A Word on Security; Dark matter stories; Space Access; NASA revives the F-1; SAGE; Tax Time; and other important matters.

Mail 770 Wednesday, April 17, 2013

clip_image002

First a few words on security:

WordPress Attack

Dr. Pournelle:

It appears there is an attack against WordPress installations that is placing a phony ‘500’ error page on the site that allows additional commands to be executed. I don’t have all the details yet, but one report indicates that there is a brute-force password guessing attack against the ‘admin’ user of a WordPress site.

The ‘admin’ user is created by default on a WordPress installation; that user has full privileges to the WordPress installation. If the owner has chosen a weak password, or ohe that is easily guessed, then the attacker would get full admin privileges to the WordPress site, including the administrative area.

WordPress login process allows for brute force attacks; an unsuccessful login will just let you try again. There might be some delays if you try brute-force logins, but it is possible to keep on trying a WP login.

The attack will put a phony ‘500.php’ file in your site root (and perhaps other places). So a search for those files might be prudent. Delete any that contain unfamiliar code.

Initially, it looks like many sites that have been successfully attacked are also not current in their WordPress version level. So, prevention would indicate these steps:

1) Create a new ‘admin-level’ user with a strong non-dictionary type password.

2) Log in as that user to ensure that all is OK

3) When logged in as the new admin-level user, demote the user ‘admin’ to the lowest level. Leave the user there just to irritate the hacker.

4) Ensure that your hosting account, and any FTP accounts, have strong passwords. Strongly consider changing FTP passwords.

5) Don’t use an FTP client that stores passwords in plain text. (WinFTP does this.). I recommend WinSCP (open source, free) which encrypts FTP credentials.

6) Ensure your WordPress installation is current. Update all themes and plugins on a regular basis.

And the usual precautions on your home computer: Windows updates, Application updates (Secunia Personal Software Inspector is recommended), uninstall Java (if it is not needed; Javascript is OK), don’t clck or open unfamiliar attachments, etc.

(BTW, your site is OK. I already did the mitigations noted above when I set up the WordPress installation.)

Regards, Rick Hellewell, Security Geek and your faithful web guy

HEAR AND BELIEVE

I view all mail in plaintext and never follow links until I have some reason to assume it’s safe; and I see a lot of intriguing new phishing schemes lately. It’s getting bad out there.

And this just in:

Identity Theft

Hi Jerry,

We hear a lot about identity theft but here’s a statistic to chill the blood, from the Senate committee testimony of National Taxpayer Advocate Nina Olson on April 16 —

"Yet despite the revamped identity theft victim assistance procedures, more stringent filters, and improved cooperation with the private sector, the volume of identity theft returns continues to grow at an alarming rate. The IRS had more than 1.25 million identity theft cases in inventory as of the end of February 2013, a sharp increase from a year ago, when the volume was less than 235,000 cases."

Then, imagine how many more there are that don’t lead to an IRS contact.

–Mike

clip_image002[1]

Re Dark Matter & Dark Energy

Dr Pournelle,

At <http://esr.ibiblio.org/?p=1068>, Eric Raymond relates this anecdote:

“In 1992 I was an invited speaker at the Institute for Advanced Study.

Yes, this was five years before I was famous; what I was doing there was a seminar on advanced Emacsing. My sponsor, the astrophysicist Piet Hut, took me around to meet a number of the stellar eminences at the Institute.

“One of them was a cosmologist whose name I don’t remember. We chatted for a while – he was doing interesting work on the apparent quantization of red-shift distributions. Then I said to him, ‘Oh, by the way, I know what dark matter is made from.’

“Eying me dubiously, he said, ‘What?’

“I said, ‘Phlogiston.’

“He damn near fell out of his chair laughing.”

—Joel Salomon

I can I suppose accept dark matter, although it’s a stretch – why isn’t there a lot of it around here, and why isn’t it making the solar system deviate from Newton? – but dark energy isn’t anything I can get my head around. I still believe in experimental evidence rather than the beauty of equations or lack thereof…

clip_image002[2]

Henry Vanderbilt on last weekend’s Space Access conference and the future of man in space:

Despair is a sin, as you’ve mentioned more than once. Worse, in this case it’s an error. We’re actually doing remarkably well as far as development of reusable transport goes, at least compared to where we were fifteen years ago when X-33 had just eaten everything. It’s just that it’s mostly not in the government, most of it subject to the eccentricities of its private sponsors, and much of it grossly underfunded.

That last is my immediate worry – Armadillo has already been set back a year because they couldn’t afford to build the canonical three copies of their "Stig-B" test vehicle, XCOR will shortly be betting the company on the one copy of Lynx they can afford, and even the (relatively) lavishly funded Virgin will have problems if they break their first "SpaceShip 2".

SpaceX’s reusability tests strike me as sincere but still secondary; they’re funded at a level justifiable by the FUD they inspire in competitors, not (yet at least) as something primary to the company. And Blue Origin remains an enigma. What little comes out does not convey to me a sense of urgency, FWIW.

Jess Sponable going back to DARPA is potentially good also, though he’s been frustrated in his attempts to do something useful before. Mitchell Burnside Clapp, by the way, is also at DARPA these days, running an air-launched reusable project called ALASA – he was going to come out and talk about it till his travel budget got sequestered.

My chief hope is still the small startups, the XCORs, Armadillos, and Mastens – they’re the ones most closely focused on low-cost fast-turnaround reusability. Chronically underfunded, as I said. If you know someone who might want to support a non-profit strategic investment fund to the tune of a few tens of millions, I could do a huge amount of good there. (It’d probably make a considerable profit too, in the long run, which could then be applied to the next step outward.)

I’m recovering from a bug that hit me Monday – the perils of being one of your own mike-runners; I effectively traded bugs with 50% of everyone who had a question at the conference. I’ll have to check and see how Tim Kyger is doing; he drove out from Albuquerque to help out this year, and collected the other 50%. Having mike-runners who know the players is priceless, though.

I’m currently reading "Lenin, Hitler, and Stalin – The Age Of Social Catastrophe" by Gellately – part of my last few years walkabout through twentieth century history. Very interesting so far for the tactical details; that sort of thing tends to get glossed over.

Hmm, well, I must be feeling better; I’ve gone on far too long.

Henry

 

In other words, little has changed, and actually that’s progress. Moore’s Law continues: of the three major fields in space exploration, control and avionics gets better whether we like it or not, structures get stronger and lighter as everyone experiments with materials, and there are advances in reliability and manufacturing of propulsion. Operations improve.

Bob Bussard said a long time ago that we already did the easy stuff. He was prophetic, but we seem through some of that phase. In the 70’s we underestimated how hard things would be, but we also had the costs of the standing army to bear. Now the Navy and Air Force need mission capabilities and NASA doesn’t even pretend to be able to make them. This is the right time for real X program: develop the technology and let industry apply it to mission oriented spacecraft. Some of those missions will turn out to be commercial.

clip_image002[3]

: How NASA brought the monstrous F-1 “moon rocket” engine back to life

Here’s an article you may be interested in reading:

http://arstechnica.com/science/2013/04/how-nasa-brought-the-monstrous-f-1-moon-rocket-back-to-life/

and another related article on the developing F-1B engine:

http://arstechnica.com/science/2013/04/new-f-1b-rocket-engine-upgrades-apollo-era-deisgn-with-1-8m-lbs-of-thrust/

– Paul

Rocketdyne F-1 lives!

http://arstechnica.com/science/2013/04/how-nasa-brought-the-monstrous-f-1-moon-rocket-back-to-life/

An absolutely brilliant article. Puts many rumors to rest about the plans for Apollo being lost–and underscores yet again how Apollo was an amazing achievement in both design and execution.

I was shocked to hear up-rated F-1B was not only done, but tested.

The details on the gas generator and the turbopumps was astonishing.

Apollo lives!

a wonderful article on bringing the F1 engine back to life

You’ll love it.

Phil

http://arstechnica.com/science/2013/04/how-nasa-brought-the-monstrous-f-1-moon-rocket-back-to-life/

Indeed. And they’re cheaper now. In that sense Apollo was an X project. We learned a lot from Apollo. Propulsion wasn’t my thucktun, but I got to watch some of that development. We learned a lot about human factors until NASA froze the spacesuit designs and lost a lot of the progress the Ames people had made. Not lost forever, though.

clip_image002[4]

And I would love to have some reports on this one:

Space program simulation game

I thought that you may find this interesting. From the review; “You’re given rocket parts, a space center, a solar system of planets and moons, and you’re left to find your own fun. Orbit the planet? Go to the moon? Throw a kerbanaut into the sun? Build a space-jet? Make a giant tower of fuel tanks and blow them up? Whatever.”

http://www.shamusyoung.com/twentysidedtale/?p=19396

Edward Armstrong

If I get a chance I’ll try it, but perhaps someone has more time…

clip_image002[5]

SAGE,

Jerry

Cold War-era command center that once guarded the nation up for sale in Cicero, NY:

http://www.syracuse.com/news/index.ssf/2013/04/cold_war-era_command_center_th.html

And why is this interesting? It’s an old SAGE complex.

“Keeping with the goal of survivability, the buildings have no windows. Not a single one. From the outside, they look like big concrete bunkers that could survive nearly anything the old Soviet Union could have thrown at it.” “Evertz said records storage is still probably the best use for the buildings.”

Kind of a follow-up to last week.

Ed

I recall visiting operating SAGE installations. They did it all with brute force.

clip_image002[6]

Looking at the Rocketdyne F-1 Engine Again

Jerry,

Very interesting article.

Regards, Charles Adams, Bellevue, NE

<http://arstechnica.com/science/2013/04/how-nasa-brought-the-monstrous-f-1-moon-rocket-back-to-life/>

"….Watching the test

On the morning of February 20 I found myself perched on a set of metal bleachers under an iron-gray Huntsville sky, with the thermometer reading 33ºF-quite a bit cooler than this Texas boy is used to enduring, especially since the wind wouldn’t stop gusting. The payoff was that the observation area sat only a short distance from the gas generator test stand. Through a clearing in a row of evergreens and scrub, separated from us by a dirt path, I saw the test stand itself: a jungle-gym pile of metal and pipes, with personnel scurrying around to make last-minute adjustments.

The gas generator test firing I was there to witness was neither the first nor the last, but it still drew a hefty crowd of folks-civil servants, family members, and no small number of Dynetics/PWR employees. As the clock ticked down toward firing, we packed ourselves into the rickety bleachers and the buzz of conversation gradually quieted; I focused on holding my camera steady and trying not to touch any of the exposed metal of the heavy (and freezing) telephoto lens.

And see:

New F-1B rocket engine upgrades Apollo-era design with 1.8M lbs of thrust <http://arstechnica.com/science/2013/04/new-f-1b-rocket-engine-upgrades-apollo-era-deisgn-with-1-8m-lbs-of-thrust/>

Gallery: Behind the scenes at NASA’s Marshall Space Flight Center <http://arstechnica.com/science/2013/04/gallery-behind-the-scenes-at-nasas-marshall-space-flight-center/>

More on the F-1B monster. If we need them we can build them.

* * *

Fast trip to Mars

Interesting news: http://www.theregister.co.uk/2013/04/10/nasa_fusion_engine_fast_mars_trip/

Michael Lund Markussen

clip_image003

airplanes, cell phones and Ordnung.

One more email on using cell phones/electronic devices on airplanes and Ordnung.

Recently I took a flight on American airlines from Atlanta to Miami. We stopped short of the gate and the pilot announced that another plane was still at our assigned gate and we would wait just short of the gate until it was free. You could see the gate and plane. I was sitting in an aisle seat. A man on the other side aisle seat and two rows up, pulled out a cell phone and started to make a call. The stewardess scurried up to him and told him to turn it off. She said that Federal regulations prohibit using cell phones until the cabin doors were opened. She went on to say that he was endangering our lives because the phone could cause problems with the avionics. He laughed at her and said we can see the gate, if my phone messes up the avionics, tell the pilot to maintain current altitude and go to VFR. I started laughing (remember we are sitting on the ground), getting a glare from the stewardess. At that point she threatened to have security arrest him when he deplaned for interfering with the flight crew, if he did not comply. He wisely turned the phone off while shaking his head at the stupidity.

Mike J.

Wise move on his part. The flight attendants aren’t engineers…

clip_image002[7]

a case of importance and horror

http://pjmedia.com/rogerlsimon/2013/04/13/gosnellgate/?singlepage=true

The main stream media is suppressing it so that people don’t question their pro-choice stance.

Phil

clip_image002[8]

Boston Marathon Bombing

Another possible connection; Israel’s Independence Day began at sunset on April 15. Allowing for time zone changes, the bomb went off just about the time that Independence Day began in Jerusalem. (In the Hebrew calendar, the new "day" begins at sunset.)

https://en.wikipedia.org/wiki/Yom_Ha%27atzmaut

Ken Mitchell

Presumably someone will come take credit for it. We’ll just have to wait.

clip_image002[9]

It’s Tax Time

Hello Jerry,

"It’s tax week, and I’m up to the ears."

When a citizen of your undoubted competence is ‘up to their ears in taxes’ for a week (or more), trying to comply with a tax code that NO ONE understands, it kinda reminds me of this, from ‘Dr. Floyd Ferris’:

"“There’s no way to rule innocent men. The only power any government has is the power to crack down on criminals. Well, when there aren’t enough criminals, one makes them. One declares so many things to be a crime that it becomes impossible for men to live without breaking laws. Who wants a nation of law-abiding citizens? What’s there in that for anyone? But just pass the kind of laws that can neither be observed or enforced nor objectively interpreted – and you create a nation of law-breakers – and then you cash in on guilt.”

I think that ‘Dr. Ferris’ would be very pleased with the ‘progress’ that the US has made in the 56 years that it has been ‘progressing’ since he made the above observation in 1957. The tax code provides a prime example of WHY.

But, as we have learned to our sorrow, the ‘progressives’ who now rule us can always find new facets of our lives which require additional governmental ‘progress’, so they continue beavering away, apparently ad infinitum. One thing about progressives: they are all about progress, but as long as there is ONE citizen out there who insists on inhaling and exhaling on his own schedule, they will never have ‘arrived’.

Bob Ludwick

I won’t argue. Liberals are worried that someone, somewhere, is doing something without permission. That was Bill Buckley’s mot juste a long time ago. It seems to be true, but add that they worry that someone is doing something without paying a tax on it.

clip_image002[10]

This should have been posted last week, but I was busy.

debt limits and hyperventilation

Dear Mr. Pournelle;

I’ve been reluctant to comment on a recent posting, but it continues to disturb me. To quote several paragraphs:

"You may get death threats, so many you’ll lose count, and there may well be actual attempts on your life. Don’t forget, the Chicago gang is in town and they play very rough. The more public you are, the less they may target you. The CorruptMedia will oppo-research every hidden nook and cranny of your life to smear and expose whatever dirt they can find on you.

You must understand that America now has a government run by gangsters – by crooks, thieves, looters, and thugs who will be utterly ruthless in ruining you if you try to be in their way. Putin’s Russia, Chavez’s Venezuela, has come to America; and the Chicago gang and the cartels have come to D.C.

So if you don’t have the courage to band together and stand up to them, quit now. They can’t spend money you don’t give them. They will do whatever it takes, legal or illegal, to force you to give it to them."

I’m aware that you noted it needed to be toned down; thank you. However, I think extravagant rhetoric like this is highly destructive. As citizens, we are NOT each other’s enemies; rhetoric like this seems to me to serve no purpose except to estrange us.

Also, I note that the original posting was apparently anonymous. My experience is that anonymous letters deserve neither attention nor publicity. They are not an invitation to discussion; there’s no way to reply. They’re more on the order of a tantrum.

Regarding the actual topic of the note: while I agree that spending needs to be brought under control, I believe that the time to do that is *before* we spend the money, not after. Anyone considering not raising the debt limit enough for us to pay the bills ought to consider the probable unintended consequences of such a strategy.

Okay, we’ll be paying the bills with borrowed money. That irritates me; but, again, the time to fix that is before we make the expenditures. Not honoring our debts is *not* heroic; it would simply mean that the "full faith and credit" of the United States was thenceforth worthless. The consequences of such a declaration would, I think, be rather abruptly ruinous.

Thank you for your consideration —

Allan E. Johnson

Something like this is needed once in a while…

clip_image002[11]

Scott Turow’s take on the ‘publishing revolution’

Jerry:

I came across this article in my daily readings and it appears that the American author is indeed becoming an endangered species.

http://www.nytimes.com/2013/04/08/opinion/the-slow-death-of-the-american-author.html?pagewanted=all&_r=3&

Mr. Turow’s conclusion is a bit chilling –

"Last October, I visited Moscow and met with a group of authors who described the sad fate of writing as a livelihood in Russia. There is only a handful of publishers left, while e-publishing is savaged by instantaneous piracy that goes almost completely unpoliced. As a result, in the country of Tolstoy and Chekhov, few Russians, let alone Westerners, can name a contemporary Russian author whose work regularly affects the national conversation.

"The Constitution’s framers had it right. Soviet-style repression is not necessary to diminish authors’ output and influence. Just devalue their copyrights"

John L.

I am going to leave this in the queue because I still have hopes of commenting on it, but it has waited long enough. I don’t know the current status of Solzhenitsyn and Pasternak in Russia today. It is a chilling thought. Turow is president of the author’s guild. I have not noticed significant comment on this from SFWA.

clip_image002[12]

And we end with

A Coyote Tale…

The Governor of California is jogging with his dog along a nature trail. A coyote jumps out and attacks the Governor’s dog, then bites the Governor.

The Governor starts to intervene, but reflects upon the movie "Bambi" and then realizes he should stop because the coyote is only doing what is natural.

He calls Animal Control. Animal Control captures the coyote and bills the State $200 testing it for diseases and $500 for relocating it.

He calls a veterinarian. The vet collects the dead dog and bills the State $200 testing it for diseases.

The Governor goes to hospital and spends $3,500 getting checked for diseases from the coyote and on getting his bite wound bandaged.

The running trail gets shut down for 6 months while Fish & Game conducts a $100,000 survey to make sure the area is now free of dangerous animals.

The Governor spends $50,000 in state funds implementing a "coyote awareness program" for residents of the area.

The State Legislature spends $2 million to study how to better treat rabies and how to permanently eradicate the disease throughout the world.

The Governor’s security agent is fired for not stopping the attack. The State spends $150,000 to hire and train a new agent with additional special training regarding the nature of coyotes.

PETA protests the coyote’s relocation and files a $5 million suit against the State.

TEXAS:

The Governor of Texas is jogging with his dog along a nature trail. A coyote jumps out and attacks his dog.

The Governor shoots the coyote with his State-issued pistol and keeps jogging. The Governor has spent $0.50 on a .45 ACP hollow point cartridge.

The buzzards eat the dead coyote.

And that, my friends, is why California is broke and Texas is not.

clip_image003[1]

clip_image005

clip_image003[2]

Bookmark the permalink.

Comments are closed.