kompromat (or: how I helped lose the election)

Today, as I’ve been relaunching my blog and migrating it from an Amazon EC2 cloud instance to a GoDaddy hosted wordpress account, I’ve been listening to the president elect hyperventilate over recent reports that Russia has compromising information on his business interests and peccadilloes, was at some point prepared to blackmail him, and had regular covert contact with his campaign. Crazy. Even crazier than the widespread reports that Russians used an army of hackers and trolls (especially Edward Snowden and Wikileaks) to help spread disinformation about the election and sabotage Hillary Clinton’s campaign. It’s like we’re living in a mashup of Bridge of Spies and Spies like Us.

But for me, the craziest thing of all is that I seem to have played a (tiny) role.

Let me share a bit more about why I’m moving the site. Recently my domain has been down, and I’d been struggling to figure out why, since the server seemed to be up and running. Worse, I couldn’t access WordPress or even ssh into the site, which meant I couldn’t check and see where the traffic was coming from and I couldn’t export my old posts for relaunch. Not being much of a tech wizard, I set the problem aside sometime over the summer.

Well, I finally gave up, and I’m now reconstructing the old posts by combing through the WP database backups that I was emailing to myself on a weekly basis (this is a PITA, by the way, and means I’m losing all images and documents hosted on the old site; but there’s a great tip on how to pull posts from a WordPress DB here).

Now that the site is up and running again, I thought I’d check in to Google Analytics. I hadn’t thought to look before because, since the site was down, I figured there wouldn’t be anything to track. This is what I found:

 

Check the nationality.

 

And check out the “language” used by my top visitors.

 

So the vast majority of visitors to the site were from Russia (and Kyrgyzstan). And their preferred language was either Russian or something called “Secret.google.com … Vote for Trump!” And the traffic spiked through election day and then collapsed in December.

Finally, if you look at the pages they were visiting, you see several pages that I never placed on the site:

 

 

Now I’m not sure what this all adds up to. They certainly couldn’t have secure shelled into the server itself (I’d done a lot to harden that). My guess is that they found some other way to exploit WordPress and take over the server, including creating content. But I am shocked. I’d be curious how much this tracks what other WordPress hosts saw over the same period. Certainly, it was the last thing I expected.

A few years ago I was complaining that maintaining your own server meant having to fend off increasingly severe and sophisticated attacks from hackers/bots located outside the US (something I’m not really equipped to do). Now it seems clear that this was more than just a hassle — it’s actually dangerous. If you don’t know what you’re doing, you’re basically opening up a channel for others to use against the world.

Sorry, democracy. ¯\_(ツ)_/¯

Surfing the Permanent Revolution: Digital Humanism at NAVSA 2013

This week I’m back from NAVSA. Well — not really back; it was just up the road in Pasadena. But I expect to spend some time nursing this (intellectual) hangover and thinking of the talks that I saw and the questions that were raised there.

Most immediately, it’s clear that digital work has hit the pavement in 19th century studies. Natalie Houston gave a fantastic talk about her “Visual Page” project, which uses Google’s tesseract OCR reader to analyze formal elements in a print corpus of Victorian poetry. It was stunning how much a computer can learn about a poetry collection just from the blank spaces on the page. Maeve Adams gave an intriguing paper that read across key terms in Victorian periodicals as “epistemic communities” and used this to ground a far-reaching argument about formalism in the 19th-century. And Rachel Buurma expanded on her work on Charles Reade and his archives — an eccentric even among archive rats. As she put it, his wildly profuse collections of documents, indexes, and indexes on indexes, add up to archives “on the way to becoming novels.” I’m almost convinced to read more Reade. It doesn’t sound like he would have appreciated YAHOO (I read the marginalia as: “In other words know the contents before you know anything about this”):

On Saturday I participated in a digital roundtable that Anne Helmreich of the Ghetty Foundation organized to field questions about research and pedagogy from conference attendees. The Prezi from my own talk, about some of the tools I’m using in class, (using Facebook as a social CMS and Google Drive for workshops) is posted here. My main point was that English seminars have always been “flipped”: focused on in-class workshopping and intellectual tinkering. Which makes it easy to fold in digital tools. (I take my inspiration here from Jentery Sayers and his Maker Lab.) But I was more interested in hearing what the other panelists and the attendees had to stay about the state of the digital union with C19 studies.

Most questions raised by the participants were about the ins and outs of digital scholarship: how to recruit technical collaborators (find research questions they’re interested in); how to find time and money for the work (no good answer there); how to use statistics (to be avoided while best standards are worked out); how to use undergraduate research more effectively (give them work that is tied to your own research + break projects into discrete chunks). This last point was made by Dermot Ryan, current Undergraduate Research Director at Loyola Marymount. I suspect the dismal statistics for undergraduate research conducted in the humanities at LMU would be matched at USC. It’s a thorny problem. I’ve been thinking about ways to pull undergrads in to my next digital research project. But as I focus on finishing my analogue book, there’s not much I can think of sending undergraduates out for, besides checking references. Clearly this is a problem with hermetic patterns of research. In order to frame more collaborative projects we have to hash research questions into practices that depend less on our own idiosyncratic habits of mind and the idiolects of convenience. We (or at least, I) need to be better at looping others in.

It was also a huge pleasure to meet Petra Dierkes-Thrun and learn more about the “Wilde Decadents” class she’s running at Stanford and its blog. The class generated tremendous interest; the work the students produced was read by visitors from across the globe. I’m frankly envious. She was particularly savvy promoting the course and its Twitter account through academic networks and listserves like the Victoria List.

But perhaps the most intriguing contribution to the roundtable, to my mind, was Andrew Stauffer’s diagnosis of the NINES project. NINES is currently working to redefine itself to better serve the current wave of digital scholarship. As Andrew described it, NINES was originally envisioned as a coordinator and peer-review network for online collections produced by academics — sites like the Rossetti Archive, the Woman Writer’s Project, and Darwin Online. They envisioned an academic internet populated by public research archives. Instead the major commercial publishers and Google have digitized masses of texts and placed them behind paywalls. Gale’s NCCO database is a case in point. A corollary challenge is that NINES’ COLLEX originally provided a solution to the basic problem of finding a CMS to furnish different kinds of academic content. But the widespread adoption of other open source CMSs like OMEKA diminishes the case for further investment in COLLEX. The folks at NINES are now trying to figure out how else they might support digital research — for instance, producing new tools for digital analysis along the lines of DocuScope. I’m looking forward to their public launch of Juxta, which produces a visual codex for textual variants. There’s an undergraduate who’s been asking for a good tool to start DH work with and this looks friendly enough to be promising. Andrew also suggested NINES might start convening seminars which bring humanists and engineers together to test new research avenues. It would be exciting to have an interdisciplinary research seminar that was formatively tied to a technical team rather than an academic department — tied to makers as well as thinkers.

At its heart, NINES is a classic disruption story. It announced a new chapter in 19th-c scholarship when it was launched in 2003 — the same year as NAVSA’s first conference. Both organizations are now at a crossroads (Dino Felluga handed his role as NAVSA’s head and to Marlene Tromp on Saturday). Given the rapid change of our technical tools, no organization or project that locates itself in the digital sphere will we able to avoid a regular reinvention. I spent a considerable amount of time getting the Monk project software up and running for an early experiment with my Darwin analysis. I invested even more time figuring out the Meandre suite, including a trip up to the UVic digital workshop, with hours both in person and via email, drawing on the expertise of Loretta Auvil and Boris Capitanu. That culminated in a single talk at the Seattle MLA on the global network imagined by Oliphant’s novels. The return on investment for this work has been relatively small. And now both Meandre and Monk have exhausted their funding and have begun to recede into history. I’ve just now noticed that “monk-project” is embedded in the permalink for this post — legacy of an early vision for this site.

Like any story, it has been a combination of design and contingency. I’ve been focused on cementing a traditional research profile, using the digital work to keep my hand in, waiting to mount my extended DH project when the book’s off. Each effort has given impulse to that trajectory. It’s still exciting to imagine the tools and methodologies that the next two and ten years will bring. And yet, as I listened to conference attendees ask what it would take to get trained in digital work, how to figure out the appropriate criteria for significance, how to adapt to new technologies — essentially, how to surf a continual revolution — it hit me what DH work signs you up for. A lifetime of fresh tarball installations, cribbed command prompts, endless help pages for new object libraries and bewildering new GUIs. As the tools change we reboot and relearn. We need to be honest about this. Off the top of my head, my current experiments with Python follow upon, in reverse order, exploring Ruby, Java, JavaScript, JQuery and MySQL, XSLT, CSS, VisualBasic, HTML, and TCL (!). This sets aside humdrum life as a sysadmin for OSX, Linux, AmazonAMI, WinXP, MsDos and Unix machines — not to mention WordPress itself. The most rigorous Ph. D. programs require two to three languages, not four or five.

If it sounds like I’m grousing, maybe I am. We need to emphasize the long dead ends as well as the triumphs of DH scholarship when we talk to curious peers. But the big “but” is that, as academics in the humanities, we’re tinkerers by trade — whether on our computers, in the classroom, or at the archive. For my part, I’d be exploring some version of these technologies in any likely case. It’s just so much time wasted stringing zeroes and ones unless I invest this labor in my research. Besides, I want to show my daughter what hacking looks like.

Hacking: WYSIWYG

Two weeks ago I noted that someone had recently tried to get into my WordPress server. My firewall traced the query back to an IP in China, though I don’t have the ability to figure out where it originated from initially. I linked it to news of escalating activity from abroad; it seems that attempts to get into academic networks are sharply on the rise.

Then a week ago my server collapsed under what seemed to be a DDOS attack. I tried to restart it several times, but everytime I got the server back up it was swamped with traffic. I’ve spent a good eight hours now launching a new server and migrating over content from a backup. Most of my posts are back, but I lost the last year’s worth of images. I’ve only been able to recreate or restore about half.

It’s all kind of creepy. And it may be beyond my capacity to try and stay on top of escalating security problems on a private blog. Apparently there’s a botnet that’s been hacking WordPress servers generally for the last several months. I like having my own site; I like the ability to post whatever content I want and try out different kinds of server technologies; my Omeka-based class last year depended on this capacity. But the bar is getting higher.

The Perils of Certain WordPress Servers

Right now I’m flying back from the Seattle MLA, where I gave two talks, including the one that I’ve been writing about below. I’ll share some of those materials shortly. But I noticed this morning that the server had crashed and it took me some time to sort it out. And I realized that, even though I back up the blog, I’d never backed up the server itself using Amazon’s image-making service. Pretty dumb. That’s fixed now, but I’m also going to figure out a way to set up a test for the website so that I get an email if it goes down again. Probably a good thing to work out as I head into this semester, when I’ll be hosting and supporting an OMEKA server for my Historical Fiction and Fantasy class. More soon.

(As a side note, it’s pretty remarkable that I can now get into my server and get it up and running at twenty thousand feet. Age of wonder, indeed.)