My World
      Blogging my Activities ... Interests

Movie, Code, and Hackers

Tue 23 December 2014

Last evening I was feeling rather down for no particular reason. When that happens, I usually put my phone on my answering machine and then select the movie to watch with the hope it would drwa me into the movie. I first started to watch the movie called "I Origins" but after 15 minutes I had to switch to something else - it was entirely too slow for me. The movie was given high ratings on IMDB but that doesn't necessarily mean it's good. I may try watching it again sometime in the future.

Then I tried the movie called "The Equalizer" starring Denzil Washington. OMG was this a great movie! It was full of nonstop action, introduced several different characters and kept my full attention for two hours. IMDB rated it a 7.2 with this brief comment. "A man believes he has put his mysterious past behind him and has dedicated himself to beginning a new, quiet life. But when he meets a young girl under the control of ultra-violent Russian gangsters, he can't stand idly by - he has to help her." This was definitely my kind of movie.

Denzil L Washington plays Robert, a "retired" CIA black ops dude. The way you retire in the CIA is to fake your death so that all your enemies think you are 6 feet under. He was most successful at this for years but had to step in to help a little 11 year old Chinese girl who was wanted by the Chinese mob and the Russian mob in New York City. Without going into details let me simply say Robert was one unstoppable bad ass. His character was very much like the character in the movie "The Punisher" - and was able to take on a half a dozen tough guys at a time. This movie will go where my short list of movies to watch again.

Something rather unexplainable way has happened to the world famous website, BillsView, you are now viewing. My guess is most of you folks don't know how to build a website using HTML and PHP as I did with Bill'sView. Most of the complicated code was written in PHP over 10 years ago with the aid of a young British college student I found on the Internet. This code is not any of the standard blog type codes readily available but rather a custom-made blog site. I've kept in touch with his young man (whose name has slipped my mind) over the years by sending small gifts via PayPal for no particular reason. This was unexpected to him and as a returned favor he was always available to help me with a code problem.

Without going into boring technical details let me just say that webpages are rendered on your computer screen from the file in which they are located on a server. An example path would be: http://website.com/workfile/notes/page.php. If you wanted to see the web page "page.php" you would use the URL I just made up. Coding a website is specific and only on the proper path should you be able to see the website. However, for reasons I cannot explain yet on my site you can also see the same page by going to : http://website.com/page.php - I have no idea how this works. The text and pictures on my pages are located at : http://website.com/workfile/notes/ - so how does that data get to http://website.com/page.php when there's no code telling it where to look?!

This is probably boring to you but a mystery like this is interesting to me because I want to know how it works. I've had this website for over 10 years and there are a lot of files within files within files on this site. I also use it to test other websites and web applications from time to time. For any of you who understand what I've just said you should be curious too.

About a month ago I was telling you I changed my online financial accounts to require a two step authorization for access. What that means is to get access to my accounts you must have my username, password, and

unique six digit code generated at the time of login

by a tiny device I have to my desk drawer. The accounts I have that Fidelity, Bank of America, PayPal, Coinbase, The Circle and eBay required the six digit code. Just how important is that you ask?

A couple of months ago J.P. Morgan Chase was hacked and millions of customers' private information like Social Security number, date of birth, address, employer,etc. was stolen by the hackers. This morning on FOX Business news the means of hacking was disclosed. Here is a quote from the New York Times : The hackers that stole millions of depositors' contact info from JPMorgan Chase earlier this year didn't use any kind of sophisticated malware like the one that took down Sony Pictures' computers. No, they managed to steal people's info, because the bank failed to upgrade one of its servers with two-factor authentication, according to The New York Times.

"Due to the lack of two-factor, the hackers gained access to sensitive info using just log-in credentials stolen from an employee."

Now you can understand why I implemented two-step login! It was clear to me months ago I should activate to step authorization where ever I can. This realization came to me when I joined a couple of Bitcoin exchanges which required two step authorization to do just about anything. If you have sensitive accounts online you would be foolish not adopt a two step authorization login.

UPDATE : I figured out the code mystery - I missed a .PHP include call.

Posted at 01:11 pm in Uncategorized