Atheists helping our neighbors (aka: good people doing good things)

There is a myth in America that only people motivated by religion (specifically Christianity) do good works; i.e., help other people. Which is why I volunteer for as many philanthropic activities scheduled by the Atheist Community of San Jose as I can.

This past Sunday I and three fellow ACSJ members helped improve the home of a 84 year old woman in our community. Most of the other volunteers on this project were there representing the Kiwanis. While it was clear that most of them were not atheists (based on conversations I had) they too were there not because God said so but because they were motivated by humanist values.

This was our first partnership with Rebuilding Together Silicon Valley but I doubt it will be our last. The project involved painting the house exterior and repairing the bathroom floor. In fact the damage was so bad many of the tiles had cracked and you could feel the floor move when you walked on it. In this picture you can see what things looked like after we removed the tile, two layers of underlayment (the second layer tells you the problem existed a long time) and rotted subfloor (the person in the picture is a fellow ACSJ member):

DSC_2572

This is what it looked like after we repaired the subfloor and were just about to install the new vinyl flooring (sadly the budget didn’t allow for tile):

DSC_2604

You can see more pictures showing the work done by the volunteers here.

So the next time you hear someone saying that atheists are selfish and only do things that hurt others while making themselves feel good don’t believe it.

GoDaddy is incompetent and should be put out of business

I’ve been seeing numerous SSH attacks from GoDaddy owned networks (domain “secureserver.net”) for the past two days. I’ve sent an email to abuse@godaddy.com for each of those twenty attacks. I haven’t received as much as an auto-reply acknowledging my attack reports. Most hosting service providers at least pay lip service to reports of attacks from their networks. But not GoDaddy. Given their lengthy history (going back several years) of incompetence and malfeasance (see this article for a recent example) I conclude it is time to impose the Usenet Death Penalty on GoDaddy.


Update 2015-05-19: I just emailed the following message to abuse@secureserver.net. I have blocked three of their servers in the past day, seven in the past week, and 56 total. I have yet to receive even an auto-ack of any attack report I’ve made. Clearly GoDaddy doesn’t give a shit if their clients are hurting everyone else.

Dear GoDaddy,

I’ve seen six SSH attacks from 208.109.111.61 in the past 24 hours, 18 in the past week, and 27 in the past month. I sent a report of the first attack that included the log entries below. Do you even give a shit about the security of the Internet? Or does “secureserver.net” mean that your clients are secure from abuse complaints?

May  6 21:19:54 macpro.skepticism.us sshd[9346]: Invalid user nagios from 208.109.111.61
May  6 21:19:54 macpro.skepticism.us sshd[9346]: Received disconnect from 208.109.111.61: 11: Bye Bye [preauth]
May  6 21:19:55 macpro.skepticism.us sshd[9348]: Invalid user admin from 208.109.111.61
May  6 21:19:55 macpro.skepticism.us sshd[9348]: Received disconnect from 208.109.111.61: 11: Bye Bye [preauth]
May  6 21:19:56 macpro.skepticism.us sshd[9350]: Invalid user ubnt from 208.109.111.61
May  6 21:19:56 macpro.skepticism.us sshd[9350]: Received disconnect from 208.109.111.61: 11: Bye Bye [preauth]

Should you subscribe to HBO.now? Yes, if only to watch “Going Clear”

I actually watch very little television. I prefer seeing movies in a theatre or reading a book. But when the HBO.now service became available to Apple TV owners I couldn’t resist subscribing because I really wanted to watch the documentary “Going Clear: Scientology and the Prison of Belief”. This was directed by Alex Gibney who also directed “Taxi to the Dark Side”. Which is another must-see film about the torture practices of the United States in the aftermath of the 9/11 attacks in 2001.

Frankly, even if you don’t plan on paying the $14.95 per month after the free month you should subscribe briefly if only to watch “Going Clear”. I thought I knew a lot about Scientology after reading numerous articles and books on the topic such as “Inside Scientology; The Story of America’s Most Secretive Religion” by Janet Reitman. Yet the videos of L. Ron Hubbard and Scientology events (presumably private and many featuring actor Tom Cruise), really makes clear how warped the religion is. Of course, the tenets of Scientology aren’t really any weirder than Christianity or Islam but the fact it was created in my lifetime definitely makes it harder to accept. This documentary makes it abundantly clear that Scientology needs to be put out of business even sooner than the three major Abrahamic religions.

Truthout.org has lost my respect by advocating anti-GMO nonsense

Today I received a fund-raising email from Truthout.org. A news source that generally champions progressive causes. I’ve given them money in the past but will not give them another penny until they agree that this is wrong and stupid:

I became a mother last year. One of the best moments of my life was immediately followed by new worries.

For example, genetically modified organisms were never really on my radar when I was just feeding myself. When my daughter was born, I started reading everything I could about GMOs. I’ve come to believe that food labeling is absolutely necessary: No corporation should dictate what we eat and feed our families.

Above are the opening two paragraphs of the email I received. This is the message I sent them when I unsubscribed from their mailing list:

I’m unsubscribing because of the message from Annie Stoddard titled “I don’t want GMOs in my daughter’s future”. If you’re being run by a bunch of scientifically illiterate anti-GMO idiots afraid of things they don’t understand I have no interest in supporting your organization. Are you also anti-vaccination? Do you believe the ridiculous things Vani Hari, “The Food Babe”, says? Where does the stupidity end?

The right-wing is up in arms over DOD calling Bible sexist

Google “deomi sexism bible” and you’ll find a huge number of right-wing news sites and blogs expressing horror that the Defense Equal Opportunity Management Institute (DEOMI), a group within the US Department of Defense (DOD), has a course on sexism that points out the self-evidently true fact that the Bible, US Declaration of Independence, and US Constitution all allowed, if not outright sanctioned, treating women as second-class citizens. Not surprisingly many of the blogs I read also used rhetoric consistent with the MRA (mens rights advocacy) movement.

Here is a representative assertion from one of the articles you’ll find with this Google search:

It doesn’t matter that Christ, Moses, or the Founding Fathers were not in the least hung up on sexism.

Yes, I’ll grant you that those groups were not “hung up on sexism” in as much as they thought it the natural order of things that women were not equal to men. You would be hard pressed to find an individual man in any of those groups (by which I mean Jews, followers of Jesus, and people living during the time when the USA was being formed) who actually thought about their attitudes towards women and whether those attitudes might not be justified. So, sure, they weren’t “hung up on sexism”. But that misses the point that they were sexist and the documents they wrote enshrined the idea that women are second-class citizens.

All of the outrage boils done to one, if not all, of these ideas:

1) How dare anyone imply the Bible is anything other than a source of perfect morality and rules for living.

2) How dare anyone impugn that the US Constitution is the perfect template for running our affairs today. It does not require any interpretation or adaptation to our current world.

3) How dare anyone question the behavior of US military personnel who pledge to uphold the US Constitution (unlike that Kenyan-Muslim-Communist-Socialist-Atheist elected to be our current president).

My mind boggles at the willful ignorance and stupidity on display.

P.S., This came to my attention via an email from Lt. Gen. Jerry Boykin, representing the FRC, titled “Help Us Stop the Battle against Our Armed Forces”. The title is interesting in that it implies that the US military is above reproach and is being undermined (by ungodly, leftist, members of society).

Tony Perkins, FRC head, warns that American churches are being persecuted

Another day, another frightening email from Tony Perkins of the Family Research Council begging for money (sorry, asking for a “generous gift”) so they can do God’s work. Why God can’t handle this himself (for example, by smiting the guilty) isn’t explained. What do they need the money for? To fight the “rampaging persecution of the American Church!” Does the FRC mean that churches are being closed by the state? Are Christians being forced to disavow their religious beliefs? Are Christians being fed to lions? Nothing quite so dramatic.

The examples of persecution Mr. Perkins cites boil down to forcing businesses owned by Christians and religious charities which use public tax money to follow the same regulations that secular organizations must follow. Specifically, they can’t discriminate based on a person’s sexual orientation. In other words, the FRC is claiming that because Christians can’t persecute homosexuals it is actually Christians who are being persecuted. The mind boggles at the “thinking” on display by those poor, downtrodden, good hearted Christians.

P.S., One of the persecuted business owners is quoted as saying

“It would almost appear as if we have lost the battle for the culture as Christians. I would say that’s not true. I say that we can become relevant. I say that we can fight for our rights. I say that we should fight for our rights… we’re called to put on the full armor of God—and stand.”

What does the full armor of God look like? Is it shiny? Does it convey special powers like the ability to fart rainbows that smell like bananas?

Rep. Louie Gohmert complains that only Christians can be abused

Rep. Louie Gohmert is quite likely the most ignorant, bigoted, just plain stupid representative in the American House of Representatives. Yet I’m still surprised when I hear him say something that lowers my opinion of him. Listen to the following where he claims that Christians are the only group in America that it is politically correct to abuse and misuse:

Mr. Gohmert, I have news for you. Atheists are on the receiving end of far more abuse than any religious group. Christians not only receive less abuse than atheists they’re downright privileged in American society. The fact that American society is starting to acknowledge that Christians should not be free to impose their religious dogma on everyone else in our society is not abuse or persecution of Christians. We, as a society composed of Christians and non-Christians, are simply recognizing that secular rules for living are better than religious rules.

Malware forges HTTP user-agent values

This week I saw “Mozilla/0.6 Beta (Windows) advertised by a system in the Ukraine that has been attacking me for two weeks. That version was released December 8, 2000 (15 years ago). The same system also advertised “Mozilla/4.0” a few hours later. Yeesh! Malware writers are morons.

I recently reported a HTTP (i.e., web server) attack to a small business owner whose network was infected by malware. Their abuse contact told me that the attack couldn’t have come from their network because

We only use Mac or Linux workstations. The Windows machines that come into our office for repair or virus removal are not connected to the network before going though the cleaning process.

That assertion was based on the fact that the log entries for the attack included a user-agent string that implicated a machine running some version of MS-Windows. Even after I attempted to educate him about malware he failed to understand that malware forges HTTP user-agent strings. To make that crystal clear below are the user-agent strings I saw from the most recent attack guess WordPress account credentials on my Blog. The attack came from fourteen computers in Italy. I know this because I have set LogLevel dumpio:trace7 in my httpd.conf config so I can see the entire request of each attack and am able to confirm that every POST /wp-login.php request was attempting to guess account credentials.

These are the fourteen user-agent strings I saw from that attack:

Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.31 (KHTML like Gecko) Chrome/26.0.1410.64 Safari/537.31
Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML like Gecko) Chrome/35.0.1916.114 Safari/537.36
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.11 (KHTML like Gecko) Chrome/20.0.1132.47 Safari/536.11
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML like Gecko) Chrome/26.0.1410.43 Safari/537.31
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/27.0.1453.110 Safari/537.36
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/30.0.1599.69 Safari/537.36
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/33.0.1750.146 Safari/537.36
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML like Gecko) Chrome/22.0.1229.79 Safari/537.4
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:27.0) Gecko/20100101 Firefox/27.0
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/33.0.1750.117 Safari/537.36
Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko
Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; MAARJS)
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)

I’ve also seen numerous attacks from companies selling hosting on Linux servers that specify HTTP user-agent strings that imply a computer running MS-Windows of some flavor.

This is not the first time I’ve been told by some ignorant tech support person that I must be mistaken because they don’t use that browser or operating system. That someone like my mother would be that ignorant of computer malware is unsurprising. That people managing the computer security of a company are that ignorant goes a long way to explaining why malware is so prevalent.

Rejecting HTTP requests from bad actors

Malware authors tend to be egotistical as well as stupid. Some malware authors include their signature in the HTTP user-agent string they send. Such as “ZmEu” and “DataCha0s”. Or they do something stupid like surround the user-agent string with double-quotes (see the first RewriteCond statement below). Adding the following rules to your .htaccess file (or Apache config file) provides an inexpensive means of blocking requests from such malware. These rules catch a surprising number of malware attacks against my WordPress blog.

# Block ZmEu and other bots based on their user agent signature. Another sign
# that hackers aren't as smart as they think they are. Note the first
# condition, starting with a quote-mark, is another sign of a sloppy hacker.
# No legitimate browser or web crawler quotes the user-agent string.
RewriteCond %{HTTP_USER_AGENT} ^" [OR]
RewriteCond %{HTTP_USER_AGENT} ^PHP/5 [OR]
RewriteCond %{HTTP_USER_AGENT} =ZmEu [OR]
RewriteCond %{HTTP_USER_AGENT} =immoral [OR]
RewriteCond %{HTTP_USER_AGENT} ^.*\stools.ua.random [OR]
RewriteCond %{HTTP_USER_AGENT} ^chroot [OR]
RewriteCond %{HTTP_USER_AGENT} ^DataCha0s [OR]
RewriteCond %{HTTP_USER_AGENT} ^I'm\sa\smu\smu [OR]
RewriteCond %{HTTP_USER_AGENT} ^\(\)\s{ [OR]
RewriteCond %{HTTP_USER_AGENT} ^q\[ [OR]
RewriteCond %{HTTP_USER_AGENT} ^Morfeus\sFucking\sScanner
RewriteRule ^ blocked.php [NC,END,E=error-notes:blacklisted-user-agent]

See my previous article for information about the blocked.php module.

Configuring WordPress to reject bogus wp-login.php requests

Invalid HTTP POST requests to /wp-login.php are by far the most common attack I see against my WordPress blog. For some unknown reason the vast majority of those attacks are from computers in Italy (see my first and second articles about it). These .htaccess rules block them:

# Block bogus login post attempts. Most bots are stupid. They don't use a
# modern HTTP header, don't include the referer header, or don't include the
# WP cookie that would be included in a legitimate request.
#
# This is primarily so that the logs show a 400 rather than a 200 status
# (which is reported even for invalid credentionals). Thus allowing our log
# monitoring program to notice the bogus attempt and blackhole the source.
RewriteCond %{REQUEST_METHOD} POST [NC]
RewriteCond %{REQUEST_URI} =/wp-login.php [NC]
RewriteCond %{HTTP_REFERER} !^https?:// [NC,OR]
RewriteCond %{HTTP_COOKIE} !wordpress_test_cookie=WP\+Cookie\+check [NC,OR]
RewriteCond %{THE_REQUEST} \sHTTP/(?:0\.9|1\.0)$ [NC]
Rewriterule ^ blocked.php [NC,END,E=error-notes:invalid-wp-login-post]

See my previous article for information about the blocked.php module.