Monday, May 30, 2011

On Memorial Day, Remembering My Fathers

At first I wasn't going to do this, because it's too hard. But I just knew I could not let the Memorial Day go by without honoring my father, Zenophon Abraham, Sr., and my stepfather Chester Yerger, Jr. Both served in World War II, and both received honorable discharges from it.

In my father's case he's now buried at Abraham Lincoln National Cemetery and, as I show in my 2009 video, ...



I have his burial flag that was given to me after his ceremony, which included a 21-gun salute. Zennie Sr. passed away without a lot of money, and I was prepared to take on the debts he left behind, but it never came to that. We had a relationship that was on-and-off-and-on.

I think, as I grew and became 'my own man' as they say, he, at first, didn't know how to deal with that. He was used to me always agreeing with him; then I hit 18 years old, and that pretty much stopped. I remember the first time I took issue with his point-of-view, explaining to him that, even though I was a Dallas Cowboys fan, I believed that the then-Los Angeles Rams were going to beat them in a NFL First Round Divisional 1981 Playoff Game.

Well, that's what happened.

We didn't talk much after that.

Dad remarried during the 80s, then in 1993, first informed me of my three young half-sisters. I didn't actually meet them until the year my father passed away: 2005. The oldest and I communicate often, but not quite as much as I'd prefer.

My father and I reconnected in 1999. It was my first NFL Owners Meeting, the Fall Meeting that was then commonly held at the Hyattt Regency O'Hare. It was my first such meeting during the effort to bring the Super Bowl to Oakland, and I was jazzed to say the least. Attending such an event, let alone being asked to make a presentation, is a rare happening for anyone. 

I even remember talking with this guy who would literally hang out in the lobby by himself, waiting to talk to the NFL Owners as they came out of whatever meeting was being held.  He was an NFL junkie in a black shirt - a guy who looked like a kid at a candy store.   Now, he's on Fox Sports and his name's Jay Glazer. 

Since I knew that Dad lived 15 minutes away from the Hyatt, I invited him to have lunch with me. It was a moment I will never forget, because it was the day after the day that Chicago Bears Running Back Walter Payton passed away: November 1, 1999. My father said "I want to talk with you as a father talks to his son." And he did.

I don't care what anyone says, or how this is taken, you can't replicate the impact a father has on the growth of a child - son or daughter. You just can't. He said things to me that I will never forget or recount here.

Later, after my successful Super Bowl Policy Committee Meeting, where I was the only person representing Oakland (a long story) to talk before a group that consisted of then-NFL exec Neil Austrian, then-NFL SVP and "Mr. Super Bowl" Jim Steeg, Indianapolis Colts Owner Jim Irsay, the late NY Giants Co-Owner Bob Tisch, and the late Kansas City Chiefs Owner Lamar Hunt (and where Irsay said my presentation was "outstanding" and you can ask him today), I called my father.

I just wanted to meet Dad for a drink; he wanted to go out and into Downtown Chicago to a club! Man, I just couldn't see doing that with my old man. Boy, was I a square! Well, not really. I just think there are some activities that a young man should not do with his father, and that's one of them!

My father, like my stepfather Chester Harding Yerger, Jr., was full of life. In Chester's case, he was married to my Mom for 18 years before passing away the same year as my father - 2005.

Chester loved to talk with everyone, especially about the War, and about his legendary Arkansas family. The Yergers were one of the largest tax payers in the State of Arkansas, and have a history remembered today in the form of Yerger Middle School in Hope, Arkansas. He was proud of the legacy of a great African American family that was paced by Henry Clay Yerger, Chester's grandfather.

Mr. Yerger started the Henry Clay Yerger School System in Hope, in 1886, with one building and one teacher - him. It grew steadily and became the first training school for Blacks west of the Mississippi River, and then in 1931 called Yerger High School.

After re-reading that, it's not hard to brag, eh?

I lost both my father and Chester in 2005 and in October and on St. Patrick's Day, respectively. That same year, in January, my mother was diagnosed with Breast Cancer. Thanks to early detection, an early-stage drug called Femara, a great diet, and friends, and me, Mom beat it and was declared Cancer-free on April 17, 2005.

She's still giving me lectures today; I love every one of them.

Happy Memorial Day.

PBS, Sony, Fox Websites Hacked By LulzSec's Lulz Boat, AT&T Next?

A new group of web pirates is making itself known, as it sails the high seas of The Internet in search of what it describes on Twitter as #fun #fun #fun.

The Lulz Boat, or what the group really calls itself: LulzSec, has hacked into the websites of PBS, Sony, and Fox, in reverse order over the last two months - and AT&T appears to be next on their list.

The Sony Hacks

The series of Sony hacks (not just one), and reported to be the largest in Internet history, caused the Japanese icon to shut down its PlayStation servers for a month. And LulzSec left this tweet:

LOL @Sony, nice Japanese website dumbasses: http://pastebin.com/NyEFLbyX

Which leads to this message containing the Sony website pages that contains two links to Sony's database structure:

@LulzSec was here you sexy bastards!

This isn't a 1337 h4x0r, we just want to embarrass Sony some more. Can this be hack number 8? 7 and a half?!

Stupid Sony, so very stupid:

SQLi #1: http://www.sonymusic.co.jp/bv/cro-magnons/track.php?item=7419
SQLi #2: http://www.sonymusic.co.jp/bv/kadomatsu/item.php?id=30&item=4490

(two other databases hosted on this boxxy box, go for them if you want)

And LulzSec does it all with the interesting tagline "Laughing at your security since 2011!"

And that seems to be the point of their hacks: taking advantage of apparent and simple gaps in system design. The LulzSec refers to the "seven processes" in their Twitter account, as if they were the "seven seas" that pirates would sail on.

But by "seven processes," and linked to reference to their actions as being pirate boat attacks, then the "seven processes" seems to be the approaches they use to enter a website and database.

The SQL Injection Method

Generally, what LulzSec seems to be doing is using something called The SQL Injection Method.  What this is starts with the use of the "Structured Query Language," or SQL programming approach, like C, or HTML, or any other language, but that is used to create managing data in a website's database. The technique of "convince the application to run SQL code that was not intended," is described in detail at Steve Friedl's website at unixwiz.net, where he provides a way to "mitigate" against such approaches as the ones used by The LulzSec. You can see that with a click and scroll here: FIX.

Tupac and LulzSec Fame

The LulzSec group gained recent fame by hacking into the PBS website and posting a report that legendary rapper Tupac Shakur is "alive and well" in New Zealand, along with Biggie Smalls, aka The Notorious BIG.

Which is interesting, because history tells us of a feud between them that resulted in their deaths. But I digress.

Why PBS?

Reportedly, The LulzSec hacked into the PBS website because of the public television giant's Frontline programs on Wikileaks and Private Bradley Manning. But personally, I don't think that's the reason: LulzSec just did it because PBS was vulnerable. So, they hacked in, made up a reason for the action after it was successful, then turned their attention to Tupac and Biggie.

Think about it.  Why would a group announce it was going to hack into a website and state its motives before the action unless they had reason to believe they were going to be successful?

Bragging On Twitter

The programmers are particularly active on Twitter, and not shy about their future objectives, or their present conquests. Here's sample from their Twitter page https://twitter.comLulzSec:

LulzSec The Lulz Boat
Hey @PBS admins, you still trying to regain control? The Lulz Boat sails through your horrendously-outdated kernels! #Sownage next, folks.
5 hours ago Favorite Retweet Reply

LulzSec The Lulz Boat
Sony happens when Sony happens - we're celebrating our victory right now. The fun will never stop!
6 hours ago Favorite Retweet Reply

LulzSec The Lulz Boat
We dominate their entire stupid website. Selling custom blog.pbs.org domains, php/user included, lulzsec@hushmail.com - 2 BitCoins each!
6 hours ago Favorite Retweet Reply

LulzSec The Lulz Boat
Oh yes, that's right... #Sownage tomorrow. We hope. We decided to obliterate @PBS instead out of distraction. *heads off to the Lulz Cabin*
9 hours ago Favorite Retweet Reply

LulzSec The Lulz Boat
@
@ShiverMeTimbres PBS can't recover much, all their base are belong to us. They only broke the file that lets you read articles.
11 hours ago Favorite Retweet Reply


LulzSec The Lulz Boat
We're working on another Sony operation. We've condensed all our excited tweets into this one: this is the beginning of the end for Sony.
26 May Favorite Retweet Reply

As of this writing, it looks like PBS has regained control of the articles section of website: http://www.pbs.org/newshour/rundown/a and Newshour reports on Twitter:

FYI: None of our visitors' personal information or emails were compromised during last night's incident ^TG

But LulzSec says that's the only part that PBS controls, so while all may seem OK, it's not. The PBS website is still largely under LulzSec's control, according to LulzSec.

(An observation: what's good about Twitter, is that PBS Newshour was able to use it not just to report the hack, but to explain the false Tupac news.)

Chester Wisniewski's Annoying Blog Post.

A network security specialist named Chester Wisniewski posted a rather annoying blog entry at his Naked Security blog site. This set of paragraphs Mr. Wisniewski wrote below was particularly troublesome to this blogger:


While PBS is the victim here, the passwords disclosed for most affiliates are embarrassingly predictable.


There was absolutely no skill involved in this attack, as it used freely available tools to exploit the databases. The attackers represent nothing more than what many historically thought of as hackers: people creating chaos with no other purpose than gaining fame, irrespective of the damage caused.


The attack is nearly identical to the recent attack against SonyMusic.co.jp. LulzSec used the same tool to attack the Sony website, although far less sensitive information was disclosed in the Sony attack.


Several other databases were disclosed, some including plain text passwords, others using hashes. It is unfortunate that PBS was vulnerable to this kind of attack and even worse that so many passwords were stored in clear text. Revealing this information is criminal and there are certainly more respectable ways of disclosing flaws than exposing so many users' passwords.


To write that there was "absolutely no skill involved in this attack" is nothing more than one programmer dissing another, and helping no one. The fact is, LulzSec did it, and is ways that aren't familiar to the general public. That makes them what? A specialist with a skill - a dangerous and effective one that impacts millions of people.

If what LulzSec did called for "no skill" then Chester Wisniewski should have posted the mathods to fix the gaps in their website security. He did not do that. If the problem is an SQL injection flaw, which is how LulzSec entered both the PBS and Sony website systems, then why not show how to spot the problem and fix it - as I did here, noting Steve Friedl's website

Facebook, Twitter, Safe

That LulzSec was able to easily hack into the websites of large, traditional brands, means that new media companies with far more secure website systems are safe, specifically Facebook, YouTube, and Twitter, to name some of them.

The point of all this really should be to work with Internet entrepreneurs who build large, database-driven website companies, and not just any programmer on the block, in developing website protection systems that are extremely secure.  As LulzSec claims, "no one is safe" and that may be,  but you can make your website more safe than the next website.

Stay tuned. 

















Golden State Warriors To Get Bigger Under Jerry West?

In a Sunday evening interview with Lawrence Scott of KNTV NBC Bay Area Channel 11, San Francisco, Golden State (Oakland) Warriors new "executive board member," NBA Legend Jerry West, said the one set of words this blogger has wanted to hear for years: the Warriors "need to get bigger."

The Golden State (Oakland) Warriors of owner Chris Cohan and Team President Robert Rowell were known as a small, fast team without the "towers" necessary to compete in tough games down the stretch. And in much of their history since the late 80s, the Warriors were never known for that 'big guy in the middle.'

The last person with the ability required to wear that tag was "The Chief," Center Robert Parish, who left in what was described as a trade that cemented Celtics President, the legendary Red Auerbach's "reputation for thievery," at the expense of The Warriors.

Auerbach dealt the first and 13th picks in the 1980 NBA Draft to The Oakland Warriors and the third pick in the 1980 Draft and Mr. Parish. The Warriors used that pick to get Purdue's Joe Barry Carroll at center.

Joe Barry Carroll never lived up to the lofty expectations set for him, and that was magnified by the success of Parish, paired with then-rookie Kevin McHale with a Celtics team that already had Larry Bird, and went on the be the NBA Champions that year.

That same year, Parish has the same points per game average as Joe Barry Carroll, but Parish had 777 rebounds that year, compared to 437 for Carroll. It wasn't just that Parish was taller, he was only that by an inch. But the observation was that Carroll wasn't 'into' the game, and so didn't play to his seven-foot height.

But I digress.

Warriors new owner Joe Lacob said that West would be "broadly involved in the organization" when he was interviewed by Tim Roye, the voice of the Warriors, last week. That will include marketing, sponsorship, and even arena issues.



And when Roye talked with West, Jerry said that he wasn't there to step on anyone's toes, but he reiterated Labob's statement that West is there to be an adviser.



West, from his conversation with NBC Bay Area and the Warriors interviews, will have a key role in selecting the next coach for the Warriors, and dictating the team's overall characteristics. But from Roye's interview, it's obvious that West will play a large roll in the very shape of the Warriors for years to come.

Yeah!!

Stay tuned.

Side note: If KNTV NBC Bay Area had a real social media strategy, it could have got a lot more mileage out of this Jerry West interview. They put tweets out about the West interview, but without a link to any other type of content. So, when the TV segment is gone, that's it.

KNTV suffers from the same "inny" view of the use of social media that seems to have infected local television stations, causing them to lose out on thousands of dollars in ad revenues.