Last week the sudoroom.org server had a compromise. We are pretty sure
that it was caused by an outdated Tor which I had stupidly installed
from Ubuntu's repos instead of from torproject.org. Tor was running as
a client and serving some .onion addresses but was not any kind of
relay or middle/exit node.
On Monday (May 19) Linode started getting complaints that our ip
address was scanning parts of the internet for port 22. At that point
we started auditing and upgrading some neglected services. We also
started filtering and logging outgoing iptables. The next day we
caught another scan in progress and realized it was probably the
"debian-tor" user, so we switched to the more up-to-date package from
torproject.org. We haven't seen another scan since then.
We will keep most outgoing packets filtered at least until we switch
to a new server. That's going to happen soon, as soon as sudoroom has
a proper debit card. We can open up specific ports meanwhile if you
need them.
The drama is probably over but this is just to let you all know that happened.
The power to all of sudo room was turned off and on again at the circuit
breaker tonight between 4 and 5 am.
This was done by am obviously drunk Timon. I don't know why he was flicking
switches in the circuit breaker box. He apologized and claimed to not know
that any of the circuit breakers were related to sudo room.
I told him that he'd just caused all of our infrastructure to hard reset.
He became agitated and started complaining that I was staying on the topic
after he had already explained himself. I then asked him to leave the
common space. He refused, became very agitated, claimed a legal right to be
in the common space and among other things requested that I leave his
vicinity. I felt threatened by his behavior.
Most of the sudo room infrastructure seemed to recover gracefully from the
hard reboot. The internet connection did not come back up automatically,
but after a couple of reboots of the DSL modem the connection was back.
--
marc/juul
Hey all,
I added a slew of templates to our wiki, including baseline infoboxes,
corresponding templates and styles that help those infoboxes run, and
particularly a Recipe infobox that uses the "hrecipe" microformat to help
parsers find our recipe data!
https://sudoroom.org/wiki/Template:Infobox_recipe
I plan to implement this box soon for sudo mate, and various other sudo
food hacks!
// Matt
p.s. microformat in question:
http://microformats.org/wiki/microformats2#h-recipe
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hey all,
Just noticed that when loading https://sudoroom.org/calendar from my
Firefox, I am immediately redirected to
https://sudoroom.org/wp-login.php?action=logout&_wpnonce=51eee2a608 and
asked if I'm sure I want to log out.
I'll be at sudo this evening if anyone wants to see the bug replicated
and take a poke at it.
Cheers,
Jenny
http://jennyryan.nethttp://sudomesh.orghttp://thevirtualcampfire.orghttp://technomadic.tumblr.com
`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`
"Technology is the campfire around which we tell our stories."
- -Laurie Anderson
"Storytelling reveals meaning without committing the error of defining
it."
-Hannah Arendt
"To define is to kill. To suggest is to create."
- -Stéphane Mallarmé
~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`~`
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJTeqTtAAoJEHTWWpBUSeDhai8IALYkQB5iBiIxGwi//PqgXhEg
xh/rQhl7Y5gA22258LKMYz+dUIRxXjXJTxrc/5NUwO9NKfcIy97YwFMSnnfEqxQs
jfI6QuMnNHj8p0Wzhtc+Xcd7U9JidASArbrWNs3J6Cb/nN32h+ARDSfKp6nGzdBf
ebvpxJYNZDHOLUL0Oz8EgjE6CFZZlqa8x0XIEOFYjm/X4QQbe41A+sZ3TAJEOScr
zmGVgWVx0SxYNA11b1co0vHBPjPyZJLRkeSBFYkrnBVZg5YJZIg9YYt2bUKgmhta
V90Kr1oy1gzf9FLi6+L1qWYopiQ9ssF/fP3ffQj4tHRIjVnPGGHXu3IA5xahzOE=
=ZX8q
-----END PGP SIGNATURE-----
Hey all,
Daniel and I had a discussion of things we'll need for a Reboot'd network.
There's a preliminary wishlist, but other docs and additions are welcome:
https://sudoroom.org/wiki/Network/Reboot
// Matt
On Wed, May 14, 2014 at 10:50 AM, Charley Sheets <rcsheets(a)acm.org> wrote:
> I don't understand why they'd just revoke our certs without explanation. The
> new certs are working though.
They're now saying that it was revoked because the certificate was
hosting malware, citing this spamhaus report:
http://www.spamhaus.org/sbl/query/SBL222149'
They say there's a "KINS webinjects / MITM server" at the IP address
195.211.153.54. But sudoroom.org is at 173.255.221.152 so I don't
understand what this has to do with us.
Do we have any services at 195.211.153.54? Or can I tell Comodo they
made a mistake? If we don't resolve it with them, our new cert may get
revoked again.
On Mon, May 12, 2014 at 1:35 PM, Matthew Senate <mattsenate(a)gmail.com> wrote:
> I'm unable to connect to sudoroom.org on debian with iceweasel (basically
> firefox 30):
>
> Secure Connection Failed
>
> An error occurred during a connection to sudoroom.org. Peer's Certificate
> has been revoked. (Error code: sec_error_revoked_certificate)
The CA revoked it and haven't told us why yet. They finally let us
have a new cert for free, after way more hours on support chat than
it's worth. Hopefully there will be no more browser errors now. New
fingerprints:
SHA1 Fingerprint=6B:80:90:98:D1:EF:AA:36:8E:92:AA:F5:D4:10:F8:D7:E7:60:E7:08
SHA256 Fingerprint=47:95:D7:29:44:1F:5F:22:43:B1:08:99:B7:22:BF:84:F3:F6:F6:D7:C2:E4:3F:64:27:B9:F0:87:98:A7:48:D6
I'm unable to connect to sudoroom.org on debian with iceweasel (basically
firefox 30):
Secure Connection Failed
An error occurred during a connection to sudoroom.org. Peer's Certificate
has been revoked. (Error code: sec_error_revoked_certificate)
On Sat, May 3, 2014 at 1:19 PM, Yar <yardenack(a)gmail.com> wrote:
> I noticed that our Gittip is no longer connected to any bank account,
> and the money is accumulating without being deposited. Did somebody
> remove it? Why?
Update: some people were saying this has happened before, because
Gittip did a "reset", whatever that means. So we just need to add it
back.
I'm finding the form confusing because it seems geared towards
individuals, not organizations. Who added it in the first place? Can
you give some insights into how you set it up? For example, what did
you enter for "legal name" or "date of birth"?
I don't think it's a good idea to keep accumulating a balance.
Although I love gittip, the huge attack surface makes me nervous.
Anybody can log in with Sudo's twitter account, and many people have
access to that, including persistent app logins on their phones!