Fucking Facebook, I swear.

(Just found this. Not sure when it was. Back in the Brick’s Picks daze, anyway, a few years ago.)

Fucking Facebook, I swear.
 
I had an account. Apparently I hit some feature that emailed everybody–and I mean everybody–in my email list that I wanted to be their Facebook friends or something ridiculous like that. I was suddenly Facebook friends with people I would probably never wanna be seen with in real life. Plus a zillion emails popped in with people telling me all this silly-assed shit I didn’t care about at all. I cancelled that account almost immediately and lived blissfully unfacebooked for a few months.
 
Then came a point that there was no way to communicate or network or anything with many people because I didn’t have a freaking Facebook page. So this time, I let paranoia guide me through the sign up procedure and set up an account without telling anyone. It was nice. I could use it when I wanted and not be bothered. In fact, I didn’t even use it for a couple months. Life was sweet and uncluttered and unannoyed.
 
Till one day a couple weeks ago I needed to get back on Facebook for something. I logged on. It seemed a little different, with info in my profile I thought I had deleted with my deleted account. Whatever.
 
Within minutes–minutes!–I received a slurry of those some-asshole-wants-to-be-your-Facebook-friend emails. Even worse, they were mostly from real life friends. I am not sure how this works, but it did. So I felt obligated to be their friend. I let the thing metastasize on its own, and it did, freely. When I sent out that silly picture of me with the dancing girls (I’d forgotten about the pic of me with the dancing girls), more than one lady said to use that as my Facebook picture. So I did. Funny guy. Then some of those ladies wrote on my Wall–I fucking hate that Wall–that my pic wasn’t there. Hmmm. So I uploaded it again. Then more messages came in, and something was very weird.  I got one of those mewling I-wanna-be-your-Facebook-friend from none other than me!  Myself. Brick. Even had the picture of me with the three chicks. Then yesterday it hit me–I have TWO Facebook pages. The first page had come back to life somehow when I logged in to it by mistake, and somehow was automatically pleading for the other page to be its friend. FUCK!!!!!! And now I get twice the annoying emails, twice the simpering be my Facebook friend crap, and twice the exciting news about things I would never care about and people I scarcely know. Perhaps have never even met. I even get these automatically generated messages about me from me.
 
Only I could have managed this.

(Alas, we all adapt, eventually.)

An unseen miasma of threats and spies and anarchists and criminals

I’m just an uneducated layman at this kind of thing, strictly amateur, but I sure can see why botnets are being built up by using WordPress. WordPress does not take security seriously. Never really has. It’s a joke. Even their fix it plug-ins can crash sites. And they blow off people who complain, essentially tell them it’s their fault and refer them to bulletins and forum discussions years old. It’s a huge site just screaming to be exploited for nefarious use. Facebook is an ideal channel for predatory malware, too, but WordPress is even worse because so little effort is made to impede it. At least Facebook seems to give a damn. And in a plot device worthy of I Spy or Mission Impossible (or even Batman) It appears that someone is building up to a huge Denial of Service attack on unspecified targets in the U.S. (so far they’ve been going after Washington D.C. based media sites, interestingly enough). And they are planning to use WordPress as the means to do so. Infected javascript is snuck onto a legitimate website’s homepage (such as those media outlets in Washington) which automatically redirects visitors to a WordPress blog that was hijacked and filled with malware (or set up deliberately as a Trojan horse full of malware). Suddenly your machine is infected too, and your security software might not even realize it. You begin infecting others. This latest phenomenon began in late July. About the time, interestingly enough, that WordPress bloggers began complaining again about performance issues.

There are nearly 70,000,000 blog sites on WordPress. All those blogs with all their plug-ins and widgets, literally billions of them, each of which is a potential vulnerability. That is, plug-ins and widgets are ideal ways an enterprising hacker can introduce malware to a blog page. WordPress, staring at numbers like that has done the easy thing and barely done anything at all. The Alfred E.Neuman theory of website security. You can either be proactive or just not give a flying fuck. Hence there are no fixes (well, there are, but they tend to crash Windows, something WordPress hasn’t bothered to address).  It’s somewhat disturbing when you realize that the brass at WordPress has decided to let the teeming millions of blog owners fend for ourselves. So some of the geeks in our midst have developed their own fixes. Alas geeks that they are, almost all of these fixes are written in dense packets of code that will scare the bejesus out of anyone with social skills. No easy to download tools for these people, which means that only a tiny percentage of WordPress users can apply any of these fixes (provided they even work). And as I said before, the limited fixes that WordPress does provide, in periodic upgrades, are so badly written that they freeze up Windows (often with a very attractive flashing or windows that metastasize so fast that your only recourse is to shut down the computer.) 

You have to be impressed by the WordPress brass and their belief in their decentralized approach to internet security. Afterall, the exact same thing that is happening now happened last April. 90,000 WordPress sites, hijacked by malware that created an enormous botnet that began Denial of Service attacks that just about did in WordPress itself. Was that a practice run? Whatever it was, it worked, making the site just about unusable for about a week there. Whew. That was close. Let’s hope it never happens again. The Chinese (or whoever)  could probably not believe their luck, and so they did the same thing again. That’s what is happening now, and you can google your brains out trying to find more that a couple press releases from WordPress announcing their half-assed and unworkable fixes. They might as well sacrifice a chicken and chant. That would be just as effective.

So potentially millions of WordPress blogs can be brazenly hijacked by unknown evildoers, who draw in unsuspecting visitors to innocent sites suddenly full of malware that, unknown to them (or to the owners of the infected site), will eventually make them unwitting participants in an oncoming Denial of Service attack when it comes. A potentially massive denial Denial of Service attack. Not that any of the infected visitors will have a clue that they are doing so. That’s the beauty of it. That’s what this botnet is, that’s what it does. All these infected computers that will one day receive a signal to begin contacting targeted sites over and over, maybe thousands of times per machine, overwhelming it’s ability to respond and essentially taking it offline. And doing so without the user–you or me–having any idea we are doing so. Talk about a perfect crime. This current website hijacking campaign was preceded by a similar attack that contacted Free Tibet activists on their Android phones via a “rogue” Twitter account and led them to a compromised Tibetan human rights website infected with malware. Not only did it link them to a botnet, it also provided their location (or their Android phone’s location, anyway) on a 24/7 basis, as well as gave a look-see to the evil doers into just what these Tibetan activists had on there. (I can’t find the article now, but I believe the infected site was a registration site for a human rights conference, which probably means credit card information was requested.) Interestingly enough, the malware used (something involving Adobe) had been used previously against manufacturing and defense industry targets (i.e., for industrial and military espionage). The coding was in Chinese. You  figure it out.  One of those things Edward Snowden didn’t bother mentioning.

(I saw today, incidentally, that the Dalai Lama’s website  had been hacked in a similar fashion. What’s driving a lot of this is the Tibetan self-immolation campaign. Beginning in 2009, at least seventy-eight Tibetans have burned themselves alive protesting Chinese occupation. The Chinese, frantic to put an end to it, have infiltrated Tibetan social media. A digital campaign against self-immolation, which is about as analog a message medium as you can imagine.)

Hijacked WordPress sites have been serving malware at the core of a number attacks during the first six months of the year.  Attacks against Washington, D.C.- area media sites involved javascript injected on to the sites’ homepages redirecting victims to a compromised WordPress site hosting malware. The same tactic was used against Tibetan freedom supporters where attackers were using Twitter to send victims to a Tibet-themed WordPress blog that featured Adobe Flash, a technique that had been used in the past against manufacturing and defense industry targets. What a coincidence. It bothers me, by the way, how local media sites in the Washington D.C. area–not the Washington Post but a television station, for instance) are being targeted. Why those? Why concentrate on D.C. people? Regular people, too, the type that log onto the local happy hour news team website. I have no idea.

By the way, those Facebook issues we’ve all been having seem to be related to this sort of outside interference as well. I have no idea if they’re related. There seems to be no financial gain in this. No one is scamming anybody or stealing credit card info. This is either a domestic, politically motivated campaign (an extremely well organized Anonymous type thing, which doesn’t seem likely) or a foreign power infiltrating and damaging the U.S. cyber infra-structure. It has gotten particularly intense this summer.

I suppose it ought to make us feel better that we do it too. Snowden laid that out. Is there a Chinese whistleblower doing the same? It would be helpful. Though unlikely as hell, not with their black jails. But it would give us, that is the American public, a clearer picture of where we’re at. Is the NSA creating huge botnets in China? Is this mutually assured digital destruction? The Chinese have admitted that a massive Denial of Service attack launched against American websites in 2011 (aka “Operation Aurora”) was counter espionage, and that they acquired some very useful information (some of which sounds similar to what Snowden revealed.)

Of course, 99% of you haven’t a clue what I’m talking about, but maybe you ought to. It’s almost Cyber World War, baby, and you are all right in the middle of it. I must have a dozen security and anti-viral/malware/worm/hack programs I use now. There is not one that can do all. And who knows what remains invisible in our machines? Or on sites that we use. Your Facebook page can be infected just like your hard drive can. Any site is the same. The whole cloud is a vast network of potentially infected sites, slipping infected code between each other. Cloud virus protection is a growth industry. The impenetrable firewalls that maintained the sanctity of intranets are sooooo last technological era. Almost everything is wide open now. We’re all as connected in the ether as are the neurons in our brains. It’s surreal. And just as a brain can be shut down by seizures that overpower all the neurons, overwhelming synaptic connections till every neuron is firing and freezing the whole thing and the body is paralyzed and spazzing and unconscious, so can botnets launch massive denial of service attacks that knock out websites by the thousands and effectively cripple huge chunks of the internet for a while. This digital existence of ours is full of virtual plagues, virtual wars, virtual criminals, virtual time bombs and virtual creatures that move about in perfect sequence following binary dictates. We are so fucked, you might say. Or at least doomed to an endless battle with these forces of virtual evil.  Some of you are so web-bound, online in some way or another 24/7. And that world you have your head lost in is an unseen miasma of threats and spies and anarchists and criminals and drone like codes that just can’t help themselves as they infect whatever they can. Craziness. I remember when we were bothered by pornographic emails. And all they did was offend us. Simpler times, those. There was email, and there was our lives.Two separate things.  Now many people’s lives are their Facebook accounts. They have friends they have never met, never will, and probably wouldn’t even like if they did. Men fall in love with two dimensional naked ladies who move about on their screens. We read books in photons where once we touched paper. Our money is in electrons, we never see it, and we’re not even sure if it’s ours anyway.

We have totally surrendered ourselves to this other world. In some ways we exist more in the ether than we do in the physical world. Yet out here, in reality, we have some control over our lives. But online, in the ether, they own us. They know everything about us. Not the government so much ss we fear, not really, when compared with all the data that Facebook and everyone else you register online with has. I’ve already gone on and on about data mining and what it means for you (in You Are What You Type).That stuff creeps me out. It’s essential, but kind of creepy. Too many years working in online marketing, I guess. I scan my machine almost daily with Spybot to get rid of all the spyware (it works better in the safe mode with networking, by the way.) I’ve done deadly battle with Win32 and WebCake. DoubleClick is a pain in the ass. The ZeroAccess Trojan was a tough one. Man. Had to go through half a dozen anti-virus softwares before I found one that worked. A vicious little bastard, that thing. And who knows what is lurking on my machine, invisible. Who knows what is ready to pounce every time I log onto another website. What sneaks past us off our Facebook pages, or even via Twitter. Our iPhones are like live virtual grenades, ready to go off and wreck things.  

I try not to think about our automobiles. Though I love the status report I get every month from OnStar. It even tells me my tire pressure, for each tire. Imagine that. Yeah, imagine that. Some guy in the Midwest somewhere knows more about the tire pressure in my car than I do. Or a light comes on while I’m driving in the middle of nowhere. I call OnStar on the phone in the rear view mirror. They tell me what the light means. A little coolant,. Mr. Wahl. The lady is a thousand miles from me, and she knows that my engine needs coolant while I, in the driver’s seat maybe three feet from the radiator, had no idea. That is just amazing. Till some virus fucks it all up. Afterall, our benign internet hs turning more and more malign. And we don’t care. We leave it to the specialists to worry about that. Because we are having too much fun with all this stuff to care.

I wonder if there’s an app for that, caring. Something that’ll do the caring for you, plus tell you it’s time to feed the dog and where the best Mexican place is in Tehachapi. Pictures of tacos, Yelp reviews, directions, everything. Now that’s what I call progress. pictures of tacos on an iPhone. And to think this all began as a way to talk to each other after a thermonuclear war. Who’d a thunk it.

OMG. I’ve been sexted. Talk to you later.

Here come da judge

Facebook has ruined writing. You can write all you want on Facebook and there’s no need whatsoever to do so with any grace or talent or even basic writing chops. You’re not supposed to show any chops, actually. It was designed as a purely egalitarian medium. Nothing pretty. Very little even signficant. I know a lot of fine writers and their Facebook posts are just as dull and artless as any twelve year old’s. It is wholly functional.  Two dimensional. If people talked as dull as they post you would find them so annoying you’d duck out of the way when you saw them coming. Facebook reduces everyone to the dullest person you know. It is artless, faceless, characterless and not very funny. Emotions are worn on sleeves. Facebook is like instant messaging that everyone at work can read. Safe, dull, and designed not to hurt anyone’s feelings. No juicy gossip, no hidden secrets, no sex.   Continue reading

Mark Zuckerberg

Hockey games, unlike football or baseball or basketball or anything actually popular, have the best commercials. Not sure why, but if you wanna see funny weird commercials, sit through a hockey game. I love those commercials. And while I haven’t seen a He’s totally weirding out the Great One or a Soaked up Philly like sponge in a while, some come close. Anyway, I see those commercials and I think how I wish I could write commercials. That would be my dream gig. My dream gig dream gig even. The ultimate gig. I love commercials. I study the damn things. The way I write is very heavily influenced by commercials, the funny ones. (It was also heavily influenced by really well written sitcoms and French economic historian Fernand Braudel, but nevermind.) Oh well, let me dream if I want to, as Willy de Ville used to say. He’s dead now. All those New Yorkers keep dying. You wonder what the hell they were doing wrong. Well, I know what they were doing wrong, but we’d be getting off topic. Besides, none of you are reading any of this by now because this is Facebook [I wrote this on Facebook] and no one gets past the first sentence or two. It’s kind of like Twitter with baby pictures. In fact, this whole piece could have been done as a series of smiley face variations. Happy, sad, confused, surprised, angry, frustrated. Maybe even the one that giggles. Then I’d drop in the cow or that sheep because I have no idea how a cow or a sheep qualifies as an emoticon, or what they mean. Unless they pictographically represent a cow and a sheep. Then they’ll become ideograms that represent the concept of cows or sheep, then a phoneme which will represent the sound of anything that sounds like the word that represents the concept of sheep, and then into a morpheme which…well, forget it, that’ll be centuries from now, all knowledge will be reduced to some sonic spinny ring things and you can make love to Yvette Mimieux all you want. Maybe even get her to act.

If I got off topic, I apologize.

I have to stop writing essays on Facebook. I never mean to. I try to write only a sentence or two but look what happens. Now I’ll hit post and Mark Zuckerberg will own the thing, the way he owns all those pictures of big bosomed Facebook friends who find themselves in ads for untrustworthy home loan companies. Well, he can have this essay, tuck it into a christmas card, and fuck himself.