Just trying out a Google Chrome extension that enables me to post links directly on my blog. The details are here: http://iamfriendly.com/blog/delectable-your-own-private-delicious/
It looks very interesting but it appears I need to make a small theme change to get the most out of it. I’ll have to do that at some later point.
This will be very useful for me to post articles that support my OU research. I do need to do that more for reflection purposes
Filed under Geekery
Hello there. I’m still here but been a little busy recently.
I’ve recently moved the blog to a new server (cloud-based, so that should probably be servers) and I’m yet to import all my old posts. I’ve, er, forgotten where the exported file is…
Anyway, normal service will be resumed shortly. Probably.
In the meantime I’ll be trying out a few more themes. Expect the blog to break. I’ve left error reporting turned on for now so expect some weird messages – I’m using the new beta version of WordPress and things may be a litle rough around the edges
Comments Off
Filed under Geekery
Is that even how you spell malicious? Oh, it is. Anyway, it seems that Google has found some malware hosted on my blog and has thus flagged my site as “potentially dangerous”.
If you’re using Firefox or another browser that checks Google’s list of bad sites you’ll get a a big red page telling you that my site may harm your computer. It won’t and probably didn’t previously but I have found some code inserted into various places.
It’s possible, but unlikely, that my site passwords were hacked. I don’t use easily-guessable passwords these days and I use a plugin called Login Lockdown that prevents multiple login attempts into the admin backend. It’s most likely that another site hosted on the same server is using some insecure script or other and someone prick has managed to get root access, or similarly administrative access, to the server itself.
I had a zero-sized iframe inserted into only one of the links in my blogroll and some malformed javascript inserted into the header and footer php files. Neither of these things were properly written – the syntax was all wrong in both cases – so whoever it was didn’t do a great job, but the URL of a known malware site was left in my source code and Google was able to pick up on that.
It’s good that Google does this, in cahoots with stopbadware.org. It’s a pain for me, in that I need to get my site reviewed again by Google so that it can be taken off the list, but also helpful in that they’ve found the attack for me. I’d have never known about it otherwise, not without scanning the site code and database – and there’s a LOT of code!
I’ve changed all my passwords just in case, along with changing the database name and user password. It shouldn’t happen again, but then you can never really know for certain when you’re using shared hosting.
Filed under Geekery
As is sometimes seen in shops and restaurants: please excuse our appearance while work is in progress.
I’m trying out a few themes at the moment. I go in cycles with this. I’m trying to work out a decent minimalist theme that’s typography-based. The one that’s active now – Wu Wei – appeals to me a great deal but has some formatting issues that I want to work on.
I think I’d like the content to be central, rather than offset to the right, and the post information in a smaller font and off to the left. I think I can do this but I have more important priorities than farting about on my blog. You’ll notice the lack of posts here recently!
I’ve added a lifestream page which shows my twitter, flickr posts etc, but the formatting is currently rather horrible on that too. I’ll tidy that all up once I’ve done all my other jobs.
Alternatively, I may just move on to a different theme if the mood takes me (and it might)
Comments Off
Filed under Geekery
If you’re using a self-hosted blog running WordPress and you haven’t upgraded for a while I would highly recommend upgrading. From the official WordPress blog (by Matt):
A stitch in time saves nine. I couldn’t sew my way out of a bag, but it’s true advice for bloggers as well — a little bit of work on an upgrade now saves a lot of work fixing something later.
Right now there is a worm making its way around old, unpatched versions of WordPress. This particular worm, like many before it, is clever: it registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts.
The tactics are new, but the strategy is not. Where this particular worm messes up is in the “clean up” phase: it doesn’t hide itself well and the blogger notices that all his links are broken, which causes him to dig deeper and notice the extent of the damage. Where worms of old would do childish things like defacing your site, the new ones are silent and invisible, so you only notice them when they screw up (as this one did) or your site gets removed from Google for having spam and malware on it.
All software has bugs. It’s inevitable. Developers can’t possibly write perfect code – the longer a program is the more bugs there are in it. WordPress is a large application and the developers are fixing bugs all the time, but new ones appear with every new feature and no amount of PHP pesticide will ever stamp them completely out.
Where there are bugs there are ways for people to exploit an application, and there have been some nasty exploits around recently.
Matt is right in his post – get your installation upgraded as soon as practical after a new release so that these sorts of exploits can be kept to a minimum
Comments Off
Filed under Geekery
I’m currently having a few problems with my admin backend (not a euphemism) caused by my preferred theme. Something broke along the way to WordPress 2.8.2 and it’s the Woothemes-written theme that’s causing some problems on the create post page.
I can’t add tags or upload media, so I’ve decided to roll back to a previous theme for the time being.
Is it just me or is my use of the English language completely messed up in this post? That’s clearly a product of lack of sleep rather than any programming issues…
Filed under Geekery
Work have very kindly updated our IT clients recently, or are at least in the process of doing so. On Monday I was presented with a rather nice HP laptop, which is my replacement for the ancient IBM Thinkpads that we currently have to put up with.
This new laptop uses Vista, which I’m not so familiar with. I spent the best part of Monday and a bit of Tuesday getting to grips with its differences to XP – of which there are many. It seems quite an improvement, but only time will tell.
It wasn’t long before I wanted to alter the installation to better suit my needs. The hard disk was partitioned into a single drive (C:) and there was no extra partition for data. I think that this is pretty poor practice, in that the best way to configure Windows is to have a smaller partition for the OS and a bigger one for your data; that way if Windows crashes and you need to reinstall you haven’t lost all of your precious files.
Our IT department didn’t think it’s important to do this so I attempted to “fix” this little oversight by using the in-built Vista Disk Management tool to resize my C: Drive and create a new partition for my data. It seemed to do this with no complaints and even continued to work after it had formatted the new space. I copied over my (rather hefty) Outlook .pst file from my old laptop and imported my saved mail messages.
All was fine. Until this afternoon, when I powered the laptop back up. It couldn’t find the operating system. Ooops.
I performed a few diagnostics from the HP BIOS and everything seemed OK. I’d obviously managed to kill my new laptop within 36 hours of receiving it.
Well done me.
I then had to go to the IT guys and explain the situation. They couldn’t understand why I would want to do what I did. Well, I think the installation is inadequate for my needs – but I obviously couldn’t say that to them. They told me that they’d need to re-image the laptop and I could pick it back up tomorrow.
So, a solution but not a great one. It turns out that I could have tried to use the Recovery Console that’s available on a Vista boot disk – but we don’t have any of those; all these laptops are built from an image.
At least I didn’t have a lot of data stored on there, considering that there’s no data partition to protect my information from just this sort of eventuality.
Anyway, I’m not entirely sure why the OS died. The Disk Management tool offers the ability to shrink the C: drive and doesn’t warn of impending boot fail. I suspect that Vista has taken a hand in its own demise, and so it’s more of an assisted suicide on my part rather than an outright murder.
That’s my story and I’m sticking to it.
Comments Off
Filed under Geekery
I was born about six weeks before the first lunar landing. Yes, that was nearly 40 years ago. 40 years!
Despite my birth happening around probably the most exciting event in the history of science I didn’t really start getting into astronomy until fairly recently. I’ve been reading the odd blog post by Phil Plait (the Bad Astronomer, as it were) and since I started reading his posts I’ve been getting more and more into cosmos-related science stuff.
I’ve been recording lots of astronomy programs from the various documentary channels, and while much of these programs are a little gimmicky I do love finding out more about our universe.
The closest astronomical body to our Earth is obviously the Moon. It’s right there in the sky and we still haven’t really found out an awful lot about it. Luckily for us there’s a Japanese satellite orbitting the moon as we speak and they’ve released some absolutely astonishing video clips taken by their HD camera.
Have a look at this one – called Full Earth Rise:
How incredible is that? Take a look at it in full-screen mode. It’s a bit jerky but the view is amazing.
[found via Wil Wheaton]
Comments Off
Filed under Geekery
My quest for a blog theme continues. This time I’m trying out Irresistible by Woo Themes, a rather nice free theme with lots of options.
This includes something that I’ve been after for a while: a lifestream. It’s not that my life is particularly exciting or anything, it’s just that I’ve been wanting to incorporate a feed of my various internet-related activities into one place, and now I have one.
It uses the Lifestream plugin for WordPress and integrates nicely with the custom front page. I also like the option for some Flickr thumbnails in there too.
There are various things that need changing. I’m not happy with the font choices (colour and sizes) and I need to create a new logo, or figure out how to use the blog name instead of an image. These things I can figure out but might take a few days/weeks/months. Expect things to break when I start to arse around with the CSS.
I think I’d also like to make a few changes to the layout, but we’ll see. I’m notoriously fickle when it comes to blog themes and there seems little point in investing lots of time into designing new elements, or changing existing ones too much, if I’m just going to ditch it for something else later on.
I do rather like this one, though. However, I also said that about the previous one. And the one before that
Comments Off
Filed under Geekery
I’ve never really been a fan of Apple’s internet browser. It’s never looked like it’s been finished to me, missing all sorts of features that you can find in the likes of Firefox.
However, Safari Beta 4 is starting to turn my head. It looks rather nice and seems quicker than Firefox 3. Unfortunately, I like to use Delicious to bookmark interesting sites and Safari doesn’t have a Delicious plugin.
Except: it does.
I’ve never seen DeliciousSafari linked to from the Delicious site but it only took a very quick Google to find it. How did I miss this before?
So, OK. I can save my Delicious bookmarks from Safari, but I can I sync my browser bookmarks between machines like I can with the Foxmarks plugin for Firefox?
I didn’t think that I could, but apparently the next iteration of Foxmarks, Xmarks, can.
I’ve installed both of these free plugins and they both seem to work. We’ll see if they’re as fully-featured as the Firefox versions but it’s all looking OK so far.
This doesn’t mean that I’m going to abandon Firefox but I am going to explore my options with Safari. It’s fast and uses Cover Flow to see your browser history (pretty, if not exactly a must-have). I like the current approach to the browser development, although the Windows version is an utter dog. I’ll only be using it on my iMac.
Now, let’s see if I can Google for a Safari version of the NoScript plugin…
Comments Off
Filed under Geekery
