Song XXVIII
The temple has fallen
into disrepair
It’s sagging
and short of breath
The clergy are muttering
kind words to themselves
Holy invocations fall leaden
in front of their feet
The pews are all empty
The audience left
and coughs echo
flat on the marble
The temple is greying
into morbid disuse
It’s puffy
and soft in the middle
It never ran swiftly
nor sprung from the bed
And now it just moans
about this ache and that
The incense is burned
and the body is sacrificed
but no one is saved
and no one is blessed
Posted by Jonathan at 02:23 AM, 26 June 2008 | Comments (0)
Acid Trip to the Past
I’m not one to think that things were better in my childhood days. The 70s, for all those who choose not to—or are too young to—remember, sucked. Really. The 80s sucked, too. Sure, we’re all nostalgic for big hair and men in shorty-shorts, but except for an underground music scene that would pay off dividends in the 90s and beyond, my generation was the first to find their world more difficult to prosper than the previous generations in America. But, wait, I come here not to whine.
Instead, I find myself chuckling at this article from Newsday about a group of kids arrested after one of them was found with an “apparent ‘caustic liquid’” on his clothing. Because one of the group may have said something about “blowing it up,” this vague threat lead to four arrests and bails in the $60k range.
So here’s a case where I can say, “Boy, times sure have changed,” and think wistfully back to childhood, where one of my friends, in junior high school, could bring a glass beaker, filled with a clear liquid, covered with tinfoil, and sporting a taped label saying “Dangerous: ACID.” He was not stopped the entire day, even though he displayed it at various times, including leaving it on the lunch table, during which a couple of other friends and I would mercilessly tease him about carrying “acid” in his bookbag covered with a flimsy piece of foil.
This is a true story, so I will not name my friend on this blog. Suffice to say, he knows who he his, and so do most of my friends, and so does the Mock Trial club from that year; because the beaker was not filled with “Dangerous: ACID”—it was filled with a pint of Vodka. Oh, it still cracks me up that the “acid” got no attention from anyone, but when a dozen kids were later caught in the girls’ room with their dixie cups, it became the crime of the century.
Times have changed, though. These kids, today, in the mean-streets of Levittown, may have actually had an acid, since the ‘caustic liquid’ kid’s shirt was burned, but I do believe that the authorities are over-reacting, as these four were going to be as successful in their “blowing it up” as the Mock Trial kids were in getting their booze on, all those years ago.
Update: Setting the record straight. There was a Mock Trial scandal, but this wasn’t it. Mock Trial was high school. Some of the kids involved with this one were involved in the later one, and I just blended the times together. I apologize for the mix up. (Thanks, Laura!)
Posted by Jonathan at 04:17 PM, 20 June 2008 | Comments (0)
It bears repeating
Turn off Safari’s Open “safe” files after downloading under Safari->Preferences.
There’s a program out there in the wild that can download and install itself if that checkbox is checked. It’s possible that the payload is helped along by the Flash vulnerability; I’m not sure, but keep in mind that many websites are using Flash ads that are served from 3rd party servers. Even if you trust the site, the ads may be from nefarious sources.
There isn’t really an easy way to turn Flash off on Safari, unless you remove the plug-in from the /Library/Internet Plug-ins/ directory. Firefox has an extension, called NoScript, which is very customizable (you can block Flash, but not JavaScript, for example), and I highly recommend it.
Anyway, the payload from before installs a plug-in into the /Library/Internet Plug-ins/ directory that changes the DNS server that the Mac uses to resolve domain names. Basically, it means that typing in http://macphoenix.com may send you to a totally different site, or worse, if going to a banking or bill paying site, it may send you to a site that looks exactly the same, but is controlled by thieves. One of the bad DNS IP entries was 85.255.113.138. There was another IP number, but I didn’t record it. If you have a DNS entry pointing to the above, though, it’s a server in the Ukraine that will send you to whatever it wants to, not where you want to go.
The plug-in disguises itself, so it’s impossible to know what it’s named. The solution was to remove every plug-in from /Library/Internet Plug-ins/, restarting, and (after checking that the DNS changed back to the original number) installing trusted plug-ins like QuickTime and Flip4Mac. But remember, the first line of defense is turning off that preference that should not be turned on in the first place.
Update: In response to a comment by Antonio, allow me to clarify. There are exploits to javascript (and now apparently Flash) that can make Safari download something without the user being aware. With the Open “safe” files after downloading checked, the download can potentially contain an installer that can load a trojan onto your machine. It’s simply keeping the porch door open allowing raccoons to eat the pet food in the kitchen. As for usability, the only benefit to Open “safe” files after downloading is saving the user a double click on legitimately downloaded files.
Posted by Jonathan at 08:29 PM, 02 June 2008 | Comments (1)
