That I did not need!

Update: It’s worse than I thought. I assumed that there was a vulnerability in html2text.php that allowed them to send email, but no, they used a vulnerability in html2text.php to download malicious code, and install something called “mock” in /tmp/.m and a script called “c” in /tmp/send. There were several copies of “c” running just now, when I ssh’ed in from my Treo to delete the files, kill the processes, and restart Apache. This is the first time I’d had malicious code installed on my system in over 15 years of running Linux. I feel so dirty.

As I was getting ready for bed, I chanced to look at my mail queue on munin, only to discover that some time yesterday, my outgoing mail queue was up to over 2500 messages, which is 10 times higher than I’ve ever seen it before. Oh oh, must be a spam run, I thought. It was worse than I thought – it wasn’t blowback from spam being sent out in my name, it was OUTGOING.

It took the last half an hour to find the culprit – RoundCube web mail that I installed soon after I started work at Paychex because I couldn’t ssh home to read my mail with mutt. I don’t know if I missed a patch or what, but there were a whole bunch of hits on “POST /webmail//bin/html2text.php”. I’ve removed it. I guess I’m in the market for a good secure web mail system again.

Hopefully I didn’t get marked as a spammer on too many sites.

PostgreSQL woes

I was up to 2:30am last night, and up again at 8:30, working on a problem with PostgreSQL. I spent a week and a half consolidating the data that comes from OurAirports.com and my existing data, and trying to figure out who was right when they disagree. I finally got that finished up at around 8pm last night, but didn’t load it on the production machine until after I got back from a party around midnight.
Continue reading “PostgreSQL woes”

Harsh

When I was on the cross country ski team at University of Waterloo, we had our own temperature scale. From warmest to coldest, it was

  • Cold
  • Damn Cold
  • God Damned Cold
  • God Damned Fucking Cold
  • Harsh

Back then, because we spent so much time out in the cold and were pretty damn fit, I think “Harsh” was around -40, which is the temperature we experienced for the entire week of our first Christmas Ski Camp. That’s where future Olympic silver medalist and future several time wearer of the Malliot Jaune and Malliot Blanc in the Tour de France, Steve Bauer, showed me how to put a plastic bag down my shorts to prevent a painful frostbite.

These days in my aged and infirm state, “Harsh” is what we have been experiencing the last couple of days. It was 7°F when I drove home tonight, and in the cold today I broke my new snow brush and my very fancy and expensive sunglasses that I bought in Oshkosh last year. Plus my gas mileage is in the pits because the engine has to run to keep the owner warm.

Tip jar service?

Man this off-line blogging is a blessing and a curse, isn’t it?

Now that Amazon Honor System has gone away, what other options do I have for soliciting donations on my navaid.com website? I get most of my donations through PayPal, but some people preferred to stay away from PayPal for some reason. Amazon has a donation service, but only for registered charities.

We’re only talking about $5 or $10 a month, so it’s not like I need a full ecommerce solution.

Debugging, no molasses

I discovered the secret to getting Eclipse debugging to not be painfully slow. The secret is to reboot (or possibly just log off and on again) and then make sure you don’t start IE or Outlook or anything else except Oracle, jboss and the app. At that point I’m using just a hair over 2Gb of memory and it’s hardly swapping at all.

I’m sure it would be a huge violation of their security policies, but I’d love to bring in my laptop to see how of does at this. Not only does it have a faster processor and twice as much ram, but it also would allow me to have only Oracle, jboss and the app running on the desktop box while Eclipse ran on the laptop, freeing up half a gig of ram on the desktop.