Category Archives: 9/11

Unix interview questions and what is never answered by asking them

Posted on by
Reply

Many years ago I was an “anti-globalization” activist.  I hated that term.  I was not anti-globalization at all, in fact I love being connected to the world and I want there to be more connection with others, not less.  I also do not oppose “Free Trade” at all, If Bob from London wants to sell a shirt to Randy in Winnipeg there is no reason at all that Randy in Vancouver should object and try to get Kate in Ottawa to make it more difficult for Randy to buy one of Bob’s shirts. (in my world all Canadians are named Randy and Kate).  What I was opposed to and still am is treaties dealing with commerce.  NAFTA and GATT were so big that people hardly read them.  The Congressmen did not read these because they were huge.  I remember reading that GATT, when printed out, would have required a member of congress to push a wheelbarrow filled with GATT so he could read it and know what he was voting for (which never happened).  We in the United States are obliged by our Constitution to adhere to treaties and anything that takes up a wheelbarrow full of paper is not something designed to set us or anyone else free.

For some reason police were really afraid of us.  We never hurt anyone.  Many people were vegans or “strict vegetarians” and they did not want to hurt anything that breathed at all.  I can therefore say that the Police, the FBI and all of those people did very poor work simply because they did not know what to ignore.  They treated everything as a “job” and that included harmless people who didn’t eat meat and whose biggest crime was refusing to wear deodorant in my rental car.  If they had ignored us perhaps they would have noticed men in flight schools across the United States wanting to learn how to fly, but not caring if they learned how to land, but they didn’t.

I thought about this scenario when doing phone screens for my job hunt.  Phone screens are needed as they filter out the fakers in the tech world but lately the questions have not been “what do you do in this situation?” which a real IT professional will be able to rattle off real anecdotes and examples, instead they want to know commands.  Unix and Linux have a lot of commands.  I have used commands for years, then not used them for a year and completely forgotten them.  This is fine when I am at a keyboard because all I do is enter “man -k” or “apropos” and then the topic of what I am looking for  and do a quick scan and then see something that triggers my memory like:

“man -k duplicate”

chkdupexe (1)        – find duplicate executables
dup (2)              – duplicate a file descriptor
dup2 (2)             – duplicate a file descriptor
dup3 (2)             – duplicate a file descriptor
FcPatternDuplicate (3) – Copy a pattern
FcStrCopy (3)        – duplicate a string
msguniq (1)          – unify duplicate translations in message catalog
strdup (3)           – duplicate a string
strdupa (3)          – duplicate a string
strndup (3)          – duplicate a string
strndupa (3)         – duplicate a string
wcsdup (3)           – duplicate a wide-character string

I would then remember that I used chkdupexe once to halt two executables from running at the same time and causing the CPU to be running at 99% and 100%.  My fingers are faster than my phone voice.  I can concentrate better when I am not taking an oral examination that requires specific answers.  If this question was asked on the phone and it required an exact answer from memory I would have hemmed and hawed and that would have been followed by failure.  If I was asked “how do you handle a race condition?” then I could talk on the many details of this subject and fill it with boring anecdotes.  But this is not a common problem. If a data center had to deal with race conditions all day long to the point where their IT staff had memorized how to handle this situation they would have much bigger problems looming in their future.

One question I would like to see asked everywhere is “How do you decide what to ignore?”.  Choosing to ignore something seems like an anathema since admitting you actively choose to ignore things is akin to sloth, but we ignore things all the time and all day long.  Right now I am ignoring my carpet and my sink, but that is passive ignoring.  If the doorbell rang now I would actively ignore it.  Not to be rude but because I know that the only people who ring my doorbell at this hour are members of this strange church who only speak Spanish and think that “Laying of hands” will cure me of my monolingualism.  I have better things to do than to open my door and have old women touch my face.

So twelve years ago we had law enforcement paying attention to terrorists who were not terrorists while ignoring the terrorists who really were terrorists and we probably also have people being hired in data centers who just know how to do well on tests but do not know how to work in a data center.

 

A little noticed bit of computer security

Posted on by
Reply

A while back this very strange thing happened.

A few men with beards entered the United States, shaved, went to a strip club and then flew airplanes into buildings.

I know this happened because I saw it from sixth avenue somewhere between West 4th Street and Houston.  People who did not see this sometimes try to tell me it was some sort of conspiracy but I am very sure I saw this because this is one of those things that is impossible to forget.  My perception was a bit off though because I thought people jumping out of the North tower were birds and I almost wish I still believed that today, but I do not.

Anyway, things were weird after that. People walked around with this expression on their face that looked like they could either burst into tears at any moment or that they were going to start screaming until someone gave them Haldol.  During this time of contorted faces there was also a time where self styled “Internet Vigilantes” would target Muslims, people who opposed targeting Muslims, and “Liberals” (said by people who use the term liberal like they use the term faggot; not meaning a bundle of sticks).  It was quite revolting but the climate was such that it was very difficult to do anything.  I once got a death threat online for opposing the use of Neutron bombs to wipe out Muslims (in hindsight that was a discussion where I should not have tried to use calm, collected facts).  Some of the people doing this targeting were self described “hackers” and so some friends and myself went to work opposing them but we did so in secret.  Like most bullies, these people had no problem asking authorities to back up their menacing and the environment we were in then made it so the authorities would most likely help them.

So, we had a team together.  I am not even sure what you would call us but perhaps it is something that is best not to be named.  I did research and tracking, another friend of mine found and then baited the targets to attack and another fellow, named Kevin Bacon (not the actor but he used his famous namesake to make sure he never appeared on a google search) did damage control by use of his law enforcement connections to realize that the people carrying out the cyber attacks and harassment were more akin to terrorists than American Muslims and anti-War activists. (I use Kevin’s name because he is no longer with us.  He died sometime in 2010 but it is hard to get the information since googling “Kevin Bacon” and “Died” does not produce anything useful).

One group we did (not naming names though I can via private correspondence) took us about four years to end.  It was simply because we were patient and not that we were slow or clueless.  Many of these kinds of people have such short term memories that they assume if they were not arrested right after the incident then that meant they were safe.  This group of hackers actually had only one skilled hacker who, for some reason willingly did illegal things but he was terrified of the consequences.  I caught him by contacting a System Administrator at a University in Singapore that was a favorite proxy of the group.  At first he was a bit cocky with me, denying the existence of the proxy and then admitting he set it up for “friends only” and when I named dropped a school administrator who would have been his supervisor he became incredibly cooperative.  I was delivered log files for the proxy for the times of the attacks I was researching.  I gave the IP of the user to Kevin, and Kevin called up an ISP after one of his Law Enforcement contacts called the ISP and told them to expect Kevin’s call.

So we got a name tied to four years of death threats and four years of various cyber attacks.  When you contact someone like this they go through a “Stages of Death” like Elizabeth Kubler Ross wrote down so many years ago.

1. Denial & Anger (lots of threats ranging from violence, lawsuits, and police involvement)

2. Bargaining (there is one word you can say..for this one is was “Singaporean Proxy Logs” that gets them to calm down and try to negotiate)

3. Depression (when you inform them that the only way nothing will happen to them is to do exactly as you say…this really bums them out)

4. Acceptance. (they agree to your terms and become happy because it is inevitable)

This fellow gave up and paid restitution (plus interest that we set at 10%) to those we tracked down and he ratted out all of his friends and told us everything about them.

All this because of 9/11 and I am certain there were similar groups doing similar attacks then too…..But that was a lot of fun.  I love doing this sort of work but it is really difficult to put in a resume.