As it turns out, hacking seems to be the graffiti of the internet. The funny part of all this is that at the end of the day it’s all marketing, you gotta love a hacker who advertises. It seems that my site isn’t cool enough or maybe doesn’t get enough traffic to warrant good graffiti, instead I get nothing more than some crappy tagging akin to a 2? Sharpie tag on the seat of a bus. After riding on the N-Judah to work for 6 years I’ve seen some pretty amazing graffiti in the Duboce Park tunnel and would have felt fortunate to be a beckon of web insecurity if it had been remotely cool looking or at least made the link to their site that they left clickable.

I don’t really understand why someone would bother to take the time to do this. The only thing they did was remove my last post, replaced it with a bit of text and changed my admin password. I’m sure they could have gone a lot further than that and overwritten all my posts and put up pictures of unicorns. Being the curious monkey that I am, I followed the link that the hacker left and after a few clicks ended up on a site dedicated to internet security called zone-h. The page was a profile of sorts for the group that had taken credit for the hack and sure enough there was my site listed on page two of their Digital Attacks Archive in all it’s cached glory.

The site claims that the listings are for bringing awareness to the vulnerabilities of the technologies used to make the internet everything that we know and love. You have to think though that the hackers have to love getting public 3rd party verified listings of their hacks. Some of these hackers have up to 2000 verified attacks posted and are listed as competitors with rankings based on total hacks and even list how many were politically motivated. The hackers that did my site aren’t even listed in the top 50!

It seems that there were a few security bugs in the 2.2 release of WordPress which is hopefully how they were able to hack my blog. It turned out fairly easy to fix, except that I hadn’t exported the site or backed up my database so I ended up permanently losing my last post which was a bummer. To get past not being able to login in anymore, I created a new user by registering on the site and then used my hosting control panel to gain access to my database and upgrade my new profile to administrator. After logging in as a newly minted administrator I removed the hack, fixed the admin profile and then proceeded to upgrade my WordPress install to 2.2.1. I’m thankful that I have the experience to fix this kind of thing, but what about the other 50 million blogs out there? How do they deal with issues like this?

At some level I guess it’s really my fault. Ignorance of the intricacies of technology can only lead to the hazards that come along with putting your digital self out there for the world to enjoy and hack. In the famous words of Gny. Sgt. Hartman, “If there is one thing in this world that I hate, it is an unlocked footlocker! You know that, don’t you? If it wasn’t for !#@$%*%&$ like you, there wouldn’t be any thievery in this world, would there?”

This entry was posted on Friday, July 6th, 2007 at 10:06 pm and is filed under Interactive. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.