Tremendous work.
More here
Please leave comments below.
Showing posts with label funny. Show all posts
Showing posts with label funny. Show all posts
Friday, October 7
Thursday, August 12
Start with a cage containing five monkeys.
Start with a cage containing five monkeys.
Inside the cage, hang a banana on a string and place a set of stairs under it. Before long, a monkey will go to the stairs and start to climb towards the banana. As soon as he touches the stairs, spray all of the other monkeys with cold water. After a while, another monkey makes an attempt with the same result - all the other monkeys are sprayed with cold water. Pretty soon, when another monkey tries to climb the stairs, the other monkeys will try to prevent it.
Now, put away the cold water.
Remove one monkey from the cage and replace it with a new one. The new monkey sees the banana and wants to climb the stairs. To his surprise and horror, all of the other monkeys attack him. After another attempt and attack, he knows that if he tries to climb the stairs, he will be assaulted.
Next, remove another of the original five monkeys and replace it with a new one. The newcomer goes to the stairs and is attacked. The previous newcomer takes part in the punishment with enthusiasm! Likewise, replace a third original monkey with a new one, then a fourth, then the fifth. Every time the newest monkey takes to the stairs, he is attacked. Most of the monkeys that are beating him have no idea why they were not permitted to climb the stairs or why they are participating in the beating of the newest monkey.
After replacing all the original monkeys, none of the remaining monkeys have ever been sprayed with cold water. Nevertheless, no monkey ever again approaches the stairs to try for the banana.
Why not?
Because as far as they know that's the way it's always been done around here.
And that, my friends, is how policy begins.
-- Don't know the original author or where this came from, but it was posted on a Listserv I belong to, and I thought it was great. If anyone knows where this originally came from, please post in the comments so I can attribute it.
However, I think this really exemplifies some points that I've said for years. Just because "That's the way it's always been" doesn't mean that's the way it always needs to be done. Examine the status quo, and if you can try and make it better, do so.
Thursday, July 22
Reading Spam with Common Sense
Usually when I receive an email that looks like spam, I can just mash my "Send to Junk" keyboard shortcut and it goes away. But every once in awhile there is a decent looking spam that *might* be real. At first glance it won't have an images or selling viagra, or anything like that in it, and might just look real.
This is where the common sense approach to reading email kicks in. Obviously this post it not for the expert, this is probably more of the occasional user, but maybe someone in between will find it useful.
Here's a spam I received this morning that prompted me to write this diary:
From: Comcast
"This is a courtesy reminder that your Comcast Billing Information needs to be verified.
In order to continue using comcast services, click the link below, sign in and and follow the provided steps:
<Malicious Link was right here>
Regards,
Comcast Billing Department"
So, let's look at this and see how easy this is to detect:
Now, if we get into the weeds a bit more, we can look at the headers and see where it came from.
It came from a server at a .edu. I don't want to talk about which .edu (but it was in the United States), as I am going to try and get in touch with their security department after I get done writing this Diary.
Even more bad though -- it came from the "root" account on this server, the headers even indicate what version of Linux this server was running (Ubuntu). Most likely culprit? Probably an SSH scan that compromised the root account.
Make sure you have tight controls over those SSH accounts! And use common sense when reading your email. If it looks like bull, and it smells like bull. Chances are, it's bull.
Hopefully this helped someone.
Oh, the malicious link? Pointed you to a site that collected your usernames and passwords.
This is where the common sense approach to reading email kicks in. Obviously this post it not for the expert, this is probably more of the occasional user, but maybe someone in between will find it useful.
Here's a spam I received this morning that prompted me to write this diary:
From: Comcast
"This is a courtesy reminder that your Comcast Billing Information needs to be verified.
In order to continue using comcast services, click the link below, sign in and and follow the provided steps:
<Malicious Link was right here>
Regards,
Comcast Billing Department"
So, let's look at this and see how easy this is to detect:
- I'm not a Comcast customer. So right there, it was easy to detect.
- "comcast" in the second line is not capitalized. A real Comcast email would have capitalized their own companies name.
- Usually an email like this (from Comcast corporate) would tend to have all kinds of disclaimers and other nonsense at the bottom of the email.
- The link that I removed was not to "comcast.com"
Now, if we get into the weeds a bit more, we can look at the headers and see where it came from.
It came from a server at a .edu. I don't want to talk about which .edu (but it was in the United States), as I am going to try and get in touch with their security department after I get done writing this Diary.
Even more bad though -- it came from the "root" account on this server, the headers even indicate what version of Linux this server was running (Ubuntu). Most likely culprit? Probably an SSH scan that compromised the root account.
Make sure you have tight controls over those SSH accounts! And use common sense when reading your email. If it looks like bull, and it smells like bull. Chances are, it's bull.
Hopefully this helped someone.
Oh, the malicious link? Pointed you to a site that collected your usernames and passwords.
Tuesday, July 13
Mailing lists do not get Anti-Spam
Note: If you are subscribed to a Mailing List, and you have one of those "Auto-answer-back-auto-emailing-verify-that-you-are-a-human-by-clicking-on-this-link-really annoying-things". You are doing it wrong.
Get a frickin Gmail account people.
Get a frickin Gmail account people.
Friday, June 18
The Google Command Line Tool
Enough of the readers of this blog can be classified as "Command Line Nerds", myself included, and this post is aimed at you.
Apparently they don't have enough to do at Google, so they sit around and make tools to collect your wifi data, read your email and give you ads for them, and various other nifty Google ideas. (Yes, I still love Google.)
But apparently they had enough time to make a tool to interact with Google via the command line. Using Python you can do a whole mess of things..
They have a package available for debian (ubuntu) and they have a tar.gz bundle as well. So happy computing, check it out here.
But You Know, this might be nifty for uploading pictures to picasa, or scripting it to upload many things to docs, or youtube. But you know the one thing you can't do with your google command line?
Search Google.
Apparently they don't have enough to do at Google, so they sit around and make tools to collect your wifi data, read your email and give you ads for them, and various other nifty Google ideas. (Yes, I still love Google.)
But apparently they had enough time to make a tool to interact with Google via the command line. Using Python you can do a whole mess of things..
- You can Post to Blogger!
google blogger post --title "Just like this" "This is my blog entry, there are many like it but this one is mine"
- You can Post to your Google Calendar!
google calendar add "Take out garbage at 7 pm on Tuesday"
- You can perform various tasks with your Contacts!
google contacts list name,email --name *joel* > joel.csv
- You can edit some Google docs!
google docs edit --title "Document title here"
- You can upload photos to Picasa easily!
google picasa create --album "Photos of my car" ~/Pictures/Mustang/*.jpg
- You can even upload videos to Youtube!
google youtube post --category Entertainment video.mov
They have a package available for debian (ubuntu) and they have a tar.gz bundle as well. So happy computing, check it out here.
But You Know, this might be nifty for uploading pictures to picasa, or scripting it to upload many things to docs, or youtube. But you know the one thing you can't do with your google command line?
Search Google.
Monday, June 7
Burnout videos of 2010 All-Ford Nationals at Carlisle, PA
Here are some videos that I shot this past weekend of the Burnout contest in Carlisle, PA. These are kinda loud, so mind your speakers.
Enjoy:
This lady was 63 years old, she went the whole 3 minutes and smoked the tires!
httpv://www.youtube.com/watch?v=h7udeweXLVg
This was a Starsky and Hutch replica 1975 Gran Torino, complete with sirens, flashing lights, and flashing headlights. This was a great car:
httpv://www.youtube.com/watch?v=PagdZKlMkW8
This one was great, a piece of the rubber flew up and hit me in the arm (that's why the camera moves suddenly when the tire shreds). Yes, it was hot.
httpv://www.youtube.com/watch?v=i3UHAfT3_LA
This car was named "Uncle Buck", both of his tires shredded at the same time:
httpv://www.youtube.com/watch?v=PL00p79lN-Q
Enjoy:
This lady was 63 years old, she went the whole 3 minutes and smoked the tires!
httpv://www.youtube.com/watch?v=h7udeweXLVg
This was a Starsky and Hutch replica 1975 Gran Torino, complete with sirens, flashing lights, and flashing headlights. This was a great car:
httpv://www.youtube.com/watch?v=PagdZKlMkW8
This one was great, a piece of the rubber flew up and hit me in the arm (that's why the camera moves suddenly when the tire shreds). Yes, it was hot.
httpv://www.youtube.com/watch?v=i3UHAfT3_LA
This car was named "Uncle Buck", both of his tires shredded at the same time:
httpv://www.youtube.com/watch?v=PL00p79lN-Q
Sunday, June 6
Pictures by a 3 year old
We occasionally let my daughter have one of our cameras so she can take pictures (which she apparently loves to do). Here are a few of her shots.
http://gallery.me.com/joel.esler/100199
Yes, I know this is just a link to MobileMe, but that's where I am putting my pictures.
http://gallery.me.com/joel.esler/100199
Yes, I know this is just a link to MobileMe, but that's where I am putting my pictures.
Thursday, May 20
Wednesday, May 19
LifeLock CEOs Identity Has Been Stolen 13 Times
Can't say I'm surprised at this one. Any guy that trapes around putting his name and SSN on the side of a billboard is waiting to be had. I remember remarking to my wife the first time I saw a LifeLock commercial "I call BS."
Of course, now, LifeLock has been fined 12 Million dollars and called liars.
LifeLock CEOs Identity Has Been Stolen 13 Times - IdentityTheft - Gizmodo.
Of course, now, LifeLock has been fined 12 Million dollars and called liars.
LifeLock CEOs Identity Has Been Stolen 13 Times - IdentityTheft - Gizmodo.
Wednesday, May 12
All you ever needed to know about Tranmissions
httpv://www.youtube.com/watch?v=BQAWwvdnodU
This video was sent to me via email by my Dad (as one of those forwards) with this caption:
This guy is a professional bullshitter.
This video was sent to me via email by my Dad (as one of those forwards) with this caption:
Several years ago, Rockwell International decided to get into the heavy duty transmission business. They were getting ready to tape a first introduction video, and, as a warm up, the professional narrator began what has become a legend within the trucking industry. This is reported to have been strictly "off the cuff," nothing written down.
This guy is a professional bullshitter.
Friday, April 2
Note To Thieves: People You Rob Use Craigslist Too
A Story about a man who, much to his dismay, had his home broken into and several items stolen. However, he was smart enough to think to look for his items on Craiglist, and found his computer.
Still looking for other items, but since he reported the man who he got his computer back from, I have a feeling that the rest will turn up soon as well.
At least the thieves didn't delete his harddrive.
Note To Thieves: People You Rob Use Craigslist Too - Houston Music - Rocks Off.
Still looking for other items, but since he reported the man who he got his computer back from, I have a feeling that the rest will turn up soon as well.
At least the thieves didn't delete his harddrive.
Note To Thieves: People You Rob Use Craigslist Too - Houston Music - Rocks Off.
Wednesday, March 31
Friday, March 26
and then, there was rust
Got a call today from the shop that is tearing down the Mustang for the rebuild, asking me to stop by if I could and take a look, it seems that the rust on the front end was a little worst than they expected. I knew there was rust in there, but didn't know just how much...
So basically, we are going to replace from the driver's seat on forward. Frame, sidewalls, everything. Of course, I am getting stuck with the bill of people not doing it correctly to begin with, but, I suppose, that's the downfall of having a 42 year old car.
To look at the whole gallery of pictures I took today... Click here.
Stay tuned.
So basically, we are going to replace from the driver's seat on forward. Frame, sidewalls, everything. Of course, I am getting stuck with the bill of people not doing it correctly to begin with, but, I suppose, that's the downfall of having a 42 year old car.
To look at the whole gallery of pictures I took today... Click here.
Stay tuned.
Tuesday, March 23
Reader Question: Why is your Blog named Finshake?
Why is your Blog named Finshake? | Finshake.
I received a request about why my Blog is named Finshake. Read the above link for the reason.
Note: There is a search field on the right hand side of the blog. Check it out.
I received a request about why my Blog is named Finshake. Read the above link for the reason.
Note: There is a search field on the right hand side of the blog. Check it out.
Wednesday, March 10
Funny ‘Hacker’ Story
Funny ‘Hacker’ Story.
A funny story about a hacker named "bitchchecker", proving his mad skills by attacking someone on the Internet.
Using the IP: 127.0.0.1
Watch out for this guy.
A funny story about a hacker named "bitchchecker", proving his mad skills by attacking someone on the Internet.
Using the IP: 127.0.0.1
Watch out for this guy.
Tuesday, March 9
10 reasons to avoid talking on the phone
10 reasons to avoid talking on the phone - The Oatmeal.
This is an awesome comic, pretty much sums up talking on the phone correctly.
Click through, it's awesome.
This is an awesome comic, pretty much sums up talking on the phone correctly.
Click through, it's awesome.
Tuesday, February 16
Will Hack For SUSHI » MiFi Config Hack
Will Hack For SUSHI » MiFi Config Hack.
A post by friend and collegue at SANS Joshua Wright. Joshua is one of the guys I know that is really proficient at hacking wireless. Bluetooth, wifi, etc. He does some really wonderful work at that, and he's fantastic at it.
This post is about him hacking his Mifi (Verizon). He has two posts on the subject you should check out if you have a Mifi.
The other post is here.
A post by friend and collegue at SANS Joshua Wright. Joshua is one of the guys I know that is really proficient at hacking wireless. Bluetooth, wifi, etc. He does some really wonderful work at that, and he's fantastic at it.
This post is about him hacking his Mifi (Verizon). He has two posts on the subject you should check out if you have a Mifi.
The other post is here.
Tuesday, February 9
Help Desk sign I wish I had sometimes
Help Desk sign I wish I had sometimes - The Posterior of Randal Schwartz.
From someone at Oddly Specific.
Thanks Shirkdog for pointing this out.
From someone at Oddly Specific.
Thanks Shirkdog for pointing this out.
Monday, February 8
Hey, ask.com, what are you doing?
So, in the spirit of another post I put up recently, I am monitoring my firewall logs for anything strange and I keep seeing this:
The Source is Ask.com, the DST is my webserver, but take a look at the Ports. SRC port 80? DPT 58709? Anyone else see anything like this? This is being denied at my firewall because of my ESTABLISHED,RELATED line. So, the connection was not made from here. It's initiated from the outside.
What's going on over there at Ask.com?
Feb 8 14:47:55 localhost kernel: IN=eth0 OUT= SRC=66.235.120.71 DST=192.168.x.x LEN=455 TOS=0x00 PREC=0x00 TTL=49 ID=33745 DF PROTO=TCP SPT=80 DPT=58709 WINDOW=54 RES=0x00 ACK PSH URGP=0
The Source is Ask.com, the DST is my webserver, but take a look at the Ports. SRC port 80? DPT 58709? Anyone else see anything like this? This is being denied at my firewall because of my ESTABLISHED,RELATED line. So, the connection was not made from here. It's initiated from the outside.
What's going on over there at Ask.com?
Friday, January 8
Verizon Wireless's Fail
Several months ago I ditched my AT&T 3G Card that I was using for mobile Internet and bought a Mifi from Verizon.
A) Verizon has better connectivity in New York (I was spending a lot of time in New York)
B) Verizon has better connectivity on trains than AT&T. (Not faster, just a more persistant connection.)
Well, in order to manage your account, you have to sign-up for a website called myverizon.com, which, in order to complete the sign-up, asks to text message you your pin/password to verify your identity. So, I laugh to myself, as the Mifi doesn't have a screen or any way to receive a text. So, I get a hold of Verizon, and they tell me that their VZwireless software allows you to see the txt's send to the Mifi, okay, fine..
I fire up the software, no "txt". It's not in the Mac Software, it's only on the Windows VZWireless software. Hilariously irritating, so the alternative is, they mail you a pin number. Physically mail you, using snail mail, a pin number. What a waste of trees. Anyway.. I arrive today at getting my pin number via the mailbox, I sit down, type in the temporary password (pin number) on my login page, and finally, I get to reset the password.
So, there's 3 blanks on this page, and a drop down. First -- New password, second -- as you guessed it -- verify new password.
Now, here's where it gets good. Drop down "Select the phrase to remind you of your password". Your typical "Challenge/Response" thing right?
Here's the drop down:
Yup, seriously. No questions for the "Secret Question" -- I mean, if the questions are secret...
Last drop down was the answer to the "Secret Question".
Okay, so, what have we learned here? Verizon. You are making life extremely painful to me. FIX YOUR SIGNUP METHOD.
Oh, and your webpage. You are DOING IT WRONG.
A) Verizon has better connectivity in New York (I was spending a lot of time in New York)
B) Verizon has better connectivity on trains than AT&T. (Not faster, just a more persistant connection.)
Well, in order to manage your account, you have to sign-up for a website called myverizon.com, which, in order to complete the sign-up, asks to text message you your pin/password to verify your identity. So, I laugh to myself, as the Mifi doesn't have a screen or any way to receive a text. So, I get a hold of Verizon, and they tell me that their VZwireless software allows you to see the txt's send to the Mifi, okay, fine..
I fire up the software, no "txt". It's not in the Mac Software, it's only on the Windows VZWireless software. Hilariously irritating, so the alternative is, they mail you a pin number. Physically mail you, using snail mail, a pin number. What a waste of trees. Anyway.. I arrive today at getting my pin number via the mailbox, I sit down, type in the temporary password (pin number) on my login page, and finally, I get to reset the password.
So, there's 3 blanks on this page, and a drop down. First -- New password, second -- as you guessed it -- verify new password.
Now, here's where it gets good. Drop down "Select the phrase to remind you of your password". Your typical "Challenge/Response" thing right?
Here's the drop down:
Yup, seriously. No questions for the "Secret Question" -- I mean, if the questions are secret...
Last drop down was the answer to the "Secret Question".
Okay, so, what have we learned here? Verizon. You are making life extremely painful to me. FIX YOUR SIGNUP METHOD.
Oh, and your webpage. You are DOING IT WRONG.
Subscribe to:
Posts (Atom)