Saturday, September 01, 2007

Thanks to Blogger.com

My Apologies

On or about Aug 28, 2007, my system was compromised. This resulted in what I understand was offensive content either directly posted on my blog, or perhaps sent to persons in my contacts list. As I had shut down my Internet exposure after discovering that my system had been compromised, I do not know what happened specifically, other than that yesterday, Aug 31, 2007, I learned that the good people at blogger.com had shut down my site for inappropriate content. First I would like to thank the folks at blogger.com for taking this prudent measure, and for correcting the matter within less than 24 hours after I was able to get back onto my account and read their message to me. I never saw a message from blogger on my personal email address, so I was left with no options at first to find out why I couldn't gain access to my Gmail account or my blog, as my Gmail account had also been turned off. It was very frustrating at first, because none of the forms in the security center at blogger.com allowed me to communicate my concern without entering a valid Gmail account, which at first appeared deleted.

However, shortly after I had signed up for another Gmail account, in an attempt to communicate to blogger.com, my original Gmail account became active again, which is when I discovered that they had sent me a message indicating that it had been shutdown, and assured me a human would look at it within a day. To my delight, true to their word, this morning I found my blog back online. I deeply appreciate their rapid response, to what I understand, from their message, was the result of a phishing scam that affected many sites on blogger.com, not just my own. Security is best left to the experts. It is quite humbling to realize you have no 100% effective means of protecting you online identity. I have implemented all blogger.com's suggestions regarding protecting my site, but one can never be certain of anything. I am just very grateful that I have my site hosted by blogger.com, who so effectively handled the problem, even when I was not available. The restoration of my site appears to be complete, from my quick browsing through my various articles. If anyone notices some unusual or inappropriate language in one of my articles or comments, please leave a comment, and I will correct it as quickly as possible.

To those who may have received some sort of spam or offensive material, either from visiting my site, or by email, please accept my apology. I was truly helpless to stop it from happening, and I have tried to implement all prudent measures to prevent it from occurring again, but I assure you that I was trying to prevent a compromise to my system to the best of my ability, and still my private information was exposed. I had an email discussion with my good friend Jens Axel Søgarrd on this matter prior to the event, and we both agreed that there was only so much that one could do, short of going offline completely. As I said before, it was quite humbling to witness personally. The people who do this sort of thing are not amateurs. They exploit vulnerabilities in very sophisticated ways, and in the end, you can only hope that you have done everything you know how to do to prevent it from happening to you.

While I'm apologizing, I would like to say that my last article made mention of a bug I had corrected in the author's code, in the client software for the Quantum Random Number Generator. I recently discovered the author's email reply to me had been sent to an account I rarely use, so I only recently learned that he had corrected me. The code as provided on their site is correct, and it was I that had made a mistake in interpreting it. Amazingly, my port of the code, which included an inaccurate correction to the original, still worked without a problem, most likely because the section of code that I changed involved option handling, and I had hard coded the options that were appropriate for my use, so my use of my buggy code did not expose the problem. I am quite human, and vulnerable to making mistakes. When I become aware of a mistake in an article that I have published, I have and will always post a retraction. It is the only decent thing to do if you wish to be taken seriously. I welcome any corrections anyone finds in my articles, and will publicly admit the misstatement, so that you can be assured that, to the best of my knowledge, what I post is accurate. That is one of the pleasures of presenting this blog to my readers; I get the benefit of peer review, and I have learned more than a few things through the insightful comments left on my articles. Please keep them coming.

Sincerely, with my apologies to anyone affected,

--kyle

4 comments:

Anonymous said...

"It is the only dissent thing to do"

I think you meant, "It is the only decent thing to do"

Kyle Smith said...

Spell checkers don't keep one from using a misspelled version that happens to be a correctly spelled word; just not the one you wanted.

Thanks for the correction.

--kyle

Anonymous said...

Hehe. Spell checkers don't always help you the second time either.

"It is the only descent thing to do"

I still think you meant decent, since that's the only close word that makes sense in context.

Unless your post is descending to depths of which I am unaware. :-)

It seemed like the only decent thing to do, to post another correction :-)

Kyle Smith said...

Thanks again,

Well, that was embarrassing. I guess you can tell, spelling is not one of my strengths. My wife was a national spelling contestant when she was a little girl; now she is a surgeon. I should have her look over what I post from now on.

You can use your name in the comments. I’m not going to be offended that you catch my spelling errors. I'm quite aware of my problem in this area, and more than welcome corrections.

Take care,

--kyle