home

Archive for the 'free press' Category

“Stu’s Last Lesson” – Sky & Telescope’s Focal Point For December, 2014

Thursday, October 23rd, 2014

As posted on the CNY Observers website (direct link).

Greetings fellow astrophiles,

2014oct23_stuDr. Stuart Forster (a.k.a. STU – full caps) was one of the THE fixtures in the CNY amateur astronomy scene and his name still comes up regularly, often as part of some pearl of wisdom being imparted to new observers and seasoned members alike (I’ll leave you to read the top of the Stuventory page for more info about STU and to check out links to some of his images on the Syracuse Astronomical Society website). The trials and tribulations of Ryan Goodson and myself to handle the massive equipment collection we’ve come to refer to as the “Stuventory” is olde hat to local observers who’ve kept track of the process from a far. The sorting, documenting, and distribution of the Stuventory has taught us both about how very unique the hobby of amateur astronomy can be when you step beyond the 1×7 mm binoculars in your head and effort the collection of more and more photons.

To that end, and to prod others to recognize the complexities of sorting through the mound of gear inhabiting their basements, garages, and domes by those who follow when the unexpected happens, I am honored to have an article on the topic, “Stu’s Last Lesson,” included as the December 2014 Focal Point in Sky & Telescope magazine.

2014oct23_stuslastlesson

The article can be distilled to a single, all-encompassing message – Imagine you not being around to help your family unload your astro gear, then take steps to simplify their lives. Think about all the boxes, hex wrenches, leftover focusers and brackets from your modifications to other scopes, eyepieces (eyepieces!), cables, controllers, everything, and organize it all, either in a notebook or with a bunch of pics and notes on your smartphone.

If you read the article and have other ideas on how to help organize your equipment, by all means let others know (post a comment here, write a letter to the editor with your ideas, start a cloudynights.com thread, etc.). In the meantime, I hope the article gives you the impetus to block out a Saturday afternoon listening to astronomy.fm as you commit your astronomical obsession to pen and paper (or keyboard and monitor). Better still, I’m pleased that readers of Sky & Telescope (of which he had the full collection back to 1964) will learn a little bit about one of CNY’s great amateur astronomers.

Gig Announcement: Juneteenth Jazz at the Hotel Utica, Saturday, June 14th

Tuesday, June 10th, 2014

2014june10_Juneteenth2014_small

The Matthew Rockwell Group (like on the facebook) will be making the trip out to Utica this coming Saturday, June 14th as part of the entertainment for the For The Good, Inc.’s Juneteenth Jazz Night event, sharing the stage with some notable Utica heavy hitters.

2014june10_sparkytown

The band at Sparkytown, 23 May 2014. Photo by Jack M. Hardendorf.

From the website:

For the Good will host the 2014 Juneteenth Jazz Night at The Hotel Utica on June 14th, 2014.  The fun starts at 6:30 PM and the event will end at 10:30.  The price of tickets is $35.00 pre sale, $40 at the door.  A Soul Food meal will be offered and Night Over packages at the hotel are an option as well.  For more information contact the offices of For The Good, Inc. at (315) 797-2417.

About For The Good, Inc.

For the Good, Inc. is a 501(c)(3) not-for-profit organization founded in 2002 and based in historic Utica, New York. FTG works to benefit the Utica community providing low-income residents and their neighborhoods with programs to overcome poverty through their own means. For The Good has established itself a valuable, productive contributor to the community. FTG is home to the Utica Phoenix, an independent paid monthly newspaper, Mohawk Valley Entrepreneurs Guild, Utica’s Urban Community Gardening Initiative which has fed hundreds of Utica residents at risk for hunger since 2008, The Oneida County Black History Archive and the Study Buddy Club, which connects inner city teens with Hamilton College mentors for academic tutoring. For The Good also promotes the art of Paul Parker as executor of the Paul Parker Utica Trust.

For the Good invites collaboration with individuals, businesses, other not-for-profits, and the greater Utica community on youth empowerment and economic development projects. We strive to give under-represented Utica residents a voice, and facilitate a better quality of life for the entire community.

“From Kurdistan With Love” or Some Things To Do Before And/Or After Your WordPress Site Gets Hacked

Thursday, December 12th, 2013

“Hopefully, because he’s busy.” – Commissioner Gordon, The Dark Knight

On the plus side, www.somewhereville.com received its first update in just over 5 months. On the minus side, the new post was less than useful in many ways. I received a timely email from Dr. Obi Griffith of the Washington University in St. Louis Division of Oncology noting that my entire site was differently-down (thanks to the hijacking of my Sanger (And Illumina 1.3+ (And Solexa)) Phred Score (Q) ASCII Glyph Base Error Conversion Tables page that he linked to on a biostars site thread – so my thanks to Obi for catching something I likely would have gone weeks without noticing!).

The snapshot below shows the state of swv as of 3 December 2014. On the bright side (minus a friendly conspiracy to get someone else in trouble), I can say with some certainty that Serwan performed the content-ectomy (twitter: @S3RW4N, current email (although I suspect it won’t last long): serwan_007 – at cymbal – hotmail.com, on the Facebook, etc. All sites subject to change as people try to track him/her down post-attack (he/she’s been prolific if nothing else)).

2013dec11_serwan_hack

Exhibit A. Flag is waving in the actual version.

Several problems. To begin, it’s a gaudy hack, complete with rolling text and techno music. Second, the Television New Zealand (TVNZ) news service thought this hack to be significant enough to warrant actual coverage on their website when a similar file-swap on a WordPress (or WordPress-esque) site brought down the Health and Sports Fitness Club in Sandringham (syracuse.com didn’t give me the time of day). I commend this Kurdish hacker group for their ratings. Third, the manner in which files were replaced in the blog (specifically meaning the index.php file) blocked every other post on the site from being accessed, so every link anyone had posted to a page anywhere else on the Internets was made useless.

That said, I appreciate that Serwan generally performs fairly benign attacks on websites. File replacements were clearly identified from a simple date sorting, the important MySQL database content wasn’t touched, and Serwan even went as far as to set up a second Admin account so that I could quickly retake control of the site.

So, in light of the plight of the Kurdish people, I left the hacked version up for a few hours as I pondered what to do, which I discuss below.

My Spotty Procedure For Recovery:

What follows is a list of obvious and less obvious things to consider when recovering your WordPress blog from a hack. There are plenty of websites that show how to protect your site in the first place, then others that explain how to revive it (provided you do your own due diligence and back your site up regularly enough). What’s below is not complete, but you can rest assured that google is your friend in such matters, so keep your keywords targeted and see what comes up.

General Considerations:

1. Don’t use your blog. My last post at the time dated back to June 25th, during which time I’ve made several full backups (and kept WordPress up-to-date, the last time being 7 November 2013) of my entire site. In this respect, I was well set up to quickly recover from a hacking incident.

2. Keep a copy of your current running version of WordPress handy for file replacements. In my case, index.php was written over. All I had to do to recover was uncompress my WordPress  3.7.1 download, upload index.php to my server, and the site was back and running.

3. Have you backed up lately? This phrase has been in the .sig of my emails for many, many years. If your entire life is lived in the Googleverse (email, images, documents, etc.), then you’re fine until the Earth’s magnetic poles shift and wipe all the hard drives out (just kidding. I think). If you’re a computational scientist and have TBs of data, it’s up to you to make sure you have access to it all again. Same applies to WordPress. I’ve a biweekly alarm that tells me to back up several websites and I’ve an encrypted .txt file with all of the login info and steps needed to perform this backup. You should absolutely be doing the same if you’re not.

4. Set up an additional Administrator. In my case, my admin account was hacked to change the associated user email address to Serwan’s email. Obviously, attempting to log in, change the password, or what have you simply sent little pings of your futile attempts to the hacker. Having that second admin account will allow you to reroute your login efforts (and if they’re both hacked into, there’s still a way around. Will get to below).

5. Make a real password. At the risk of de-securing my sites by providing personal info, my typical password looks something like this:

d@!25fj014or&ydoSDfu

20 characters long, upper and lower, numbers, and non-alphanumeric characters. If you care about your site security, stay the hell away from the dictionary.

6. Dry-run your SHTF moment. Are you a survivalist? Can you identify edible berries by sight, build a lean-to, or stitch an open wound? Or are you the Marty Stouffer of the camping section at Target? If you’ve never had to work your way back from a complete disaster, you likely won’t know how to do it either quickly, efficiently, or securely.

Ergo, do another WordPress installation in a sub-folder of your main installation, create a new database, make your site pretty, perform a full backup of your database and uploaded media, then break it, either by deleting core files or corrupting your database (deleting a table would do the trick). If you can put the site back together again (the uploading of the database back onto your server likely being the worst part of the whole process), you’re likely in good shape for the real deal.

7. Harden WordPress. The good people at WordPress even tell you how to (although, admittedly, I thought I did all of this, so maybe there’s something being missed that will go into a future iteration of this page).

8. Get rid of “admin.” Several of the sites discussing WordPress hacks report that having this default account (or account default’ed) is a top-5 problem when trying to keep people out of your site. So get rid of it. Easily. Set up a new account, give it administrative privileges, then delete the admin account, which will ask you to attribute the current admin posts to another admin account.

9. Delete deactivated plugins if you’re not going to use them. Plugins are developed by people. People often have lives that keep them from timely updates of security exploits. If you’re using a plugin, that’s one thing. If a deactivated plugin languishes in your plugins folder, never gets updated, and some hacker writes something specifically to exploit a security flaw in that old, poorly maintained plugin, that’s all on you. So don’t risk your pocket knife being a projectile as you walk into the MRI room and get rid of the knife before it comes a problem.

10. I know nothing about it yet, but am giving Wordfence a whirl presently.

11. Hey, check your blog every once in a while to make sure it’s still you and not Serwan.

For The Specific Attack (From Easy To Harder):

1. FTP in and check file dates. The offending .php files (index.php and a hello.php containing the techno) were both dated 3 December 2013. Everything else was, at its newest, 7 November 2013 (from my last WordPress update). This made finding the hacked and previously not-present files easy. A cluster of important files with identically modification times and dates is an easy giveaway.

2. FTP in and check ALL the file dates. One never knows when something else is going to be placed into a themes folder, plugin folder, etc., to keep track of site access (that’s why I delete all deactivated plugins). So, sort by date and scour the whole site for modifications and new files.

3. If you make it into your site, go right to your User Settings, change the email address, then change your password.

4. Check out something like Sucuri SiteCheck. Hopefully, this search will complement your initial search as well as test against known threats. I ran a Sucuri on a similarly-hacked site (in this case, indoorstinkbugtrap.com) and received the following notification of defacement (so the check worked).

2013dec11_securi_results

securi.net results for fellow victim indoorstinkbugtrap.com.

5. If you can’t make it in the front door, crawl through the plumbing. You can change your admin account from within MySQL using, for instance, phpMyAdmin (check your hosting provider for details if this is new information to you). In the case of phpMyAdmin, you can modify the admin account in six easy steps.

1. Log in to phpMyAdmin

2. Click on the Structure Button in wp_users (red circle)

2013dec11_serwan_hack_mysql_1

3. Click on Browse (told you this was easy)

2013dec11_serwan_hack_mysql_2

4. Click the edit button for your administrative account (red circle)

2013dec11_serwan_hack_mysql_3

5. Change the email address back to your email and delete the current password.

2013dec11_serwan_hack_mysql_4

6. Save and go back to our WordPress site, then request a new password.

And, While We’re At It:

Serwan’s twitter image currently features a white hat (the Gandalf-ian sign of a good guy/gal hacker) and a long list of sites that have been defaced with otherwise useless, feral medadata promoting Kurdish Hackers for google to get confused by. A search for somewhereville.com in google left the following bad taste in its results page for a week after:

Hacked By Serwan. Allah Is Greatest. Long Live Kurdistan. Thanks To All Kurdish Hackers. Follow @S3RW4N FB.com/Mr.S995

If I may be so bold (and I’ve told Serwan the same), the Kurdish people had a long history of getting steamrolled by an oppressive regime that, regretfully, first-world countries didn’t put enough into stopping or acknowledging until the tanks rolled South into Kuwait. If you’re gong to label yourself an ethical hacker, fine. Mangle the front-end of someone’s WordPress site. That said, you could be educating others on the Kurdish people by including a few links into your hack. I live in America, where certain news services use “Muslim” and “Islam” in headlines purely for shock value when they want to appeal to an audience so narrow-minded that their hearing is susceptible to the Casimir Effect. I recommend adding the wikipedia article on Kurdistan and the Al-Anfal Campaign to future hacks (and I’m sure Serwan could find more) to provide a little substance to your efforts unless, of course, your goal is just to be a stupid-ass script-kiddie hacker.

If you’re gonna hack, at least try to be productive. Meantime, this was a valuable lesson for myself on what to do to try to keep WordPress from falling into the same limbo during a time when I might not have had an hour to fix it.

The 16-inch f/4.5 Collapsible-Truss Dobsonian From New Moon Telescopes – Feature Article In Astronomy Technology Today

Tuesday, June 25th, 2013

As first appeared on the CNY Observers & Observing website, www.cnyo.org, on 22 June 2013.

Greetings fellow astrophiles!

As if NEAF wasn’t already an excellent first showing for Ryan (and Heather!) Goodson and New Moon Telescopes (including discussions at Cloudy Nights (link 1, link 2) and a recorded observation in Sky & Telescope in this month’s issue), I am pleased to provide a full copy of the result of their first NEAF meeting with Gary Parkerson, Managing Editor of Astronomy Technology Today (www.astronomytechnologytoday.com): A feature (and cover) article (by yours truly) giving the NMT 16″ f/4.5 Dobsonian a complete walk-through in the May-June 2013 issue.

2013june22_nmt_att_article

Before anything else – I’d like to personally thank Gary and all at ATT for providing a platform for my review of the NMT scope, their continued support of other amateur astronomers through many years of excellent equipment reviews, and their complete coolness with allowing CNYO to repost the complete article for your viewing pleasure.


Click HERE For The Full Article (PDF, 2.3 MB)

From the article:

New Moon Telescopes (NMT, newmoontelescopes.com) is a very recent addition to the list of manufacturers of custom Dobsonians, having made their first company appearance at the Kopernik Winter Star Party (kopernik.org) this past January and their commercial appearance at NEAF 2013 this past April.

While NMT is now making itself known to the larger amateur astronomy community, NMT is no secret to Central New York observers. Amateur astronomers in several CNY astronomy clubs have seen the expert woodworking skills and design choices of NMT’s owner and sole craftsman, Ryan Goodson, first-hand, giving CNY observers and their always unpredictable weather conditions the honor of being NMT’s original customer base both in rebuilds and new Dobsonians.

The article introduction is no joke! There are three NMT Dobs owned just by CNYO session hosts alone (Larry S, Dan W, and myself), not counting whatever Ryan brings to our observing sessions, then several additional just in the CNY area (one CNY customer’s beautiful 18” Dob having been on display at NEAF). I remember just within the past ten years when SCTs and fancy mounts seemed to rule the observing grounds at Darling Hill Observatory, now all of the sessions I attend are populated by light buckets. The GOTO is increasingly being superseded in favor of memorization. I say excellent!

As a point of discussion in the article, I make reference to Ryan’s high-end component choices (the MoonLite focuser being high on the list – my “Ruby” (NMT #1) is named for its red focuser). I spent an extra block of time discussing the merits of a primary mirror purchase from John Lightholder at Lightholder Premium Optics.

Just as I have seen many an amateur astronomer start with seemingly decent eyepieces, then eventually sell and buy their way up to TeleVue (my personal bias, anyway), I have heard too many stories of observers with primary mirrors that eventually have their faults found out over the course of many observing sessions (the primary mirrors, that is). The solution, while not cheap, is simple – start with the best you can get and never, ever, find yourself regretting an “intermediate” purchase when you go to finally take the plunge on a high-quality primary.

The mirror alone cost more than many of the major vendors are currently charging for complete-and-shipped 12-inch Dobsonian telescopes. The reason is simple – it is absolutely worth it.

A final thought about the whole enterprise comes from Gary himself at ATT:

The Goodsons’ telescopes captured my attention, as did the Goodsons themselves, for the simple reason that they represent one of the aspects I love most about the telescope industry. Astronomy enthusiasts are primarily served by what are essentially cottage enterprises, populated with business people and craftsmen for whom their astro products and services represent labors of love. Most are family businesses, as is ATT, a fact that is reinforced with each trip to NEAF as I am privileged to again greet in person the family partnerships who gather there each year.

I am grateful to Gary and ATT for allowing us to repost the complete article on the CNYO website (and this pruned version of the issue was generated from the PDF I obtained as an enlightened subscriber to the digital version of ATT). It remains an excellent source of information from real users of equipment, a kind of completeness of analysis and discussion many of us had the pleasure of experiencing during discussions with Stu Forster and still have the pleasure of experiencing with my favorite local scope-sage Bob Piekiel.

And why yes, now that you mention it, it is easy to subscribe to ATT today! Click on the image below for more info!

2013june22_ATT_subscribe

ChemMedChem Cover For April 2013 – Treating Type II Diabetes Through B12 Conjugation

Saturday, March 23rd, 2013

The back cover picture shows two views at 150 degree rotation of vitamin B12 conjugated to the potent anti- hyperglycemia peptide glucagon-like peptide-1 (GLP-1). The conjugate displays similar receptor binding and agonism to unconjugated GLP-1, including insulin potentiation from human transplant pancreatic islet cells, which bodes well for oral delivery of GLP-1 through the B12 dietary pathway. For more details, see the Communication by Robert P. Doyle et al. on p. 582 ff.

From the free press department… The cover for the April, 2013 issue of ChemMEDChem (just the cover art this time, no theoretical content in the associated article. All the theory’s figured out!). I’m still awaiting the journal’s posting of the article content but wanted to get something up in March. For related content, see the discussion on the “MedChemComm September 2012 Front Cover Image For The ‘Examining The Effects Of Vitamin B12 Conjugation…’ Paper” post or any of the B12-related posts on this site (www.somewhereville.com/index.php?s=b12). This work is similar in scope to the B12-insulin bioconjugate work in the previous studies, but now includes a different peptide (glucagon-like peptide-1) with similar properties.

Obligatory

  • CNYO

  • Sol. Sys. Amb.

  • Ubuntu 4 Nano

  • NMT Review

  • N-Fact. Collab.

  • Pres. Asn. CNY

  • T R P Nanosys

  • Nano Gallery

  • nano gallery
  • Aerial Photos

    More @ flickr.com

    Syracuse Scenes

    More @ flickr.com