Rubénerd!

I can't say I ever thought I'd be using Perl as a last resort emergency security tool. Sheesh Servage, get your act together.

My first few days back in Singapore have been eventful to say the least. I could have said they were uneventful, but that would have been inaccurate and would also have contradicted what I just wrote. And the last thing I want to do here is look ridiculous. Well, any more ridiculous than I look now walking down from my apartment building to Orchard Road while I type this post on my iPhone.

ASIDE: I used to mock people who spent more time looking at their phones than paying attention to where they were walking; now with this ridiculously useful iPhone I'm guilty of the exact same behaviour. Walking into light poles seems to be my divine punishment for this hypocricy.

Yes back to eventfulness, since coming back here last Saturday morning, I've had my first major problems with online hacking of my sites, to a degree I never thought possible. So far RubenerdShow.com and the associated subdirectories such as this blog have been the victim of 12 code injection attacks as a result of poor security standards on my webhost. I dislike it when people shift the blame onto others, but all my permissions are set perfectly and the attacks are coming from within my host's IP range, so it's a matter of lax internal security due to what I suspect is poorly enforced group permissions.

As Bruce Schneier said in his Secrets and Lies tome which I admit I've read more than three times, internal threats are often more dangerous than external ones, though they often get placed second in priority. I am a huge fan of Bruce Schneier, I even wrote about the Bruce Schneier Facts website back in 2006. Very fun distraction when all this nasty stuff is going on!

For Servage this isn't new; a quick Google search for Servage Hack returns thousands of results. Even Flickr has a couple of screenshots by people showing their sites and even the Servage host site itself being hacked.

Perhaps as a result of this or because Servage has also been caught hosting hundreds of spam and credit card fraud sites, the StarHub ISP here in Singapore has seemed to start blocking all Servage hosted material. As I sit here at Starbucks now in Tanglin Mall it seems SingTel haven't filtered it, but given Singaporean ISP's general low tolerance when it comes to abuse of their systems I worry they may be next.

ASIDE: For those interested in the attacks themselves, it seems shady Servage users have been inserting javascript into the first line of my index.php files and modifying my .htacess files to redirect to other sites. This despite all my permissions being set to allow myself to read and write, but others in the group to only read. I don't know what else I can do to block these changes.

I've written a trivial Perl script to check the modification dates of every file on the server, and if it doesn't match a list of predetermined values it deletes the hacked/modified file and restores it, then logs the change. This seems to have stopped all the attacks but it really is a clumsy measure. Servage need to get their act together, because it's not just me this is affecting.

Suffice to say, I am already in the process of moving over all my material to Segment Publishing hosting and Ourmedia instead of using Servage as well. I had kept Segpub for use only for my university blog, but they've proven themselves for their stellar reliability and great service. They do cost more than Servage, but as I've learned from this experience cost shouldn't be the primary consideration. As a student I do have a stretched budget, but if I have to pay a few dollars extra a month for peace of mind, a server running FreeBSD and my own dedicated IP address that I don't have to share with hundreds of other sites -- some of which engage in criminal activities -- I think it's worth it.

Segpub Christmas cheer!

What frustrates me is that it's my own home ISP StarHub that has blocked Servage, which means I have to use a proxy to access my own site. I'll be doing some serious cleaning up of my MySQL tables and I'll be exporting them hopefully today or tomorrow.

Interestingly enough, this blog and all the images used within are quite small. Exporting gigabytes worth of Rubenerd Shows recorded since 2005 and re-uploading them to Ourmedia will be a painfully slow process, but I think it will pay for itself pretty quickly.

Will be keeping you up to date, and thank you everyone for your patience. Because of the difficulty I'm having right now accessing this site, if you want to leave comments you may want to just email me instead.

What a great thing to be dealing with over my preciously short Christmas holiday break. Though I guess had this happened during an exam period it would have been much more disastrous to deal with. Bummer though.

This is a shorter message because I don't have much time here. It seems the reason why I haven't been able to access my blog and Servage.net over the last few days here at home hasn't been because my site is offline or down, but it seems that my webhost (and all the sites they host) is being blocked for some Singapore Starhub internet customers.

I am accessing my site now through a proxy. Google Reader seems unaffected.

This is extremely serious. I have long suspected Servage has been hosting some less than reputable sites, and with the latest code injection attacks which have been happening on my blog since Sunday on my site and on dozens of other Servage customer's sites, I suspect Starhub have taken action against them.

I will be moving all my Rubenerd Shows which collectively account for around 92% of my bandwidth onto Ourmedia, and I'll be moving my remaining sites over to Segpub (FreeBSD webhost in Australia with dedicated IP addresses, SFTP and SSH) once and for all. Perhaps this is the final wakeup call I needed to get my arse into gear and make the transition!

Servage were ultra affordable back when I thought the internet was a nice toy, but they're lack of adequate checks on what they host and these security lapses have made me lose what little shred of confidence I had in them. I don't approve of Starhub's move to block all sites hosted by them, but I can at least see their reasoning, and can somewhat understand.

Stay tuned for further developments. This will no doubt be taking me this next week to do. What are you doing for your holidays?

I finally caved and re-registered my Pro Flickr account. My experiment with Zooomr was fun, but Flickr is way more reliable and still easier to use. The smart sets feature in Zooomr which can create sets automatically based on tags is nice, but often backfired so I couldn't use it seriously.

So to celebrate my return to the Flickr realm, I've posted a VERY funny picture in the Singapore StarHub cable TV guide for this month!

That's right, they called him NILL O'Reilly! He's nothing, his opinions are worthless, he's NILL!

If you don't have the pleasure of knowing who Bill O'Reilly is, he's a self confessed "traditionalist" who tries to seek the truth "without spin" but is in reality a loud conservative pundit who yanks the microphones - and screams over the top of - people he disagrees with. Very entertaining television if you don't take him seriously.

But now he's being shown in Singapore? Argh where's Keith Olbermann when you need him?

Despite my borderline manic obsession with BSD on my own systems, I chose Ubuntu Linux on my mum's laptop, mostly because she just wanted a really basic system with a computer-illiterate-proof update mechanism, a web browser and that's it.

So I was downloading it last night and glanced at the transfer rate. 2.2KiB per second? This was going to take longer than I thought. Until I read it again... 2.2MiB per second! In less than 4 minutes I had the latest version of Ubuntu Linux sitting on my desktop, a 697MiB file!

Compared to the internet I've used in Malaysia (argh TMnet!) and Australia (TPG is fairly reliable but slow), Singapore has it going on :).