Category Archives: Troubleshooting

Techsmith Delivers Best Tools for Creating Screenshots and Video Tutorials

Did you ever want to show someone an error message on your computer or how you fixed something? Techsmith has a suite of amazing tools that make taking screenshots and doing video tutorials easy!

Continue reading

Norm Coleman Website Crash Exposes Database and Email Lists

What’s worse than losing a Minnesota Senate race?

Losing your website’s entire database, that’s what.  As if claiming your website was brought down by too much traffic wasn’t bad enough, Norm Coleman’s website received a second round of criticism when I found a database file sitting in a directory that anyone could download…

I first picked up this story from @Chuckumentary on Twitter about Norm Coleman’s office saying their website had been “inundated by tens of thousands of hits today – temporarily crashing the website.” Of course that got me curious as an IT consultant and I went to check it out.  Aaron Landry broke this story because previous website traffic reports and the location of the domain name didn’t match up.  Paul Schmelzer at the Minnesota Independent picked up the story which is where I first saw it.

Norm Coleman’s website crash revealing a database full of supporters is now known as Crashgate.


Update 7: How ironic is it that January 28th, the day I posted this was also Data Privacy Day?

Update 6: Interviewed by MPR Coleman warns donors after data breach

Update 5: Interviewed on The Rachel Maddow Show, MSNBC

Update 4: Interviewed by MN Independent Coleman’s site wasn’t ‘hacked,’ says IT pro who discovered donor breach

Update 3: Blog Post  Breaking: Coleman’s unsecured donor database revealed on Wikileaks

Update 2: Blog Post  Who is Searching Google for Norm Coleman’s Database?

Update 1:  Wikileaks.org is putting Norm Coleman’s business out on the Internet.


Curious, I wanted to see where the domain was currently pointing.  I used OpenDNS.com’s cache check to identify the current ip address of 208.42.168.251 and then loaded that address into my web browser.

Screenshot of opendns.com information for colemanforsenate.com

I had to see what all the fuss was about.  Was there really an attempt to bring down the website due to political unrest with these ballots in my state?  Were the allegations of a poorly coded website true?

What I got instead was a plain text listing of directories…

The Database of Norm Coleman

Wowza.  As I was tooling around in the directories, I saw a database file.  I thought, “That’s not right.”  I began taking screenshots and uploading them to Flickr.  I didn’t know what the database contained but hoped there wasn’t financial information in that database.  I figured it was a list of email addresses for Norm Coleman supporters and staff but I did not download it find out.  Did you download the database?

There is a term known as “Google Hacking” where you can actually search for files that people have on sites and ftp areas that have names like “passwords.txt”, “backup.tar.gz”.  Eeek!  Backups should be stored above the “root” folder that is shared out to the internet.  This is showing up because the server located at http://208.42.168.251 was not told to restrict directories from the web.

All photos are licensed under Creative Commons.
Norm Coleman database photos on Flickr

I wonder how much user information is in this database at colemanforsenate.com?

I began posting links to the photos on the blogs of the Minnesota Independent and Minpublius to bring awareness to what I had found.  Would I have done the same if this were a democrat?  Probably.  For me, it’s about computer security and data privacy, not about political affliation.

You can become Norm Coleman’s Website Admin

I will give them the benefit of the doubt and assume I was only able to get here because the website is not functioning.  Below you can see that I could enter an email address, name and password and if this site was working, it would create an administrator in the database.  I found similar files to edit and delete records as well.  Being able to write to the database like this from a form should require an authenticated and active session but I can’t see the code so I don’t know.

wow, is it this easy to create an admin account at colemanforsenate.com?

Indexing of directories is turned on

This is a security risk.  I would hope they have .htaccess files in place to restrict access to the admin directory and that index listings are turned off for the current site.

directory of colemanforsenate.com at ip address 208.42.168.251

Website errors show you configuration file locations

You see errors like this a lot on Joomla websites when there is a problem connecting to the database, there is a permissions issue on a file or when files are missing.

Incorrectly configured Linux server to blame? colemanforsenate.com

Missing log files

This directory is empty.  It doesn’t mean there are no log files (deleted?)

why is this directory for log files empty on the colemanforsenate.com website?

Site is down again

So, the site is being reported by OpenDNS.com as down again and I am getting the same info at DNSStuff.com too.

colemanforsenate.com is back down again accordin to OpenDNS.com

The moral of the story is that you should hire computer and website professionals who understand technology.  You should plan and develop a strategy for downtime and problems.  Don’t put all your eggs into one basket with one website programmer.  If he or she is hit by a truck (or something goes wrong on the website and they have no recourse to help you.

Resources to protect your data

Minnesota Law on Data Security Breach Notification, Statute 325E.61 – This describes what needs to be lost for a company to notify you and how they must go about doing it. Unfortunately, it seems a company can lose your full name, address, income, number of children and previous purchases BUT not be required to tell you. (Disclaimer: I am not a lawyer)

Data Security Breaches in the US 2005, 2006, 2007, 2008, 2009 – Check to see if a school you attended, a doctor you saw, an employer, your local Veterans office, your bank, your utility company, your library or even a hotel you stayed at is listed here.

Resources for website security

The Importance of Web Application Scanning – Acunetix makes an application that can scan websites for vulnerabilities.  There is a free version that will check for XSS (Think back to when Barack Obama’s website redirected to Hillary Clinton’s).

3 Common Website Security Problems – This article from Georgetown University  summarizes how issues on Norm Coleman’s site could have been addressed before “Crashgate”, especially this one on unsecured files and databases:

Unsecured files and databases

When setting up your web site or application, make sure that any files that contain data that is not intended to be public (such as information about people) are not located in public web folders. Do not place such files in folders with the belief that because you are not linking to them, a user cannot find them.

  • Files (such as Access databases) that are datasources for your application must be located in a non-web-accessible folder (the web_datasources folder in your hosting account).
  • Other files that contain data used by the application should also be located in a non-web-accessible folder.
  • Other files that contain non-public information should be placed in a folder that is access restricted using a .htaccess file or other web server access restriction.

Update 12:12am 1/29/2009

Folks, the directory listing for colemanforsenator.com has been replaced with a login box.  But…we know what’s behind the curtain now.

Login box replaces 205mb database on colemanforsenate.com

Update 5:40pm 1/29/2009

Stay tuned for video posting from the 1/29/2009 lifestream:

“Norm Coleman’s Database”

  • why the database was available
  • what it contained
  • how website developers and companies can work to prevent this from happening
  • and take questions from viewers

Update 11:11pm 1/29/2009

Number of hits to the post 54

Photo stats for the post
I wonder how much user information is in this database at colemanforsenate.com? 1,458 views
You can become Norm Coleman’s Website Administrator at colemanforsenate.com 290 views

Current rumors
The database contains social security numbers
The database contains credit card information (POST data)

Update 6:54pm 1/30/2009

Number of hits to the post 610
In-Progress Video of “Norm Coleman’s Database: What Happened and Why”

Post picked up on:
Politics in Minnesota – Epic recount website fail: One Dot One Dot One Dot One

Thanks to Ben for picking out the incorrect use of “then” when I should have used “than” in the header “What’s worse than losing a Minnesota Sentate race?”

FYI: If you enter a fake looking email address with your comment, I will probably not approve it. If you want to share something with me offline, use the contact page. Thanks!

Question from Dennis
What does “Awaiting Moderation Mean? Where’s my comment?

Answer
I did not publish your comment because there was NOTHING technical in it. I have published comments that:

      * indicate how they feel about the info being released
      * indicate how they feel about what I did as an IT person doing this
      * ask questions related to the technology aspect of the Norm Coleman database
      * share personal stories on how this affected them
      * thank me for my efforts
      * support me for taking initiative
    * judge, criticize and blame me for making the wrong choice

If you just want to harp on Democrats vs Republicans and Norm Coleman vs Al Franken, you should go to a political blog and do that.

Did interview with PJTV, conservative focused online media site (PajamasTV)

Article at ChannelWeb, Serious Security Flaw Discovered In Less Than 2 Minutes On U.S. Senator’s Web Site

Excerpt from resume of website developer who created Colemanforsenate.com website:

ColemanForSenate.com
* Developed a custom content management system from the ground up in PHP

New Video is up! Live: Coleman Question and Answer after The Rachel Maddow Show 3/14/2009 12:45am CST

Blog Post MN Independent Coleman donors express ‘extreme anger,’ fear, worry after breach

YouTube video: How I Found Norm Coleman’s Website Database in 2 Minutes

Best quote to me on the phone: “I just hung on the secret service to talk to you” — unnamed reporter

Lifestream video : I explain what went wrong and answer questions about the Norm Coleman’s website

How to Perform CPR on a Keyboard


Photo Credit: john_a_ward
It’s finally happened!  There is coffee spilled all over your keyboard.  In order to save your keyboard, you need to act fast.  This can work for a regular keyboard, laptop or wireless model.
update: one week later and my keyboard is doing great!

Items you need

  • Paper Towels (a lot!)
  • Windex glass cleaner
  • Blowdryer
  • A clean paintbrush
  • Rubbing Alcohol

Just like a paramedic, the first thing you need to do is stabilize the patient

1. Turn the keyboard upside down so the keys are facing the floor.
2. Unplug the keyboard from your computer.
3. Pull off a handful of paper towels (about 5) and lay them down on a flat surface.
4. Lift the keyboard and place it on top of the papers towels.
5. Holding the keyboard in one hand (still facing down) and the mass of paper towels in the other hand, swiftly hit the keyboard against your hand to draw out as much sticky liquid as possible.  Do this a few times and freshen up with new paper towels.

Now Revive the patient

6. Now turn the keyboard so it’s on the short side and spray the Windex a few times.    Repeat step 5 to draw out the Coffee/Windex liquid.  The goal is to start diluting the remaining coffee.  Most modern keyboards have a thin plastic barrier between the keys and the circuit board.  You are now working to prevent further damage.
7.  Switch the keyboard on the other short end and repeat step 6.  The goal is to not let the liquid pool.
8. If you’re lucky enough to have a clean paintbrush on hand (Think Gattaca), begin to draw the brush the long way between the rows of keys.  This will help to draw the liquid away from the key springs.  Wipe the brush off on a paper towel.  Keep the keyboard moving.
9. If you’re also lucky enough to have rubbing alcohol, repeat steps 6 and 8 with rubbing alcohol.  This will start the drying process.
10. Take the keyboard and paintbrush to meet Mr. Blowdryer.  Hold the keyboard facing down while you alternate between hot and cool air.  I put the keyboard between my knees for this part.  Run your free hand across the keys the long way back and forth.  This will keep the keys from getting stuck and help work the Windex and rubbing alcohol in.

Check for Vitals

11. Take a look at the keyboard and try a few keys.  There may be certain keys like “Shift” or “Enter” that are sticky.  Repeat the above process again on the entire keyboard and then spot treat.

Results

I was able to save my keyboard tonight by doing this and am typing this blog post on said keyboard.  I am feeling some key stickiness so I plan to repeat the above process but I will surely be putting in an order a new keyboard from Newegg next week!
Did this work for you?  Did you tweak it?  Let me know!