Posts tagged “Gallery”.

Home office renovations

My wife, mother-in-law, and children took a ten day vacation and flew to Washington state to visit my kids’ great-grandparents, my wife’s grandparents, and my mother-in-law’s parents, Art and Betty — and all the other super-fantastic Aunts, Uncles, Cousins, Brothers, Sister-in-laws, second Cousins, etc., etc.

With my fear of flying, and the convenient excuses of work, mergers, corporate red tape, limited time away from work, etc., I weaseled out of the trip. Actually, the flying part really did me in — if I never fly commercially again, it’ll be too soon. I do want to go visit my wife’s family in Washington State, I’ll just have to take four weeks off and make it a road trip. Although, if I go across country for a trip like that I’d want to do it in style, like alone on a chromed out Harley Fatboy, with a leather holster for my shotgun and maybe a few more mean looking tattoos… But, I digress.

I dropped my family off at the airport, rushed home, and completely emptied out my office. Everything. Books off the shelves on the walls, all the furniture, the piles of papers on the floor… everything! I tore the wallpaper from the wall. I painted the walls. I ripped out the carpet. I purchased and put down a floating laminate flooring system that looks like a hard wood floor. I hung more shelving. I purchased a corporation sized, industrial filing cabinet. And I hung thermal drapes and shades in the newly renovated office.

I destroyed and recycled several hundred pounds of papers. I know the recycle guy wanted to hurt me. My recycle bins weighed at least 150 lbs each on two separate recycle days. I watched him curse me from the security behind my dinning room blinds.

I also organized the garage and fixed the master bathroom toilet paper holder — that’s really the important fix I made all week, it was all floppy and falling off the wall prior to being fixed. Definitely the repair I was most happy with.

But back to my office, this story is about my office. The clutter was so bad, I couldn’t take a before photo. Or maybe I was too embarrassed to take a before photo? Or maybe I had to clear out half the room to be able to get in to take a photo? Or I had to clean the room to find my camera to take a photo? Which excuse is more believable? Would you believe I was just so excited to start the project that I forgot to take photos until I needed my first break?

I do have a few old photos that might suffice as before shots.

Notice the stack of crap to the left on the floor.

Notice the stack of crap on the floor.

Well, it doesn’t look that bad because I tried to manage the image by framing it so it didn’t look too bad. It was after all, a photo of my dog. Not a photo of how messy my room was. Trust me, it was messy. There was a goat path through the room.

I’m not sure what the next photo was about. It might have been a misfire, hitting the shutter release on accident, but it does show the floor under my desk.

The sleeping bag under the desk doubled as a foot rest.

The sleeping bag under the desk doubled as a foot rest.

The official photographic record of the project can be found here. It turned out to be a pleasant surprise to Leslie. And to her family’s credit, they kept a fantastic secret. They would all make an excellent spy network. She commentted, “How did this go from being the worst room in the house to the best room in the house?” She also loves the fact that we no longer refer to my office as “the pit of hell”.

Special thanks to Bryan, who helped me with much of the renovations. It would have been a failed, nightmare without his help.

Here’s the finished product.

The Finished Product

The Finished Product

Now I wonder if my wife will leave on vacation without me more often, or if I will never be left unsupervised again?

Haxors and this site

I was browsing my logs today. I get bored sometimes. As a security guy, it’s something I know I should do more often. It just seems a little pointless. No bragging here, my time is expensive. Every minute I’m not working is a minute I’m not securing my family’s future. I sound like an investment commercial there, but it’s true. In life, nothing is free, there is a cost that can be associated with everything. Like the costs of running this site. Some would argue it’s only a few dollars a month. I feel though that it’s more than that now. You see today, I’ve seen tracks… traces of an undesirable element in my log files. Yes, today, I have seen the tell tale sign of haxors.

zero sum game

zero sum game

I use that spelling specifically. I’m one of those old-fogies that call themselves a hacker. But I’ve never done harm. Never deleted a file. Never defaced a website. Never threatened anyone’s lively hood. I have played a practical joke or two. But nothing that brought any harm, real or perceived. In my mind a true hacker is a ‘computer enthusiast.’ A person who likes to play games and solve puzzles. A person who likes to cobble together creative solutions to technological challenges. For example, the other week I decided to see if I could have a radio-show without a microphone. Why? For the same reason people climb mountains, “Because it was there.”

Haxor is my way of identifying one who is not a true hacker. One who is trying to spread malicious code, create a bot network, deface a website, etc. You might have heard terms like script-kiddie, cracker, hijacker, etc. I like haxor.

Anyway, I started my site using iWeb to publish static content here. It seemed to work fine. But one of my very close friends, also in security, basically refused to come here because the created code was so javascript heavy. I kept my eyes open for a solution to this dilemma. I want something that I can quickly and effortlessly publish and update that produces good clean code. Another colleague of mine suggested WordPress. I did some research and found it to be quite nice. I have some reservations running a php based site, but I put a little effort into setting it up properly. I also found that I could use Gallery with iPhoto (there’s a nice plugin that allows me to publish effortlessly) and I now have a site that is accessible, robust and easy.

Today, I saw why I was originally hesitant of running a PHP site. The requests in my logs were for install configuration php files and other files that had my database password within. Now while this is distressful, it’s not something I didn’t expect to happen some time sooner or later. I didn’t think my site was popular enough to warrant a haxor presence, so on one hand I’m pretty flattered. On the other, I just have to wonder why? Is it because I’m in security? It is because I’ve upset someone? It wouldn’t be the first time, believe me. What is the benefit and what is the cost?

No-win scenario.

No-win scenario

Well, the benefit might be bragging rights that a security guy’s site was haxed. But there’s really not much to brag about. I put very little effort into securing this information.

What is that you say, Mr. Haxor? You own my database? You know my password? That password is either really lame and low security or randomly generated. It won’t even get you into my email. Believe me, it’s only used for the database. And I have backups of my database. Purge, reinstall, restore, and I’m back up again.

What is that you say, Mr. Haxor? You have uploaded nasty maleware to my site? No worries, rm -rf ./* will fix that. And I have backups of my site too. It might take a few days to upload it all, but you’ve done nothing but waste some of my precious time.

What is that you say, Mr. Haxor? You pwned me? You think this is a game. That’s funny, because I wasn’t playing any security games with you. I don’t have time to. You’re really not worth my time. Nor is finding and plugging any security holes in WordPress or Gallery.

Will I plug holes that you so rudely point out? Yes, because I don’t want to continue wasting my time restoring my website. Will that mean you won and forced me to play your stupid games? No. There is a secure way of using these programs, it’s just a waste of my time and website resources. Will I eventually do it? If you piss me off enough probably. But then again, where are you going if your goal in life is to piss people off? My guess, prison.

So everyone knows, this site is a soft target. Nothing special here. No time, money, or desire to secure it. If you’re just a griefer, realize this, I could not care less. As in, I care as little as possible. As in, this is my notebook. If it’s lost, burned, or soaked in coffee, I’ll just replace it.

If you crack this site I officially declare you to be a script-kiddie-wannabe. Weak. Lame. Tired. Pathetic. Go beat up a first grader. You’re still worthless. You have proven nothing.

Time to step down from my soapbox.