Reverse pen-test or ‘Privacy Policy–under the hood’

Test
Get user info and display. This post will grab your external (real IP addy) and display it below. I do not collect this data per my privacy policy but I am trying to reverse engineer the script that yanks out this data.

IP check


As a for instance, I can store the IP and write something along the lines of

Open Whois.com
//in address bar type:
http://yourIP
print data to screen

This could wreak all sorts of havoc. This is essentially a new pen test. If it works; I’ll look for a patch. Btw; if you think the John Do test failed; think again. 192.168.0.0 is NOT your IP, but if you want to see what your LAN (your network) looks like, just open a new browser tab, type http://192.168.1.0/admin …or something very close. That’s your internal IP. The first computer connected to it got the suffix “point zero” then as other computers boot, tablets, laptops and smart phones move within the broadcast limits of the router, they get internal adds assigned by the screen you may be looking at for the first time. You should be able to see….
Jaime’s Mac 192.168.1.0
RarRarRatatooville 192.168.1.1
GayPornServer 192.168.1.2
MSOFT ERP 192.168.1.3
MSOFT Sharepoint 192.168.1.4
MyCellPhone 192.168.1.5 ….you get the idea. Oh you don’t have the password? Try “admin” and “password” ….you’d be shocked how often that gets me in. Also “guest” “guest” This info is provided so readers can protect their machines; not use them to spy on boyfriends or steal anything…period, ok? If you have sneak a peak at his cell phone? Sister you got problems already. He cheatin!

fb compatibility test….

a picture of paris at dawn or dusk with the words hashtag pray for paris inscribed over the skyline and signed by chris welke

as we cycle through the changes to style and funtion; dear reader; I wanted to share with you an editorial I piced together in the immediate aftermath of the tragedies in Paris. I snapped 15-odd shots from around social media to show how quickly/disturbingly hateful invective against Muslims was growing. At the moment I put this commentary together and shared it on fb; HATE itself was going viral. My intent was alert my “real-life” friends…ask them to keep an opn mind that they not fall prey to the fear-mongering, hate-mongering, monger-mongering…u get the idea. as much as “dislike” (note — didn’t take bait to be hypocrite and say I “hate” fb; even though technically I do and technically that’s ok w/ this writer morally because fb is a corporate-adevertising-agency-subdivision-og-google-and-not-a-person;….there ok to hate fb) Facebook, I like the way they package prose that has a great deal of pics to illustrate it.

What i’m getting at is…as long as we are “under-construction” I will audit my privacy level on fb, so how well MY fb page can communicate to you VIA The SoCal Picayune…and as always, give the “handshake” between my fb & my wp a check-up.

<h2>wp post: fb–we’re going start with the usual checkup, just cough while I put my finger here…

your browser: *coughs* link to post that may or may not be public–coughing from

“fb Chris Welke #9” aka /facebook.com/chris.welke.9/* TEST!

Coughing TO: you@your_ip using your device, os & browser.

prediction – you will not be able to read (10/18) due to privacy setting on fb

WIP – find a way to embed or mimck a fb “story” of this nature in WP & || customize privacy setting to make stories initially written in fb jive with the site, so there is no rework when creative energy strikes, news breaks, or both</h2>

Ok my browser says you are using an older-model desktop PC, so go back to work dummy! This site is #nsfw, labeled “mature” in the meta-data and contains graphic depictions of truth; reality and (God forgive me) the above FB post; once you are able to read it; is political in nature. You’v beean warned 😉 –ed []

below is a test of another “mobile-freindly” multi-media-enabled advert, this once


Another full redesign is in-process *Caution* Man working ….

I’ve decided to strip down the style and design of the site again. I’ve only just now (after a week on & off) felt satisfied with the new albeit temporary…presentation of this particular node on the Web.
I’ve written a heavy amount of PHP and CSS again, though they are not technically “programming languages” per se, they ARE subject to almost as many quirky dependencies, rules unique unto themselves; which are inviolable and require extensive research and testing to deploy. Hopefully you will find the site a bit more pleasing to the eye, faster, more secure, more responsive and easier to navigate.
In the meantime it is only fair to announce that we are officially “under construction,” so if you see something strange over the next few days, that’s my fault…. I’ve tested about half the “use cases” (things you might do, read, watch, listen to, click on or use in some form or another). Earlier today, the music uploaded to the private section of the site and the archived prototype podcasts vanished, they were unplayable due to bad PHP writing on my part.
I’m 90 percent sure you can watch all videos, listen to all music, podcasts, read all posts, view all artwork/snaphots/pix, read my stories, search the site, click on links and find the content you are looking for easily, quickly and regardless of device, OS, browser, ISP and service type (4g, 3g, WiFi, Ethernet, Cable, DSL …..). Before I drift off tonite, You can be certain that all of the “common use cases” are functional and that within a week, the lesser-used functions (commenting, guest-posting, all sidebar tools) work exactly as you’d expect them to.
Still on the to-do list is MORE formatting and design of the 2015 style and theme…. an audit of all media on the site (delete unused pictures, audio, video, dead links and raw text-data) an audit of all advertisers being served via Google AdWords to ensure compliance with our ethics and MY morals plus an audit of page-load speed. This will include a further dress-down and rewrite of JS, CSS, HTML and PHP. *Phew*
Thank you for hanging with me throughout your tenure as a reader! I’m working on some devastatingly interesting podcasts, stories, news, editorials….and maybe even a decent joke. No promises about bringing the funny, but you KNOW I always try!
For those about to waste time on the Web at The SoCal Picayune (or whatever sites you’d rather NOT acknowledge… “WE SA-LOOOOOT YOU!!!!!!!!!” -Ed

In the meantime, for testing and shameless promotion why not check out one of my soon-to-be-audited, yet generous sponsors? If the redesign is going well, an advertisement will display below, if you visit them, you help to support the site and me personally a great deal–no obligation to do so, or even to LOOK at one of my ads. As part of a long-term promise, there is nothing for sale on this site, so when I hint-hint-wink-wink-wink-nudge-nudge ask you to check out a sponsor I am NOT endorsing their product or suggesting that you spend a penny. A few seconds of your time however…I must confess, I do suggest as an easy way to support those who keep the site running, the hardware it runs on and the crazy publisher that does WAY more work on it than he should. *Ahem* wink-wink-nudge-nudge -From the Publisher’s desk with love, C “T” W


Something Self-Similar ….

see src in post

I named my home-studio “Self-Similarity Studios” because I’ve always had an affinity for things in science and nature that affect this quality. “AS ABOVE …. SO BELOW” Think about a rock. Hold it in your hand…what color is it? What shape does it have? Note that the rock you are holding and a mountain (or significantly large hill) MAY look alike….just on different scales. Two inches of a shoreline, viewed from above, with a few hundred bits of sand – MAY look like … two MILES of shoreline from 100 stories above, with a few hundred large rocks. Rocks, mountains, trees, shells, coastlines….they all exhibit a self-similarity. This is where nature and artificiality intersect and dove-tail in strange and striking ways. (More images, experiments and abstraction forthcoming)

I briefly had access to tools that could render graphics quickly (and cost-free) – this was the Silicon Graphics Lab at Cal Poly, donated by SGI, the lab ran about 30 workstations, each running SPARC SOLARIS 7 and all wired into a mainframe capable of doing the massive amounts of calculations needed to draw a frame (or a million, as in a feature-length CGI-animated motion picture) required to not only calculate and store (print; if need be) but depict images that elicit pure aesthetic beauty.

Ahhh….where Logic and Art intersect. On the chipset just beneath my fingers and the never-ending-thought-machine hard-wired to my skull and backbone.

To me; numbers are a simple, spiritual truth. People use numbers to lie all the time; but one can NEVER be deprived of its “one-ness” Carl Sagan said, “The simplest thought like the concept of the number one; is an elaborate logical underpinning. The brain has it’s own language for testing the elegance and consistency of the world.” One is one. QED.
If WWWIII begins at dawn; two will be a prime number. If x is an odd integer, then x + 2 will also be odd. The square root of 2 will be irrational; The sum of The Cantor Set DsubH will be transcendental. Our universe could be obliterated in an instant, but there will still be five and only five regular solids.*
I don’t know about you but I take comfort in that.

Anyway….I had access to this lab for a year; these machines, combined, would still (many years later) dwarf the computing power of yours or my CPU. These machines were used for Raytracing; most famously 1st used in entertainment/(Art!) by John Laseter; the Academy Award winning producer of the short “Luxo Jr.” (and founder of PIXAR).

a frame from luxo jr
How real does this frame look TO YOU?

Luxo is just a lamp, but it took parallel processors days to make him look up, or turn, or jump. Why? – A raytraced image is a 3D scene (Picture the two lamps)….There is ambient and natural light reflected off them, they also project their own artificial light. That’s a lot of photons bouncing around a simple scene – to make it look real; Laseter perfected a technique whereby:
FOR (EVERY PIXEL ON THE SCREEN)
DO (~a million calculations to determine it’s color in RGB Space)
….or a few billion for one frame
….or difficult-to-express numbers for a 3-min short film.

I never got to build or try a ray-tracer…they took about an hour to render just one frame. Till recently a complete developer environment was required to render computer graphics —Visual Studio, a UNIX lab, Something big and expensive from Microsoft, SGI, Sun — all in my interest faded when I didn’t have access to the tools; I never really got the chance to explore it–I STILL have unsolved problems from back then. Only now can an affordable computer be had, open-source IDE’s set up, and LOGIC be used to make art: Fast and CHEAP.

The featured picture was created using the Processing java template library. If you have the JDK (see column two) you can build things like this yourself.

Here is the SRC (Source Code) It uses (to me) the complex compsci-concept of recursion; whereby by a function (in this case a procedure) calls itself. It will render a slightly different image every-time it runs and is easily customize-able; I hope you enjoy it as much as I enjoyed designing the algorithm
/*Algorithm by cwelke @Tapper7.com for Self-Similarity Studios
Last stable build: using Processing API, JDK 1.8, win8.1 5/26/15
Dist under The GNU Public License - compliant with ANSI/ISO std.*/
void setup(){
size(1000, 700);
background(#0F1A0A);
noStroke();
float dec = 0.6;
selfS(width*dec, height*dec, 400);
}//end setup
void selfS(float x, float y, float sz){
float angle, nx, ny;
//last int is transparency--rand switches tint
fill(lerpColor (#002900, #006600, random(1)), 300);
ellipse(x, y, sz, sz);
float rec = 0.6;
if(sz > 1){//recurse to base::do(while px_sz > 1)
angle = random(TWO_PI);
nx = x + sz*rec * sin(angle);
ny = y + sz*rec * cos(angle);
selfS(nx, ny, sz*rec);
angle = random(TWO_PI);
nx = x + sz*rec * sin(angle);
ny = y + sz*rec * cos(angle);
selfS(nx, ny, sz*rec);
angle = random(TWO_PI);
nx = x + sz*rec * sin(angle);
ny = y + sz*rec * cos(angle);
selfS(nx, ny, sz*rec);
}//endIF
}//end selfS

Here is the program run a second time:

only three parameter changes - colors & size
Run again with three parameter changes – colors & size

As long as we are at it check this out:

a recursive forest snap 1
Real…or Artificial?

Same logic – run a second time:

tree snap 2
Algorithmus Eleganten

The source:
/*orig. src by Zack Marlow-McCarthy*/
//modified, formatted, built, debugged and run by Tapper @Tapper7.com
//last stable build at SSStudios 5/27/15
//Processing API builds on JDK 1.8 running win8.1
//rights+compliance: ANSI/ISO std style, Creative Commons & The GNU Public License
float angleRandom1 = .8;
float angleRandom2 = 1/angleRandom1;
float lengthRandom1 = 1.01;
float lengthRandom2 = .08;
void setup(){
size(800,640);
//blue mist mod 5/27
background(#B2B2FF);
smooth();
}
void draw(){
translate(width/2,height);
rotate(PI);
strokeWeight(0);
if(mousePressed == true){
fill(126,20);
rect(-width/2,0,width,height);
strokeWeight(1);
pushMatrix();
translate(random(-width/2,width/2),0);
rotate(random(-PI/9,PI/9));
branch(30,PI/2, 0,0);
popMatrix();
}
}
void branch(float branchLength,float angle,float startX,float startY){
if(branchLength<1){//base case fill(#004A00); noStroke(); ellipse(startX,startY,5,10); stroke(0); }else{ float randomNess = random(0,100); strokeWeight(branchLength/2); float endX = cos(angle)*branchLength; float endY = sin(angle)*branchLength; line(startX,startY,startX+endX,startY+endY); startX += endX; startY += endY; if(randomNess>0 && randomNess<90){ branch(branchLength/(random(lengthRandom1,lengthRandom1+lengthRandom2)), angle*random(angleRandom1, angleRandom2), startX,startY); }else if(randomNess>=90 && randomNess<94){ branch(branchLength/(random(lengthRandom1,lengthRandom1+lengthRandom2)), angle*random(angleRandom1, angleRandom2),startX,startY); branch(branchLength/(random(lengthRandom1,lengthRandom1+lengthRandom2)), angle*random(angleRandom1, angleRandom2),startX,startY); }else if(randomNess>=94 && randomNess<98){
branch(branchLength/(random(lengthRandom1,lengthRandom1+lengthRandom2)), angle*random(angleRandom1, angleRandom2),startX,startY);
branch(branchLength/(random(lengthRandom1,lengthRandom1+lengthRandom2)), angle*random(angleRandom1, angleRandom2),startX,startY);
branch(branchLength/(random(lengthRandom1,lengthRandom1+lengthRandom2)), angle*random(angleRandom1, angleRandom2),startX,startY);
}else{
branch(branchLength,angle,startX,startY);
}//end else
}//end if
}//end recursion

*Proofs to come….[] -t

*Web Security Notice*

a pic of a black and white (hat) mage pixel rendering from early version of final fantasy

*Internet Security Notice* (Copy of FB post follows):
Dateline – Silicon Valley – and THE WORLD….
To Friends, associates and beloved readers….plz update Java (v1.8u42) when you get a chance….again this is the time when d—–bags will try to get you to update through bogus sites like java32 or 64 or x86 (whatever they are called I will not link to them) Most of you use Chrome which disables most of the security flaws in Java BUT NOT ALL OF THEM. When you have time-update safely: goto java.com
My YT account was compromised YESTERDAY (*sigh again….some “security expert” I am, right?) anyway I changed my Google pswd again I recommend you do the same and find a way to peruse YT WITHOUT logging in, I know this can be annoying but there is another sh—y piece of JavaScript flying around YouTube right now – update 42 should kill it, which is prob. why the good programmers at Java (nee ORACLE) busted out this security update this morning.
As stated in my privacy policy…see the help section of your respective browser (Chrome, Firefox, Safari, …for 95 percent of you) if you wish to disable Java entirely while online. Your user experience will be lowered, sites will load faster, have far less functionality but they WILL be a bit more secure. I recommend getting the update. I posted it above plus links to all Java tools are available [for free] in Column Two of The SoCal Picayune.
That is all – plz update when you have time and as always – get back to work and stop reading my site AT WORK. At least keep the window small (NOT FULL SCREEN) and if you you work in a cubicle farm and DON’T share a cubicle with Ops and MKTG Directors (as I have) just get one of those stick-on rear-view mirrors …you can get ’em at TrueValue Hardware. (TrueValue is an official Tapper-approved Legit business).
Much love; thx for all the support and RT’s on Twitter …all that s—. Love you guys. -t
[]-footer adverts my or may not follow, asynchronous and synchronous .js ads follow:
[test asyn ad]



[test syn ad]

Adverts.js test -or- How to fix truncated Javascript in WP.

A picture of the www.goto.com logo

Subtitle: How to fix a WP crash remotely using FTP.

synban: script keeeps truncating right half of .js embedded content. **Update 12/14 – fixed.**
***Update Dec. 2014*** PHP Flush did the trick…thx Cuz.***

Start by dumping that theme you love so much: bad news…like me you had a few OCD breaks w/ reality and overdid the CSS/JS/HTML4-5 editing to “pretty it up” it’s ok I did it too

1. Choose a new and dressed-down theme.
2. Crack a book on CSS or goto the only free tutorial sponsored by the w3c: and use their CSS Roadmap.
3. Backup your WP data, I suggest an FTP client. You may need to contact your host-server for admin and file-swapNswitch capabilities.
4. Backup your current themes/fxns/data and style before you tear it up. One pHp syntax error and it’s CURTAINS-then you WILL need FTP to get it back up n runnin’
5. If you are not qualified; have your kid do it.

***I owe it to my sponsors to make sure they have access to all of Google’s std lib. of adTypes, so you’ll see mostly ads in this post. This is only a test but the sponsor data displayed is no less relevant.****

***Update Dec. 2014 – 728px exceeds width oftext box. WIP***
Sponsor .js test Horizontal Basic 728×90 follows:
**UPDATE**  dec2014a : 728×90 no good for posts, footer/header only. Ad removed.

Btw after all that shit Content ID put me through for no reason?
May as well fire back:
If you know how to use t0awr@ntz…script:
Xsh%>run \t ^^^^^
Xsh%>browser “HYPTXXfercntrlPrtcll// the(Yarrrrrr!!!!)DOTessee”
Xsh%>inject pr0n.getName || flick.getName || whatevuhz
Xsh%>queryDB
Xsh%>hash etz string[]* argvector V
DO: Raise middle finger in the direction of your choice.

Synchronous Advertisement Test 320×100 follows:


Asynchronous Advertisement Test 320×100 follows: 
**TEST TBC…** Special shoutout to our generous and well-respected advertisers….check ’em out…they were designed FOR you WHEN you visit MY site. The algorithm was written by Goto.com a decade ago, still in use and as close to an AI (Artificially Intelligent) program I have seen to date. GoTo retired on the settlement $ w/ Google. Plz scope out their site; I used it quite often in college.

Credit where credit is due: visit GoTo for searches and to find a nice gift for loved one.goto.com is Tapper7 approved safe, secure, honest and NOT a scam – just legit and hyper-talented webdevs.