The Boston Diaries

The ongoing saga of a programmer who doesn't live in Boston, nor does he even like Boston, but yet named his weblog/journal “The Boston Diaries.”

Go figure.

Monday, February 16, 2009

Satire done right

Several days ago I bemoaned the death of satire, but lest you forget what satire is:

Edie Oats, WI—First-year teacher Susan Potts was placed on unpaid administrative leave pending termination from her position at Forked Tongue Middle School for paying for a lunchtime snack with a Massachusetts state quarter.

“We have a strict zero-tolerance policy regarding firearms, and the Massachusetts quarter has a firearm depicted on it. A teacher, of all people, should know better than to bring such items on campus,” said Superintendent Stew Pid.

Pid was referring to the Ma ssachusetts quarter, released in 2000 as part of the US Mint's extremely popular 50 State Quarters Program. The Massachusetts quarter clearly shows a minuteman carrying a firearm.

“I thought all money was acceptable at school,” said Potts. “I just wanted a rice cake and gave the cafeteria lady some coins, one of which was the quarter in question. It never occurred to me to ‘screen’ my money, and I had no idea the cafeteria ladies were trained to look for people spending this particular quarter.”

Potts referred to a recently-instituted anti-violence program at school, the Cafeteria Workers Against Rotten Teachers Endorsing Rifles, or CWARTER.

“The CWARTER program is an effective anti-violence campaign implemented at all our schools,” according to Superintendent Pid. “We've trained all our cafeteria ladies to be on the lookout for money with weaponry on it.”

After spending the inappropriate quarter, Ms. Potts was placed on unpaid administrative leave. Next Tuesday she will plead her case before the school board, which is expected to terminate her employment immediately.

Right on the Left Coast: Views From a Conservative Teacher: Teacher Fired For Spending A Quarter At School

But the actual story being satirized is just as pathetic. And soon, teachers in Wisconsin will have to follow a policy about what they can and can't publish on their private Facebook page (no, really! Unless you're a member of Facebook, and are explicitely allowed by a fellow user, you can't see their page!).

Welcome to the Nanny State.


Governments aren't the only ones that are Balkanizing the Internet

It must have been, oh, 1993 or 1994. I had just logged into the computer in my office at college (a very sweet SGI Personal Iris 4D/35) when I noticed something rather odd—I was already logged in. Upon further inspection, it appeared I was logged in from Russia.

Oh. How nice.

I don't pick easy passwords (just ask Smirk—he bitches everytime I pick a new root password that he has to memorize). They really are a random pick of letters, numbers and punctuation with no rhyme or reason.

And yet, here was someone in Russia, logged into my computer.

This was before ssh was even released, so everybody either used rsh (which I couldn't stand) or telnet. And the problem with both was that passwords were passed across the network in plaintext. And that was the problem.

At the time, I was working in the Math Department. On the other side of the building you had the Geology Department. And I should mention that at the time, the second floor was wired for 10Base-2 (all computers on a network segment share a single communications wire—think of a party line for computers).

Unbeknownst to me (or in fact, most of the people in the second floor) someone in the Geology department had decided to install a Unix system, only they didn't quite realize what they were doing because they left the root account without a password! And because the network was 10Base-2, it was real easy for a hacker to install a network sniffer and grab passwords as they were sent across the network.

Not much to guard against that type of attack.

Fast forward ten years, and my account is again hacked. This time it was an inside job—that is, a server I was maintaining for a company had been hacked by someone in said company (not really “hacked” as in he obtained the passwords) and compromised (backdoors and password loggers installed).

And again, not much I could have done to guard against that type of attack, except maybe to not log into personal machines from a work machine.

Fast forward to today. Saw the following on an internal trouble ticket from P:

[New SSH-only server] hacked?

What is /root/send/send.php? Looks like some type of spamming script.

I check, and sure enough, my account had been compromised. And this on a new server installed, with the absolutely latest version of ssh (compiled from source!) and only one of three programs running (syslogd which wasn't listening for a network connection, and crond, which doesn't listen on the network).

And there it was, sending out spam.

Nuke. Pave. Do not pass Go. Do not collect $200.00.

Sigh.

Obligatory Picture

[The future's so bright, I gotta wear shades]

Obligatory Contact Info

Obligatory Feeds

Obligatory Links

Obligatory Miscellaneous

You have my permission to link freely to any entry here. Go ahead, I won't bite. I promise.

The dates are the permanent links to that day's entries (or entry, if there is only one entry). The titles are the permanent links to that entry only. The format for the links are simple: Start with the base link for this site: https://boston.conman.org/, then add the date you are interested in, say 2000/08/01, so that would make the final URL:

https://boston.conman.org/2000/08/01

You can also specify the entire month by leaving off the day portion. You can even select an arbitrary portion of time.

You may also note subtle shading of the links and that's intentional: the “closer” the link is (relative to the page) the “brighter” it appears. It's an experiment in using color shading to denote the distance a link is from here. If you don't notice it, don't worry; it's not all that important.

It is assumed that every brand name, slogan, corporate name, symbol, design element, et cetera mentioned in these pages is a protected and/or trademarked entity, the sole property of its owner(s), and acknowledgement of this status is implied.

Copyright © 1999-2024 by Sean Conner. All Rights Reserved.