The Internet was Attacked Today

A very serious attack on the Internet occurred today. A large number of websites including alaya.net were unreachable for many hours.

I don’t remember such a serious attack. In the past there were more limited attacks, but this one affected many, many sites.

Its 2016 and I remember thinking years ago in the mid-2000’s about the bad security situation then, with huge networks of compromised computers leveraged to spew out constant spam and to occasionally attack sites. I thought that, as technology would improve, that the security situation would get better. For example all those zombied Windows machines with non-updated software forming botnets. Windows has improved a lot. But now today’s attack was utilizing networks of compromised Internet of Things devices – that is things like webcams which have Internet connections.

Many of these connected devices use the same crappy, low-security chipsets and that’s how the exploits which compromise them work. But its kind of shocking that these chipsets can have these vulnerabilities. If I were in the government I would be asking how it could be that our chip making companies are, in the year 2016, releasing hardware that is so flaky. What kind of oversight of this is there?

Just as by law if you operate a motor vehicle on public roadways that vehicle is expected to meet certain basic operational and safety requirements, should not devices on the Internet be required to satisfy minimum security requirements? Just as when some junky car falls apart in the middle of the road causing damage or injury to others, these crappy chipsets are causing real harm on a mass scale.

I think the makers don’t think much of it. Perhaps they see it as just one bad chip. But that one crappy chip gets made zillions of times and is used in zillions of devices. Its not just a problem of one crappy chip, but zillions of these exploitable pieces of junk waiting to be used by attackers.

I’m sure there will be some very high-level and a lot of lower-level meetings to figure out how to deal with this and potentially worse threats. I guess for non-techies this Friday was perhaps more like a holiday. But for the hard-working techies who are responsible for the infrastructure that we frequently take for granted, I’m sure it was a hard day.

Perhaps the positive side to all of this is that when things like this occur they serve as a wakeup call and help to inoculate us against worse things. Things could have been worse than they were so maybe we should be thankful and heed the wakeup call and get to work…

FYI here’s a really good reference article: theglobeandmail.com: Internet of Things a playground for hackers

If nothing else, it makes you wonder how the hell companies are allowed to make these super-crappy chips that can then get used to inflict massive damage on the Internet. Maybe there needs to be a radical rethink about the roles and responsibilities of all devices that are allowed to access the Internet.

xonsh: A revolutionary Python-Bash hybrid shell

I just found out about xonsh. I will just paste a bit from the project’s homepage:

Xonsh is a Python-ish, BASHwards-looking shell language and command prompt. The language is a superset of Python 3.4+ with additional shell primitives that you are used to from Bash and IPython. It works on all major systems including Linux, Mac OSX, and Windows. Xonsh is meant for the daily use of experts and novices alike.

To install it on Ubuntu Yakkety 16.10 just do sudo apt-get install xonsh then go into your favorite terminal program (I like Konsole) and create a new profile. Name it xonsh and for the command option set it to /usr/bin/xonsh.

Then you just open a new tab or window with the xonsh profile and the first time it runs it will prompt to run through a setup script. Most of the defaults are good so you can just press enter. I did choose the option to enable compatibility with a foreign shell and selected Bash.

Based on the answers it will create the static configuration file at ~/.config/xonsh/config.json.

You can also create a user control file ~/.xonshrc. See here for more information on how to set this up. You can add Python modules and statements inside .xonshrc. For example I added import os so that I can now use commands like os.getcwd() in the shell.

If you want just a particular method in a library you can use for example: from math import pi and then in the shell if you enter pi you will see the number pi. Another library that might be really useful to import would be the regex library: import re

Once you’re finished editing .xonshrc you source it just like you would a Bash file: source .xonshrc If you want to source a Bash file there’s a built-in alias for it: source-bash

After setting up xonsh you have an amazing shell environment which essentially behaves like Bash yet has the full power and features of a Python shell as well.

I’ve already switched to it as my default profile in Konsole. I’ve been trying some shell stuff like echo grep cut find etc. and it all works. I also have been doing some stuff with Python lists, iterators, and loops and it all works well.

I’m not an ultimate shell-guru person or anything but to me xonsh seems revolutionary.

Here’s a portion of a comment on a forum by the creator of xonsh regarding Bash compatibility:

… I agree that making shell languages into ‘real’ languages is strong goal that we should all have. And like with real languages, many can co-exist happily.

I’d like to point out though, that the goal is not to have bash-compatibility. As you point out, bash does some insane things and that is exactly what I want to avoid with xonsh. I should be able to give xonsh to a programming newbie and they should not experience any gotchas once they know the language.

I have been pretty careful to say BASHwards-compatibility in the docs and elsewhere, for exactly the reasons you mention. The goal isn’t to be bash with some python-isms, but to be python with the useful parts of the shell syntax. Like any good technology, it should interface as well as it can (ie when not insane to do so) with the previous technologies. …

References:

infoworld.com: New shell packs power of Python and Bash

Why I’m voting for Donald Trump on November 8th

Donald Trump – despite the constant attacks, lies, and slander against him – will unquestionably be the best candidate for women.

I am voting for Donald Trump because I have seen the appalling mess left behind by the lying, hypocritical, “liberal” and “progressive” Democrats who have turned our country into a free-for-all for criminals, misogynists, illegals, drug dealers, and all sorts of scum.

Our cities have become disgusting, abusive, unsafe places where women cannot safely comport themselves without being harassed, abused, or subject to violence.

It is the logical result of the years and years of “liberal” and “progressive” Democrats’ policies which have allowed a huge influx of illegal immigration, have resulted in an utterly shocking and abhorrent lack of lawlessness across America – particularly in its big cities – even while the privileged entitled elites claim exemptions from the rule of law and special privileges for themselves.

The Democrats are giving us a third-world wasteland America that is not a safe, decent, and wholesome place for a woman to live. Hillary Clinton’s loyalties are to the rich – be they from backwards, undemocratic countries which persecute women and minorities or anywhere else.

The bottom line is that, beyond her smooth-talking BS she will allow the collapse of the United States into a third-world country to continue while rich bankers and elites continue to cash in at the expense of the people of not just the United States but of the entire world.

Also, Hillary Clinton represents a betrayal of the hard-working people whose blood, sweat, and tears created and built America into a great country. She will betray Americans like no other. She represents one of the greatest threats that has ever faced the United States of America and a true destruction of democracy and democratic principles.

The fact that Hillary Clinton was shoed-in by the establishment – by the oligarchy – as the Democratic nominee for president was a slap in the face to democracy and to all Americans. It’s time to respond to that slap on November 8th with a definitive answer that America won’t tolerate its government being hijacked by an oligarchy bent on serving itself while America descends into a third-world pit.

By serving the interests of the people of the United States Donald Trump will help to make the world a better, stronger place. There is no question who to choose on November 8th. The choice is as clear as day.

Please vote on November 8th for Donald Trump!

$9 computer

Was just reading an article at heise.de about the release of the $16 Chip Pro from the same company who make the $9 Chip computer.

Memorize this: . ^ $ * + ? ( ) [ { | [backslash]

.^$*+?()[{|\

This is a really good set of symbols to memorize because if you are writing a Perl-compatible regular expression (PCRE) then these are the symbols which if they occur as literals within expressions (and outside of character classes), they need to be escaped. [Sorry WordPress is messing up the backslash character in the title]

PCRE’s are used in languages including PHP, Python, and Java. And of course they are used in Perl.

Remember that character classes are enclosed in square brackets [], for example:
[a-z0-9] is a character class consisting of the range of lowercase letters and digits 0 through 9.

The symbols which must be escaped inside character classes are intuitive so don’t really need to be memorized. They include – which is used for ranges (as above), the \ character itself, and the right square bracket ] as well as the caret ^ which negates or inverts a character class.

Reference & credit:
stackoverflow.com: What special characters must be escaped in regular expressions?

Cool historical concept of the {time_interval}: Phoenician

As I was reading one of my computer science textbooks on my laptop something made me think about languages in general and alphabets. The whole idea of an alphabet – symbols to represent phonetic sounds which can be re-used and combined to form words – all began with Phoenician.

Phoenician is where it all began. We all owe some major credit to where it is due: With the brilliant person or people who started the first alphabet several thousands of years ago.

As a computer science student I have come to a special appreciation for symbols and writing. As neat as Java, Python, SQL, PHP, etc. are I’m still fascinated by how it all began thousands of years ago and who the brilliant genius or geniuses were who developed it.

I imagine what it would have been like in the ancient world to be a trader or traveler visiting an exotic, distant place and to encounter a written alphabet for the first time. Nowadays we get excited about so many things. Imagine seeing written text for the first time and being blown away at the sheer genius of it.

I can easily imagine some people being so blown away by it that they would have stopped everything – completely dropped everything else they were doing – in order to learn this amazing new inscription system.

If you look carefully at the symbols of the Phoenician alphabet you will notice that many if not most of them closely resemble their Greek and/or Latin equivalents.

Phoenician. Love it!

Page 21 of 106« First...10...1920212223...304050...Last »