Several days ago I bemoaned the death of satire, but lest you forget what satire is:
Edie Oats, WI—First-year teacher Susan Potts was placed on unpaid administrative leave pending termination from her position at Forked Tongue Middle School for paying for a lunchtime snack with a Massachusetts state quarter.
“We have a strict zero-tolerance policy regarding firearms, and the Massachusetts quarter has a firearm depicted on it. A teacher, of all people, should know better than to bring such items on campus,” said Superintendent Stew Pid.
Pid was referring to the Ma ssachusetts quarter, released in 2000 as part of the US Mint's extremely popular 50 State Quarters Program. The Massachusetts quarter clearly shows a minuteman carrying a firearm.
“I thought all money was acceptable at school,” said Potts. “I just wanted a rice cake and gave the cafeteria lady some coins, one of which was the quarter in question. It never occurred to me to ‘screen’ my money, and I had no idea the cafeteria ladies were trained to look for people spending this particular quarter.”
Potts referred to a recently-instituted anti-violence program at school, the Cafeteria Workers Against Rotten Teachers Endorsing Rifles, or CWARTER.
“The CWARTER program is an effective anti-violence campaign implemented at all our schools,” according to Superintendent Pid. “We've trained all our cafeteria ladies to be on the lookout for money with weaponry on it.”
After spending the inappropriate quarter, Ms. Potts was placed on unpaid administrative leave. Next Tuesday she will plead her case before the school board, which is expected to terminate her employment immediately.
But the actual story being satirized is just as pathetic. And soon, teachers in Wisconsin will have to follow a policy about what they can and can't publish on their private Facebook page (no, really! Unless you're a member of Facebook, and are explicitely allowed by a fellow user, you can't see their page!).
Welcome to the Nanny State.
It must have been, oh, 1993 or 1994. I had just logged into the computer in my office at college (a very sweet SGI Personal Iris 4D/35) when I noticed something rather odd—I was already logged in. Upon further inspection, it appeared I was logged in from Russia.
Oh. How nice.
I don't pick easy passwords (just ask Smirk—he bitches everytime I pick a new
root password that he has to memorize). They really are a random pick of letters, numbers and punctuation with no rhyme or reason.
And yet, here was someone in Russia, logged into my computer.
This was before
ssh was even released, so everybody either used
rsh (which I couldn't stand) or
telnet. And the problem with both was that passwords were passed across the network in plaintext. And that was the problem.
At the time, I was working in the Math Department. On the other side of the building you had the Geology Department. And I should mention that at the time, the second floor was wired for 10Base-2 (all computers on a network segment share a single communications wire—think of a party line for computers).
Unbeknownst to me (or in fact, most of the people in the second floor) someone in the Geology department had decided to install a Unix system, only they didn't quite realize what they were doing because they left the root account without a password! And because the network was 10Base-2, it was real easy for a hacker to install a network sniffer and grab passwords as they were sent across the network.
Not much to guard against that type of attack.
Fast forward ten years, and my account is again hacked. This time it was an inside job—that is, a server I was maintaining for a company had been hacked by someone in said company (not really “hacked” as in he obtained the passwords) and compromised (backdoors and password loggers installed).
And again, not much I could have done to guard against that type of attack, except maybe to not log into personal machines from a work machine.
Fast forward to today. Saw the following on an internal trouble ticket from P:
[New SSH-only server] hacked?
/root/send/send.php? Looks like some type of spamming script.
I check, and sure enough, my account had been compromised. And this on a new server installed, with the absolutely latest version of
ssh (compiled from source!) and only one of three programs running (
syslogd which wasn't listening for a network connection, and
crond, which doesn't listen on the network).
And there it was, sending out spam.
Nuke. Pave. Do not pass Go. Do not collect $200.00.