Someone should really print this on a T-Shirt. You know Disney, “New” Viacom, TimeWarner, News Corporation, Bertelsmann AG, and General Electric together own more than 90% of the media holdings in the United States. I have no numbers for the world here, but just do a little research 

Sources

• http://invisiblethings.org/papers/redpill.html
• http://en.wikipedia.org/wiki/Concentration_of_media_ownership

But it’s like browsing mp3.com in the old days and you can find great new artists. Just downloading promo MP3s is stress since you have to be logged in now.

I tried for over 30 minutes to login and request a new password. The „Forgotten Password“ mails never arrived, using fake accounts did not work, and after i finally got a userrname/password from a friend it told me to enter CAPTCHA and then told me „too much login retries“. If DoS-attacks would be legal you know i would have destroyed their servers! Damn you myspace! After trying to contact myspace and seeing an FAQ instead of an e-mail or contact-form i was finaly pissed off.

I must say my dear artists: if a user cannot download any promo MP3s you’re lucky if user remember a bands name. As it goes for me i don’t make any notes. Sometimes I just bookmark some cool artists and then again forget them. It doesn’t often happen that i immediately buy an album – and you probably know i dislike iTunes. So if i don’t find it – no work.

Myspace is indeed censoring an artists promo actions by having the user need to register (and this just doesn’t really work).

But i didn’t give up…

…and so i found finally a way download my promos by using the nice service from File2HD. But i shall inform you that you’re not allowed to, since – according to File2HD – you need rights to access the original files the artists uploaded.

Anyway, as it goes for File2HD, it just demonstrates how weak those crappy commercial sites are coded. Almost every major social platform has major security leaks – otherwise downloads won’t be possible. I just want to encourage the guy behind the site to continue his war against the copyright mafia.

And since the service puts out nice URL-lists not only for myspace but also for YouTube including HiQuality Downloads i just can recommand it. Use it at your own risk!

P.S.: Have you ever disassembled the YouTube Flash Player? Have a nice day…

I hate all those low quality videos from YouTube. You know there is that trick to concenate &fmt=18 to YouTube-URLs to have it access the new servers with higher quality videos and better bandwidth performance, but still that does not makes me happy.

Having FLV is ok for me, although I dislike non-standard container formats. But the point is copying those FLVs for friends often ends up by them complaining not beeing able to play the files on their Windows or Mac. The same problem persists on the iPod or my mobile phone that just understands 3GP in the moment.

So i end up having to convert the files… or transcoding them.

Conversion vs. Transcoding

Converting usally means decoding the video to a full video-picture – probably with or without any post-processing– and loosing the visual information that was artifically added again by encoding. Also, most of the  bitstream-information on the decoded stream is also lost, because you only see a the picture and not what abstract data is behind.

That is the place where transcoding comes into play: It transcodes the data be going deep into the input stream directly translating it the the output stream. The “visual step“ between encoding and deocoding is skipped, because not necessary. In the end we have not only faster conversion process, but have also retained all possible quality. 

Ok, if input and output en/decoding algorithms differ too much or you wanna resize the video you still have to convert the videos. Point is that the algorithms used in input and output stream have to be similar to each other (beeing often MPEG4 on nowadays video material).

I discovered vixy (which is based on ffmpeg) und does a nice job on transcoding. On windows and Mac you have a GUI limited to YouTube. The Online-Converter itself seems to be always overloaded. So, time to compile our FLV 2 MPEG4 Tool ourselves (for Ubuntu/Debian):

A last word to YouTube. I don’t suggest uploading to it in no way!

• They manipulate view counters on videos with strong political content (e.g. 200 views and 300 comments?)
• Everything you upload, belongs to them! Read the terms!
• Quality still sucks  (it’s for the american market; but we have broadband here in germany!)
• Servers are often damn slow, espacially at 23:00 CEST+1 when all americans go on the site

Great technology for resizing pictures while maintaining important details via image energy fields:

Das Paper zum Thema gibt es hier auf Dr. Ariel Shamir’s Homepage. Warum fällt sowas uns Deutschen nur nicht ein?

Hier der verabschiedete Gesetzesentwurf. Das Bundesministerium für Justiz, bzw. unseren Poltiker strotzen mal wieder mit Kompetenz und zeigt uns auf deren Website gleich die geilsten Parlamentarsschlampen, und die coolsten alten Playboys. Ihr könnt gerne euren Spass haben dort, aber bitte unterlasst die Gesetzgebung Juristen, die auch wirklich Ahnung haben, und ihre Experten nicht belächtend beäugeln!

Ja, Deutschland hat keine Sicherheitsprobleme, da die gesamte Sicherheitsindustrie bald im Ausland sein wird und Deutschland auch kein Internet mehr haben wird. Nach tollen Videos, die unsere Gesetzesgebenden vom Internet in einer BKA Dokumentation gesehen haben, dient das Internet ja nur der Pornographie und Kriminalität. Und es soll angeblich was mit Computer zu tun haben. Aber wer braucht das schon! Das Leben kann ja so schön sein ohne Computer und Co., vor allem in dem tollem Badeort Rotterdam oder in Berlin oder anderswo, wenn mal wieder alle Strassen gesperrt sind, um das Präkariat aussen vor zu lassen. Klingt links, ist auch so, aber mehr als Zynismus und Depressionen bleibt mir bei der gegenwärtigen Situation auch nicht.

Und wer noch weiß was abgeht soltle mal hier gucken:
http://www.heise.de/newsticker/search.shtml?T=202c

Trotzdem, schöne Aktion, lieber CCC! Habt ein tolles Wochenende (vorm Schirm!) *G*

Appearently a good joke for an april’s fool joke. SSH Client for iPhone, you may ask? Apple does now support real applications instead of their webby 2.0 server applications? An SSH client? Unsecure!

Not really. And it’s a really wellthouhht out solution. You can check it out here . If you haven’t any SSH server just click connect to connect to the demo server.

Happy iPhoning!

UPDATE: Das iPhone besitzt entgegen den Infos auf der Seite eine Kamera, und wird wohl auch MMS bieten. Somit wären die ärgsten Kritikpunkte weg. RSS-Reader und derarten kann ja alles web-only via AJAX sein

Ok, i was bitching around enough about 1&1 and probably I have enough reason to, but it’s time for some positive things, namely… they do support PHP5 on their servers!

Just add following to .htaccess to enable the directory-wise support for single directories.

AddType x-mapp-php5 .php

Remember that this also affects descendants of the directory you have applied this.

Still it is only version 5.2.1, not really up-to-date to guarantee good security, but they have improved on their update cycles. Anyway, i guess i have to ask them for MySQL5 Servers. Or you tell your customers not to go to the „best and biggest hoster in germany“ *LOL*

I really encourage to update and want to remind you that the PHP-community wants to get the jump to Version5 for about one year now. PHP5 already is 3 years old (PHP 5.0.0 final was released on 13-Jul-2004!). PHP4 only is maintained for security but not developed any longer - it’s really late if you don’t yet develop PHP5 applications yet!

So get your lazy asses up and learn to code!

…found in .htaccess at 0×000000.com. Also read the ha.ckers.org Cheat Sheet to XSS!

I guess I’ll rewrite my ErrorHandler a bit to support XSS or suhosin-messages. I’m not a big find of going through a houndred megabytes of apache-logs a day

Or the story of a hack and the recovery of a compromised system. Namely server “Detroit” went down today at 4:06am throughout MAC poisoning, which was discovered by an IP Switch and therefore rejected(?). Sad, but, another journey of terror of support terror began…

Day 1

[9:00am] The server cannot be reached!

Are you sure? Damn, but I guess it’s their fault (once again). If you already had used 1&1 or former Schlund you only have two choices to convince them that they have an issue with their network and it’s not your fault.

1. Their service team is separated from their tech team. So coordination is not as always as it should be. First choice is always to get the service contact overloaded by tech speak so he has to make a query to the tech team. Then they’re suddenly very cooperative.
2. Second option is to tellthem it’s about a shop that makes a hel-load of orders and is going to be far under expected sales if they don’t fix the error.

Well, i catched up the syslog via hardware console and saw that the system is unable to bring up the network adapter (eth0), but booted normaly. And still i wasn’T able to connect via SSH. I phoned the support several times and about 3h later i was reported that the server poisoned the network with an invalid MAC address since 4:06. I wasn’t sure if they’re right – but probably it was a reason for the network adapter beeing  rejected by their IP Switch.

[12:00] Tracing the intruder

Well, they told me our system is now seen as compromised and i will be only able to boot the rescue system for now. I tried this via their admin section on their website, but the option was not available. Therefore they system bootet the normal system isntead, which could also be seen over hardware console. Another phone call was made. After 1h i had the option and i finally was able to boot the system. It took another 2h until their automated system gave me finally a shell to the a rescue system. But i wasn’t able to login with the given password from the administration site. I tried the original password for the server and it suddenly gave me access. Ok, that’s really  secure when the hacker already has decrypted the passwd from the old system, where i switched off pure passwd-auth (only RSA-keys).

Well, now i was finaly able to mount the drives and search for traces of the intruder. I didn’t find much in the logs, or something that really spoke for MAC poisoning, but i did find some w00tw00t.at log entries, an IP address from an AOL network and some local exploits in “/tmp/ /../”. Probably the addrsses were also spoofed and our little server was going to become a spambot or a proxy.

[17:00] Making a backup of the files

One thing at 1&1  is really nice: not having a good working solution for backup or instant recovery. Other hosters provide you with drive images from the last 3 days or automated backup systems or instant fallback image servers.

1&1 says this is not possible for root servers – hell knows why – and provide you instead with a restrictive FTP server with the same size as your server HD for two-times the money of other offers. Okay, that’s probably ok for diff-tarballs but it’s not a real deal when you want a mirror or you have to backup large amounts or big files. And it’s pain in the ass when you cannot stream to the FTP server, but have to pack a tarball first and then transfer it. That’s fine when the HD is almost full, und you only have the ftp, screen and vim command in the shell. Right, No Midnight Commander or tools to do instant batch processing of the files. I wouldn’t call it rescue system but minimal system instead.

Well, it was an 120GB partition with about 52GB free. I deleted some stuff, made some tarballs for the /var/logs, /etc /home and then transferred it to FTP. I was very happy to have enough free drive space to do that. And i did the backup to two times, one on another FTP Server – only to make sure they don’t reinitialize and kill the data an the FTP that’s in one contract/package with the Backup Server. Well that was about 50GB of data compressed to about 27GB.

[19:00] Go home and wait till tomorrow

The server was still transferring and since it was „only“ our development server which got compromised i could walk home without having to fear a work day till the full moon. The server still transferred some files…

Day 2

[9:00] Backup is made, please reinitialize the server!

The first thing i’ve done in morning – even before i got my coffee – was to call they support hotline again. The server is ready, please re-initailize it!

[11:00] I still can login to the rescue!

And again another phone call was  made since no once actualy did something. Again, the same story had to be told (platinum service witrh different employees!), the tech team had to be queried once again (please hold the line for about 10min!), and finally i was asked which system i wanted – after telling them my contract and customer number for 10 times. I told them „Debian Etch Stable“, or „Debian 4.0“ or the „latest Debian available“.

“Thanks. You’re system will now be reinitialized with your desired system. It will be available in some hours, because they have to do it manually this time…” – *click* – “Manually?!”

[16:00] Manualy means 5h for installing Linux Debian and bringing up network access

I had meanwhile a closer look on the logs which i downloaded yesterday, ,did answer the phone two times and wondered if “hopefully online again tomorrow evening” was the wrong sentence in the mails i sent toyour developers yesterday evening.

Meanwhile the server could be reached for short time, there was a shell to login (but i had no passwords), and then again the server was off the line, and then it showed “ready” with bold text “SUSE Linux 9.3 (PLESK 7.3)” on their recovery admin site.

Still I cannot ping or connect to the system. And i wonder how long it takes to reintialize the server once again with Debian…

[17:15] Compromised system released again

Ok, although it’s against their policy they did release the compromised system(!). And it still runs. Yet it was not blocked from the IP switch and no rootkit was found Still i wonder what data the guy leeched, or if he was even able to download something and how he got into the system. I guess he used the server as proxy (

Anyway, vnstat reports about  tx 3,971 MB,  rx 2,517 MB,  total  6,489 MB, wheras the server only does about 500MB  total per day.  I forgot to check that  and unless vnstat only does 24h i have no way to revert that data.

And some are going crazy here about mailing about 20 new passwords, whereas i have to set about 200 new passwords and copy and unpack about 40GB of data.

Resumé of the hack

Still the biggest problems with 1&1 are bureaucrazy and strict information policy as well as an overloaded network that has really amazing latency.

Anyway, it seems the intruder got into the server over a PHP upload exploit, but could not much do inside /tmp. Still, he could mainipulte the network adapter (probably through a local buffer overflow?).

He began scanning for security holes at 1:36am and was blocked by the intrusion detection system about 4:06am.

I guess all relevant data can be restored and nothing was lost. But what was once compromised stays compromised. I looked for file changes in the application files online but didn’t find anything – hopefully we’re safe again.

But Platinum service at 1&1 only means you get a ticket number which enables you to ask how far your query has progressed. Ah, and well the service employees are not the dumbest in the firm. That’s all mystery behind it! Forget 1&1! They suck. And the decision for 1&1 was not my choice…

Ajaxian.com hat wirklich ein sehr „ausgefuchstes“ CAPTCHA – vielleicht schon länger, aber bislang habe ich dort noch nichts zu posten gehabt.

Zu beantworten Fragen gibt es z.B. folgende:

• What four letter word starting with ‘A’ is the topic of this blog?
• What does the X in Ajax stand for?
• What three letter acronym is what we use to style web pages?

Einerseits hält es somit unqualifizierte Beiträge fern, andererseits bringt mich das auf eine ganz neue Idee:

• What four letter word in the headline of this page does start with A?
• What id do you read after article in the URL?
• What color do we use for page background?