Sex at Dawn is nearly here!

If you’re in the Portland, Oregon area, time is running out to get tickets for the presentation by Sex at Dawn co-author Christopher Ryan. The event is Wednesday, November 2nd at the Bagdad Theater.

This looks to be a fun evening talking about human sexuality: why we mate, why we stray, and what it means for modern relationships. And there will be a Q&A session afterward, which should be fun. I’m personally looking forward to it like whoa. Tickets are $20, and available at the venue or online here.

Liberals and Conservatives: Living Together in Fear

In April of this year, a report appeared in the scientific journal Cell which claimed that there are significant quantifiable neurological differences in the brains of liberals and conservatives.

Specifically, the report shows that political conservatives have larger amygdalas, which mediate emotional reactions such as fear and aggression.

This report got picked up all over the mainstream press, as with this article in The Atlantic headlined Are Liberals and Conservatives Hard-Wired to Disagree? and another article over on Raw Story titled Brain structure differs in liberals, conservatives: study, which says “Liberals have more gray matter in a part of the brain associated with understanding complexity, while the conservative brain is bigger in the section related to processing fear, said the study on Thursday in Current Biology.”

From a purely sociological standpoint, this may have some element of truth, at least in the sense that repeated sociological studies have shown conservatives to be motivated by fears of collapsing social order, loss of social hierarchy, and social disorder.

But qualifying conservatives as fearful and liberals as optimistic is really kind of silly, seems to me. Liberals, in my experience, are just as likely to be driven by irrational fears, and to make decisions based on poor evaluation of those fears, as conservatives are.

Take, for example, the nearly universal fear among those on the political left of nuclear power. Despite the fact that nuclear power is by far the safest form of large-scale electrical generation yet invented (coal power kills more human beings every year, primarily from air pollution but also from coal mining accidents, than nuclear power has killed in the entire history of its use combined–including Chernobyl), liberals are nearly universal in their stark raving terror of all things “nuclear.”

Liberals like to mock conservatives as ignorant, uninformed, and anti-intellectual, but the reality is that across the United States, anti-intellectualism is extraordinarily popular; its cause is championed by people of all political stripes. It manifests differently, sure; conservatives tend to oppose pure science, particularly biological and geological science (but even physics is not immune; there are some highly vocal nutjobs on the right who claim that Einstein’s theory of relativity is a sinful attempt to undermine public morality by embracing moral relativism), though quixotically they tend to embrace technology.

Liberals, on the other hand, claim to champion science, at least when they can be arsed to learn enough to be able to separate it from pseudoscience; but they reject technology, in forms ranging from vaccination to food processing. Liberals are particularly frightened of life sciences; their terror of genetically modified food is second only to their terror of nuclear power as a common source of fear.

I’ve been chewing on this for a while, and as I often do, I’ve made a chart.

The things that will actually kill you tend, by and large, not to be the things you’re afraid of. Conservatives fear terrorism, which is stunningly unlikely to kill you; the number of Americans who lose their lives to terrorists every year is roughly on par with the number killed by sharks and bears, and is dwarfed by the number of people killed by falling off stepladders. On the other hand, as small as this number is, it’s still mountains bigger than the number of Americans killed by nuclear power every year, which tends to hover year after year at somewhere around zero.

How ironic, then, that the billions spent fighting these fears and the work done on both sides to advocate for these fears, and it’s actually driving to the office or not getting away from the TV to exercise that will do you in.

Transhumanism, Technology, and the da Vinci Effect

[Note: There is a followup to this essay here]

Ray Kurzweil pisses me off.

His name came up last night at Science Pub, which is a regular event, hosted by a friend of mine, that brings in guest speakers on a wide range of different science and technology related topics to talk in front of an audience at a large pub. There’s beer and pizza and really smart scientists talking about things they’re really passionate about, and if you live in Portland, Oregon (or Eugene or Hillsboro; my friend is branching out), I can’t recommend them enough.

Before I can talk about why Ray Kurzweil pisses me off–or, more precisely, before I can talk about some of the reasons Ray Kurzweil pisses me off, as an exhaustive list would most surely strain my patience to write and your patience to read–it is first necessary to talk about what I call the “da Vinci effect.”


Leonardo da Vinci is, in my opinion, one of the greatest human beings who has ever lived. He embodies the best in our desire to learn; he was interested in painting and sculpture and anatomy and engineering and just about every other thing worth knowing about, and he took time off of creating some of the most incredible works of art the human species has yet created to invent the helicopter, the armored personnel carrier, the barrel spring, the Gatling gun, and the automated artillery fuze…pausing along the way to record innovations in geography, hydraulics, music, and a whole lot of other stuff.

However, most of his inventions, while sound in principle, were crippled by the fact that he could not conceive of any power source other than muscle power. The steam engine was still more than two and a half centuries away; the internal combustion engine, another half-century or so after that.

da Vinci had the ability to anticipate the broad outlines of some really amazing things, but he could not build them, because he lacked one essential element whose design and operation were way beyond him or the society he lived in, both in theory and in practice.

I tend to call this the “da Vinci effect”–the ability to see how something might be possible, but to be missing one key component that’s so far ahead of the technology of the day that it’s not possible even to hypothesize, except perhaps in broad, general terms, how it might work, and not possible even to anticipate with any kind of accuracy how long it might take before the thing becomes reachable.


Charles Babbage’s Difference Engine is another example of an idea whose realization was held back by the da Vinci effect.

Babbage reasoned–quite accurately–that it was possible to build a machine capable of mathematical computation. He also reasoned that it would be possible to construct such a machine in such a way that it could be fed a program–a sequence of logical steps, each representing some operation to carry out–and that on the conclusion of such a program, the machine would have solved a problem. Ths last bit differentiated his conception of a computational engine from other devices (such as the Antikythera mechanism) which were built to solve one particular problem and could not be programmed.

The technology of the time, specifically with respect to precision metal casting, meant his design for a mechanical computer was never realized in his lifetime. Today, we use devices that operate by principles he imagined every day, but they aren’t mechanical; in place of gears and levers, they use gates that control the flow of electrons–something he could never have envisioned given the understanding of his time.


One of the speakers at last night’s Science Pub was Dr. Larry Sherman, a neurobiologist and musician who runs a research lab here in Oregon that’s currently doing a lot of cutting-edge work in neurobiology. He’s one of my heroes1; I’ve seen him present several times now, and he’s a fantastic speaker.

Now, when I was in school studying neurobiology, things were very simple. You had two kinds of cells in your brain: neurons, which did all the heavy lifting involved in the process of cognition and behavior, and glial cells, which provided support for the neurons, nourished them, repaired damage, and cleaned up the debris from injury or dead cells.

There are a couple of broad classifications for glial cells: astrocytes and microglia. Astrocytes, shown in green in this picture, provide a physical scaffold to hold neurons (in blue) in place. They wrap the axons of neurons in protective sheaths and they absorb nutrients and oxygen from blood vessels, which they then pass on to the neurons. Microglia are cells that are kind of like little amoebas; hey swim around in your brain locating dead or dying cells, pathogens, and other forms of debris, and eating them.

So that’s the background.


Ray Kurzweil is a self-styled “futurist,” transhumanist, and author. He’s also a Pollyanna with little real rubbber-on-road understanding of the challenges that nanotechnology and biotechnology face. He talks a great deal about AI, human/machine interface, and uploading–the process of modeling a brain in a computer such that the computer is conscious and aware, with all the knowledge and personality of the person being modeled.

He gets a lot of it wrong, but it’s the last bit he gets really wrong. Not the general outlines, mind you, but certainly the timetable. He’s the guy who looks at da Vinci’s notebook and says “Wow, a flying machine? That’s awesome! Look how detailed these drawings are. I bet we could build one of these by next spring!”

Anyway, his name came up during the Q&A at Science Pub, and I kind of groaned. Not as much as I did when Dr. Sherman suggested that a person whose neurons had been replaced with mechanical analogues wouldn’t be a person any more, but I groaned nonetheless.

Afterward, I had a chance to talk to Dr. Sherman briefly. The conversation was short; only just long enough for him to completely blow my mind, make me believe that a lot of ideas about uploading are limited by the da Vinci effect, and to suggest that much brain modeling research currently going on is (in his words) “totally wrong”.


It turns out that most of what I was taught about neurobiology was utterly wrong. Our understanding of the brain has exploded in the last few decades. We’ve learned that people can and do grow new brain cells all the time, throughout their lives. And we’ve learned that the glial cells do a whole lot more than we thought they did.

Astrocytes, long believed to be nothing but scaffolding and cafeteria workers, are strongly implicated in learning and cognition, as it turns out. They not only support the neurons in your brain, but they guide the process of new neural connections, the process by which memory and learning work. They promote the growth of new neural pathways, and they also determine (at least to some degree) how and where those new pathways form.

In fact, human beings have more different types of astrocytes than other vertebrates do. Apparently, according to my brief conversation with Dr. Sherman, researchers have taken human astrocytes and implanted them in developing mice, and discovered an apparent increase in cognitive functions of those mice even though the neurons themselves were no different.

And, more recently, it turns out that microglia–the garbage collectors and scavengers of the brain–can influence high-order behavior as well.

The last bit is really important, and it involves hox genes.


A quick overview of hox genes. These are genes which control the expression of other genes, and which are involved in determining how an organism’s body develops. You (and monkeys and mice and fruit flies and earthworms) have hox genes–pretty much the same hox genes, in fact–that represent an overall “body image plan”. The do things like say “Ah, this bit will become a torso, so I will switch on the genes that correspond to forming arms and legs here, and switch off the genes responsible for making eyeballs or toes.” Or “This bit is the head, so I will switch on the eyeball-forming genes and the mouth-forming genes, and switch off the leg-forming genes.”

Mutations to hox genes generally cause gross physical abnormalities. In fruit flies, incoreect hox gene expression can cause the fly to sprout legs instead of antennae, or to grow wings from strange parts of its body. In humans, hox gene malfunctions can cause a number of really bizarre and usually fatal birth defects–growing tiny limbs out of eye sockets, that sort of thing.

And it appears that a hox gene mutation can result in obsessive-compulsive disorder.

And more bizarrely than that, this hox gene mutation affects the way microglia form.


Think about how bizarre that is for a minute. The genes responsible for regulating overall body plan can cause changes in microglia–little amoeba scavengers that roam around in the brain. And that change to those scavengers can result in gross high-level behavioral differences.

Not only are we not in Kansas any more, we’re not even on the same continent. This is absolutely not what anyone would expect, given our knowledge of the brain even twenty years ago.

Which brings us back ’round to da Vinci.


Right now, most attempts to model the brain look only at the neurons, and disregard the glial cells. Now, there’s value to this. The brain is really (really really really) complex, and just developing tools able to model billions of cells and hundreds or thousands of billions of interconnections is really, really hard. We’re laying the foundation, even with simple models, that lets us construct the computational and informatics tools for handling a problem of mind-boggling scope.

But there’s still a critical bit missing. Or critical bits, really. We’re missing the computational bits that would allow us to model a system of this size and scope, or even to be able to map out such a system for the purpose of modeling it. A lot of folks blithely assume Moore’s Law will take care of that for us, but I’m not so sure. Even assuming a computer of infinite power and capability, if you want to upload a person, you still have the task of being able to read the states and connection pathways of many billions of very small cells, and I’m not convinced we even know quite what those tools look like yet.

But on top of that, when you consider that we’re missing a big part of the picture of how cognition happens–we’re looking at only one part of the system, and the mechanism by which glial cells promote, regulate, and influence high-level cognitive tasks is astonishingly poorly understood–it becomes clear (at least to me, anyway) that uploading is something that isn’t going to happen soon.

We can, like da Vinci, sketch out the principles by which it might work. There is nothing in the laws of physics that suggest it can’t be done, and in fact I believe that it absolutely can and will, eventually, be done.

But the more I look at the problem, the more it seems to me that there’s a key bit missing. And I don’t even think we’re in a position yet to figure out what that key bit looks like, much less how it can be built. It may be possible that when we do model brains, the model isn’t going to look anything like what we think of as a conventional computer at all, much like when we built general-purpose programmable devices, they didn’t look like Babbage’s difference engines at all.


1 Or would be, if it weren’t for the fact that he rejects personhood theory, which is something I’m still a bit surprised by. If I ever have the opportunity to talk with him over dinner, I want to discuss personhood theory with him, oh yes.

Boston Chapter 3: The Wonder Tower and Fermi’s Paradox

I usually work from home.

This has its good bits and its bad bits. The bad bits include clients who don’t pay on time, not having health insurance (the United States as a society has decided that we want to discourage innovation, prevent people from taking risks, and stifle small business, and one of the ways we do that is to tie health insurance to employment, so self-employed people find it expensive and difficult to get), and higher taxes (the legions of the self-employed pay more for FICA than folks with normal office jobs do, and don’t even get me started on the fact I pay more corporate income tax than General Electric).

The good bits include the ability to work from anywhere I have an Internet connection, which in the age of smart phones and tethering pretty much means anywhere that isn’t Antarctica or the Libertarian paradise of Somalia, and I can work in my bathrobe.

Which is not to say that I was traveling in my bathrobe; that might’ve presented certain awkwardnesses. Instead, it meant that I was free to travel to Boston in the first place, with my clients none the wiser.

Day three on our journey began with some tension in our little group, which corresponded, through a matter of unfortunate timing, with a client who needed my attention. We left Denver, Erica behind the wheel and me behind the 8-ball on a rush urgent problem for a client, which the client thoughtfully neglected to inform me about until it was a rush urgent problem, the better to get the blood circulating in the morning.

The problems worked themselves out by the afternoon, as we sped through the scenic heartland of Colorado toward Kansas.

I’m not quite sure why they call the midwest “America’s heartland.” I think it has something to do with arteriosclerosis. Or maybe it’s because of all the corn, which is processed into high-fructose corn syrup that is then distributed to children in order to promote diabetes and heart disease, I don’t know. Whatever the reason, it certainly isn’t because the landscape is so interesting that it warms the heart.

After many hours of driving, we were ready for any diversion whatsoever to break the monotony. So when we neared the border and saw signs for the Wonder Tower, we were primed–nay, more than primed–for a little wonder.
The Wonder Tower bills itself with the promise that its visitors can “SEE 6 STATES!”

I’m not sure which states this tower allows one to experience. I suspect they’re Ennui, Tedium, Boredom, Lassitude, Apathy, and Monotony, but we never had the opportunity to find out; the place seemed utterly abandoned.

Fortunately, there was a vast field of millet nearby, which offered the opportunity for some frolicking. Claire mentioned, in a casual, offhand way, that she had a Viking helmet with her, and the deal was sealed.

Frolicking done, it was time to head into Kansas.


If there’s one thing that can be said about Kansas, it’s that it’s boring. There is nothing there. At all. Anywhere. When we crossed the state line, the scenery looked like this:

After a few hours of travel, the scenery looked like this:

A couple hundred miles farther along, the scenery gave way to this:

In the face of such tedium, even the boldest must falter.

Fortunately, we live in an industrialized society, in which we pledge fealty to our corporate feudal lords in exchange for mountains of debt, an existence that’s little more than grinding pointlessness, and iPads. And the nice thing about iPads is for just a little bit more debt, we can listen to audiobooks. Audiobooks! They’re like books, without all that business of reading!

Claire had a copy of Bill Bryson’s marvelous A Short History of Nearly Everything with her. If you haven’t read it (or listened to it), I can’t recommend it enough. It starts with the creation of the universe and along the way covers physics, chemistry, cosmology, paleobiology, geology, archaeology, and the rise of civilization, with several segues into the lives of some of the most famous scientists who ever lived. It proved to be a refreshing antidote to the soul-scorching tedium outside.

The book spends a little bit of time talking about evolutionary biology, which is a subject that everyone thinks they understand, but relatively few people actually do1. Of the bit that talks about evolutionary biology, some bit of that is devoted to the subject of how human beings came to be, which is understandable seeing as how it was written by a human being, and we human beings have a bit of a vested interest in the topic of human beings.

The book discusses, with some amusing side notes about archaeological fraud, the subject of our genus, and our closely related but now long-dead family members such as Homo habilis and Homo erectus.

One of the points the book makes is that evolution isn’t goal-directed. We seem to think, with the conceit of an anthropocentric worldview, that the rise of tool-using, LHC-building, iPod-listening intelligence is an evolutionary inevitability; after all, evolution is all about the formation of better (stronger, faster, smarter) species from lesser species, right?

Well, err, wrong. In fact, quite a number of paleontologists reckon that, far from it, if you were to rewind history just a little bit–say, to H. erectus–and let it go again, sapience might never occur at all. It seems that the explosion of our enormous, radically accelerated, tool-using, Lady-Gaga-listening intellect depended on such an unusual confluence of events and genetic steps that given the history of the world all over again, it might never happen again.

Which suggests an answer to the Fermi paradox.


The Fermi paradox is pretty straightforward. There are billions of stars in our galaxy, and billions upon billions of galaxies in the universe. Given how rapidly and tenaciously life arose and spread on this planet, it seems quite likely that life is extraordinarily common in the universe. In fact, recent discoveries of life in deep-sea hydrothermal vents, life in arsenic brine, and life that can survive exposure to the vacuum of space without ill effect, most estimates of its prevalence are probably on the low side; the physical world suggests that not only does life spring up wherever it can, but the “wherever it can” covers a lot more territory than we imagine it does.

So where are all the extraterrestrial civilizations?

Even if you grant that relativity is forever an immutable law of physics that no science or technology can violate, and that the vast gulf between stars means that other species will never, ever visit us, where are they? We should be able to hear their radio chatter at the very least.

The problem is in the notion that because we exist, we must have been inevitable. I suspect, and that suspicion has become even stronger, that life may be far more common than we think it is, but sapient life is far less common than we think it is. Not only is our prodigious intelligence not inevitable, but far from it, it’s actually extraordinarily rare. There is nothing in the competition of self-replicating molecules to suggest that sapience is a common strategy, and indeed, quite a lot of evidence (given how new we are on the scene, how long the world got by quite well without us, and how we happened so quickly there’s still no evidence to suggest intelligence betters a life form’s long-term odds of success) that it is not.

Fermi’s paradox can be solved quite simply by letting go of the notion that we are the logical and inevitable pinnacle of evolution, and adopting instead the notion that we are something of an aberration, even on a cosmic scale.

Such are the thoughts that filled my head while we sped through Kansas. Fortunately, it was not long until we encountered signs for the World’s Largest Prairie Dog…but that tale will have to wait until next time.


1 One quick and dirty test: If the first thing that springs to mind when you hear the word “evolution” is “survival of the fittest,” you probably don’t really grok evolutionary biology.

More on the WordPress (and now Joomla) pharma hack attacks

Note: This post is a followup to the one here describing a coordinated attack on sites running WordPress.

My friend’s WordPress sites are still partly out of commission, following the sophisticated attack by pharma spammers that I talked about a few days back. Google has listed them again, though Google’s cache still shows some of the pharma spam. I’ve been continuing to investigate the attacks, and I’ve learned some new and interesting things about these attacks…including the fact that they are moving beyond WordPress and beginning to target another popular open-source platform, Joomla.

The first thing I did was start compiling a list of sites which have been compromised by this particular hack attack. To do this, I used Google’s site: command to get a listing of what my friend’s site looked like from Google’s point of view. The site: command can be used to get a list of how Google has indexed a site; for example, if you type

site:xeromag.com


into Google, you’ll see how it has indexed all the pages of my site. Next, I took unusual words and phrases from the pharma results in Google, and searched for those exact phrases. This gave me a list of tens of thousands of sites.

I then went down that list looking at each site. If I didn’t see any trace of the pharma spam keywords in the site, I did a second Google search, this time using that site and those same pharma spam keywords. I clicked on the Google link for those results and watched what happened. If I got redirected to a pharmacy page via a redirector at googl-analize.in, I knew it was the same attack, and I added that site to my list.

For example, here is what happens if you type

site:gregatkinson.com

(one of the hacked sites I found) into a Google search.

If you click on any of those links, you will not see any pharma spam. However, if you do the search AGAIN, this time using

theophylline site:gregatkinson.com

as your search term and you click on any of the links, you’ll be redirected to a pharmacy spam page.

Once I had built a list of affected sites, I then looked to see who their Web host was, and what content management software they were running. Nearly all of the sites were running WordPress, most of them fully updated and patched.

Nearly all. Not quite all, however. Some of the sites I found, I discovered, were running Joomla. This surprised me, and I think it helps rule out a zero-day exploit in WordPress as the attack vector. unless we are to believe that this one group of hackers has found and is exploiting identical zero-day flaws in both WordPress and Joomla and are attacking them the same way, which is possible but unlikely, I think the logical conclusion is that the attack vector is somewhere else.

Here’s the list of hacked sites that have all been attacked by he same person or persons who attacked my friend’s site that I’ve compiled so far:

www.corneliamarie.com (host: cloudflare.com)
truflun.net (host: bluehost.com)
www.leeloo.com.au (infected shopping cart too; using old WP) (host: netregistry.com.au)
www.amigosdaterra.net (host: dinahosting.com)
www.frankadam.be (host: dreamhost.com)
www.veryediblegardens.com (not using WP?) (host: dreamhost.com)
www.kevjumba.com (host: dreamhost.com)
www.sfpulpit.com (host: dreamhost.com)
gregatkinson.com (host: dreamhost.com)
www.insidetheperimeter.net (host: dreamhost.com)
www.cbringen.de (using Joomla) (host: oneandone.net)
www.lethbridgesoccer.com (running Joomla) (Currently broken; redirect still works) (host: dreamhost.com)
www.theestateofthings.com (using outdated WP version) (host: dreamhost.com)
www.swearimnotpaul.com (using outdated WP) (host: blacknight.ie)
www.usmlerockers.net (not using WP) (host: ning.com)
culturevulture.net (using Joomla) (host: serverbeach.com)
blog.fnac.es (using outdated WP) (host: ovh.net)
log.thedom.net (host: all-inkl.com)
www.wearethenest.com.au (host: netregistry.com.au)
bbh-labs.com (host: Amazon EC2)
copdlifeexpectancy.org (host: theplanet.com)
blogs.panasonic.com.au (host: ultraserve.com.au)
www.primeradio.lk (host: tailoredservers.com)
www.timecrystal.co.uk/blog (host: fasthosts.co.uk)
ccccnsw.org.au (host: netregistry.com.au)
amigosdaterra.net (running Joomla) (host: dinahosting.com)
www.www-sante.com (not using WP) (host: sivit.fr)
www.revolution.co.za (redirects to www.revolution-daily.com if not coming from Google pharma search) (using old WordPress version) (host: godaddy.com)
liga.es (host: ovh.net)
www.thesheaf.com (host: bluehost.com)
www.panamaturismo.com (host: nationalnet.com)
www.nativeco.com (host: mediatemple.net)
juanelear.com (host: serveraxis.com)
www.procrastinando.com.br (host: locaweb.com.br)
www.homofotograficus.com (host: theplanet.com)
www.mikelovesbeer.com (host: appliedi.net)
ozmonmedia.com (host: singlehop.com)
soloenmexico.com.mx (host: theplanet.com)
www.unreliablewitness.com (host: 34sp.com)

Unless otherwise noted, the sites are running current WordPress installs.

As of yesterday, each of these sites would redirect via www.googl-analize.in to pharma spam sites. However, interestingly, starting today I began noticing that the same sites were no longer redirecting through this site, but were instead redirecting through http://sliceblogz.com.

*** WARNING *** WARNING *** WARNING ***
The sites googl-analize.in and sliceblogz.com are live as of the time of this writing. It appears that visits to this site result in blank pages unless the http-headers are set exactly right. However, these are sites that are being used in current hack atacks against many Web sites. I do not recommend visiting them.


I also discovered something else interesting. When I did Google searches for the exact phrases used in the WordPressand Joomla pharma spam hack attacks, many of the results I got were blog comment spam on various blogs. The blog comment spam is pretty straightforward; it was just your average, run-of-the-mill “buy cheap drugs here” rubbish with a link to a Web site.

The blog comment spam linked to http://dwnloadz.in/idi.php?sid=25. I suspected that the blog comment spam was being done by the same hacker who was attacking WordPress and Joomla sites, based on the fact that the blog comment spam and the cloaked Google spam were using exactly the same phrases, including in some cases the same typographical errors and misspelled words.

Those suspicions were confirmed when I did a Whois lookup on both sites.

whois googl-analize.in

Domain ID:D5239480-AFIN
Domain Name:GOOGL-ANALIZE.IN
Created On:16-Aug-2011 08:12:26 UTC
Last Updated On:16-Aug-2011 08:12:27 UTC
Expiration Date:16-Aug-2012 08:12:26 UTC
Sponsoring Registrar:Directi Internet Solutions Pvt. Ltd. dba PublicDomainRegistry.com (R5-AFIN)
Status:CLIENT TRANSFER PROHIBITED
Status:TRANSFER PROHIBITED

Registrant ID:TS_16281729
Registrant Name:Anatoly Vasserman
Registrant Organization:N/A
Registrant Street1:main str. 1
Registrant Street2:
Registrant Street3:
Registrant City:Chelyabinsk
Registrant State/Province:
Registrant Postal Code:454047
Registrant Country:RU
Registrant Phone:+7.3517229247
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:anvsrmn@gmail.com

Name Server:NS1.REGWAY.COM
Name Server:NS2.REGWAY.COM

whois dwnloadz.in

Domain ID:D5093036-AFIN
Domain Name:DWNLOADZ.IN
Created On:07-Jun-2011 20:49:13 UTC
Last Updated On:07-Aug-2011 19:20:19 UTC
Expiration Date:07-Jun-2012 20:49:13 UTC
Sponsoring Registrar:Transecute Solutions Pvt. Ltd. (R120-AFIN)
Status:CLIENT TRANSFER PROHIBITED

Registrant ID:TS_16281729
Registrant Name:Anatoly Vasserman
Registrant Organization:N/A
Registrant Street1:main str. 1
Registrant Street2:
Registrant Street3:
Registrant City:Chelyabinsk
Registrant State/Province:
Registrant Postal Code:454047
Registrant Country:RU
Registrant Phone:+7.3517229247
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:anvsrmn@gmail.com

Name Server:NS1.REGWAY.COM
Name Server:NS2.REGWAY.COM

It seems pretty clear to me that the same person is responsible both for blog comment spam and also for these attacks on WordPress and Joomla. It also seems to me that this person is quite busy tending his network of hacked sites; the behavior of the sites (now redirecting via sliceblogz rather than googl-analize.in, for instance, shows that he is able to make changes to the sites he hacks after the attack code has been installed).

The sliceblogz site is protected by private whois registration. It seems unlikely, though, that “Anatoly Vasserman” is the attacker’s real name.


Yet another surprise came when I examined the code that the hacked sites fetch from googl-analize.in (and presumably now from sliceblogz.com. It’s difficult to get; the code in hacked sites that fetches the content does so using specially crafted HTTP headers, and the site returns a blank page if it doesn’t see those headers.

Fortunately, a friend of mine recently showed me how to use wget to create arbitrary headers. When Google indexes a hacked site, the modified code serves a special page to Google’s spider; here’s what it serves up.

Cut for technical stuff

WordPress Under Attack

Note: followup to this entry here

A couple of weeks ago, a good friend of mine who runs a number of WordPress blogs received an email from Google. The email told him that Google had delisted his entire site from its search engines for pharmacy spam.

Now, his site is a collection of short stories and blogs about movies he’s making, with sections about filmmaking and special effects on the cheap, so the notion that it was being used to distribute pharmacy spam was a bit…surprising. Especially when the site appeared just fine to anyone who visited it.

I offered to take a look at the site, and what I found is a complex, rapidly-evolving attack against WordPress installations that’s highly sophisticated, difficult to detect, and difficult to defend against. It is currently exploiting the most up-to-date version of WordPress with all current patches applied, and as of the time of this writing it’s still ongoing.


When my friend was first notified of being delisted from Google, he looked at his site using an FTP program. One of the very first things he noticed is that the WordPress install directories had all been duplicated, with the duplicates having “.old” appended to the name.

Careful examination of each WordPress install folder and its corresponding .old folder revealed a difference in a key file called “post-template.php”, which is part of the core of WordPress and lives in the WordPress wp-includes directory. This file is responsible for taking a blog entry from the database, formatting it, and passing it along to the template.

As of WordPress 3.2.1, the post-template.php file is supposed to be 42,164 bytes long. The post-template.php file in the hacked installs was more than twice as big–89,524 bytes long. I took a look inside the modified post-template.php file and found that it had been extensively modified by the addition of a great deal of heavily obfuscated code.

Cut for detailed technical analysis of the modified WordPress file

Linky-Links: Sex, Polyamory, Tech, and Humor edition

It’s time for another massive collection of links, so I can close some of my browser windows and reclaim a whole bunch of RAM on this computer. Today’s list is heavy on sex, tech, and humor, making it different from any other linky-links post in exactly zero ways, I suppose.

Sex

From New Scientist magazine, we have the article Sex on the brain: Orgasms unlock altered consciousness. It discusses fMRI scans of a volunteer who masturbated to orgasm inside an fMRI scanner while the experimenters recorded her brain activity. If I had the budget, this is the sort of science I’d be doing.

The Sexacademic blog gives us a story titled Explaining Porn Watching With Science!, which talks about the neurochemical pathways active during porn watching, and along the way debunks some lurid, sensationalistic pop culture ideas about “sex addiction”.

On Sexonomics is an article Porn by the Numbers 5: On feminist porn. The myth that porn, or “mainstream” porn (whatever that is), never shows women in a positive light and is never aimed at a female audience is as enduring as the legend of Bigfoot. I was recently at a Science Pub, in fact, in which an otherwise sex-positive sociologist decried the portrayal of women in “mainstream” porn. The argument became neatly circular later when she said that “mainstream” porn is that which portrays women negatively. The fact that someone with a doctorate in sociology can think about something in such an intellectually sloppy way testifies, I think, to how emotional the subject of porn (and especially feminist porn) is.


Society and rape

Speaking of feminist issues, some time ago a prominent female blogger was approached by a stranger in an elevator at a convention. Said stranger asked her to go back to his room with him. She blogged about the incident and why it was inappropriate, and provoked a firestorm that many of you Gentle Readers are probably aware of. Her thesis is pretty simple: Lots of women are sexually assaulted; if you want a positive response from women, don’t approach them in ways that would make sexual assault easy.

A lot of men–including some men that I know personally and otherwise find to be basically reasonable people–flipped out about that, and started wailing nonsense like “Feminists think all men are raaaaaaapists!” Which is total bunk; what’s being said is that SOME men are rapists, but rapists don’t wear special T-shirts or have a secret handshake that identifies them, so if you’re being approached by some strange guy you have no way to know if he’s likely to assault you or not. That means being aware that a strange dude you meet might be willing to assault you. (The defensive, “you’re saying all men are rapists” response from a lot of guys is similar to the sort of response you see in US society when you try to talk about institutional racism; people who think “Well, I’m not a rapist” or “Well, I’m not a racist” become so reactionary when they hear what might sound like an accusation that they refuse to discuss rape or race in any sort of rational way.)

All that is a longwinded introduction to the next two links, The first, Women in Elevators: A Man To Man Talk For The Menz, talks about the reasons that women can be suspicious of being approached by strangers. Not every dog is aggressive, but nearly everyone feels some trepidation when approached by a strange dog, because there’s no easy way to tell dogs that bite from dogs that don’t. I’m sure somebody somewhere will be upset and insulted by a metaphor about dogs (“You’re saying all men are dogs!”), but if that’s the case, that dude probably can’t be educated.

And second, for the dudes who say “Well, women should just say so if they don’t want to be approached!” we have Another post about rape. This one talks about how women (and men, to be fair, though to a lesser extent) are strongly socialized not to say “no,” not to assert boundaries, and not to upset people. It is, I think, a toxic set of social values, but that’s a whole ‘nother blog post. The point is, simply asserting a boundary carries a social cost. (This is why I think the idea of affirmative consent, adding “only yes means yes” to the idea of “no means no,” is so important, as I’ve talked about before.)


Polyamory

For quite a while now, people have been bugging me to find a new home for my polyamory pages that until now have livedo n my site at www.xeromag.com. I’ve finally built a new site for them, More Than Two. I’ve blogged the new link before, but f you haven’t taken a look recently, you should. There’s now an RSS feed of new articles, and some new content has been posted.

On the Polytical blog is this excellent essay, I’m Better ‘Cos I’m Poly. Anyone who is openly out about being poly has probably at some point or another been labeled as “smug” or “arrogant” about it, most often by someone who identifies as monogamous. This essay is an excellent deconstruction of the “smug poly” stereotype.


Geek Humor

First up, we have these very funny Sci-Fi Ikea Manuals. What would happen if light sabers were real? Or the Tardis was something you could get at Ikea? What would the assembly instructions look like? Apparently, in order to put together an Ikea light saber, you must first have your hand chopped off by Darth Vader.

Our travel down the surrealist path continues with Ride the Gummi Worm, Muad’Dib, a diorama of a scene from Dune done with Gummi Bears and a gigantic Gummi Worm.


Do-It-Yourself Science!

I have blogged in the past about using and Arduino mocrocontroller board to make sex toys. For folks who think that sounds like a good idea but aren’t sure how to use or program an Arduino, there is a comic book introduction to Arduino, which you can download as a PDF. If you don’t have a background in electronics or microcontrollers but you want to build your own Arduino projects, this is a great way to get started.

Speaking of Ikea, which I was a bit earlier, for those of oyu who are photography buffs comes this guide to building a cheap time lapse panning unit using only things you can get at Ikea.

And from the Department of Mad Science So Preposterous it Just Might Work comes the story of a high school student who rigged a camera and GPS transponder to a bunch of garbage bags, filled them with helium, and let them go. This is a really cool science project done on a tiny budget and with really fun results.


Science

Over at New Scientist is this awesome article, Sky survey maps distant universe in 3D. The universe isn’t shaped like you think it is, and now a group of researchers are working on building what is by far the highest-resolution map of the physical universe yet undertaken…in 3D!

The Department of Unclear on the Concept

It’s likely that most folks reading this are aware of the Occupy Wall Street movement. It’s kind of the flip side of the American Tea Party movement;. The Tea Party is a bunch of mostly middle-class people who love and cherish the superrich and believe that the superrich, being such wonderful people and all, should be exempt from paying the same tax that the working class pays and should otherwise be given all sorts of concessions so that they can make more money. The Occupy Wall Street folks, on the other hand, embrace the heretical notion that taxes on the superrich should be increased so that the very wealthiest people are paying sixty percent of the taxes that the middle class pays, instead of fifty percent of the taxes that the middle class pays…even if it means that some of the world’s richest people might have to postpone purchasing that five-million-dollar yacht for a few weeks because of it.

I’m generally sympathetic to the Occupy Wall Street protesters, though there’s at least one of them who simply doesn’t appear to Get It…nor to have a functioning sense of irony. He argues that the mainstream media lies or distorts truth to protect the interests of the wealthy and powerful, which it arguably does…so his response is to, err, do the same thing. And when he gets called on it over on TimParkinson.net, hilarity ensues. Read the comments to get the full effect; there’s even a followup here.

Boston Episode 2: To Utah And Beyond!

Late in the evening, we arrived in Salt Lake City at Claire’s friend’s house. I was a bit afraid that I’d have difficulty sleeping, as my ear was…

Okay, I need to back up a bit, to the day before we left, and explain something about my relationship life.

I live with zaiah. She and I share a very kinky relationship, in which various forms of consent play and consensual non-consent play a large role. Large enough, in fact, that I think we sometimes frighten some of our friends…and nearly all our friends are kinky, too. You might think this has little to do with traveling to Boston, and you’d be right, except for the thing with the ear.

It started while I was on my computer chatting with a friend of mine, who like Claire is also whip-smart and knowledgeable and courageous and generally sexy as hell. (This is, as some of my readers might recognize, a common feature in my life. I really dig smart, strong women who aren’t afraid to make unconventional choices. But I digress.)

Anyway, while I was occupied with my chat window, zaiah walked up to me, set a bottle of alcohol on the corner of my computer desk, and walked away. A minute later, she walked back, set a pair of latex gloves on the desk, and walked away. A minute after that, she walked back holding a needle. She put on the gloves, opened the needle, put her knee in my chest, pushed me back in my chair, and stuck the needle through my ear. That done (and howling subsided), she cleaned my ear with alcohol (more howling), and stuck an earring through the newly-minted hole and walked away again.

I had to explain to the friend I’d been chatting with why I’d stopped responding for a time, which led to some interesting conversation. The real point here is that I would be sleeping in strange places with a brand-new, and still sore, piercing. I normally sleep on my left side, and zaiah had (naturally) added the new hole to my left ear, so…yeah. I was expecting a difficult night of sleeping on the wrong side.

Claire’s friend lives, as I previously mentioned, in a former Mormon polygamous compound that’s been converted into apartments. Each apartment is basically a series of bedrooms arranged around the outside of a central living room, connected to a huge kitchen–a quite serviceable floor plan if one has a number of wives who may not necessarily be too fond of one another, but all of whom are expected to spend their time in the kitchen when they aren’t raising children or on their backs making more.

I managed to survive a harrowing night of sleeping on the wrong side (the wrong side!), mostly by telling myself that when one is traveling the breadth of a continent, there are certain privations one is expected to endure. In the morning we were off adventuring again.


When one is traveling across Utah, a certain sameness begins to set in. Most of the scenery looks like this:

Most of the roads look like this:

After a certain number of bare-knuckle close calls with enormous tractor-trailer rigs being driven at lightning speed along narrow roads by people who are either five-eights asleep or hopped up on a combination of crystal meth, cocaine, and Monster energy drinks, the experience ceases to enthrall, and one soon finds one’s self thinking “Wake me when something interesting happens.”

So it was that we made our way through Utah and into Colorado, which is just as dry but a lot less wrinkly.

Claire had been waxing enthusiastically about the hot springs in Glenwood for some time prior to the trip. Now, ordinarily, water is something I’m pretty much against. I mean, I recognize its utility and all; it is, after all, the primary ingredient in Mountain Dew. But immersion in it is something I don’t much fancy, especially when it’s hot.

However, life in Oregon has been a period of transition for me. I have, since moving here, found myself in a hot tub on no fewer than two occasions, largely at rekre8‘s urging. “Give it a try!” she told me. “It’s not as bad as all that!”

So when we arrived in Glenwood in the evening, I was game to give this “hot springs” thing a go.

I wasn’t quite sure what to expect. When I heard the phrase “hot springs,” as in “we’re going to stop at the hot springs and immerse ourselves in them,” the image that was conjured up in my mind looked something like this:

though to be perfectly fair, this picture is lacking in the human skeletons my imagination had thoughtfully arranged to provide scattered all around the edge of the springs as a warning to those luckless enough to linger in them too long.

What I actually saw was this:

The principle behind a hot spring is quite simple. Millions of tons of molten rock, heated to fantastic temperatures by intense radioactive decay deep within the earth, forces itself under tremendous pressure through miles and miles of solid rock, until finally it comes near enough to the surface to contact water percolating down through porous substrate. When they meet, the water flashes instantaneously into superheated steam, which blasts up with ferocious energy to the surface, where it…

…manages to feel quite pleasant, really.

The hot springs were surprisingly enjoyable. And I don’t mean that in the “it was surprising any part of the experience was enjoyable at all” sense, but rather in the “I had quite a wonderful time” sense. In fact, all too soon was it time to be off on our way to Denver, where we stayed with another friend of Claire’s.

Or so it is alleged.

We didn’t see hide nor hair of this friend. We arrived at a lovely house in a charming suburb of Denver quite late at night. Claire claimed to have been in contact with her friends, who had, or so the story went, elected to go to bed after leaving a key for us on the porch. We let ourselves in and set ourselves up in the supposedly “spare” bedrooms. The next morning, Claire announced that her fiends had left for work early that morning, so we would not be meeting them.

To this day, I have no way to prove that what actually happened wasn’t that she had scoped out a house whose owners were away on vacation or something, and confabulated an entire yarn about friends of hers who live in Denver as part of a ruse to make us agree to a little breaking and entering.

At this point in our adventure, Louisville, Kentucky, and our encounter there with the Guatemalans, was growing ever nearer..but that tale will have to wait for another time.