Skeptical Science Widget Hacked

ANNOUNCEMENT — Widget Hacked


This is the widget as it appeared during the hack throughout April 1st.

Late last night, we discovered that the Skeptical Science widget website has been hacked. We are working hard to figure out what's going on.

Rest assured that all credentials and data on this site are well secured. The widget is hosted on an entirely separate server, which also — both fortunately and unfortunately — resides with a completely different host.

We do apologize to everyone who hosts and views the widget. If you are hosting the widget on your blog, there is no need to remove it. We will get it working properly soon. It's only a matter of time.

UPDATE (9:20 AM EDT)

We are working with the web hosting service to resolve the issue. For now, we don't really have a handle on how the hacker got control, or why we can't fix the widget.

UPDATE (10:43 AM EDT)

We have some idea now of how the hacker did it.  Doug is running some tests to confirm our theory.

The widget was designed to help to communicate to everyday people how much energy our planet has accumulated as a result of anthropogenic greenhouse gas emissions, and how quickly that energy continues to accumulate.  That rate is equivalent to a startling 4 Hiroshima atomic bombs per second.

The hacker has chosen to replace the well-considered and meaningful metrics on the widget with rather silly and meaningless numbers.  His first choice was one which John jokingly presented at a conference, the metric of kitten sneezes.

Please rest assured that we are doing everything in our power to recover control of the widget server, and to restore the widget to its proper, educational form.

UPDATE (12:26 PM EDT)

Doug's tests didn't pan out, so we're back to square one.  Every time we reset the widget, it gets set back.  Infuriating... Without knowing how he got in, the hacker is able to return at will (or perhaps he/she has a process running in the background, flipping the widget back whenever we correct it).

Our service provider says they have a "nuclear option," but it will mean that the widget, hacked or not, will be down for hours to days while we rebuild the server, so we hope to avoid that course of action.  It will also cost us per hour for their time, and we're not sure we can afford the size of the bill we'd get.

UPDATE (2:28 PM EDT)

We believe we have found a way to keep the hacker out of the system. We'll know soon. We also identified several trojans which were being executed on system start-up.  They were both re-installing the corrupted widget, and also re-installing other trojans.  We are currently working to confirm that we have found all of the trojans, and are hesitant to go the next step until we're certain we've got them all.  If we miss one, it may just restore everything to a corrupted state, and we have to start over.

Thank you for your continued patience.

UPDATE (3:59 PM EDT)

Still working on it.  This stuff is intricate, and there doesn't seem to be any one person who understands every part of what needs to be looked at.

On another note...

The hacker's choice of metrics is, while probably humorous to him (or her), in poor taste.

While originally conceived as a humorous take on the issue, David Appell at Quark Soup correctly pointed out that it is quite cruel.  In order to generate the number of kitten sneezes equivalent to the rate of global warming, every kitten on the planet — more than sixty seven million of them — would need to sneeze at the heinous rate of 110 million times per second.  Obviously, at that rate of sternutation, every kitten on the planet would vaporize itself in a tornadic blast of fur and cuteness.

That's just cruel.

The hacker's other metrics are no better, mocking such core items of Americana as cattle (well, cow farts), Big Macs, Santa, and the tried and true practice a twerking, a once reviled form of dance that will, some day, take it's place with The Tango, The Charleston, and The Twist.

UPDATE (6:05 PM EDT)

We continue to research the problem and wrestle with unexpected issues.  It will probably be a minute before midnight before this is properly resolved and the widget is restored.

Some people at Skeptical Science have taken the time to track down some of the numbers being used in the hacked widget.  The Santa metric is particularly interesting.  The numbers appear to have come from a book titled From Atoms to Galaxies: A Conceptual Physics Approach to Scientific Awareness.  Section 8.1.3, The Physics of Santa Claus, describes many different aspects of the Science of Christmas. 

Among them it evaluates the energy needed for Santa to travel up and down chimneys.  Perhaps the most amazing fact is that Santa must travel at 688,000 mph — faster than 10% of lightspeed — to get up and down all those chimneys in time.  Accelerating him to that speed accounts for the bulk of the energy use, and that is allowing for a blasphemously skinny Santa weighing only 100 kg.

The bovine flatulence metric appears to get the total methane production from Methane Emissions from Cattle, by Johnson and Johnson, 1995, which puts the figure at 80 teragrams per year.   The energy released by combusting methane is easy to find.  Of course, this doesn’t account for increases in cattle populations in the past twenty years.

Other figures are easier to verify.  The hacker at least seems to have done his (or her) homework.

But twerking by itself is just plain wrong.  Mixing twerking with science is an abomination.

UPDATE (7:43 PM EDT)

The widget has been restored to its proper, more scientific and meaningful metrics.

We will review the hacker's work, to determine if there is anything of benefit that we can tease out of his efforts.

For now, however, this affair is (thankfully) over.  We can finally move on with studying and communicating climate science.

Meanwhile, however, the earth's climate continues to absorb heat at the cruelly frightening rate of 7.4 quadrillion kitten sneezes per second.

Posted by Bob Lacatena on Tuesday, 1 April, 2014


Creative Commons License The Skeptical Science website by Skeptical Science is licensed under a Creative Commons Attribution 3.0 Unported License.