Lacatena Provides Details, Proving He’s a Moron

Skeptical Science is now providing some actual detail regarding its claims about having been hacked two years ago. It’s a welcome change. However, the post demonstrates the same stupidity I’ve highlighted before, and that makes it hard to take the post at face value.

The dumbest part is, of course, how it begins:

Part 1 recounts the initial steps of the hacker, and our initial discovery of his intrusion.

No, Part 1 does not recount “the initial steps of the hacker.” It doesn’t recount any of his steps. It doesn’t actually tell us anything the hacker did (other than claiming he used a “Tor browser,” a claim which is unprovable and likely false). It’s like Bob Lacatena hasn’t even read what he wrote.

In a similarly stupid remark, Lacatena writes:

At 4:37 he started looking at the private form, starting with the topic on Moderation. He looked next at the Admin topic, perhaps looking for clues about further administrative functions. Then he looked at General Chat.

At 6:46, he used an administrative panel to alter security on one of the forum topics, the one on Moderation.

At 6:52 PM he began, one by one, opening the topics within the private forum to public access. At 6:59 PM he logged off and accessed a forum thread, verifying that he could read the contents without being logged on.

If someone went through a forum changing the settings on each topic individually, they’d have hundreds to go through. Lacatena is apparently referring to subforums when he says “topics.” It’s similar to the whole “Tor browser” nonsense from his last post. Getting basic terminology right is easy, and it’s difficult to believe the narrative given by a person who can’t do it.

Anyway, the real problem I see is Lacatena seems to misinterpret and/or misrepresent evidence. The most obvious example is he claims:

the presentation of the forum wasn’t right. He confirmed that no, he hadn’t programmed some odd super-admin variation of the pages. He quickly noted that it wasn’t even close to right, because the data necessary to display the page like that would require combining multiple database tables

What. The. ****?

Seriously. Double-u tee eff man?

I don’t have words for the stupidity of this comment. There is absolutely no reason querying multiple tables in a database would indicate anything about whether or not something was “even close to right.” It’s about the most common thing you do when querying a database.

There’s more, but I’ll discuss it in another post. I don’t think I can discuss more of Lacatena’s stupidity in one sitting. I’m too sober to subject my brain to that much abuse.

Advertisements

4 comments

  1. Brandon,

    the data necessary to display the page like that would require combining multiple database tables

    Yeah…. I laughed at that too. I’m not an IT person, but reading stuff from multiple database tables is no more difficult that readiing stuff from individual database tables. It’s like suggesting that something is difficult because it would involve reading page 1 and page 3 of the newspaper! If you know how to read the paper and have access to the paper, it’s generally pretty easy to read multiple pages!

  2. I have to nitpick just a little here. It is harder to read from multiple database tables than from individual ones. At the lowest level, you have to make sure you get the table/column pairs right. That can be screwed up. It can’t you’re only querying one table.

    More importantly, if you query multiple tables, you’ll usually want to combine the results based upon some shared information. You don’t usually query all users and all comments separately. You associate the comments and users in your query.

    That’s done with a thing called joins. They’re not particularly difficult, but it is not a mindless task. I’d wager every person who has written many SQL commands has screwed up their Joins before and gotten duplicated entries because of it.

    But as I said, that’s nitpicking. Querying multiple tables is not difficult at all. Odds are if you took a class on how to manage a database, you’d learn how to query multiple tables the same day you learned how to query a single table.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s