Creative hackers abound

05 February 2011 By 1 In malware, Techy Stuff

Well, I finally feel clean. Okay, I’m referring to all of the various sites I’m responsible for.  With one site in particular, it was brought to my attention that it was advertising things like Viagra and other online available prescriptions. When I started to pull up pages, I couldn’t find anything. Viewing the page sources revealed no abnormalities. Likewise, when I scanned the php files, I couldn’t find anything either. Needless to say, I was perplexed. Yet, there it all was. SPAM being broadcast in the search results and in the RSS news feeds.

After grepping through hundreds of files, and finally needing a break, I thought I’d look at another site that had bothered me. A couple of years back, my ex-wife’s site was infected with malware. It was so bad that the site got blacklisted. The way it ultimately showed up was that going to the site brought an immediate warning from Firefox. Well, I managed to clean the site and get it off the blacklist. However, it was still listed as being infected. As a result, my ex got discouraged and decided to stop blogging. And I felt pretty bad.

Well, this recent incident prompted me to look at her site again. I started thinking about different ways a hacker might be able to inject urls without them being visible in page sources. And then it hit me to check for iframe insertions. Sure enough, I got a hit when I scanned the root directory. The grep search found a hit in an old .sql backup file I had generated more than a year ago. So, I logged into the database server and began searching through the actual database entries. And there they were: iframe fetches buried throughout various comment threads. They didn’t show in the browser, but they were creating link chains to various SPAM sites when the Google-bots would come on by. That only took a few minutes to isolate all the links and remove them. A re-scan of the site revealed it was clean. Two years after the SPAM surfaced, it was finally gone.

Okay, fast forward to the new SPAM that had recently materialized. This also didn’t reveal anything in any of the source code or sql. In fact, I couldn’t find anything anywhere. The scan report from Sucuri called this malware SPAM:SEO. And despite some of the fixes available, I found myself in a unique spot and with no help in sight.

Again, I tried to think of different ways to embed URLs so that they could be seen. One site that had been hacked was done so with URLs listed in ascii hex format. I didn’t even realize one could do such a thing. But it made sense. But alas, that wasn’t what I was hacked with. So I kept thinking and then something new hit me… what about base64 encodes? That would keep the URLs from showing up to the visible eye or via greps. So I constructed a little test program to search the entire site. Sure enough, I found a bunch of base64 functions in a very strange place– within php files inside the images folder.

I’m not sure how these files got deposited. My guess is that during some older releases of WordPress, the uploads API might have been exploited. But at this point it’s just speculation.

I think I’m at the point where these guys are impressing me enough that I might have to begin broadening my search criteria when it comes to hiring smart software engineers. There certainly are some very creative people out there with perhaps too much time on their hands.

If you run into a similar hack on your site, let me know. And if I can help you clean it, I’d be happy to do so.

Continue reading

Recently ambushed, but I’ve retrenched

02 February 2011 By 0 In Encouraging Bits, Techy Stuff

Over the past year, I’ve had a bunch of different companies look at me for different work, mostly with respect to leading development or leading technology. Now, I already have a full-time job with Cachengo. And I love what I do. But I also know what it means to remain in the game and eligible. Stay out long enough, and you’re pretty much gonna be out for good. So I’ve entertained a few of them.

A few months back, I went a couple rounds (I think 9 of them) before I finally said not to contact me further. I was annoyed by how this company was gonna conquer the world, but they didn’t really know how and they didn’t have a product.

And then recently, I entertained some talks with another that showed a lot more promise. And they’re really at the top of their game. Alas, that has come to an end as well, but for different reasons.

When they started talking with me, they felt my background and what I’ve done was a perfect match. And frankly, I thought so too. They mentioned they weren’t looking for a developer, but rather for someone who could lead the technical direction and sew partnerships. And they emphasized repeatedly their desire for a guy who understood the business.

So, imagine my surprise when I was put through an essay exam on how to write device drivers. I have to admit, I was horrified by this. I had never been put through this type of test before– not for what I do.

After having a bit of time to think about the situation and to reflect, my attitude has changed a bit. Now I’m just plain miffed. I think my dad summed it up the best. He said that one of the problems with most companies and their hiring process is that you inevitably come up against someone who feels it’s his job to find out why you shouldn’t be hired.

I’ve never done device drivers before. And this came out in the discussions, even with the guy who ambushed me. I even told them I’d never consider myself a developer, though I’ve written quite a bit of code for Cachengo and for my previous companies. I exlained further that the reason I classify myself differently is that I’ve had no real formal training in how to write software or in the various programming languages. But as a mathematician, I understand logic. And I understand systems. It really doesn’t matter what language is thrown at me, I Google and as what I don’t know. And I focus on what I do know.

As a result of the way I do things, I’ve been able to prototype new products and features that entire engineering teams would struggle to derive. This is because I don’t get wrapped around the axle with respect to sound practices or to why something shouldn’t work. Regardless, of how people feel about this trait, it has worked very well for those I’ve worked for.

Anyway, all of this was explained upfront, well before the ambush took place. And I think that a little courtesy should have been employed. If this was truly a requirement for the position, it should have been stated upfront. And if it wasn’t, it shouldn’t have been done. But to surprise me with it and to waste my time, is a huge-ass insult. And if this is how that company operates, I’m only too happy to come up with some solutions that make life a little more shitty for them.

Maybe I do suck at programming. Hell, I can’t recall how many times I’ve told that to my engineering team. It doesn’t change the fact that I’m still responsible for more than 90% of the shipping software. I think that’s significant. And I think that should stand for itself.

Over the years, I’ve gone through my various phases of discontentment with myself. But when I remind myself that it doesn’t matter if I can hold my own with the best software engineers. I do something most of them cannot do. And they most certainly bring something to the table that I can’t do and wouldn’t do even if I could. In other words, there is ZERO overlap and great synergy.

And now that I’ve reminded myself of these little truths and have fully re-trenched, I’ve re-written some major pieces of software at Cachengo and significantly simplified and sped up some things. In one particular piece of management software, I reduced the code 75% at around midnight last night. I woke up from a nap and it just hit me how to do it and I was done, had it tested and had it re-deployed on all customer systems in around 30 minutes or so.

I’d like to see the guy with the stick up his ass do that. And to the management team at the company looking at me, this is the reason you were interested in me in the first place.

One of the other little truths I’ve discovered over the years is that some of my best work and my best innovations have come when I’ve been pissed off. Needless to say, this past weekend was one of those times. I’ve had a security product in my head that really started to take life this weekend. We’re talking product architecture, first product, several major services, my management infrastructure and a few other things. And I really hadn’t done embedded work since my very early days in the disk drive market (early 90s). But I have my initial software stack and OS fully ported to the ARM processor now. I’d never done that before. And it was like I’ve done it my whole life.

If there’s anyone out there who would like to poor cold water on me or on what I do, go for it. I really don’t care. As one friend termed it, it’s all just “Tacklin’ Fuel”. Perhaps I am the Waterboy of technology. That guy hit hard and he still got Vickie Valencourt in the end.

To summarize, I currently find myself in an unusual state of anxiety. But it’s the good kind. The kind where you find yourself chomping at the bit. Well, that’s me. I’ve got a great rhythm and flow of new things coming out of me. And I’ve had some great sales calls over the past two weeks as well. Needless to say, I’m in the zone right now. And heaven help anyone who gets in the way of that.

Continue reading

Ugh, training was tough last night

18 January 2011 By 0 In BJJ

A week ago Sunday, I ended up hearting my right knee while training. My partner and I had been training for pretty near two straight hours and I was feeling pretty good overall. I had been suffering from dehydration and my heart rate had been pretty jacked up for a couple of weeks. So my goal was just to have non-stop pressure applied while I relaxed and worked on defense and escapes. I wanted to get comfortable with heavy weight and constant attacks. It worked pretty well. Until…

The problem came at the end when I tried one more escape in the time we had left. It required me to bridge into my opponent. Well, besides trying to get used to more pressure, I’ve been working on a few other things as well:

  1. Cleaning up my techniques
  2. Working on my guard and guard passing
  3. Really bridging hard, using my hips on my bumps, etc.

It was mission accomplished on my bridging. I bridged really hard, with lots of extension. My opponent then leaned back into me with all of his weight, which prompted me to bridge harder. This last action resulted in my right knee popping. I had the same wonderful sensation when I tore my MCL on my left knee 6 months earlier.

I tried training again last night, after taking a week off. But it just hurt most of the time. I have zero lateral support in my knee.

I’ve been trying to prepare for the Tournament of Champions 8 on February 5th, but now I’m afraid I might have to pass and look towards the next tournament. Last year I competed with an injured shoulder, which was re-injured days before the tournament. It severely hampered my performance. While this might seem like deja vu all over again, it’s worse. Takedowns, closed guard, sweeps, guard passing, triangles, all seem to require the legs.

Anyway, I’m still gonna train, but lightly. And I suppose I’ll see where things end up.

Continue reading

Inverted triangle from side control

10 January 2011 By 0 In BJJ

Typically when I am trying to escape from side control, I will bridge into my opponent and then bring my top knee through first and then my bottom leg. My goal is to replace guard as quickly and as efficiently as possible. So, this move requires a little bit of re-training.

I still bridge into my opponent the same way, but I bring my bottom knee through first, so that it’s across my opponent’s belly. I then straighten my body and square up, just as if I was using a knee shield from half guard.

As I straighten my body, I want to take my other leg and bring it in so that my knee is pointing upward and is in my opponent’s bicep and shoulder area. I am also controlling both sleeves at this point.

Now, the trick is to get my opponent to try to come under my top leg. So don’t fight it if that’s what he’s trying to do. We want to be able to get our leg around his neck so that it’s nice and tight in the knee. Bear in mind that normally we would take that leg and try to wrap the neck from the outside vs the inside like what we’re doing here.

Angle is going be critical so we want to get our opponent turned and turtled so that we’re perpendicular. That bottom leg, that has been on the belly, is going to shoot through so that it can lock up with the other foot to complete the triangle. To tighten up the choke, we need to pull hard on the outside arm. If we pull on the inside one too, it’ll simply create a lot of pain against the ribs, which may be alright in a competition.

As much as possible, we want a constricting motion. That means squeezing with our hamstrings. The natural tendency is to pull the outer arm while pushing with the hamstrings. This simply gets uncomfortable, but not tight enough to choke. I have found that if I walk my foot around, I can tighten up the triangle considerably and without a lot of effort.

Continue reading

Knees flared armbar from closed guard

09 January 2011 By 0 In BJJ

So, learned an interesting new move yesterday. It was executed from the closed guard as a counter to the kimura counter of straightening the arm.

Basically, when you come up and wrap the arm and grab your wrist, your opponent tries to defend by straightening his arm. When that is done, you simply come back down and and with his arm still wrapped, drag his arm over to the opposite side of your own body. With your other hand, grab the other arm by the gi, from the back of the tricep. You should have both arms pretty tightly secure.

If you tried doing the kimura on your left hand side, then you’re gonna rotate so that your right leg can come over your opponent’s head. To maximize the effectiveness, you’re gonna cross your feet and flare your knees so that there’s extra pressure across his face, which keeps him from defending the armbar.

Continue reading

prev posts prev posts