Dear dude who keeps hacking my sites,

Dear dude who keeps hacking my sites,

A lot of people would take this opportunity to rant about hackers being dickheads. I’m not going to do that. It’s unproductive, and it fails to recognize the contributions hackers and ex-hackers have made to society. I firmly believe that a strong community of hackers is part of citizens’ protection from government encroachment on freedom of speech online.

That said, let me tell you why you shouldn’t hack my site.

First, the professional. Regardless of what you think of me personally (though I don’t know if this is whence the maliciousness), SMBC’s success helps a lot of people. I have a part time assistant and a business manager who make an important part of their income off my ad revenue. Whenever you knock down the site (or lessen its traffic by loading trojans), you decrease my income, and thereby decrease my ability to pay for these people.

Additionally, the success of SMBC helps pay for SMBC Theater. SMBC Theater is a project that, on any given weekend, might bring together one or two dozen talented people putting in their spare time for something they love. When you mess with my revenue stream, you also jeopardize that. Again, regardless of how you feel about me or that project, what you’re doing poses potential harm to a lot of nice, intelligent, hard working people.

Whenever you knock down my servers, other websites go down as well. This includes Snowflakes, The Weinerworks, and Weinersmith. All of these are sites that I, James, Chris Jones, and Kelly work on without making much of return, and all of them are educational sites. When you down these, the way I see it, it makes the world a teeny tiny little bit worse.

I don’t consider myself to have a great amount of influence over the way people behave, but in my short career I have the privilege of helping a lot of young people. I’ve gotten countless emails from people saying I helped them through depression, inspired them to take on challenges, and encouraged them to stay in difficult academic programs. I don’t believe for a second that they did these things BECAUSE of me – nobody does anything hard without putting in the bulk of the effort personally. But, I do believe SMBC provides a helpful service to a lot of good people. When you down my site (or any of the others), this goes away.

I suspect a lot of the above could be said about many websites, and that’s sort of my point. I understand hackers who try to get at sensitive information, or who try to harass jerks. I don’t understand what the value is in taking down a site like mine, which provides nothing but jokes and information.

Lastly, whenever you hack my site, it causes a lot of anxiety for me, and for everyone who works with me. Right now, because of this latest attack my brother (who was at work, and who has two lovely kids) had to run home to deal with this problem. In other words – when you attack my site, you’re not just attacking some abstract thing on the Internet. You’re causing physical distress to a lot of people who don’t deserve it.

So please, please just stop.


Zach Weinersmith

tl;dr: When you hack my servers, you distress me and others physically and financially. We’re not a black box – we’re real people. So we’d all take it very kindly if you’d stop.

This entry was posted in Personal and tagged , , . Bookmark the permalink.

24 Responses to Dear dude who keeps hacking my sites,

  1. Aggrazel says:

    Dunno about your particular circumstance, but in my experience most site hacks out there aren’t personal, they are people running a search for a particular security violation and then exploiting it. They’re not after you, they just want to cause as much havoc as possible.

  2. Westicle says:

    I hate to hear that all this happens to you man. I really love your site and hate it when it’s down and can’t distract me from whatever work I’m supposed to actually be doing.

  3. Zach4Pres says:

    I’m sorry to hear this happen Zach. You are awesome and SMBC is awesome. I look forward to that part in my day when I visit SMBC for a bit of humor and creativity. Keep up the good work.

  4. Olax says:

    I almost gasped myself to death this morning when I found out the forum was down. Then I found out that there wasn’t a new comic. There wasn’t even a site.
    Why? I have felt so empty today.

    Please, mr. (or miss) Hacker, please quit your terror.

  5. xeno says:

    You just gotta Independence Day ‘em and reverse engineer the virus…GOLDBLUM STYLE!

  6. Bahumat says:

    Usually it’s not even someone looking to be malicious, these days; usually it’s organized crime funded ‘entrepreneurs’ who are looking for exploitable webpages to offload trojans onto, and thus increase their botnet farms.

    Generally this is handled all by script; I doubt very much any real human interaction was ever involved in dealing with your site by any hacker.

    Honestly though, if damage to your site renders you this vulnerable, securing your server ought to be priority #1. Just as your server being hacked causes you anxiety and distress, so too do your readers feel anxiety and distress if they discover they’re receiving trojans from your site.

    While I love pretty much all of your work, and think you’re a pretty cool dude: Zach, *please* invest in a security firm or consultant to lock your server down appropriately, and protect you (and us) from attacks like this in the future. =\

  7. Edminster says:

    Like Olax, the first thing I noticed was the Forum being down.

    When Zach’s sites get taken down, it’s not just Zach and his crew that are hurt by it, but the community of people from all over the world who call the SMBC Forum home are rendered unable to communicate with each other and share ideas, stories, and general camaraderie.

    Hopefully everything will be restored fine, because otherwise this will be like coming home from the market only to discover your house has burnt to the ground.

  8. Adam says:

    I think it’s fair to assume she’s doing it to piss people off so your post probably eggs her on.

  9. Fabio says:

    I very much doubt this is personal. You have a weak server and some jerk who makes a living working for a “tooth pick, flipped coin legit” business is searching for and exploiting said server.

    If you own the server, your brother should not only fix it, but also install some security upgrades.

  10. Jess says:

    People, don’t blame the victim. Blame the criminals who create and distribute malicious programs and the miscreants who take pleasure in causing problems for others. Sure, security upgrades are useful, but there will always be a new jerk out there to find and exploit the next weakness. Direct your implied blame to the bad guys, not the good guy who brings us SMBC.

    Zach, I’m sorry this happened to you! I’m going to send links to your next comic around work to maybe make up for some of the lost traffic from today. As long as it’s not a dick joke. Because sexual harassment. Eep.

  11. Mark says:

    Not to take away from your post (which I think is excellent by the way), but allow me to digress for a moment back to the technological side of all this…

    The SMBC comic site apparently runs on some type of PHP CMS, but it doesn’t actually seem to make that much use of dynamic content (aside from the discussion forums, which is essentially its own separate thing, right?). I mean, basically we have: an index page showing the latest comics, SMBC Theatre embeds, and news blurbs; permalink pages for each of these items; the archive pages; and an RSS feed or two. I’m going from memory here because the site is down… am I missing anything?

    What I’m getting at is that if you’re satisfied to segregate the forums away from the primary SMBC content, then using PHP (or any other programming language) to directly handle HTTP requests seems to be more of a liability than an asset here, as it’s presumably how you’re getting attacked but it isn’t giving you much in return.

    So why not stick to a static site model? You could use a static content generator to build HTML and RSS for the site as you update, and then you serve that output directly to the general public with a simple, secure web server like Nginx or Cherokee. Your attack surface is tiny because there’s no (Fast)CGI or mod_php program sitting there accepting data from the entire Internet. At that point someone would basically have to find a zero-day exploit in Nginx or Cherokee to attack you, and both daemons have good security track records. Plus your performance will be off the charts with very low memory consumption, serving static pages with either of those.

    This is pretty much how Movable Type works out of the box, for instance, and you can limit access to the dynamic MT admin pages to trusted clients on the web server’s end, via client certs or HTTP basic auth (ideally over SSL). MT isn’t the only or even necessarily best option here, of course; you could even write your own script to do this without too much difficulty.

    The point is, do away with dynamic page generation if possible and you’ll dramatically reduce your attack surface. Then separate the forums from the main site — run it as a different Unix user on the server, or in a separate FreeBSD jail, or even on a separate server — so that even if the forums get hacked, hey, at least SMBC is still up and you’re still getting ad impressions.

    Or am I missing some way in which dynamic page generation is crucial to the main site? (Sorry, I don’t actually browse the site that much, I just go to the home page to view the comic each day.)

    • ZachWeiner says:

      I’m not sure… that’s really Marty’s area, and I’ll see if I can get him to guest blog.

      But, without going into detail, that sort of stuff wasn’t the problem. The hack was a lot deeper.

  12. dehdesh says:

    Did a Google search, because I figured Google would be the first to know anything:

    Came across this:
    (Don’t download the “addon” it’s from one of those maleware distributing sites)

    So it seems, these nut jobs are trying to pull something big off, or that’s what I’m putting together, how else would they make it to the top of the google search?

    Maybe I’m wrong, but it looks kind of connected from where I’m sitting.

  13. keynan says:

    While I agree with the above, I do have a little against your (miss)usage of terms.

    What you are referring to is not called a ‘hacker’, it’s called a ‘cracker’. This term is often used to signify malicious intent and damage. ( )

    A hacker is not really any of these things –

    • ZachWeiner says:

      I’m under the impression that a cracker is a subcategory of hacker. Specifically, a cracker is a hacker who’s a douchebag. No?

      • Keynan says:

        Sort of, and then again no.

        They are not necessarily a sub category of one another, and you can be one without being the second.

        A hacker is a general term which (sort of) means (if you haven’t read the links I provided) a really good computer user, e.g. a very good programmer, a really savvy network administrator etc.
        Or, in better words (from the hacker jargon file):
        “… 6. An expert or enthusiast of any kind. One might be an astronomy hacker, for example.

        7. One who enjoys the intellectual challenge of creatively overcoming or circumventing limitations. …”

        That pretty much covers “Hacker”, and as you can see – not always connected to computers.

        The Cracker is also not necessarily connected to computers, but they do come together most of the times. It’s basically someone who exploits a certain technology, usually (but not always) with malicious intent.

        It also usually goes the other way by the way – crackers who grow up sometimes become hackers in their field. Hackers, I believe, seldom do the transition to the dark side.

        In conclusion, what you (and we all) have experienced earlier was an attack by a *cracker*, probably a snotty nosed kid with nothing better to do than find security holes and backdoors.

  14. tene says:

    Looks like it’s happening again. When i have the website open it tries to randomly open tabs that are obviously fake. Might wanna take the site down again.

    • tene says:

      trying to replicate so i can give better details. not like i have anything better to do at work today.

      • tene says:

        WARNING: do not click on this link. This is one of the tabs that randomly came up while i was browsing through random SMBC comics.

        Again, WARNING DONT CLICK. this is for reference purposes only. Please do not click on it. Please.

        [[[Link removed for safety of readers]]]

    • Marty says:

      Can anybody else confirm this? Tene, can you give me a link?

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>