Waking up in a Libertarian US

The Gadsden Flag

A dream sequence of waking up in a Libertarian USA

Joe Conservative wakes up in the morning and goes to the bathroom. He flushes his toilet and brushes his teeth, mindful that each flush & brush costs him about 43 cents to his privatized water provider. His wacky, liberal neighbor keeps badgering the company to disclose how clean and safe their water is, but no one ever finds out. Just to be safe, Joe Conservative boils his drinking water.

Joe steps outside and coughs–the pollution is especially bad today, but the smokiest cars are the cheapest ones, so everyone buys ‘em. Joe Conservative checks to make sure he has enough toll money for the 3 different private roads he must drive to work. There is no public transportation, so traffic is backed up and his 10 mile commute takes an hour.

On the way, he drops his 12 year old daughter off at the clothing factory she works at. Paying for kids to go to private school until they’re 18 is a luxury, and Joe needs the extra income coming in. Times are hard and there’re no social safety nets.

He gets to work 5 minutes late and misses the call for Christian prayer, and is immediately docked by his employer. He is not feeling well today, but has no health insurance, since neither his employer nor his government provide it, and paying for it himself is really expensive, since he has a precondition. He just hopes for the best.

Joe’s workday is 12 hours long, because there is no regulation over working hours, and Joe will lose his job if he complains or unionizes. Today is an especially bad day. Joe’s manager demands that he work until midnight, a 16 hour day. Joe does, knowing that he’ll lose his job if he does not.

Finally, after midnight, Joe gets to pick up his daughter and go home. His daughter shows him the deep cut she got on the industrial sewing machine today. Joe is outraged and asks why she doesn’t have metal mesh gloves or other protection. She says the company will not provide it and she’ll have to pay for it out of her own pocket. Joe looks at the wound and decides they’ll use an over the counter disinfectant and bandages until it heals. She’ll have a scar, but getting stitches at the emergency room is expensive.

His daughter also complains that the manager made suggestive overtures towards her. Joe counsels her to be a “good girl” and not rock the boat, or she’ll get fired and they’ll be out the income.

His daughter says she can’t wait until she’s 18 so she can vote for change or go to the Iraq War.

They get home and there’s a message from his elderly father who can’t afford to pay his medical or heating bills. Joe can hear him coughing and shivering.

Joe turns on the radio and the top story is a proposal in Congress to raise the voting age to 25. A rare liberal opinionator states that it’s an attempt to keep power out of the hands of working class Americans. The conservative host immediately quashes him, calling him “a utopian idealist,” and agreeing that people aren’t mature enough to make good choices until they’re at least 25.

Joe chuckles at the wine-swilling, cheese eating liberal egghead and thinks, “Thank God I live in America where I have freedom!”

Read more

Fun and games – Cloudflare and SSH

As I mentioned in a recent post, one of my sites, a WordPress site to help a friend sell their house, got hammered with xml-rpc requests. It didn’t get hacked, but it did bring apache to a painful halt, and filled the memory.

To prevent that, I setup Cloudflare in front of it, to act as a CDN and a way to prevent it from being attacked. Thus, in the future, I should be able to regain control without too much pain and suffering.

However, I discovered one minor issue. Since I pretty much use ssh to login to the droplet almost daily, I quickly discovered that just didn’t work.

At first, I was scratching my head, thinking that I messed something up majorly. Then I recalled that I had switched to Cloudflare for my DNS and CDN, and it clicked. Alas, how they work is they hide your IP address, and then use the magic of their service to serve up your cracking good jams.

Unfortunately, the ssh request gets routed to the wrong ip address, and naturally, no response.

Not being able to ssh into my server is a really bad thing. But how to work around it?

First I tried to set a local hosts file to override the DNS, but that didn’t work. Bummer.

Second, I can ssh if I use the dotted quad IP address. It works, but, I am too old to remember that many dotted quads.

Third, and the one that I am using is to create a cname that points a prefix to the original address (in this case, I am using ssh so ssh.tralfaz.org will point to the TLD, and then I turn off the cloudflare redirect. Not optimal, but it works. It does leave me somewhat vulnerable, but alas, not many attack vectors happen to the subdomains.

A fun afternoon (attacked website)

Thursday, December 15 was a day like any other until the afternoon. Then I got the notice from the Jetpack plugin for one of my WordPress sites that it was down, and couldn’t be reached.

This happens occasionally, so I wasn’t too upset. Pointing my browser to the site Home2Baja gave a Database connection error. Simple enough to fix.

So I fired up PuTTY, and logged in. I attempted to restart MySQL, the first line of fixing the issue. Weirdly, it restarted, then stopped automatically again.

What f*ckery is this?

So I restart the droplet (this is hosted on the incredibly awesome service Digital Ocean) and after a minute try to browse to the site again. Same issue.

Grrrrr.

So I once again fire up PuTTY, and log in. Now all sorts of bat-shittery is happening. I am getting BASH errors, not enough memory to fork. I can’t even log in, so I go to the Droplet service on DO, and log into the console.

… and the screen fills with Apache error codes.

A little Google-fu, and it appears that the site is getting hammered with XML-RPC requests, causing Apache to use all the memory, and essentially shutting down the droplet.

The problem was that I could power it off, and on, but before I could SSH in, the site was jacked with the cascade of XML-RPC requests.

Finally, I got in, and was able to apply a fix (also, documented well on the Digital Ocean support knowledge base), and got it back under control.

Now, I have Cloudflare running interference, so that in the future if/when I get hammered like this again, I can block it without being locked out of my own VPS.

A fun afternoon.

(Background: The “Home2Baja site is a website I created for a friend who is selling his home in San Felipe, B.C. We use Google Adwords to drive traffic to it, and it gets 30 – 50 hits a day. Clearly someone pointed their attack vector at it, and it was getting 4,000 xml-rpc queries a second. No wonder why my measly 1gb droplet was getting inundated. Yes, there is a firewall, a fairly restrictive firewall, but these queries come via HTTP, or port 80.)