COMMAND LINE WARRIORS

Taking Control of your Own Technology

  • RSS-Button

Command Line Warriors

26 July 2007

An acquaintance of mine who is not a geek or a hacker, asked me to explain the meaning of my blog title, and what were all these alien words about, 'Command-line', 'Linux', 'Python' and so on. For the latter question, they need to read the whole blog. It is the answer to the first question, the title, that this short post in going to cover, I offer one possible answer.

As regular readers will know, there are two aspects to the term 'Command Line Warriors'. As well as the computing metaphor, you type a word and the computer does something; 'Command' has an older, more militaristic meaning, e.g. 'chain of command', 'commander' and you have the 'front line' and the 'command line' and so on.

A military commander cannot just march with the troops, he has to be clear about his aims while paying attention to all the relevant environmental factors on the ground that can affect and inform his strategy. The commander cannot just buy some weapons then wait around and hope for the best, it is up to him to go out and win victories.

Likewise, to take command of technology is more than just being a user of technology, it is to think about the overall environment and to adopt a strategy; it is to actively participate in determining the nature of our technological future rather than to passively consume what you are given.

The narrow meaning of 'command line warrior' is someone proficient in using the Unix/Linux shell. The broader meaning is someone who is willing to take the extra time and effort to think through and take control of all the technology that is entering into our daily lives; to make sure that our freedoms, hard-fought for on the battle field, protest rally and ballot box, are not quietly surrendered in the digital age, but instead freedom must be at the very foundation of technology itself.

That is my answer, please do feel free to leave me your interpretation of the title in the comments.

1 Michael Trausch says...

I just added your blog to my Google Reader a couple of days ago, and I must say that I was rather happy to see this post, particularly the second-to-last paragraph. Freedom is the entire reason that I use Linux and other freely available Unix-like operating systems, and it is certainly freedom that drives me to use the shell (I often want to do things that GUI programmers haven't considered, for example; the command line is a very liberating place to just get things done for me).

Posted at 1:45 a.m. on July 26, 2007


2 sheng says...

in geek world, the question should be answered by - man "Command Line Warriors"

Posted at 6:02 p.m. on July 27, 2007


3 Zeth says...

Out of interest, here is the description that was in the right hand side bar of the old site design:

Command Line Warriors is about taking control of your own technology, it looks at our experiences of computing; especially computing using GNU/Linux, often using the command line and other textual means, but also other issues such as ethics, best practices and whatever is cool now. If you take control of your technology then you are a Warrior too!

This site is your site too which means that you can contribute and get involved. You can leave comments using the facility provided. For me, the comments and discussions are by far the best part of the site. So please do have your say.

Posted at 12:47 p.m. on September 17, 2007


4 Brock Noland says...

Michael,

"the command line is a very liberating place to just get things done for me"

Thanks the insight. I have never described my love for the command line as liberating. After reading your comment I realized my love stems from the freedom the command line allows me.

Brock

Posted at 10:56 p.m. on October 16, 2007


5 Brock Noland says...

Woops, and why I came to the about page....Zeth you must have gotten dugg or /.'ed or something in August. I was bumming around and ended up at alexa's traffic site. Your "read" (whatever that means) exploded in August. Just out of curiosity, what post was it?

Posted at 11:02 p.m. on October 16, 2007


What do you have to say?


About

Hello, my name is Zeth, I'll be your host here.

Command Line Warriors is about taking control of your own technology, it looks at our experiences of computing; especially using GNU/Linux, the Python programming language, the command-line and issues such as techno-ethics, best practices and whatever is cool now. If you take control of your technology then you are a Warrior too!

This site is your site too which means that you can contribute and get involved. You can leave comments using the facility provided. For me, the comments and discussions are by far the best part of the site. So please do have your say!

Latest Discussions

Zeth

May 16, 2008
To Anonymous, I tried your script with some old SSH keys and it did not manage to break into an apparently vulnerable system. 1. The script requires a known username. My system did not allow root logins. 2. After failed three logins, the script's IP address got added to deny hosts.
Swap out your ssh keys

Zeth

May 16, 2008
To Anonymous, I said to do three things: 1. Accept the update. 2. Replace your keys. 3. Don't *have a panic attack about it.* And I still stand by that. Most non-technical users won't even be using openssh-server. While the update, blacklists and instructions on how to regenerate comes down automatically for those that do. Indeed, I think this episode shows how fast the free/open source community can move. Everytime the open source software has a panic attack over an in-theory, technically possible, but not actually being used, 'exploit', then proprietary software people say "Look their software is no better, it is just as insecure as ours". However, that is not true. There is a range of exploits, from theoretically possible with some serious preparation and knowledge about the target system, through to automated attacks that will work against any machine without the need for knowledge about it.
Swap out your ssh keys

Anonymous

May 15, 2008
Like stefano says, you are being VERY irresponsible by downplaying this as only "theoretically possible with a supercomputer". Linked on the page stefano mentioned is this: http://milw0rm.com/exploits/5622 That will break into your computer in a couple hours is you're using public-key logins, which are considered the safest kind, and are used on many, many machines that are supposed to be extra secure. This is a horrible, horrible problem, and dismissing it does nobody any favours. I'd really suggest you re-write this article to accurately portray how serious the problem is.
Swap out your ssh keys

Ryan

May 15, 2008
Yeah, good layout too. Very clear. :) Better than the last, in fact! I'm another python/django nerd, so I'll be listening even more now. I guess one of the things that's inspiring about Django is they're concerned pretty hardcore with security fixes. Just this week, an email came out and they released new sub-versions for each major Django release to include the fix. Very awesome. For your blog post model, what did you do for entering posts? Do you still use the default admin interface, or did you make your own views for posting and whatnot? I haven't looked into it much, but does django automatically include much in the way of wysiwyg text editors for text fields?
How not to program WSGI

stefano

May 15, 2008
Apparently the bug makes a brute-force attack much easier than "theoretically possible with a supercomputer". http://metasploit.com/users/hdm/tools/debian-openssl/ It looks that the buggy code used the process ID as seed for generating the key, and there might only be 32,768 process IDs. Furthermore not all process ID are equally possible and one could use a range of 1000-3000 seeds and having a very high chance of producing a valid key.
Swap out your ssh keys

Bug

May 15, 2008
@txwikinger: Thing is, I don't use Ubuntu and I can't remember where did I generate my key [I'm using Archlinux]. @Zeth: You should add the number of comments to the front page.
Swap out your ssh keys

Kennon

May 15, 2008
The openssh-blacklist debian package (now available, and required for the latest version of openssh-client and openssh-server) is now available. You should: apt-get update apt-get install openssh-blacklist apt-get upgrade After that you'll have the ssh-vulnkey utility and can check.
Swap out your ssh keys

Krispy

May 15, 2008
mkc: debian only provided blacklists for 2048 bit RSA keys and 1024 bit DSA keys. If your key isn't one of those two types, then the blacklist isn't provided in the package. You can download one here: http://metasploit.com/users/hdm/tools/debian-openssl/ but it is nearly 100MB
Swap out your ssh keys

Ed

May 15, 2008
@Cristian: it applies to keys. If you generated a key on Ubuntu and then put it in authorized_keys on Fedora, it's possible that someone could brute force their way in to the Fedora server.
Swap out your ssh keys

Cristian

May 14, 2008
This vulnerability only applies to ssh servers, right? Aren't they the ones that generate the keys? So if my client is Ubuntu and the server is Fedora everything's okay?
Swap out your ssh keys

Made with Django. Creative Commons License Valid XHTML 1.0 Strict