Posted August 5th, 2010, in: Ideas, Observations, Opinions, Rants Etc| Technology| WordPress

Badass.  Just looked at his site and the Footer of the site says:

Copyright © 2010 Dr. Dre “Detox” – The most anticipated Hip Hop album ever. Running on WordPress | Theme developed by rsuog.

Cool.  WordPress is big.

Permalink - Leave a Comment (0)

Posted June 21st, 2010, in: 1| Ideas, Observations, Opinions, Rants Etc| Technology| Videos| WordPress

From the WP Dev Blog, Matt Mullenweg giving his ‘State of the Word’ presentation.  Very cool.   I’m really excited about where WordPress is going.

Permalink - Leave a Comment (0)

Posted April 26th, 2010, in: Evil Robots| Scam Email Mashups| Spam and Scams

The following is an Email I got from Hanna Mae, mae@moonaconsulting.com.  It looks like a phishing scam to me.  It contains the following takedown notice. The picture is the face of Vivek Moona, who runs Moona Consulting in Amsterdam, according to LinkedIN.  I don’t know if they are legit or not.

UDPATE: a few weeks after posting this, I got an email from the owner of the site this email claims to be from.  He says they had nothing to do with these phishing scam emails.  The message I got from him is at the bottom of this post.

Subject: Contract terms have been breached.

8 April, 2010

Hello,

It has come to our attention that you are republishing original content from our website on your website.
Your unauthorized use of original material from our website is in violation of copyrights owned by us.
If you do not immediately remove the copyrighted material from your website, and notify us in writing
that you have done so, we will have no choice but to pursue legal action against you.
We require the copyrighted material to be removed and written notice given that such has been removed,
by no later than May 1, 2010. Attached is a list of the copyrighted material that you are infriging on.
It contains links to the copyrighted material that you are using.

Sincerely,

CASE ID: 7714338

[Attached was a Word doc which says:]

(double click to view)

embedded you will find the law suit documents that

we wish to present in court.

Thank you

[It seems this is a phishing scam.  They want me to launch an embedded app or something.]

[now here's the response I got to this post from the site's owner.]

Permalink - Leave a Comment (6)

Posted April 26th, 2010, in: 1| Ideas, Observations, Opinions, Rants Etc| Technology

I’ve decided to turn off the software I have running that automatically tweets to twitter every time I post something to my blog (I use Twitter Tools for WordPress).  Twitter, in turn, notifies Facebook.

Having more of an automatic audience (facebook friends) makes me feel less like writing and publishing the  things that are on my mind. I am shy.

So goodbye.  (You can always subscribe to my email newsletter or to the rss feed if you want to know every time I post something)

-Andrew

Maybe what I will do instead is leave it so Twitter gets the blog updates, but Facebook doesn’t get updated by Twitter.

Permalink - Leave a Comment (0)

Posted April 15th, 2010, in: Computer Problems and Fixes| Evil Robots| Ideas, Observations, Opinions, Rants Etc| Reviews & Thoughts About Products| Technology| WordPress

When I get asked for help with an attack on a WordPress site, it’s often on the same few hosting providers.  And when it’s not, it’s usually a small, local hosting provider.  When I have spoken to the staff of one of these hosting providers, about what seems to only occur in these few situations, they never take responsibility for having oddball server settings. And it’s not uncommon for them to actually blame their customers for using WordPress in the first place!

Some of the more popular Hosting Providers that seem to have more trouble than others with WordPress malware attacks in the past two years (in my experience) are Network Solutions and IX Web Hosting. And in general, hosting providers that have a lot of issues with malware affecting WordPress sites either

• Have screwy server settings that tempt developers to take risks with file permissions, or
• Have vulnerabilities that allow malware to sneak from one hosting account to another

As for some of the local, ma ‘n’ pa providers I’ve had problems with, I’m not going to hit them when they’re down by naming names.  But let me just say this: Buying local isn’t necessarily a good idea when it comes to hosting. It’s often the worst thing you can do.  You usually get crappy support, a high price, a non-standard product, and to make things even worse, you also often get a territorial ‘server guy’ who wants to blame any technical problems on the customer and not take responsibility for anything.

I can imagine being a hosting provider and not wanting to change how I do things just because a few of my customers want to run some weird PHP software they found somewhere.  But WordPress is hardly obscure anymore. And although I could be wrong, it seems that the server settings required for a smooth, safe ride with WordPress are in line with “best practices” for hosting providers in general, since all the best and most popular hosting providers seem to run WordPress perfectly.

So in the ‘news,’ I guess on April 12th, 2010, someone (rshinsec) at Network Solutions announced that an attack on many of Network Solutions’ customers’ sites was actually caused by a “WordPress Vulnerability.” (Quote is actually from a WordPress.org page HERE, because according to the WordPress.org page, Network Solutions has since edited the announcement)”

“Beginning last week a WordPress vulnerability has been the target of attacks on multiple WordPress websites on hosting platforms around the web. We have a blog post with additional details about the vulnerability and how to secure your WordPress site.”

In fact, it was not a WordPress problem at all.  So in response to some of the inaccurate anti-worpress blogosphere chatter caused by Network Solutions passing the buck like this, Matt Mullenweg, founder of WordPress posted to the WordPress Development Blog, clearing some things up, as well as putting it like this:

“Summary: A web host had a crappy server configuration that allowed people on the same box to read each others’ configuration files, and some members of the “security” press have tried to turn this into a “WordPress vulnerability” story.”

Thank you Matt!  We the people that use and love WordPress need to stand up for ourselves and demand what we deserve.  We are not a fringe community anymore.  WordPress is mainstream software and any hosting provider that has issues with it needs to check themselves!

Permalink - Leave a Comment (2)

Posted April 4th, 2010, in: 1| Ideas, Observations, Opinions, Rants Etc| Marketing/Advertising In The Cloud| SEO, SEM, SMO Etc| Social Software and The Social Graph| Technology| Videos

Permalink - Leave a Comment (0)

Posted December 31st, 2009, in: Computer Problems and Fixes| Hard Drive Drama

I’m not totally naive. But I’m also up against this barrier: The time it takes to re-install tons of software and figure out tons of passwords and other crap saved in preferences files.

Once again, I am letting a repair utility, in this case, Disk Warrior, go through it’s time-consuming and completely NOT-promising process.

Here’s what I do know:

• What one utility can’t fix, another sometimes can
• When a repair utility fails the first time, sometimes the second time it will yield different results (sometimes a disk-restore utility will work, but only after several rounds taking hours and hours or even days)
• Sometimes a particular app doesn’t work one way, but when you try it another way (like via target mode), it does.
• There is no sane preference between the different utilities: Drive Genius, Disk Warrior, Etc… It seems to me like at any given moment, one might be better than the other, or that maybe certain programs are better with certain issues.
• Patience is a virtue.
• It’s a good idea to plan, while your repair utility is or isn’t working for hours and hours or days, what you’re going to do next.  Reformat?
• Any sign of progress is a glimpse of hope, even if the program only updates you every two hours.
• There is no hope for a bad drive, or bad ram or a bad logic board or power-supply, which can lead to a false diagnosis of a bad drive.
• It is true that sometimes weird things like putting your drive in the freezer, will allow you to recover your data.
• The language used by utilities is not understandable by humans.
• We need to get used to these kinds of problems.
• We need to be prepared for them (back-up, stupid!)
• Again, I am a fool for not backing up the contents of this little laptop I have, which I thought I didn’t care much about, data-wise…

If I get this little bastard running again, I vow to look into network-backup solutions.  My main computer has a clone, which updates every day.

But a physical drive doesn’t make sense for a little baby dummy computer.  Turns out, that little dummy was one of my best friends and now I’m standing here feeling like a total jerk.

Happy New Year everyone!

Permalink - Leave a Comment (2)

Posted November 3rd, 2009, in: Computer Problems and Fixes| Evil Robots| Humanity, Culture, Philosophy, Politics, Ethics Etc| Marketing/Advertising In The Cloud| SEO, SEM, SMO Etc| Technology| WordPress

The site links to sites who are also under attack and when the bug is running correctly on those sites, the sites redirect the hits to the final destination,

which is http://www.zml.com/

I don’t know if zml.com knows this is happening.  I mean I suppose it’s possible that some unscrupulous SEO or Marketing guy promised them traffic and then resorted to this to get it.  I’m contacting them now to inform them of this uncool practice being committed on their behalf, and if they are not willing to cooperate on putting an end to it, I will have no choice but to give them some negative attention.

The process of extracting the bad links from the content was long and hard since the strings of code inserted were very inconsistent.

The following is a list of the sites being linked thru, which I assume are all victims of this malware.  If you own one of these sites, feel free to drop me a line and I will point you in the right direction as far as putting an end to this.

• http://blog.segd.org
• http://www.investorsunited.com
• http://www.oca-gla.org
• http://www.thunderstruck.org
• http://subway.com
• http://verdadeabsoluta.net
• http://yourrnc.com
• http://wordpressthemesbox.com
• http://mp3db.org
• http://webconsultingdc.com
• http://turtlesurvival.org
• http://turtleconservationfund.org
• http://truenorthbrass.com
• http://tarabooks.com
• http://kolenalaila.com
• http://techbostonacademy.org
• http://pie-flex.com
• http://www.philebrity.tv
• http://www.landmarkwine.com
• http://artsinbushwick.org
• http://brettmartin.org
• http://bsf.org
• http://www.popandpolitics.com
• http://womanhonorthyself.com
• http://www.brainstorm9.com
• http://webdev.entheosweb.com
• http://www.topicus-healthcare.com
• http://www.vfilings.com
• http://constantinessword.com
• http://www.dopiska.com
• http://writingcenters.org
• http://www.radisson.com
• http://notjustaprettyface.org
• http://www.arizonacriminaldefenseblog.com
• http://www.sembrarpaz.com
• http://www.apostilla.com
• http://www.geektechs.net
• http://johnquiggin.com
• http://blog.pdma.org
• http://bluesheaven.com

Message to ZML:

Hello,

I am a developer and recently one of my clients who is running WordPress for her personal website was attacked by some Malware that inserted thousands of links throughout her content. Those links resolve to your site, but via redirects thru other sites that I assume are also victims of the malware.

You look like you’ve built a pretty nice site here. And I’m writing to give you the chance to get on board with fixing this problem before I am forced to create some negative attention in the blogosphere and social media.

It doesn’t seem like you would want to be resposible for malware. But it also doesn’t seem like anyone would go through the trouble to make all these links back to you unless you were paying them. Perhaps you hired some marketing or SEO people and were not aware that they would be using these tactics? Please write back soon as I have very little patience for this kind of thing.

Thanks,

Andrew A. Peterson

Some samples of weird code that the bot inserted:

<wp:tag><wp:tag_slug>%d0%b0%d0%b2%d1%82%d0%be%d1%80%d1%81%d0%ba%d0%b8%d0%b5-%d0%bf%d1%80%d0%be%d0%b3%d1%80%d0%b0%d0%bc%d0%bc%d1%8b</wp:tag_slug><wp:tag_name><![CDATA[????????? ?????????]]></wp:tag_name></wp:tag>

<wp:tag><wp:tag_slug>%d1%81%d0%b2%d0%be%d0%b1%d0%be%d0%b4%d0%bd%d1%8b%d0%b9-%d0%bc%d0%b8%d0%ba%d1%80%d0%be%d1%84%d0%be%d0%bd</wp:tag_slug><wp:tag_name><![CDATA[????????? ????????]]></wp:tag_name></wp:tag>

Permalink - Leave a Comment (6)

Posted October 20th, 2009, in: Computer Problems and Fixes| Ideas, Observations, Opinions, Rants Etc| Technology| WordPress

UPDATE: After about four hours of hunting, I finally found a way to enable CodePress in WordPress! A plugin called Enable Codepress does just that! It only seems to work in FireFox, but it does work with WordPress 2.8.4

copy of a comment I left HERE, a tutorial having to do with adding line-numbers and syntax-highlighting to WordPress’ text-editor.

Wow. I am so frustrated. I have spent the last four hours trying to find a way for me to endow my clients, whom I have set up with WordPress, with the power of line numbers when editing CSS.

WordPress is nearly FTP-free, which is great for lay persons. I’ve had great results with teaching older people how to use FireBug to find and preview changes in their CSS by right-clicking on what they want to change and selecting “inspect element.” And it’s not too difficult for many of these folks to get into their Stylesheet in WP’s Theme Editor and find and change what they have tested in FireFox.

But would make the workflow a thousand times better would be a way to make the Textarea in the Theme Editor disply Line-Numbers. There are a handful of plugins that claim to do this, but none of them seem to work with WordPress 2.8.4 And in my hunt, I’ve found evidence that WP once had this feature briefly, but turned it off because it was too slow. I never noticed it and I’ve been using WP for years, and have always been up to date.

Now I find this blog post. Great. A hack to turn on the CodePress functionality in WordPress 2.8… The problem is I don’t understand how to do this!

Can’t you just make an installable Plugin? A plugin would be great because it would be nice to be able to turn the thing on and off, if it is indeed slow or buggy.

Or if some manual intervention with WP’s files is necessary, could you please-please-please explain which files you are editing in this tutorial? All of the examples show top line numbers (1, 2, 3). There’s no “this is what the whole thing should look like” …You don’t explain what file or files you are editing. This is so annoying because I’m not a programmer and this how-to assumes that we know certain things that I don’t know.

could brave these steps if I knew where to make them. I have been searching for this post for hours only to find that I’m not smart enough to understand the directions!!! Thanks for your consideration and for sharing information, even if I am ineligible for it.

Permalink - Leave a Comment (0)

Posted October 10th, 2009, in: 1| Computer Problems and Fixes

Copy of a forum post I posted at M-Audio’s user Forum.

I love my BX5′s. One of them died. Here’s what’s going on. I would really appreciate any advice on further troubleshooting/diagnosis. 

• One of my BX5′s stopped outputting sound. It may been have been sitting turned on a few days before I noticed that it wasn’t working.
• Upon putting my ear to it, I realized that it was making a steady hum/buzz from both drivers. This was similar to a 60-cycle hum but a little raspy-er if that makes sense, and if I’m not out of my mind. Also it wasn’t a very loud hum. Only about as loud as you’d get from a bad cable or something.
• I tested for a bad input connection and tried using XLR instead of the 1/4 inch input. The problem was clearly inside the unit.
• I opened it up carefully, to see if there was anything obviously burnt or shorted or broken inside.
• After finding nothing that was obvious to me, I googled around and found a few posts on the m-audio forum talking about problems caused by worn-out capacitors. See: http://forums.m-audio.com/showthread.php?t=3871&page=1 and http://forums.m-audio.com/showthread.php?t=11926 and many others.
• One of my two main power-supply caps was indeed bloated. And I noticed some dark-brown crustiness on top of the other which I concluded might be leakage of “electrolyte,” whatever that is.
• I de-soldered and removed the old caps and set out to find replacements.
• I accidentally ordered 16V 6800mfd instead of 25V 6800mfd, which I didn’t notice until I had already soldered them in.
• I tried them anyway because in theory, since all the caps are supposed to do is smooth the supply current, too-low of a voltage rating on the cap would just mean that the caps will wear out sooner. The constant hum/buzz was gone with the new caps in. Instead what I got was a pop a few seconds after the unit was powered on. The pop is new. My functioning unit does not pop.
• I went and got the correct 25V 6800µF Capacitors and put them in but there was no change in the above behavior. Incidentally, I had to mount one on the bottom because the ones I got were more than twice as wide and a bit taller than the originals.
• I’ve double and triple-checked the soldering. I even opened up my functioning BX5 to make sure that the caps are in the right polarity.
• I tested for continuity between the capacitor leads and the destination/source on the printed circuit (for instance one path goes to what I believe is a Rectifier IC so I checked to makes sure that path was solid all the way from that component’s lead to the cap’s lead to rule out a bad solder joint… I did this for all the paths in the printed circuit)
• I’ve quadruple-checked for any visible shorts.
• I believe that my capacitor-replacement surgery was a success, so now I am beginning to doubt that bad caps were the real problem. It’s entirely possible that the buzz/hum I was hearing was there for some time since it wasn’t loud enough to hear until I put my ear right up to the unit. Maybe I have two problems, one of which I just fixed.
• I can now hear some faint white noise and hum from both drivers. The original, louder buzz/hum sound is gone. Instead what I hear is about like what you’d expect from an audio amplifier, but that is not the case with the fully functional unit I have… The functioning unit is very clean. The volume knob makes no difference in the slight noise/hum. And it’s so faint that if I didn’t have the other unit to compare with, I would probably think what I’m hearing is the normal hum of the amp.
• The only other sound I can get from the dead unit is when I change the “Low Cutoff” switch, I hear slight fuzzy, static-y sound during the switching, but none of the other switches make any noise.

What should I do next? Perhaps the real problem here is in the audio signal path? A pre-amp problem? How can I rule that out?

Permalink - Leave a Comment (0)