House Votes 429-2: That Rob Warmowski Was Right

Last month, when President Obama used a signing statement to evade accountability concerning White House negotiations with the IMF, I posted about it at Huffington Post. Checking out the comment stream there will show the brickbats that are earned when a leftist complains about a corporate centrist President – as well as the attaboys from detestable right-wing douchebags.

The funny thing is, today, the House of Representatives went an voted 429-2 to do exactly what I did in print: call bullshit on the signing statement, and on the White House’s far-too-comfy relationship with the Wall Street pigs who doubled down all of us on mortgages they knew were bad.

I did a longer piece at HuffPo today in response.  Thanks, Congress.

Three-Day Long DDOS Attack From North Korea?

Image via Wikipedia

Is North Korea pwning teh intertubes?

According to Associated Press reports here and here, both US Federal websites and South Korean governmental websites are undergoing constant denial of service attacks, which has effectively removed these sites from the Internet.   Affected are the websites for the US Treasury Dept, Federal Trade Commission and Transportation Department.

Further, South Korea reports the presidential Blue House, the Defense Ministry, the National Assembly, Shinhan Bank, Korea Exchange Bank and top Internet portal Naver have undergone DOS attacks for the same period.

The attacks have been sustained over three days, which is unusual for this kind of internet attack. Network World reports the list of IP addresses sending out bogus traffic numbers 50,000 and according to a quoted security expert is using 10-20 GB of bandwidth per second, or ten times greater an amount than the average DDOS attack.

Although there is no evidence at this time of the attack’s source, the seemingly simultaneous targeting of US and South Korean sites brings to mind the common political enemy of both countries, North Korea.  Even though Internet infrastructure in that country is poor, mounting a DDOS attack using a botnet does not use local bandwidth and doesn’t need widespread local infrastructure.

In a denial-of-service (DOS) attack, a website is targeted with millions of false requests for web pages until the targeted website can no longer respond to legitimate requests for pages, effectively removing that website from service.   A plain DOS attack has a single vector – that is, the fake traffic comes from a single or small range of IP addresses, and as such can be stopped by the targeted web site’s owner blocking all requests that come from the offending IP addresses.

But the three-day length of the attacks strongly suggests that the attacks are in fact distributed DOS (DDOS) attacks, from which there is no effective defense. Under a DDOS attack, the false traffic requests come from hundreds or thousands of machines located physically all over the world.  Due to the high number of machines that are the source of the false requests, blocking all the IP addresses to stem the flow of bogus traffic becomes nearly impossible.

Often, these machines comprise a botnet, a name given to an ad hoc network of machines – personal, work, school – that have had their own security compromised,  and who follow instructions from the party that compromised the security in the first place.

Large botnets capable of sustained DDOS attacks have been a reality since ever since huge numbers of consumer operating system machines around the world such as those running Microsoft Windows have been left attached to the Internet full-time on DSL or cable modem.  An attacker can compromise the security of such a machine and leave upon it a “bot” process, which is software that quietly and invisibly waits for instructions from the controller of the botnet.

Botnets have been sold on the black market, used in DDOS attacks, used to spread worms and viruses and remain a real feature of the Internet that leverages consumer ignorance and the Internet technical architecture into a potentially devastating weapon that threatens whatever sites it wants whenever it wants.

UPDATE 1

A post at Comodo.com identifies a targeted host list as well as the Windows malware that is used in the botnet attack: Additionally, the poster says the IP addresses that the attacks are coming from are located inside China.

DDOS attack files.

filename: msiexec2.exe
size:33,841 bytes
When msiexec2.exe being excuted, it creates ‘uregvs.nis’ file.
There are many target addresses inside of msiexec2.exe code.

Following files attack those web sites.

filename:perfvwr.dll
size: 65,536 bytes

filename: wmiconf.dll
size: 67,072 bytes

some evidences about this attack.

1. attacker’s IPs came from China.
2. Using Botnet.
3. Using Zombie PC.
4. spreaded by internet.
5. it changes it’s code automatically.
6. addresses can be changed by attackers.

It has following Target Addresses.
Following addresses are related with South Korea gov and USA gov.
The attacker’s IPs came from China.

[Target addresses]
Some of websites still can’t be connected or slow.

<Korea>
banking.nonghyup.com – bank
blog.naver.com -portal
ebank.keb.co.kr – bank
ezbank.shinhan.com  -bank
mail.naver.com  -mail service
www.assembly.go.kr -gov
www.auction.co.kr
www.chosun.com -journal
www.hannara.or.kr -a political party
www.mnd.go.kr -gov
www.mofat.go.kr -gov
www.president.go.kr -gov
www.usfk.mil -US military website in korea

<USA>
finance.yahoo.com -portal
travel.state.gov -gov
www.amazon.com
www.dhs.gov -gov
www.dot.gov -gov
www.faa.gov -gov
www.ftc.gov -gov
www.nasdaq.com -stocks
www.nsa.gov -gov
www.nyse.com -gov
www.state.gov -gov
www.usbank.com -bank
www.usps.gov -US postal service
www.ustreas.gov -gov
www.voa.gov -voice of america
www.voanews.com
www.whitehouse.gov -gov
www.yahoo.com -portal
www.washingtonpost.com -journal
www.usauctionslive.com
www.defenselink.mil -military
www.marketwatch.com -stocks
www.site-by-site.com

Vice President Biden Terribly Rude To The Memory Of An Old US Chum

A Light Moment At the SOB Ball

“That S.O.B. is rolling over in his grave right now,” said Vice President Joe Biden of the late Saddam Hussein while visiting Iraq on July 4th.

Look, I understand what happens when a US figurehead gets a snootful of self-righteous holiday spirit and exults a scathing damnation of all things evil – sometimes the patriotism causes one to paint one’s self into a rhetorical corner.  So if President Obama can forgive Biden for once complimenting Obama by referring to him as “clean and  articulate” I too can forgive the VP for his bad manners.

But I wonder: can Don Rumsfeld do the same?

I imagine the former two-time Defense Secretary wistfully reviewing the photos of old friends, mayhaps made a tad misty by memories of happier times with bosom buddies of the United States who, like him, just got a bad rap in the end.

Okay, not exactly like him.  Some people get a rap, other people get a rope.

Happy 4th, if you can manage it.

Devo: Don’t Shoot, I’m A Man

“DON’T SHOOT” – DEVO from DEVO Channel on Vimeo.

Great new song, great new video from the Casale/Mothersbaugh axis.  I knew those inflatable-fan-guy things that you find parked in front of muffler shops and flea markets were totally Devo. Word is there’s a new Devo album in the works for Fall of this year. Oh, Dad, we’re all Devo!

For more DEVO at RW370:

What’s In Devo’s Basement?

Led Zeus Shit Jar – On Devo’s Gerry Casale and the Jesus Lizard

Two More At HuffPo

Enjoy (or don’t) a pair of sociopolitcal screeds of mine at Huffington Post — if you can tear yourself away from HuffPo’s outpouring of Michael Jackson-related garment-rending :

President Obama’s Clear Abuse Of Power Cited By…Senator Obama – with related commentary

Racism And Other Paranoid Delusions

Shooting, Or The Shot?

One (far less visually appealing) way to climb on top of a tank

The line has been drawn.  Last night, Iran’s Ayatollah Khameni cracked his whip and demanded an end to the mass protests roiling across the country all week.  With hundreds of thousands of blue-jeaned, Chuck-Taylored protesters in the streets of Tehran, a showdown is fast approaching.

Unlike at Tienanmen, these anti-authoritarian protesters are much greater in number and spread far wider.   Also, they are urban, pro-Western,  many are reportedly pro-American, and they are likely to face the guns of their own military tomorrow.  The stakes in this nascent revolution are huge for young Iranians, already bloodied and likely to shed more tomorrow. In that, I wish them the best.

The stakes are also considerable for persons outside the country who have the greatest stake in fomenting a distorted image of a Muslim enemy.

Something about looking at the vast swathes of citizenry in the streets tells me that Iranian army commanders aren’t looking forward to this encounter, and I have an intuition – - call it a hope — that tomorrow will be bloodier for the regime than for the people.

In that case, imagine one iconic photograph, surfacing this weekend or soon after:  A young Persian woman, perhaps without a headscarf, big-eyed and beautiful in blue jeans.  She is perched upon a tank, smiling and waving.  Her Chinese-made Converse Chuck Taylors bring a touch of the Ramones to the sandy beige of the painted armor plated vehicle. She waves to her countrymen, perhaps granted this chance by an Iranian army commander who has refused orders to fire on the crowd.

If we are blessed to see that photo, not everyone will cheer.  For those whose livelihoods are dependent on what we used to insanely call “The War On Terror,” such a photo means they are going to have a bad year.  Years of PR groundwork will have been trashed in the click of a digital camera.  They’ll need to hurry back to the drawing board to gin up new demons to jiggle in the faces of those who are most susceptible to boogeyman politics.  What else can AM hate radio or the Republican party do when their treasured “Axis Of Evil” is finally represented by a cute girl in gymshoes?  How will Israel’s Likud party continue to leverage Iran into its own bloodthirst in Gaza or its settlement fever when Israel loses their photographic monopoly on hot Middle-East women posing with weapons?  What will the Pentagon and the neocon hawks do when, as happened with the Soviet Union, the opposing team packs up and goes home?

Each would find new enemies, of course. That’s what paranoids do. But it would take time, and meanwhile, perhaps one repressive theocracy will have been relegated to the dustbin of history.

Great Moments In Complete Bullshit: Potatogate

On June 26, Chicago Police who were on duty during the 1968 Democratic Convention riots will hold a convention of their own. “It’s just a get-together for guys who worked together 40 years ago,” says Mark Donahue, President of the Fraternal Order of Police, the convention’s organizer.  “Nothing more.”

All I want to know is if the convention will include breakout sessions with discussion topics focusing on specific aspects of the CPD’s handling of the protesters and of the media surrounding the riots.  Will one such session focus on total fabrication of details and demonization of the activists?  Is there anything to be learned from past mistakes in that regard, one such mistake shown in this picture (Chicago Tribune archive photo)?

Here, a CPD sergeant gingerly holds a potato which has been adorned with razor blades, an alleged weapon presented as proof of the lethal force demonstrators were willing to use against the cops.

Of course, as Sergeant Spud here clearly demonstrates, if a protester were actually to throw this potato, the act of gripping it might cause his severed fingers to fall to the ground around his sandals.  This “weapon” is about a fraudulent as the Gulf of Tonkin incident itself, which was used to begin the US-Vietnam war that put the protesters on the streets in the first place.

It’s an old fight, I know, but Great Moments In Complete Bullshit don’t fade with time.  That’s what makes them Great.

Bob Bogle Of The Ventures 1934-2009

Bob Bogle, Ventures co-founder, bassist, and guitarist, (pictured, far right) has passed away at 75. The heart / arm mechanics of a great, driving bass player are a thing to behold, and Bob had one of the best.  Forged in the heavy twang crucible that was the Ventures, founders Bob and Don Wilson found the vein of solid rock underneath the repertoire of the day (Walk Don’t Run) preferring a pushy, lyrical, powerful approach to guitar that would launch a million bands in a billion basements. Originally the lead guitarist, Bob stepped aside and into the bass player role when they found the awesome Nokie Edwards, giving their instrumental combo full throat and giving the world the prototype of the surf-rock sound. Bogle performed with rhythm guitarist Don Wilson as if they were brothers, inseperable in their energentic readings of world-renowned tunes that sold somehwre between 200 to 500 million records worldwide. He is already missed.  So long, Bob.  Tell Dee Dee we said hello.

Proxies and DDoS Attacks: Internet 2, Ayatollahs 0

Monitoring the Twitter tags #iranelection and #iranproxy shows some pretty historic interplay between the unrest on the ground in Iran and the modern social media fabric.  Iran can’t shut off the internet in the country, as too much of its economy is dependent upon it. So the clerics who rule Iran and to whom the President answers, have blocked sites such as Twitter in order to attempt to prevent messaging from getting out while the police and army attempt to brutally put down the insurrection.

The blocking is not working.

1) Proxies:  The blockages are implemented as a list of IP addresses that the government makes unreachable from inside Iran.  But techs around the world are offering up proxy servers as relays for Iranians to use, and new ones are showing up on Twitter at the rate of one every three to five minutes.  A proxy is a relay that the clerics don’t know about that Iranians can use to get to sites that have been blocked by the ayatollahs.  The clerics’ tech crew may run around blocking these relays by adding them to the country-wide ban, but they probably can’t keep up with this many addresses at this rate of introduction.  Twittering has therefore NOT been cancelled in Iran, despite what the clerics have attempted.

2) DDoS Attacks:

RT @brookenchain ATTACK LINK TO IRIB: http://tinyurl.com/nyutjc open and keep it refreshing till looks unreachable pleasTHANX! #iranelection

Not only has outound contact been maintained, but the election “winner” Mahmoud Amahdinajad’s own websites have been blown off the web by twitterers.  Tweets such as the above are distributed denial-of-service attacks upon Irib, an official website of Amahdinajad.  The link leads to a auto-refresher that’s ponited at the targeted website, and refreshes itself once a second.  Send this link out to a zillion twitterers, and bye-bye target under a flood of bogus traffic.  There is no defense against this since the attack comes from all over the net.  And tweets against this and other official Amahdinajad sites have been coming many per minute.

At this time, unrest is reported (mainly on Twitter — no, don’t wake up from your nap, CNN) all across Iranian cities and the situation is touch and go.

Land The Tech Job You Love

Hey! I know that guy!

Programmers! Project managers! Are you in the career doldrums?  Did you take your last job (or last three jobs) for the wrong reasons?  Have you not exactly taken advantage of the seller’s market in technology employment?  Do you have trouble discerning between brown-nosing and getting raises and promotions? Have you ever used an orange diskette?

If you need a better tech job, you may need to free your mind so your ass can follow. You don’t need recruiters.  You don’t need to move to San Jose. What you need is my pal Andy Lester’s new book Land The Tech Job You Love.*  Out today from Pragmatic Bookshelf.

The great thing is, in his illustrious twenty years writing software and being a leading light in the Perl language and open-source community, Andy’s made plenty of mistakes. Not software errors, but worse: career errors.  And just as with every error that crosses his path, he figured out exactly what went wrong, when and why.  Which means that when he writes a book about career management in technology,  he can probably save you some grief. Outside of leveling a crooked Christmas tree stand, what more could you ask of a book?

To hear Andy get all up into this, check out the Pragmatic podcast for the book.

* And balls. You’ll need balls.  Balls not included.