28 Comments
What you should see
And by cooties, we mean it’s been hacked and infected by malware. Bwog is staffed by hopelessly computer-illiterate History majors, so we turned to one of our backend tech gurus to explain why you should stay the fuck away from WikiCU until told otherwise.
It’s all about how dangerous malware could be. While most people will get a giant red screen in Chrome telling them that they’re about to get redirected to a malware site, many won’t see a warning like this. Who knows what this malware does, it could potentially be malware trying to infect other computers on the network. Suddenly people who didn’t visit the site are getting attacked from computers that did. What happens is a network effect where it spreads throughout campus infecting computers that are vulnerable. Unless you have every recent security patch, you’re at risk. It could be massively annoying for everyone involved.
Sound like the beginning of a bad zombie movie to anyone else?
Loading …
28 Comments
@Anonymous Just another reason I love Chrome.
@Anonymous wikicu is outdated shit anyway. I realized several months back they just have the same contributors and there is no open way to add others. Just as an example, their spring-break gym hours are way off.
@Former editor Of course it’s outdated. That’s the kinda thing that needs an active an steady editor group. Those of us who started back in 2007 were mostly ’07-’08 and a bit of a roving band. Initially the idea was to have that kind of up to date reference material. There was even an attempt to catalogue all the vending machines on campus, etc. Eventually we graduated and couldn’t keep up with that. So most of our efforts went into recording lore, history, and other stuff that didn’t change or that would be quickly forgotten.
Did you know there was a minor scandal and Spec exposé re the northwest corner building and the athletics department? Check the NoCo article. Do you know about all the religious symbolism in the school seal? Read about it in the University Seal article. Do you know what the Columbia Oval is? Neither did I. Read about it on WikiCU. Or about our school songs. Or our school colors. Or about the funded-but-never-built Pell Hall. Or Moe Berg. Or our gloriois history of Dropouts. Or Emily Lloyd. Or the original College Hall. Or … It’s not comprehensive but we wrote about what interested us, so that the things we learned would be recorded and not forgotten.
Hopefully this malware issue gets fixed. I may not contribute much, but I’d hate to see such an effort of dedicated alumni and students go to waste.
@Hey, Bwog want to think about disconnecting or hiding the link to WikiCU until it’s fixed?
@Anonymous If WikiCU put up an XML dump of the whole site (or a MySQL dump, for that matter), I’d be glad to host a non-malware-y one.
@HTML Jockey Well, the code got removed automatically from my post; what needs to be removed is the line (second from end) that conains:
script src [equals sign, quotation mark, http, colon, two diagonals]sweepstakesandcontestsdo.com/mm.php?d=1[quotation mark, etc,etc.]
@Anonymous Jockey! Get it off me!
Oh my god it’s riding him!
@Anonymous Just don’t wake the witch
@Anonymous startle
@HTML Jockey All that WikiCU needs to do is remove the following line from the source code of its main page (it’s the second to last line on the page):
That’s not really so hard to do, is it?
@charlie No, this is false… first of all, the malicious code is present on all WikiCU pages, not just the main page. Secondly, that source code is all generated dynamically by MediaWiki. The offending code is probably obfuscated as an eval(base64(“(enormous string of letter and numbers)”)) statement that has probably been inserted in all of the PHP files on the WikiCU server. Very likely there is a backdoor planted as well. The WikiCU administrators need to remove any unknown PHP files on their server, remove these malicious (and probably obfuscated) lines from all files on their server, and then take steps to secure their server against further access.
@CC'11 I doubt it. Hacks are rarely that sophisticated, they probably just put it in the header template. Or in the database directly. If you Google any of the date table names from the mysql database in MySQL you get pages and pages of unprotected PHPMyAdmins… scary
@charlie I would agree that most attacks perpetrated by a single user on a single target tend not to have those features, but in this case the attack is clearly part of a larger campaign and very likely perpetrated by a script attacking hundreds of websites with little or no human interaction. This is why I suggest that it is probably in all PHP files on the server — it’s much easier to write a script that simply injects itself into all PHP files instead of one that must pick the “correct” file for injection, and might miss and hit the wrong file. The obfuscation is just a guess, but from what I’ve seen this type of obfuscation is very common in modern campaigns because it is easy to perform and makes the malicious code much easier to hide.
@Anonymous “Bwog is staffed by hopelessly computer-illiterate History majors”
i lol’ed so hard i was worried i woke up my grandparents.
Love,
Concerned giggler in a Florida retirement community… who has nothing better to do at midnight during spring break than reread bwog articles…because she’s staying in a Florida retirement community…
@Lord, no! how will incoming freshmen get their knowledge now? A batch of fools, we’ll have! Ignorant, pot-bellied fools!
@Anonymous wikicu has been like that for a while. it also redirects you to weird sites for some reason.
@Exactly. I was just thinking of emailing them about this yesterday, when upon accessing their website I discovered that it was no coincidence that my computer was infected with malware the last time I checked one of their pages…
@bot love the tags, but *too old, Bwog. s’cool though, we is all humens and shit.
@Anonymous Save us CUIT!
@CUIT (quietly whispers) No.
@Anonymous The world will look up and shout, “Save us.” And I’ll whisper, “No.”
@Anonymous good job providing us with a worse version of the joke above yours…
@Anonymous WikiCU is a independent and privately-run website.
Also, WikiCU is run by and moderated by incompetent people, who allow entries to be the self-promotional platforms for their “contributors”,while refusing to expand their contributor pool.
@Anonymous We should start our own Wikia page like all other independent wikis. Open source platform so none of this shit happens.
@... why don’t you go back to the obama/barnard page and throw some more temper tantrums? it is abundantly apparent that you have no idea what the fuck an “open source platform” is and it’s probably best for everyone if you just stick to what you know…
@whoa I think you may need to calm down slightly.
@person It says on WikiCU it’s all under the GNU Free Documentation License. If someone wanted to fork the entire project under the same license, they have every right (except for the photos WikiCU uses which they don’t have a right for but could justify Wikipedia style – see the explanation for why they can use this: http://en.wikipedia.org/wiki/File:HanSolo.jpg).
@Help me obi wan kenobi …YOU’RE MY ONLY HOPE