Ottopress – A New Blog

Joseph Ducreux, original pimp.
Joseph Ducreux laughs at your nonsense.

For those of you who read this site for my WordPress knowledge, code, rants, or what have you, I’m writing this to point you in a new direction. I’ve started a new site just for that sort of thing: Otto on WordPress. Despite the name, I plan on putting other things there too, including code and other geekery.

Partially I’m doing it because I feel that I want to post more personal information type stuff here. More stuff about Memphis and what I’m up to and photo libraries and such, and my friends aren’t much into that sort of thing. Partially I’m doing it because I’d like to build more of a personal brand.

But, mostly I’m doing it because the ottopress.com domain name was available and I liked it. :)

I won’t be eliminating all geekery from this site, but it will be significantly toned down. Maybe. Dunno yet.

So, I’d suggest going over there if you like my technical rantings and ravings, since those won’t be here anymore. Also, this site may not be busy for a while. It’ll take a while to get into the swing of things, and I may start pulling more smaller microblog type posts in here. So if you want to switch your subscription around, now would be the time, while I make the changes.

For those people subscribing only to my WordPress tagged posts feed (I know there’s a few), I’ve redirected that feed now. You don’t have to switch, though you may want to. And if you suddenly got a bunch of repeat posts, that’s why. I moved a few of them over there when setting up.

So there you go.

BTW, if you’re not subscribing to my feeds, but prefer to use Facebook or Twitter, then I’ve separated some of that all out now too.

You can follow Otto on WordPress on Facebook here: http://www.facebook.com/apps/application.php?id=334947428931

You can follow this blog, Nothing to See Here, on Facebook here: http://www.facebook.com/apps/application.php?id=116002660893

And you can follow both of them on Twitter here: http://twitter.com/ottodestruct (Still working on this one, it’s not 100% reliable yet).

How to find a backdoor in a hacked WordPress

Edit: This post has moved to here: http://ottopress.com/2009/hacked-wordpress-backdoors/. Take your comments there.

Over here, Jorge Escobar is writing about how he got hacked with the latest version of WordPress. After some minor back and forth on FriendFeed, I got him to do a search which found a malicious backdoor he might not otherwise have found.

In so doing, it occurred to me that most people don’t keep up with the world of WordPress in the way I do, and so have not seen nearly as many hack attempts. So I figured I’d post my little contribution, and show people how to find hidden backdoors when cleaning up their hacked sites.

Non-technical users can safely ignore this post. :)
Continue reading “How to find a backdoor in a hacked WordPress”

Fun with Twitter

Just rigged up the blog to show whatever I’m posting via Twitter as well. However, what with Twitter being a bit of a lower end sort of one-liner type of thing, I decided to make those posts style slightly differently. So those weird blue things? Those are just my latest Twitter updates. :)

Thanks to Twitter Tools for making it work properly. Good WordPress plugin, still has a few odd points to it and some kinks to work out though. But it works well enough.

Feel free to respond more directly to anything I have to say on Twitter.

The TSA starts a blog

I was surfing around and ran across a blog written by people at the TSA.

Now, I think that the existence of open communication is a good idea. My problem is that the people actually doing the writing seem to either be really, really good at evasion, or they are complete and total idiots.

Take this post where somebody named “Kip” tries to explain the ban on liquids in aircraft. He goes on about the “3-1-1” rule, which I had to look up since I no longer fly at all (primarily because of the amazingly obvious and self-evident stupidity of the TSA and its employees), but the gist of the 3-1-1 nonsense is that everybody is allowed 3 containers of 3 ounces each, in 1 clear plastic baggy, 1 per person. He goes on about this quite a bit, but he also completely fails to understand the fundamental problem, which is this: You’re trying to find threats, you’re not trying to set limitations.

If I bring shampoo onto a plane, and it really is shampoo, then how much of it I bring is really irrelevant. The idea is to find those people with actual explosives or other threatening devices, no? So making somebody put 3 oz. of fluid into a clear container is really rather pointless when you don’t actually verify WTF the fluid is in the first place. Confiscating some liquid that is not actually an explosive does not increase security in the slightest possible way. Removing things that are actually non-threats is not helpful. He misses that fundamental point throughout his “answer” to the question.

He goes on to say that the idea is to have a 10 oz. limit because real liquid bombs need about 20 oz. to do any damage. He even attempts (and fails) to address the obvious question here: What about two guys carrying the same stuff on and then mixing them on the plane? His answer is that mixing liquid explosives is difficult and tricky to do properly. Which, again, misses the fundamental point. If it’s tricky to do properly, then it would be tricky even if it was all carried on by one person. The difference between 1 guy carrying 20 oz of liquid and two guys carrying 10 oz. each is actually non-existent. And if they can premix the stuff, then they can pre-mix it, separate it into 3 ounce bottles, and bring one big empty bottle in their carry on. “Mixing” liquids on a plane might be tricky, but simply pouring already mixed liquids from one container to another is not.

He also ignores the fact that the plot which started this whole mess was not actually feasible to begin with. Notice his wording in the first question, he says there was a “serious plot”, not that they could have actually, you know, done anything.

It’s like Bruce says, the whole damn thing is nothing but security theater. The TSA’s blog is a good idea, if it was, you know, real and not staffed by the same shills who are attempting to force us to accept something which is fundamentally stupid. We’re not idiots. We know that the policies are stupid, because it’s really really obvious that they are. Trying to tell us that these rules are, in fact, not stupid simply isn’t going to work. I mean, I don’t expect them to admit their real agendas or anything, but all he attempts to do is to say that their policies make sense (they don’t), that they actually do protect anybody from anything (they don’t), and that a whole lot of other countries implemented them too (irrelevant to the actual question in the first place).

You can’t sell me nonsense by saying that you’re fresh out of sense.

Kip also tries to hide behind the “classified” label at one point, which is such complete bullshit. If actual terrorists know how to do this, then telling me how it could be done doesn’t make any difference. If terrorists don’t know how to do this, then what the fuck are you protecting us from?

Anyway, it’s worth a read to see how ignorant the TSA really is. Reading that blog only increases my determination to not fly at all until the paranoid idiots in charge get replaced by somebody with more sense. From the look of things, I may be waiting a while.

Twitter

I signed up for twitter today, and installed a plugin for the blog that hooks into it. It’s kinda neat. The basic idea is that you can send “what you are doing right now” to it at any given moment, and the site posts it. Not complex, basically like a blog for one-liners. The WordPress plugin I installed lets you show the latest twitter messages you’ve sent to the service on the sidebar, or in a post, or what have you. Very nifty.

So if you look on the bottom right of this page, you’ll see the latest info on what I’m currently doing. The cool thing about it is that you can post what you’re doing to the site via email or IM or even text message. Quite entertaining, albeit somewhat useless, information. Still, fun for a while, and maybe I’ll figure out something useful to do with in the long run.