DanRochman.com

Frog Hollow Shandy at NOPA

Originally uploaded by Dan Rochman

A splendid end to the work week. Even tastier than it looks. Apricot brandy, noyaux, lager, and ginger beer. Must be 21 years or older to consume, or to read about in a blog post.

As we drove over the hills of San Francisco, Eddy mentioned Bullitt, and the so-very-famous chase scene therein. I hadn’t actually seen the film since I was a kid, and it occurred to me that now that I actually lived in San Francisco, it’d be cool to watch it again, since I might recognize some of the locations.

Thanks to the wonders of the internets, most of my work has already been done for me. It turns out that someone named Mike Haeg used Google’s My Maps feature to create an annotated map of the entire chase sequence in Bullitt. There’s also a conveniently embedded YouTube viewer, so you can watch the scene and play with the map (if you open it in another window) at the same time. The best part, at least for me, is that it turns out that the chase starts right around the corner from where we live, in Bernal Heights! While the chase eventually jumps to different locations all over the city and beyond (artistic license), it begins with the cars heading west along Army (now Cesar Chavez) Street, u-turning at Precita, and then driving up York to Peralta. By some bizarre coincidence, I travelled almost the exact same route *on my bicycle* two days ago, just a day before I re-discovered this scene. And for the record, I’d definitely rather drive a Mustang up York than a bicycle - I had to stop twice to catch my breath, and it’s a *tiny* block. But that’s the point, since I’m trying to build up my cycling muscles for the playa.

Yesterday, while I was out getting some (NomNomNomSoGood) ice cream at Mitchell’s, I took a picture of the Mitchell’s sign, and then posted that picture (via flickr) to this blog. When I checked my blog to see if the post had come through, there was already a new post up - and it wasn’t written by me! That’s not unusual for any of the (many) multi-author blogs out there, but mine is a tiny blog, with (maybe?) four readers and (definitely) just one writer. The inescapable conclusion was that a total stranger (at *least* one - maybe more?) had somehow obtained Administrative rights on my server. Uh-oh.

It turns out that I had done an incredibly boneheaded thing. While the “front door” of the blog (and the web server in general) was pretty well secured, I had essentially left a side door WIDE, WIDE open, giving unrestricted access to the MySQL database which powers this blog (plus my photo gallery, plus other things) to anyone who could be bothered to grab it. I thought I’d locked that door as well, but, well… no. No, I really hadn’t. I’d actually left it off the hinges, with a red carpet rolled out, and a huge neon sign on a post nearby saying “Please Come In and Take Whatever You Like”.

Fortunately, it appears that the first hacker (is that the right term?) to come along and say “What’s with the wide open door? Maybe I should go inside and have a look!” happened to be a really nice guy, with some mad skillz, a sense of humor, and no discernible malice. Instead of deleting my content, or filling the site with spam, or changing the page templates to carry nasty computer virus payloads to all my (four?) readers - all things he could have trivially done - he just left a funny post on the blog, which effectively was a heads-up to me that I had left a door wide open somewhere.

Better yet, when I e-mailed the “intruder” (Is it intrusion if the door is wide open? And yes, he left me his real e-mail address.), he replied to let me know how he got in, which enabled me to quickly find the open door, figure out what had gone wrong, and get it closed up. I’m leaving his post up, though, if for no other reason then as a reminder to myself to always take the extra few minutes to TEST TEST TEST the server security. For the record, your .htaccess and .htpasswd files can be just as perfect as can be, but if you (a) have “AllowOverride None” specified for the virtual host, and (b) forget to TEST the site, so that you *realize* that you’ve accidentally left AllowOverride set to “None”, then you, too, can end up with one of the world’s most hackable servers. All because of a single word on a single line of a single Apache configuration file - such are the joys of System Administration. Hubris, anyone?

Props and many thanks go to Tetsu, for being a White Hat Hacker, a jokester, a good netizen, and a good sport. And most of all for being gentle with my server when he could just as easily have trashed it, and by extension saving me from the scumbag who would inevitably have come along and actually trashed it. (Yes, I have backups, but doing an unscheduled wipe-and-restore, not to mention a forensic audit, really isn’t my idea of a good time.) Anyhow, thanks to Tetsu, I learned a valuable lesson in a much easier way than I otherwise would have.

Thanks, Tetsu. If you’re ever in San Francisco, I owe you a drink - your choice. And a round of DDR, if you’re up for that.

Mitchell’s Ice Cream

Originally uploaded by Dan Rochman

About to do a Halo Halo run with Em, and Rona, and…??? I really haven’t had much to eat today.

An actual burning man attendee? Well How-dee! I’m a pretty huge DDR fan as well. I can’t believe I’m posting on THE Dan Rochman’s blog! I feel so big. Alright, all of you blog-rollers, live long lives and take more pictures.

You might wanna try some different colors around here. Default doesn’t fit you. Gotta go!

Wowza - that was a whirlwind tour! A lot of eating, a lot of sightseeing, a little shopping, a little Dance Dance Revolution… I think it was a fairly packed few days for all involved. Our guests had pretty good stamina, considering they came in really late on Thursday night, and were three hours off their native time zone.

The Thornhill Thug-Life-Forever Posse left San Francisco this afternoon, heading down to the stunning scenic beauty of Santa Cruz, and then on to Carmel, Monterey, and Big Sur. After that, they keep heading down the coast to Los Angeles and San Diego. Too bad *some* of us have to go back to work.

Oh, and before I forget, here’s a fun link to YouTube clips of people riding Big Wheels down that famous stretch of Lombard Street

Reanna & Shane - Live From Slanted Door

Originally uploaded by Dan Rochman

The Thornhill Rochmans have arrived! And (Holy Coincidence, Batman!!) we just ran into Sebastian & Janna, who are here on a date!!

Time for yummy food & drink now - more later. No photoblogging from the dinner table??

First Blog Post via Flickr

Originally uploaded by Dan Rochman

I’m standing on Bernal Hill, enjoying a beautiful day, and a beautiful view. The Thornhill Rochmans are (at long last!) on their way here, and they’ll soon be enjoying this beautiful view as well - plus many more, besides. Can the Richmond Hill Rochmans be far behind?? Yes, that’s a dare…