saboteurweb.com
main
You know who's great too? Adam Tell.
posted by Saboteur on 13.11.2017 21:41
(0 comments)

I took a little bit of a punch to the heart from Adam Tell recently. Don't worry, I'm better for it! That just seemed like the most apt way to convey how this artist and his music has made me feel. I like him for the same reasons I like Fox Stevenson (Stan SB)'s earlier work - the strong beatwork, uplifting melodies and compelling lyrics, combined in just the right proportions.

Adam Tell doesn't entirely avoid the dubstep sound stylings so prevalent in electronic music today, but what delights me in his music is the way he lets songwriting be the entrée, and bass programming the side dish. A good B-section does a lot for a track, and I feel like I hear that way too seldom these days.

He has a diverse catalogue to explore on Spotify, and I always struggle with picking out single recommendations. I'll just drop "Roll the Tape" and "Plant The Beginning" here so you can see if your curiosity is piqued. Hope you end up enjoying the music even half as much as I do, because I love it so much I just couldn't shut up about it!
Pogo - Gruve
posted by Saboteur on 04.06.2017 14:52
(0 comments)

You probably need some Pogo in your life. It's good for the soul.
FOTM Alternative!
posted by Saboteur on 18.06.2016 10:42
(0 comments)

Hey now. A couple of years ago I shared one of my Spotify playlists, called "Flavor of the Month". It's basically my go-to playlist for almost any occasion. The list is constantly evolving as I have chosen to limit the length to roughly 4 hours - which means every time I find another inspiring track, I also have to choose what to drop off from the list to keep the length.

Along the way I've been cycling some of the tracks in via another list, a kind of "bubbling under" list. But I reckon it's reached the stage where the other list has sort of come into its own, already at 4 hours and full of awesome stuff too. So I decided to share the FOTM Alternative! Some of it is a little bit different in style than what I rock on the main list, but the music isn't "worse" by any standard imaginable. I just want to try and keep the main list at the target length to ensure the freshness.

So, just wanted to spread the love. Have an awesome day! <3
A cautionary tale
of amateur webhosting - posted by Saboteur on 03.03.2016 23:24
(0 comments)

Maybe amateurs shouldn't host their own sites. I do anyway, because it was a fun little project, and does continue to be, even though it has been on the back burner for a very long time.

So, confession time. For several years, my only method of SQL backups was a cron job on the server that saved a mysqldump locally, with a fixed filename (so it'd overwrite on the weekly schedule it was on). I would manually copy that over to my desktop every few months, or much less often. In February 2016, for whatever reason, I wisened up. Maybe I was bored, or maybe after several years of neglect, the slowly mounting fear of losing all my data due to an inadequate backup scheme had finally reached the point of prompting some kind of action. Probably both. I ended up researching a very quick way to set up a timed job on my Windows10 desktop that pulled the mysqldump file over to the desktop, and in the process named the file based on the copy date. It was possible without installing any new software, just vanilla Windows10, so that made me happy.

After 3 ½ weeks of running this setup, I checked up on how it was working. I was delighted to learn it had worked precisely as intended, but I also learned of an incredibly alarming trend in the filesize of the dump file.

A file from October 2013 that I had kept around as reference was around 11 megabytes. A manually pulled file from beginning of February was 17 megabytes, which I didn't have reason to doubt, it had been more than 2 years after all. But the pattern of the next weeks was jarring:
2016-02-15, 20 Mb
2016-02-22, 31 Mb
2016-02-29, 62 Mb (!!!)

This was the point at which I realized something was terribly wrong. It was apparent that something was flooding the server with spam. I run several very old unlicensed IPB forums (the version I run does allow it, so I shouldn't be breaching their terms for my noncommercial use), and I had to lock them down several years ago due to spambots having their way with them. It had been a sufficient strategy to stop new member registrations and disable guest posting, but now I got a bit worried if perhaps new exploits had been found that circumvented those controls.

I could have researched how to analyze the database to find out where the spam is, but I wanted to first try my luck with something as simple as a look into the access log. Typically the spambots try all kinds of different attacks at the IPB or the server in general, which tend to leave errors in the access log. This happened to be the case here as well. Upon simply glancing at the tail of the access log, I immediately spotted suspect behavior. Now, errors left by spambots are not a red flag as such - like said, they are a commonplace thing to have all the time. But the part that caught my attention was that the errors were arising from a subdomain that I did not honestly remember even existing.

That's a huuuge red flag. I realize I have an IPB there, and log on. There are thousands of threads and hundreds of "members" - on a board which, from what I could tell by looking at the oldest available threads, was completely empty until around December 2015.

I start with the usual lockdown, removing posting privileges from non-admin member groups. Since the board had been empty, I also use the IPB board on/off switch to turn it off altogether - no point even leaving behind a view access since this was an unused board. Luckily the IPB admin panel, while a bit crude in a 2003-dated IPB version, did have a few interesting statistics I could check out before commencing with the great purge.

The flow of members and threads had started late December 2015, with low volumes throughout January. I guess the bots had propagated the address over time slowly into their network, after discovering their spam was getting through. From February the volumes surged to hundreds of posts daily. There's no reason to suspect anything less than exponential growth would have continued to take place, had I not gotten incredibly lucky and set up my weekly backup task at just the right time to reveal the build-up of a tidal wave of spam, before it severely compromised my server.

It's not just that my bandwidth and storage would have been overwhelmed, it's scary to imagine what kind of crap could have ended up on the site that I could potentially have been liable for. Now I managed to plug the hole within just over 2 months of exposure.

I was ever so happy that an "empty board" feature existed in the admin panel, which got rid of all the spam in one fell swoop. Pruning the userbase took a little more effort, and I once accidentally removed the admin user with the IPB controls (yeah, oops...). Still, after restoring the admin user manually by way of ad-hoc sql, and a few more bulk runs on the Delete User tool in the IPB, I had cleaned up every user except the admin. Problem solved.

At the end of it, I pulled a manual sqldump. 13 megabytes.

On the bright side, seems the server as a whole is still not too exposed to crap, despite running on quite old software - after all, the leak was really mostly a configuration error on my part. Still, I've known I should probably rebuild the server and recode everything in the not-so-distant future. You know, maybe pick up some new but inexpensive, fault-tolerant, passively cooled, energy-efficient hardware. Get a new O/S and infrastructure (apache, php, sql) and finish by rewriting the sites not to run on a more than a decade old IPB.

I still need to do all of those things. I don't consider it just a chore, mind you. It should actually be reasonably fun. As long as I can do it in a way that the old system runs on the side, so I can take my time with it. But I sure have been putting it off, no doubt. Guess this was a reminder that I really can't put it off indefinitely.
News Browser / Today's news / News archive

Time: 18:10 / Uptime: 914 days, 23:23
You were served this document in 0.265 seconds.