n+1 sides to every story

Fender Bender

My car is completely payed off this February.

Where N equals the number of participants or observers to an event there will always be n+1 accounts of what happened.

This is my account.  I was driving in a parking lot.  Traveling between 10 and 15 miles per hour when at approximately 3:50 p.m. a woman in a silver Taurus backed into my path and collided with my vehicle.  I had no time to react.  Boom!  And the event was over.  Our cars hit perfectly on the corners of the vehicle.  My right front corner was hit by her right rear corner as she backed out of the parking space.  My car stopped moving, and my windshield wipers turned on.  My hand must have hit the lever on impact.  That has no bearing on anything aside from I thought it was very strange.

I jumped out of the car to make sure everyone inside was OK.  Yeah, it was only a 10 mph crash… but a kid could have poked an eye out with a crayon or something I guess.  No injuries.  I don’t even think you could fake one either.  My airbag didn’t even deploy.

She was obviously a Nurse of some kind, deduced by her attire: scrubs.  It was obviously a new car, deduced from the dealer tag in the window.  And just three days after Christmas, no one needs that.  I offered my condolences.  She was obviously mad as hell, so I said no more.  I observed her scream several times at the child who was in the back seat.  And when I say scream I mean she shrieked.  She shrieked so nastily, which such hostility and hatred, that each time I felt a flight or fight response and all I could think was “poor kid.”

I called 911 and reported the accident.  They gave me a 30 minute ETA for an officer to arrive.  I called home to tell my wife I was involved in an automotive altercation and then I called my insurance company to report the incident and make sure they knew I wasn’t paying a dime because she was at fault as far as I was concerned.  I snapped a few photos for documentation purposes and waited.  And waited.  And waited.

The Officer arrived about 45 minutes later.  Remember how I said I was originally sympathetic to this woman’s misfortune?  Well, my sympathy completely ended after the Officer asked me my account of the situation and she acted out, yelling and hostilely denying the beginning of my diatribe after only uttering several words.  The Officer commanded her to go stand by her vehicle in that way Police do.  I swear Police have Jedi mind powers!  And doesn’t everyone know not to raise your voice to a police officer? That poor guy didn’t want to stand out in the cold and do all that paperwork because of her stupidity.  And he definitely didn’t want to do all that AND get yelled at.

I was given a sheet of paper to fill out by the officer.  When I gave the paperwork back to him, he informed me that her story was quite different.  I told him she popped right out of the space and I had no time to react.  He said OK, and went to his car and told me I could sit in my vehicle to get out of the cold.  So I waited some more.  Finally he gave me her paperwork, that she would receive mine, and he told me I was free to go.  I had checked my lights and most of them worked.  I lost a running light and asked him if that would be OK to drive with.  He said it should be fine.  He asked if I had any other questions.  I asked if he had determined fault or if fault was determined in a parking lot and he shared that he had not determined fault at this time, but I could check the report in two or three days to see if that changed.  He mentioned that the insurance companies could and would work it out.  In parting he did tell me that the woman who hit me was driving with a revoked license, so she’d be getting a ticket for that, which was ultimately in my favor.  I thanked him for his time and apologized for the inconvenience to him — I have a lot of respect for police, they don’t get paid enough, and they deal with everyone on the worst possible days of their lives, it’s a tough job and I respect the people who chose it as a profession.

That was it… I was free to go. Now here’s the really strange thing.  You know that sinking feeling you get when you see the blue lights in your rear view mirror?  Or the blue and red lights in NJ and just the red lights in NY?  Or the sinking stomach feeling when you get in an accident or something really bad happens?  I didn’t get that at all.  I was completely apathetic to the direct consequences of the events of this afternoon.

Home office renovations

My wife, mother-in-law, and children took a ten day vacation and flew to Washington state to visit my kids’ great-grandparents, my wife’s grandparents, and my mother-in-law’s parents, Art and Betty — and all the other super-fantastic Aunts, Uncles, Cousins, Brothers, Sister-in-laws, second Cousins, etc., etc.

With my fear of flying, and the convenient excuses of work, mergers, corporate red tape, limited time away from work, etc., I weaseled out of the trip. Actually, the flying part really did me in — if I never fly commercially again, it’ll be too soon. I do want to go visit my wife’s family in Washington State, I’ll just have to take four weeks off and make it a road trip. Although, if I go across country for a trip like that I’d want to do it in style, like alone on a chromed out Harley Fatboy, with a leather holster for my shotgun and maybe a few more mean looking tattoos… But, I digress.

I dropped my family off at the airport, rushed home, and completely emptied out my office. Everything. Books off the shelves on the walls, all the furniture, the piles of papers on the floor… everything! I tore the wallpaper from the wall. I painted the walls. I ripped out the carpet. I purchased and put down a floating laminate flooring system that looks like a hard wood floor. I hung more shelving. I purchased a corporation sized, industrial filing cabinet. And I hung thermal drapes and shades in the newly renovated office.

I destroyed and recycled several hundred pounds of papers. I know the recycle guy wanted to hurt me. My recycle bins weighed at least 150 lbs each on two separate recycle days. I watched him curse me from the security behind my dinning room blinds.

I also organized the garage and fixed the master bathroom toilet paper holder — that’s really the important fix I made all week, it was all floppy and falling off the wall prior to being fixed. Definitely the repair I was most happy with.

But back to my office, this story is about my office. The clutter was so bad, I couldn’t take a before photo. Or maybe I was too embarrassed to take a before photo? Or maybe I had to clear out half the room to be able to get in to take a photo? Or I had to clean the room to find my camera to take a photo? Which excuse is more believable? Would you believe I was just so excited to start the project that I forgot to take photos until I needed my first break?

I do have a few old photos that might suffice as before shots.

Notice the stack of crap to the left on the floor.

Notice the stack of crap on the floor.

Well, it doesn’t look that bad because I tried to manage the image by framing it so it didn’t look too bad. It was after all, a photo of my dog. Not a photo of how messy my room was. Trust me, it was messy. There was a goat path through the room.

I’m not sure what the next photo was about. It might have been a misfire, hitting the shutter release on accident, but it does show the floor under my desk.

The sleeping bag under the desk doubled as a foot rest.

The official photographic record of the project can be found here. It turned out to be a pleasant surprise to Leslie. And to her family’s credit, they kept a fantastic secret. They would all make an excellent spy network. She commentted, “How did this go from being the worst room in the house to the best room in the house?” She also loves the fact that we no longer refer to my office as “the pit of hell”.

Special thanks to Bryan, who helped me with much of the renovations. It would have been a failed, nightmare without his help.

Here’s the finished product.

The Finished Product

Now I wonder if my wife will leave on vacation without me more often, or if I will never be left unsupervised again?

Haxors and this site

I was browsing my logs today. I get bored sometimes. As a security guy, it’s something I know I should do more often. It just seems a little pointless. No bragging here, my time is expensive. Every minute I’m not working is a minute I’m not securing my family’s future. I sound like an investment commercial there, but it’s true. In life, nothing is free, there is a cost that can be associated with everything. Like the costs of running this site. Some would argue it’s only a few dollars a month. I feel though that it’s more than that now. You see today, I’ve seen tracks… traces of an undesirable element in my log files. Yes, today, I have seen the tell tale sign of haxors.

zero sum game

I use that spelling specifically. I’m one of those old-fogies that call themselves a hacker. But I’ve never done harm. Never deleted a file. Never defaced a website. Never threatened anyone’s lively hood. I have played a practical joke or two. But nothing that brought any harm, real or perceived. In my mind a true hacker is a ‘computer enthusiast.’ A person who likes to play games and solve puzzles. A person who likes to cobble together creative solutions to technological challenges. For example, the other week I decided to see if I could have a radio-show without a microphone. Why? For the same reason people climb mountains, “Because it was there.”

Haxor is my way of identifying one who is not a true hacker. One who is trying to spread malicious code, create a bot network, deface a website, etc. You might have heard terms like script-kiddie, cracker, hijacker, etc. I like haxor.

Anyway, I started my site using iWeb to publish static content here. It seemed to work fine. But one of my very close friends, also in security, basically refused to come here because the created code was so javascript heavy. I kept my eyes open for a solution to this dilemma. I want something that I can quickly and effortlessly publish and update that produces good clean code. Another colleague of mine suggested WordPress. I did some research and found it to be quite nice. I have some reservations running a php based site, but I put a little effort into setting it up properly. I also found that I could use Gallery with iPhoto (there’s a nice plugin that allows me to publish effortlessly) and I now have a site that is accessible, robust and easy.

Today, I saw why I was originally hesitant of running a PHP site. The requests in my logs were for install configuration php files and other files that had my database password within. Now while this is distressful, it’s not something I didn’t expect to happen some time sooner or later. I didn’t think my site was popular enough to warrant a haxor presence, so on one hand I’m pretty flattered. On the other, I just have to wonder why? Is it because I’m in security? It is because I’ve upset someone? It wouldn’t be the first time, believe me. What is the benefit and what is the cost?

No-win scenario.

Well, the benefit might be bragging rights that a security guy’s site was haxed. But there’s really not much to brag about. I put very little effort into securing this information.

What is that you say, Mr. Haxor? You own my database? You know my password? That password is either really lame and low security or randomly generated. It won’t even get you into my email. Believe me, it’s only used for the database. And I have backups of my database. Purge, reinstall, restore, and I’m back up again.

What is that you say, Mr. Haxor? You have uploaded nasty maleware to my site? No worries, rm -rf ./* will fix that. And I have backups of my site too. It might take a few days to upload it all, but you’ve done nothing but waste some of my precious time.

What is that you say, Mr. Haxor? You pwned me? You think this is a game. That’s funny, because I wasn’t playing any security games with you. I don’t have time to. You’re really not worth my time. Nor is finding and plugging any security holes in WordPress or Gallery.

Will I plug holes that you so rudely point out? Yes, because I don’t want to continue wasting my time restoring my website. Will that mean you won and forced me to play your stupid games? No. There is a secure way of using these programs, it’s just a waste of my time and website resources. Will I eventually do it? If you piss me off enough probably. But then again, where are you going if your goal in life is to piss people off? My guess, prison.

So everyone knows, this site is a soft target. Nothing special here. No time, money, or desire to secure it. If you’re just a griefer, realize this, I could not care less. As in, I care as little as possible. As in, this is my notebook. If it’s lost, burned, or soaked in coffee, I’ll just replace it.

If you crack this site I officially declare you to be a script-kiddie-wannabe. Weak. Lame. Tired. Pathetic. Go beat up a first grader. You’re still worthless. You have proven nothing.

Time to step down from my soapbox.