You are currently browsing the category archive for the ‘Work’ category.

First, I want to differentiate between hacking (seeing how something works) and cracking (doing the same thing for malicious reasons).  There can be a fuzzy line between the two.  I want to stay clearly on the good side.

As an example, I once broke into a government computer, getting root access and changing the root password.  It was by their own request – the only operator had died suddenly, and the family threw out all the documentation he had at home.  The government organization contacted the company I worked for at the time, and I got to break in, and to turn the results over to the proper authorities.  As I look back, this was almost an amplified pen test. (They failed, which was good in this case.)

That’s the good side.  Here’s a bad side (that I chose not to do): I wear a Fitbit tracking device, which counts the steps I take.  Their daily goal is ten thousand steps.  My cardiologist is happy with five thousand, which I normally achieve.  When I got the device, I started looking for ways to hack it.  I’m inquisitive, that’s what I do and how I think.  I found a video where somebody hooked their Fitbit up to a hair trimmer so the device would record two steps a second.  All interesting, until you add in that my company rewards me monetarily for achieving steps.  That turns a cute prank (“Look – a hundred thousand steps today!”) into theft.  That’s wrong.

There’s nothing wrong with giving your cat a Fitbit – just don’t use that one to get points.

With that background, here’s how to do a little white-hat hacking on mysql.

We had to make major changes to the database supporting an application.  The developer was long gone, and nobody had the password to the database.  Really didn’t want to reverse engineer the whole DB and then test to see if it works – that is the wrong way to spend a couple weeks.

(aside: my favorite search tool is Google.  Bing just doesn’t cut it, though I like their image search better – I can specify what license I want the picture to have)

Googling the question led to a long list of mis-hits, and then this winner, in a reply to a longer and more complicated method.  If you’re on the machine and have root access, the anonymous tipster says that

cat /root/.mysql_history|more

is “very informative”.  Which is an understatement – the password is up at the top of the file.

Thanks, Mr. Anonymous.  You helped save the day – and contributed a tool to my hacking toolbox.

 


Footnote: yes, the commands

more /root/.mysql_history

or even

head /root/.mysql_history

are shorter.  This isn’t a code golf contest.  The value is in knowing where to look, not how to look.

Advertisements

Sometimes you hear an echo, your own words coming back to you.

Sometimes the echo is a bit distorted, not exactly what you said.

Sometimes it’s coming from someone else, and is malicious.

Read the rest of this entry »

I’m staying away from politics for a while – I find that I get bothered easily.  So here’s something from the real world that bothers me.

I’m part of a FreeCycle group.  People post to the newsgroup when they have something they don’t want anymore, rather than pitching it.  I’ve seen everything from egg cartons to projection TVs.  People can also post with wants – a family gets burned out and needs new furniture.  A kid wants a particular doodad for a school project (the last one I saw was for hearing aids).  Lots of people offer excess plants.  We have been the beneficiary of multiple things, never posted a want, and have supplied at least one person’s want.

This want was astounding.

WANTED: Laser for a 40 caliber handgun

Thu Jan 24, 2013 8:42 am (PST) . Posted by: (redacted)

Springfield 40 caliber hand gun, I read it is attached to the barrel rod? Need it for training.

Well, then.  That makes sense. This person has applied for a job somewhere and wants someone else to donate a $350 piece of hardware.  If the donor has it, they bought it on purpose – this isn’t a plant that self-propagates or an egg carton that has outlived its usefulness.

Earlier this year, when we were cleaning out our shed, we came up with a bicycle, an electric mower, and a metal cart that we didn’t want/need anymore.  We took them down to the street, taped FREE signs to each of them, and let the market work.  We were gone that Saturday, and when we got back, the items were gone.  Somebody benefited from our generosity.

But begging for a $350 specialized piece of equipment?  Naah.

Another aspect: if they need this for their job, it’s part of job start-up costs.  Count that in when you apply.  At my old job, I needed a piece of software so that everyone could upgrade their software easily.  I wrote up the business case and we purchased a worldwide license for Beyond Compare.  I switched jobs, but the software didn’t.  Last month I bought my own copy (personal) for my workplace.  I can use it, work and home, forever.  I bought it, and I plan on using it at my current job for the rest of my work life.  My employer didn’t owe it to me.  The world didn’t owe it to me.  I wanted it, and I bought it.

And I’m staying away from politics.

Note: details of the want ad are munged for privacy.

I like computers, and I like my new job.  It’s not so new, I guess, since I have been there over five months.  I still like it.

I get to dig down deeper into applications and computer systems than I did before.  I get messy (metaphorically) working on all sorts of different things.  At times, when the solution doesn’t present itself quickly enough, you have to dig a little bit.  Go down beneath the shiny GUI, past the middleware, and get down into the guts of the thing.

If you have used the internet (you know, like maybe for reading this blog post), you have used Unix/Linux boxes along the way.  It may be directly (yes, your Android phone is running a version of Linux), indirectly (most web servers run Apache, probably on Linux), or in desperation to resolve a problem.

One of the places where Linux differs from Windows is in its use of the command line instead of Windows, Icons, Mice, and Pointers (WIMP – an acronym chosen by the Linux folks, I’m sure).  As you may have seen in the desperation link, disk drives get mounted – they aren’t just there.  Windows probably does something similar, but it is hidden in another layer you don’t usually see.

A news article reminded me of all this recently.  Iran test-fired a rocket containing a monkey, which supposedly came down safely.  The news story contains an explanation of why they showed pictures of two monkeys when there was only one in the rocket.

scratch_monkey

I have my doubts about the well-being of the monkey on the rocket.  I hope Iran learned from the failure of others and mounted a scratch monkey.

I have always been interested in cool ways of displaying data.  Bubble charts are a nice way of showing both location and size.  This chart from the New York Times shows positive and negative values in proportion to the whole, and does it nicely.

I was thinking of creating my own bubble chart, showing the locations I have worked in (probably focused on zip code), and showing the duration of time as the size of a bubble centered on that location.

I might have to get creative – I worked for one company three different times.  Perhaps stacked bubbles of different colors?

I have worked at my present company for just shy of sixteen and two-thirds years.  If the bubble scale mapped a year to a mile, this would go out pretty far from downtown Cincinnati (zip code 45202, even though the company changed names, moved buildings, and was recently taken over).  From downtown, the upper edge of the 16.65 mile bubble would reach almost to Mason, OH, where the ATP Tennis tournament is going on through Sunday.

That’s interesting to me – not the tennis, but the bubble reaching almost that far.  The reason it’s interesting is that starting Monday, my job bubble will be growing from zip code 45040, not from downtown’s 45202.  I begin a new job on Monday morning.

I was not looking for a new position – I was contacted, and had to create a resume (and managed to leave my home address off).  The interview went well, a follow-up technical test went well, and I accepted their offer.  I will be doing system administration, something near and dear to my heart.

It’s a new start, and a bright day.  I’m looking to have a nice, big bubble at this zip code.  A happy bubble.

In case you missed my prior collections (old, older, even older, oldest) of email tag lines (or wanted some new ones), I’m relatively proud to serve up a new bunch.

I try to alternate serious/spiritual with silly, and sometimes it comes out that way.  Most if not all of these are collected elsewhere, and aren’t original.  And without further ado (meaning we’ve had enough doo already), here is almost two year’s worth of tag lines.

Dec 10: Happiness is having a large, loving, caring, close-knit family in another city

Jan 11: A friend can tell you things you won’t tell yourself

Feb 11: The future is here.  It’s just not evenly distributed yet.

Mar 11: As above, so below

Apr 11: The chief cause of problems is solutions

May 11: To achieve great things, two things are needed; a plan, and not quite enough time

Jun 11: Any technology distinguishable from magic is insufficiently advanced

Jul 11: Men stumble over the truth from time to time, but most pick themselves up and hurry off as if nothing happened

Aug 11: quidquid Latine dictum sit altum videtur (yeah, and here’s your Google search)

Sep 11: The opinion of ten thousand men is of no value if none of them know anything about the subject

Oct 11: Ask a grown-up to help you aim the nerve-gas rockets

Nov 11: An education is the best thing you will never finish

Dec 11: A watched clock never boils

Jan 12: Reality has an ugly way of intruding on our best intentions

Feb 12: Sufficiently advanced political correctness is indistinguishable from sarcasm

Mar 12: I’m not denying winter.  I’m just affirming spring.

Apr 12: The more you talk, the less you listen

May 12: 43rd law of computing: Anything that can go wr

Jun 12: It’s not denial. I’m just selective about the reality I accept.

Today was the first day at my new job.

Same office building, same desk and chair, same phone number, but today my division was taken over by a US subsidiary of a large Japanese conglomerate.  No changes yet, although those will be along.  Right now, they are reassuring people, giving some insight to our new corporate overlords (whom I welcome), and ensuring stability for our customers.  Pretty much what I’d do.  And not hard – I work with a bunch of high-class professionals.

As opposed to some spam I got recently.

Read the rest of this entry »

There’s a joke about a cook serving elephant-rabbit stew.  A customer asks about the contents.  “Equal parts elephant and rabbit – one of each!”.

At my company there are two lines of business.  I work for the rabbit side – about 2500 people providing billing services and software to the phone, cable, and utility industries.  We’re white collar professionals.  Developers, project managers, technical writers, testers (including me), and management and support staff to make it all work.  The other line of business is call centers, and that elephant weighs about 75,000 people around the world.

Well, no more.

Read the rest of this entry »

I wasn’t cut out to be an assembly line worker.  I enjoy physical labor in a limited way – using a tiller to prepare a garden is about my limit.  The last time I tried using a chain saw I ended up with tennis elbow (better than ending up with chainsaw elbow playing tennis).

So what in the world am I doing moving fifty-pound containers of rice and man-handling thousand-pound pallets of food?

Easy.  I’m a knowledge worker.

Read the rest of this entry »

Back to a sad post.

My boss got fired this week.  It wasn’t for cause – she hadn’t done anything wrong.  In fact, she had done everything right.

She didn’t work herself out of a job.  There are still mountains to climb, obstacles to overcome.  But somebody in a corner office in a state far away decided he would rather have not my company, but some other company, do their work.  In effect, my company lost their job with the customer.  As it rippled down, my boss and dozens of others lost their jobs.

That’s a terrible thing to happen to the best Boss ever.

Read the rest of this entry »