements, People

A few years ago, Your JoeDog was re-working someone else’s code. Fun times!  It was written in java by a professional web shop out of Chicago. He’s not going to name the shop but it rhymes with “Oxy Dom.”

In one particular segment, there was a big mother of a switch statement with perhaps a couple dozen case conditions. That’s quite a few case conditions! But here’s the thing about this code which was executed by a highly paid software engineer. It contained no break statements.

Why does that matter? Let’s find out after the jump! Continue reading Use Break Statements, People



Modify It; Don’t Criticize It

Audi TFSIWhen Your JoeDog got a new car, the first thing he did was modify it. He added another 37HP with help from the folks at APR Tuning. Your JoeDog’s attitude toward cars mirrors his attitude toward software. If he owns it, then he should do whatever he wants with it as long as he doesn’t hurt somebody.

Cars and software run best when they run fast.

Well now here’s something that makes Your JoeDog want to down 10 bottles of Mad Dog and follow that with a codeine chaser:

Automakers are supporting provisions in copyright law that could prohibit home mechanics and car enthusiasts from repairing and modifying their own vehicles.

Did you get that? A Federal agency will determine whether or not tinkering with your car constitutes a copyright violation. When Your JoeDog saw that he thought, “Who do I have to nut punch and where does the line form?”

If you’re a nerd of a certain age, just about every outrage traces back to the Digital Millennium Copyright Act of 1998. Well, guess what?

Since cars are now rolling computing platforms, manufacturers have asked the Copyright Office to determine whether or not the DCMA protects their intellectual property and prohibits people from modifying and tuning their own vehicles.

Assholes. It’s not like we’re going to Detroit, Wolfsburg or Ingolstadt to tell manufactures how to construct their vehicles (although that couldn’t hurt). As it stands, we’d rather just take delivery now and improve the car our god-damn selves. Don’t mess with that, Washington.

[H/T: Slashdot.org]



HTTPS Happy Nice Time

As you may have noticed, here at JoeDog Enterprises Incorporated Ltd ESQ Inc., we switched from http to https last weekend. Exciting!

We warned you that such a move could be accompanied by unintended consequences. But keep in mind, not all side effects are bad. Just like painkillers can provide a little glow along with relief, some changes can provide unintentional benefits. Here’s the story of one of them.

This morning we noticed skiddie activity. That’s not unusual. Every morning we notice skiddie activity. Some asshole from 192.210.220.2  in Williamsville, NY is running an attack right now. Our http logs are filling with this activity:

192.210.220.2 - - [20/Apr/2015:08:32:35 -0400] "POST /xmlrpc.php HTTP/1.1" 
302 213 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)"

See that 302? That means our http virtual host is issuing a redirect to https. Here’s the thing: He doesn’t appear in the https logs. That means his stupid skiddie script is too dumb to follow the redirect. For the past hour he’s done nothing but causing meaningless redirects …

… and now he’s blocked.

UPDATE: Those 302s are now 301s as per Tim Funk’s recommendation. If skiddie can’t follow 302, he can’t follow 301 either….

UPDATE: That’s weird. My linky text is recommendation — as in “Tim Funk’s recommendation” — but magic is turning it into “Tim Funk’s 1 comment.”



How To Switch Your Site To HTTPS

I told you that Your JoeDog would eventually complete that task. There was no need to remind us every couple of months. It’s done, now. Cross it off the list.

Congratulations, I guess?? What task is now complete?

Last August Your Google announced that it would give all sites running https a slight rankings bounce. Your JoeDog thought, “Yeah, yeah, yeah. We should do that.” Then August became October and October became January and January became whatever comes after that. Now you’re able to read this blog over a secure connection.

Let’s set-up https after the jump! Continue reading How To Switch Your Site To HTTPS